Meta bug for tracking Openstack Stable Updates

Bug #1041120 reported by Adam Gandelman
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
glance (Ubuntu)
Invalid
Undecided
Unassigned
Precise
Fix Released
Undecided
Unassigned
horizon (Ubuntu)
Invalid
Undecided
Unassigned
Precise
Fix Released
Undecided
Unassigned
keystone (Ubuntu)
Invalid
Undecided
Unassigned
Precise
Fix Released
Undecided
Unassigned
nova (Ubuntu)
Invalid
Undecided
Unassigned
Precise
Fix Released
Undecided
Unassigned

Bug Description

This is a meta-bug used for tracking progress of new updates to Nova, Horizon, Keystone, and Glance.

glance 2012.1.3+stable~20120821-120fcf-0ubuntu1
    - Glance add uploads a double image if using ssl and images is smaller
      than 4k. (LP: #1007093)
    - If response.environ is None, instance fails to spawn.
      (LP: #1010560)
    - exception.BadStoreURL exposes sensitive information to end users.
      (LP: #1012268)
    - glance-cache.conf needs metadata encryption key (LP: #1012752)
    - image.upload notification doesn't report size (LP: #1018246)
    - Admins should be able to share image regardless of ownership.
      (LP: #1021054)
    - Glance scrubber date formatting fails with postgres (LP: #1022369)
    - Support zero-size image creation. (LP: #1025353)
    - Image id not contained in swift chunk debug message. (LP: #1028433)
    - qpid_heartbeat setting is ineffective. (LP: #1032314)
    - Image properties that reference image ids are not updated to UUIDs.
      (LP: #975651)
    - Migration 012_id_to_uuid attempts to convert IDs twice for non-sqlite
      databases. (LP: #975655)
    - multiprocess glance-api failed to exit when stopped by ctrl+c.
      (LP: #978130)
    - /usr/bin/glance's built-in pager breaks redirection.
      (LP: #978610)
    - Content-Length and Transfer-Encoding are mutually exclusive HTTP headers
      (LP: #981332)
    - glance add command - incorrect help text (LP: #997565)

