Debian Package Tracker

general

source: nova (main)
version: 2:18.1.0-2
maintainer: Debian OpenStack [DMD]
uploaders: Thomas Goirand [DMD] – Michal Arbet [DMD] – gustavo panizzo [DMD]
arch: all
std-ver: 4.1.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2012.1.1-18
oldstable: 2014.1.3-11
old-bpo: 2:13.1.0-2~bpo8+1
stable: 2:14.0.0-4+deb9u1
stable-sec: 2:14.0.0-4+deb9u1
testing: 2:18.1.0-2
unstable: 2:18.1.0-2

versioned links

2012.1.1-18: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2014.1.3-11: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:13.1.0-2~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:14.0.0-4+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:18.1.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

nova-api
nova-cells
nova-common
nova-compute
nova-compute-ironic
nova-compute-kvm
nova-compute-lxc
nova-compute-qemu
nova-conductor
nova-console
nova-consoleauth
nova-consoleproxy
nova-doc
nova-placement-api
nova-scheduler
nova-volume
python3-nova

action needed

Marked for autoremoval on 23 March due to lxc: #921667 high

Version 2:18.1.0-2 of nova is marked for autoremoval from testing on Sat 23 Mar 2019. It depends (transitively) on lxc, affected by #921667. You should try to prevent the removal by fixing these RC bugs.

Created: 2019-02-15 Last update: 2019-02-20 11:07

Depends on packages which need a new maintainer normal

The packages that nova depends on which need a new maintainer are:

pygresql (#623685)
- Suggests: python3-pygresql
python-tempita (#740534)
- Depends: python3-tempita
pastescript (#740531)
- Depends: python3-pastescript

Created: 2017-12-02 Last update: 2019-02-20 11:41

2 new commits since last upload, time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2:18.1.0-3, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 35f97c0c5ac79b24406ab922f34ffd7d7a5f9c5b
Author: Thomas Goirand <zigo@debian.org>
Date:   Tue Feb 19 10:33:14 2019 +0100

    Fix startup of nova-serialproxy.

commit c536114f58805e242af5c72158bc919adefa83ae
Author: Thomas Goirand <zigo@debian.org>
Date:   Tue Feb 19 09:58:36 2019 +0100

    Also package the nova-serialproxy startup script/unit.

Created: 2019-02-19 Last update: 2019-02-20 11:33

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-12-20 Last update: 2019-02-20 09:13

lintian reports 29 warnings normal

Lintian reports 29 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-01-12 Last update: 2019-01-12 05:46

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

nova-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2019-02-20 11:50

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2017-18191: An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.

Please fix it.

Created: 2018-02-20 Last update: 2019-02-12 05:52

8 ignored security issues in jessie low

There are 8 open security issues in jessie.

8 issues skipped by the security teams:

CVE-2015-3241: OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
CVE-2017-18191: An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.
CVE-2015-5162: The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.
CVE-2015-8749: The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.
CVE-2016-2140: The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.
CVE-2015-3280: OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.
CVE-2015-7713: OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
CVE-2015-7548: OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.

Please fix them.

Created: 2015-07-12 Last update: 2019-02-12 05:52

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 4.1.3).

Created: 2018-04-16 Last update: 2019-02-07 01:00

news

[rss feed]

[2019-02-12] nova 2:18.1.0-2 MIGRATED to testing (Debian testing watch)
[2019-02-06] Accepted nova 2:18.1.0-2 (source all) into unstable (Michal Arbet)
[2019-01-22] nova 2:18.1.0-1 MIGRATED to testing (Debian testing watch)
[2019-01-17] Accepted nova 2:18.1.0-1 (source all) into unstable (Thomas Goirand)
[2019-01-14] nova 2:18.0.3-5 MIGRATED to testing (Debian testing watch)
[2019-01-08] Accepted nova 2:18.0.3-5 (source all) into unstable (Thomas Goirand)
[2018-12-20] nova 2:18.0.3-4 MIGRATED to testing (Debian testing watch)
[2018-11-14] Accepted nova 2:18.0.3-4 (source all) into unstable (Michal Arbet)
[2018-11-12] Accepted nova 2:18.0.3-3 (source all) into unstable (Michal Arbet)
[2018-11-07] Accepted nova 2:18.0.3-2 (source all) into unstable (Michal Arbet)
[2018-11-06] Accepted nova 2:18.0.3-1 (source all) into unstable (Michal Arbet)
[2018-10-07] Accepted nova 2:18.0.1-2 (source all) into unstable (Michal Arbet) (signed by: Thomas Goirand)
[2018-09-25] Accepted nova 2:18.0.1-1 (source all) into unstable (Thomas Goirand)
[2018-09-14] nova REMOVED from testing (Debian testing watch)
[2018-09-05] Accepted nova 2:18.0.0-1 (source all) into unstable (Thomas Goirand)
[2018-08-05] nova 2:17.0.3-13 MIGRATED to testing (Debian testing watch)
[2018-07-30] Accepted nova 2:17.0.3-13 (source all) into unstable (Thomas Goirand)
[2018-06-10] nova 2:17.0.3-12 MIGRATED to testing (Debian testing watch)
[2018-06-05] Accepted nova 2:17.0.3-12 (source all) into unstable (Thomas Goirand)
[2018-06-04] Accepted nova 2:17.0.3-11 (source all) into unstable (Thomas Goirand)
[2018-06-04] Accepted nova 2:17.0.3-10 (source all) into unstable (Thomas Goirand)
[2018-05-30] nova 2:17.0.3-9 MIGRATED to testing (Debian testing watch)
[2018-05-25] Accepted nova 2:17.0.3-9 (source all) into unstable (Thomas Goirand)
[2018-05-22] Accepted nova 2:17.0.3-8 (source all) into unstable (Thomas Goirand)
[2018-05-22] Accepted nova 2:17.0.3-7 (source all) into unstable (Thomas Goirand)
[2018-05-21] nova 2:17.0.3-6 MIGRATED to testing (Debian testing watch)
[2018-05-16] Accepted nova 2:17.0.3-6 (source all) into unstable (Thomas Goirand)
[2018-05-14] Accepted nova 2:17.0.3-5 (source all) into unstable (Thomas Goirand)
[2018-05-10] Accepted nova 2:17.0.3-4 (source all) into unstable (Thomas Goirand)
[2018-05-07] Accepted nova 2:17.0.3-3 (source all) into unstable (Thomas Goirand)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:19.0.0~b1~git2019013113.33aad0fe41-0ubuntu1
31 bugs (4 patches)
patches for 2:19.0.0~b1~git2019013113.33aad0fe41-0ubuntu1