Errata patch for CVE-2014-9684
https://review.openstack.org/157067 
git fetch https://review.openstack.org/openstack/glance refs/changes/67/157067/3 && git format-patch -1 --stdout FETCH_HEAD
Fixed upstream and in a future release.
---
From: Mike Fedosin <[email protected]>
Date: Thu, 18 Sep 2014 18:07:42 +0400
Subject: [PATCH] Initiate deletion of image files if the import was
 interrupted

If the image is deleted by appropriate API call while its content
is still being uploaded in import task in v2, an exception is raised
and it is not handled in the API code. This leads to the fact that
the uploaded image file stays in a storage and clogs it.

There existed code that safely removes image files if the exception
occurs.

SecurityImpact

Conflicts:
    glance/common/scripts/image_import/main.py

Closes-Bug: 1371118
Change-Id: I4f7d1aa103f4ce7abf4026e7097b9e76c24135fa
(cherry picked from commit 7858d4d95154c8596720365e465cca7858cfec5c) 
--- glance-2014.2.2/glance/common/scripts/image_import/main.py
+++ glance-2014.2.2/glance/common/scripts/image_import/main.py
@@ -22,6 +22,7 @@ import six
 from glance.api.v2 import images as v2_api
 from glance.common import exception
 from glance.common.scripts import utils as script_utils
+from glance.common import store_utils
 from glance.common import utils as common_utils
 from glance import i18n
 from glance.openstack.common import excutils
@@ -92,21 +93,30 @@ def import_image(image_repo, image_factory, task_input, task_id, uri):
     new_image = image_repo.get(image_id)
     set_image_data(new_image, uri, None)
 
-    # NOTE: Check if the Image is not deleted after setting the data
-    # before saving the active image. Here if image status is
-    # saving, then new_image is saved as it contains updated location,
-    # size, virtual_size and checksum information and the status of
-    # new_image is already set to active in set_image_data() call.
-    image = image_repo.get(image_id)
-    if image.status == 'saving':
-        image_repo.save(new_image)
-        return image_id
-    else:
-        msg = _LE("The Image %(image_id)s object being created by this task "
-                  "%(task_id)s, is no longer in valid status for further "
-                  "processing." % {"image_id": new_image.image_id,
-                                   "task_id": task_id})
-        raise exception.Conflict(msg)
+    try:
+        # NOTE: Check if the Image is not deleted after setting the data
+        # before saving the active image. Here if image status is
+        # saving, then new_image is saved as it contains updated location,
+        # size, virtual_size and checksum information and the status of
+        # new_image is already set to active in set_image_data() call.
+        image = image_repo.get(image_id)
+        if image.status == 'saving':
+            image_repo.save(new_image)
+            return image_id
+        else:
+            msg = _("The Image %(image_id)s object being created by this task "
+                    "%(task_id)s, is no longer in valid status for further "
+                    "processing.") % {"image_id": image_id,
+                                      "task_id": task_id}
+            raise exception.Conflict(msg)
+    except (exception.Conflict, exception.NotFound):
+        with excutils.save_and_reraise_exception():
+            if new_image.locations:
+                for location in new_image.locations:
+                    store_utils.delete_image_location_from_backend(
+                        new_image.context,
+                        image_id,
+                        location)
 
 
 def create_image(image_repo, image_factory, image_properties, task_id):