CVE-2023-2088 regressions

This bug was fixed in the package cinder - 2:22.0.0-0ubuntu3

---------------
cinder (2:22.0.0-0ubuntu3) mantic; urgency=medium

  * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
    - debian/patches/series: Do not apply CVE-2023-2088.patch until
      patches are ready for all upstream OpenStack projects.
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Thu, 18 May 2023 10:53:15 -0400

This bug was fixed in the package nova - 3:27.0.0-0ubuntu3

---------------
nova (3:27.0.0-0ubuntu3) mantic; urgency=medium

  * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
    - debian/patches/series: Do not apply CVE-2023-2088.patch until
      patches are ready for all upstream OpenStack projects.
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Thu, 18 May 2023 10:50:36 -0400

This bug was fixed in the package python-glance-store - 4.3.0-0ubuntu3

---------------
python-glance-store (4.3.0-0ubuntu3) mantic; urgency=medium

  * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
    - debian/patches/series: Do not apply CVE-2023-2088.patch until
      patches are ready for all upstream OpenStack projects.
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Thu, 18 May 2023 11:09:59 -0400

There's some other regressions identified here as well - https://bugs.launchpad.net/charm-nova-compute/+bug/2019888 is one such example.

Hello Corey, or anyone else affected,

Accepted cinder into xena-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:xena-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-xena-needed to verification-xena-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-xena-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted cinder into wallaby-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:wallaby-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-wallaby-needed to verification-wallaby-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-wallaby-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted nova into xena-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:xena-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-xena-needed to verification-xena-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-xena-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted cinder into victoria-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:victoria-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-victoria-needed to verification-victoria-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-victoria-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-glance-store into xena-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:xena-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-xena-needed to verification-xena-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-xena-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted nova into victoria-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:victoria-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-victoria-needed to verification-victoria-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-victoria-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-glance-store into victoria-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:victoria-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-victoria-needed to verification-victoria-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-victoria-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-os-brick into victoria-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:victoria-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-victoria-needed to verification-victoria-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-victoria-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted nova into wallaby-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:wallaby-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-wallaby-needed to verification-wallaby-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-wallaby-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-glance-store into wallaby-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:wallaby-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-wallaby-needed to verification-wallaby-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-wallaby-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-os-brick into wallaby-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:wallaby-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-wallaby-needed to verification-wallaby-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-wallaby-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-os-brick into xena-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:xena-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-xena-needed to verification-xena-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-xena-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

This bug was fixed in the package python-os-brick - 6.2.0-0ubuntu4

---------------
python-os-brick (6.2.0-0ubuntu4) mantic; urgency=medium

  * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
    - debian/patches/series: Do not apply CVE-2023-2088.patch until
      patches are ready for all upstream OpenStack projects.
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Thu, 18 May 2023 11:06:13 -0400

Hello Corey, or anyone else affected,

Accepted cinder into zed-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:zed-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-zed-needed to verification-zed-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-zed-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted nova into zed-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:zed-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-zed-needed to verification-zed-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-zed-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

The verification of the Stable Release Update for cinder has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package cinder - 2:19.3.0-0ubuntu1~cloud1
---------------

 cinder (2:19.3.0-0ubuntu1~cloud1) focal-xena; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088
 .
 cinder (2:19.3.0-0ubuntu1~cloud0) focal-xena; urgency=medium
 .
   * New stable point release for OpenStack Xena (LP: #2019762).

The verification of the Stable Release Update for nova has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package nova - 3:24.2.1-0ubuntu1~cloud1
---------------

 nova (3:24.2.1-0ubuntu1~cloud1) focal-xena; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088
 .
 nova (3:24.2.1-0ubuntu1~cloud0) focal-xena; urgency=medium
 .
   * New stable point release for OpenStack Xena (LP: #2019762).

The verification of the Stable Release Update for python-glance-store has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-glance-store - 2.7.0-0ubuntu1~cloud2
---------------

 python-glance-store (2.7.0-0ubuntu1~cloud2) focal-xena; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-os-brick has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-os-brick - 5.0.3-0ubuntu1~cloud1
---------------

 python-os-brick (5.0.3-0ubuntu1~cloud1) focal-xena; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for cinder has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package cinder - 2:18.2.1-0ubuntu1~cloud4
---------------

 cinder (2:18.2.1-0ubuntu1~cloud4) focal-wallaby; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for nova has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package nova - 3:23.2.2-0ubuntu1~cloud4
---------------

 nova (3:23.2.2-0ubuntu1~cloud4) focal-wallaby; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-glance-store has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-glance-store - 2.5.0-0ubuntu2~cloud2
---------------

 python-glance-store (2.5.0-0ubuntu2~cloud2) focal-wallaby; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-os-brick has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-os-brick - 4.3.3-0ubuntu1~cloud2
---------------

 python-os-brick (4.3.3-0ubuntu1~cloud2) focal-wallaby; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for cinder has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package cinder - 2:17.4.0-0ubuntu1~cloud4
---------------

 cinder (2:17.4.0-0ubuntu1~cloud4) focal-victoria; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for nova has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package nova - 2:22.4.0-0ubuntu1~cloud4
---------------

 nova (2:22.4.0-0ubuntu1~cloud4) focal-victoria; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-glance-store has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-os-brick - 5.2.2-0ubuntu1.1

