[ubuntu/vivid-security] cinder 1:2015.1.0-0ubuntu1.1 (Accepted)

Seth Arnold seth.arnold at canonical.com
Thu Aug 6 02:06:39 UTC 2015

cinder (1:2015.1.0-0ubuntu1.1) vivid-security; urgency=medium

  * SECURITY UPDATE: arbitrary file read via crafted qcow2 backing file
    - debian/patches/CVE-2015-1851.patch: disallow backing files in
      cinder/image/image_utils.py, added test to
    - CVE-2015-1851

Date: 2015-07-22 15:03:12.606737+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Seth Arnold <seth.arnold at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Vivid-changes mailing list