-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 21 Aug 2025 09:10:49 +0200
Source: nova
Architecture: source
Version: 2:31.0.0-7
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1111689
Changes:
nova (2:31.0.0-7) unstable; urgency=high
.
* A vulnerability has been identified in OpenStack Nova and OpenStack Watcher
in conjunction with volume swap operations performed by the Watcher
service. Under specific circumstances, this can lead to a situation where
two Nova libvirt instances could reference the same block device, allowing
accidental information disclosure to the unauthorized instance. Added
upstream patch: OSSN-0094_restrict_swap_volume_to_cinder.patch.
(Closes: #1111689).
* Blacklist non-deterministic unit test:
- ComputeTestCase.test_add_remove_fixed_ip_updates_instance_updated_at
Checksums-Sha1:
f8556222ce32b80c7a39144a5e6df8f747d8dabf 4822 nova_31.0.0-7.dsc
837eacf6b43711c4e8bca7568d80947b81b7275f 70824 nova_31.0.0-7.debian.tar.xz
95a6a7ba4a00114bb9665e8a7c4bd07298e71f68 25503 nova_31.0.0-7_amd64.buildinfo
Checksums-Sha256:
0a65e1db55d356385cb02cbe6fe7aa444042cd2e65dacd8208e74a31c8a2ef39 4822 nova_31.0.0-7.dsc
04d6ea9baf324e28763c039789b785062624e5da20ed1793e703acec8420c8d2 70824 nova_31.0.0-7.debian.tar.xz
e09e7190b0e9df92240471f5c2551aadc33ab83a4946fd192192293c37def026 25503 nova_31.0.0-7_amd64.buildinfo
Files:
31926f6495f465cb56fabd9e040f3a1f 4822 net optional nova_31.0.0-7.dsc
adfb5a134f826e50d1adccf00f712c28 70824 net optional nova_31.0.0-7.debian.tar.xz
987195d30a2fdf852f166a195b0100a3 25503 net optional nova_31.0.0-7_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmim19cACgkQ1BatFaxr
Q/74pQ//XmQUWSexnngZvqTgOPtV5208pPPC21cAEXgtcluO/4kDmtsluQJBhpNZ
0i77L7U17ScTMxuoVUE5PR7nHgQRHYj58CtDGXnI/yrffCnAyJ1A2t2j/MqNcptf
ZIaDXHNHuvshcgvfIjeeYRk1Ur7rgHBCMMIF6TaVWvbaJi53BGYJz5lImnHtQ40h
/qaGR7+uT/HEhjdP/l2rfPx1pCYqFHy2Ef9SAGtBRSIk7w/XQ78FqcKQoGUMngRZ
S51H5f7RnCUPFVBvZz7wUIsvxElua6dYIz7c6sKc5iAVhEk0d3rGY8kQbxVywWWj
5HW9kjmFIJ4yJAHao/RD3rUfVMN4VKwVDUFPRDZYfbC5Di9Hz68ZQERdstA778VO
i7fL8UepKpZLIm+YxTfYyRKjQexk4JzMknfN+JXOE6ngXQ6gkjAbCnvqrjUMsDkv
41s9a3uVHJ+x3Ppqv+pkl5o+P1+lknBPLgkFwc7fcYTD1Ar8gzOSTcPG8IGxDIKH
MzMHV8pu+zV8h/V4cttyDDTBc6wJm+Sbab4OGzFf4fCGcjdb8CKXRhpVeOSVUxVe
Q4XKLdvnjdJMnXId6vDgWP+lw9GqagSf6Vbu66aKNQLvhFAPAE6Gb9BC6FIGwzTu
wCYE1XDMV/Q1apeo1TWIBKtgWZssEJGnK4g0YyosYcaL5YrDUGg=
=gtXf
-----END PGP SIGNATURE-----
Attachment:
pgpQ1TV6dynss.pgp
Description: PGP signature