Bug 1381350 – qemu-img calls need to be restricted by ulimit

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1381350 - qemu-img calls need to be restricted by ulimit

Summary:	qemu-img calls need to be restricted by ulimit

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-cinder (Show other bugs)
Sub Component:
Version:	8.0 (Liberty)
Hardware:	Unspecified Unspecified

Priority	unspecified Severity unspecified
Target Milestone:	async
Target Release:	9.0 (Mitaka)
Assigned To:	Eric Harney
QA Contact:	nlevinki
Docs Contact:

URL:
Whiteboard:
Keywords:	Triaged, ZStream

Depends On:
Blocks:	1381682
	Show dependency tree / graph

Reported:	2016-10-03 15:30 EDT by Eric Harney
Modified:	2016-12-07 17:20 EST (History)
CC List:	2 users (show)

See Also:
Fixed In Version:	openstack-cinder-8.1.1-2.el7ost
Doc Type:	If docs needed, set a value
Doc Text:
Story Points:	---
Clone Of:
Clones:	1381682 (view as bug list)
Environment:
Last Closed:	2016-12-07 17:20:52 EST
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Launchpad	1449062	None	None	None	2016-10-03 15:31 EDT
OpenStack gerrit	375625	None	None	None	2016-10-03 15:30 EDT
Red Hat Product Errata	RHSA-2016:2923	normal	SHIPPED_LIVE	Moderate: openstack-cinder and openstack-glance security update	2016-12-07 22:20:01 EST

Groups: None (edit)

Description Eric Harney 2016-10-03 15:30:47 EDT

Similar to bug 1267576 for Nova, qemu-img calls should be restricted by ulimit as a security measure.

Comment 2 nlevinki 2016-12-05 05:17:53 EST

https://rhos-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/RHOS/view/RHOS9/job/qe-phase2-9-rhel-7.3-openstack-all-in-one-neutron-rabbitmq/7/

openstack-cinder-8.1.1-4.el7ost.noarch

Comment 4 errata-xmlrpc 2016-12-07 17:20:52 EST

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2923.html

Note You need to log in before you can comment on or make changes to this bug.