Comment 241 for bug 2059809
Revision history for this message
| Dan Smith (danms) wrote Re: Arbitrary file access through QCOW2 external data file (CVE-2024-32498) | #241 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Well, if you uploaded it as raw, nova treating it as raw from then on is actually what we *should* have been doing all along. So from that perspective, I think that's expected. The problem comes if we later treat it as non-raw, but I think that the later patch in nova should catch that if we do and run its own checks.
Are you just reporting that it gets treated as raw (as described in glance) or that there's an actual issue later with it reading an external file?