|
Bug #754900: [SRU] Nova-manage network delete does not delete from fixed_ips
|
 CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #853330: qcow format could expose host filesystem information
|
CVE-2011-3147 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Scott Moser
|
|
Bug #868360: Incorrect secret key causes user details to be revealed
|
CVE-2011-4076 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Stanislaw Pitucha
|
|
Bug #885167: Path Traversal possible when downloading an image
|
CVE-2011-4596 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Thierry Carrez
|
|
Bug #887191: OS API: XML Namespace Handling Broken
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Davanum Srinivas (DIMS)
|
|
Bug #894755: Potential directory traversal in _untarzip_image
|
CVE-2011-4596 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Thierry Carrez
|
|
Bug #904072: project_id could be overwritten to any value by URI value
|
CVE-2012-0030 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Thierry Carrez
|
|
Bug #917615: Inappropriate exception handling on kvm live/block migration
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Kei Masumoto
|
|
Bug #917963: ajaxterm/qweb.py facilitates arbitrary code execution
|
CVE-2009-1629 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Thierry Carrez
|
|
Bug #921774: snapshot stays in saving state if the vm base image is deleted
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Boris Filippov
|
|
Bug #939122: floating ips do not display in 'nova list' after association to instance
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #952176: [SRU] Cannot associate a second network/vlan to a tenant with "nova-manage network modify"
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to MotoKen
|
|
Bug #956096: Listing flavors with marker set returns 400
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Philip Knouff
|
|
Bug #962515: PUT/POST of large server name's can increase nova API log file size massively
|
CVE-2012-1585 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #962615: [SRU] Unable to list volumes after building from snapshot
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to John Griffith
|
|
Bug #967931: [SRU] killfilter should handle updated/deleted executables
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #968843: [SRU] connection leak in rpc connection pool
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Chris Behrens
|
|
Bug #969545: missing quotas on security group rules
|
CVE-2012-2101 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #971621: nova delete lxc-instance umounts the wrong rootfs
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #971640: [SRU] public key injection should be configurable
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Peng Yong
|
|
Bug #973194: [SRU] Parallel VM creation fails when nova-computes share the disks and each nova-compute node has no cached images.
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mandar Vaze
|
|
Bug #975043: [SRU] Cloudpipe VPN instance can loose connectivity after starting openvpn
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Cor Cornelisse
|
|
Bug #977007: instance live migration should create virtual_size disk image
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Yaguang Tang
|
|
Bug #977759: [SRU] With QuantumManager, nova-network does not start dnsmasq during initialization
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mandar Vaze
|
|
Bug #983206: [SRU] nova errors when keypair starts with 0XG using EC2 API
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Joe Gordon
|
|
Bug #985162: Firewall rules from nova-compute are not refreshed after host reboot
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #985184: Security groups fail to be set correctly if incorrect case is used for protocol specification
|
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #986922: Call to network_get_all_by_uuids missing 'db'
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Alex Meade
|
|
Bug #987335: [SRU] libvit/connection.py missing console_log variable
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Alvaro Lopez
|
|
Bug #988615: [SRU] xen: destroy_vdi breaks because session is not passed in
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Renuka Apte
|
|
Bug #989764: [SRU] timeout on EC2 CreateImage action is 60 hours instead of 1 hour
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Eoghan Glynn
|
|
Bug #990237: [sru] libvirt get_console_output: 'instance_name' is not defined
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #992805: test_get_console_output_file requires sudo NOPASSWD
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #992916: [SRU] nova.tests.test_nova_rootwrap fails on Fedora 17
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #993663: [SRU] dns_domains table mysql charset is 'latin1'. Should be 'utf8'
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #994935: Deleting Flavor currently in use by instance creates error
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Josh Kearney
|
|
Bug #997014: [SRU] Memory is not correctly computed for Xen+libvirt
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Alvaro Lopez
|
|
Bug #997763: floating ips are not disassociated from instances on deletion
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Trey Morris
|
|
Bug #999698: qpid timeout causing compute service to crash
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #1000261: newer `qemu-img info` causes in exception when finding the backing file for qcow2 images
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1000403: [SRU] multi scheduler does not handle capabilities updates correctly
|
CVE-2012-2101
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Armando Migliaccio
|
|
Bug #1000853: Restarting nova-network removes ip packet filters
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #1004007: Incorrect Exception raised during Create server when metadata over 255 characters
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Davanum Srinivas (DIMS)
|
|
Bug #1004298: not able to get host total memory in xen with libvirt
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1004791: When attach volume lost attach when node restart
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Smith
|
|
Bug #1006664: euca-describe-keypair NonExistent returns 200
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Joe Gordon
|
|
Bug #1007573: affinity filters don't work if scheduler_hints is None
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1010514: Source group based security group rule without protocol and port causes failures
|
CVE-2012-2654 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Soren Hansen
|
|
Bug #1012374: impl_qpid doesn't ACK messages
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #1013147: Missing filters due to nova-rootwrap hardcoding paths
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Thierry Carrez
|
|
Bug #1013689: cannot umount guestfs
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1013782: Stop/start a KVM instance with volumes attached produces an error state
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1014769: NoMoreFixedIps: Zero fixed ips available. Nova seems leaking them.
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1014925: API 'v1.1/{tenant_id}/os-hosts' does not return a list of hosts
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Joe Gordon
|
|
Bug #1015531: Remote arbitrary file corruption / creation flaw via injected files
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1015731: resize leave leftover libvirt configs
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Jian Wen
|
|
Bug #1016273: ram_allocation_ratio does not work
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Joe Gordon
|
|
Bug #1017418: NoMoreFloatingIps: Zero floating ips available after repeatedly creating and destroying instances over time
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1017795: scheduler hang (DOS) possible with DifferentHostFilter/SameHostFilter
|
CVE-2012-3371 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #1018586: cleanup_file_locks does not remove stale sentinel files
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Eugene Kirpichov
|
|
Bug #1018721: Launching with source groups under load produces lazy load error
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1020634: [nova][volumes] Exceeding volumes quotas logs "VolumeSizeTooLarge" instead of "VolumeLimitExceeded"
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Eoghan Glynn
|
|
Bug #1021340: Race condition in network/deallocate_for_instance() leads to security issue
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Phil Day
|
|
Bug #1021352: Deallocation of fixed IP occurs before security group refresh – leading to potential security issue in error / race conditions
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to David McNally
|
|
Bug #1021373: [nova][volumes] Exceeding volumes, gigabytes and floating_ips quotas returns general uninformative HTTP 500 error
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Eoghan Glynn
|
|
Bug #1022036: metadata injection is broken in xen
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1023169: update nova to report quantum floating IPs
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Akihiro Motoki
|
|
Bug #1026210: Nova flavor ephemeral space size reported incorrectly
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to David Besen
|
|
Bug #1027105: Restarting nova-compute removes ip packet filters
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Derek Higgins
|
|
Bug #1027984: nova testsuite errors on newer versions of python-boto (e.g. 2.5.2)
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Ionuț Arțăriși
|
|
Bug #1028092: Resizing a Xen instance with attached volumes fails
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Chris Behrens
|
|
Bug #1029430: KVM guests networking issues with no virbr0 and with vhost_net kernel modules loaded
|
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Adam Gandelman
|
|
Bug #1029463: Libvirt driver reports incorrect error when volume-detach fails
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Smith
|
|
Bug #1030430: qpid_heartbeat setting in ineffective
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1031311: [OSSA 2012-011] CVE-2012-3361 not fully addressed
|
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1033178: pycrypto is unused and the existing code is potentially insecure to use
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Stanislaw Pitucha
|
|
Bug #1036902: Block storage connections are NOT restored on system reboot
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Rafi Khardalian
|
|
Bug #1038266: Deleted floating ips can cause instance delete to fail
|
CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1040537: Bridge port's hairpin mode not set after resuming a machine
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Yaguang Tang
|
|
Bug #1043999: nova usage-list returns wrong usage
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Rongze Zhu
|
|
Bug #1045152: Heavily loaded nova-compute instances don't sent reports frequently enough
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Tiantian Gao
|
|
Bug #1046313: At termination, LXC rootfs is not always unmounted before rmtree() is called
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1050359: Tests fail on 32bit machines (_get_hash_str is platform dependent)
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Ben Swartzlander
|
|
Bug #1050982: ensure_default_security_group() does not call sgh
|
CVE-2012-5625
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Aaron Rosen
|
|
Bug #1053364: Add SIGPIPE handler to subprocess execution in rootwrap and utils.execute
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Thierry Carrez
|
|
Bug #1053441: Instances in vm state DELETED are preventing compute restart
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Stanislaw Pitucha
|
|
Bug #1055413: Fail to boot raw image on XenServer
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mate Lakat
|
|
Bug #1055431: Xenserver cannot boot vm_mode=xen type images
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mate Lakat
|
|
Bug #1056122: attach-time field for volumes is not updated for detach volume
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Arathi
|
|
Bug #1056242: Cloudpipe extension xml serialization doesn't return the instance(s) data
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mauro S M Rodrigues
|
|
Bug #1056285: ComputeManager does not provide block_device_info on destroy call in revert_resize
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mathew Odden
|
|
Bug #1056380: deleting security group does not mark rules as deleted
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Aaron Rosen
|
|
Bug #1056601: deletes fail when instance in RESIZED
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Chris Behrens
|
|
Bug #1057069: trigger_instance[add/remove]_security_group_refresh are never called
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Aaron Rosen
|
|
Bug #1057145: db tests fail with sqlalchemy 0.7.4
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1057196: IP Protocol for security group should be returned in lower case to be compliant with the ec2 api
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to John Herndon
|
|
Bug #1057279: console auth does not work with memcache, unicode error
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Eugene Kirpichov
|
|
Bug #1057719: libvirt: concurrent detach_volume and terminate fails
