[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates

Yolanda Robla yolanda.robla at canonical.com
Mon Apr 8 12:08:01 UTC 2013 

Resubmitted changelogs for that SRU

** Description changed:

  This is a meta-bug used for tracking progress of new updates to Nova,
  Horizon, Keystone.
  
- nova (2012.1.4+stable-20121217-9f277e38-0ubuntu1) precise-proposed;
+ nova (2012.1.4+stable-20130402-e52e6912-0ubuntu1) precise-proposed;
  urgency=low
  
    [ Chuck Short ]
-   * debian/*.logrotate: compress logfiles when they are rotated. (LP: #1049915)
+   * debian/*.logrotate: compress logfiles when they are rotated. (LP:
+     #1049915)
  
    [ Yolanda Robla Mota ]
-   * Resynchronize with stable/essex (9f277e38):
+   * Resynchronize with stable/essex (LP: #1089488):
+     - [48e81f1] VNC proxy can be made to connect to wrong VM LP: 1125378
+     - [3bf5a58] snat rule too broad for some network configurations LP: 1048765
+     - [efaacda] DOS by allocating all fixed ips LP: 1125468
+     - [b683ced] Add nosehtmloutput as a test dependency.
+     - [45274c8] Nova unit tests not running, but still passing for stable/essex
+       LP: 1132835
+     - [e02b459] vnc unit-test fixes
+     - [87361d3] Jenkins jobs fail because of incompatibility between sqlalchemy-
+       migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
+     - [e98928c] VNC proxy can be made to connect to wrong VM LP: 1125378
+     - [c0a10db] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282
+     - [243d516] No authentication on block device used for os-volume_boot
+       LP: 1069904
      - [80fefe5] use_single_default_gateway does not function correctly
        (LP: #1075859)
      - [bd10241] Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes
        attached (LP: #1079745)
      - [86a5937] do_refresh_security_group_rules in nova.virt.firewall is very
        slow (LP: #1062314)
      - [ae9c5f4] deallocate_fixed_ip attempts to update an already deleted
        fixed_ip (LP: #1017633)
      - [20f98c5] failed to allocate fixed ip because old deleted one exists
        (LP: #996482)
      - [75f6922] snapshot stays in saving state if the vm base image is deleted
        (LP: #921774)
      - [1076699] lock files may be removed in error dues to permissions issues
        (LP: #1051924)
      - [40c5e94] ensure_default_security_group() does not call sgh (LP: #1050982)
      - [4eebe76] At termination, LXC rootfs is not always unmounted before
        rmtree() is called (LP: #1046313)
      - [47dabb3] Heavily loaded nova-compute instances don't sent reports
        frequently enough (LP: #1045152)
      - [b375b4f] When attach volume lost attach when node restart (LP: #1004791)
      - [4ac2dcc] nova usage-list returns  wrong usage (LP: #1043999)
      - [014fcbc] Bridge port's hairpin mode not set after resuming a machine
        (LP: #1040537)
      - [2f35f8e] Nova flavor ephemeral space size reported incorrectly
        (LP: #1026210)
  
-  -- Yolanda Robla Mota <yolanda.robla at canonical.com>  Mon, 17 Dec 2012
- 10:39:28 +0000
+  -- Yolanda Robla Mota <yolanda.robla at canonical.com>  Fri, 05 Apr 2013
+ 09:59:20 +0100
  
+ horizon (2012.1.4+stable-20130405-5ce39422-0ubuntu1) precise-proposed;
+ urgency=low
  
- horizon (2012.1.4+stable-20121217-5ce39422-0ubuntu1) precise-proposed; urgency=low
- 
-   * Resynchronize with stable/essex (5ce39422):
+   * Resynchronize with stable/essex (LP: #1089488):
      - [7e651d7] stable/essex horizon installs unusable version of glance
        (LP: #1057125)
      - [35eada8] open redirect / phishing attack via "next" parameter
-       (CVE-2012-3540)
+       (LP: #1039077)
      - [8889311] TypeError when trying to delete an unnamed volume via dashboard
        (LP: #1031291)
      - [f862d9e] Wrong 'Download CSV Summary' link (LP: #1020555)
+     - [9b22d68] When adding ICMP rule, the type/code is being validated as
+       from/to ports (LP: #997669)
+     - [52bbba1] Added --only-selenium option in run_tests.sh
  
