glance 2:28.0.1-0ubuntu1.2 source package in Ubuntu

Changelog

glance (2:28.0.1-0ubuntu1.2) noble-security; urgency=medium

  * SECURITY UPDATE: Arbitrary file access via custom QCOW2 external data
    (LP: #2059809)
    - debian/patches/CVE-2024-32498-1.patch: reject qcow files with
      data-file attributes.
    - debian/patches/CVE-2024-32498-2.patch: extend format_inspector for
      QCOW safety.
    - debian/patches/CVE-2024-32498-3.patch: add VMDK safety check.
    - debian/patches/CVE-2024-32498-4.patch: reject unsafe qcow and vmdk
      files.
    - debian/patches/CVE-2024-32498-5.patch: add QED format detection to
      format_inspector.
    - debian/patches/CVE-2024-32498-6.patch: add file format detection to
      format_inspector.
    - debian/patches/CVE-2024-32498-7.patch: add safety check and detection
      support to FI tool.
    - CVE-2024-32498

 -- Marc Deslauriers <email address hidden>  Fri, 28 Jun 2024 16:43:09 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Noble
Original maintainer:
OpenStack Ubuntu packagers
Architectures:
all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Noble updates main net
Noble security main net

Builds

Noble: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
glance_28.0.1.orig.tar.gz 2.0 MiB 69917043111c2925117ead11880742a3d6871c31056625d3731362300605ed23
glance_28.0.1-0ubuntu1.2.debian.tar.xz 29.7 KiB e3566d0de5f1022a64e9f976b1f987d733dbeb2b378a2508484b66e19e06f53c
glance_28.0.1-0ubuntu1.2.dsc 4.5 KiB 3b56dbe56976e8b1343e14829a4bb1fd9adb7060fe05d90f4769e6c63f6ae306

View changes file

Binary packages built by this source

glance: OpenStack Image Registry and Delivery Service - Daemons

 The Glance project provides an image registration and discovery service
 and an image delivery service. These services are used
 in conjunction by Nova to deliver images from object stores, such as
 OpenStack's Swift service, to Nova's compute nodes.
 .
 This package is a metapackage for all glance daemons.

glance-api: OpenStack Image Registry and Delivery Service - API

 The Glance project provides an image registration, discovery and
 delivery service. These services may be used as stand-along services, and
 they may also be used by Nova to deliver images from object stores, such as
 OpenStack's Swift service, to Nova's compute nodes.
 .
 This package contains the glance API server.

glance-common: OpenStack Image Registry and Delivery Service - Common

 The Glance project provides an image registration, discovery and
 delivery service. These services may be used as stand-along services, and
 they may also be used by Nova to deliver images from object stores, such as
 OpenStack's Swift service, to Nova's compute nodes.
 .
 This package contains the glance common.

python-glance-doc: OpenStack Image Registry and Delivery Service - Documentation

 The Glance project provides an image registration and discovery service
 (Parallax) and an image delivery service (Teller). These services are used
 in conjunction by Nova to deliver images from object stores, such as
 OpenStack's Swift service, to Nova's compute nodes.
 .
 This package contains the documentation.

python3-glance: OpenStack Image Registry and Delivery Service - Python 3 library

 The Glance project provides an image registration and discovery service
 and an image delivery service. These services are used
 in conjunction by Nova to deliver images from object stores, such as
 OpenStack's Swift service, to Nova's compute nodes.
 .
 This package contains the Python 3 libraries.