Meta bug for tracking Openstack 2013.1.3 Stable Update

Hello Adam, or anyone else affected,

Accepted cinder into raring-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/cinder/1:2013.1.3-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Adam, or anyone else affected,

Accepted glance into raring-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/glance/1:2013.1.3-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Adam, or anyone else affected,

Accepted horizon into raring-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/horizon/1:2013.1.3-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Adam, or anyone else affected,

Accepted keystone into raring-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/keystone/1:2013.1.3-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Adam, or anyone else affected,

Accepted nova into raring-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/nova/1:2013.1.3-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Adam, or anyone else affected,

Accepted quantum into raring-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/quantum/1:2013.1.3-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Blocking verification on a regression introduced into cinder via

https://github.com/openstack/cinder/commit/68c597e26b5659a036a7a937622e539bac102308

This fixes a security issue by correctly enabling secure volume scrubbing of LVM snapshots, however, this introduces a bug in the volume cleaning code: Bug #1191812. Currently working with upstream on a good solution rather than reverting the problematic security update.

Hello Adam, or anyone else affected,

Accepted cinder into raring-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/cinder/1:2013.1.3-0ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Please find the attached test log from the Ubuntu Server Team's CI infrastructure. As part of the verification process for this bug, the OpenStack components have been deployed and configured across multiple nodes using raring-proposed as an installation source. After successful bring-up and configuration of the cluster, a number of exercises and smoke tests have be invoked to ensure the updated package did not introduce any regressions. A number of test iterations were carried out to catch any possible transient errors.

These proposed packages were deployed and tested in several different configurations. Attached are tarballs with various test logs from each configuration. In addition to the base components, variables in deployments include:

raring_grizzly_nova-network:
    - nova-network (FlatDHCP)
    - glance (Ceph backend)
    - cinder (Ceph backend)

raring_grizzly_iscsi:
    - nova-network (FlatDHCP)
    - glance (local backend)
    - cinder (iSCSI backend)

raring_grizzly_quantum:
    - quantum (OVS plugin)
    - glance (Ceph backend)
    - nova-volume (Ceph backend)

Please note the versions_tested file in each tarball, which contains details about relevant package versions installed and tested.

For records of upstream test coverage of this update, please see the individual bug reports.
As per the provisional Micro Release Exception granted to this package by the Technical Board, we hope this contributes toward verification of this update.

Test coverage log.

Test coverage log.

Test coverage log.

This bug was fixed in the package glance - 1:2013.1.3-0ubuntu1

---------------
glance (1:2013.1.3-0ubuntu1) raring-proposed; urgency=low

  * Resynchronize with stable/grizzly (a5dda27) (LP: #1210447):
    - [272982c] Bump stable/grizzly next version to 2013.1.3
    - [a5dda27] Exception on running glance commands with non-ASCII arguments
      LP: 1182824
  * debian/control: Set Vcs fields.
 -- Adam Gandelman <email address hidden> Fri, 09 Aug 2013 10:02:09 +0100

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

This bug was fixed in the package horizon - 1:2013.1.3-0ubuntu1

---------------
horizon (1:2013.1.3-0ubuntu1) raring-proposed; urgency=low

  * Resynchronize with stable/grizzly (435d4c8) (LP: #1210447):
    - [70e403b] Bump stable/grizzly next version to 2013.1.3
    - [21a4b20] Passed variables in template not translated LP: 1180316
    - [9fd8ceb] Selenium tests failing with socket timeout error LP: 1100771
    - [459488c] Deprecation warnings in webserver log LP: 1172222
    - [47ea680] New keystoneclient properties break testsuite LP: 1196823
    - [b163c97] Display of port and CIDR network topology labels is messy
      LP: 1199086
    - [a1b23d6] Sync pytz from requirements.txt
    - [16f52c4] Cant disassociate floating IP from instance panel when using
      Quantum LP: 1158596
    - [889f240] Unclear error when deleting a Swift container that contains
      data LP: 1096084
    - [933b991] 'msgid' format string with unnamed arguments cannot be
      properly localized in
      dashboards/project/instances/workflows/create_instance.py LP: 1177629
    - [d54fd25] Exception when editing (some) Quantum security rules
      LP: 1165095
    - [eab3b39] TypeError for cinder problems LP: 1182075
    - [4a3dbe1] Duplicate Networks in Networking Tab LP: 1170193
    - [4c7eb79] Handle None display name for boot from volume LP: 1199206
    - [d6f033c] Test failing due to latest version of openstack_auth
      LP: 1207599
    - [435d4c8] grizzly: translation PO files are out-of-date LP: 1207442
  * debian/control: Set Vcs fields.
 -- Adam Gandelman <email address hidden> Fri, 09 Aug 2013 10:03:06 +0100

