18 lines
833 B
YAML
18 lines
833 B
YAML
---
|
|
security:
|
|
- |
|
|
Images in the qcow2 format with an external data file are now
|
|
rejected from glance because such images could be used in an
|
|
exploit to expose host information. See `Bug #2059809
|
|
<https://bugs.launchpad.net/glance/+bug/2059809>`_ for details.
|
|
fixes:
|
|
- |
|
|
`Bug #2059809 <https://bugs.launchpad.net/glance/+bug/2059809>`_:
|
|
Fixed issue where a qcow2 format image with an external data file
|
|
could expose host information. Such an image format with an external
|
|
data file will be rejected from glance. To achieve the same,
|
|
format_inspector has been extended by adding safety checks for qcow2
|
|
and vmdk files in glance. Unsafe qcow and vmdk files will be rejected
|
|
by pre-examining them with a format inspector to ensure safe
|
|
configurations prior to any qemu-img operations.
|