[SRU] python-eventlet configurable socket_timeout support
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| cinder (Ubuntu) |
Undecided
|
Unassigned | |||
| Trusty |
Undecided
|
Unassigned | |||
| Utopic |
Undecided
|
Unassigned | |||
| neutron (Ubuntu) |
Undecided
|
Unassigned | |||
| Trusty |
Undecided
|
Unassigned | |||
| Utopic |
Undecided
|
Unassigned | |||
| nova (Ubuntu) |
Undecided
|
Unassigned | |||
| Trusty |
Undecided
|
Unassigned | |||
| Utopic |
Undecided
|
Unassigned | |||
| python-eventlet (Ubuntu) |
Undecided
|
Unassigned | |||
| Trusty |
Undecided
|
Unassigned | |||
| Utopic |
Undecided
|
Unassigned | |||
Bug Description
[Impact]
The recent 2014.2.2 juno release of cinder is using configurable socket_timeout support in python-eventlet to fix a security-related bug (bug #1361360), however socket_timeout is not yet available in the 0.13.0 version of python-eventlet that is in utopic. The corresponding cinder commit is f88dc8495f7ec5d
[Test Case]
Ensure socket_timeout is configurable with python-eventlet.
[Regression Potential]
Fix is upstream for both projects
7d4916f01462de0
f88dc8495f7ec5d
Related branches
- Ubuntu Server Developers: Pending requested 2015-02-11
-
Diff: 10 lines (+1/-0)1 file modifieddebian/changelog (+1/-0)
- Ubuntu branches: Pending requested 2015-02-06
-
Diff: 115 lines (+95/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/series (+1/-0)
debian/patches/socket-timeout.patch (+87/-0)
- Ubuntu Server Developers: Pending requested 2015-02-11
-
Diff: 10 lines (+1/-0)1 file modifieddebian/changelog (+1/-0)
- Ubuntu Server Developers: Pending requested 2015-02-11
-
Diff: 10 lines (+1/-0)1 file modifieddebian/changelog (+1/-0)
- Ubuntu branches: Pending requested 2015-02-18
-
Diff: 114 lines (+95/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/series (+1/-0)
debian/patches/socket-timeout.patch (+87/-0)
- Ubuntu Development Team: Pending requested 2015-02-20
-
Diff: 114 lines (+53/-20)3 files modifieddebian/changelog (+7/-0)
debian/patches/sslwrap.diff (+25/-12)
eventlet/green/ssl.py (+21/-8)
| Changed in nova (Ubuntu): | |
| status: | New → Invalid |
| Changed in python-eventlet (Ubuntu): | |
| status: | New → Invalid |
| Corey Bryant (corey.bryant) wrote : | #1 |
Hello Corey, or anyone else affected,
Accepted python-eventlet into utopic-proposed. The package will build now and be available at http://
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-
Further information regarding the verification process can be found at https:/
| Changed in python-eventlet (Ubuntu Utopic): | |
| status: | New → Fix Committed |
| tags: | added: verification-needed |
| description: | updated |
| Changed in nova (Ubuntu): | |
| status: | Invalid → In Progress |
| status: | In Progress → Invalid |
| Changed in neutron (Ubuntu): | |
| status: | New → Invalid |
| Changed in cinder (Ubuntu): | |
| status: | New → Invalid |
| Chris J Arges (arges) wrote : | #3 |
Hello Corey, or anyone else affected,
Accepted nova into utopic-proposed. The package will build now and be available at http://
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-
Further information regarding the verification process can be found at https:/
| Changed in nova (Ubuntu Utopic): | |
| status: | New → Fix Committed |
| Changed in cinder (Ubuntu Utopic): | |
| status: | New → Fix Committed |
| Chris J Arges (arges) wrote : | #4 |
Hello Corey, or anyone else affected,
Accepted cinder into utopic-proposed. The package will build now and be available at http://
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-
Further information regarding the verification process can be found at https:/
| Changed in neutron (Ubuntu Utopic): | |
| status: | New → Fix Committed |
| Chris J Arges (arges) wrote : | #5 |
Hello Corey, or anyone else affected,
Accepted neutron into utopic-proposed. The package will build now and be available at http://
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-
Further information regarding the verification process can be found at https:/
| Corey Bryant (corey.bryant) wrote : | #6 |
Thanks Chris. Testing has successfully completed on all of these packages.
