[release-announce] ironic-inspector 8.2.1 (stein)
no-reply at openstack.org
no-reply at openstack.org
Wed May 22 16:23:27 UTC 2019
We are glad to announce the release of:
ironic-inspector 8.2.1: Hardware introspection for OpenStack Bare
Metal
This release is part of the stein stable release series.
The source is available from:
https://opendev.org/openstack/ironic-inspector
Download the package from:
https://tarballs.openstack.org/ironic-inspector/
Please report issues through:
https://storyboard.openstack.org/#!/project/944
For more details, please see below.
8.2.1
^^^^^
Security Issues
* Fixes insufficient input filtering when looking up a node by
information from the introspection data. It could potentially allow
SQL injections via the "/v1/continue" API endpoint. See story
2005678 (https://storyboard.openstack.org/#!/story/2005678) for
details.
Changes in ironic-inspector 8.2.0..8.2.1
----------------------------------------
67ff87e Eliminate SQL injection vulnerability in node_cache
fbd3867 OpenDev Migration Patch
bbd3894 Replace openstack.org git:// URLs with https://
2ee155e Update UPPER_CONSTRAINTS_FILE for stable/stein
42900cc Update .gitreview for stable/stein
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 3 ++-
ironic_inspector/node_cache.py | 15 ++++++---------
ironic_inspector/test/unit/test_node_cache.py | 5 +++++
.../legacy/ironic-inspector-grenade-dsvm/run.yaml | 18 +++++++++---------
.../find-node-input-filtering-e8ea529252e80739.yaml | 7 +++++++
tox.ini | 2 +-
zuul.d/ironic-inspector-jobs.yaml | 2 +-
zuul.d/legacy-ironic-inspector-jobs.yaml | 4 ++--
8 files changed, 33 insertions(+), 23 deletions(-)
More information about the Release-announce
mailing list