Icehouse freeze exception request for a Cinder security bug
Dear Maintainer, One bug [1] about a security issue in Cinder glusterFS code have just been disclosed. The review [2] to fix it have just been pushed according to the proposed disclosure time line. I let you judge if this can be accepted so late. [1] https://bugs.launchpad.net/ossa/+bug/1350504 [2] https://review.openstack.org/125667/ Best Regards, Tristan Cacqueray
+1, it would be good to get this in but it is very late. I've added a +2 to the corrected patch @ https://review.openstack.org/#/c/125710/. I will wait to release 2013.1.3 until later this afternoon, allowing time for the master patch to merge and for the stable/icehouse backport to be approved by another core. On Thu, Oct 2, 2014 at 8:30 AM, Tristan Cacqueray < tristan.cacqueray@enovance.com> wrote:
Dear Maintainer,
One bug [1] about a security issue in Cinder glusterFS code have just been disclosed. The review [2] to fix it have just been pushed according to the proposed disclosure time line.
I let you judge if this can be accepted so late.
[1] https://bugs.launchpad.net/ossa/+bug/1350504 [2] https://review.openstack.org/125667/
Best Regards, Tristan Cacqueray
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
I will give it my +2/+A then. Thanks Adam! On 10/02/2014 12:43 PM, Adam Gandelman wrote:
+1, it would be good to get this in but it is very late. I've added a +2 to the corrected patch @ https://review.openstack.org/#/c/125710/. I will wait to release 2013.1.3 until later this afternoon, allowing time for the master patch to merge and for the stable/icehouse backport to be approved by another core.
On Thu, Oct 2, 2014 at 8:30 AM, Tristan Cacqueray <tristan.cacqueray@enovance.com <mailto:tristan.cacqueray@enovance.com>> wrote:
Dear Maintainer,
One bug [1] about a security issue in Cinder glusterFS code have just been disclosed. The review [2] to fix it have just been pushed according to the proposed disclosure time line.
I let you judge if this can be accepted so late.
[1] https://bugs.launchpad.net/ossa/+bug/1350504 [2] https://review.openstack.org/125667/
Best Regards, Tristan Cacqueray
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org <mailto:Openstack-stable-maint@lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
So we are still waiting on the patch to master to be approved and merge before the backport. I've added a -2 to the backport until that time, unless others think this is a special case and can skip the formality to get this in sooner. On Thu, Oct 2, 2014 at 10:48 AM, Jay S. Bryant < jsbryant@electronicjungle.net> wrote:
I will give it my +2/+A then.
Thanks Adam!
On 10/02/2014 12:43 PM, Adam Gandelman wrote:
+1, it would be good to get this in but it is very late. I've added a +2 to the corrected patch @ https://review.openstack.org/#/c/125710/. I will wait to release 2013.1.3 until later this afternoon, allowing time for the master patch to merge and for the stable/icehouse backport to be approved by another core.
On Thu, Oct 2, 2014 at 8:30 AM, Tristan Cacqueray < tristan.cacqueray@enovance.com> wrote:
Dear Maintainer,
One bug [1] about a security issue in Cinder glusterFS code have just been disclosed. The review [2] to fix it have just been pushed according to the proposed disclosure time line.
I let you judge if this can be accepted so late.
[1] https://bugs.launchpad.net/ossa/+bug/1350504 [2] https://review.openstack.org/125667/
Best Regards, Tristan Cacqueray
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
_______________________________________________ Openstack-stable-maint mailing listOpenstack-stable-maint@lists.openstack.orghttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 02/10/14 21:32, Adam Gandelman wrote:
So we are still waiting on the patch to master to be approved and merge before the backport. I've added a -2 to the backport until that time, unless others think this is a special case and can skip the formality to get this in sooner.
BTW *formally* we should also wait for proposed/juno to merge before pushing into Icehouse.
On Thu, Oct 2, 2014 at 10:48 AM, Jay S. Bryant <jsbryant@electronicjungle.net <mailto:jsbryant@electronicjungle.net>> wrote:
I will give it my +2/+A then.
Thanks Adam!
On 10/02/2014 12:43 PM, Adam Gandelman wrote:
+1, it would be good to get this in but it is very late. I've added a +2 to the corrected patch @ https://review.openstack.org/#/c/125710/. I will wait to release 2013.1.3 until later this afternoon, allowing time for the master patch to merge and for the stable/icehouse backport to be approved by another core.
On Thu, Oct 2, 2014 at 8:30 AM, Tristan Cacqueray <tristan.cacqueray@enovance.com <mailto:tristan.cacqueray@enovance.com>> wrote:
Dear Maintainer,
One bug [1] about a security issue in Cinder glusterFS code have just been disclosed. The review [2] to fix it have just been pushed according to the proposed disclosure time line.
