All Ubuntu package versions


AllRaringQuantalPreciseOneiricNattyLucidHardyAll PPAs
DashboardRecent Search QueriesSearch Statistics
Alphabetical listSearchBugs
Comments

Package "glance"

Name: glance

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • OpenStack Image Registry and Delivery Service - client
Latest version: 2012.2.1-0ubuntu1.2
Release: quantal (12.10)
Level: security
Repository: universe
Homepage: http://launchpad.net/glance

Links

Save this URL for the latest version of "glance": http://www.ubuntuupdates.org/glance

All versions of this package Bug fixes
List of files in package Repository home page for package

Other versions of "glance" in Quantal

RepositoryAreaVersion
base universe 2012.2-0ubuntu2
base main 2012.2-0ubuntu2
security main 2012.2.1-0ubuntu1.2
updates main 2012.2.3-0ubuntu2
updates universe 2012.2.3-0ubuntu2
proposed main 2012.2.4-0ubuntu1
proposed universe 2012.2.4-0ubuntu1

Packages in group

Deleted packages are displayed in grey.

glance-client

Change Log

Version: 2012.2.1-0ubuntu1.2 2013-03-14 22:06:35 UTC

  glance (2012.2.1-0ubuntu1.2) quantal-security; urgency=low

  * SECURITY UPDATE: fix information disclosure via Glance v1 API
    - debian/patches/CVE-2013-1840.patch: adjust api/middleware/cache.py to
      not show image_meta['location']
    - CVE-2013-1840
 -- Jamie Strandboge <email address hidden> Wed, 13 Mar 2013 15:39:08 -0500
Source diff to previous version
CVE-2013-1840 Backend credentials leak in Glance v1 API

Version: 2012.2.1-0ubuntu1.1 2013-01-30 00:07:13 UTC

  glance (2012.2.1-0ubuntu1.1) quantal-security; urgency=low

  * SECURITY UPDATE: information disclosure via swift error messages
    - debian/patches/CVE-2013-0212.patch: adjust glance/store/swift.py to
      mot show URLs and credentials in error messages and log output
    - CVE-2013-0212
 -- Jamie Strandboge <email address hidden> Tue, 29 Jan 2013 09:13:09 -0600
Source diff to previous version
CVE-2013-0212 Backend password leak in Glance error message

Version: 2012.2-0ubuntu2.3 2012-11-09 22:06:51 UTC

  glance (2012.2-0ubuntu2.3) quantal-security; urgency=low

  * SECURITY UPDATE: deletion of arbitrary public and shared images via
    authenticated user
    - debian/patches/CVE-2012-4573b.patch: previous patch was incomplete.
      Make corresponding change to glance/api/v2/images.py
    - CVE-2012-4573
  * debian/control: add Build-Depends-Indep on python-chardet. This is needed
    by python-requests to do encoding detection which otherwise fails in the
    new tests introduced in CVE-2012-4573b.patch.
 -- Jamie Strandboge <email address hidden> Fri, 09 Nov 2012 06:53:44 -0600
Source diff to previous version

Version: 2012.2-0ubuntu2.2 2012-11-08 17:06:52 UTC

  glance (2012.2-0ubuntu2.2) quantal-security; urgency=low

  * SECURITY UPDATE: deletion of arbitrary public and shared images via
    authenticated user
    - debian/patches/CVE-2012-4573.patch: adjust glance/api/v1/images.py to
      ensure image is owned by user before delayed_deletion
    - CVE-2012-4573
  * debian/patches/fakeauth-not-always-admin.patch: add required testsuite
    patch in support of the testsuite changes in CVE-2012-4573.patch
 -- Jamie Strandboge <email address hidden> Thu, 08 Nov 2012 07:41:02 -0600


About   -   Changelog   -   Send Feedback
Site Meter