We are ecstatic to announce the release of: nova 14.0.10: Cloud computing fabric controller This release is part of the newton release series. Download the package from: https://tarballs.openstack.org/nova/ For more details, please see below. 14.0.10 ^^^^^^^ Security Issues * OSSA-2017-005: Nova Filter Scheduler bypass through rebuild action By rebuilding an instance, an authenticated user may be able to circumvent the FilterScheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using the FilterScheduler (or CachingScheduler) are affected. The fix is in the *nova-api* and *nova-conductor* services. (https://security.openstack.org/ossa/OSSA-2017-005.html) Changes in nova 14.0.9..14.0.10 ------------------------------- 698b261 Add security release note for OSSA-2017-005 97a51d9 Validate new image via scheduler during rebuild d7ac5d9 Fix non-parameterized service id in hypervisors sample tests 6ce8bca Pass requested_destination in filter_properties 6b7b4aa Set group_members when converting to legacy request spec 86ea9b8 Correct log message when removing a security group 3209410 Functional regression test for evacuate with a target Diffstat (except docs and test files) ------------------------------------- nova/compute/api.py | 17 ++- nova/conductor/manager.py | 6 +- nova/network/security_group/neutron_driver.py | 4 +- nova/objects/request_spec.py | 10 +- .../hypervisors-detail-resp.json.tpl | 2 +- .../os-hypervisors/hypervisors-show-resp.json.tpl | 2 +- .../v2.28/hypervisors-detail-resp.json.tpl | 2 +- .../v2.28/hypervisors-show-resp.json.tpl | 2 +- .../functional/regressions/test_bug_1702454.py | 155 +++++++++++++++++++++ .../functional/regressions/test_bug_1719730.py | 125 +++++++++++++++++ ...31-validate-image-rebuild-9c5b05a001c94a4d.yaml | 13 ++ 18 files changed, 498 insertions(+), 20 deletions(-)