-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 10 Jul 2024 23:49:31 +0200 Source: nova Binary: nova-api nova-common nova-compute nova-compute-ironic nova-compute-kvm nova-compute-lxc nova-compute-qemu nova-conductor nova-consoleproxy nova-doc nova-scheduler python3-nova Architecture: all Version: 2:26.2.2-1~deb12u3 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Thomas Goirand Description: nova-api - OpenStack Compute - compute API frontend nova-common - OpenStack Compute - common files nova-compute - OpenStack Compute - compute node nova-compute-ironic - OpenStack Compute - compute node (Ironic) nova-compute-kvm - OpenStack Compute - compute node (KVM) nova-compute-lxc - OpenStack Compute - compute node (LXC) nova-compute-qemu - OpenStack Compute - compute node (QEmu) nova-conductor - OpenStack Compute - conductor service nova-consoleproxy - OpenStack Compute - NoVNC proxy nova-doc - OpenStack Compute - documentation nova-scheduler - OpenStack Compute - virtual machine scheduler python3-nova - OpenStack Compute - libraries Closes: 1076774 Changes: nova (2:26.2.2-1~deb12u3) bookworm-security; urgency=high . * CVE-2024-40767: Regression VMDK/qcow arbitrary file access (CVE-2024-32498) Applied upstream patches (Closes: #1076774): - CVE-2024-40767_1_port_format_inspector_tests_from_glance_antelope.patch - CVE-2024-40767_2_Reproduce_iso_regression_with_deep_format_inspection_antelope.patch - CVE-2024-40767_3_Add-iso-file-format-inspector_antelope.patch - CVE-2024-40767_4_Change-force_format-strategy-to-catch-mismatches_antelope.patch * Add qemu-utils as build-depends to run new tests. Checksums-Sha1: a223f08f0886b276288c8448052f95142b70d0ab 29576 nova-api_26.2.2-1~deb12u3_all.deb e5b37f3eb42a2d3c8f900bb59d6fb2aa7713c510 129276 nova-common_26.2.2-1~deb12u3_all.deb 309ac46a2992fa1b40de1df8b7b6be79830940bd 8988 nova-compute-ironic_26.2.2-1~deb12u3_all.deb 1c58be7fbe9b7b8db7cff67a7ca2be14466a39d8 9208 nova-compute-kvm_26.2.2-1~deb12u3_all.deb f162dff19ac1755da63e0a1b6586477fd5e97252 9048 nova-compute-lxc_26.2.2-1~deb12u3_all.deb 6895d633520eb19f5bae0756739ba9dc4b2bc304 9088 nova-compute-qemu_26.2.2-1~deb12u3_all.deb 44edb940c68952f163e22dbe3758018bef7199c8 15296 nova-compute_26.2.2-1~deb12u3_all.deb 90eadadafa73210a5febdf3504ed0047983cd64e 14620 nova-conductor_26.2.2-1~deb12u3_all.deb e9f72b0af62fe94bf83edc534556645ca7c1f34f 19892 nova-consoleproxy_26.2.2-1~deb12u3_all.deb d074717f46bf34db07dafe9577dfcd6e776ae5c8 2881248 nova-doc_26.2.2-1~deb12u3_all.deb 7a62853523fd9785e2c0bd56504a74aae8c73c74 14640 nova-scheduler_26.2.2-1~deb12u3_all.deb f1326b1ec1ebc543ff78e43a7421eac71a9e0b98 22589 nova_26.2.2-1~deb12u3_all-buildd.buildinfo 5c37e15c542e3c465760f1960a5fc5d55d42c82d 3013352 python3-nova_26.2.2-1~deb12u3_all.deb Checksums-Sha256: ec4d0203ca5c587ba355fe95d1a719fdb3fd918a0e456d2a9937ca775574e4a1 29576 nova-api_26.2.2-1~deb12u3_all.deb c61604671683214e4cbb604cd95f25c7a5ac6377819055b0a94f60b0af8e4ab5 129276 nova-common_26.2.2-1~deb12u3_all.deb 79637d1a231e72a39ca96d0500743af330828dbcf01b0dd645083a3942331fc6 8988 nova-compute-ironic_26.2.2-1~deb12u3_all.deb 