Ubuntu Cloud Archive

Overview
Code
Bugs
Blueprints
Translations
Answers

Series liberty
Bug #1449062
Comment #78

Comment 78 for bug 1449062

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-09-27: Fix merged to glance (master)

#78

Reviewed: https://review.openstack.org/375526
Committed: https://git.openstack.org/cgit/openstack/glance/commit/?id=69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f
Submitter: Jenkins
Branch: master

commit 69a9b659fd48aa3c1f84fc7bc9ae236b6803d31f
Author: Hemanth Makkapati <email address hidden>
Date: Fri Sep 23 09:29:12 2016 -0500

Adding constraints around qemu-img calls

    * All "qemu-img info" calls are now run under resource limitations
      that limit CPU time to 2 seconds and address space usage to 1 GB.
      This helps avoid any DoS attacks via malicious images.
    * All "qemu-img convert" calls now specify the import format so that
      it does not have to be inferred by qemu-img.

SecurityImpact

Change-Id: Ib900bbc05cb9ccd90c6f56ccb4bf2006e30cdc80
Closes-Bug: #1449062