bin/nova-manage | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

 fixe path to nova.conf in nova-manage

plugins/xenserver/xenapi/etc/xapi.d/plugins/xenhost | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fixes the path to the xenhost.conf file

nova/tests/test_virt.py | 20 20 + 0 - 0 !
nova/virt/disk/api.py | 71 46 + 25 - 0 !
2 files changed, 66 insertions(+), 25 deletions(-)

---

.gitreview | 1 1 + 0 - 0 !
nova/network/quantum/nova_ipam_lib.py | 19 8 + 11 - 0 !
nova/tests/fake_libvirt_utils.py | 7 6 + 1 - 0 !
nova/tests/test_libvirt.py | 14 9 + 5 - 0 !
nova/version.py | 4 2 + 2 - 0 !
nova/virt/libvirt/connection.py | 8 4 + 4 - 0 !
6 files changed, 30 insertions(+), 23 deletions(-)

---

nova/rootwrap/volume.py | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---

nova/scheduler/filters/affinity_filter.py | 19 11 + 8 - 0 !
1 file changed, 11 insertions(+), 8 deletions(-)

 [patch] use compute_api.get_all in affinity filters.

Updates the affinity filters so they make a single compute API
call to lookup instance host information rather than single
lookups for each UUID.

This resolves a potential performance issue which can cause a
scheduler to hang while processing requests which contain large numbers
of UUID's in the scheduler_hints.

Fixes LP Bug #1017795.

nova/rootwrap/compute.py | 4 4 + 0 - 0 !
nova/tests/test_virt.py | 12 12 + 0 - 0 !
nova/tests/test_xenapi.py | 4 4 + 0 - 0 !
nova/virt/disk/api.py | 4 3 + 1 - 0 !
4 files changed, 23 insertions(+), 1 deletion(-)

 prohibit file injection writing to host filesystem
 This is a refinement of the previous fix in commit 2427d4a,
 which does the file name canonicalization as the root user.
 This is required so that guest images could not for example,
 protect malicious symlinks in a directory only readable by root.

nova/rootwrap/compute.py | 4 2 + 2 - 0 !
nova/rootwrap/network.py | 2 1 + 1 - 0 !
2 files changed, 3 insertions(+), 3 deletions(-)

 fixes path to some binaries in the rootwrap config

nova/compute/api.py | 16 16 + 0 - 0 !
nova/exception.py | 14 14 + 0 - 0 !
2 files changed, 30 insertions(+)

 cve-2013-0208 disallow boot from arbitrary volumes
 Fix a vulnerability in volume attachment in nova-volume, affecting the
 boot-from-volume feature.  By passing a specific volume ID, an
 authenticated user may be able to boot from a volume they don't own,
 potentially resulting in full access to that 3rd-party volume.
Date: Thu, 24 Jan 2013 10:45:19 +0000
Bug-Debian: http://bugs.debian.org/699266
Bug-Ubuntu: https://launchpad.net/bugs/1069904

nova/api/openstack/common.py | 10 5 + 5 - 0 !
nova/api/openstack/compute/contrib/hosts.py | 4 2 + 2 - 0 !
nova/api/openstack/compute/contrib/security_groups.py | 5 2 + 3 - 0 !
nova/api/openstack/compute/servers.py | 5 2 + 3 - 0 !
nova/api/openstack/wsgi.py | 12 6 + 6 - 0 !
nova/tests/test_utils.py | 35 35 + 0 - 0 !
nova/utils.py | 44 44 + 0 - 0 !
7 files changed, 96 insertions(+), 19 deletions(-)

 cve-2013-1664 & cve-2013-1665: add a safe_minidom_parse_string function.
 Jonathan Murray from NCC Group, Joshua Harlow from Yahoo! and Stuart Stent
 independently reported a vulnerability in the parsing of XML requests in
 Keystone, Nova and Cinder. By using entities in XML requests, an
 unauthenticated attacker may consume excessive resources on the Keystone, Nova
 or Cinder API servers, resulting in a denial of service and potentially a
 crash. Authenticated attackers may also leverage XML entities to read the
 content of a local file on the Keystone API server. This only affects servers
 with XML support enabled.
 .
 Adds a new utils.safe_minidom_parse_string function and updates external API
 facing Nova modules to use it. This ensures we have safe defaults on our
 incoming API XML parsing.
 .
 Internally safe_minidom_parse_string uses a ProtectedExpatParser class to
 disable DTDs and entities from being parsed when using minidom.

nova/compute/api.py | 10 10 + 0 - 0 !
nova/compute/manager.py | 4 4 + 0 - 0 !
nova/consoleauth/manager.py | 32 30 + 2 - 0 !
nova/tests/test_compute.py | 41 41 + 0 - 0 !
nova/tests/test_consoleauth.py | 7 7 + 0 - 0 !
5 files changed, 92 insertions(+), 2 deletions(-)

 flush tokens on instance delete
 Force console auth service to flush all tokens associated with an instance
 when it is deleted. This will fix bug 1125378, where the console for the wrong
 instance can be connected to via theconsole if the correct circumstances
 occur. This change also adds a call to validate the token when it is used.
 This check will ensure that all tokens are valid for their target instances.
 Tokens can become scrambled when a compute node is restarted, because the virt
 driver may not assign ports in the same way.
Bug-Debian: http://bugs.debian.org/701773
Bug-Ubuntu: https://launchpad.net/bugs/1125378

nova/consoleauth/manager.py | 21 11 + 10 - 0 !
nova/tests/policy.json | 1 1 + 0 - 0 !
nova/tests/test_compute.py | 25 14 + 11 - 0 !
nova/tests/test_consoleauth.py | 7 5 + 2 - 0 !
4 files changed, 31 insertions(+), 23 deletions(-)

 vnc unit-test fixes

nova/api/openstack/compute/contrib/quotas.py | 5 3 + 2 - 0 !
nova/db/api.py | 6 6 + 0 - 0 !
nova/db/sqlalchemy/api.py | 21 21 + 0 - 0 !
nova/network/manager.py | 6 6 + 0 - 0 !
nova/quota.py | 17 17 + 0 - 0 !
nova/tests/api/openstack/compute/contrib/test_quotas.py | 17 13 + 4 - 0 !
nova/tests/network/test_manager.py | 1 1 + 0 - 0 !
7 files changed, 67 insertions(+), 6 deletions(-)

 cve-2013-1838: nova dos by allocating all fixed ips
 Vish Ishaya reported a vulnerability in Nova where there is no quota for
 Fixed IPs. Previously the instance quota acted as a proxy for a Fixed IP
 quota, but if your configuration allows an instance to consume more than
 one Fixed IP via an extension such as multinic then this is no longer
 true. Running out of Fixed IPs would result in not being able to spawn
 new instances.
 .
 This patch adds quotas for fixed ips.

nova/compute/api.py | 8 5 + 3 - 0 !
nova/consoleauth/manager.py | 9 5 + 4 - 0 !
nova/tests/test_compute.py | 8 5 + 3 - 0 !
3 files changed, 15 insertions(+), 10 deletions(-)

 fixed broken vncproxy flush tokens patch
 This review (https://review.openstack.org/22872) attempted to
 resolve a critical security issue but ended up completely breaking
 the vncproxy. The wrong dict keys were being used for Essex and the
 API calls were incomplete. This patch makes the proxy work again.