| rajiv_ | Hi, is the today's glance meeting cancelled ? | 14:20 |
|---|---|---|
| opendevreview | Merged openstack/glance stable/victoria: Enforce image safety during image_conversion https://review.opendev.org/c/openstack/glance/+/871623 | 14:48 |
| opendevreview | Pavlo Shchelokovskyy proposed openstack/glance master: Allow easier admin override in policies https://review.opendev.org/c/openstack/glance/+/871826 | 14:56 |
| tobias-urdin | dansmith: would removing vmdk from disk_formats in glance.conf prevent upload/import of vmdk based images to prevent the CVE? | 15:42 |
| dansmith | tobias-urdin: I'd have to look again at the code, but doing that only prevents you from creating an image with disk_format=vmdk, but if you still send it vmdk content, qemu-img will format-detect it unless it's told specifically | 15:43 |
| dansmith | so I'd have to look if we did that before or not | 15:44 |
| dansmith | (I wrote those patches two months ago) | 15:44 |
| dansmith | tobias-urdin: much safer to apply the patch of course | 15:44 |
| tobias-urdin | dansmith: yeah, I was just curious had a question internally about that, but yeah codepath might do the wrong thing even before it's determined to be a vmdk | 15:49 |
| opendevreview | Guillaume Espanel proposed openstack/glance master: Limit CaptureRegion sizes in format_inspector for VMDK and VHDX https://review.opendev.org/c/openstack/glance/+/871831 | 16:04 |
| ges | this ^ should fix another little bug found when digging around VMDK | 16:08 |
| opendevreview | Cyril Roelandt proposed openstack/glance stable/train: Enforce image safety during image_conversion https://review.opendev.org/c/openstack/glance/+/871630 | 17:15 |
| *** EugenMayer42 is now known as EugenMayer4 | 18:12 | |
| *** EugenMayer46 is now known as EugenMayer4 | 19:04 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!