[Bug 968411] Re: [Precise] nova is vulnerable to CVE-2012-1585
Launchpad Bug Tracker
968411 at bugs.launchpad.net
Thu Mar 29 19:22:18 UTC 2012
** Branch linked: lp:~openstack-ubuntu-testing/nova/precise-essex-
proposed
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/968411
Title:
[Precise] nova is vulnerable to CVE-2012-1585
Status in “nova” package in Ubuntu:
Confirmed
Bug description:
Nova is vulnerable to storage resource exhaustion via the Nova API log
file. Invalid requests can be made, using extremely long server names,
which result in the log file growing considerably large.
I've addressed this issue in Oneiric and Natty, but need a sponsor for
Precise. Debdiff to soon follow.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/968411/+subscriptions
More information about the Ubuntu-sponsors
mailing list