This bug was fixed in the package nova - 2012.2.3-0ubuntu2
---------------
nova (2012.2.3-0ubuntu2) quantal-proposed; urgency=low
* Re-sync with latest security updates.
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
- debian/patches/CVE-2013-1838.patch: add explicit quota for fixed IP
- CVE-2013-1838
* SECURITY UPDATE: fix VNC token validation
- debian/patches/CVE-2013-0335.patch: force console auth service to flush
all tokens associated with an instance when it is deleted
- CVE-2013-0335
* SECURITY UPDATE: fix denial of service
- CVE-2013-1664.patch: Add a new utils.safe_minidom_parse_string function
and update external API facing Nova modules to use it
- CVE-2013-1664
-- James Page <email address hidden> Fri, 22 Mar 2013 12:40:07 +0000
This bug was fixed in the package nova - 2012.2.3-0ubuntu2
---------------
nova (2012.2.3-0ubuntu2) quantal-proposed; urgency=low
* Re-sync with latest security updates. patches/ CVE-2013- 1838.patch: add explicit quota for fixed IP patches/ CVE-2013- 0335.patch: force console auth service to flush 1664.patch: Add a new utils.safe_ minidom_ parse_string function
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
- debian/
- CVE-2013-1838
* SECURITY UPDATE: fix VNC token validation
- debian/
all tokens associated with an instance when it is deleted
- CVE-2013-0335
* SECURITY UPDATE: fix denial of service
- CVE-2013-
and update external API facing Nova modules to use it
- CVE-2013-1664
-- James Page <email address hidden> Fri, 22 Mar 2013 12:40:07 +0000