CVE-2017-16239 (retired)

Priority
Description
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through
16.0.2, by rebuilding an instance, an authenticated user may be able to
circumvent the Filter Scheduler bypassing imposed filters (for example, the
ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova
Filter Scheduler are affected. Because of the regression described in
Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10,
a 15.x version after 15.0.8, or a 16.x version after 16.0.3.
Notes
 mdeslaur> regression fix: http://www.openwall.com/lists/oss-security/2017/12/05/4
 mdeslaur> This issue is too intrusive to be backported to xenial, we will
 mdeslaur> not be issuing an update for this. Marking as ignored.
Package
Source: nova (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):ignored
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (2:17.0.0~rc2-0ubuntu1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (2:17.0.0~rc2-0ubuntu1)
Ubuntu 19.04 (Disco Dingo):not-affected (2:17.0.0~rc2-0ubuntu1)
More Information

Updated: 2019-03-26 12:25:17 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)