fix for CVE-2013-2096 for both grizzly and folsom

Package-Manager: portage-2.1.11.62/cvs/Linux x86_64 Manifest-Sign-Key: 0x2471EB3E40AC5AC3
author: Matt Thode <prometheanfire@gentoo.org> 2013-05-17 14:57:57 +0000
committer: Matt Thode <prometheanfire@gentoo.org> 2013-05-17 14:57:57 +0000
commit: 599da6f10d37dbc2c1d7257cd59d1198bed1a50c (patch)
tree: 7c7105ee62efbe1ad3f2e1db395438276bbdafd7 /sys-cluster
parent: Remove media-libs/libcanberra[gtk] mask (bug #468984). (diff)
download: historical-599da6f10d37dbc2c1d7257cd59d1198bed1a50c.tar.gz
historical-599da6f10d37dbc2c1d7257cd59d1198bed1a50c.tar.bz2
historical-599da6f10d37dbc2c1d7257cd59d1198bed1a50c.zip
6 files changed, 243 insertions, 19 deletions
diff --git a/sys-cluster/nova/ChangeLog b/sys-cluster/nova/ChangeLog
index a6ccc993c552..7722c6cc6b15 100644
--- a/sys-cluster/nova/ChangeLog
+++ b/sys-cluster/nova/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for sys-cluster/nova
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.12 2013/05/16 01:11:03 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.13 2013/05/17 14:57:48 prometheanfire Exp $
+
+*nova-2013.1.1-r2 (17 May 2013)
+*nova-2012.2.4-r2 (17 May 2013)
+
+  17 May 2013; Matthew Thode <prometheanfire@gentoo.org>
+  +files/nova-folsom-4-CVE-2013-2096.patch,
+  +files/nova-grizzly-1-CVE-2013-2096.patch, +nova-2012.2.4-r2.ebuild,
+  +nova-2013.1.1-r2.ebuild, -nova-2012.2.4-r1.ebuild, -nova-2013.1.1-r1.ebuild:
+  fix for CVE-2013-2096 for both grizzly and folsom
 
 *nova-2013.1.1-r1 (16 May 2013)
 
diff --git a/sys-cluster/nova/Manifest b/sys-cluster/nova/Manifest
index a46e8504dc52..54a9275669a8 100644
--- a/sys-cluster/nova/Manifest
+++ b/sys-cluster/nova/Manifest
@@ -2,27 +2,29 @@
 Hash: SHA256
 
 AUX nova-folsom-4-CVE-2013-2030.patch 1303 SHA256 55ee950de12d27420762b99514a56075bcaf866eb4352dfc038a56eaa2f458f9 SHA512 1dade2e76f559fed97be0259ab1bf16404ee86fcd2039f1e4df78ecf0ddc9cd2ccd8cbb557f4194bc949bc2d9634abef4939f1fbd564ee73def997ce759f6dc3 WHIRLPOOL 45cef89069302b3d73da205600201620115364a5e4d9dc7c850073aed03baff3a731126308ab2ba75d16677d7e32cd17d780640aa8571a753bf797ae664924d1
