Publishing details


nova (2012.1.3+stable-20130423-e52e6912-0ubuntu1.4) precise-security; urgency=medium

  * SECURITY UPDATE: ssl not enforced when qpid_protocol is set to ssl
    - debian/patches/CVE-2013-6491.patch: set the right parameter in
    - LP: #1158807
    - CVE-2013-6491
  * SECURITY UPDATE: information disclosure via incorrect KVM live block
    - debian/patches/CVE-2013-7130.patch: fix root disk leak in
      nova/virt/libvirt/, add upstream test and additional test
      (test_create_images_and_backing_full()) to nova/tests/
    - CVE-2013-7130
  * SECURITY UPDATE: denial of service via disk consumption
    - debian/patches/CVE-2013-446x.patch: don't boot oversized images in
      nova/virt/, and nova/virt/libvirt/ Update tests
      in nova/tests/
    - CVE-2013-4463
    - CVE-2013-4469
 -- Jamie Strandboge <email address hidden>   Wed, 14 May 2014 15:14:36 -0500

Available diffs


Built packages

Package files