[OpenStack-Infra] Fwd: CVE References in LPs are messed up after centos feature branch rebase
sgw at linux.intel.com
Fri Dec 13 16:48:21 UTC 2019
Hello Infra team:
Apparently something got messed up with Launchpad and updating a number
of starlingx repos with a feature branch.
I was following the methodology of updating a feature branch with
changes from master via merges and I guess when I pushed that to gerrit
and it merged, it caused some Launchpad ugliness. See email below.
-------- Forwarded Message --------
Subject: CVE References in LPs are messed up after centos feature
Date: Fri, 13 Dec 2019 00:30:26 +0000
From: Khalil, Ghada <Ghada.Khalil at windriver.com>
To: Saul Wold <sgw at linux.intel.com>
The CVE References in about 15 LPs are now messed up after the rebase of
the f-centos8 feature branch. The rebase updated a large # of launchpads
and somehow automatically added CVE references (from a subset of bugs)
to all of them. Any idea what is going on here?
Here are some examples:
Originally had no CVE References. Now it has 3 references.
Originally only had CVE-2018-15686 as a CVE Reference. Now it has all
the recently fixed CVEs linked to this bug.
Snapshot from the full activity log:
Here is the query that shows that all the bugs that were picked up in
the rebase now have CVE links:
*Ghada Khalil*, Manager, Titanium Cloud, *Wind River*
direct 613.270.2273 skype ghada.khalil.ottawa
350 Terry Fox Drive, Suite 200, Kanata, ON K2K 2W5
More information about the OpenStack-Infra