+AUX nova-folsom-4-CVE-2013-2096.patch 4545 SHA256 b7203f3d380b3d545259060872933e38d40a53b1e9081ab8b93f623fb2a30115 SHA512 f97c4330f4cd8433b150390f22194e86fccf50ecd9300f1b3692e07e3a8b53ee4ec844f191ea28a75298535c66f11aed77c6cb8fb8624b382a793d05e683bc68 WHIRLPOOL 4460bf65d8bffe03f8a4518a99f81f86f6c2f11ce8c6d1ce6ff03ce836da247dc6c8bed73e875a3b47427970291a10d6f34be5b056c4c7fef505ca2bab0b18ed
+AUX nova-grizzly-1-CVE-2013-2096.patch 4019 SHA256 d20b89067fb63f4d37ebc5c258841c3d18bd9e4e59c455f247f8df1a25973be6 SHA512 e4b80eaf8260765534d1a69c1c3883c794e611ac17acf299443b519c09503f0f063bc2ea1b090e1519e30ef3afa84253ce0e2603a764001556e52c6b09bfc814 WHIRLPOOL 44215c9e48d06976ba372421b5de29083a72172f1f02a84649eecd1dff675ecbdde9be69851ca10fe194346ad750e900c1dafa0ea4be8799c4bf055126bd18e7
 DIST nova-2012.2.4.tar.gz 6286004 SHA256 883a44282514b484a1187c07875834b9c4648555bf20002aceb1d6731ebd0252 SHA512 c05705c7802035232921e7ca9cdcea05571f4771dae573f9364b740553e470d8e4b4e832bf04120c089bad48a75b8493921eefeb28383f70620495a935ad6ec3 WHIRLPOOL 9e8c56b1a66f15f5f6218413e1cd518a0e73f371baea774023a11ad38abccae3e172ec0894fd77f59848685d1993451499916b94c62289d16f57470005e7c123
 DIST nova-2013.1.1.tar.gz 5739118 SHA256 a6bde22f911af202d65a94ee167db567220855e397afac3aeff797f2b225c51c SHA512 b1e65493ed7ea4843dbde1d6afd829fccec0e30c91a996d18c7846aa53fcb663264d4aa4a207f9cce5c7bdb1b342e40928b4f9cbae0467a95d5b515c61655e9e WHIRLPOOL cf032d26a4111336e251755d79f088601032205cd2e63ebd0667fc7b1826f7e6ff664346806434ce01a0a5b4cd44d00d41f98bb45aede5704911fa65f870bac5
-EBUILD nova-2012.2.4-r1.ebuild 2232 SHA256 f00a417aa1af208c849ebff94e077754520324006aef6db14d5d591183182896 SHA512 45d43ffb9f85d22b3a66f3e2985fcf9dfe04509cc8e4802e9f81fa5dadd10268f55a1c7d199b0fe183429a9d0be5649436e6e108f6102e8485e53053d5432792 WHIRLPOOL a26c9fe3fb48fed115aa84f5008536e888fb72653ea4a65d741e326e89bb6879cf578b65371b2ca5383e04410cd5dee6b327683917ee8b416fc19ef8cebf09fc
-EBUILD nova-2013.1.1-r1.ebuild 2595 SHA256 72e3a6b23ec1c2c9af3d602960c250708676908cdf410d843cf5aacb27265433 SHA512 a75012e9626d431987d2b83c2b17f2e9aefd1bcc11d6b18de30d89124deb7cbd7e0e52ac33bd86788b55470e93724337c9f768a96e4f265db5b5b3625665d7b3 WHIRLPOOL b86b5eb531057b3f08e5a852333aedeb1e667fc87897224a11dd240344b88f7e4658471ac4f377c65bf633d623b83c396d66f96ab6f9853cc9d795b310861c18