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1057730: libvirt: cannot detach volume from stopped domain
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1057756: libvirt: if exception raised during volume_detach, volume state is inconsistent
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1058273: Snapshotting LXC instance fails
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to David Kang
|
|
Bug #1059366: nova-network cannot re-generate MAC address if collision happen
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Smith
|
|
Bug #1060255: Host field set too early during builds
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Brian Elliott
|
|
Bug #1060363: Resource tracker uses regex DB query too often
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Johannes Erdfelt
|
|
Bug #1060836: libvirt: detaching volume may fail while terminating other instances on the same host concurrently
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to MotoKen
|
|
Bug #1060925: libvirt: rebuild is not using kernel and ramdisk associated with the new image
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Sirisha Devineni
|
|
Bug #1061124: Enabling Return Reservation ID with XML create server request returns no body
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Matthew Treinish
|
|
Bug #1061499: API calls to dis-associate an auto-assigned floating IP should return proper warning
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Sirisha Devineni
|
|
Bug #1061944: xen volume auto device selection always picks xvdb
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to clayg
|
|
Bug #1062033: nova-compute will assign the same device name if volume-attach continuously
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to MotoKen
|
|
Bug #1062314: do_refresh_security_group_rules in nova.virt.firewall is very slow
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Michael Still
|
|
Bug #1063851: metadata service throws 500 - NoSuchOptError
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1064083: xenapi migrations fail w/ swap
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Chris Behrens
|
|
Bug #1064359: nova-manage doesn't validate the key value supplied to update the quota
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vijaya Erukala
|
|
Bug #1064524: Nic Ordering not guaranteed with Quantum API
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mark McClain
|
|
Bug #1064713: hostname in metadata ends with . if dhcp_domain flag is empty
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to melanie witt
|
|
Bug #1065053: Nova backup image fails
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Édouard Thuleau
|
|
Bug #1065092: Resource reservation isn't rolled back properly for certain failures during Instance Create
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Andy McCrae
|
|
Bug #1065440: resize does not migrate DHCP host information
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Jian Wen
|
|
Bug #1065702: After folsom upgrade, instances can no longer access existing volumes.
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Invalid by John Griffith
|
|
Bug #1065785: volume and snapshot IDs do not correctly map to UUIDs after folsom upgrade
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Adam Gandelman
|
|
Bug #1066513: live_migration missing migrate_data parameter in Hyper-V driver
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Alessandro Pilotti
|
|
Bug #1066887: live-migration and volume host assignement
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Alex Handle
|
|
Bug #1067214: forget to release resource when terminate an instance from a failed compute node
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1068716: Instances deleted during spawn leak network allocations
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Jason Kölker
|
|
Bug #1069099: block device mappings for deleted instances are leaked
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Eoghan Glynn
|
|
Bug #1069573: Cloudpipe in Folsom: no such option: cnt_vpn_clients
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1069904: [OSSA 2013-001] No authentication on block device used for os-volume_boot
|
CVE-2013-0208 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1070045: Nova API does not work with QuantumV2 API subclasses
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mark McClain
|
|
Bug #1070138: admin can't describe all images in ec2 api
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to MotoKen
|
|
Bug #1070509: nova-api now requires quantumclient
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Michael Still
|
|
Bug #1070539: [OSSA 2012-020] create_lvm_image allocates dirty blocks (CVE-2012-5625)
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Thierry Carrez
|
|
Bug #1071069: After restarting an instance volume is lost
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1071168: 'BackupCreate' should accept rotation parameter greater than or equal to zero
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Édouard Thuleau
|
|
Bug #1071536: typo prevents volume_tmp_dir flag from working
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1071595: finish_resize failures result in NoneType exception
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Chris Behrens
|
|
Bug #1071600: confirm_resize mgr call requires admin context
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Chris Behrens
|
|
Bug #1073306: [OSSA 2013-030] xenapi migrations don't apply security group filters (CVE-2013-4497)
|
CVE-2013-4497 |
|
OpenStack Compute (nova)
|
Fix released, assigned to John Garbutt
|
|
Bug #1073569: Jenkins jobs fail because of incompatibility between sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1
|
CVE-2012-4573
CVE-2012-5563
CVE-2012-5571 |
|
OpenStack Compute (nova)
|
Fix released (unassigned)
|
|
Bug #1073600: Compute manager doesn't update 'host' field when it tries to run a VM
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Édouard Thuleau
|
|
Bug #1073720: libvirt reboot sometimes fails to reattach volumes
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1073736: Calls to to_xml() to generate XML for a soft deleted flavor fail
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Rafi Khardalian
|
|
Bug #1073858: nova-api crashes if it is run with nobody account.
