Thanks for the debdiff, James! It looks good to me. I only added one line to the changelog mentioning that a CVE has not yet been assigned.
The build log comparison between the patched and unpatched nova-lxd xenial packages looks good. I've uploaded the package to the public security-proposed PPA: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa The binary packages are being published in the PPA as I type. Please do QA on the nova-lxd packages in the PPA, as they will be copied to xenial-security, and report the results in this bug. Since the fix is public, I'm going to make this bug public and request a CVE on the oss-security list. ** Changed in: nova-lxd (Ubuntu Xenial) Status: Triaged => Confirmed ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656847 Title: neutron security group rules not applied to nova-lxd containers To manage notifications about this bug go to: https://bugs.launchpad.net/nova-lxd/+bug/1656847/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs