[neutron] Bug deputy report August 24 - 30
Hello: This is the list of bugs in the period from August 24 to August 30. Critical: (none) High: - https://bugs.launchpad.net/neutron/+bug/1892861: [neutron-tempest-plugin] If paramiko SSH client connection fails because of authentication, cannot reconnect (unassigned) - https://bugs.launchpad.net/neutron/+bug/1893314: set neutron quota not take effect (ZhouHeng, https://review.opendev.org/#/c/748578/) Medium: - https://bugs.launchpad.net/neutron/+bug/1892496: 500 on SG deletion: Cannot delete or update a parent row (unassigned) - https://bugs.launchpad.net/neutron/+bug/1888878: Data not present in OVN IDL when requested (fix released) - https://bugs.launchpad.net/neutron/+bug/1892846: AttributeError in l3-agent changing HA router to non-HA (Slawek, https://review.opendev.org/#/c/747922/) Low: - https://bugs.launchpad.net/neutron/+bug/1892741: neutron-sriov-nic-agent cannot be disabled (unassigned) - https://bugs.launchpad.net/neutron/+bug/1893188: [tempest] Randomize subnet CIDR to avoid test clashes (Lajos, https://review.opendev.org/#/c/749041/) Wishlist: - https://bugs.launchpad.net/neutron/+bug/1893625: Implement router gateway IP QoS in OVN backend (zhanghao, https://review.opendev.org/#/c/749012/) Incomplete: - https://bugs.launchpad.net/neutron/+bug/1893015: ping with large package size fails Regards.
Hopefully it's not a lot of additional work, but the VMT would be thrilled if projects would also keep Public Security vulnerability reports in mind and try to wrap up any they can. For example, the Neutron project on Launchpad has 9 currently unresolved, some opened more than 3 years ago: <URL: https://bugs.launchpad.net/neutron/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.information_type%3Alist=PUBLICSECURITY > I'm willing to bet at least a few are either fixed now, related to deprecated/removed functionality, or simply unreproducible. And if they're still real bugs but don't represent an actual exploitable vulnerability, that's good to know too (in which case we'd just switch them to regular Public bugs so the VMT no longer needs to keep track of those). -- Jeremy Stanley
Hi, On Tue, Sep 01, 2020 at 01:17:53PM +0000, Jeremy Stanley wrote:
Hopefully it's not a lot of additional work, but the VMT would be thrilled if projects would also keep Public Security vulnerability reports in mind and try to wrap up any they can. For example, the Neutron project on Launchpad has 9 currently unresolved, some opened more than 3 years ago:
Thx for the link Jeremy. I will check those bugs.
I'm willing to bet at least a few are either fixed now, related to deprecated/removed functionality, or simply unreproducible. And if they're still real bugs but don't represent an actual exploitable vulnerability, that's good to know too (in which case we'd just switch them to regular Public bugs so the VMT no longer needs to keep track of those). -- Jeremy Stanley
-- Slawek Kaplonski Principal software engineer Red Hat
participants (3)
-
Jeremy Stanley
-
Rodolfo Alonso Hernandez
-
Slawek Kaplonski