40e9238171f248eb4894fd1fe48c3543c5130580931a66d6e6b86c33a6e71561 9208 nova-compute-kvm_26.2.2-1~deb12u3_all.deb ad7fe7effd65100672e33f2ec964c5fb81962e3e6cebcfa807b96e647fdc5085 9048 nova-compute-lxc_26.2.2-1~deb12u3_all.deb d73d458b30033ea4d2d81d9afba34b2a56bfea5bff41fa2847925042b17569f0 9088 nova-compute-qemu_26.2.2-1~deb12u3_all.deb 4bf16fdd1ba6cccbec42df5d5132ce0ab0ceb07c60d356898ae0e55c35b641fb 15296 nova-compute_26.2.2-1~deb12u3_all.deb 323f9e2e8903909fc0c4c6da858da3df777736c2ff171b9599e7aeec4aaf7bb0 14620 nova-conductor_26.2.2-1~deb12u3_all.deb 1545450cd7f177d4bc51a3186ec078434ed386b644f091f569ebd6d428fb682c 19892 nova-consoleproxy_26.2.2-1~deb12u3_all.deb ff0d1b86ec76c16ee48ab24fbeaccb6804aca4a9e55c5cedda356f0578aaf7cc 2881248 nova-doc_26.2.2-1~deb12u3_all.deb 1fdd2e2ef494c0885c114dfa46e47dcc3fed01f81456a280c2e747e77f4bb20f 14640 nova-scheduler_26.2.2-1~deb12u3_all.deb 38bae98df9f5aba5676cf2fe805dfb0f76b5bcbce9057db740b8e63438af7f00 22589 nova_26.2.2-1~deb12u3_all-buildd.buildinfo a3a4fec65e73a37e632ea8a00759fbddfdfde7b6ec45f186aa27805aa8794e87 3013352 python3-nova_26.2.2-1~deb12u3_all.deb Files: 021a95a0622c04e8d40fd27b978a1baf 29576 net optional nova-api_26.2.2-1~deb12u3_all.deb fa831f73831a43460983b95802ae6e04 129276 net optional nova-common_26.2.2-1~deb12u3_all.deb 645d74d56d40fb3d5f314381f4afcd3a 8988 net optional nova-compute-ironic_26.2.2-1~deb12u3_all.deb 4b066bc2f1eb8dc145d7087652699a30 9208 net optional nova-compute-kvm_26.2.2-1~deb12u3_all.deb ec431364af0da4ce0a6a0a29275bc9cb 9048 net optional nova-compute-lxc_26.2.2-1~deb12u3_all.deb de1803cf56728592a0031669b50a96cb 9088 net optional nova-compute-qemu_26.2.2-1~deb12u3_all.deb abbfc352b82d52c68a99f66bc0bb3c47 15296 net optional nova-compute_26.2.2-1~deb12u3_all.deb d62d247d8e1a941ba0e4a768e0caf719 14620 net optional nova-conductor_26.2.2-1~deb12u3_all.deb c8cf4f91652818e9a06208ecfca1deed 19892 net optional nova-consoleproxy_26.2.2-1~deb12u3_all.deb c4c59d3eb345590a8302f8833bd3ceab 2881248 doc optional nova-doc_26.2.2-1~deb12u3_all.deb 8992c2bd78e55c6c5aa80bb9bbbf3dd9 14640 net optional nova-scheduler_26.2.2-1~deb12u3_all.deb d4436e804e4b753bb071f19c40fc47da 22589 net optional nova_26.2.2-1~deb12u3_all-buildd.buildinfo 989259a5bcbf52421a9e35878a4f3314 3013352 python optional python3-nova_26.2.2-1~deb12u3_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgdRoRGwEM09wlaMzOni7ZmUpKEcFAmbExBkACgkQOni7ZmUp KEchzRAAyx0LpyqZ8r1f6d7DAsoLmPSFod1PrarWnQUJLpe7ynzxfljN5uZF9EwJ wz/3gr/1mexQIDrisQ5LYETmpmjxjAO3d/EbGLkcZpWxxrxiZeEOz8frKpvW2A1s TD1iRK4p9sKY354EmoALHJBfGXkPMpp9JFIPaygiqZcgXPnPDEgxEmF/lSFFrcpx PsuBA3TOimIefgY6l0v0N+aXLe3bTzgGG1AjkSVHITqVIVqYmUCL95vT/rLmp+Qz Dg/mOMJeHwRCrTKhjImbo5iyKwFeoydDHHA4LmfKEoksEh9CnOYxYPzRu62Q3PP5 I2Tx161msB18lcdfp9K2JhLEAJMciMEi/8k+M8W6m92FqWCHBffMr8TtXUAsUobg P4odPemiPtoWNWD3fGDVycLDTNYSZD6eNXgfx0NqGoLECvRk1fCLsASTIs4ffLQO i9U4RrCEZv5WXXIxXmnqCxHOg6T6JWlyaIonVB8Se1VgGQ0X2KaLrl41W+Vtk0IB HJsAt46OqYNI5wx8GCgZepyQFEoTZqQZaGDRTOrdofRcyLVZaO72Mq/9NErgBLNi oPGepSfJTDOnQQECSCxc8/O4rju+BBLLTPQgDXwj4Eu8v28T3ly5emJvqCPCnOOI 0izYjkRpNmeVHl92p11ANlrcM4OGEOJuKsH4J7dkeqKMykRqd0M= =NWm7 -----END PGP SIGNATURE-----