This bug was fixed in the package quantum - 1:2013.1.3-0ubuntu1

---------------
quantum (1:2013.1.3-0ubuntu1) raring-proposed; urgency=low

  * Resynchronize with stable/grizzly (06f679d) (LP: #1210447):
    - [e1d25de] Bump stable/grizzly next version to 2013.1.3
    - [1fb9952] Port profile should not mark vlan as native-vlan LP: 1186461
    - [2e49395] nec plugin: portinfo entries are not removed LP: 1187249
    - [7e5cb39] Enable router extension in Brocade Plugin LP: 1166516
    - [d298464] DbQuotaDriver allows setting of negative quota values
      LP: 1178886
    - [a6b23e1] when boot many vms with quantum, nova sometimes allocates two
      quantum ports rather than one LP: 1160442
    - [38ad51a] NEC plugin fails to process portinfo message after port delete
      LP: 1187701
    - [1458438] fail to delete network in nec plugin unless subnet is deleted
      explicitly LP: 1190163
    - [9b38a4b] All subprocess.Popen calls should go through common function
      LP: 1053381
    - [a99cc45] Qpid cannot serialize objects containing strings longer than
      65535 characters LP: 1175808
    - [57b2bcf] when a port have multiple IP addresses the port cannot
      communicate LP: 1190613
    - [0d59115] Big Switch Plugin Tenant_id for floating-ip port missing
      LP: 1190020
    - [b606ee1] compute node's OVS agent takes long time to scan sync all
      port's stat and update port security rules LP: 1194438
    - [1d3fee1] Fix Cisco Nexus plugin failures for vlan IDs 1006-4094
      LP: 1174593
    - [fffabc4] Ports created by l3 interface are DOWN LP: 1192883
    - [fe7646a] unable to unset gateway_ip on existing subnet LP: 1178273
    - [f97f1b3] Neutron DHCP agent generates invalid hostnames for new version
      of dnsmasq LP: 1204125
    - [c11cf21] Cisco plugin cannot create ports for non-admin VMs LP: 1202462
    - [b47efc4] Remove unused config parameters from Cisco plugin, document
      the others LP: 1201537
    - [b9daf57] Fix Cisco nexus plugin failure for first VLAN on phy interface
      LP: 1174852
    - [06f679d] Duplicate entries in the hosts file LP: 1191768
  * debian/control: Update Vcs fields.
 -- Adam Gandelman <email address hidden> Fri, 09 Aug 2013 10:08:11 +0100

This bug was fixed in the package nova - 1:2013.1.3-0ubuntu1

---------------
nova (1:2013.1.3-0ubuntu1) raring-proposed; urgency=low

  * Resynchronize with stable/grizzly (89c7ee4) (LP: #1210447):
    - [8e6edd2] Bump stable/grizzly next version to 2013.1.3
    - [61fc529] attach quantum security group to an existing vm failed
      LP: 1189059
    - [60774bd] nova-compute fails to start if quantum is down LP: 1186357
    - [8e6d4b6] asymmetric routes in nova network with external gateway and
      routing_source_ip LP: 1182143
    - [8849413] Failed VM's not set to error state on exception LP: 1182056
    - [ef10eee] Double healing of info_cache with cells LP: 1180304
    - [7422d83] Can't log into VM after powervm is resized LP: 1169848
    - [49ab0e8] stack trace when instance_actions extension can not find
      instance in GET LP: 1182867
    - [e71247c] nova service-list returns illegal result with non db service
      heartbeat LP: 1168861
    - [3f60606] Volume IO usage gets reset to 0 after a reboot / crash
      LP: 1169097
    - [19c443b] unused method list_interfaces in vmware driver can be removed
      LP: 1187251
    - [a8dab9f] No cleanup done when file transfer fails with powervm driver
      LP: 1173017
    - [fc98015] nova consoleauth depends on Conductor Service LP: 1186123
    - [1066418] VMware drivers are no longer passing quantum port-id to
      vCenter LP: 1183452
    - [b92075c] nova net-list fails on empty list with Quantum backend
      LP: 1189976
    - [3ba31f2] Create VM with no networks with Quantum Gives SecurityGroups
      Exception LP: 1191044
    - [89150b2] Periodic ValueErrors when using qpid LP: 1185465
    - [0e0d615] Libvirt pre-Grizzly instances cannot be block migrated
      LP: 1185588
    - [27960ef] ZMQ ipc socket file is created using un-sanitized network
      input LP: 1122763
    - [265b868] cannot block migrate old style instances libvirt complains
      LP: 1175286
    - [008a68a] code logical error exists in vmwareapi vif.py LP: 1177635
    - [378c045] Instance IP addresses are re-used even when previous instance
      could not be powered off LP: 1180178
    - [48ddffe] Reboot of compute node breaks VMs with volumes LP: 1188326
    - [f427f01] Missing dashes from console-log LP: 1194032
    - [78ebf1a] network-create returns an internal error when network
      conflicts LP: 1158075
    - [767c850] Instance nics are reorder after reboot LP: 1187092
    - [0b45996] instance directory naming update to use uuid LP: 1186944
    - [06cfad5] Disassociate failed dhcp fixed ip in deallocate_for_instance()
      method LP: 1180766
    - [cbcdfc5] Allow confirm_resize action on an instance in 'deleting'
      status LP: 1189391
    - [2563c44] aggregate_get_by_host returns aggregates from other hosts
      LP: 1201277
    - [109f3a9] nova libvirt driver requires iscsi initiator name regardless
      of using it in volume drivers LP: 1007084
    - [7f1c336] Host is always set to None in get_instance_nw_info(...)
      LP: 1194178
    - [1cf30a3] nova boot with colume should fail if the volume is already
      attached to another instance LP: 1166770
    - [9cb9361] Aggregate metadata filterin...

