Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted nova 2:31.0.0-6+deb13u1 (source) into proposed-updates
Date: Wed, 05 Nov 2025 21:32:20 +0000
Signed by: Thomas Goirand <zigo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 21 Aug 2025 09:10:49 +0200
Source: nova
Architecture: source
Version: 2:31.0.0-6+deb13u1
Distribution: trixie
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1111689
Changes:
 nova (2:31.0.0-6+deb13u1) trixie; urgency=high
 .
   * A vulnerability has been identified in OpenStack Nova and OpenStack Watcher
     in conjunction with volume swap operations performed by the Watcher
     service. Under specific circumstances, this can lead to a situation where
     two Nova libvirt instances could reference the same block device, allowing
     accidental information disclosure to the unauthorized instance. Added
     upstream patch: OSSN-0094_restrict_swap_volume_to_cinder.patch.
     (Closes: #1111689).
   * Blacklist non-deterministic unit test:
     - ComputeTestCase.test_add_remove_fixed_ip_updates_instance_updated_at
Checksums-Sha1:
 2520760e4876c58fdd32a3252a87cdc61320d587 4854 nova_31.0.0-6+deb13u1.dsc
 d76e47f21f1704aa6933d13182d5feecf07a312a 70836 nova_31.0.0-6+deb13u1.debian.tar.xz
 49787f19831d7cbc55a408f950db9be96a4fc648 25834 nova_31.0.0-6+deb13u1_amd64.buildinfo
Checksums-Sha256:
 8bb27d885d948b426e478262bca1c257fba97a7d8aa9a4134237bb597154c7cc 4854 nova_31.0.0-6+deb13u1.dsc
 bfe857aafd0e60da1b054e2f5d81e26ffcdd3d4c806d8a9d6c90b7ad48ed5fff 70836 nova_31.0.0-6+deb13u1.debian.tar.xz
 1ac061ed0158e85484d0c21be5040c08b88a2214efb7cf364b2aa8b249aae04b 25834 nova_31.0.0-6+deb13u1_amd64.buildinfo
Files:
 96107987b8aac8bfa60574a2016ed88f 4854 net optional nova_31.0.0-6+deb13u1.dsc
 0999f4fe81c44a368ce0cb0b8d4948b0 70836 net optional nova_31.0.0-6+deb13u1.debian.tar.xz
 03f40891a1e738b2969febe3d205e561 25834 net optional nova_31.0.0-6+deb13u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmkH2g4ACgkQ1BatFaxr
Q/4GZg//akrmNW9n3B9DnXsn1jmIqDnCyABbqgPp/2+QUjkwTKQe4y5rwUPBNVJV
hYRIqHUVCCUjacm4i9dH4LBNlp2yAexbMDUNuPqjxGkWAKLXRp+n6TUm1Gtq96If
pEVL6RK4UokaAUlBbmg4GUJsNNAFiJ46jXPr4wxe36C22R+C4GXh4xB+ufDekPto
38Sb/66XLvXg5b8qRJAjwC8vRhGf2OJeNBEZLJF08mlZNBqAUbaQQAKBMilAbq99
NATK/jRoIaZQznQ3Z1hdssAtB8x+WiOvnB7smosYb2yBJCLnjdRQPQfMRdCd1opM
af7CKBxxFKxFW0uGiBGLcr+hJKh5PvjeWrENARMyOZRK5jpG1NTRwMVtRZixtbU7
yQxIGysxdyUMT2x5TaH09czqRa8kE6EqUGl2x9nctjXTwUKIWZ4rmZIYUuy1svXY
qSM50BQ9gDCEHRnscZEUxAv/qSyf67KUwwKHDfLimwTXINRp3JJMde0lhuvbG8bd
NjeKro9dQHNVQFwSZsEdn5pjXYlgFrKHaydrD1eCzPMnbnk8SR5h1E+fZ/J38T2R
TX3lQJUbeQfMht16QGpgXOLo461poPFzZehc7+sq7RDXke1UNj8zFsHU4hgKuN1t
QyNXaiIhL5LJc6DZEO3TdAb81LWg6TS/9+qjy+1fc+2OkyRp2Vg=
=96De
-----END PGP SIGNATURE-----

News for package nova