[Bug 1847243] Re: Update Octavia-* packages as per OSSA-2019-005 / CVE-2019-17134
Launchpad Bug Tracker
1847243 at bugs.launchpad.net
Wed Oct 9 17:58:59 UTC 2019
This bug was fixed in the package octavia - 5.0.0~rc2-0ubuntu1
---------------
octavia (5.0.0~rc2-0ubuntu1) eoan; urgency=high
* SECURITY UPDATE: New upstream release candidate including
security fix to enforce two-way authentication between
amphora agents and the octavia control plane (LP: #1847243):
- CVE-2019-17134
-- James Page <james.page at ubuntu.com> Wed, 09 Oct 2019 17:23:31 +0100
** Changed in: octavia (Ubuntu Eoan)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847243
Title:
Update Octavia-* packages as per OSSA-2019-005 / CVE-2019-17134
Status in Ubuntu Cloud Archive:
In Progress
Status in Ubuntu Cloud Archive rocky series:
In Progress
Status in Ubuntu Cloud Archive stein series:
In Progress
Status in Ubuntu Cloud Archive train series:
In Progress
Status in octavia package in Ubuntu:
Fix Released
Status in octavia source package in Disco:
In Progress
Status in octavia source package in Eoan:
Fix Released
Bug description:
Octavia packages in cloud-archive/queens, cloud-archive/rocky and
cloud-archive/stein need updating.
Fixes are committed to these versions:
Queens: 2.1.2
Rocky: 3.2.0
Stein: 4.1.0
With backports to:
Pike: Git#2976a7f0f109e17930db8a61136526ead44ea7e5
Ocata: Git#c2fdffc3b748f8007c72e52df257e38756923b40
Reference:
https://security.openstack.org/ossa/OSSA-2019-005.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847243/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list