+EBUILD nova-2012.2.4-r2.ebuild 2281 SHA256 373cc5fc31dcd86a31ba1c7e20e5b41463183e557ad514453cb5e1b2e5804f40 SHA512 29242c5343385ac6e99519553ac8a0759b068e03c12557123f4ebafd850533b39fe97baa27e59439c9cb7babc8e92e3e67579a2ac40ae4f8f87e8c4ddda3573a WHIRLPOOL d434f6d0cf0b2856c9a2f32fa877453e44bfc34b5ec6bbeb67fc6ddc77ebbf48b1dbc748a72de99ddc3b0342313af4348632267a7b8db11bcaa83e520c71281b
+EBUILD nova-2013.1.1-r2.ebuild 2645 SHA256 899ffed8a9b482d31307182fa0fcf1ec0ef0d7d724d6ba6f325d501f4939de53 SHA512 ba642d42977f7d575e469456b95ccb43a5fb1a5cbf58073bee0dd8ea54e91e2574ee4a7c6c727ae17e36df526f3d5fc9b70476932757381fc4e2957703d9e0a9 WHIRLPOOL 7b8e82879478fa2b5e67eff2e826ec5d97ee2e1be390abc3426d4e34730b4e269a06b14a8937ea7a87b7df4e85d5eee211757c213e279df2a14f75340930b8c2
 EBUILD nova-9999.ebuild 2543 SHA256 fba439b8bc02341f3ca6bb827f89cd001b4b60fd913d097dcacc2c2af7e434e9 SHA512 4d50e966b8e092c12634a15c734b38bd83a5552fdb30eeb55d4b8875bac2b3b0c0a03fcc4f122660fe47e49d29827b486e499a0f9fd55b663951980c6be4e150 WHIRLPOOL 5a6239b221ee07ca51f57938f627e290d232c088e13842fb87fab5c596ff88ee3f79a055185c1806a4583df80ffa75c61dc9d98db474ca9dc67e448de83a40c3
-MISC ChangeLog 2783 SHA256 b51063720d7e25a369d651c40b6e3e78228dae5eb74d2a96435f0104b6c223c4 SHA512 d53cdf935a622847e586a44e228b693f254480688021aa70e6a8725a6c86d5d7e57ec34a7d1fda256ac00123dd2a42efa02b15af9f5a0eef9e61011c08cc8b7d WHIRLPOOL c76360a7639625704c78da01fa1f5a7d7c8aa5b73729e133256bc66f4899ec76cdae9db67f7873483f43febbae4a6f1353508ad9b2ad9c51ad45b22dd4003a86
+MISC ChangeLog 3153 SHA256 c896fde2e3cdc5ecad255986b458ce0a98b969e47b618135517ef97a0b4b0fe4 SHA512 d25a1c316963c1c18d1d017add3cad5b5f32787843e31a69360630f8993597ae0e385ed083feaeebeba20422554a358208f6ec03da6d3c84df9c07d6f024623a WHIRLPOOL a23af1f916ce925b3136d4f9b236cb2337f8fe6de8464e3202af283b66f728ef152d3b3b96ae9a1ef682e9a80de224f74646d0197ae6215868ba70302597cb1d
 MISC metadata.xml 407 SHA256 87ac581ad3af018ee16b2c5a8dbc98553ad93fc48bf5cfd62a6f929353049e77 SHA512 4ae00a6fc5411c1795249864317143787b31cb068fb1508f8a1455fd6194254961cca80256e0b437dc131560126cdf5a59d98a5a5064ac49c6e43c1651718a4a WHIRLPOOL 52b178c072593baea26fa3d7e9c06aac003d1a828ffa98de712306f60eeddba92271bc6061d7224a76ac35fa3c1da33213983e998160acf92a6d7027b284bcc0
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
