UbuntuUpdates.org

Package "ironic"

Name: ironic

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Openstack bare metal provisioning service - API
  • Openstack bare metal provisioning service - daemons
  • Openstack bare metal provisioning service - conductor
  • Openstack bare metal provisioning service - Python 3 library

Latest version: 1:20.1.0-0ubuntu1.2
Release: jammy (22.04)
Level: security
Repository: universe

Links



Other versions of "ironic" in Jammy

Repository Area Version
base universe 1:20.1.0-0ubuntu1
updates universe 1:20.1.0-0ubuntu1.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:20.1.0-0ubuntu1.2 2024-09-04 18:07:00 UTC

  ironic (1:20.1.0-0ubuntu1.2) jammy-security; urgency=medium

  * SECURITY UPDATE: ensure underlying environment details not leaked when a
    maliciously crafted image is used (LP: #2071740).
    - d/p/CVE-2024-44082.patch: Harden all image handling and conversion code.
    - d/control: Add qemu-utils to Build-Depends to allow unit tests to run
      qemu-img.
    - CVE-2024-44082

 -- Felipe Reyes <email address hidden> Tue, 03 Sep 2024 16:09:13 +0100

Source diff to previous version
2071740 [OSSA-2024-003] Unvalidated image data passed to qemu-img (CVE-2024-44082)

Version: 1:20.1.0-0ubuntu1.1 2023-07-24 15:07:07 UTC

  ironic (1:20.1.0-0ubuntu1.1) jammy-security; urgency=medium

  * d/gbp.conf: Create stable/yoga branch.
  * SECURITY UPDATE: Unauthorized File Access (LP: #2021980)
    - debian/patches/CVE-2023-2088.patch: Fix Cinder Integration
      fallout from CVE-2023-2088
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Wed, 31 May 2023 16:16:26 -0400

CVE-2023-2088 OSSA-2023-003: Unauthorized volume access through deleted volume attachments



About   -   Send Feedback to @ubuntu_updates