2023.2 Series Release Notes

27.1.0-6

Bug Fixes

  • Bug #2073945: Fixed issue with VM creation in DCN cases with RBD backend where an edge node doesn’t have the store defined which is part of the image locations and the operation fails.

  • Bug #2054575: Fixed the issue when cinder uploads a volume to glance in the optimized path and glance rejects the request with invalid location. Now we convert the old location format sent by cinder into the new location format supported by multi store, hence allowing volumes to be uploaded in an optimized way.

27.1.0

Security Issues

  • Images in the qcow2 format with an external data file are now rejected from glance because such images could be used in an exploit to expose host information. See Bug #2059809 for details.

Bug Fixes

  • Bug #2059809: Fixed issue where a qcow2 format image with an external data file could expose host information. Such an image format with an external data file will be rejected from glance. To achieve the same, format_inspector has been extended by adding safety checks for qcow2 and vmdk files in glance. Unsafe qcow and vmdk files will be rejected by pre-examining them with a format inspector to ensure safe configurations prior to any qemu-img operations.

27.0.0

New Features

  • “GET” images API will now sort image locations based on store weight configured for each store in configuration files. Image will be downloaded from the store having highest weight configured. For default weight scenario the locations will remain same as per insertion order.

Bug Fixes

  • Bug 2007354: duplicate values in compute-host-capabilities.json

  • Bug 1937901: healthcheck middleware should be deployed as app instead of filter

  • Bug 1889664: Image Import ‘web-download’ is broken with py37+