Your message dated Thu, 14 Mar 2013 22:02:55 +0000
with message-id <e1uggeh-00026j...@franck.debian.org>
and subject line Bug#703064: fixed in nova 2012.2.3-3
has caused the Debian Bug report #703064,
regarding CVE-2013-1838: Nova DoS by allocating all Fixed IPs
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
703064: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703064
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: nova
Severity: grave
Tags: security
Vish Ishaya reported a vulnerability in Nova where there is no quota for
Fixed IPs. Previously the instance quota acted as a proxy for a Fixed IP
quota, but if your configuration allows an instance to consume more than
one Fixed IP via an extension such as multinic then this is no longer
true. Running out of Fixed IPs would result in not being able to spawn
new instances.
--- End Message ---
--- Begin Message ---
Source: nova
Source-Version: 2012.2.3-3
We believe that the bug you reported is fixed in the latest version of
nova, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 703...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <z...@debian.org> (supplier of updated nova package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 15 Mar 2013 05:15:23 +0800
Source: nova
Binary: python-nova nova-common nova-compute nova-compute-lxc nova-compute-uml
nova-compute-xen nova-compute-qemu nova-compute-kvm nova-xcp-plugins
nova-xcp-network nova-cert nova-scheduler nova-volume nova-xvpvncproxy nova-api
nova-network nova-objectstore nova-console nova-doc nova-api-os-volume
Architecture: source all
Version: 2012.2.3-3
Distribution: experimental
Urgency: low
Maintainer: PKG OpenStack <openstack-de...@lists.alioth.debian.org>
Changed-By: Thomas Goirand <z...@debian.org>
Description:
nova-api - OpenStack Compute - compute API frontend
nova-api-os-volume - OpenStack Compute - Volume API frontend
nova-cert - OpenStack Compute - certificate manager
nova-common - OpenStack Compute - common files
nova-compute - OpenStack Compute - compute node
nova-compute-kvm - OpenStack Compute - compute node (KVM)
nova-compute-lxc - OpenStack Compute - compute node (LXC)
nova-compute-qemu - OpenStack Compute - compute node (QEmu)
nova-compute-uml - OpenStack Compute - compute node (UserModeLinux)
nova-compute-xen - OpenStack Compute - compute node (Xen)
nova-console - OpenStack Compute - console
nova-doc - OpenStack Compute - documentation
nova-network - OpenStack Compute - network manager
nova-objectstore - OpenStack Compute - object store
nova-scheduler - OpenStack Compute - virtual machine scheduler
nova-volume - OpenStack Compute - storage
nova-xcp-network - OpenStack Compute network plugin for the Xen Cloud Platform
nova-xcp-plugins - OpenStack Compute plugin for the Xen Cloud Platform
nova-xvpvncproxy - OpenStack Compute - XVP VNC proxy
python-nova - OpenStack Compute - libraries
Closes: 703064
Changes:
nova (2012.2.3-3) experimental; urgency=low
.
* CVE-2013-1838: Nova DoS by allocating all Fixed IPs (Closes: #703064).
* Added || true in the unit testing.
