e7cc5efd20
The flake8 hook for pre-commit installs its own flake8 which is not what hacking is pinned to. This results in a bunch of errors. By doing a local hook we can cause these to be the same. There are flake8 exclusions in tox.ini that need to be used in pre-commit. Also we should exclude svg files from the whitespace modifications, because who cares. Once those are fixed, running pre-commit -a fixes some whitespace issues. While the normal use isn't to run -a - if someone does make a patch that touches any of these they'll get erroneous unrelated errors compared to their lower work - so fix all of the existing issues, which are mostly space-at-end-of-line issues it seems. Change-Id: I78e753492e99c03b30a0a691db3bd75ee3d289c9
4.2 KiB
Liberty Series Release Notes
12.0.5
Security Issues
- The qemu-img tool now has resource limits applied which prevent it from using more than 1GB of address space or more than 2 seconds of CPU time. This provides protection against denial of service attacks from maliciously crafted or corrupted disk images. oslo.concurrency>=2.6.1 is required for this fix.
12.0.4
Upgrade Notes
- The
recordconfiguration option for the console proxy services (like VNC, serial, spice) is changed from boolean to string. It specifies the filename that will be used for recording websocket frames.
Bug Fixes
- When plugging virtual interfaces of type vhost-user the MTU value will not be applied to the interface by nova. vhost-user ports exist only in userspace and are not backed by kernel netdevs, for this reason it is not possible to set the mtu on a vhost-user interface using standard tools such as ifconfig or ip link.
12.0.3
Security Issues
- [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140)
12.0.1
Prelude
The 12.0.1 release contains fixes for two security issues.
Security Issues
[OSSA 2016-001] Nova host data leak through snapshot (CVE-2015-7548)
[OSSA 2016-002] Xen connection password leak in logs via StorageError (CVE-2015-8749)
Bug Fixes
Fixes a bug where Nova services won't recover after a temporary DB connection issue, when service group DB driver is used together with local conductor, as the driver only handles RPC timeout errors.
For more info see https://bugs.launchpad.net/nova/+bug/1505471
Fixes a bug where Nova services won't recover after a temporary DB / MQ connection issue, when service group DB driver is used together with remote conductor, as the driver only handles RPC timeout errors and does not account for other types of errors (e.g. wrapped DB errors on the remote conductor transported over RPC)
For more info see https://bugs.launchpad.net/nova/+bug/1517926
Other Notes
- Start using reno to manage release notes.