Package "glance-api"

Name:	glance-api
Description:	OpenStack Image Registry and Delivery Service - API
Latest version:	2:28.0.1-0ubuntu1.2
Release:	noble (24.04)
Level:	updates
Repository:	main
Head package:	glance
Homepage:	https://launchpad.net/glance

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "glance-api"

All arch deb package

APT INSTALL

Other versions of "glance-api" in Noble

Repository	Area	Version
base	main	2:28.0.1-0ubuntu1
security	main	2:28.0.1-0ubuntu1.2

Changelog

Version: 2:28.0.1-0ubuntu1.2 2024-07-08 16:07:22 UTC

glance (2:28.0.1-0ubuntu1.2) noble-security; urgency=medium * SECURITY UPDATE: Arbitrary file access via custom QCOW2 external data (LP: #2059809) - debian/patches/CVE-2024-32498-1.patch: reject qcow files with data-file attributes. - debian/patches/CVE-2024-32498-2.patch: extend format_inspector for QCOW safety. - debian/patches/CVE-2024-32498-3.patch: add VMDK safety check. - debian/patches/CVE-2024-32498-4.patch: reject unsafe qcow and vmdk files. - debian/patches/CVE-2024-32498-5.patch: add QED format detection to format_inspector. - debian/patches/CVE-2024-32498-6.patch: add file format detection to format_inspector. - debian/patches/CVE-2024-32498-7.patch: add safety check and detection support to FI tool. - CVE-2024-32498 -- Marc Deslauriers <email address hidden> Fri, 28 Jun 2024 16:43:09 -0400

CVE-2024-32498

An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom

About - Send Feedback to @ubuntu_updates

Package "glance-api"

Links

Download "glance-api"

Other versions of "glance-api" in Noble

Changelog

Share this page

Bookmarks

Latest updates

security

proposed

updates

PPA updates