MANIFEST.in | 11 11 + 0 - 0 !
1 file changed, 11 insertions(+)

 install missed files

doc/source/conf.py | 1 0 + 1 - 0 !
1 file changed, 1 deletion(-)

 remove sphinxcontrib.rsvgconverter from doc conf.py

etc/nova/api-paste.ini | 11 8 + 3 - 0 !
1 file changed, 8 insertions(+), 3 deletions(-)

 [patch] add a /healthcheck url

This is useful for operators to configure HAProxy and
for monitoring.

nova/virt/disk/api.py | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 fix exception.novaexception

nova/tests/unit/policies/test_simple_tenant_usage.py | 8 7 + 1 - 0 !
1 file changed, 7 insertions(+), 1 deletion(-)

 fix test_simple_tenant_usage test
 API policy test_simple_tenant_usage test does
 not send the start and end time in request's query
 string. In that case, API set the current time to
 both start and end times. So there is a chance that
 both start and end times can be the same, and Nova
 raises an error:
 - https://github.com/openstack/nova/blob/9e5ad07aeeb9f14eba37e2cdea9377e7af48ef88/nova/api/openstack/compute/simple_tenant_usage.py#L258
Closes-Bug: https://launchpad.net/bugs/2130703

nova/tests/unit/compute/test_compute.py | 3 3 + 0 - 0 !
nova/tests/unit/conductor/tasks/test_cross_cell_migrate.py | 2 2 + 0 - 0 !
nova/tests/unit/db/main/test_api.py | 3 3 + 0 - 0 !
3 files changed, 8 insertions(+)

 fixed failing timebased tests
 If the updates are made on the same second, these unit tests are failing.
 Adding a time.sleep(2) fixes it.

nova/tests/unit/test_matchers.py | 578 60 + 518 - 0 !
1 file changed, 60 insertions(+), 518 deletions(-)

 compat with testtools 2.8.2: testmatchersinterface is removed

nova/tests/unit/virt/libvirt/volume/test_quobyte.py | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 fix test_validate_volume_mount_not_working()

nova/tests/unit/virt/disk/test_api.py | 35 31 + 4 - 0 !
nova/virt/disk/api.py | 16 15 + 1 - 0 !
2 files changed, 46 insertions(+), 5 deletions(-)

 cve-2026-24708/ossa-2026-002: make disk.extend() pass format to qemu-img
 This fixes an instance of us passing a disk image to qemu-img for
 resize where we don't constrain the format. As has previously been
 identified, it is never safe to do that when the image itself is not
 trusted. In this case, an instance with a previously-raw disk image
 being used by imagebackend.Flat is susceptible to the user writing a
 qcow2 (or other) header to their disk causing the unconstrained
 qemu-img resize operation to interpret it as a qcow2 file.
 .
 Since Flat maintains the intended disk format in the disk.info file,
 and since we would have safety-checked images we got from glance,
 we should be able to trust the image.format specifier, which comes
 from driver_format in imagebackend, which is read from disk.info.
 Since only raw or qcow2 files should be resized anyway, we can further
 constrain it to those.
 .
 Notes:
 1. qemu-img refuses to resize some types of VMDK files, but it may
    be able to resize others (there are many subformats). Technically,
    Flat will allow running an instance directly from a VMDK file,
    and so this change _could_ be limiting existing "unintentionally
    works" behavior.
 2. This assumes that disk.info is correct, present, etc. The code to
    handle disk.info will regenerate the file if it's missing or
    unreadable by probing the image without a safety check, which
    would be unsafe. However, that is a much more sophisticated attack,
    requiring either access to the system to delete the file or an
    errant operator action in the first place.