Debian Package Tracker

general

source: nova (main)
version: 2:17.0.3-12
maintainer: Debian OpenStack (archive) [DMD]
uploaders: Thomas Goirand [DMD] – gustavo panizzo [DMD]
arch: all
std-ver: 4.1.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2012.1.1-18
oldstable: 2014.1.3-11
old-bpo: 2:13.1.0-2~bpo8+1
stable: 2:14.0.0-4+deb9u1
stable-sec: 2:14.0.0-4+deb9u1
testing: 2:17.0.3-12
unstable: 2:17.0.3-12

versioned links

2012.1.1-18: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2014.1.3-11: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:13.1.0-2~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:14.0.0-4+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:17.0.3-12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

nova-api
nova-cells
nova-common
nova-compute
nova-compute-ironic
nova-compute-kvm
nova-compute-lxc
nova-compute-qemu
nova-conductor
nova-console
nova-consoleauth
nova-consoleproxy
nova-doc
nova-placement-api
nova-scheduler
nova-volume
python3-nova

action needed

Marked for autoremoval on 23 August due to seqdiag: #903528 high

Version 2:17.0.3-12 of nova is marked for autoremoval from testing on Thu 23 Aug 2018. It depends (transitively) on seqdiag, affected by #903528. You should try to prevent the removal by fixing these RC bugs.

Created: 2018-07-12 Last update: 2018-07-22 20:18

A new upstream version is available: 17.0.5 high

A new upstream version 17.0.5 is available, you should consider packaging it.

Created: 2017-12-19 Last update: 2018-07-22 20:07

Depends on packages which need a new maintainer normal

The packages that nova depends on which need a new maintainer are:

python-tempita (#740534)
- Depends: python3-tempita
pastescript (#740531)
- Depends: python3-pastescript
pygresql (#623685)
- Suggests: python3-pygresql

Created: 2017-12-02 Last update: 2018-07-22 20:15

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-05-21 Last update: 2018-07-22 14:19

A new version is available in the VCS, consider uploading it. normal

vcswatch reports that this package has a new version ready in the VCS. You should consider uploading into the archive.

Created: 2018-06-05 Last update: 2018-07-03 15:58

piuparts found (un)installation error(s) normal

Piuparts stresses package installation, uninstallation, upgrade, ... While doing such tests, one or more errors were found for the following suites:

sid - piuparts

You should fix them.

Created: 2018-05-26 Last update: 2018-05-26 01:48

lintian reports 27 warnings normal

Lintian reports 27 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-11 Last update: 2018-04-11 06:16

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

nova-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2018-07-22 20:19

8 ignored security issues in jessie low

There are 8 open security issues in jessie.

8 issues skipped by the security teams:

CVE-2017-18191: An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.
CVE-2016-2140: The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.
CVE-2015-3241: OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
CVE-2015-5162: The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.
CVE-2015-7713: OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
CVE-2015-3280: OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.
CVE-2015-7548: OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.
CVE-2015-8749: The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.

Please fix them.

Created: 2015-07-12 Last update: 2018-06-10 08:04

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2017-18191: An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.

Please fix it.

Created: 2018-02-20 Last update: 2018-06-10 08:04

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 4.1.3).

Created: 2018-04-16 Last update: 2018-06-05 13:33

news

[rss feed]

[2018-06-10] nova 2:17.0.3-12 MIGRATED to testing (Debian testing watch)
[2018-06-05] Accepted nova 2:17.0.3-12 (source all) into unstable (Thomas Goirand)
[2018-06-04] Accepted nova 2:17.0.3-11 (source all) into unstable (Thomas Goirand)
[2018-06-04] Accepted nova 2:17.0.3-10 (source all) into unstable (Thomas Goirand)
[2018-05-30] nova 2:17.0.3-9 MIGRATED to testing (Debian testing watch)
[2018-05-25] Accepted nova 2:17.0.3-9 (source all) into unstable (Thomas Goirand)
[2018-05-22] Accepted nova 2:17.0.3-8 (source all) into unstable (Thomas Goirand)
[2018-05-22] Accepted nova 2:17.0.3-7 (source all) into unstable (Thomas Goirand)
[2018-05-21] nova 2:17.0.3-6 MIGRATED to testing (Debian testing watch)
[2018-05-16] Accepted nova 2:17.0.3-6 (source all) into unstable (Thomas Goirand)
[2018-05-14] Accepted nova 2:17.0.3-5 (source all) into unstable (Thomas Goirand)
[2018-05-10] Accepted nova 2:17.0.3-4 (source all) into unstable (Thomas Goirand)
[2018-05-07] Accepted nova 2:17.0.3-3 (source all) into unstable (Thomas Goirand)
[2018-05-02] Accepted nova 2:17.0.3-2 (source all) into unstable (Thomas Goirand)
[2018-04-01] nova 2:17.0.0-4 MIGRATED to testing (Debian testing watch)
[2018-03-26] Accepted nova 2:17.0.0-4 (source all) into unstable (Thomas Goirand)
[2018-03-16] nova 2:17.0.0-2 MIGRATED to testing (Debian testing watch)
[2018-03-11] Accepted nova 2:17.0.0-2 (source all) into unstable (Thomas Goirand)
[2018-03-07] Accepted nova 2:17.0.0-1 (source all) into unstable (Thomas Goirand)
[2018-02-27] Accepted nova 2:17.0.0~rc1-2 (source all) into unstable (Thomas Goirand)
[2018-02-26] Accepted nova 2:17.0.0~rc1-1 (source all) into experimental, experimental (Thomas Goirand)
[2018-01-30] nova 2:16.0.3-10 MIGRATED to testing (Debian testing watch)
[2018-01-24] Accepted nova 2:16.0.3-10 (source all) into unstable (Thomas Goirand)
[2017-12-21] nova 2:16.0.3-9 MIGRATED to testing (Debian testing watch)
[2017-12-15] Accepted nova 2:16.0.3-9 (source all) into unstable (Thomas Goirand)
[2017-12-13] Accepted nova 2:16.0.3-8 (source all) into unstable (Thomas Goirand)
[2017-12-12] Accepted nova 2:16.0.3-7 (source all) into unstable (Thomas Goirand)
[2017-12-10] nova 2:16.0.3-6 MIGRATED to testing (Debian testing watch)
[2017-12-09] Accepted nova 2:14.0.0-4+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Thomas Goirand)
[2017-12-07] Accepted nova 2:16.0.3-6 (source all) into unstable (Thomas Goirand)

bugs [bug history graph]

all: 3
RC: 0
I&N: 3
M&W: 0
F&P: 0

links

homepage
lintian (0, 27)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:18.0.0~b2-0ubuntu2
28 bugs (3 patches)
patches for 2:18.0.0~b2-0ubuntu2