[release-announce] nova 22.3.0 (victoria)
no-reply at openstack.org
no-reply at openstack.org
Thu Oct 7 10:02:06 UTC 2021
We exuberantly announce the release of:
nova 22.3.0: Cloud computing fabric controller
This release is part of the victoria stable release series.
The source is available from:
https://opendev.org/openstack/nova
Download the package from:
https://tarballs.openstack.org/nova/
Please report issues through:
https://bugs.launchpad.net/nova/+bugs
For more details, please see below.
22.3.0
^^^^^^
Security Issues
***************
* A vulnerability in the console proxies (novnc, serial, spice) that
allowed open redirection has been patched. The novnc, serial, and
spice console proxies are implemented as websockify servers and the
request handler inherits from the python standard
SimpleHTTPRequestHandler. There is a known issue in the
SimpleHTTPRequestHandler which allows open redirects by way of URLs
in the following format:
http://vncproxy.my.domain.com//example.com/%2F..
which if visited, will redirect a user to example.com.
The novnc, serial, and spice console proxies will now reject
requests that pass a redirection URL beginning with "//" with a 400
Bad Request.
(https://bugs.launchpad.net/nova/+bug/1927677)
(https://bugs.python.org/issue32084)
Bug Fixes
*********
* Addressed an issue that prevented instances with 1 vcpu using
multiqueue feature from being created successfully when their
vif_type is TAP.
Changes in nova 22.2.2..22.3.0
------------------------------
9588cdbfd4 address open redirect with 3 forward slashes
aaa56240b0 Fix 1vcpu error with multiqueue and vif_type=tap
1eceeebfb2 Avoid modifying the Mock class in test
7dbceeceef Fix request path to query a resource provider by uuid
94e265f3ca Reduce mocking in test_reject_open_redirect for compat
e238cc9cd6 Allow deletion of compute service with no compute nodes
9efdd0b085 Reproducer unit test for bug 1860312
b7677ae08a Move 'check-cherry-picks' test to gate, n-v check
6305ae491e Allow X-OpenStack-Nova-API-Version header in CORS
6b70350bdc Reject open redirection in the console proxy
Diffstat (except docs and test files)
-------------------------------------
.zuul.yaml | 14 +++++
nova/api/openstack/compute/services.py | 23 ++++++--
nova/cmd/manage.py | 2 +-
nova/console/websocketproxy.py | 18 ++++++
nova/middleware.py | 8 ++-
.../unit/api/openstack/compute/test_services.py | 15 +++++
nova/virt/libvirt/vif.py | 3 +-
.../notes/bug-1939604-547c729b7741831b.yaml | 5 ++
...roxy-reject-open-redirect-4ac0a7895acca7eb.yaml | 19 ++++++
tools/check-cherry-picks.sh | 5 --
tox.ini | 12 +++-
14 files changed, 232 insertions(+), 49 deletions(-)
More information about the Release-announce
mailing list