We are chuffed to announce the release of: cinder 7.0.3: OpenStack Block Storage This release is part of the liberty stable release series. Download the package from: https://tarballs.openstack.org/cinder/ For more details, please see below. 7.0.3 ^^^^^ Security Issues * The qemu-img tool now has resource limits applied which prevent it from using more than 1GB of address space or more than 2 seconds of CPU time. This provides protection against denial of service attacks from maliciously crafted or corrupted disk images. Changes in cinder 7.0.2..7.0.3 ------------------------------ 4295ff0 Check oslo.concurrency supports prlimits 859ce1f Updated from global requirements 455b318 Limit memory & CPU when running qemu-img info ca42539 Updated from global requirements eb2fd29 always use pip constraints 399d4c7 Don't apply config fixture to auth_token.CONF 36aae43 Support https keystone CA checking in volume quotas 41cea9c Updated from global requirements 91c1f70 Updated from global requirements Diffstat (except docs and test files) ------------------------------------- cinder/api/contrib/quotas.py | 7 ++++++- cinder/image/image_utils.py | 22 ++++++++++++++++++++-- cinder/quota_utils.py | 4 ++++ .../apply-limits-to-qemu-img-29f722a1bf4b91f8.yaml | 7 +++++++ requirements.txt | 12 ++++++------ test-requirements.txt | 2 +- tox.ini | 14 +++++++++++++- 9 files changed, 64 insertions(+), 16 deletions(-) Requirements updates -------------------- diff --git a/requirements.txt b/requirements.txt index 3fd4143..0391f60 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7 +7 @@ anyjson>=0.3.3 -Babel>=1.3 +Babel!=2.3.0,!=2.3.1,!=2.3.2,!=2.3.3,>=1.3 # BSD @@ -13 +13 @@ keystonemiddleware!=2.4.0,>=2.0.0 -kombu>=3.0.7 +kombu!=4.0.0,>=3.0.7 # BSD @@ -39 +39 @@ python-novaclient!=2.33.0,>=2.28.1 -python-keystoneclient!=1.8.0,>=1.6.0 +python-keystoneclient!=1.8.0,<3.0.0,>=1.6.0 @@ -44,2 +44,2 @@ retrying!=1.3.0,>=1.2.3 # Apache-2.0 -Routes!=2.0,!=2.1,>=1.12.3;python_version=='2.7' -Routes!=2.0,>=1.12.3;python_version!='2.7' +Routes!=2.0,!=2.1,!=2.3.0,>=1.12.3;python_version=='2.7' # MIT +Routes!=2.0,!=2.3.0,>=1.12.3;python_version!='2.7' # MIT @@ -56 +56 @@ oslo.vmware>=1.16.0 # Apache-2.0 -os-brick>=0.4.0 # Apache-2.0 +os-brick!=1.4.0,>=0.4.0 # Apache-2.0 diff --git a/test-requirements.txt b/test-requirements.txt index 0b37872..7fd0711 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -13 +13 @@ mox3>=0.7.0 -PyMySQL>=0.6.2 # MIT License +PyMySQL!=0.7.7,>=0.6.2 # MIT License