nova - 2012.1.3+stable-20120827-4d2a4afe-0ubuntu1
    - [5d63601] Inappropriate exception handling on kvm live/block migration
      (LP: #917615)
    - [ae280ca] Deleted floating ips can cause instance delete to fail
      (LP: #1038266)
    - [86fb736] Libvirt driver reports incorrect error when volume-detach fails
      (LP: #1029463)
    - [272b98d] nova delete lxc-instance umounts the wrong rootfs (LP: #971621)
    - [09217ab] Block storage connections are NOT restored on system reboot
      (LP: #1036902)
    - [d9577ce] CVE-2012-3361 not fully addressed (LP: #1031311)
    - [e8ef050] pycrypto is unused and the existing code is potentially insecure
      to use (LP: #1033178)
    - [3b4ac31] cannot umount guestfs (LP: #1013689)
    - [f8255f3] qpid_heartbeat setting in ineffective (LP: #1030430)
    - [413c641] Deallocation of fixed IP occurs before security group refresh
      leading to potential security issue in error / race conditions
      (LP: #1021352)
    - [219c5ca] Race condition in network/deallocate_for_instance() leads to
      security issue (LP: #1021340)
    - [f2bc403] cleanup_file_locks does not remove stale sentinel files
      (LP: #1018586)
    - [4c7d671] Deleting Flavor currently in use by instance creates error
      (LP: #994935)
    - [7e88e39] nova testsuite errors on newer versions of python-boto (e.g.
      2.5.2) (LP: #1027984)
    - [80d3026] NoMoreFloatingIps: Zero floating ips available after repeatedly
      creating and destroying instances over time (LP: #1017418)
    - [4d74631] Launching with source groups under load produces lazy load error
      (LP: #1018721)
    - [08e5128] API 'v1.1/{tenant_id}/os-hosts' does not return a list of hosts
      (LP: #1014925)
    - [801b94a] Restarting nova-compute removes ip packet filters (LP: #1027105)
    - [f6d1f55] instance live migration should create virtual_size disk image
      (LP: #977007)
    - [4b89b4f] [nova][volumes] Exceeding volumes, gigabytes and floating_ips
      quotas returns general uninformative HTTP 500 error (LP: #1021373)
    - [6e873bc] [nova][volumes] Exceeding volumes, gigabytes and floating_ips
      quotas returns general uninformative HTTP 500 error (LP: #1021373)
    - [7b215ed] Use default qemu-img cluster size in libvirt connection driver
    - [d3a87a2] Listing flavors with marker set returns 400 (LP: #956096)
    - [cf6a85a] nova-rootwrap hardcodes paths instead of using
      /sbin:/usr/sbin:/usr/bin:/bin (LP: #1013147)
    - [2efc87c] affinity filters don't work if scheduler_hints is None
      (LP: #1007573)
    - [48e5f46] metadata injection is broken in xen (LP: #1022036)
    - [25f5bd3] scheduler hang (DOS) possible with
      DifferentHostFilter/SameHostFilter (LP: #1017795)
    - [1c1b858] cannot umount guestfs (LP: #1013689)
    - [835ba4f] not able to get host total memory in xen with libvirt
      (LP: #1004298)
    - [00e5104] Call to network_get_all_by_uuids missing 'db' (LP: #986922)
    - [4c49df7] [nova][volumes] Exceeding volumes, gigabytes and floating_ips
      quotas returns general uninformative HTTP 500 error (LP: #1021373)
    - [19631f3] [nova][volumes] Exceeding volumes quotas logs
      "VolumeSizeTooLarge" instead of "VolumeLimitExceeded" (LP: #1020634)
    - [b0feaff] Remote arbitrary file corruption / creation flaw via injected
      files (LP: #1015531)
    - [3cb6e57] NoMoreFixedIps: Zero fixed ips available. Nova seems leaking
      them. (LP: #1014769)
    - [5d8431b] ram_allocation_ratio does not work (LP: #1016273)
    - [410060f] test_get_console_output_file requires sudo NOPASSWD
      (LP: #992805)
    - [33c2575] Stop/start a KVM instance with volumes attached produces an
      error state (LP: #1013782)
    - [6c01c01] Backport tox settings to unbreak jenkins jobs.
    - [344125f] Set defaultbranch in .gitreview to stable/essex
    - [9b789be] floating ips are not disassociated from instances on deletion
      (LP: #997763)
    - [d89c2f3] qpid timeout causing compute service to crash (LP: #999698)
    - [caae0e9] floating ips do not display in 'nova list' after association to
      instance (LP: #939122)
    - [1dc9f19] impl_qpid doesn't ACK messages (LP: #1012374)
    - [bc621bc] Restarting nova-network removes ip packet filters
      (LP: #1000853)
    - [7870157] Add caching to openstack.common.cfg
    - [27133ee] Firewall rules from nova-compute are not refreshed after host
      reboot (LP: #985162)
    - [3ee026e] Source group based security group rule without protocol and port
      causes failures (LP: #1010514)
    - [f0a9f47] [SRU] dns_domains table mysql charset is 'latin1'. Should be
      'utf8' (LP: #993663)
    - [cc8fd97] euca-describe-keypair NonExistent returns 200 (LP: #1006664)
    - [9f9e9da] Security groups fail to be set correctly if incorrect case is
      used for protocol specification (LP: #985184)

