That makes sense, Rohit, indeed. UUID is impossible to guess. Gabriel, Suresh?
On Tue, 1 Mar 2022 at 09:31, Rohit Yadav <rohit.ya...@shapeblue.com> wrote: > 2cents; > > I suppose it's up to the RM to triage and if necessary cut RC3, however, > if a normal user account can't have the list of resources (uuid, in this > case network's UUID) then it doesn't appear a critical issue to me for > 99.99% cases. > > Long term - it may be worth doing a broad search for all APIs where a > similar behaviour may exist (user can't list the resource, but if they knew > the UUID could possible run an API against that). > > > > Regards. > > ________________________________ > From: Andrija Panic <andrija.pa...@gmail.com> > Sent: Tuesday, March 1, 2022 04:36 > To: dev <dev@cloudstack.apache.org> > Subject: Re: [VOTE] Apache CloudStack 4.16.1.0 (RC2) > > By all means, although we could argue that this is NOT a regression, and as > such we might skip it - but it's a security/privacy issue, so we should > better fix it in RC3, yes. > > > > > On Mon, 28 Feb 2022 at 16:15, Gabriel Bräscher <gabrasc...@gmail.com> > wrote: > > > Hello folks, > > > > I would like to raise the issue > > https://github.com/apache/cloudstack/issues/6049. > > It affects not only 4.16.1.0 RC2, but also previous releases. > > I consider it a critical issue, which could potentially impact the need > for > > a release candidate #3. > > Any thoughts? > > > > Regards, > > Gabriel. > > > > On Mon, Feb 28, 2022 at 3:46 PM Nux! <n...@li.nux.ro> wrote: > > > > > +1 (binding) > > > > > > Tested KVM in advanced zones (with and without security groups). > > > Everything seems to be working. > > > > > > --- > > > Nux! > > > www.nux.ro > > > > > > On 2022-02-25 15:08, Suresh Anaparti wrote: > > > > Hi All, > > > > > > > > I have created a 4.16.1.0 release (RC2), with the following artifacts > > > > up for testing and a vote: > > > > > > > > Git Branch and Commit SHA: > > > > https://github.com/apache/cloudstack/tree/4.16.1.0-RC20220225T1901 > > > > Commit: cad9332082a1f85eedc30cf547ae28224be170c2 > > > > > > > > Source release (checksums and signatures are available at the same > > > > location): > > > > https://dist.apache.org/repos/dist/dev/cloudstack/4.16.1.0/ > > > > > > > > PGP release keys (signed using > > > > D6E0581ECF8A2FBE3FF6B3C9D7CEAE3A9E71D0AA): > > > > https://dist.apache.org/repos/dist/release/cloudstack/KEYS > > > > > > > > The vote will be open until 2nd March 2022. > > > > > > > > For sanity in tallying the vote, can PMC members please be sure to > > > > indicate "(binding)" with their vote? > > > > > > > > [ ] +1 approve > > > > [ ] +0 no opinion > > > > [ ] -1 disapprove (and reason why) > > > > > > > > For users convenience, the packages from this release candidate (RC2) > > > > and > > > > 4.16.1 systemvm templates are available here: > > > > https://download.cloudstack.org/testing/4.16.1.0-RC2/ > > > > https://download.cloudstack.org/systemvm/4.16/ > > > > > > > > Documentation is not published yet, but the following may be > > > > referenced for upgrade related tests: > > > > (there's a new 4.16.1 systemvm template to be registered prior to > > > > upgrade) > > > > > > > > > > https://github.com/apache/cloudstack-documentation/tree/4.16/source/upgrading/upgrade > > > > > > > > NOTES on the issues fixed in this RC2 release: > > > > > > > > (these do *NOT* require a full retest if you were testing RC1 > already - > > > > just if you were affected by these issues): > > > > - https://github.com/apache/cloudstack/issues/6017 (regression in > > > > register template form > > > > when select/unselect check boxes using space in keyboard) > > > > - https://github.com/apache/cloudstack/issues/6026 (affects volumes > on > > > > managed storages when > > > > stopping or migrating a VM) > > > > - https://github.com/apache/cloudstack/issues/6038 (regression in > SSVM > > > > scaling down behavior, > > > > new config 'secstorage.vm.auto.scale.down' added to control scaling > > > > down) > > > > > > > > > > > > Regards, > > > > Suresh > > > > > > > > -- > > Andrija Panić > -- Andrija Panić
