cc869ec7bb
* This commit updates any formatting, grammatical or other issues
in the release notes for Newton
* It also adds any missing yet important release notes to be part of
the release
Also, this commit standardizes release note page ordering:
* In order to support automatically updating the release notes when we
create stable branches, we want the pages to be in a standard order.
This patch updates the order to be reverse chronological, so the
most recent notes appear at the top. ( Inspired by Change
Ib364dcc8eb31275a31c83b68d7914263b183e393 )
Co-Authored-By: Nikhil Komawar <nik.komawar@gmail.com>
Co-Authored-By: Brian Rosmaita <brian.rosmaita@rackspace.com>
Co-Authored-By: Steve Lewis <stevelle@gmail.com>
Change-Id: I9247feb75d2b1b63eecfc4a750fd2aa070ea874b
21 lines
871 B
YAML
21 lines
871 B
YAML
---
|
|
prelude: >
|
|
- Glance no longer returns a 500 when 4 byte unicode
|
|
characters are passed to the metadefs API.
|
|
- Deprecated "sign-the-hash" approach for image signing.
|
|
Old run_tests and related scripts have been removed.
|
|
upgrade:
|
|
- The image signature verification feature has been
|
|
updated to follow the "sign-the-data" approach, which
|
|
uses a signature of the image data directly. The prior
|
|
deprecated "sign-the-hash" approach, which uses a
|
|
signature of an MD5 hash of the image data, has been
|
|
removed.
|
|
security:
|
|
- The initial implementation of the image signature
|
|
verification feature in Glance was insecure, because it
|
|
relied on an MD5 hash of the image data. More details
|
|
can be found in bug 1516031. This "sign-the-hash"
|
|
approach was deprecated in Mitaka, and has been removed
|
|
in Newton. Related CVE-2015-8234.
|