SUSE-SU-2015:2219-1: moderate: Security update for openstack-nova

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Dec 7 11:10:32 MST 2015


   SUSE Security Update: Security update for openstack-nova
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:2219-1
Rating:             moderate
References:         #927625 #935017 #942457 #944178 #945923 #949070 
                    #949529 
Cross-References:   CVE-2015-3241 CVE-2015-3280 CVE-2015-7713
                   
Affected Products:
                    SUSE OpenStack Cloud 5
______________________________________________________________________________

   An update that solves three vulnerabilities and has four
   fixes is now available.

Description:


   This update for openstack-nova provides various fixes and improvements:

   - Fix regression where launched instances in tenants not visible for other
     users. (bsc#927625)
   - Remove error messages from multipath command output before parsing.
     (bsc#949529)
   - Fix live-migration usage of the wrong connector information.
   - Added requirement for memcached to python-nova. (bsc#942457)
   - Don't expect meta attributes in object_compat that aren't in the db obj.
     (bsc#949070, CVE-2015-7713)
   - Delete orphaned instance files from compute nodes (bsc#944178,
     CVE-2015-3280)
   - Kill rsync/scp processes before deleting instance. (bsc#935017,
     CVE-2015-3241)
   - Sync process utils from oslo for execute callbacks. (bsc#935017,
     CVE-2015-3241)
   - Fix rebuild of an instance with a volume attached.
   - Fixes _cleanup_rbd code to capture ImageBusy exception.
   - Don't try to confine a non-NUMA instance.
   - Include blank volumes in the block device mapping (bsc#945923)


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 5:

      zypper in -t patch sleclo50sp3-openstack-nova-12253=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE OpenStack Cloud 5 (x86_64):

      openstack-nova-2014.2.4~a0~dev80-20.1
      openstack-nova-api-2014.2.4~a0~dev80-20.1
      openstack-nova-cells-2014.2.4~a0~dev80-20.1
      openstack-nova-cert-2014.2.4~a0~dev80-20.1
      openstack-nova-compute-2014.2.4~a0~dev80-20.1
      openstack-nova-conductor-2014.2.4~a0~dev80-20.1
      openstack-nova-console-2014.2.4~a0~dev80-20.1
      openstack-nova-consoleauth-2014.2.4~a0~dev80-20.1
      openstack-nova-novncproxy-2014.2.4~a0~dev80-20.1
      openstack-nova-objectstore-2014.2.4~a0~dev80-20.1
      openstack-nova-scheduler-2014.2.4~a0~dev80-20.1
      openstack-nova-serialproxy-2014.2.4~a0~dev80-20.1
      openstack-nova-vncproxy-2014.2.4~a0~dev80-20.1
      python-nova-2014.2.4~a0~dev80-20.1

   - SUSE OpenStack Cloud 5 (noarch):

      openstack-nova-doc-2014.2.4~a0~dev80-20.1


References:

   https://www.suse.com/security/cve/CVE-2015-3241.html
   https://www.suse.com/security/cve/CVE-2015-3280.html
   https://www.suse.com/security/cve/CVE-2015-7713.html
   https://bugzilla.suse.com/927625
   https://bugzilla.suse.com/935017
   https://bugzilla.suse.com/942457
   https://bugzilla.suse.com/944178
   https://bugzilla.suse.com/945923
   https://bugzilla.suse.com/949070
   https://bugzilla.suse.com/949529



More information about the sle-security-updates mailing list