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #1074437: disassociate_floating_ip with multi_host=True fails
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Brian Waldon
|
|
Bug #1075017: libvirt imagecache still runs even if disabled
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Michael Still
|
|
Bug #1075018: libvirt imagecache should handle shared image storage
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Michael Still
|
|
Bug #1075859: use_single_default_gateway does not function correctly
|
CVE-2012-5625
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Joe Breu
|
|
Bug #1076308: Logging CPU incompatibility when attempting live migration fails
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Darren Worrall
|
|
Bug #1078085: Nova does not delete the LV on LVM backed VMs
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Yaguang Tang
|
|
Bug #1078718: Fixed IP isn't released before updating DHCP host file
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Édouard Thuleau
|
|
Bug #1079113: disk path not exists when using LXC with libvirt_images_type=lvm
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Qiu Yu
|
|
Bug #1079387: 413 error code doesn't always provide Retry-After
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Sean Dague
|
|
Bug #1079745: Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes attached
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1080406: DisassociateAddress can cause Internal Server Error
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Michael Still
|
|
Bug #1081436: Only return the last N lines of the console log
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Michael Still
|
|
Bug #1081836: nova-compute (folsom) fails to start, compute_driver is None
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1083818: Detached and deleted RBD volumes remain associated with instance
|
CVE-2012-5625 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1091939: nova-network applies too liberal a SNAT rule
|
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1100282: [OSSA 2013-004] DoS through XML entity expansion (CVE-2013-1664)
|
CVE-2013-1664 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Prince
|
|
Bug #1125378: [OSSA-2013-006] VNC proxy can be made to connect to wrong VM
|
CVE-2013-0335 |
|
OpenStack Compute (nova)
|
Fix released, assigned to John Herndon
|
|
Bug #1125468: [OSSA 2013-008] DOS by allocating all fixed ips
|
CVE-2013-1838 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Michael Still
|
|
Bug #1129748: image files in _base should not be world-readable
|
CVE-2013-0326 |
|
OpenStack Compute (nova)
|
Opinion (unassigned)
|
|
Bug #1174608: [OSSA 2013-010] Insecure directory creation for signing
|
CVE-2013-2030 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #1177830: [OSSA 2013-012] Unchecked qcow2 root disk sizes
|
CVE-2013-2096 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Chet Burgess
|
|
Bug #1184041: [OSSA 2013-020] Denial of Service in Nova network source security groups (CVE-2013-4185)
|
CVE-2013-4185 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Vish Ishaya
|
|
Bug #1190229: [OSSA 2013-023] Potential unsafe XML usage (CVE-2013-4179, CVE-2013-4202)
|
CVE-2013-4179
CVE-2013-4202 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Michael Still
|
|
Bug #1194093: [OSSA 2013-019] Resource limit circumvention in Nova private flavors (CVE-2013-2256)
|
CVE-2013-2256 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #1202266: [OSSA 2013-030] xenapi: secgroups are not in place after live-migration (CVE-2013-4497)
|
CVE-2013-4497 |
|
OpenStack Compute (nova)
|
Fix released, assigned to John Garbutt
|
|
Bug #1206081: [OSSA 2013-029] Unchecked qcow2 root disk sizes DoS
|
CVE-2013-4463
CVE-2013-4469 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Pádraig Brady
|
|
Bug #1212179: [OSSA 2013-024] nova should check the is_public of flavor when creating an instance
|
CVE-2013-4278 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Russell Bryant
|
|
Bug #1215091: [OSSA 2013-026] Some sequence of characters in console-log can DoS nova-compute (CVE-2013-4261)
|
CVE-2013-4261 |
|
OpenStack Compute (nova)
|
Invalid by Michael Still
|
|
Bug #1227027: [OSSA 2014-001] Insecure directory permissions with snapshot code (CVE-2013-7048)
|
CVE-2013-7048 |
|
OpenStack Compute (nova)
|
Fix released (unassigned)
|
|
Bug #1235450: [OSSA 2013-033] Metadata queries from Neutron to Nova are not restricted by tenant (CVE-2013-6419)
|
