[Bug 1656847] Re: neutron security group rules not applied to nova-lxd containers

2017-02-09 Thread BlueT - Matthew Lien - 練喆明
Thanks for the fix! Agree with @tyhicks, it would be nice to have a HowTo for users to fix existing interfaces. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656847 Title: neutron security group

[Bug 1656847] Re: neutron security group rules not applied to nova-lxd containers

2017-02-09 Thread Tyler Hicks
James, I'm going to include a reference to this bug in the USN text with a mention that existing instances will still be affected and that they must be manually updated. Is it possible for you to leave a comment with some more information about how to fix existing interfaces? -- You received

[Bug 1656847] Re: neutron security group rules not applied to nova-lxd containers

2017-02-09 Thread Launchpad Bug Tracker
This bug was fixed in the package nova-lxd - 13.2.0-0ubuntu1.16.04.1 --- nova-lxd (13.2.0-0ubuntu1.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: ensure correct application of security group rules. - d/p/host-device-naming.patch: Cherry pick fix to ensure that the

[Bug 1656847] Re: neutron security group rules not applied to nova-lxd containers

2017-02-09 Thread James Page
Part of 13.1.1 - Marking Fix Released for nova-lxd ** Changed in: nova-lxd Status: In Progress => Fix Committed ** Changed in: nova-lxd Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to

[Bug 1656847] Re: neutron security group rules not applied to nova-lxd containers

2017-02-09 Thread James Page
I've tested the package in the security proposed PPA; it resolves the issue, host veth naming is aligned to neutron's expectation and security group rules are correctly applied. Note that the code changes don't update the host veth name for existing instances; its possible todo this manually

[Bug 1656847] Re: neutron security group rules not applied to nova-lxd containers

2017-02-08 Thread Tyler Hicks
CVE-2017-5936 was assigned: http://openwall.com/lists/oss- security/2017/02/09/3 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-5936 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1656847] Re: neutron security group rules not applied to nova-lxd containers

2017-02-08 Thread Tyler Hicks
CVE request: http://openwall.com/lists/oss-security/2017/02/08/4 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656847 Title: neutron security group rules not applied to nova-lxd containers To

[Bug 1656847] Re: neutron security group rules not applied to nova-lxd containers

2017-02-07 Thread Tyler Hicks
Thanks for the debdiff, James! It looks good to me. I only added one line to the changelog mentioning that a CVE has not yet been assigned. The build log comparison between the patched and unpatched nova-lxd xenial packages looks good. I've uploaded the package to the public security-proposed