keystone 2012.1+stable~20120608-aff45d6-0ubuntu2
    - Admin API doesn't valid token. (LP: #1006815, #1006822)
    - Memcache token backend eventually stops working. (LP: #1012381)
    - EC2 credentials not migrated from legacy (diablo) database. (LP: #1016056)
    - Deleting tenants or users does not cleanup metadata. (LP: #973243)
    - Deleting tenants does not cleanup its user associations. (LP: #974199)
    - TokenNotFound not raised in testsuite beacuse of timezone issues. (LP: #983800)
    - Token authentication for a user in a disabled tenant does not raise
      Unauthorized error. (LP: #988920)
    - export_legacy_catalog doesn't convert url names correctly. (LP: #994936)
    - Following a password compromise and subsequent password change,
      tokens remain valid. (LP: #996595)
    - Tokens remain valid after a user account is disabled. (LP: #997194)

horizon
  - debian/patches/juju_panel-handle_catalog_exception.patch: Gracefully handle
    missing endpoints in Keystone catalog during Juju environmnets.yaml
    generation. (LP: #1033920)
  - 9b22d6 - Fixed validation check for ICMP rules. (LP: #997669)

Dave Walker (davewalker)
Changed in glance (Ubuntu):
status: New → Fix Released
Changed in glance (Ubuntu Precise):
status: New → Confirmed
Changed in horizon (Ubuntu):
status: New → Fix Released
Changed in horizon (Ubuntu Precise):
status: New → Confirmed
Changed in keystone (Ubuntu):
status: New → Fix Released
Changed in keystone (Ubuntu Precise):
status: New → Confirmed
Changed in nova (Ubuntu):
status: New → Fix Released
Changed in nova (Ubuntu Precise):
status: New → Confirmed
Changed in glance (Ubuntu):
status: Fix Released → Invalid
Changed in horizon (Ubuntu):
status: Fix Released → Invalid
Changed in keystone (Ubuntu):
status: Fix Released → Invalid
Changed in nova (Ubuntu):
status: Fix Released → Invalid
Revision history for this message
Clint Byrum (clint-fewbar) wrote : Please test proposed package

Hello Adam, or anyone else affected,

Accepted glance into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/glance/2012.1.3+stable~20120821-120fcf-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in glance (Ubuntu Precise):
status: Confirmed → Fix Committed
tags: added: verification-needed
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

FYI, these SRU's are being accepted without the normal verification process on the basis that there will be comprehensive regression testing done and documented before moving to -updates. This bug should be used to document the status of said testing.

Changed in horizon (Ubuntu Precise):
status: Confirmed → Fix Committed
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

Hello Adam, or anyone else affected,

Accepted horizon into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/horizon/2012.1.3+stable~20120815-691dd2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in keystone (Ubuntu Precise):
status: Confirmed → Fix Committed
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

Hello Adam, or anyone else affected,

Accepted keystone into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/keystone/2012.1+stable~20120824-a16a0ab9-0ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in nova (Ubuntu Precise):
status: Confirmed → Fix Committed
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

Hello Adam, or anyone else affected,

Accepted nova into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/nova/2012.1.3+stable-20120824-86fb7362-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Adam Gandelman (gandelman-a) wrote :

Now tracking nova - 2012.1.3+stable-20120827-4d2a4afe-0ubuntu1, which supersedes the original upload into precise-proposed and should fix the FTBFS.

description: updated
Revision history for this message
Adam Gandelman (gandelman-a) wrote :

Please find the attached test log from the Ubuntu Server Team's CI infrastructure. As part of the verification process for this bug, the OpenStack components have been deployed and configured across multiple nodes using precise-proposed as an installation source. After successful bring-up and configuration of the cluster, a number of exercises and smoke tests have be invoked to ensure the updated package did not introduce any regressions. A number of test iterations were carried out to catch any possible transient errors.

Please note the list of installed packages at the top and bottom of the report.

For records of upstream test coverage of this update, please see the individual bug reports.

As per the provisional Micro Release Exception granted to this package by the Technical Board, we hope this contributes toward verification of this update.

