Your message dated Tue, 29 Jan 2013 16:02:51 +0000
with message-id <e1u0de7-00010j...@franck.debian.org>
and subject line Bug#699266: fixed in nova 2012.1.1-12
has caused the Debian Bug report #699266,
regarding CVE-2013-0208: Boot from volume allows access to random volumes
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
699266: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699266
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: nova
Version: 2012.1.1-11
Severity: grave
Tags: upstream
This was an embargoed security issue, which I am fixing today.
Upload is comming.
Thomas Goirand (zigo)
--- End Message ---
--- Begin Message ---
Source: nova
Source-Version: 2012.1.1-12
We believe that the bug you reported is fixed in the latest version of
nova, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 699...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <z...@debian.org> (supplier of updated nova package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 29 Jan 2013 15:25:58 +0000
Source: nova
Binary: python-nova nova-common nova-compute nova-compute-lxc nova-compute-uml
nova-compute-xen nova-compute-qemu nova-compute-kvm nova-scheduler nova-volume
nova-api nova-network nova-objectstore nova-console nova-cert nova-xcp-plugins
nova-xcp-network nova-doc nova-xvpvncproxy nova-api-metadata
nova-api-os-compute nova-api-os-volume nova-api-ec2
Architecture: source all
Version: 2012.1.1-12
Distribution: unstable
Urgency: high
Maintainer: PKG OpenStack <openstack-de...@lists.alioth.debian.org>
Changed-By: Thomas Goirand <z...@debian.org>
Description:
nova-api - OpenStack Compute - compute API frontend
nova-api-ec2 - OpenStack Compute - EC2 API frontend
nova-api-metadata - OpenStack Compute - metadata API frontend
nova-api-os-compute - OpenStack Compute - compute API frontend
nova-api-os-volume - OpenStack Compute - Volume API frontend
nova-cert - OpenStack Compute - certificate manager
nova-common - OpenStack Compute - common files
nova-compute - OpenStack Compute - compute node
nova-compute-kvm - OpenStack Compute - compute node (KVM)
nova-compute-lxc - OpenStack Compute - compute node (LXC)
nova-compute-qemu - OpenStack Compute - compute node (QEmu)
nova-compute-uml - OpenStack Compute - compute node (UserModeLinux)
nova-compute-xen - OpenStack Compute - compute node (Xen)
nova-console - OpenStack Compute - console
nova-doc - OpenStack Compute - documentation
nova-network - OpenStack Compute - network manager
nova-objectstore - OpenStack Compute - object store
nova-scheduler - OpenStack Compute - virtual machine scheduler
nova-volume - OpenStack Compute - storage
nova-xcp-network - OpenStack Compute network plugin for the Xen Cloud Platform
nova-xcp-plugins - OpenStack Compute plugin for the Xen Cloud Platform
nova-xvpvncproxy - OpenStack Compute - XVP VNC proxy
python-nova - OpenStack Compute - libraries
Closes: 699266
Changes:
nova (2012.1.1-12) unstable; urgency=high
.
* CVE-2013-0208: Fixes boot from volume allows access to random volumes, with
special thanks to TTX for making sure I was aware of it (Closes: #699266).
Checksums-Sha1:
6e55f43cfc9b1a4af72dd6f517dc4ed8cbb69d3c 3073 nova_2012.1.1-12.dsc
e2e4555cd71b3185c812f5ddb6a6dc35ce33d72b 59589 nova_2012.1.1-12.debian.tar.gz
b5c6f434c08823d279308f264632547b0f4dd976 1777804
python-nova_2012.1.1-12_all.deb
5a67d0c96c0dcea35f842e64f86650a4c19e1694 41112 nova-common_2012.1.1-12_all.deb
977e59ededf12310397961d7b2bd8342f4c77e27 17200 nova-compute_2012.1.1-12_all.deb
9c274e195ddb2188c5e4241d9ae682bb88cda29c 12308
nova-compute-lxc_2012.1.1-12_all.deb
b491485d4ae630fb7c1d4dcd2d99f7592be2d317 12326
nova-compute-uml_2012.1.1-12_all.deb
739125e9795a43cdab410057d041c4612dd0796a 16966
nova-compute-xen_2012.1.1-12_all.deb
b48f25fc5c834594540697611d14b8f8ebd13335 12228
nova-compute-qemu_2012.1.1-12_all.deb
e7fa81600a1fdf2c7c50498ded254defe3349a89 12310
nova-compute-kvm_2012.1.1-12_all.deb
f35f76826def8a42bf88e65a012f2e0bece526e1 14808
nova-scheduler_2012.1.1-12_all.deb
ed3335d72d59f7ff8366d7fb8a1aed12851e678f 15712 nova-volume_2012.1.1-12_all.deb
61533eb597b12cae3a543e94b645655081d71eb3 14704 nova-api_2012.1.1-12_all.deb
a5bd9037ec70afc8992d2a4e2857beecce3f7cbc 17630 nova-network_2012.1.1-12_all.deb
5d7e1153ef91da76051143cb5d3fa191c2cda674 14908
nova-objectstore_2012.1.1-12_all.deb
d191421a5aceaa491a2a6bab201d02aa7c5e4298 15404 nova-console_2012.1.1-12_all.deb
dd188f0646c003febba914cac7699ee77c6f4399 14774 nova-cert_2012.1.1-12_all.deb
49c9950d3a969d3b6d87ade4f89e9368b934814e 34636
nova-xcp-plugins_2012.1.1-12_all.deb
50741ec05ea07d18583ebb72fcdc9594095b3851 19448
nova-xcp-network_2012.1.1-12_all.deb
54e1c2cdb288163241793d7a8935869428dda602 1712900 nova-doc_2012.1.1-12_all.deb
c9718d4f9fa387e9a2e917b156559da948e16161 14698
nova-xvpvncproxy_2012.1.1-12_all.deb
6e9e472fd6a7ac449d461f9a242f604f8cbfdc42 14602
nova-api-metadata_2012.1.1-12_all.deb
b7423b9300ed97b31bcb49d83027fa6ac0d1afcf 14608
nova-api-os-compute_2012.1.1-12_all.deb
9d6c39afc72691f27275360a288734d634628caa 14618
nova-api-os-volume_2012.1.1-12_all.deb
7b5effe84dbf9f2cc14e7c6c834d7c1eb5f4cb2a 14578 nova-api-ec2_2012.1.1-12_all.deb
Checksums-Sha256:
0b2ac10970c25a661e13e9b8b2663e358ffecde7ddbeb4074b62530b688f85fe 3073
nova_2012.1.1-12.dsc
f95b8a970d5bbdc137b36dd41ab16719b35913f2756e6793a33f97746373da5e 59589
nova_2012.1.1-12.debian.tar.gz
f448260dde7a727ff36d4096d05185d95b7bd64af0974ef0d945cea4506c1ede 1777804
python-nova_2012.1.1-12_all.deb
9e8d1c6cec3e701f4efdbf25a617613fdc7a1516750f2e62912b15b5cf6eaecd 41112
nova-common_2012.1.1-12_all.deb
890e658825dee8ccb6377775ee03207b21df4e69d1f20ec0db8fade157fc6949 17200
nova-compute_2012.1.1-12_all.deb
b26299793742283b867691cfea0c540cfc2e1fd72b1404f55f18933e25b20393 12308
nova-compute-lxc_2012.1.1-12_all.deb
baabfc1abc04fedfd924abeff7240ca718a6eab7d13d2caa23f81211915ad7b6 12326
nova-compute-uml_2012.1.1-12_all.deb
55425c1405ecd6aad70ddb00c50bc9afc8539ae2e10a9f4febec8dda5b9e4bd1 16966
nova-compute-xen_2012.1.1-12_all.deb
7b60f2f98e4c03f45a3bedbe0d5bf2eba6f7a86e5885f04da4a5560c24bc5e16 12228
nova-compute-qemu_2012.1.1-12_all.deb
d62778d79492729d199879251f888aa32042ab27439f078f398e5f7a44df463b 12310
nova-compute-kvm_2012.1.1-12_all.deb
8b219a96a7d0d1e3d7a1879ba2b27d98b1ba6881124ded8c6eadbba1123933be 14808
nova-scheduler_2012.1.1-12_all.deb
12a7f620775605642ed0eac4b1e7f53a59a2da517e4b834bc93d0caeba30e3bf 15712
nova-volume_2012.1.1-12_all.deb
0006b996191a2f5ac96dbb0b63e50b5c375c4dcb5ca476dad7b0bab5d77bc871 14704
nova-api_2012.1.1-12_all.deb
2c7bbe798d550d4906a0c7187d3e2542f543d0f7c701fcfb2b998de83c4b9e0a 17630
nova-network_2012.1.1-12_all.deb
8f2bc632bd8c1657b294d21856de6b616534b8c370e94c7398abd0f89811532c 14908
nova-objectstore_2012.1.1-12_all.deb
09e1f5c3bf5d228776b3ac3743ab094158c9f4ab394e9b02bf991dc1e34cca3d 15404
nova-console_2012.1.1-12_all.deb
51db422316f2248e72fc49fd51fa027962bb67677160864ebf1b948d17f66ddc 14774
nova-cert_2012.1.1-12_all.deb
d7ff08ef8cc32e93ca8c8368864812efcf739f0da0010d74f557ac834ccb36bb 34636
nova-xcp-plugins_2012.1.1-12_all.deb
126cc08aab031db788acc3529ae83825a0bab7b19b744de6fb3528dc67ed7146 19448
nova-xcp-network_2012.1.1-12_all.deb
603b5553aa7584e109289bbbff62a88539507debbd6a00ebd282c7406371a582 1712900
nova-doc_2012.1.1-12_all.deb
883e657f528de3a9d6634181224b9fb4db0b2a6791ffb1ff1bd5cb5498dc77f6 14698
nova-xvpvncproxy_2012.1.1-12_all.deb
7ad6bbd5cd316aa746ed1301fda23e362e29891a153425e1b37ec56850a72aeb 14602
nova-api-metadata_2012.1.1-12_all.deb
e4d1de3080298314bd2b5b12cf213283a8df2309a9d8e38b99fd983d797f23a7 14608
nova-api-os-compute_2012.1.1-12_all.deb
dcdc9c0791d9b8eca514942d50fbe01f34b2ca94cd415ad8797cf97bc0109799 14618
nova-api-os-volume_2012.1.1-12_all.deb
656229ac12916f6c5e6a25959791910a1eea728fe0b46685ef9d8f3e111433bc 14578
nova-api-ec2_2012.1.1-12_all.deb
Files:
645adde0c0a5e0004569a43dfc1a096a 3073 net extra nova_2012.1.1-12.dsc
321bef4667f17e2f97ee3d139bd1c672 59589 net extra nova_2012.1.1-12.debian.tar.gz
08555641def0defd989c6ba45e53ff37 1777804 python extra
python-nova_2012.1.1-12_all.deb
96f5ffb18567225dfb07a72f2db7246a 41112 net extra
nova-common_2012.1.1-12_all.deb
bc8a1ea2078d0b6f85d15c9871baa535 17200 net extra
nova-compute_2012.1.1-12_all.deb
fe1b52f92017a81d23b4b70f537f85d4 12308 net extra
nova-compute-lxc_2012.1.1-12_all.deb
2991279feb6d32eb3860db615d4db8c5 12326 net extra
nova-compute-uml_2012.1.1-12_all.deb
9772fb789c38c8bb6f821ed69cd1a0d3 16966 net extra
nova-compute-xen_2012.1.1-12_all.deb
a51bd7d054c0a5e46912f7f2fae08964 12228 net extra
nova-compute-qemu_2012.1.1-12_all.deb
e09b51e8261c2feae16f49f432f83990 12310 net extra
nova-compute-kvm_2012.1.1-12_all.deb
d817c55e076d7d8e7abdc404c5e5024b 14808 net extra
nova-scheduler_2012.1.1-12_all.deb
78cb8e2200145ff88c8c1ba27a74674f 15712 net extra
nova-volume_2012.1.1-12_all.deb
5f215e505b8ebfce7c03fa7ab0828d26 14704 net extra nova-api_2012.1.1-12_all.deb
947b6809eba0bdebe671febd72a0cf69 17630 net extra
nova-network_2012.1.1-12_all.deb
575bae833e171c881710dca8a7f9b11a 14908 net extra
nova-objectstore_2012.1.1-12_all.deb
b12ab99dd1d0e7e9c4fd51f1958660c4 15404 net extra
nova-console_2012.1.1-12_all.deb
d0418213ee6306e73dcf0426c22348cb 14774 net extra nova-cert_2012.1.1-12_all.deb
69e12feb9f26c857e40485603437fc67 34636 net extra
nova-xcp-plugins_2012.1.1-12_all.deb
5480f25e2c7c0ecb1024a6722e4b7bfe 19448 net extra
nova-xcp-network_2012.1.1-12_all.deb
ecd13137021c60deb02d4653af6c0983 1712900 doc extra nova-doc_2012.1.1-12_all.deb
b41c282f483fc5b8f07f20a81d10ab49 14698 net extra
nova-xvpvncproxy_2012.1.1-12_all.deb
d81a97515de7709a29e3717353815561 14602 net extra
nova-api-metadata_2012.1.1-12_all.deb
5f9c6da87ad403b3b1ea74dd86a7ca5f 14608 net extra
nova-api-os-compute_2012.1.1-12_all.deb
be0ad539f3e4be4df4ee140dfba6b91c 14618 net extra
nova-api-os-volume_2012.1.1-12_all.deb
dfac1b3212a53b12e8496100b481e6b1 14578 net extra
nova-api-ec2_2012.1.1-12_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlEH708ACgkQl4M9yZjvmkk1AgCeJko72fT/H/0aWvpJB/1L+m0s
BNEAn3YDER7bPY2B7cyqapC8KO3vHg25
=9Vcq
-----END PGP SIGNATURE-----
--- End Message ---
