summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatt Riedemann <mriedem.os@gmail.com>2017-11-14 15:01:52 -0500
committerMatt Riedemann <mriedem.os@gmail.com>2017-11-14 15:49:47 -0500
commit3f63d057a64b688b66ff1903c1afc4d97ba6df6d (patch)
treec27ef5bf164d63fcdf0988e02d50f25fbea2efd6
parent6b7793b31721c1434662ac2335cb1a7e394cd39c (diff)
Add security release note for OSSA-2017-00516.0.3
Change-Id: I053f1bbc56481bddce8792aa4b5460a55cc0db2d Related-Bug: #1664931 (cherry picked from commit 31d28eef95ab82bdfce2221cd5633bcf4bc13653)
Notes
Notes (review): Code-Review+2: Dan Smith <dms@danplanet.com> Code-Review+2: Tony Breeds <tony@bakeyournoodle.com> Workflow+1: Tony Breeds <tony@bakeyournoodle.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 14 Nov 2017 22:20:26 +0000 Reviewed-on: https://review.openstack.org/519752 Project: openstack/nova Branch: refs/heads/stable/pike
Diffstat
-rw-r--r--releasenotes/notes/bug-1664931-validate-image-rebuild-9c5b05a001c94a4d.yaml13
1 files changed, 13 insertions, 0 deletions
diff --git a/releasenotes/notes/bug-1664931-validate-image-rebuild-9c5b05a001c94a4d.yaml b/releasenotes/notes/bug-1664931-validate-image-rebuild-9c5b05a001c94a4d.yaml
new file mode 100644
index 0000000..675debe
--- /dev/null
+++ b/releasenotes/notes/bug-1664931-validate-image-rebuild-9c5b05a001c94a4d.yaml
@@ -0,0 +1,13 @@
1---
2security:
3 - |
4 `OSSA-2017-005`_: Nova Filter Scheduler bypass through rebuild action
5
6 By rebuilding an instance, an authenticated user may be able to circumvent
7 the FilterScheduler bypassing imposed filters (for example, the
8 ImagePropertiesFilter or the IsolatedHostsFilter). All setups using the
9 FilterScheduler (or CachingScheduler) are affected.
10
11 The fix is in the `nova-api` and `nova-conductor` services.
12
13 .. _OSSA-2017-005: https://security.openstack.org/ossa/OSSA-2017-005.html \ No newline at end of file
generated by cgit v1.1 at 2018-05-26 09:54:13 +0000