Checksums-Sha1:
5184cf1c6ff0611f79e015a634c5f86aa87e796c 3139 nova_2012.2.3-3.dsc
7d57f273bc8ff00f2a609bbce4c010904250b08d 1472772 nova_2012.2.3-3.debian.tar.gz
4495fe090073497b7fa3e476dfb11859fa9bbc6e 2433908 python-nova_2012.2.3-3_all.deb
faeaa102d15d814891f04a154095b37448ce735b 1437236 nova-common_2012.2.3-3_all.deb
a57e5138c2d6911c1ac4fbd2af0915570d68d9f9 1409292
nova-compute_2012.2.3-3_all.deb
ee33591f07c76e5a60541e5b0775e8b7415be20f 1405090
nova-compute-lxc_2012.2.3-3_all.deb
abdf6192efedf95c5beb8ecc8f6dcc47be2383e3 1405106
nova-compute-uml_2012.2.3-3_all.deb
86a76a821bd51cf022dc594ce1767f74fcb1ebd8 1413982
nova-compute-xen_2012.2.3-3_all.deb
0d4715cd41a810847c75694946b40e109ad00a95 1405096
nova-compute-qemu_2012.2.3-3_all.deb
b81a4d7df0eeb2d2f616ba9149e3fb1c7c7d465e 1405180
nova-compute-kvm_2012.2.3-3_all.deb
ec01ccbb37dd2eb56538c32c60c5134d921d6261 1421510
nova-xcp-plugins_2012.2.3-3_all.deb
5ddbb06bd970c43b5187afcb3d60974fbf8f9918 1411496
nova-xcp-network_2012.2.3-3_all.deb
40bd1c14718a0a209b72bc9b1291ea1834b11436 1407362 nova-cert_2012.2.3-3_all.deb
cf49b2ceca2ad87135152881a6d56c3edd124e6b 1407384
nova-scheduler_2012.2.3-3_all.deb
73c69e81c3ab3838e3c1bacea050a3148b773f5d 1408096 nova-volume_2012.2.3-3_all.deb
7805020583a47497b87f395939c1b22570aa4c9a 1407324
nova-xvpvncproxy_2012.2.3-3_all.deb
6e6738814bd891c8af3d1342790f0b4d1cee113c 1413108 nova-api_2012.2.3-3_all.deb
b304c394ba53499c090d6931728032d65c84cdfc 1409724
nova-network_2012.2.3-3_all.deb
e8a44acfd21a32b56bb19b916da24b9e4152e521 1407472
nova-objectstore_2012.2.3-3_all.deb
e6a9b8f0576dcbccb97e71df0d5f242555d4287b 1407928
nova-console_2012.2.3-3_all.deb
60f5d16c62ad5f74906985ac26f639d2af0882f1 3495056 nova-doc_2012.2.3-3_all.deb
f16d6ab8e0068b0ef85c19e4c9d504de88bebee5 1407252
nova-api-os-volume_2012.2.3-3_all.deb
Checksums-Sha256:
93b1de064e888c95814efc4b84dfda9fa49a90f4e3e7c7970a07456ccd8a9838 3139
nova_2012.2.3-3.dsc
4b159e2e928f00ea5baa58fa85c97f4a59cd5e9c4d9ff99df12b8b9252e05be7 1472772
nova_2012.2.3-3.debian.tar.gz
7decf4885e0b1c8afcfdc258fdd52fd3b8cfadd9c33d807ec3a2f99ecc21f33b 2433908
python-nova_2012.2.3-3_all.deb
c11f7eb3203e2336340537c2fafcf67c77179336b05d47a5acab6eddf834660b 1437236
nova-common_2012.2.3-3_all.deb
422d6e562b9b330550653c56d57e34f13c8b23443effba9941a68e0d7604efe9 1409292
nova-compute_2012.2.3-3_all.deb
b19cc648e087cc8cd1772f517e0afaf95ebe96ce81f0ef8b5daa262477e04ebe 1405090
nova-compute-lxc_2012.2.3-3_all.deb
ddb1b068638191fb24776a8383a45690a81666f1dff79285ca9ab7c8dd1ccaf2 1405106
nova-compute-uml_2012.2.3-3_all.deb
eee937798aaab907854a7dcf2f66eb794dcd4733f3e9c740f4adf62df823f51f 1413982
nova-compute-xen_2012.2.3-3_all.deb
b53dac39d4df91420c0afeb51aa47604566320d4c539db408dfedb061a414243 1405096
nova-compute-qemu_2012.2.3-3_all.deb
3742b16948383c96d821028eec5c3257a262f5c56f87131dad6c3b29b7d30cf3 1405180
nova-compute-kvm_2012.2.3-3_all.deb
efd100d12a0fa0e43d7b0f25edb2ea6e1df01a34b14af3db49cb507342b2b245 1421510
nova-xcp-plugins_2012.2.3-3_all.deb
0bf77be799584f5a260a85ff17926132a8b104e113c030fa52802f45d472cd84 1411496
nova-xcp-network_2012.2.3-3_all.deb
7cb1fec8873c28ce9bb1932a637970c7a55828be8459d1b5e9dc2723781230e8 1407362
nova-cert_2012.2.3-3_all.deb
9c1231f458ce488e5f91e536e93da3f5e2033c290bb850cc9b2512e69b9d70dc 1407384
nova-scheduler_2012.2.3-3_all.deb
cf39a89ed192e30edc7902807d8680c85569969a92eeb2be48859c1b76cd8e70 1408096
nova-volume_2012.2.3-3_all.deb
268a9e69fbcbe0ad6ce70d81cc5578f7f06081772f71bb85753f0b3de5c1647b 1407324
nova-xvpvncproxy_2012.2.3-3_all.deb
5bceee781f9f3d7ee463fa4ff318033629f623054f36f4ff07e6a463c4ab428a 1413108
nova-api_2012.2.3-3_all.deb
808f45da352c23ac1e10280788df3e83ad5c2e2406f2fe302ecd367ef2176581 1409724
nova-network_2012.2.3-3_all.deb
2f7c2ac72089bbd791e6be1032b333fc9c09294bfe97916274c725714b3b1c30 1407472
nova-objectstore_2012.2.3-3_all.deb
b12db7f6820b0fd4fe3695169bcf64778810a98cd125f991d50597931fcc942e 1407928
nova-console_2012.2.3-3_all.deb
33fc87e5257c5deef328afe5088bc634dddfc19f19648bf3062c2bdbce8fa361 3495056
nova-doc_2012.2.3-3_all.deb
eb01f1373a1be61bc69c8a5bc6a92673f22f6d235e916fed7182a01befcb7aa8 1407252
nova-api-os-volume_2012.2.3-3_all.deb
Files:
d4c1bf1a3083dea121857d416522f6de 3139 net extra nova_2012.2.3-3.dsc
e0893aca20eda274007e02a59ee65588 1472772 net extra
nova_2012.2.3-3.debian.tar.gz
faad1c7a071a3190983adbc6ea116f1c 2433908 python extra
python-nova_2012.2.3-3_all.deb
219ed0280260588577382313e0b19010 1437236 net extra
nova-common_2012.2.3-3_all.deb
b6054d0942fb4ba78e79e6ff7c7c2d8e 1409292 net extra
nova-compute_2012.2.3-3_all.deb
e0349edf3d42804c5828ae95a7cc6565 1405090 net extra
nova-compute-lxc_2012.2.3-3_all.deb
a60733426b3718671597bd32a6525241 1405106 net extra
nova-compute-uml_2012.2.3-3_all.deb
12701ed94632c5169d7f239b121705ae 1413982 net extra
nova-compute-xen_2012.2.3-3_all.deb
fbc5111e6e068674543fba995fb95a20 1405096 net extra
nova-compute-qemu_2012.2.3-3_all.deb
00b49fc71df30827b76c64449093605d 1405180 net extra
nova-compute-kvm_2012.2.3-3_all.deb
5ebc27595d494fe280ce77ea269b6d07 1421510 net extra
nova-xcp-plugins_2012.2.3-3_all.deb
3fe22f6070832d9ad1a29bb6de1d1a94 1411496 net extra
nova-xcp-network_2012.2.3-3_all.deb
22c9b1a16d21b00c8e66a29200295d56 1407362 net extra nova-cert_2012.2.3-3_all.deb
1fbd9ef7683ca013355546c595079b74 1407384 net extra
nova-scheduler_2012.2.3-3_all.deb
0c24613e6760f0d78c3a14da3f87314e 1408096 net extra
nova-volume_2012.2.3-3_all.deb
5a886284bdb8a2da49bf9b34c715fbb5 1407324 net extra
nova-xvpvncproxy_2012.2.3-3_all.deb
5da18f03bf75611c97da21a96f6007be 1413108 net extra nova-api_2012.2.3-3_all.deb
c70b33d5416132a991fa391910e1de44 1409724 net extra
nova-network_2012.2.3-3_all.deb
cf3d0c43eebcc8859f4d6a299d495c43 1407472 net extra
nova-objectstore_2012.2.3-3_all.deb
5fef9422d3e0897c57108e2c5de5a6aa 1407928 net extra
nova-console_2012.2.3-3_all.deb
0a0178d72e5ecddc717fb3ce693d98fc 3495056 doc extra nova-doc_2012.2.3-3_all.deb
dce0aa098cfaf5d449068ac344bedd86 1407252 net extra
nova-api-os-volume_2012.2.3-3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlFCRqkACgkQl4M9yZjvmkmc7gCfYTwKIEJdTH1uVHd6zpdE8T6H
X0YAoJxmqRyRGOBFbyH8YorqII10LJ42
=kyW5
-----END PGP SIGNATURE-----
--- End Message ---
