[OSSA 2013-030] xenapi migrations don't apply security group filters (CVE-2013-4497)
Bug #1073306 reported by
Chris Behrens
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
High
|
John Garbutt | ||
Grizzly |
Fix Released
|
High
|
John Garbutt | ||
OpenStack Security Advisory |
Fix Released
|
High
|
Jeremy Stanley |
Bug Description
xenapi's finish_migration() is missing code to apply security group rules, etc. There's code in spawn() that appears we need to also use in finish_migration().
(Somewhat related, see: https:/
CVE References
Changed in nova: | |
importance: | Undecided → Medium |
status: | New → Triaged |
tags: | added: xenserver |
Changed in nova: | |
assignee: | nobody → Euan Harris (euanh) |
Changed in nova: | |
status: | Triaged → In Progress |
Changed in nova: | |
assignee: | Euan Harris (euanh) → John Garbutt (johngarbutt) |
Changed in ossa: | |
assignee: | nobody → Jeremy Stanley (fungi) |
Changed in nova: | |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | havana-rc1 → 2013.2 |
tags: | added: folsom-backport-potential grizzly-backport-potential |
Changed in ossa: | |
status: | Triaged → In Progress |
summary: |
- xenapi migrations don't apply security group filters + xenapi migrations don't apply security group filters (CVE-2013-4497) |
no longer affects: | nova/folsom |
Changed in ossa: | |
status: | In Progress → Fix Committed |
tags: | removed: folsom-backport-potential grizzly-backport-potential |
To post a comment you must log in.
This seems to have got fixed by the work on: /bugs.launchpad .net/nova/ +bug/1073303
https:/
Sorry for the clash, but would really appreciate you checking I have made the same changes.