All Ubuntu package versions


AllRaringQuantalPreciseOneiricNattyLucidHardyAll PPAs
DashboardRecent Search QueriesSearch Statistics
Alphabetical listSearchBugs
Comments

Package "glance"

Name: glance

Description:

OpenStack Image Registry and Delivery Service - Daemons
Latest version: 2012.2.1-0ubuntu1.2
Release: quantal (12.10)
Level: security
Repository: main
Homepage: http://launchpad.net/glance

Links

Save this URL for the latest version of "glance": http://www.ubuntuupdates.org/glance

All versions of this package Bug fixes
List of files in package Repository home page for package

Download "glance"

All arch deb package APT INSTALL

Other versions of "glance" in Quantal

RepositoryAreaVersion
base universe 2012.2-0ubuntu2
base main 2012.2-0ubuntu2
security universe 2012.2.1-0ubuntu1.2
updates main 2012.2.3-0ubuntu2
updates universe 2012.2.3-0ubuntu2
proposed main 2012.2.4-0ubuntu1
proposed universe 2012.2.4-0ubuntu1

Packages in group

Deleted packages are displayed in grey.

glance-api glance-common glance-registry python-glance python-glance-doc

Change Log

Version: 2012.2.1-0ubuntu1.2 2013-03-14 22:06:33 UTC

  glance (2012.2.1-0ubuntu1.2) quantal-security; urgency=low

  * SECURITY UPDATE: fix information disclosure via Glance v1 API
    - debian/patches/CVE-2013-1840.patch: adjust api/middleware/cache.py to
      not show image_meta['location']
    - CVE-2013-1840
 -- Jamie Strandboge <email address hidden> Wed, 13 Mar 2013 15:39:08 -0500
Source diff to previous version
CVE-2013-1840 Backend credentials leak in Glance v1 API

Version: 2012.2.1-0ubuntu1.1 2013-01-30 00:07:07 UTC

  glance (2012.2.1-0ubuntu1.1) quantal-security; urgency=low

  * SECURITY UPDATE: information disclosure via swift error messages
    - debian/patches/CVE-2013-0212.patch: adjust glance/store/swift.py to
      mot show URLs and credentials in error messages and log output
    - CVE-2013-0212
 -- Jamie Strandboge <email address hidden> Tue, 29 Jan 2013 09:13:09 -0600
Source diff to previous version
CVE-2013-0212 Backend password leak in Glance error message

Version: 2012.2-0ubuntu2.3 2012-11-09 22:06:51 UTC

  glance (2012.2-0ubuntu2.3) quantal-security; urgency=low

  * SECURITY UPDATE: deletion of arbitrary public and shared images via
    authenticated user
    - debian/patches/CVE-2012-4573b.patch: previous patch was incomplete.
      Make corresponding change to glance/api/v2/images.py
    - CVE-2012-4573
  * debian/control: add Build-Depends-Indep on python-chardet. This is needed
    by python-requests to do encoding detection which otherwise fails in the
    new tests introduced in CVE-2012-4573b.patch.
 -- Jamie Strandboge <email address hidden> Fri, 09 Nov 2012 06:53:44 -0600
Source diff to previous version

Version: 2012.2-0ubuntu2.2 2012-11-08 17:06:51 UTC

  glance (2012.2-0ubuntu2.2) quantal-security; urgency=low

  * SECURITY UPDATE: deletion of arbitrary public and shared images via
    authenticated user
    - debian/patches/CVE-2012-4573.patch: adjust glance/api/v1/images.py to
      ensure image is owned by user before delayed_deletion
    - CVE-2012-4573
  * debian/patches/fakeauth-not-always-admin.patch: add required testsuite
    patch in support of the testsuite changes in CVE-2012-4573.patch
 -- Jamie Strandboge <email address hidden> Thu, 08 Nov 2012 07:41:02 -0600


About   -   Changelog   -   Send Feedback
Site Meter