UbuntuUpdates.org

Package "cinder"

Name: cinder

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Cinder storage service - API server
  • Cinder storage service - Scheduler server
  • Cinder storage service - common files
  • Cinder storage service - Scheduler server

Latest version: 2:24.0.0-0ubuntu1.3
Release: noble (24.04)
Level: security
Repository: main

Links



Other versions of "cinder" in Noble

Repository Area Version
base main 2:24.0.0-0ubuntu1
updates main 2:24.0.0-0ubuntu1.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:24.0.0-0ubuntu1.3 2024-11-07 16:07:03 UTC

  cinder (2:24.0.0-0ubuntu1.3) noble-security; urgency=medium

  * SECURITY REGRESSION: regression due to missing privset handling
  (LP: #2085851)
    - debian/patches/CVE-2024-32498.patch: switch to final upstream patch
      which differs from the patch provided during embargo.

 -- Marc Deslauriers <email address hidden> Mon, 04 Nov 2024 07:16:36 -0500

Source diff to previous version
CVE-2024-32498 An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom

Version: 2:24.0.0-0ubuntu1.2 2024-07-08 15:07:11 UTC

  cinder (2:24.0.0-0ubuntu1.2) noble-security; urgency=medium

  * SECURITY UPDATE: Arbitrary file access via custom QCOW2 external data
    (LP: #2059809)
    - debian/patches/CVE-2024-32498.patch: check for external qcow2 data
      file.
    - debian/control: added qemu-utils to Build-Depends so qemu-img is
      available for new tests.
    - CVE-2024-32498

 -- Marc Deslauriers <email address hidden> Fri, 28 Jun 2024 16:35:39 -0400

CVE-2024-32498 An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom



About   -   Send Feedback to @ubuntu_updates