Revision history for this message
Adam Gandelman (gandelman-a) wrote :
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (5.4 KiB)

This bug was fixed in the package nova - 2012.1.3+stable-20120827-4d2a4afe-0ubuntu1

---------------
nova (2012.1.3+stable-20120827-4d2a4afe-0ubuntu1) precise-proposed; urgency=low

  * New upstream snapshot, fixes FTBFS in -proposed. (LP: #1041120)
  * Resynchronize with stable/essex (4d2a4afe):
    - [5d63601] Inappropriate exception handling on kvm live/block migration
      (LP: #917615)
    - [ae280ca] Deleted floating ips can cause instance delete to fail
      (LP: #1038266)

nova (2012.1.3+stable-20120824-86fb7362-0ubuntu1) precise-proposed; urgency=low

  * New upstream snapshot. (LP: #1041120)
  * Dropped, superseded by new snapshot:
    - debian/patches/CVE-2012-3447.patch: [d9577ce]
    - debian/patches/CVE-2012-3371.patch: [25f5bd3]
    - debian/patches/CVE-2012-3360+3361.patch: [b0feaff]
  * Resynchronize with stable/essex (86fb7362):
    - [86fb736] Libvirt driver reports incorrect error when volume-detach fails
      (LP: #1029463)
    - [272b98d] nova delete lxc-instance umounts the wrong rootfs (LP: #971621)
    - [09217ab] Block storage connections are NOT restored on system reboot
      (LP: #1036902)
    - [d9577ce] CVE-2012-3361 not fully addressed (LP: #1031311)
    - [e8ef050] pycrypto is unused and the existing code is potentially insecure
      to use (LP: #1033178)
    - [3b4ac31] cannot umount guestfs (LP: #1013689)
    - [f8255f3] qpid_heartbeat setting in ineffective (LP: #1030430)
    - [413c641] Deallocation of fixed IP occurs before security group refresh
      leading to potential security issue in error / race conditions
      (LP: #1021352)
    - [219c5ca] Race condition in network/deallocate_for_instance() leads to
      security issue (LP: #1021340)
    - [f2bc403] cleanup_file_locks does not remove stale sentinel files
      (LP: #1018586)
    - [4c7d671] Deleting Flavor currently in use by instance creates error
      (LP: #994935)
    - [7e88e39] nova testsuite errors on newer versions of python-boto (e.g.
      2.5.2) (LP: #1027984)
    - [80d3026] NoMoreFloatingIps: Zero floating ips available after repeatedly
      creating and destroying instances over time (LP: #1017418)
    - [4d74631] Launching with source groups under load produces lazy load error
      (LP: #1018721)
    - [08e5128] API 'v1.1/{tenant_id}/os-hosts' does not return a list of hosts
      (LP: #1014925)
    - [801b94a] Restarting nova-compute removes ip packet filters (LP: #1027105)
    - [f6d1f55] instance live migration should create virtual_size disk image
      (LP: #977007)
    - [4b89b4f] [nova][volumes] Exceeding volumes, gigabytes and floating_ips
      quotas returns general uninformative HTTP 500 error (LP: #1021373)
    - [6e873bc] [nova][volumes] Exceeding volumes, gigabytes and floating_ips
      quotas returns general uninformative HTTP 500 error (LP: #1021373)
    - [7b215ed] Use default qemu-img cluster size in libvirt connection driver
    - [d3a87a2] Listing flavors with marker set returns 400 (LP: #956096)
    - [cf6a85a] nova-rootwrap hardcodes paths instead of using
      /sbin:/usr/sbin:/usr/bin:/bin (LP: #1013147)
    - [2efc87c] affinity filters don't work if scheduler_hints is None
      (LP: #1007573)
  ...

Read more...