| tags: | added: verification-done |
| Corey Bryant (corey.bryant) wrote : | #7 |
I've nominated python-eventlet for trusty. This is needed to support the openstack packages in the ubuntu cloud archive. The other packages do not need to be included in the trusty nomination.
| Chris J Arges (arges) wrote : | #8 |
Hello Corey, or anyone else affected,
Accepted python-eventlet into trusty-proposed. The package will build now and be available at http://
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-
Further information regarding the verification process can be found at https:/
| tags: | removed: verification-done |
| Changed in python-eventlet (Ubuntu Trusty): | |
| status: | New → Fix Committed |
| tags: |
added: verification-done-utopic verification-needed-trusty removed: verification-needed |
| Launchpad Janitor (janitor) wrote : | #9 |
This bug was fixed in the package python-eventlet - 0.13.0-1ubuntu3.1
---------------
python-eventlet (0.13.0-1ubuntu3.1) utopic; urgency=medium
* debian/
socket_timeout support (LP: #1419117).
-- Corey Bryant <email address hidden> Mon, 09 Feb 2015 13:31:20 +0000
| Changed in python-eventlet (Ubuntu Utopic): | |
| status: | Fix Committed → Fix Released |
The verification of the Stable Release Update for python-eventlet has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
| tags: | added: utopic |
| Launchpad Janitor (janitor) wrote : | #11 |
This bug was fixed in the package nova - 1:2014.2.2-0ubuntu1
---------------
nova (1:2014.
[ Corey Bryant ]
* Resynchronize with stable/juno (0bad3b1) (LP: #1418695):
- [965fd30] Eventlet green threads not released back to pool
- [4349015] Fix unit test failure due to tests sharing mocks
- [33e0813] Fix image metadata returned for volumes
- [af3af77] Fixes Hyper-V boot from volume live migration
- [8c07d42] Add LibvirtGPFSVolu
- [1e4088f] Truncate encoded instance message to 255 or fewer
- [4c1f28a] Fix connecting unnecessary iSCSI sessions issue
- [4d91175] Add handling of BadRequest from Neutron
- [9ee1a0f] only emit deprecation warnings once
- [56e3dd3] Make ec2 auth support v4 signature format
- [9f81d9b] Update eventlet API in libvirt driver
- [2dec248] Unshelving a volume backed instance doesn't work
- [d9bcfab] Return floating_
- [5e44c9f] fix pep8 errors that apparently slipped in
- [7307dba] Fix disconnecting necessary iSCSI sessions issue
- [eb58ed4] libvirt: safe_decode domain.XMLDesc(0) for i18n logging
- [ee66c04] Fix ironic delete fails when flavor deleted
- [39097d3] Add virtual interface before add fixed IP on nova-network
- [46fa995] Fix live migration api stuck when migrate to old nova node
- [2da2341] Extends use of ServiceProxy to more methods in HostAPI in cells
- [699b467] Don't make a no-op DB call
- [8a3b609] Fix libvirt watchdog support
- [4dd5080] VMware: fix compute node exception when no hosts in cluster
- [0bad3b1] Sync strutils from oslo-incubator for mask_password fix
* d/control: Bump minimum python-eventlet to get socket_timeout support.
(LP: #1419117).
-- Chuck Short <email address hidden> Mon, 09 Feb 2015 15:38:28 -0500
| Changed in nova (Ubuntu Utopic): | |
| status: | Fix Committed → Fix Released |
| Launchpad Janitor (janitor) wrote : | #12 |
This bug was fixed in the package neutron - 1:2014.2.2-0ubuntu1
---------------
neutron (1:2014.