This bug was fixed in the package keystone - 1:2013.1.3-0ubuntu1

---------------
keystone (1:2013.1.3-0ubuntu1) raring-proposed; urgency=low

  * Dropped patches, applied upstream:
    - debian/patches/CVE-2013-2157.patch: [c100fd2]
  * Resynchronize with stable/grizzly (f60f742) (LP: #1210447):
    - [4b22c02] Bump stable/grizzly next version to 2013.1.3
    - [c100fd2] Force simple Bind for authentication
    - [b426022] password in clear in keystone.log LP: 1166697
    - [8ea8024] Performance issue when delete tokens for users LP: 1178063
    - [76a94c6] Editing User fails when the user already has a Primary Project
      LP: 1161963
    - [27a5b42] User roles are replaced by group roles in v3 tokens
      LP: 1197874
    - [f60f742] Unscoped tokens are revoked when assigning a role to a user
      LP: 1170186
  * debian/control: Update Vcs field.
 -- Adam Gandelman <email address hidden> Fri, 09 Aug 2013 10:06:27 +0100

This bug was fixed in the package cinder - 1:2013.1.3-0ubuntu2

---------------
cinder (1:2013.1.3-0ubuntu2) raring-proposed; urgency=low

  * debian/patches/fix-secure-delete-for-lvm.patch: Fix regression
    introduced by c6f2f78. Cherry-picked from upstream stable/grizzly.

cinder (1:2013.1.3-0ubuntu1) raring-proposed; urgency=low

  * Resynchronize with stable/grizzly (2023eec) (LP: #1210447):
    - [0c86041] Bump stable/grizzly next version to 2013.1.3
    - [a1c0ba1] Syntax error in hp3par driver LP: 1186566
    - [e97b555] Cloning a SolidFire volume doesn't work anymore LP: 1188454
    - [7a15827] cinder thinlvm allocates new snap based volumes outside the
      pool LP: 1192601
    - [e58cac5] SolidFire driver should catch Connection Refused error
      LP: 1195910
    - [f5b80aa] live migration fails with storwize/svc driver LP: 1179773
    - [85444f4] Incorrect authorization rule in api.quota LP: 1185974
    - [78945d0] test_storwize_svc.py fails with
      storwize_svc_multihostmap_enabled default value (False) LP: 1198146
    - [2eda2e6] storwize svc driver needs to avoid SVC CLI shortcut
      LP: 1163964
    - [82c6ffe] SolidFire _do_clone needs to account for create_from_snapshot
      as well as clone LP: 1192745
    - [559b0fa] handle-remaining-connect-fails-cases-in-solidfire-driver
      LP: 1201592
    - [bfeae7b] Cannot run cinder-volume with SolidFire driver in
      active/active LP: 1179671
    - [68e4e55] some default config options are of the wrong type LP: 1167318
    - [5ae3c21] unable to discover shares for nfs drivers LP: 1158681
    - [762c4d2] Pyflakes error in EMC driver LP: 1188619
    - [5dfb545] need_longer_timeout_setting_for_solidfire_clone LP: 1202007
    - [c6f2f78] Cinder LVM volume driver does not support secure deletion
      (CVE-2013-4183) LP: 1198185
    - [2023eec] [OSSA 2013-023] Potential unsafe XML usage (CVE-2013-4179,
      CVE-2013-4202) LP: 1190229
  * debian/rules: Clean new setuptools_git cruft.
  * debian/control: Set Vcs fields.
 -- Adam Gandelman <email address hidden> Wed, 18 Sep 2013 13:17:19 -0700

This bug has been fixed in the Ubuntu Cloud Archive (precise-grizzly):

    nova: 1:2013.1.3-0ubuntu1~cloud0
    keystone: 1:2013.1.3-0ubuntu1~cloud0
    horizon: 1:2013.1.3-0ubuntu1~cloud0
    quantum: 1:2013.1.3-0ubuntu1~cloud0
    cinder: 1:2013.1.3-0ubuntu2~cloud0
    glance: 1:2013.1.3-0ubuntu1~cloud0