-iQIcBAEBCAAGBQJRlDJrAAoJECRx6z5ArFrDZ7MP/2F2hfBg6Gg7P0IXWEASUf5A
-U6CSL8BIrGNXHH+7UtgA1zKLYaj8mf1YX+FjMFVJoTKXG9JpcP3D32NxEZmGaBEI
-Wd3mKt9c7QdzbAERupFnM8o+Ols3rSVzj3mFqq9MceBvQHLCrRD2pwbW3frS7WvZ
-pDoAXzSwZwr5/islvncaZReyrdCO3seagHcpN//3CPNlq3Muqf8gM9gQMpGfP0r7
-Rt8yux+E9FE3LzkIzRY2B59Bq0+5z4NLX2jpAwPLZwihgQplwL/kG+fiYr9/Jo51
-efROhBzkMp2lTEyVVVlVDVojWZn8clpa79vaNb8h9s3nxvmCD/38EaaI/rlMGWaR
-qE5z3wDdMGc+EfDswH9JH+J9X7aRiZHIXi7PuV5Io+LtkL2wgyAzsceVnI9BdpOb
-RRVpj82IxO2ZdvaLC7Pa9xfo4L6bE+vd3d138ZbJGoGAU+7PJro9trbGtsoEYhYG
-mmdDwZrdvVWzHRSSVgpIRk5Aq9C64qxENHYnQvHDqa+938kGsMPU4taFaQwTR+P9
-aCEDB+HD4Jjnqp5ANQgYs3Sn+NrbbSH/n4+U9l5Xfg9mZUnAzx/wcVD7usomYOaV
-VQpmUQiKsk2FGtvPXWykvrWnYrsn8QcQvytJlXf0V6xuKiTDER+HSdljj+XkzQOz
-Rf4w1E84qSW9i2CjUxqW
-=bFbC
+iQIcBAEBCAAGBQJRlkWuAAoJECRx6z5ArFrDtcAQAMyFPJl6xjY7Ng4k1jRCxnI7
+n23C9hX6GdsFbwa2J4/JqGjwiD1Ci0tRtCuc0+es8lGOsGre/VHPJiPu1V/iGNzY
+XD0mmLGkv3IZ5msJy5LhXdMEHqFPCRNVVPsMwPrOszz4vahs4RB5FTPcx/xsWT2a
+fEtx9okJA9AIIgS3penN5lzfNRAji8st29TXLqdHTXCRimOfEZgtSoVdu2hOTAe1
+tPpquM7Bg6RIROS3GpG12uAzBnumkpw+5wdGBfvCyZGjL3OJ9FgrFjkG3fX2pIPo
+6PNQaXVuJiK0m5l/AiH+Z2YZON55TsZvLicm2urQCZAnLXfp1NA8fNDC5HaLdccW
+2fVEPPg/dS8DDPwr4pk2VmviavafvjyG1cUlOlsukcX4lrp3aTEr//CPbV2tUAlF
+2CcnRLmuH6+cATfpYgEZhpKEccMiA2l4hy5FMQKGaTN8M5HamnTH5u2h9A/4ykl2
+4ObvFZ8VDC+XzdjgwYVduVnGm6KU4R76r0ZrhDCZ4srzTxm0wyuTWGwOPGKghK9h
+xL6cTYC+NNVViGRgDjK6uqEyX6OoF/lhNIqVsrs6amGVF08yL3egZY56Anb4CP+n
+iIdG/ee3hf1E7mD7Std+dk5Si0Ie4dBOQkBzrNLqzmyIvbfFcTHXcOmhG4pVCqNO
+5f87Rowcu9Inm58p+x6X
+=Mt1P
 -----END PGP SIGNATURE-----
diff --git a/sys-cluster/nova/files/nova-folsom-4-CVE-2013-2096.patch b/sys-cluster/nova/files/nova-folsom-4-CVE-2013-2096.patch
new file mode 100644
index 000000000000..304a61f9d20f
--- /dev/null
+++ b/sys-cluster/nova/files/nova-folsom-4-CVE-2013-2096.patch
@@ -0,0 +1,115 @@
+From 6740c4141ea1152529b82cbf6e5b808eaba912e7 Mon Sep 17 00:00:00 2001
+From: Chet Burgess <cfb@metacloud.com>
+Date: Thu, 9 May 2013 09:57:28 +0000
+Subject: [PATCH] Check QCOW2 image size during root disk creation
+
+glance can only tell us the size of the file, not the virtual
+size of the QCOW2. As such we need to check the virtual size of
+the image once its cached and ensure it's <= to the flavor's
+root disk size.
