[Openstack-devel] Bug#715552: pu: package nova/2012.1.1-18+deb7u1
Julien Cristau
julien.cristau at logilab.fr
Wed Jul 10 12:09:01 UTC 2013
Package: release.debian.org
Severity: normal
User: release.debian.org at packages.debian.org
Usertags: pu
X-Debbugs-Cc: nova at packages.debian.org
Hi,
this proposed update for nova fixes CVE-2013-2096. AFAIK this is just a
DoS, so probably not worth a DSA.
The fix for sid is pending NEW processing, AIUI.
diff -Nru nova-2012.1.1/debian/changelog nova-2012.1.1/debian/changelog
--- nova-2012.1.1/debian/changelog 2013-04-10 13:14:21.000000000 +0200
+++ nova-2012.1.1/debian/changelog 2013-07-10 12:10:00.000000000 +0200
@@ -1,3 +1,10 @@
+nova (2012.1.1-18+deb7u1) UNRELEASED; urgency=low
+
+ * CVE-2013-2096: Check QCOW2 image size during root disk creation
+ (closes: #710157). Apply patch from Jamie Strandboge.
+
+ -- Julien Cristau <julien.cristau at logilab.fr> Fri, 14 Jun 2013 14:02:42 +0200
+
nova (2012.1.1-18) unstable; urgency=low
* nova-common isn't anymore using /usr/share/doc to store configuration files
diff -Nru nova-2012.1.1/debian/patches/CVE-2013-2096_essex.patch nova-2012.1.1/debian/patches/CVE-2013-2096_essex.patch
--- nova-2012.1.1/debian/patches/CVE-2013-2096_essex.patch 1970-01-01 01:00:00.000000000 +0100
+++ nova-2012.1.1/debian/patches/CVE-2013-2096_essex.patch 2013-07-10 12:10:00.000000000 +0200
@@ -0,0 +1,31 @@
+Author: Jamie Strandboge <jamie at canonical.com>
+Description: Check QCOW2 image size during root disk creation
+ glance can only tell us the size of the file, not the virtual
+ size of the QCOW2. As such we need to check the virtual size of
+ the image once its cached and ensure it's <= to the flavor's
+ root disk size. Based on I833467284126557eb598b8350a84e10c06292fa9
+Bug: https://launchpad.net/bugs/1177830
+
+Index: nova/nova/virt/libvirt/connection.py
+===================================================================
+--- nova.orig/nova/virt/libvirt/connection.py
++++ nova/nova/virt/libvirt/connection.py
+@@ -1125,6 +1125,18 @@ class LibvirtConnection(driver.ComputeDr
+ if cow:
+ cow_base = base
+ if size:
++ # NOTE(cfb): Having a flavor that sets the root size to
++ # 0 and having nova effectively ignore that
++ # size and use the size of the image is
++ # considered a feature at this time, not a
++ # bug.
++ if os.path.exists(cow_base) and \
++ size < disk.get_image_virtual_size(cow_base):
++ LOG.error(_("%(base)s virtual size larger than "
++ "flavor root disk size %(size)s" %
++ {'base': cow_base, 'size': size}))
++ raise exception.ImageTooLarge()
++
+ size_gb = size / (1024 * 1024 * 1024)
+ cow_base += "_%d" % size_gb
+ if not os.path.exists(cow_base):
diff -Nru nova-2012.1.1/debian/patches/series nova-2012.1.1/debian/patches/series
--- nova-2012.1.1/debian/patches/series 2013-04-10 13:14:21.000000000 +0200
+++ nova-2012.1.1/debian/patches/series 2013-07-10 12:10:00.000000000 +0200
@@ -12,3 +12,4 @@
CVE-2013-0335_VNC-unit-tests-fixes.patch
CVE-2013-1838-Nova_DoS_by_allocating_all_Fixed_IPs_essex.patch
Fixed_broken_vncproxy_flush_tokens.patch
+CVE-2013-2096_essex.patch
Cheers,
Julien
--
Julien Cristau <julien.cristau at logilab.fr>
Logilab http://www.logilab.fr/
Informatique scientifique & gestion de connaissances
More information about the Openstack-devel
mailing list