[SRU] python-eventlet configurable socket_timeout support

Bug #1419117 reported by Corey Bryant on 2015-02-06
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cinder (Ubuntu)
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
neutron (Ubuntu)
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
nova (Ubuntu)
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
python-eventlet (Ubuntu)
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned

Bug Description

[Impact]
The recent 2014.2.2 juno release of cinder is using configurable socket_timeout support in python-eventlet to fix a security-related bug (bug #1361360), however socket_timeout is not yet available in the 0.13.0 version of python-eventlet that is in utopic. The corresponding cinder commit is f88dc8495f7ec5dc7f1b01c43f0237141af6b98f "Add client_socket_timeout option".

[Test Case]
Ensure socket_timeout is configurable with python-eventlet.

[Regression Potential]
Fix is upstream for both projects
7d4916f01462de09cb58853d9de2e85777c2ad5b in python-eventlet
f88dc8495f7ec5dc7f1b01c43f0237141af6b98f in cinder

Related branches

Changed in nova (Ubuntu):
status: New → Invalid
Changed in python-eventlet (Ubuntu):
status: New → Invalid
Corey Bryant (corey.bryant) wrote :

The 2014.2.2 juno versions of nova and neutron also depend on this python-eventlet fix.

Hello Corey, or anyone else affected,

Accepted python-eventlet into utopic-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/python-eventlet/0.13.0-1ubuntu3.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in python-eventlet (Ubuntu Utopic):
status: New → Fix Committed
tags: added: verification-needed
description: updated
Changed in nova (Ubuntu):
status: Invalid → In Progress
status: In Progress → Invalid
Changed in neutron (Ubuntu):
status: New → Invalid
Changed in cinder (Ubuntu):
status: New → Invalid
Chris J Arges (arges) wrote :

Hello Corey, or anyone else affected,

Accepted nova into utopic-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/nova/1:2014.2.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in nova (Ubuntu Utopic):
status: New → Fix Committed
Changed in cinder (Ubuntu Utopic):
status: New → Fix Committed
Chris J Arges (arges) wrote :

Hello Corey, or anyone else affected,

Accepted cinder into utopic-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/cinder/1:2014.2.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in neutron (Ubuntu Utopic):
status: New → Fix Committed
Chris J Arges (arges) wrote :

Hello Corey, or anyone else affected,

Accepted neutron into utopic-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/neutron/1:2014.2.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Corey Bryant (corey.bryant) wrote :

Thanks Chris. Testing has successfully completed on all of these packages.

tags: added: verification-done
Corey Bryant (corey.bryant) wrote :

I've nominated python-eventlet for trusty. This is needed to support the openstack packages in the ubuntu cloud archive. The other packages do not need to be included in the trusty nomination.

Chris J Arges (arges) wrote :

Hello Corey, or anyone else affected,

Accepted python-eventlet into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/python-eventlet/0.13.0-1ubuntu2.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: removed: verification-done
Changed in python-eventlet (Ubuntu Trusty):
status: New → Fix Committed
tags: added: verification-done-utopic verification-needed-trusty
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package python-eventlet - 0.13.0-1ubuntu3.1

---------------
python-eventlet (0.13.0-1ubuntu3.1) utopic; urgency=medium

  * debian/patches/socket-timeout.patch: Cherry-pick patch to provide
    socket_timeout support (LP: #1419117).
 -- Corey Bryant <email address hidden> Mon, 09 Feb 2015 13:31:20 +0000

Changed in python-eventlet (Ubuntu Utopic):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for python-eventlet has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

tags: added: utopic
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nova - 1:2014.2.2-0ubuntu1

---------------
nova (1:2014.2.2-0ubuntu1) utopic; urgency=medium

  [ Corey Bryant ]
  * Resynchronize with stable/juno (0bad3b1) (LP: #1418695):
    - [965fd30] Eventlet green threads not released back to pool
    - [4349015] Fix unit test failure due to tests sharing mocks
    - [33e0813] Fix image metadata returned for volumes
    - [af3af77] Fixes Hyper-V boot from volume live migration
    - [8c07d42] Add LibvirtGPFSVolumeDriver class
    - [1e4088f] Truncate encoded instance message to 255 or fewer
    - [4c1f28a] Fix connecting unnecessary iSCSI sessions issue
    - [4d91175] Add handling of BadRequest from Neutron
    - [9ee1a0f] only emit deprecation warnings once
    - [56e3dd3] Make ec2 auth support v4 signature format
    - [9f81d9b] Update eventlet API in libvirt driver
    - [2dec248] Unshelving a volume backed instance doesn't work
    - [d9bcfab] Return floating_ip['fixed_ip']['instance_uuid'] from neutronv2 API
    - [5e44c9f] fix pep8 errors that apparently slipped in
    - [7307dba] Fix disconnecting necessary iSCSI sessions issue
    - [eb58ed4] libvirt: safe_decode domain.XMLDesc(0) for i18n logging
    - [ee66c04] Fix ironic delete fails when flavor deleted
    - [39097d3] Add virtual interface before add fixed IP on nova-network
    - [46fa995] Fix live migration api stuck when migrate to old nova node
    - [2da2341] Extends use of ServiceProxy to more methods in HostAPI in cells
    - [699b467] Don't make a no-op DB call
    - [8a3b609] Fix libvirt watchdog support
    - [4dd5080] VMware: fix compute node exception when no hosts in cluster
    - [0bad3b1] Sync strutils from oslo-incubator for mask_password fix
  * d/control: Bump minimum python-eventlet to get socket_timeout support.
    (LP: #1419117).
 -- Chuck Short <email address hidden> Mon, 09 Feb 2015 15:38:28 -0500

