UbuntuUpdates.org

Package "ironic-common"

Name: ironic-common

Description:

Openstack bare metal provisioning service - daemons

Latest version: 1:20.1.0-0ubuntu1.2
Release: jammy (22.04)
Level: security
Repository: universe
Head package: ironic

Links


Download "ironic-common"


Other versions of "ironic-common" in Jammy

Repository Area Version
base universe 1:20.1.0-0ubuntu1
updates universe 1:20.1.0-0ubuntu1.2

Changelog

Version: 1:20.1.0-0ubuntu1.2 2024-09-04 18:07:00 UTC

  ironic (1:20.1.0-0ubuntu1.2) jammy-security; urgency=medium

  * SECURITY UPDATE: ensure underlying environment details not leaked when a
    maliciously crafted image is used (LP: #2071740).
    - d/p/CVE-2024-44082.patch: Harden all image handling and conversion code.
    - d/control: Add qemu-utils to Build-Depends to allow unit tests to run
      qemu-img.
    - CVE-2024-44082

 -- Felipe Reyes <email address hidden> Tue, 03 Sep 2024 16:09:13 +0100

Source diff to previous version
2071740 [OSSA-2024-003] Unvalidated image data passed to qemu-img (CVE-2024-44082)

Version: 1:20.1.0-0ubuntu1.1 2023-07-24 15:07:07 UTC

  ironic (1:20.1.0-0ubuntu1.1) jammy-security; urgency=medium

  * d/gbp.conf: Create stable/yoga branch.
  * SECURITY UPDATE: Unauthorized File Access (LP: #2021980)
    - debian/patches/CVE-2023-2088.patch: Fix Cinder Integration
      fallout from CVE-2023-2088
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Wed, 31 May 2023 16:16:26 -0400

CVE-2023-2088 OSSA-2023-003: Unauthorized volume access through deleted volume attachments



About   -   Send Feedback to @ubuntu_updates