Add security release note for OSSA-2017-005
Change-Id: I053f1bbc56481bddce8792aa4b5460a55cc0db2d Related-Bug: #1664931
This commit is contained in:
parent
984dd8ad6a
commit
31d28eef95
@ -0,0 +1,13 @@
|
|||||||
|
---
|
||||||
|
security:
|
||||||
|
- |
|
||||||
|
`OSSA-2017-005`_: Nova Filter Scheduler bypass through rebuild action
|
||||||
|
|
||||||
|
By rebuilding an instance, an authenticated user may be able to circumvent
|
||||||
|
the FilterScheduler bypassing imposed filters (for example, the
|
||||||
|
ImagePropertiesFilter or the IsolatedHostsFilter). All setups using the
|
||||||
|
FilterScheduler (or CachingScheduler) are affected.
|
||||||
|
|
||||||
|
The fix is in the `nova-api` and `nova-conductor` services.
|
||||||
|
|
||||||
|
.. _OSSA-2017-005: https://security.openstack.org/ossa/OSSA-2017-005.html
|
Loading…
Reference in New Issue
Block a user