    * Dropped patches, superseeded by snapshot:
      - debian/patches/CVE-2012-3540.patch [35eada8]
  
-  -- Yolanda Robla Mota <yolanda.robla at canonical.com>  Mon, 17 Dec 2012
- 11:05:44 +0000
+  -- Yolanda Robla Mota <yolanda.robla at canonical.com>  Fri, 05 Apr 2013
+ 10:14:44 +0100
  
- 
- keystone (2012.1.4+stable-20121217-c17a9992-0ubuntu1) precise-proposed; urgency=low
+ keystone (2012.1.4+stable-20130405-f48dd0fc-0ubuntu1) precise-proposed;
+ urgency=low
  
    [ Chuck Short ]
    * debian/keystone.logrotate: Compress log file when rotated. (LP: #1049309)
  
    [ Yolanda Robla Mota ]
-   * Resynchronize with stable/essex (c17a9992):
+   * Resynchronize with stable/essex (LP: #1089488):
+     - [7402f5e] EC2 authentication does not ensure user or tenant is enabled
+       LP: 1121494
+     - [8945567] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282
+     - [7b5b72f] Add size validations for /tokens.
+     - [ef1e682] docutils 0.10 incompatible with sphinx 1.1.3 LP: 1091333
      - [8735009] Removing user from a tenant isn't invalidating user access to
-       tenant (CVE-2012-5571)
+       tenant (LP: #1064914)
      - [025b1d5] Jenkins jobs fail because of incompatibility between sqlalchemy-
        migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
      - [ddb4019] Open 2012.1.4 development
      - [0e1f05e] memcache driver needs protection against unicode user keys
        (LP: #1056373)
      - [176ee9b] Token invalidation in case of role grant/revoke should be
        limited to affected tenant (LP: #1050025)
      - [58ac669] Token validation includes revoked roles (CVE-2012-4413)
+       (LP: #1041396)
      - [cd1e48a] Memcached Token Backend does not support list tokens
        (LP: #1046905)
      - [5438d3b] Update user's default tenant partially succeeds without authz
-       (CVE-2012-3542)
+       (LP: #1040626)
  
    * Dropped, superseeded by new snapshot:
      - debian/patches/CVE-2012-4413.patch [58ac669] 
      - debian/patches/CVE-2012-5571.patch [8735009]
      - debian/patches/CVE-2012-3542.patch [5438d3b]
  
-  -- Yolanda Robla Mota <yolanda.robla at canonical.com>  Mon, 17 Dec 2012
- 10:47:08 +0000
+  -- Yolanda Robla Mota <yolanda.robla at canonical.com>  Fri, 05 Apr 2013
+ 10:19:08 +0100
+ 
+ glance (2012.1.4+stable-20130405-74b067df-0ubuntu1) precise-proposed;
+ urgency=low
+ 
+   [ Adam Gandelman ]
+   * debian/glance-{registry, api}.logrotate: Fix incorrect logfile
+     locations. (LP: #1049314)
+ 
+   [ Yolanda Robla Mota ]
+   * debian/rules: skipping pep8 tests to allow building
+   * Resynchronize with stable/essex (LP: #1089488):
+     - [74b067d] v1 api returns location as header for cached images LP: 1135541
+     - [37d4d96] glance image-download can display backend Swift password
+       LP: 1098962
+     - [efd7e75] Non-admin users can cause public glance images to be deleted
+       from the backend storage repository (LP: #1065187)
+     - [e6be061] Jenkins jobs fail because of incompatibility between sqlalchemy-
+       migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
+ 
+   * Dropped patches, superseeded by snapshot:
+     - debian/patches/CVE-2012-4573.patch: [efd7e75]
+ 
+  -- Yolanda Robla Mota <yolanda.robla at canonical.com>  Fri, 05 Apr 2013
+ 09:56:36 +0100

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1089488

Title:
  Meta bug for tracking Openstack Stable Updates

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1089488/+subscriptions

More information about the Ubuntu-server-bugs mailing list