tag 883621 pending
thanks
Hello,
Bug #883621 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
https://anonscm.debian.org/cgit/openstack/services/nova.git/commit/?id=4b5a4fd
---
commit 4b5a4fd9e6bbcd28457ec4154d596a1070a51971
Author: Thomas Goirand <[email protected]>
Date: Thu Dec 7 09:35:50 2017 +0100
* CVE-2017-17051 / OSSA-2017-006: Nova FilterScheduler doubles resource
allocations during rebuild with new image. Applied upstream patch: Fix
doubling allocations on rebuild (Closes: 883621).
Note: previous upload was in fact only refining the patch for addressing
CVE-2017-16239, not CVE-2017-17051. This upload really fixes the bug for
CVE-2017-17051.
diff --git a/debian/changelog b/debian/changelog
index 7df7e57..34a4984 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,17 @@
+nova (2:16.0.3-6) unstable; urgency=high
+
+ * CVE-2017-17051 / OSSA-2017-006: Nova FilterScheduler doubles resource
+ allocations during rebuild with new image. Applied upstream patch: Fix
+ doubling allocations on rebuild (Closes: 883621).
+ Note: previous upload was in fact only refining the patch for addressing
+ CVE-2017-16239, not CVE-2017-17051. This upload really fixes the bug for
+ CVE-2017-17051.
+
+ -- Thomas Goirand <[email protected]> Thu, 07 Dec 2017 09:29:15 +0100
+
nova (2:16.0.3-5) unstable; urgency=high
- * CVE-2017-17051/OSSA-2017-005.1 (errata for CVE-2017-16239/OSSA-2017-005):
+ * CVE-2017-16239/OSSA-2017-005.1 (errata for CVE-2017-16239/OSSA-2017-005):
Nova Filter Scheduler bypass through rebuild action. Apply upstream patch:
Refined fix for validating image on rebuild (Closes: #883621).
