Reviewed: https://review.openstack.org/375625
Committed:
https://git.openstack.org/cgit/openstack/cinder/commit/?id=c6adc020a67ae77e3645d4f6e80fa93b19432177
Submitter: Jenkins
Branch: stable/mitaka
commit c6adc020a67ae77e3645d4f6e80fa93b19432177
Author: Sean McGinnis <sean_mcgin...@dell.com>
Date: Thu Sep 22 15:31:37 2016 -0500
Limit memory & CPU when running qemu-img info
It was found that a modified or corrupted image file can cause a DoS
on the host when getting image info with qemu-img.
This uses the newer 'prlimit' parameter for oslo.concurrency execute
to set an address space limit of 1GB and CPU time limit of 2 seconds
when running the qemu-img info command.
Change-Id: If5b7129b266ef065642bc7898ce9dcf93722a053
Closes-bug: #1449062
(cherry picked from commit 8547444775e406a50d9d26a0003e9ba6554b0d70)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1449062
Title:
qemu-img calls need to be restricted by ulimit (CVE-2015-5162)
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1449062/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