Changed in nova (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package keystone - 2012.1+stable~20120824-a16a0ab9-0ubuntu2

---------------
keystone (2012.1+stable~20120824-a16a0ab9-0ubuntu2) precise-proposed; urgency=low

  * New upstream release (LP: #1041120):
    - debian/patches/0013-Flush-tenant-membership-deletion-before-user.patch:
      Dropped.
  * Resynchronize with stable/essex:
    - authenticate in ldap backend doesn't return a list of roles
      (LP: #1035428)
    - LDAP should not check username on "sn" field (LP: #997700)
    - Admin API doesn't valid token. (LP: #1006815, #1006822)
    - Memcache token backend eventually stops working. (LP: #1012381)
    - EC2 credentials not migrated from legacy (diablo) database. (LP: #1016056)
    - Deleting tenants or users does not cleanup metadata. (LP: #973243)
    - Deleting tenants does not cleanup its user associations. (LP: #974199)
    - TokenNotFound not raised in testsuite beacuse of timezone issues. (LP: #983800)
    - Token authentication for a user in a disabled tenant does not raise
      Unauthorized error. (LP: #988920)
    - export_legacy_catalog doesn't convert url names correctly. (LP: #994936)
    - Following a password compromise and subsequent password change,
      tokens remain valid. (LP: #996595)
    - Tokens remain valid after a user account is disabled. (LP: #997194)
 -- Adam Gandelman <email address hidden> Fri, 24 Aug 2012 03:34:59 -0400

Changed in keystone (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Clint Byrum (clint-fewbar) wrote : Update Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package glance - 2012.1.3+stable~20120821-120fcf-0ubuntu1

---------------
glance (2012.1.3+stable~20120821-120fcf-0ubuntu1) precise-proposed; urgency=low

  * New upstream snapshot. (LP: #1041120)
  * Resynchronzie with stable/essex:
    - Glance add uploads a double image if using ssl and images is smaller
      than 4k. (LP: #1007093)
    - If response.environ is None, instance fails to spawn.
      (LP: #1010560)
    - exception.BadStoreURL exposes sensitive information to end users.
      (LP: #1012268)
    - glance-cache.conf needs metadata encryption key (LP: #1012752)
    - image.upload notification doesn't report size (LP: #1018246)
    - Admins should be able to share image regardless of ownership.
      (LP: #1021054)
    - Glance scrubber date formatting fails with postgres (LP: #1022369)
    - Support zero-size image creation. (LP: #1025353)
    - Image id not contained in swift chunk debug message. (LP: #1028433)
    - qpid_heartbeat setting is ineffective. (LP: #1032314)
    - Image properties that reference image ids are not updated to UUIDs.
      (LP: #975651)
    - Migration 012_id_to_uuid attempts to convert IDs twice for non-sqlite
      databases. (LP: #975655)
    - multiprocess glance-api failed to exit when stopped by ctrl+c.
      (LP: #978130)
    - /usr/bin/glance's built-in pager breaks redirection.
      (LP: #978610)
    - Content-Length and Transfer-Encoding are mutually exclusive HTTP headers
      (LP: #981332)
    - glance add command - incorrect help text (LP: #997565)
  * debian/patches/convert_properties_to_uuid.patch: Dropped no longer
    needed.
  * debian/patches/fix-pep8-ubuntu.patch: Dropped no longer needed.
 -- Adam Gandelman <email address hidden> Fri, 24 Jun 2012 03:14:33 -0400

Changed in glance (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package horizon - 2012.1.3+stable~20120815-691dd2-0ubuntu1

---------------
horizon (2012.1.3+stable~20120815-691dd2-0ubuntu1) precise-proposed; urgency=low

  [ Chuck Short ]
  * New upstream release (LP: #1041120):
    - 9b22d6 - Fixed validation check for ICMP rules. (LP: #997669)
  * Dropped:
    - debian/patches/CVE-2012-2094.patch: No longer needed.
    - debian/patches/CVE-2012-2144.patch: No longer needed.

   [ Adam Gandelman ]
   * debian/patches/juju_panel-handle_catalog_exception.patch: Gracefully handle
    missing endpoints in Keystone catalog during Juju environmnets.yaml
    generation. (LP: #1033920)
 -- Adam Gandelman <email address hidden> Tue, 24 Aug 2012 03:27:33 -0500

Changed in horizon (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.