[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted watcher 14.0.0-3 (source) into unstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 21 Aug 2025 10:27:37 +0200
Source: watcher
Architecture: source
Version: 14.0.0-3
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1111692
Changes:
 watcher (14.0.0-3) unstable; urgency=high
 .
   * A vulnerability has been identified in OpenStack Nova and OpenStack Watcher
     in conjunction with volume swap operations performed by the Watcher
     service. Under specific circumstances, this can lead to a situation where
     two Nova libvirt instances could reference the same block device, allowing
     accidental information disclosure to the unauthorized instance. Added
     upstream patch: OSSN-0094_use_cinder_migrate_for_swap_volume.patch.
     (Closes: #1111692).
Checksums-Sha1:
 437c0c1f52eb3de663b7854f624ac4d72b4e3fca 3673 watcher_14.0.0-3.dsc
 e4731cbed7e96d05f163b6b003a828dcbe7892fe 14984 watcher_14.0.0-3.debian.tar.xz
 0af53136317765d24f74e2c1277e7b49cc2a76a9 18263 watcher_14.0.0-3_amd64.buildinfo
Checksums-Sha256:
 d6dd298175990e16947091f6ac53f433675b941730a6209abd479974b982d091 3673 watcher_14.0.0-3.dsc
 97b47ce519d5ce64226a02a245a3ecd743fe9df2b5a6f4b7665010762c722c1c 14984 watcher_14.0.0-3.debian.tar.xz
 687b74196a631155f1ea983e7623fa32f631f01ed5ae23a1b08265fbfc951ee5 18263 watcher_14.0.0-3_amd64.buildinfo
Files:
 7d455b1deb6fcfb4c6ea5b098ece4dc4 3673 net optional watcher_14.0.0-3.dsc
 12448b9a36f8b814f46b2b3283533bac 14984 net optional watcher_14.0.0-3.debian.tar.xz
 915c5f7f9e48254118d3e6f9d791da5e 18263 net optional watcher_14.0.0-3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmim2lAACgkQ1BatFaxr
Q/6cdhAAg1ZBt4xia5MtkhkZcu+EllSd5lYGjc8VyDZs4S7ET9mAeAWPVRa8Ymnj
fz3N9N+ScsFFuEbJfgrIjJG6TR3a9Qlt8RQ4IDA72pQjbAX/y0jl5vSAO9s6FITO
U9jZofvHspe43EudcHAG6e21pz3VBxElz4viO4XbrPzX9iUPlYPbathX2UCexHi4
HJUeOGZ+0+mHgkYSWmnC9VXCVUx7PWKxKfUsbJxhA98BEFjwqeALeHKZDfwUSOUM
IjcTK/senbfxqySxZ7/QEe4SFR148NN1npE4sJaCK2y2bmpgFpWH9ksX0RziNGmr
Foics2Wwj4BKKgO9r/S9bL6YRH3w8W2sWb/ux1O3FbqsLn6ralf5kTYGwTWanOBB
JsOWC2Xp8dL5j3dd5ItJPUvPHqy6e3A8O1s+UEkby/RsXvPb6MhCpSV2Rg4s3zQr
9ZRqSDyKQNAtDVyR1BLDMr/6fWT+YekakfbXiFBB5TNVRq+/b2HPBWiNmP/NoMXH
kx7L15n2VvkbA3dfaNYqVSOI9pb3x40FwlBsE40yoUEI+H9nI/ULsZdyX/q0h9oD
h+9yGyLEExPFf6COgJ+TX0uzsaFDmp7GIylrZE/6wdVbiXY3M8UhgwVuYlcs3dRy
kp5vSfpjtdkRspli0VXepUY1HBvc+CabHeJQ7+eKI0q4Q9NODDo=
=JE/C
-----END PGP SIGNATURE-----

Attachment: pgps29lLorzSt.pgp
Description: PGP signature

Reply to: