Your message dated Thu, 14 Mar 2013 21:48:57 +0000
with message-id <e1ugg1b-0007cg...@franck.debian.org>
and subject line Bug#703064: fixed in nova 2012.1.1-15
has caused the Debian Bug report #703064,
regarding CVE-2013-1838: Nova DoS by allocating all Fixed IPs
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
703064: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703064
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: nova
Severity: grave
Tags: security
Vish Ishaya reported a vulnerability in Nova where there is no quota for
Fixed IPs. Previously the instance quota acted as a proxy for a Fixed IP
quota, but if your configuration allows an instance to consume more than
one Fixed IP via an extension such as multinic then this is no longer
true. Running out of Fixed IPs would result in not being able to spawn
new instances.
--- End Message ---
--- Begin Message ---
Source: nova
Source-Version: 2012.1.1-15
We believe that the bug you reported is fixed in the latest version of
nova, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 703...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <z...@debian.org> (supplier of updated nova package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 15 Mar 2013 05:07:45 +0800
Source: nova
Binary: python-nova nova-common nova-compute nova-compute-lxc nova-compute-uml
nova-compute-xen nova-compute-qemu nova-compute-kvm nova-scheduler nova-volume
nova-api nova-network nova-objectstore nova-console nova-cert nova-xcp-plugins
nova-xcp-network nova-doc nova-xvpvncproxy nova-api-metadata
nova-api-os-compute nova-api-os-volume nova-api-ec2
Architecture: source all
Version: 2012.1.1-15
Distribution: unstable
Urgency: low
Maintainer: PKG OpenStack <openstack-de...@lists.alioth.debian.org>
Changed-By: Thomas Goirand <z...@debian.org>
Description:
nova-api - OpenStack Compute - compute API frontend
nova-api-ec2 - OpenStack Compute - EC2 API frontend
nova-api-metadata - OpenStack Compute - metadata API frontend
nova-api-os-compute - OpenStack Compute - compute API frontend
nova-api-os-volume - OpenStack Compute - Volume API frontend
nova-cert - OpenStack Compute - certificate manager
nova-common - OpenStack Compute - common files
nova-compute - OpenStack Compute - compute node
nova-compute-kvm - OpenStack Compute - compute node (KVM)
nova-compute-lxc - OpenStack Compute - compute node (LXC)
nova-compute-qemu - OpenStack Compute - compute node (QEmu)
nova-compute-uml - OpenStack Compute - compute node (UserModeLinux)
nova-compute-xen - OpenStack Compute - compute node (Xen)
nova-console - OpenStack Compute - console
nova-doc - OpenStack Compute - documentation
nova-network - OpenStack Compute - network manager
nova-objectstore - OpenStack Compute - object store
nova-scheduler - OpenStack Compute - virtual machine scheduler
nova-volume - OpenStack Compute - storage
nova-xcp-network - OpenStack Compute network plugin for the Xen Cloud Platform
nova-xcp-plugins - OpenStack Compute plugin for the Xen Cloud Platform
nova-xvpvncproxy - OpenStack Compute - XVP VNC proxy
python-nova - OpenStack Compute - libraries
Closes: 703064
Changes:
nova (2012.1.1-15) unstable; urgency=low
.
* CVE-2013-1838: Nova DoS by allocating all Fixed IPs (Closes: #703064).
Checksums-Sha1:
e768f196f45db6000ed94325e4a3c04aa7a6bc26 3073 nova_2012.1.1-15.dsc
d26d29ca0110dc49af0615ef6b9dd401d1f6412e 68551 nova_2012.1.1-15.debian.tar.gz
552558cd965031b8ffffa87ea74f8c9ffab1a13f 1780256
python-nova_2012.1.1-15_all.deb
16dad688b81844ee4bf45c7520ccfd5b7f485469 41244 nova-common_2012.1.1-15_all.deb
680962c28f88dfd04b2d7fa9333bd65d516be2b7 17356 nova-compute_2012.1.1-15_all.deb
e9fba67ee6094dd21c9ecfaaaaba19f8edcc8404 12468
nova-compute-lxc_2012.1.1-15_all.deb
5a02000e348d69c502b87b94b2d48d5a19afacf0 12484
nova-compute-uml_2012.1.1-15_all.deb
279874e70aeb7b901eecf841300513266c69fc28 17126
nova-compute-xen_2012.1.1-15_all.deb
b9828721300d28c67c9640eabcf44deff0c7ae84 12392
nova-compute-qemu_2012.1.1-15_all.deb
6b4ce64a6387b79305cd665b51885ad5fcfbbaa4 12472
nova-compute-kvm_2012.1.1-15_all.deb
9ba70dbd19618a7b318c74472a57a30d94ed6cdf 14966
nova-scheduler_2012.1.1-15_all.deb
f2b67fef7d04294114c65b57a44a771e21cbf179 15882 nova-volume_2012.1.1-15_all.deb
d7534ac6e95ce332c617603a4db0310b09b3cbec 14870 nova-api_2012.1.1-15_all.deb
c7aaccb76818dd6beabf0becab9e16775473a2e0 17794 nova-network_2012.1.1-15_all.deb
64842a396a65e7d5b01c4ee7dbf17c86fb77e988 15068
nova-objectstore_2012.1.1-15_all.deb
1b03ca501180132be0cc98b59d79f828656fb4c4 15566 nova-console_2012.1.1-15_all.deb
26db5e2141fd7a4081c43fae1b58abecaaa42c0e 14936 nova-cert_2012.1.1-15_all.deb
92e24ea35e0e5b77278958564dd3905b2fe253f8 34764
nova-xcp-plugins_2012.1.1-15_all.deb
7f5795961f56e0ea80e5eea14cf1241e33397c7a 19608
nova-xcp-network_2012.1.1-15_all.deb
6868bec45ea71f612e5998d27f7dece1555a9c2d 1714712 nova-doc_2012.1.1-15_all.deb
f6a2386a1901712f227b12686b72adf198c0dff1 14860
nova-xvpvncproxy_2012.1.1-15_all.deb
ccfd47b202abfe89b7b808cccb09ecfbab13a34c 14768
nova-api-metadata_2012.1.1-15_all.deb
2d223ba62738b52100d4201f04c1bcdf894bd7ed 14774
nova-api-os-compute_2012.1.1-15_all.deb
e4c1788d2a70811360a5aac51563beca5663648a 14782
nova-api-os-volume_2012.1.1-15_all.deb
5589162cd86a99370d4cc9ddc06ec796568ea5b3 14742 nova-api-ec2_2012.1.1-15_all.deb
Checksums-Sha256:
809c9defb548c4f96eda88c21f47bcd6531a029941ea11dda07da0388545a2b5 3073
nova_2012.1.1-15.dsc
3720a2ffb59e1daff77e877de8d3a6c03533f57224685cfd823907533dc6e8a6 68551
nova_2012.1.1-15.debian.tar.gz
eb923566c1c24b7ba7e738c6b9ab3afc640cad5202f780df1ff7fee679628674 1780256
python-nova_2012.1.1-15_all.deb
5342a1fd756a4dc415a41fd48567fe62fbdf88dfd447ff9e7e541dc5e964179c 41244
nova-common_2012.1.1-15_all.deb
1b3e93858e5ef4366141b0c4e5d06d3e144f5bb7b37acda1615aae4846c59076 17356
nova-compute_2012.1.1-15_all.deb
e9a864354327b95f04b975ad9c3ce5eed338b7b050fe3a026cdcd7d7bdb6b5ee 12468
nova-compute-lxc_2012.1.1-15_all.deb
1e7b4a9cea8aa41917d616e61f24a207b2937ffc97bcf6cd09f829f6ab62cd1f 12484
nova-compute-uml_2012.1.1-15_all.deb
aec886e967a09846802733f4064268fe8f6e89c3d33c9a837615c1d15136e648 17126
nova-compute-xen_2012.1.1-15_all.deb
08e7af11287f70810290bd28a9bd1a8e49bd91b7e02106f7d3539a4912e6ced2 12392
nova-compute-qemu_2012.1.1-15_all.deb
b55ffb38ebae8babdeabdab98b012b136cf729389f4b73cb696ff40d3693e3d1 12472
nova-compute-kvm_2012.1.1-15_all.deb
cadc2e9e91cd5c8ae0d6030884b24a24f724baa1c73129ba784000af3af43b4f 14966
nova-scheduler_2012.1.1-15_all.deb
c0ab0e3e867f7584f662642704592deafbf452696748be7445a94ffa8aa23be3 15882
nova-volume_2012.1.1-15_all.deb
d9e33c93fb358313a39aa72e9b13ce8d37b70a57483de974e9256d179584806b 14870
nova-api_2012.1.1-15_all.deb
59ebcea9cd4b00d21d9c68da1a8e195272531e533365763fd35f475d7391c414 17794
nova-network_2012.1.1-15_all.deb
52aa303aa79cb0d0d28875185d42cdd7148a4569d6e515ca722ea9caf814fb77 15068
nova-objectstore_2012.1.1-15_all.deb
af8b892fbe8ed73b5438f4e46810720ffe8079a21e2ad192f6bb18d62dbe216e 15566
nova-console_2012.1.1-15_all.deb
ed1518735586894a8e9c713a4b97e597f250122bff490f8f7bfa9332b5eb157d 14936
nova-cert_2012.1.1-15_all.deb
b0d215ccd1cabde1662d4fdd888df501f5f8c7a91b4d7c1deb2533833759e632 34764
nova-xcp-plugins_2012.1.1-15_all.deb
6e51699a7fa427e1d0437089c27804e953ed428c3ce3534db257fdfbff160f3f 19608
nova-xcp-network_2012.1.1-15_all.deb
0915bc2bf53b6e83bb73fb1f5362403b4ecfae5f3db997c271323637212eade8 1714712
nova-doc_2012.1.1-15_all.deb
9d44d427fd457ace8b939bb68218dbe949fa2ac632314c1a371fecccb0ede772 14860
nova-xvpvncproxy_2012.1.1-15_all.deb
bd157bcb71a552c192374e78b1ac1c12d7d355a42506495878aa6ad8fa707eba 14768
nova-api-metadata_2012.1.1-15_all.deb
99396df751f8c36bdcb8fda2942e4960187f5f35749c015ef72c820e764a5060 14774
nova-api-os-compute_2012.1.1-15_all.deb
c54a7a90c0d069c216e259cbd7368fb01d4561c08459d76de3998ad2ae76bd1e 14782
nova-api-os-volume_2012.1.1-15_all.deb
9c75cb199b1c2a804ea1eead17a9470ce4e085ccef0540d4a0b966635f291318 14742
nova-api-ec2_2012.1.1-15_all.deb
Files:
144df8d473b19a263c9f6291b1ba3e3c 3073 net extra nova_2012.1.1-15.dsc
ab56cdee66b90e0cdbab9c411da9c7f3 68551 net extra nova_2012.1.1-15.debian.tar.gz
c202536a7c68408601db40f56b9a5a87 1780256 python extra
python-nova_2012.1.1-15_all.deb
e35e8e876c273f3888793104ba3b15a5 41244 net extra
nova-common_2012.1.1-15_all.deb
7b84c45a0382f3802c7f6726bf7da1a0 17356 net extra
nova-compute_2012.1.1-15_all.deb
78455d57eb634232850c442e73662f66 12468 net extra
nova-compute-lxc_2012.1.1-15_all.deb
0b17472ad1dad90b5521897930c52bdc 12484 net extra
nova-compute-uml_2012.1.1-15_all.deb
9ee8b1f282a3a52d7e343439d965eeab 17126 net extra
nova-compute-xen_2012.1.1-15_all.deb
eb9887be4e482fc3edf9b94ddb322ec9 12392 net extra
nova-compute-qemu_2012.1.1-15_all.deb
65773a6e0db0b8f5d3f5eeb405f5ab4f 12472 net extra
nova-compute-kvm_2012.1.1-15_all.deb
df96e3ed900977434a410003592699c5 14966 net extra
nova-scheduler_2012.1.1-15_all.deb
23c8b813fc42e9a02aceea74ff243d59 15882 net extra
nova-volume_2012.1.1-15_all.deb
8334c5c3e84a7f1e6434bb74c7afaceb 14870 net extra nova-api_2012.1.1-15_all.deb
146f1c132480a47110726134dfe9d1fa 17794 net extra
nova-network_2012.1.1-15_all.deb
538ab17560fa7cd9571593a277532d4b 15068 net extra
nova-objectstore_2012.1.1-15_all.deb
382033975af9eda463a028f15b161763 15566 net extra
nova-console_2012.1.1-15_all.deb
5162d75dc659f223517505f0b1c3ff55 14936 net extra nova-cert_2012.1.1-15_all.deb
82b61d8214c790fb5a4b191fc870dfa8 34764 net extra
nova-xcp-plugins_2012.1.1-15_all.deb
047653c47dfb6273412b3a5fcbc2b79f 19608 net extra
nova-xcp-network_2012.1.1-15_all.deb
f0e7515b2e38791473acdffd343aedef 1714712 doc extra nova-doc_2012.1.1-15_all.deb
06027f96f487ab4e68f98f55851dddb0 14860 net extra
nova-xvpvncproxy_2012.1.1-15_all.deb
5077ccc60721341bff04fa0e1d81babe 14768 net extra
nova-api-metadata_2012.1.1-15_all.deb
7ff29c5260bf3096da1d39e5451b3db9 14774 net extra
nova-api-os-compute_2012.1.1-15_all.deb
ae4c6544a6a7f2579ab705e88349b858 14782 net extra
nova-api-os-volume_2012.1.1-15_all.deb
f73125ab918db9a584fe69341305f203 14742 net extra
nova-api-ec2_2012.1.1-15_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlFCQfgACgkQl4M9yZjvmknhwACeMBamnpUj7WxLc4+7LEoSEm+h
1xoAoMQbQDE+6F9F0ZkSdvvLiUd0k3pl
=Mac6
-----END PGP SIGNATURE-----
--- End Message ---
