Was trying to understand the issue. It seems there is no account information in network_acl or network_acl_item table. A proper fix will mean including that information and that means schema change. Since this is a maintenance release we will like to avoid schema changes as much as possible.
A temporary fix (i.e. Till we fix schema in next big release) could mean fetching vpc list for a user from vpc table and then use the vpc ids to get the acls. *Marcus* you want to try out this fix ? -abhi On 04/12/13 3:28 am, "Marcus Sorensen" <shadow...@gmail.com> wrote: >Running the same API call on versions lower than 4.2.0 yields correct >results, since 4.2.0 the API call returns incorrect data. The API >itself is compatible, but for example if an application or user >consuming the API makes those calls it will get incorrect data. For >example, you now may get a hundred entries for port 22 open to >0.0.0.0/0 in your response, when only one of them is owned by you. > >On Tue, Dec 3, 2013 at 2:48 PM, Daan Hoogland <daan.hoogl...@gmail.com> >wrote: >> H Marcus, >> >> It breaks behavior of the API, you say. Is this in comparison to 4.2 >> or to prior versions? >> >> thanks, >> Daan >> >> On Tue, Dec 3, 2013 at 6:40 PM, Chip Childers <chipchild...@apache.org> >>wrote: >>> On Tue, Dec 3, 2013 at 7:48 AM, sebgoa <run...@gmail.com> wrote: >>>> >>>> Can you be more specific ? what fixes required a re-vote ? >>> >>> There was a security vulnerability reported in the release of >>> sufficient severity to cause the security team to request Abhi hold >>> off on publishing the release and to re-spin.
