Jammy package 2:20.3.1-0ubuntu1.4 is missing the upstream privsep pieces
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Cloud Archive |
Invalid
|
Undecided
|
Unassigned | ||
Antelope |
Fix Committed
|
High
|
Unassigned | ||
Bobcat |
Fix Committed
|
Undecided
|
Unassigned | ||
Caracal |
Fix Committed
|
Undecided
|
Unassigned | ||
Ussuri |
New
|
Undecided
|
Unassigned | ||
Yoga |
New
|
Undecided
|
Unassigned | ||
cinder (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Jammy |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Noble |
Fix Released
|
Undecided
|
Marc Deslauriers |
Bug Description
Ubuntu Jammy cinder package version 2:20.3.1-0ubuntu1.4 [1] backported fix [2] for the LP#2059809 [3] (the CVE-2024-32498 fix).
The upstream fix [2] calls the `format_
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
2024-10-28 09:45:28.849 2007342 ERROR oslo_messaging.
[1] https:/
[2] https:/
[3] https:/
[4] https:/
[5] https:/
CVE References
Changed in cloud-archive: | |
status: | New → Invalid |
Changed in cinder (Ubuntu Focal): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
information type: | Public → Public Security |
Changed in cinder (Ubuntu Jammy): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in cinder (Ubuntu Noble): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in cinder (Ubuntu Focal): | |
status: | New → In Progress |
Changed in cinder (Ubuntu Jammy): | |
status: | Triaged → In Progress |
Changed in cinder (Ubuntu Noble): | |
status: | Triaged → In Progress |
description: | updated |
no longer affects: | cloud-archive/dalmation |
This is a regression as a result of the security fix for CVE-2024-32498 - the patch issued original was updated after the embargo lifted and Ubuntu still has the older version of the patch.