© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Hi Brian,
> I feel like the CVE referenced in the nova upload,
> should have an Ubuntu yakkety task.
I've uploaded a new version with the changelog updated to call out the CVE fix and I've also updated the CVE bug to target the corresponding ubuntu and cloud archive releases. Note, It looks like we need to get this uploaded for Ocata too.
>
> I'm not sure I've seen an SRU with a CVE fix in it though, is this normally done?
I think this is normal. Upstream cuts stable releases per project whenever the project thinks it's needed (until EOL which tends to be approx one year for upstream openstack). And with the CVE being the last 2 commits prior to the 14.0.5 release, it looks like they did the right thing in getting it out the door when they did.
Corey