CVE-2013-6419 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Aaron Rosen
|
|
Bug #1251590: [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130)
|
CVE-2013-7130 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Nikola Đipanov
|
|
Bug #1253980: [OSSA 2013-037] DoS attack via setting os_type in snapshots (CVE-2013-6437)
|
CVE-2013-6437 |
|
OpenStack Compute (nova)
|
Fix released, assigned to moorryan
|
|
Bug #1269418: [OSSA 2014-017] nova rescue doesn't put VM into RESCUE status on vmware (CVE-2014-2573)
|
CVE-2014-2573 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Gary Kotton
|
|
Bug #1290537: [0SSA 2014-011] RBAC policy not enforced when adding a security group rule using EC2 API (CVE-2014-0167)
|
CVE-2014-0167 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Andrew Laski
|
|
Bug #1325128: [OSSA 2014-024] nova metadata does not use a constant time compare for validating an HMAC token (CVE-2014-3517)
|
CVE-2014-3517 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Grant Murphy
|
|
Bug #1338830: [OSSA 2014-032] Nova VMware driver still leaks rescued images (CVE-2014-3608)
|
CVE-2014-2573
CVE-2014-3608 |
|
OpenStack Compute (nova)
|
Invalid by Andrew Laski
|
|
Bug #1341954: suds client subject to cache poisoning by local attacker
|
CVE-2013-2217 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Davanum Srinivas (DIMS)
|
|
Bug #1343604: Exceptions thrown, and messages logged by execute() may include passwords (CVE-2014-7230)
|
CVE-2014-7230 |
|
OpenStack Compute (nova)
|
Fix released (unassigned)
|
|
Bug #1345233: Make the checks in strutils.mask_password more secure (CVE-2014-7231)
|
CVE-2014-7231 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1357372: [oss-security] [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750)
|
CVE-2014-8750 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Gary Kotton
|
|
Bug #1358583: [OSSA 2014-038] List instances by IP results in DoS of nova-network (CVE-2014-3708)
|
CVE-2014-3708 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Tristan Cacqueray
|
|
Bug #1374999: iSCSI volume detach does not correctly remove the multipath device descriptors
|
CVE-2013-1068 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1377981: [OSSA 2014-036] Missing fix for ssh_execute (Exceptions thrown may contain passwords) (CVE-2014-7230, CVE-2014-7231)
|
CVE-2014-7230
CVE-2014-7231 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Tristan Cacqueray
|
|
Bug #1387543: [OSSA 2015-015] Resize/delete combo allows to overload nova-compute (CVE-2015-3241)
|
CVE-2015-3241 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Abhishek Kekane
|
|
Bug #1392527: [OSSA 2015-017] Deleting instance while resize instance is running leads to unuseable compute nodes (CVE-2015-3280)
|
CVE-2015-3280 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Tristan Cacqueray
|
|
Bug #1409142: [OSSA 2015-005] Websocket Hijacking Vulnerability in Nova VNC Server (CVE-2015-0259)
|
CVE-2015-0259 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dave McCowan
|
|
Bug #1415087: [OSSA 2015-011] Format-guessing and file disclosure in image convert (CVE-2015-1850, CVE-2015-1851)
|
CVE-2015-1850
CVE-2015-1851 |
|
OpenStack Compute (nova)
|
Invalid by Tony Breeds
|
|
Bug #1419577: when live-migrate failed, lun-id couldn't be rollback in havana
|
CVE-2015-2687 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Lee Yarwood
|
|
Bug #1449062: [OSSA 2016-012] qemu-img calls need to be restricted by ulimit (CVE-2015-5162)
|
CVE-2015-1850
CVE-2015-1851
CVE-2015-5162 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Daniel Berrange
|
|
Bug #1474079: Cross-site web socket connections fail on Origin and Host header mismatch
|
CVE-2015-0259 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Mike Dorman
|
|
Bug #1492140: [OSSA-2020-001] Nova can leak consoleauth token into log files (CVE-2015-9543)
|
CVE-2015-9543 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Balazs Gibizer
|
|
Bug #1516765: [OSSA 2016-002] xenapi: volume_utils._parse_volume_info can leak connection password via StorageError (CVE-2015-8749)
|
CVE-2015-8749 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Matt Riedemann
|
|
Bug #1518016: [SRU] Nova kilo requires concurrency 1.8.2 or better
|
CVE-2013-1068 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1524274: [OSSA 2016-001] Unprivileged api user can access host data using instance snapshot (CVE-2015-7548)
|
CVE-2015-7548 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Matthew Booth
|
|
Bug #1529836: Fix deprecated library function (os.popen()).
|
CVE-2016-0738 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Harshada Mangesh Kakad
|
|
Bug #1548450: [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140)
|
CVE-2016-2140 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Lee Yarwood
|
|
Bug #1558697: [kilo] libvirt block migrations fail due to disk_info being an encoded JSON string
|
CVE-2016-2140 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1589821: cleanup_incomplete_migrations periodic task regression with commit 099cf53 (CVE-2016-7498)
|
CVE-2015-3280
CVE-2016-7498 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Matt Riedemann
|
|
Bug #1664931: [OSSA-2017-005] nova rebuild ignores all image properties and scheduler filters (CVE-2017-16239)
|
CVE-2017-16239 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Matt Riedemann
|
|
Bug #1673569: [OSSA-2017-002] Failed notification payload is dumped in logs with auth secrets (CVE-2017-7214)
|
CVE-2017-7214 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Balazs Gibizer
|
|
Bug #1732976: [OSSA-2017-006] Potential DoS by rebuilding the same instance with a new image multiple times (CVE-2017-17051)
|
CVE-2017-16239
CVE-2017-17051 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Dan Smith
|
|
Bug #1734320: Eavesdropping private traffic
|
CVE-2018-14636 |
|
OpenStack Compute (nova)
|
Fix released, assigned to sean mooney
|
|
Bug #1739593: [OSSA-2018-001] Swapping encrypted volumes can lead to data loss and a possible compute host DOS attack (CVE-2017-18191)
|
CVE-2017-18191 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Lee Yarwood
|
|
Bug #1816468: [SRU] Acceleration cinder - glance with ceph not working
|
CVE-2019-14433 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Edward Hope-Morley
|
|
Bug #1837877: [OSSA-2019-003] Nova Server Resource Faults Leak External Exception Details (CVE-2019-14433)
|
CVE-2019-14433 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Matt Riedemann
|
|
Bug #1890501: [OSSA-2020-006] Soft reboot after live-migration reverts instance to original source domain XML (CVE-2020-17376)
|
CVE-2020-17376 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Lee Yarwood
|
|
Bug #1927677: [OSSA-2021-002] Open Redirect in noVNC proxy (CVE-2021-3654)
|
CVE-2021-3654 |
|
OpenStack Compute (nova)
|
Fix released (unassigned)
|
|
Bug #1960758: UEFI libvirt servers can't boot on Ubuntu 20.04 hypervisors with Ussuri/Victoria
|
CVE-2023-2088 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #1981813: Compute service fails to restart if the vnic_type of a bound port changed from direct to macvtap (CVE-2022-37394)
|
CVE-2022-37394 |
|
OpenStack Compute (nova)
|
Fix released, assigned to Balazs Gibizer
|
|
Bug #1996188: [OSSA-2023-002] Arbitrary file access through custom VMDK flat descriptor (CVE-2022-47951)
|
CVE-2022-47951 |
|
OpenStack Compute (nova)
|
Fix released (unassigned)
|
|
Bug #2004555: [OSSA-2023-003] Unauthorized volume access through deleted volume attachments (CVE-2023-2088)
|
CVE-2023-2088 |
|
OpenStack Compute (nova)
|
Fix released (unassigned)
|
|
Bug #2019460: nova-compute 23.2.2-0ubuntu1~cloud2 unable to detach volumes
|
CVE-2023-2088 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
|
Bug #2039381: Regarding Nova's inability to delete the Cinder volume for creating virtual machines (version Y)
|
CVE-2023-2088 |
|
OpenStack Compute (nova)
|
Invalid (unassigned)
|
