UbuntuUpdates.org

Package "cinder"

Name: cinder

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Cinder storage service - API server
  • Cinder storage service - Scheduler server
  • Cinder storage service - common files
  • Cinder storage service - Scheduler server

Latest version: 2:20.3.1-0ubuntu1.4
Release: jammy (22.04)
Level: updates
Repository: main

Links



Other versions of "cinder" in Jammy

Repository Area Version
base main 2:20.0.0-0ubuntu1
security main 2:20.3.1-0ubuntu1.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:20.3.1-0ubuntu1.4 2024-07-08 16:07:13 UTC

  cinder (2:20.3.1-0ubuntu1.4) jammy-security; urgency=medium

  * SECURITY UPDATE: Arbitrary file access via custom QCOW2 external data
    (LP: #2059809)
    - debian/patches/CVE-2024-32498.patch: check for external qcow2 data
      file.
    - debian/control: added qemu-utils to Build-Depends so qemu-img is
      available for new tests.
    - CVE-2024-32498

 -- Marc Deslauriers <email address hidden> Fri, 28 Jun 2024 18:00:06 -0400

Source diff to previous version
CVE-2024-32498 An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom

Version: 2:20.3.1-0ubuntu1.2 2024-05-29 00:07:09 UTC

  cinder (2:20.3.1-0ubuntu1.2) jammy; urgency=medium

  [ Jorge Merlino ]
  * Increase size of volume image metadata values to 65535 bytes
    (LP: #1988942)

  [ Heather Lemon ]
  * Start cinder-volume.service after tgt.service started (LP: #1987663)
    - d/cinder-volume.service.conf: drop-in with 'After=' and 'Wants='
      ('Wants=' is not generated by pkgos-gen-systemd-unit currently).
    - d/cinder-volume.install: ship the systemd service drop-in file.

  [ Seyeong Kim ]
  * HPE3PAR: Failing to clone a volume having children (LP: #1994521):
    - d/p/0001-HPE-3PAR-Fix-umanaged-volumes-snapshots-missing.patch
    - d/p/0002-3PAR-Error-out-if-vol-cannot-be-converted-to-base.patch
    - api 4.0.17 is added as it is in the middle of the main patch
      (4.0.18)

 -- Mauricio Faria de Oliveira <email address hidden> Fri, 19 Apr 2024 11:04:46 -0300

Source diff to previous version
1994521 HPE3PAR: Failing to clone a volume having children

Version: 2:20.3.1-0ubuntu1.1 2024-02-23 00:06:55 UTC

  cinder (2:20.3.1-0ubuntu1.1) jammy; urgency=medium

  * Revert driver assisted volume retype (LP: #2019190):
    - d/p/0001-Revert-Driver-assisted-migration-on-retype-when-it-s.patch

 -- Edward Hope-Morley <email address hidden> Fri, 26 Jan 2024 12:26:48 +0000

Source diff to previous version

Version: 2:20.3.1-0ubuntu1 2023-11-22 06:09:07 UTC

  cinder (2:20.3.1-0ubuntu1) jammy; urgency=medium

  * New stable point release for OpenStack Yoga (LP: #2037332).

 -- Corey Bryant <email address hidden> Mon, 25 Sep 2023 16:49:25 -0400

Source diff to previous version

Version: 2:20.3.0-0ubuntu1 2023-08-03 23:07:07 UTC

  cinder (2:20.3.0-0ubuntu1) jammy; urgency=medium

  * New stable point release for OpenStack Yoga (LP: #2025503).
  * d/p/CVE-2023-2088.patch: Dropped. Fixed in point release.

 -- Corey Bryant <email address hidden> Fri, 30 Jun 2023 14:52:48 -0400

2025503 [SRU] yoga stable releases
CVE-2023-2088 OSSA-2023-003: Unauthorized volume access through deleted volume attachments



About   -   Send Feedback to @ubuntu_updates