+
+Change-Id: I833467284126557eb598b8350a84e10c06292fa9
+Fixes: bug 1177830
+(cherry picked from commit 44a8aba1d5da87d54db48079103fdef946666d80)
+---
+ nova/tests/test_imagebackend.py   | 18 ++++++++++++++++++
+ nova/virt/libvirt/imagebackend.py | 12 ++++++++++++
+ 2 files changed, 30 insertions(+)
+
+diff --git a/nova/tests/test_imagebackend.py b/nova/tests/test_imagebackend.py
+index f0bb718..da14f20 100644
+--- a/nova/tests/test_imagebackend.py
++++ b/nova/tests/test_imagebackend.py
+@@ -17,6 +17,7 @@
+ 
+ import os
+ 
++from nova import exception
+ from nova import flags
+ from nova import test
+ from nova.tests import fake_libvirt_utils
+@@ -190,7 +191,10 @@ class Qcow2TestCase(_ImageTestCase):
+         fn = self.prepare_mocks()
+         fn(target=self.TEMPLATE_PATH)
+         self.mox.StubOutWithMock(os.path, 'exists')
++        self.mox.StubOutWithMock(imagebackend.disk, 'get_disk_size')
+         os.path.exists(self.QCOW2_BASE).AndReturn(False)
++        imagebackend.disk.get_disk_size(self.TEMPLATE_PATH
++                                       ).AndReturn(self.SIZE)
+         imagebackend.libvirt_utils.copy_image(self.TEMPLATE_PATH,
+                                               self.QCOW2_BASE)
+         imagebackend.disk.extend(self.QCOW2_BASE, self.SIZE)
+@@ -203,11 +207,25 @@ class Qcow2TestCase(_ImageTestCase):
+ 
+         self.mox.VerifyAll()
+ 
++    def test_create_image_too_small(self):
++        self.mox.StubOutWithMock(imagebackend.disk, 'get_disk_size')
++        imagebackend.disk.get_disk_size(self.TEMPLATE_PATH
++                                       ).AndReturn(self.SIZE)
++        self.mox.ReplayAll()
++
++        image = self.image_class(self.INSTANCE, self.NAME)
++        self.assertRaises(exception.ImageTooLarge, image.create_image, None,
++                          self.TEMPLATE_PATH, 1)
++        self.mox.VerifyAll()
++
+     def test_create_image_with_size_template_exists(self):
+         fn = self.prepare_mocks()
+         fn(target=self.TEMPLATE_PATH)
+         self.mox.StubOutWithMock(os.path, 'exists')
++        self.mox.StubOutWithMock(imagebackend.disk, 'get_disk_size')
+         os.path.exists(self.QCOW2_BASE).AndReturn(True)
++        imagebackend.disk.get_disk_size(self.TEMPLATE_PATH
++                                       ).AndReturn(self.SIZE)
+         imagebackend.libvirt_utils.create_cow_image(self.QCOW2_BASE,
+                                                     self.PATH)
+         self.mox.ReplayAll()
+diff --git a/nova/virt/libvirt/imagebackend.py b/nova/virt/libvirt/imagebackend.py
+index 0f2f044..5e7023e 100644
+--- a/nova/virt/libvirt/imagebackend.py
++++ b/nova/virt/libvirt/imagebackend.py
+@@ -19,14 +19,17 @@ import abc
+ import contextlib
+ import os
+ 
++from nova import exception
+ from nova import flags
+ from nova.openstack.common import cfg
+ from nova.openstack.common import excutils
++from nova.openstack.common import log as logging
+ from nova import utils
+ from nova.virt.disk import api as disk
+ from nova.virt.libvirt import config
+ from nova.virt.libvirt import utils as libvirt_utils
+ 
++
+ __imagebackend_opts = [
+     cfg.StrOpt('libvirt_images_type',
+             default='default',
+@@ -46,6 +49,8 @@ __imagebackend_opts = [
+ FLAGS = flags.FLAGS
+ FLAGS.register_opts(__imagebackend_opts)
+ 
++LOG = logging.getLogger(__name__)
++
+ 
+ class Image(object):
+     __metaclass__ = abc.ABCMeta
+@@ -170,6 +175,13 @@ class Qcow2(Image):
+                         disk.extend(qcow2_base, size)
+             libvirt_utils.create_cow_image(qcow2_base, target)
+ 
++        # NOTE(cfb): Having a flavor that sets the root size to 0 and having
++        #            nova effectively ignore that size and use the size of the
++        #            image is considered a feature at this time, not a bug.
