Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / cd972f6ed0a06fdd682fa7f69b7d15cd5df4e252^! / .
commitcd972f6ed0a06fdd682fa7f69b7d15cd5df4e252[log] [tgz]
authorYaguang Tang <yaguang.tang@vexxhost.com>Tue Jul 09 04:12:05 2024 +0800
committerGitHub <noreply@github.com>Mon Jul 08 20:12:05 2024 +0000
tree31089c8686f30e5945a6ee05cfac065e7bde652c
parentf0342affea156abadf3abbc05649f88bf87b0409 [diff]
[stable/2023.2] OSSA-2024-001 (#1539)

This commit updates  2023.2 stable commit id of Nova,Glance,Cinder Dockerfile to fix OSSA-2024-001 security issue.
diff --git a/images/cinder/Dockerfile b/images/cinder/Dockerfile
index 57663e6..a4a5f2c 100644
--- a/images/cinder/Dockerfile
+++ b/images/cinder/Dockerfile

@@ -4,7 +4,7 @@
 ARG RELEASE
 
 FROM registry.atmosphere.dev/library/openstack-venv-builder:${RELEASE} AS build
-ARG CINDER_GIT_REF=4e00f1b2c1ebf8c819a90c254f62f2552919da7b
+ARG CINDER_GIT_REF=9e667b02b2c20b4ada18c1a472be152956284d45
 ADD --keep-git-dir=true https://opendev.org/openstack/cinder.git#${CINDER_GIT_REF} /src/cinder
 RUN git -C /src/cinder fetch --unshallow
 COPY patches/cinder /patches/cinder

diff --git a/images/glance/Dockerfile b/images/glance/Dockerfile
index 95a5e75..ecf27ef 100644
--- a/images/glance/Dockerfile
+++ b/images/glance/Dockerfile

@@ -4,7 +4,7 @@
 ARG RELEASE
 
 FROM registry.atmosphere.dev/library/openstack-venv-builder:${RELEASE} AS build
-ARG GLANCE_GIT_REF=5e2acc91a4fcc834e3faea3ddb2d0ea13e2af606
+ARG GLANCE_GIT_REF=835c89c711993c51aa8752d96b4c8effa1a97009
 ADD --keep-git-dir=true https://opendev.org/openstack/glance.git#${GLANCE_GIT_REF} /src/glance
 RUN git -C /src/glance fetch --unshallow
 ADD --keep-git-dir=true https://opendev.org/openstack/glance_store.git#stable/2023.2 /src/glance_store

diff --git a/images/nova/Dockerfile b/images/nova/Dockerfile
index 560ed5b..89de834 100644
--- a/images/nova/Dockerfile
+++ b/images/nova/Dockerfile

@@ -4,7 +4,7 @@
 ARG RELEASE
 
 FROM registry.atmosphere.dev/library/openstack-venv-builder:${RELEASE} AS build
-ARG NOVA_GIT_REF=386ab56ed5bde2bc21cbf9a1361cb3700dad8d81
+ARG NOVA_GIT_REF=70a435fd519a0ebcc3ac9ad5254fefbf19c93e48
 ADD --keep-git-dir=true https://opendev.org/openstack/nova.git#${NOVA_GIT_REF} /src/nova
 RUN git -C /src/nova fetch --unshallow
 RUN --mount=type=cache,mode=0755,target=/root/.cache/pip,sharing=private <<EOF bash -xe