Bug#719632: Prepared a new Wheezy update for Nova

To: Thomas Goirand <zigo@debian.org>, 719632@bugs.debian.org
Subject: Bug#719632: Prepared a new Wheezy update for Nova
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Mon, 9 Dec 2013 18:12:48 +0100
Message-id: <[🔎] 20131209171248.GB4385@pisco.westfalen.local>
Reply-to: Moritz Mühlenhoff <jmm@inutil.org>, 719632@bugs.debian.org
In-reply-to: <52A57466.5010900__25642.5906475217$1386575123$gmane$org@debian.org>
References: <52A57466.5010900__25642.5906475217$1386575123$gmane$org@debian.org>

> Here's the new changelog, with the remarks of J.Cristau taken into account:
>
> [ Thomas Goirand ]
> * CVE-2013-4261: [OSSA 2013-026] Fix problem with long messages in Qpid.
> * CVE-2013-2096: [OSSA 2013-012] Check QCOW2 image size during root disk
>   creation (Closes: #710157).

The security tracker lists more issues potentially affecting stable:

CVE-2013-0326
CVE-2013-2255 Inconsistent and non-validating HTTPS client
CVE-2013-4179 The security group extension in OpenStack Compute (Nova) Grizzly ...
CVE-2013-4185 Algorithmic complexity vulnerability in OpenStack Compute (Nova) ...
CVE-2013-4463 Compressed disk image DoS
CVE-2013-4469 OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when ...
CVE-2013-4497 The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and ...

Do these affect stable and can they be fixed along?

Cheers,
        Moritz

Reply to:

Prev by Date: Bug#731735: pu: package glance/2012.1.1-5+deb7u1
Next by Date: Bug#731735: pu: package glance/2012.1.1-5+deb7u1
Previous by thread: Bug#719632: [Openstack-devel] Bug#719632: Prepared a new Wheezy update for Nova
Next by thread: Bug#731735: pu: package glance/2012.1.1-5+deb7u1
Index(es):
- Date
- Thread