++        if size and size < disk.get_disk_size(base):
++            LOG.error('%s virtual size larger than flavor root disk size %s' %
++                      (base, size))
++            raise exception.ImageTooLarge()
+         prepare_template(target=base, *args, **kwargs)
+         with utils.remove_path_on_error(self.path):
+             copy_qcow2_image(base, self.path, size)
+-- 
+1.8.1.5
+
diff --git a/sys-cluster/nova/files/nova-grizzly-1-CVE-2013-2096.patch b/sys-cluster/nova/files/nova-grizzly-1-CVE-2013-2096.patch
new file mode 100644
index 000000000000..5067ca97d77f
--- /dev/null
+++ b/sys-cluster/nova/files/nova-grizzly-1-CVE-2013-2096.patch
@@ -0,0 +1,96 @@
+From a4fc0c800502338e4530cad910efb64a5483e1ea Mon Sep 17 00:00:00 2001
+From: Chet Burgess <cfb@metacloud.com>
+Date: Thu, 9 May 2013 09:57:28 +0000
+Subject: [PATCH] Check QCOW2 image size during root disk creation
+
+glance can only tell us the size of the file, not the virtual
+size of the QCOW2. As such we need to check the virtual size of
+the image once its cached and ensure it's <= to the flavor's
+root disk size.
+
+Change-Id: I833467284126557eb598b8350a84e10c06292fa9
+Fixes: bug 1177830
+(cherry picked from commit 44a8aba1d5da87d54db48079103fdef946666d80)
+---
+ nova/tests/test_imagebackend.py   | 21 +++++++++++++++++++++
+ nova/virt/libvirt/imagebackend.py |  8 ++++++++
+ 2 files changed, 29 insertions(+)
+
+diff --git a/nova/tests/test_imagebackend.py b/nova/tests/test_imagebackend.py
+index d571bbf..4ec36da 100644
+--- a/nova/tests/test_imagebackend.py
++++ b/nova/tests/test_imagebackend.py
+@@ -20,6 +20,7 @@ import os
+ import fixtures
+ from oslo.config import cfg
+ 
++from nova import exception
+ from nova.openstack.common import uuidutils
+ from nova import test
+ from nova.tests import fake_libvirt_utils
+@@ -253,9 +254,12 @@ class Qcow2TestCase(_ImageTestCase, test.TestCase):
+         fn = self.prepare_mocks()
+         fn(target=self.TEMPLATE_PATH)
+         self.mox.StubOutWithMock(os.path, 'exists')
++        self.mox.StubOutWithMock(imagebackend.disk, 'get_disk_size')
+         if self.OLD_STYLE_INSTANCE_PATH:
+             os.path.exists(self.OLD_STYLE_INSTANCE_PATH).AndReturn(False)
+         os.path.exists(self.TEMPLATE_PATH).AndReturn(False)
++        imagebackend.disk.get_disk_size(self.TEMPLATE_PATH
++                                       ).AndReturn(self.SIZE)
+         os.path.exists(self.PATH).AndReturn(False)
+         imagebackend.libvirt_utils.create_cow_image(self.TEMPLATE_PATH,
+                                                     self.PATH)
+@@ -267,6 +271,23 @@ class Qcow2TestCase(_ImageTestCase, test.TestCase):
+ 
+         self.mox.VerifyAll()
+ 
++    def test_create_image_too_small(self):
++        fn = self.prepare_mocks()
++        fn(target=self.TEMPLATE_PATH)
++        self.mox.StubOutWithMock(os.path, 'exists')
++        self.mox.StubOutWithMock(imagebackend.disk, 'get_disk_size')
++        if self.OLD_STYLE_INSTANCE_PATH:
++            os.path.exists(self.OLD_STYLE_INSTANCE_PATH).AndReturn(False)
++        os.path.exists(self.TEMPLATE_PATH).AndReturn(False)
++        imagebackend.disk.get_disk_size(self.TEMPLATE_PATH
++                                       ).AndReturn(self.SIZE)
++        self.mox.ReplayAll()
++
++        image = self.image_class(self.INSTANCE, self.NAME)
++        self.assertRaises(exception.ImageTooLarge, image.create_image, fn,
++                          self.TEMPLATE_PATH, 1)
++        self.mox.VerifyAll()
++
+ 
+ class LvmTestCase(_ImageTestCase, test.TestCase):
+     VG = 'FakeVG'
+diff --git a/nova/virt/libvirt/imagebackend.py b/nova/virt/libvirt/imagebackend.py
+index b6b1b88..2ca71cc 100755
+--- a/nova/virt/libvirt/imagebackend.py
++++ b/nova/virt/libvirt/imagebackend.py
+@@ -21,6 +21,7 @@ import os
+ 
+ from oslo.config import cfg
+ 
++from nova import exception
+ from nova.openstack.common import excutils
+ from nova.openstack.common import fileutils
+ from nova.openstack.common import lockutils
+@@ -255,6 +256,13 @@ class Qcow2(Image):
+ 
+         if not os.path.exists(base):
+             prepare_template(target=base, *args, **kwargs)
++        # NOTE(cfb): Having a flavor that sets the root size to 0 and having
++        #            nova effectively ignore that size and use the size of the
++        #            image is considered a feature at this time, not a bug.
