~ubuntu-branches/ubuntu/oneiric/nova/oneiric-updates

Committer: Package Import Robot
Author(s): Jamie Strandboge
Date: 2012-08-17 13:55:33 UTC
Revision ID: package-import@ubuntu.com-20120817135533-987ztcloeqahiv01

Tags: 2011.3-0ubuntu6.10

* SECURITY UPDATE: Prohibit file injection writing to host filesystem
  - debian/patches/CVE-2012-3447.patch: update to perform the file name
    canonicalization as the root user
  - CVE-2012-3447

files added:
.pc/CVE-2012-3447.patch

.pc/CVE-2012-3447.patch/nova

.pc/CVE-2012-3447.patch/nova/tests

.pc/CVE-2012-3447.patch/nova/tests/test_virt.py

.pc/CVE-2012-3447.patch/nova/tests/test_xenapi.py

.pc/CVE-2012-3447.patch/nova/virt

.pc/CVE-2012-3447.patch/nova/virt/disk.py

debian/patches/CVE-2012-3447.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

nova/tests/test_virt.py

nova/tests/test_xenapi.py

nova/virt/disk.py

Show diffs side-by-side

added added

removed removed

debian/changelog

nova (2011.3-0ubuntu6.10) oneiric-security; urgency=low

* SECURITY UPDATE: Prohibit file injection writing to host filesystem

- debian/patches/CVE-2012-3447.patch: update to perform the file name

canonicalization as the root user

- CVE-2012-3447

-- Jamie Strandboge <jamie@ubuntu.com> Fri, 17 Aug 2012 13:55:33 -0500

nova (2011.3-0ubuntu6.9) oneiric-security; urgency=low

* SECURITY UPDATE: arbitrary file injection/corruption

Older »