---------------
python-os-brick (5.2.2-0ubuntu1.1) jammy-security; urgency=medium

  * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
    - debian/patches/series: Do not apply CVE-2023-2088.patch until
      patches are ready for all upstream OpenStack projects.
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Thu, 18 May 2023 11:08:32 -0400

Hello Corey, or anyone else affected,

Accepted python-glance-store into zed-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:zed-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-zed-needed to verification-zed-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-zed-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-glance-store into yoga-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:yoga-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-yoga-needed to verification-yoga-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-yoga-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-os-brick into zed-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:zed-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-zed-needed to verification-zed-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-zed-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-os-brick into yoga-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:yoga-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-yoga-needed to verification-yoga-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-yoga-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted cinder into antelope-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:antelope-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-antelope-needed to verification-antelope-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-antelope-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted nova into antelope-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:antelope-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-antelope-needed to verification-antelope-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-antelope-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-glance-store into antelope-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:antelope-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-antelope-needed to verification-antelope-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-antelope-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Corey, or anyone else affected,

Accepted python-os-brick into antelope-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:antelope-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-antelope-needed to verification-antelope-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-antelope-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

The verification of the Stable Release Update for cinder has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package cinder - 2:21.2.0-0ubuntu1~cloud0
---------------

 cinder (2:21.2.0-0ubuntu1~cloud0) jammy-zed; urgency=medium
 .
   * New upstream release for the Ubuntu Cloud Archive.
 .
 cinder (2:21.2.0-0ubuntu1) kinetic; urgency=medium
 .
   * New stable point release for OpenStack Zed (LP: #2019755).
   * d/p/lp1945500.patch: Dropped. Fixed in stable point release.
 .
 cinder (2:21.1.0-0ubuntu2.2) kinetic-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for nova has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package nova - 3:26.1.1-0ubuntu1~cloud0
---------------

 nova (3:26.1.1-0ubuntu1~cloud0) jammy-zed; urgency=medium
 .
   * New upstream release for the Ubuntu Cloud Archive.
 .
 nova (3:26.1.1-0ubuntu1) kinetic; urgency=medium
 .
   * New stable point release for OpenStack Zed (LP: #2019755).
 .
 nova (3:26.1.0-0ubuntu2.2) kinetic-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-glance-store has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-glance-store - 4.1.0-0ubuntu1.2~cloud0
---------------

 python-glance-store (4.1.0-0ubuntu1.2~cloud0) jammy-zed; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 python-glance-store (4.1.0-0ubuntu1.2) kinetic-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-os-brick has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-os-brick - 6.1.0-0ubuntu1.2~cloud0
---------------

 python-os-brick (6.1.0-0ubuntu1.2~cloud0) jammy-zed; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 python-os-brick (6.1.0-0ubuntu1.2) kinetic-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for cinder has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package cinder - 2:22.0.0-0ubuntu1.2~cloud0
---------------

 cinder (2:22.0.0-0ubuntu1.2~cloud0) jammy-antelope; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 cinder (2:22.0.0-0ubuntu1.2) lunar-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for nova has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package nova - 3:27.0.0-0ubuntu1.2~cloud0
---------------

 nova (3:27.0.0-0ubuntu1.2~cloud0) jammy-antelope; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 nova (3:27.0.0-0ubuntu1.2) lunar-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-glance-store has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-glance-store - 4.3.0-0ubuntu1.2~cloud0
---------------

 python-glance-store (4.3.0-0ubuntu1.2~cloud0) jammy-antelope; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 python-glance-store (4.3.0-0ubuntu1.2) lunar-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-os-brick has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-os-brick - 6.2.0-0ubuntu2.2~cloud0
---------------

 python-os-brick (6.2.0-0ubuntu2.2~cloud0) jammy-antelope; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 python-os-brick (6.2.0-0ubuntu2.2) lunar-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for cinder has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package cinder - 2:20.2.0-0ubuntu1~cloud0
---------------

 cinder (2:20.2.0-0ubuntu1~cloud0) focal-yoga; urgency=medium
 .
   * New upstream release for the Ubuntu Cloud Archive.
 .
 cinder (2:20.2.0-0ubuntu1) jammy; urgency=medium
 .
   * New stable point release for OpenStack Yoga (LP: #2019759).
   * d/p/lp1945500.patch: Dropped. Fixed in stable point release.
 .
 cinder (2:20.1.0-0ubuntu2.2) jammy-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for nova has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package nova - 3:25.1.1-0ubuntu1~cloud0
---------------

 nova (3:25.1.1-0ubuntu1~cloud0) focal-yoga; urgency=medium
 .
   * New upstream release for the Ubuntu Cloud Archive.
 .
 nova (3:25.1.1-0ubuntu1) jammy; urgency=medium
 .
   * New stable point release for OpenStack Yoga (LP: #2019759).
   * d/p/ignore-deleted-server-groups-in-validation.patch: Dropped. Fixed
     in stable point release.
 .
 nova (3:25.1.0-0ubuntu2.2) jammy-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-glance-store has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-glance-store - 3.0.0-0ubuntu1.2~cloud0
---------------

 python-glance-store (3.0.0-0ubuntu1.2~cloud0) focal-yoga; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 python-glance-store (3.0.0-0ubuntu1.2) jammy-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

The verification of the Stable Release Update for python-os-brick has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package python-os-brick - 5.2.2-0ubuntu1.1~cloud0
---------------

 python-os-brick (5.2.2-0ubuntu1.1~cloud0) focal-yoga; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 python-os-brick (5.2.2-0ubuntu1.1) jammy-security; urgency=medium
 .
   * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
     - debian/patches/series: Do not apply CVE-2023-2088.patch until
       patches are ready for all upstream OpenStack projects.
     - CVE-2023-2088

For Nova there is yet an other patch / point release missing to mitigate this these regression: https://review.opendev.org/c/openstack/nova/+/882864

So required for Nova are point releases >=25.2.0 (https://docs.openstack.org/releasenotes/nova/yoga.html#relnotes-25-2-0-stable-yoga).

Corey, could you kindly update the packages for Nova to 25.2.x then?

When those patches are going to land in the stable channels? I have deployed a charmed openstack yoga/stable platform which is still affected by those regressions.

The patch pointed out by Christian is already in the package available in jammy-updates and focal-yoga cloud archive.

$ git tag --contains 98c3e3707c08a07f7ca5996086b165512f604ad6
25.2.0
25.2.1
$ rmadison nova | grep jammy
 nova | 3:25.0.0-0ubuntu1 | jammy | source
 nova | 3:25.1.1-0ubuntu1.1 | jammy-security | source
 nova | 3:25.2.0-0ubuntu1 | jammy-updates | source # <- this package contains the fix
$ cmadison nova | grep yoga
 nova | 3:25.2.0-0ubuntu1~cloud0 | yoga | focal-updates | source # <- this package contains the fix
 nova | 3:25.2.0-0ubuntu1~cloud0 | yoga-proposed | focal-proposed | source

I've updated the packages to the required version manually (unattended-upgrades was stuck in configuration prompt and did not update the packages itself) and restarted the services. The problem still remains that when instance is deleted volume is not deleted and stuck in attached state. Error in nova-compute states:

ERROR nova.volume.cinder [req-73a404fd-92dd-4458-a951-b784fccb6515 c23a1dcf89be43aea4102a4a225ee45e b2f401016d434d3e82636ea595703be4 - 31b5b42eb1a6430da321f73f400f5b5b 31b5b42eb1a6430da321f73f400f5b5b] Delete attachment failed for attachment 2c680876-e37a-4249-966a-6039296e73d2. Error: ConflictNovaUsingAttachment: Detach volume from instance 2cef6a3d-61ea-4851-a1ff-b968171de874 using the Compute API (HTTP 409) (Request-ID: req-43d628f7-5ee1-43dc-9b1e-12004362df14) Code: 409: cinderclient.exceptions.ClientException: ConflictNovaUsingAttachment: Detach volume from instance 2cef6a3d-61ea-4851-a1ff-b968171de874 using the Compute API (HTTP 409) (Request-ID: req-43d628f7-5ee1-43dc-9b1e-12004362df14)

@hyperbaba, if you are still having issues, then we're going to need more information about your system please. Please could you have a read of:

https://docs.openstack.org/charm-guide/yoga/community/software-bug.html

Specifically, the juju status, juju bundle and (juju and service) logs from cinder and nova will be needed please.

I have a customer running 25.2.1-0ubuntu1 and still facing the issue as well. Error message:

2024-02-13 15:55:34.800 4709 INFO nova.virt.libvirt.driver [-] [instance: 34fa4d8e-1ef3-4195-bbe2-ecbc6a0f75c4] Migration operation has completed
2024-02-13 15:55:34.801 4709 INFO nova.compute.manager [-] [instance: 34fa4d8e-1ef3-4195-bbe2-ecbc6a0f75c4] _post_live_migration() is started..
2024-02-13 15:55:34.833 4709 WARNING os_brick.initiator.connectors.nvmeof [-] Process execution error in _get_host_uuid: [Errno 13] Permission denied
Command: blkid /dev/sda2 -s UUID -o value
Exit code: -
Stdout: None
Stderr: None: oslo_concurrency.processutils.ProcessExecutionError: [Errno 13] Permission denied
2024-02-13 15:55:34.853 4709 WARNING os_brick.initiator.connectors.nvmeof [-] Unknown error when checking presence of nvme: [Errno 13] Permission denied: 'nvme': PermissionError: [Errno 13] Permission denied: 'nvme'
2024-02-13 15:55:34.860 2598623 WARNING os_brick.privileged.nvmeof [-] Could not generate host nqn: [Errno 13] Permission denied: 'nvme'

so apparently there was some confusion regarding what the bug really is. As this is marked as a duplicate and a solution of LP#2019888, which contains the same error messages in the logs, I mistakenly assumed to be the same problem. The error logs I pasted above actually relate to LP#1979812 and LP#2039161.