It looks good to me. I only added one line to the changelog mentioning that a CVE has not yet been assigned.
The build log comparison between the patched and unpatched nova-lxd xenial packages looks good. I've uploaded the package to the public security-proposed PPA:
The binary packages are being published in the PPA as I type. Please do QA on the nova-lxd packages in the PPA, as they will be copied to xenial-security, and report the results in this bug.
Since the fix is public, I'm going to make this bug public and request a CVE on the oss-security list.
Thanks for the debdiff, James!
It looks good to me. I only added one line to the changelog mentioning that a CVE has not yet been assigned.
The build log comparison between the patched and unpatched nova-lxd xenial packages looks good. I've uploaded the package to the public security-proposed PPA:
https:/ /launchpad. net/~ubuntu- security- proposed/ +archive/ ubuntu/ ppa
The binary packages are being published in the PPA as I type. Please do QA on the nova-lxd packages in the PPA, as they will be copied to xenial-security, and report the results in this bug.
Since the fix is public, I'm going to make this bug public and request a CVE on the oss-security list.