Reviewed: https://review.openstack.org/2284 Committed: http://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6 Submitter: James E. Blair (<email address hidden>) Branch: stable/diablo
tag in-stable-diablo done
commit 76363226bd8533256f7795bba358d7f4b8a6c9e6 Author: Thierry Carrez <email address hidden> Date: Thu Dec 1 17:54:16 2011 +0100
Sanitize EC2 manifests and image tarballs
Prevent potential directory traversal with malicious EC2 image tarballs, by making sure the tarfile is safe before unpacking it. Fixes bug 894755
Prevent potential directory traversal with malicious file names in EC2 image manifests. Fixes bug 885167
(cherry picked from commit ad3241929ea00569c74505ed002208ce360c667e)
Change-Id: If6109047307bd6e654ee9d1254f0d7f31cf741c1
Reviewed: https:/ /review. openstack. org/2284 github. com/openstack/ nova/commit/ 76363226bd85332 56f7795bba358d7 f4b8a6c9e6
Committed: http://
Submitter: James E. Blair (<email address hidden>)
Branch: stable/diablo
tag in-stable-diablo
done
commit 76363226bd85332 56f7795bba358d7 f4b8a6c9e6
Author: Thierry Carrez <email address hidden>
Date: Thu Dec 1 17:54:16 2011 +0100
Sanitize EC2 manifests and image tarballs
Prevent potential directory traversal with malicious EC2 image tarballs,
by making sure the tarfile is safe before unpacking it. Fixes bug 894755
Prevent potential directory traversal with malicious file names in
EC2 image manifests. Fixes bug 885167
(cherry picked from commit ad3241929ea0056 9c74505ed002208 ce360c667e)
Change-Id: If6109047307bd6 e654ee9d1254f0d 7f31cf741c1