On 2024-07-19 23:23:38 +0200 (+0200), Dmitriy Rabotyagov wrote:
Wait, I just started realizing the bugfix ..
So basically all previously uploaded images not in raw format are useless after upgrading so the safe version of cinder/nova? [...]
I'm no expert in Glance matters, but my understanding is that with OSSA-2024-001 fixes in place you can't lie about the kind of image you're uploading. If you upload QCOW2 you must upload it as QCOW2 type and not try to pretend that it's a raw image, or upload an ISO as ISO type and not try to claim that it's raw. If you want to upload a different image type than what the cloud wants you to upload, then Glance should still be able to perform image conversion for you as well. Previously, you could pretend a QCOW2 was raw, and then rely on QEmu's image auto-detection to figure out what it really was, but that's dangerous because QEmu is not intended to be used with untrusted images and some specially-crafted images can be used by an attacker to get copies of arbitrary files off the server where its tools (even the qemu-img executable) are run. Glance now has an image inspection feature which doesn't rely on QEmu itself to determine whether an image is safe enough to hand off to QEmu tools or might be used to root your cloud. -- Jeremy Stanley