Add security release note for OSSA-2017-005

Change-Id: I053f1bbc56481bddce8792aa4b5460a55cc0db2d
Related-Bug: #1664931
(cherry picked from commit 31d28eef95)
This commit is contained in:
Matt Riedemann 2017-11-14 15:01:52 -05:00
parent 6b7793b317
commit 3f63d057a6
1 changed files with 13 additions and 0 deletions

View File

@ -0,0 +1,13 @@
---
security:
- |
`OSSA-2017-005`_: Nova Filter Scheduler bypass through rebuild action
By rebuilding an instance, an authenticated user may be able to circumvent
the FilterScheduler bypassing imposed filters (for example, the
ImagePropertiesFilter or the IsolatedHostsFilter). All setups using the
FilterScheduler (or CachingScheduler) are affected.
The fix is in the `nova-api` and `nova-conductor` services.
.. _OSSA-2017-005: https://security.openstack.org/ossa/OSSA-2017-005.html