++        if size and size < disk.get_disk_size(base):
++            LOG.error('%s virtual size larger than flavor root disk size %s' %
++                      (base, size))
++            raise exception.ImageTooLarge()
+         if not os.path.exists(self.path):
+             with utils.remove_path_on_error(self.path):
+                 copy_qcow2_image(base, self.path, size)
+-- 
+1.8.1.5
+
diff --git a/sys-cluster/nova/nova-2012.2.4-r1.ebuild b/sys-cluster/nova/nova-2012.2.4-r2.ebuild
index 27086453c574..4fc43413aaaa 100644
--- a/sys-cluster/nova/nova-2012.2.4-r1.ebuild
+++ b/sys-cluster/nova/nova-2012.2.4-r2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2012.2.4-r1.ebuild,v 1.1 2013/05/10 04:11:00 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2012.2.4-r2.ebuild,v 1.1 2013/05/17 14:57:48 prometheanfire Exp $
 
 EAPI=5
 PYTHON_COMPAT=( python2_7 )
@@ -45,6 +45,7 @@ RDEPEND="=dev-python/amqplib-0.6.1
 
 PATCHES=(
 	"${FILESDIR}/nova-folsom-4-CVE-2013-2030.patch"
+	"${FILESDIR}/nova-folsom-4-CVE-2013-2096.patch"
 )
 
 python_install() {
diff --git a/sys-cluster/nova/nova-2013.1.1-r1.ebuild b/sys-cluster/nova/nova-2013.1.1-r2.ebuild
index 848dec859c56..951e1e2a61a6 100644
--- a/sys-cluster/nova/nova-2013.1.1-r1.ebuild
+++ b/sys-cluster/nova/nova-2013.1.1-r2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2013.1.1-r1.ebuild,v 1.1 2013/05/16 01:11:03 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2013.1.1-r2.ebuild,v 1.1 2013/05/17 14:57:48 prometheanfire Exp $
 
 EAPI=5
 PYTHON_COMPAT=( python2_7 )
@@ -53,6 +53,7 @@ RDEPEND=">=dev-python/amqplib-0.6.1[${PYTHON_USEDEP}]
 		virtual/python-argparse[${PYTHON_USEDEP}]"
 
 PATCHES=(
+	"${FILESDIR}/nova-grizzly-1-CVE-2013-2096.patch"
 )
 
 python_install() {
author	Matt Thode <prometheanfire@gentoo.org>	2013-05-17 14:57:57 +0000
committer	Matt Thode <prometheanfire@gentoo.org>	2013-05-17 14:57:57 +0000
commit	599da6f10d37dbc2c1d7257cd59d1198bed1a50c (patch)
tree	7c7105ee62efbe1ad3f2e1db395438276bbdafd7 /sys-cluster
parent	Remove media-libs/libcanberra[gtk] mask (bug #468984). (diff)
download	historical-599da6f10d37dbc2c1d7257cd59d1198bed1a50c.tar.gz historical-599da6f10d37dbc2c1d7257cd59d1198bed1a50c.tar.bz2 historical-599da6f10d37dbc2c1d7257cd59d1198bed1a50c.zip