[Bug 968411] Re: [Precise] nova is vulnerable to CVE-2012-1585
Micah Gersten
launchpad at micahscomputing.com
Thu Mar 29 20:22:06 UTC 2012
unsubscribing -sponsors since this has been merged in
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/968411
Title:
[Precise] nova is vulnerable to CVE-2012-1585
Status in “nova” package in Ubuntu:
Confirmed
Bug description:
Nova is vulnerable to storage resource exhaustion via the Nova API log
file. Invalid requests can be made, using extremely long server names,
which result in the log file growing considerably large.
I've addressed this issue in Oneiric and Natty, but need a sponsor for
Precise. Debdiff to soon follow.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/968411/+subscriptions
More information about the Ubuntu-sponsors
mailing list