[Openstack-devel] Bug#718905: nova: CVE-2013-2256: Resource limit circumvention in Nova private flavors

Salvatore Bonaccorso carnil at debian.org
Tue Aug 6 19:51:00 UTC 2013

Package: nova
Severity: grave
Tags: security upstream patch


the following vulnerability was published for nova.

Resource limit circumvention in Nova private flavors

More details are given in [1] and [2] which also have patches/commits
for various releases.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] http://security-tracker.debian.org/tracker/CVE-2013-2256
[1] https://bugs.launchpad.net/nova/+bug/1194093
[2] http://marc.info/?l=oss-security&m=137580148109212&w=2

Please adjust the affected versions in the BTS as needed.


More information about the Openstack-devel mailing list