Changed in nova (Ubuntu Utopic):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package neutron - 1:2014.2.2-0ubuntu1

---------------
neutron (1:2014.2.2-0ubuntu1) utopic; urgency=medium

  [ Corey Bryant ]
  * Resynchronize with stable/juno (615e2d6) (LP: #1418695):
    - [3f73028] Configures RADVD to send managed flag in RA for DHCP_STATEFUL
    - [57bbce1] Arista L3 Ops is success if it is successful on one peer
    - [c1e2941] Fixes blocking of VRF config in Arista L3 Plugin
    - [81f1a7b] Do not duplicate message consumers
    - [fbabf07] If router is HA, get current_cidrs from keepalived object
    - [3332d4f] Fix AttributeError during startup of ovs agent in DVR mode
    - [755f2ad] Fix IP allocation for multiple slaac subnets
    - [e27f00d] Fix IPv6 Subnet Slaac Check
    - [88b73e6] Catch StaleDataError in update_device_down
    - [6d9dd88] Speed up initial L3 full sync time
    - [dbc630a] Make L3 HA VIPs ordering consistent in keepalived.conf
    - [82bf4af] Specify prefix length for IPv6 subnets
    - [42630f9] Fix for KeyError: 'gw_port_host' on l3_agent
    - [7c82512] NSX: synchronize floating IP operations
    - [5531d6d] NSX: Remove logic for creating chained logical switches
    - [b80a68e] [apic ml2] Bind ports regardless of the owner
    - [175e869] Reset policies after RESOURCE_ATTRIBUTE_MAP is populated
    - [66a91dd] Use stop() method on MessageHandlingServer
    - [097607a] Issue warning when running DHCP agent with dnsmasq < 2.67
    - [560ef81] Fix neutron hang for IPv6 allocation pool update
    - [f979dd6] Fix for FIPs duplicated across hosts for DVR
    - [327e325] ipv6: set OtherConfig flag for DHCPv6 stateless subnets
    - [6c490a9] radvd: pass -m syslog to avoid thread lock for radvd 2.0+
    - [a89ae1b] Eventlet green threads not released back to pool
    - [c6ef4e8] return the dict of port when no sec-group involved
    - [ab8f277] Moves the HA resource creations outside of transaction
    - [b776d19] Delete FIP namespace when last VM is deleted
    - [81ecf5b] Fix race condition on processing DVR floating IPs
    - [b297604] Fix a race condition adding a security group rule
    - [2f97180] Auto allocate gateway_ip even for SLAAC subnets
    - [6068320] Fix enable_metadata_network flag
    - [c96217a] Teach DHCP Agent about DVR router interfaces
    - [615e2d6] BSN: Optimistic locking strategy for consistency
  * d/control: Bump minimum python-eventlet to get socket_timeout support.
    (LP: #1419117).
 -- Chuck Short <email address hidden> Mon, 09 Feb 2015 15:36:16 -0500

Changed in neutron (Ubuntu Utopic):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cinder - 1:2014.2.2-0ubuntu1

---------------
cinder (1:2014.2.2-0ubuntu1) utopic; urgency=medium

  [ Corey Bryant ]
  * Resynchronize with stable/juno (dc00837) (LP: #1418695):
    - [f88dc84] Add client_socket_timeout option
    - [ab9a1ad] Create "image_conversion_dir" before creating temporary file
    - [6020cc6] Defining the variable "tmp" before try block
    - [67cdc1f] Set 'driver_volume_type' to 'gpfs'
    - [0b2f278] Garbage Remains when Attached Volume is Migrated with NFS Driver
    - [215fb06] NetApp fix to set non default server port in api
    - [7ebaf68] Fix eqlx endless loop when server closes the connection
    - [58f7633] Fix eqlx CLI output parsing on bad input
    - [32f7788] Fix zfssa driver volume attach to work with latest zfssa software
    - [ed4681f] LIO: Fix UnboundLocalError in ensure_export
    - [3965a5f] Remove import of private _lazy module
    - [23c77ed] Mock calls to rpm and dpkg from NetApp unit tests
    - [81a308d] NetApp E-series: Do not log passwords in requests
    - [ae717b1] Ensure that lun_id is an int for NetApp Drivers
    - [36bb8c2] Catch ImageNotFound exception when deleting rbd volume
    - [a843aff] Correct the message string
    - [08bf231] Fix NetApp AutoSupport Shortcomings.
    - [4b6b7c3] Raise exception if invalid IP is specified
    - [dc00837] NetApp 7mode NFS driver doesn't honor netapp_vfiler option
  * d/p/fix-requirements.patch: Rebased.
  * d/p/revert-oslo-i18n-changes.patch: Added to revert use of oslo.i18n support
    that is not in utopic.
  * d/control: Bump minimum python-eventlet to get socket_timeout support.
    (LP: #1419117).
 -- Chuck Short <email address hidden> Mon, 09 Feb 2015 15:01:22 -0500

Changed in cinder (Ubuntu Utopic):
status: Fix Committed → Fix Released
Changed in cinder (Ubuntu Trusty):
status: New → Invalid
Changed in neutron (Ubuntu Trusty):
status: New → Invalid
Changed in nova (Ubuntu Trusty):
status: New → Invalid
James Page (james-page) on 2015-05-26
tags: added: verification-done-trusty
removed: verification-needed-trusty
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package python-eventlet - 0.13.0-1ubuntu2.1

---------------
python-eventlet (0.13.0-1ubuntu2.1) trusty-proposed; urgency=medium

  * debian/patches/socket-timeout.patch: Cherry-pick patch to provide
    socket_timeout support (LP: #1419117).
 -- Corey Bryant <email address hidden> Wed, 18 Feb 2015 12:25:44 -0500

Changed in python-eventlet (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers