[Bug 2046359] Re: [SRU] bobcat stable releases

James Page 2046359 at bugs.launchpad.net
Mon Jul 8 13:01:39 UTC 2024 

This bug was fixed in the package nova - 3:28.0.1-0ubuntu1.3~cloud0
---------------

 nova (3:28.0.1-0ubuntu1.3~cloud0) jammy; urgency=medium
 .
   * SECURITY UPDATE for Ubuntu Cloud Archive. backport to jammy.
 .
 nova (3:28.0.1-0ubuntu1.3) mantic-security; urgency=medium
 .
   * SECURITY UPDATE: Arbitrary file access via custom QCOW2 external data
     (LP: #2059809)
     - debian/patches/CVE-2024-32498-1.patch: reject qcow files with
       data-file attributes.
     - debian/patches/CVE-2024-32498-2.patch: check images with
       format_inspector for safety.
     - debian/patches/CVE-2024-32498-3.patch: additional qemu safety
       checking on base images.
     - debian/patches/CVE-2024-32498-4.patch: fix vmdk_allowed_types
       checking.
     - CVE-2024-32498
 .
 nova (3:28.0.1-0ubuntu1) mantic; urgency=medium
 .
   * d/gbp.conf: Create stable/2023.2 branch.
   * d/gbp.conf, .launchpad.yaml: Sync from cloud-archive-tools for
     bobcat.
   * New stable point release for OpenStack Bobcat (LP: #2046359).
 .
 nova (3:28.0.0-0ubuntu1) mantic; urgency=medium
 .
   * New upstream release for OpenStack Bobcat.
 .
 nova (3:27.1.0+git2023090509.82a17a37-0ubuntu1) mantic; urgency=medium
 .
   * New upstream snapshot for OpenStack Bobcat.
   * d/control: Align (Build-)Depends with upstream.
   * d/p/drop-actdiag.patch: Temporarily drop actdiag until bug fixed upstream.
   * d/p/install-missing-db-files.patch: Install missing db files, including
     nova/db/api/alembic.ini and nova/db/main/alembic.ini.
 .
 nova (3:27.1.0+git2023071215.f7ce4df5-0ubuntu1) mantic; urgency=medium
 .
   * d/gbp.conf, .launchpad.yaml: Sync from cloud-archive-tools for
     bobcat.
   * d/p/skip-if-https-proxy.patch: Test skipped if https-proxy is set
     as lpci builds in .launchpad.yaml do.
   * New upstream snapshot for OpenStack Bobcat.
   * d/p/CVE-2023-2088-*.patch: Dropped. Fixed in snapshot.
 .
 nova (3:27.0.0-0ubuntu4) mantic; urgency=medium
 .
   * SECURITY UPDATE: Unauthorized File Access (LP: #2021980)
     - debian/patches/CVE-2023-2088-1.patch: Use force=True for os-brick
       disconnect during delete.
     - debian/patches/CVE-2023-2088-2.patch: Enable use of service user
       token with admin context.
     - CVE-2023-2088
 .
 nova (3:27.0.0-0ubuntu3) mantic; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088
 .
 nova (3:27.0.0-0ubuntu2) mantic; urgency=medium
 .
   * SECURITY UPDATE: Unauthorized File Access
     - debian/patches/CVE-2023-2088.patch: Use force=True for os-brick
       disconnect during delete.
     - CVE-2023-2088
 .
 nova (3:27.0.0-0ubuntu1) lunar; urgency=medium
 .
   * New upstream release for OpenStack Antelope.
 .
 nova (3:26.1.0+git2023030309.59f7a524-0ubuntu2) lunar; urgency=medium
 .
   * d/nova-compute-qemu.postinst: Add nova user to kvm group (LP: #2011535).
 .
 nova (3:26.1.0+git2023030309.59f7a524-0ubuntu1) lunar; urgency=medium
 .
   * d/watch: Drop major version.
   * New upstream snapshot for OpenStack Antelope.
 .
 nova (3:26.1.0+git2023012815.98daf501-0ubuntu1) lunar; urgency=medium
 .
   * New upstream snapshot for OpenStack Antelope.
   * d/control: Align (Build-)Depends with upstream.
 .
 nova (3:26.0.0+git2023011010.5e5b6751-0ubuntu1) lunar; urgency=medium
 .
   * New upstream snapshot for OpenStack Antelope.
   * d/control: Align (Build-)Depends with upstream.
 .
 nova (3:26.0.0-0ubuntu1) kinetic; urgency=medium
 .
   * d/watch: Scope to 26.x series
   * New upstream release for OpenStack Zed.
   * d/control: Align (Build-)Depends with upstream.

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/2046359

Title:
  [SRU] bobcat stable releases

Status in Ubuntu Cloud Archive:
  Invalid
Status in Ubuntu Cloud Archive bobcat series:
  Fix Released
Status in designate package in Ubuntu:
  Invalid
Status in magnum package in Ubuntu:
  Invalid
Status in manila package in Ubuntu:
  Invalid
Status in neutron package in Ubuntu:
  Invalid
Status in nova package in Ubuntu:
  Invalid
Status in designate source package in Mantic:
  Fix Released
Status in magnum source package in Mantic:
  Fix Released
Status in manila source package in Mantic:
  Fix Released
Status in neutron source package in Mantic:
  Fix Released
Status in nova source package in Mantic:
  Fix Released

Bug description:
  [Impact]
  This release sports mostly bug-fixes and we would like to make
  sure all of our supported customers have access to these
  improvements. The update contains the following package updates:

  designate 17.0.1
  magnum 17.0.1
  manila 17.1.0
  neutron 23.1.0
  nova 28.0.1

  [Test Case]
  The following SRU process was followed:
  https://wiki.ubuntu.com/OpenStack/StableReleaseUpdates

  In order to avoid regression of existing consumers, the OpenStack team
  will run their continuous integration test against the packages that
  are in -proposed. A successful run of all available tests will be
  required before the proposed packages can be let into -updates.

  The OpenStack team will be in charge of attaching the output summary
  of the executed tests. The OpenStack team members will not mark
  ‘verification-done’ until this has happened.

  [Regression Potential]
  In order to mitigate the regression potential, the results of the
  aforementioned tests are attached to this bug.

  [Discussion]
  n/a

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/2046359/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list