Merge "Add security release note for OSSA-2017-005" into stable/newton

This commit is contained in:
Zuul 2017-11-16 17:53:32 +00:00 committed by Gerrit Code Review
commit db6e1dd0a0
1 changed files with 13 additions and 0 deletions

View File

@ -0,0 +1,13 @@
---
security:
- |
`OSSA-2017-005`_: Nova Filter Scheduler bypass through rebuild action
By rebuilding an instance, an authenticated user may be able to circumvent
the FilterScheduler bypassing imposed filters (for example, the
ImagePropertiesFilter or the IsolatedHostsFilter). All setups using the
FilterScheduler (or CachingScheduler) are affected.
The fix is in the `nova-api` and `nova-conductor` services.
.. _OSSA-2017-005: https://security.openstack.org/ossa/OSSA-2017-005.html