Comment 14 for bug 894755
Revision history for this message
| Openstack Gerrit (openstack-gerrit) wrote Fix merged to nova (stable/diablo) | #14 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Reviewed: https:/
Committed: http://
Submitter: James E. Blair (<email address hidden>)
Branch: stable/diablo
tag in-stable-diablo
done
commit 76363226bd85332
Author: Thierry Carrez <email address hidden>
Date: Thu Dec 1 17:54:16 2011 +0100
Sanitize EC2 manifests and image tarballs
Prevent potential directory traversal with malicious EC2 image tarballs,
by making sure the tarfile is safe before unpacking it. Fixes bug 894755
Prevent potential directory traversal with malicious file names in
EC2 image manifests. Fixes bug 885167
(cherry picked from commit ad3241929ea0056
Change-Id: If6109047307bd6