Cinder

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #1823200
Comment #100

Comment 100 for bug 1823200

Revision history for this message

Corey Bryant (corey.bryant) wrote on 2020-07-08:

#100

This bug was fixed in the package cinder - 2:16.1.0-0ubuntu1~cloud0
---------------

cinder (2:16.1.0-0ubuntu1~cloud0) bionic-ussuri; urgency=medium
.
   * New upstream release for the Ubuntu Cloud Archive.
.
cinder (2:16.1.0-0ubuntu1) focal-security; urgency=medium
.
   [ Chris MacNaughton ]
   * New stable point release for OpenStack Ussuri (LP: #1883879).
.
   [ Corey Bryant ]
   * SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
     (LP: #1823200)
     - Remove VxFlex OS credentials from connection_properties. Passwords are
       now stored in separate file and are retrieved during each attach/detach
       operation. Cinder is patched in 16.1.0 stable point release.
     - d/control: Align (Build-)Depends with min version of python3-os-brick
       required to fix credential exposure.
     - CVE-2020-10755