yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #89426
[Bug 1837877] Fix included in openstack/nova pike-eol
This issue was fixed in the openstack/nova pike-eol release.
** Changed in: nova/pike
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1837877
Title:
[OSSA-2019-003] Nova Server Resource Faults Leak External Exception
Details (CVE-2019-14433)
Status in OpenStack Compute (nova):
Fix Released
Status in OpenStack Compute (nova) ocata series:
Fix Committed
Status in OpenStack Compute (nova) pike series:
Fix Released
Status in OpenStack Compute (nova) queens series:
Fix Committed
Status in OpenStack Compute (nova) rocky series:
Fix Committed
Status in OpenStack Compute (nova) stein series:
Fix Committed
Status in OpenStack Security Advisory:
Fix Released
Bug description:
It would appear Nova is revealing information that may be sensitive in
error messages
http://lists.openstack.org/pipermail/openstack-
infra/2019-July/006426.html
I attempted to hard-reboot it, and it went into an error state. The
initial error in the server status was
{'message': 'Timed out during operation: cannot acquire state change
lock (held by monitor=remoteDispatchDomainCreateWithFlags)', 'code':
500, 'created': '2019-07-25T07:25:25Z'}
After a short period, I tried again and got a different error state
{'message': "internal error: process exited while connecting to
monitor:
lc=,keyid=masterKey0,iv=jHURYcYDkXqGBu4pC24bew==,format=base64 -drive
'file=rbd:volumes/volume-41553c15-6b12-4137-a318-7caf6a9eb44c:id=cinder:auth_supported=cephx\\;none:mon_host=172.24.0.56\\:6789",
'code': 500, 'created': '2019-07-25T07:27:21Z'}
I don't know if this is a setting or a bug. Better to report and close
than not say anything I guess.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1837877/+subscriptions
