58311904a7
* All "qemu-img info" calls are now run under resource limitations that
limit CPU time to 2 seconds and address space usage to 1 GB. This
helps avoid any DoS attacks via malicious images.
* All "qemu-img convert" calls now specify the import format so that it
does not have to be inferred by qemu-img.
SecurityImpact
(Hemanth did all the work on this, I'm just doing the backport.)
Co-authored-by: Hemanth Makkapati <hemanth.makkapati@rackspace.com>
Closes-Bug: #1449062
(cherry picked from commit
|
||
---|---|---|
.. | ||
etc | ||
functional | ||
integration | ||
unit | ||
var | ||
__init__.py | ||
stubs.py | ||
test_hacking.py | ||
utils.py |