[Git][security-tracker-team/security-tracker][master] dla: re-add nova
Sylvain Beucler (@beuc)
beuc at debian.org
Thu Mar 2 12:56:11 GMT 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f34a70c0 by Sylvain Beucler at 2023-03-02T13:56:21+01:00
dla: re-add nova
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -167,6 +167,20 @@ node-nth-check
NOTE: 20221223: Module has been rewritten in Typescript since Buster released (lamby).
NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/node-nth-check.git
--
+nova
+ NOTE: 20230302: Programming language: Python.
+ NOTE: 20230302: VCS: https://salsa.debian.org/openstack-team/services/nova
+ NOTE: 20230302: Testsuite: https://lts-team.pages.debian.net/wiki/TestSuites/OpenStack.html
+ NOTE: 20230302: Maintainer notes: Contact original maintainer: zigo.
+ NOTE: 20230302: zigo says that DLA 3302-1 ships a buster-specific CVE-2022-47951 backport that introduces regression
+ NOTE: 20230302: (it's meant to check whether a VMDK image has the "monoliticFlat" subtype, but in practice it breaks compute nodes);
+ NOTE: 20230302: cf. debian/patches/cve-2022-47951-nova-stable-rocky.patch, which depends on images_*.patch.
+ NOTE: 20230302: "The upstream patch introduces a whitelist of allowed subtype (with monoliticFlat disabled by default).
+ NOTE: 20230302: Though in the Buster codebase, there was no infrastructure to check for this subtype ..." (zigo)
+ NOTE: 20230302: Later suites (e.g. bullseye) ship a direct upstream patch and are not affected.
+ NOTE: 20230302: We can either rework the patch, or disable .vmdk support entirely.
+ NOTE: 20230302: zigo currently has no time and requests the LTS team to do it (IRC #debian-lts 2023-03-02). (Beuc/front-desk)
+--
nvidia-graphics-drivers
NOTE: 20221225: Programming language: binary blob.
NOTE: 20230103: Cf. on-going discussion on nvidia support (Beuc/front-desk)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f34a70c0ad16a314556b288330d49c8460e11495
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f34a70c0ad16a314556b288330d49c8460e11495
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230302/97122fbc/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list