Debian Package Tracker

general

source: glance (main)
version: 2:18.0.0-3
maintainer: Debian OpenStack [DMD]
uploaders: Thomas Goirand [DMD] – Michal Arbet [DMD]
arch: all
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2014.1.3-12+deb8u1
oldstable: 2:13.0.0-4
stable: 2:17.0.0-4
testing: 2:17.0.0-4
unstable: 2:18.0.0-3

versioned links

2014.1.3-12+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:13.0.0-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:17.0.0-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:18.0.0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

glance
glance-api
glance-common
glance-doc
python3-glance

action needed

1 binary package has unsatisfiable dependencies high

The dependencies of glance-registry=2:17.0.0-4 cannot be satisfied in unstable on amd64 because: unsatisfied dependency on glance-common (= 2:17.0.0-4)

Created: 2019-07-19 Last update: 2019-07-23 10:01

Marked for autoremoval on 19 August due to uwsgi: #919665 high

Version 2:17.0.0-4 of glance is marked for autoremoval from testing on Mon 19 Aug 2019. It depends (transitively) on uwsgi, affected by #919665. You should try to prevent the removal by fixing these RC bugs.

Created: 2019-07-18 Last update: 2019-07-23 09:30

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-09-12 Last update: 2019-07-23 08:32

Depends on packages which need a new maintainer normal

The packages that glance depends on which need a new maintainer are:

pastescript (#740531)
- Depends: python3-pastescript
lsb (#924519)
- Depends: lsb-base lsb-base

Created: 2018-05-03 Last update: 2019-07-23 08:20

lintian reports 9 warnings normal

Lintian reports 9 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-07-20 Last update: 2019-07-23 05:33

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2:18.0.0-4, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit bd525ccc18389680b0d46c7131f50eeb566f307a
Author: Ondřej Nový <onovy@debian.org>
Date:   Fri Jul 19 16:32:51 2019 +0200

    Bump Standards-Version to 4.4.0

commit 35fb01138459769258bcee9cbbb268880c793b93
Author: Ondřej Nový <onovy@debian.org>
Date:   Thu Jul 18 18:33:39 2019 +0200

    Use debhelper-compat instead of debian/compat

commit 92286fc978c4e9a6337bd12297218b6167e6edc7
Author: Ondřej Nový <onovy@debian.org>
Date:   Thu Jul 18 18:33:39 2019 +0200

    Running wrap-and-sort -bast

Created: 2019-07-17 Last update: 2019-07-22 14:45

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

glance-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2019-07-23 08:40

3 ignored security issues in jessie low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2017-7200: An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.
CVE-2015-5162: The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.
CVE-2016-0757: OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image.

Please fix them.

Created: 2016-02-04 Last update: 2019-07-19 00:52

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.3.0).

Created: 2018-04-16 Last update: 2019-07-19 01:07

testing migrations

This package is part of the ongoing testing transition known as python2-rm. Please avoid uploads unrelated to this transition, they would likely delay it and require supplementary work from the release managers. On the other hand, if your package has problems preventing it to migrate to testing, please fix them as soon as possible. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
excuses:
- Too young, only 4 of 5 days old
- old binaries left on all: glance-registry (from 2:17.0.0-4) (but ignoring cruft, so nevermind)
- Piuparts tested OK - https://piuparts.debian.org/sid/source/g/glance.html
- Checking build-dependency on amd64
- Checking build-dependency (indep) on amd64
- Not considered

news

[rss feed]

[2019-07-18] Accepted glance 2:18.0.0-3 (source) into unstable (Michal Arbet) (signed by: Thomas Goirand)
[2019-05-07] Accepted glance 2:18.0.0-2 (source all) into experimental (Michal Arbet)
[2019-04-11] Accepted glance 2:18.0.0-1 (source all) into experimental (Thomas Goirand)
[2019-03-29] Accepted glance 2:18.0.0~rc1-1 (source all) into experimental (Thomas Goirand)
[2019-03-04] glance 2:17.0.0-4 MIGRATED to testing (Debian testing watch)
[2019-02-21] Accepted glance 2:17.0.0-4 (source all) into unstable (Thomas Goirand)
[2018-11-11] glance 2:17.0.0-3 MIGRATED to testing (Debian testing watch)
[2018-11-05] Accepted glance 2:17.0.0-3 (source all) into unstable (Thomas Goirand)
[2018-09-23] glance 2:17.0.0-2 MIGRATED to testing (Debian testing watch)
[2018-09-18] Accepted glance 2:17.0.0-2 (source all) into unstable (Michal Arbet) (signed by: Thomas Goirand)
[2018-09-12] glance 2:17.0.0-1 MIGRATED to testing (Debian testing watch)
[2018-09-05] Accepted glance 2:17.0.0-1 (source all) into unstable (Thomas Goirand)
[2018-08-23] Accepted glance 2:17.0.0~rc2-1 (source all) into experimental (Thomas Goirand)
[2018-08-22] glance 2:16.0.1-8 MIGRATED to testing (Debian testing watch)
[2018-08-17] Accepted glance 2:16.0.1-8 (source all) into unstable (Thomas Goirand)
[2018-08-08] glance 2:16.0.1-7 MIGRATED to testing (Debian testing watch)
[2018-08-02] Accepted glance 2:16.0.1-7 (source all) into unstable (Thomas Goirand)
[2018-05-30] glance 2:16.0.1-6 MIGRATED to testing (Debian testing watch)
[2018-05-25] Accepted glance 2:16.0.1-6 (source all) into unstable (Thomas Goirand)
[2018-05-23] Accepted glance 2:16.0.1-5 (source all) into unstable (Michal Arbet) (signed by: Thomas Goirand)
[2018-05-22] Accepted glance 2:16.0.1-4 (source all) into unstable (Thomas Goirand)
[2018-05-20] Accepted glance 2:16.0.1-3 (source all) into unstable (Thomas Goirand)
[2018-05-13] glance 2:16.0.1-2 MIGRATED to testing (Debian testing watch)
[2018-05-08] Accepted glance 2:16.0.1-2 (source all) into unstable (Thomas Goirand)
[2018-05-08] glance 2:16.0.1-1 MIGRATED to testing (Debian testing watch)
[2018-05-02] Accepted glance 2:16.0.1-1 (source all) into unstable (Thomas Goirand)
[2018-04-01] glance 2:16.0.0-4 MIGRATED to testing (Debian testing watch)
[2018-03-26] Accepted glance 2:16.0.0-4 (source all) into unstable (Thomas Goirand)
[2018-03-15] glance 2:16.0.0-3 MIGRATED to testing (Debian testing watch)
[2018-03-09] Accepted glance 2:16.0.0-3 (source all) into unstable (Thomas Goirand)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 9)
buildd: logs, clang, reproducibility, debcheck
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:19.0.0~b1~git2019061338.b8a34d31-0ubuntu1
4 bugs (1 patch)
patches for 2:19.0.0~b1~git2019061338.b8a34d31-0ubuntu1