---
prelude: >
  - Glance no longer returns a 500 when 4 byte unicode
    characters are passed to the metadefs API.
  - Deprecated "sign-the-hash" approach for image signing.
    Old run_tests and related scripts have been removed.
upgrade:
  - The image signature verification feature has been
    updated to follow the "sign-the-data" approach, which
    uses a signature of the image data directly. The prior
    deprecated "sign-the-hash" approach, which uses a
    signature of an MD5 hash of the image data, has been
    removed.
security:
  - The initial implementation of the image signature
    verification feature in Glance was insecure, because it
    relied on an MD5 hash of the image data. More details
    can be found in bug 1516031. This "sign-the-hash"
    approach was deprecated in Mitaka, and has been removed
    in Newton. Related CVE-2015-8234.