UbuntuUpdates.org

Package "nova-ajax-console-proxy"

Name: nova-ajax-console-proxy

Description:

OpenStack Compute - AJAX console proxy - transitional package
Latest version: 3:27.0.0-0ubuntu1.3
Release: lunar (23.04)
Level: security
Repository: universe
Head package: nova
Homepage: https://launchpad.net/nova

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "nova-ajax-console-proxy"

All arch deb package
APT INSTALL

Other versions of "nova-ajax-console-proxy" in Lunar

Repository Area Version
base universe 3:27.0.0-0ubuntu1
updates universe 3:27.1.0-0ubuntu1

Changelog

Version: 3:27.0.0-0ubuntu1.3 2023-07-24 15:07:22 UTC

  nova (3:27.0.0-0ubuntu1.3) lunar-security; urgency=medium

  * SECURITY UPDATE: Unauthorized File Access (LP: #2021980)
    - debian/patches/CVE-2023-2088-1.patch: Use force=True for os-brick
      disconnect during delete.
    - debian/patches/CVE-2023-2088-2.patch: Enable use of service user
      token with admin context.
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Wed, 31 May 2023 16:32:03 -0400
Source diff to previous version
CVE-2023-2088 OSSA-2023-003: Unauthorized volume access through deleted volume attachments

Version: 3:27.0.0-0ubuntu1.2 2023-05-23 14:07:35 UTC

  nova (3:27.0.0-0ubuntu1.2) lunar-security; urgency=medium

  * SECURITY REGRESSION: Regressions in other projects (LP: #2020111)
    - debian/patches/series: Do not apply CVE-2023-2088.patch until
      patches are ready for all upstream OpenStack projects.
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Thu, 18 May 2023 09:42:49 -0400
Source diff to previous version
CVE-2023-2088 OSSA-2023-003: Unauthorized volume access through deleted volume attachments

Version: 3:27.0.0-0ubuntu1.1 2023-05-11 19:07:20 UTC

  nova (3:27.0.0-0ubuntu1.1) lunar-security; urgency=medium

  * d/gbp.conf: Create stable/2023.1 branch.
  * SECURITY UPDATE: Unauthorized File Access
    - debian/patches/CVE-2023-2088.patch: Use force=True for os-brick
      disconnect during delete.
    - CVE-2023-2088

 -- Corey Bryant <email address hidden> Thu, 04 May 2023 16:25:29 +0200
CVE-2023-2088 OSSA-2023-003: Unauthorized volume access through deleted volume attachments


About   -   Send Feedback to @ubuntu_updates