nova (2:29.0.2-2)
[PTS] [DDPO]
NEW: VCS has unreleased changes: 2:29.0.2-3 > 2:29.0.2-2
- Git: https://salsa.debian.org/openstack-team/services/nova.git
-
- Branch: debian/caracal
- Path: debian/changelog
- Repo size: 52797440
- Browser: https://salsa.debian.org/openstack-team/services/nova
- Last scan: 2024-07-13 12:07:29+00
- Next scan: 2024-07-21 19:25:00+00
- Merge requests: 1
- CI pipeline status: failed
- Debian changelog in Git:
nova (2:29.0.2-3) unstable; urgency=high
* CVE-2024-32498: Arbitrary file access through custom QCOW2 external data.
Add upstream patch (Closes: #1074762):
- CVE-2024-32498_1_nova-stable-2024.1_Reject_qcow_files_with_data-file_attributes.patch
- CVE-2024-32498_2_nova-stable-2024.1_Check_images_with_format_inspector_for_safety.patch
- CVE-2024-32498_3_nova-stable-2024.1_Additional-qemu-safety-checking-on-base-images.patch
- CVE-2024-32498_4_late-nova-fix.patch
-- Thomas Goirand <zigo@debian.org> Fri, 21 Jun 2024 08:59:35 +0200
- This branch is even with tag debian/29.0.2-3