Hi there!
Sean, I tried applying your backport patch on top of Bobcat and Caracal, and each time, it doesn't apply. I would resolve the conflicts by myself, if only this didn't mean I'm probably missing a (critical?) patch:
$ quilt push
Applying patch debian/patches/CVE-2024-XXXXX_4_Change-force_format-strategy-to-catch-mismatches_caracal.patch
patching file nova/tests/unit/virt/libvirt/test_utils.py
patching file nova/tests/unit/virt/test_images.py
Hunk #8 FAILED at 318.
Hunk #9 succeeded at 342 (offset -18 lines).
1 out of 9 hunks FAILED -- rejects in file nova/tests/unit/virt/test_images.py
patching file nova/virt/images.py
Hunk #1 FAILED at 143.
1 out of 2 hunks FAILED -- rejects in file nova/virt/images.py
Note that this is my current patch stack in debian/series:
CVE-2024-32498_1_nova-stable-2024.1_Reject_qcow_files_with_data-file_attributes.patch
CVE-2024-32498_2_nova-stable-2024.1_Check_images_with_format_inspector_for_safety.patch
CVE-2024-32498_3_nova-stable-2024.1_Additional-qemu-safety-checking-on-base-images.patch
CVE-2024-32498_4_Fix-vmdk_allowed_types-checking.patch
CVE-2024-XXXXX_1_port_format_inspector_tests_from_glance.patch
CVE-2024-XXXXX_2_Reproduce_iso_regression_with_deep_format_inspection.patch
CVE-2024-XXXXX_3_Add-iso-file-format-inspector.patch
CVE-2024-XXXXX_4_Change-force_format-strategy-to-catch-mismatches_caracal.patch
What patch am I missing?
Note I have the exact same issue in both Bobcat and Caracal (didn't try Antelope yet, will soon go for it, and all the way to Victoria).
Hi there!
Sean, I tried applying your backport patch on top of Bobcat and Caracal, and each time, it doesn't apply. I would resolve the conflicts by myself, if only this didn't mean I'm probably missing a (critical?) patch:
$ quilt push patches/ CVE-2024- XXXXX_4_ Change- force_format- strategy- to-catch- mismatches_ caracal. patch unit/virt/ libvirt/ test_utils. py unit/virt/ test_images. py unit/virt/ test_images. py
Applying patch debian/
patching file nova/tests/
patching file nova/tests/
Hunk #8 FAILED at 318.
Hunk #9 succeeded at 342 (offset -18 lines).
1 out of 9 hunks FAILED -- rejects in file nova/tests/
patching file nova/virt/images.py
Hunk #1 FAILED at 143.
1 out of 2 hunks FAILED -- rejects in file nova/virt/images.py
Note that this is my current patch stack in debian/series: 32498_1_ nova-stable- 2024.1_ Reject_ qcow_files_ with_data- file_attributes .patch 32498_2_ nova-stable- 2024.1_ Check_images_ with_format_ inspector_ for_safety. patch 32498_3_ nova-stable- 2024.1_ Additional- qemu-safety- checking- on-base- images. patch 32498_4_ Fix-vmdk_ allowed_ types-checking. patch XXXXX_1_ port_format_ inspector_ tests_from_ glance. patch XXXXX_2_ Reproduce_ iso_regression_ with_deep_ format_ inspection. patch XXXXX_3_ Add-iso- file-format- inspector. patch XXXXX_4_ Change- force_format- strategy- to-catch- mismatches_ caracal. patch
CVE-2024-
CVE-2024-
CVE-2024-
CVE-2024-
CVE-2024-
CVE-2024-
CVE-2024-
CVE-2024-
What patch am I missing?
Note I have the exact same issue in both Bobcat and Caracal (didn't try Antelope yet, will soon go for it, and all the way to Victoria).