Ubuntu
nova package

  1. Bug #1116671
  2. Comment #26

Comment 26 for bug 1116671

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nova - 2012.2.3-0ubuntu2

---------------
nova (2012.2.3-0ubuntu2) quantal-proposed; urgency=low

  * Re-sync with latest security updates.
  * SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
    - debian/patches/CVE-2013-1838.patch: add explicit quota for fixed IP
    - CVE-2013-1838
  * SECURITY UPDATE: fix VNC token validation
    - debian/patches/CVE-2013-0335.patch: force console auth service to flush
      all tokens associated with an instance when it is deleted
    - CVE-2013-0335
  * SECURITY UPDATE: fix denial of service
    - CVE-2013-1664.patch: Add a new utils.safe_minidom_parse_string function
      and update external API facing Nova modules to use it
    - CVE-2013-1664
 -- James Page <email address hidden> Fri, 22 Mar 2013 12:40:07 +0000