I let you judge if this can be accepted so late.
[1] https://bugs.launchpad.net/ossa/+bug/1350504 [2] https://review.openstack.org/125667/
Best Regards, Tristan Cacqueray
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org <mailto:Openstack-stable-maint@lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
_______________________________________________
Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org <mailto:Openstack-stable-maint@lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org <mailto:Openstack-stable-maint@lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iQEcBAEBCgAGBQJULavKAAoJEC5aWaUY1u57KKEIAJoEq8nzskb43nezHXa6DTA9 XtxtRLqdgNzs9bSlJCWWzo1m+dxR+CO31CMTvUCTT0T8Cc++2m/uEAd9KUvNRYEY bezYD5r3Gh/lJfo/pLcqUah/sMHkA/iTChHH72OGY1ntX61fE+B7HOH7b9a+SR1W bY20eZYVPwBXWeACvta6SBfgSBAb2kZu6ho6Sdad3NbE8yeAz4j/IouQ2xK/r1N9 6t6gU/hGs+CuOCwH76qICu57FbzSE0SOXV/JzXPz+/2EhTJz2aUIqj6Rvy1k9UFg 0oWq9TuZ5/Fqz8a+y5BwJopXOUzVLIFEVSTurHUUW69qXtOXBsoaDmz/8Cjtqt0= =RL6P -----END PGP SIGNATURE-----
On 02/10/14 03:47 PM, Ihar Hrachyshka wrote:
On 02/10/14 21:32, Adam Gandelman wrote:
So we are still waiting on the patch to master to be approved and merge before the backport. I've added a -2 to the backport until that time, unless others think this is a special case and can skip the formality to get this in sooner.
BTW *formally* we should also wait for proposed/juno to merge before pushing into Icehouse.
Well for what it worth, these patches have been pre-approved on the LP ticket, and they are already approved on Gerrit, finally Jenkins just verified this. So if this prevent the patch to be merged in time for the release, in my opinion we should skip the formality. Tristan
2014-10-02 22:19 GMT+02:00 Tristan Cacqueray <tristan.cacqueray@enovance.com>:
On 02/10/14 03:47 PM, Ihar Hrachyshka wrote:
On 02/10/14 21:32, Adam Gandelman wrote:
So we are still waiting on the patch to master to be approved and merge before the backport. I've added a -2 to the backport until that time, unless others think this is a special case and can skip the formality to get this in sooner.
We should always look at the reason for the rules: backport-only-after-merged-on-master rule is to avoid regressions in later releases (fix is not merged on master) or incomplete fix on stable (fix gets changed on master). Neither is the case here, so rule doesn't apply. Let's merge this. Cheers, Alan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 02/10/14 22:19, Tristan Cacqueray wrote:
On 02/10/14 03:47 PM, Ihar Hrachyshka wrote:
On 02/10/14 21:32, Adam Gandelman wrote:
So we are still waiting on the patch to master to be approved and merge before the backport. I've added a -2 to the backport until that time, unless others think this is a special case and can skip the formality to get this in sooner.
BTW *formally* we should also wait for proposed/juno to merge before pushing into Icehouse.
Well for what it worth, these patches have been pre-approved on the LP ticket, and they are already approved on Gerrit, finally Jenkins just verified this.
Yes, it does not apply here specifically. Just mentioning that in face of proposed/juno branches created, we should pay attention to other backport requests for Icehouse to reach Juno branch too since master is now kinda-Kilo.
So if this prevent the patch to be merged in time for the release, in my opinion we should skip the formality.
Tristan
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iQEcBAEBCgAGBQJULmTRAAoJEC5aWaUY1u57qHUH/30MoZ4QX3b9UuXvwFK/VSS2 aCQdQZD7CNpU4vUDTOD25WFyXCtkAYiBRBXBaJ5DZkrOKTl8PMZT8XqpG5Ru6je/ 4x7rzJucOKK5ACSW7Wy+NSlz9Mw3bton8T/FrOAiH6j3nO44io0pOUuohec9+KIC FZAaspQeAQ3ReneBJRd1DpHpNIcypE3kPr35jP03fpwISPYE+Hj2MQgg6rvXNaNm XuE+bWHYCWOi5BwCkuItJgL2+isDzr0mm5tt2DtGA95bTeXEcw0ooxfh9YoGDmqw krmwaNNa6NkrPDyz3eSIfJ8Tvb6LFJiBmeQoNkb3KzU0OchzXN7yWjN9FSE6QQo= =3eom -----END PGP SIGNATURE-----
participants (5)
-
Adam Gandelman
-
Alan Pevec
-
Ihar Hrachyshka
-
Jay S. Bryant
-
Tristan Cacqueray