[ Corey Bryant ]
* Resynchronize with stable/juno (615e2d6) (LP: #1418695):
- [3f73028] Configures RADVD to send managed flag in RA for DHCP_STATEFUL
- [57bbce1] Arista L3 Ops is success if it is successful on one peer
- [c1e2941] Fixes blocking of VRF config in Arista L3 Plugin
- [81f1a7b] Do not duplicate message consumers
- [fbabf07] If router is HA, get current_cidrs from keepalived object
- [3332d4f] Fix AttributeError during startup of ovs agent in DVR mode
- [755f2ad] Fix IP allocation for multiple slaac subnets
- [e27f00d] Fix IPv6 Subnet Slaac Check
- [88b73e6] Catch StaleDataError in update_device_down
- [6d9dd88] Speed up initial L3 full sync time
- [dbc630a] Make L3 HA VIPs ordering consistent in keepalived.conf
- [82bf4af] Specify prefix length for IPv6 subnets
- [42630f9] Fix for KeyError: 'gw_port_host' on l3_agent
- [7c82512] NSX: synchronize floating IP operations
- [5531d6d] NSX: Remove logic for creating chained logical switches
- [b80a68e] [apic ml2] Bind ports regardless of the owner
- [175e869] Reset policies after RESOURCE_
- [66a91dd] Use stop() method on MessageHandling
- [097607a] Issue warning when running DHCP agent with dnsmasq < 2.67
- [560ef81] Fix neutron hang for IPv6 allocation pool update
- [f979dd6] Fix for FIPs duplicated across hosts for DVR
- [327e325] ipv6: set OtherConfig flag for DHCPv6 stateless subnets
- [6c490a9] radvd: pass -m syslog to avoid thread lock for radvd 2.0+
- [a89ae1b] Eventlet green threads not released back to pool
- [c6ef4e8] return the dict of port when no sec-group involved
- [ab8f277] Moves the HA resource creations outside of transaction
- [b776d19] Delete FIP namespace when last VM is deleted
- [81ecf5b] Fix race condition on processing DVR floating IPs
- [b297604] Fix a race condition adding a security group rule
- [2f97180] Auto allocate gateway_ip even for SLAAC subnets
- [6068320] Fix enable_
- [c96217a] Teach DHCP Agent about DVR router interfaces
- [615e2d6] BSN: Optimistic locking strategy for consistency
* d/control: Bump minimum python-eventlet to get socket_timeout support.
(LP: #1419117).
-- Chuck Short <email address hidden> Mon, 09 Feb 2015 15:36:16 -0500
| Changed in neutron (Ubuntu Utopic): | |
| status: | Fix Committed → Fix Released |
| Launchpad Janitor (janitor) wrote : | #13 |
This bug was fixed in the package cinder - 1:2014.2.2-0ubuntu1
---------------
cinder (1:2014.
[ Corey Bryant ]
* Resynchronize with stable/juno (dc00837) (LP: #1418695):
- [f88dc84] Add client_
- [ab9a1ad] Create "image_
- [6020cc6] Defining the variable "tmp" before try block
- [67cdc1f] Set 'driver_
- [0b2f278] Garbage Remains when Attached Volume is Migrated with NFS Driver
- [215fb06] NetApp fix to set non default server port in api
- [7ebaf68] Fix eqlx endless loop when server closes the connection
- [58f7633] Fix eqlx CLI output parsing on bad input
- [32f7788] Fix zfssa driver volume attach to work with latest zfssa software
- [ed4681f] LIO: Fix UnboundLocalError in ensure_export
- [3965a5f] Remove import of private _lazy module
- [23c77ed] Mock calls to rpm and dpkg from NetApp unit tests
- [81a308d] NetApp E-series: Do not log passwords in requests
- [ae717b1] Ensure that lun_id is an int for NetApp Drivers
- [36bb8c2] Catch ImageNotFound exception when deleting rbd volume
- [a843aff] Correct the message string
- [08bf231] Fix NetApp AutoSupport Shortcomings.
- [4b6b7c3] Raise exception if invalid IP is specified
- [dc00837] NetApp 7mode NFS driver doesn't honor netapp_vfiler option
* d/p/fix-
* d/p/revert-
that is not in utopic.
* d/control: Bump minimum python-eventlet to get socket_timeout support.
(LP: #1419117).
-- Chuck Short <email address hidden> Mon, 09 Feb 2015 15:01:22 -0500
| Changed in cinder (Ubuntu Utopic): | |
| status: | Fix Committed → Fix Released |
| Changed in cinder (Ubuntu Trusty): | |
| status: | New → Invalid |
| Changed in neutron (Ubuntu Trusty): | |
| status: | New → Invalid |
| Changed in nova (Ubuntu Trusty): | |
| status: | New → Invalid |
| tags: |
added: verification-done-trusty removed: verification-needed-trusty |
| Launchpad Janitor (janitor) wrote : | #14 |
This bug was fixed in the package python-eventlet - 0.13.0-1ubuntu2.1
---------------
python-eventlet (0.13.0-1ubuntu2.1) trusty-proposed; urgency=medium
* debian/
socket_timeout support (LP: #1419117).
-- Corey Bryant <email address hidden> Wed, 18 Feb 2015 12:25:44 -0500
| Changed in python-eventlet (Ubuntu Trusty): | |
| status: | Fix Committed → Fix Released |
The 2014.2.2 juno versions of nova and neutron also depend on this python-eventlet fix.