SUSE-SU-2015:1890-1: Security update for openstack-neutron and crowbar-barclamp-neutron
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Nov 2 10:10:57 MST 2015
SUSE Security Update: Security update for openstack-neutron and crowbar-barclamp-neutron
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:1890-1
Rating: low
References: #935263 #939691 #943648 #946882 #948704
Cross-References: CVE-2015-3221 CVE-2015-5240
Affected Products:
SUSE OpenStack Cloud 5
______________________________________________________________________________
An update that solves two vulnerabilities and has three
fixes is now available.
Description:
This update provides security fixes and improvements for openstack-neutron
and crowbar-barclamp-neutron.
crowbar-barclamp-neutron:
- Add infoblox support.
- Add configurations required to support DHCP relay.
- Create "floating" network as "flat" provider network. (bsc#946882)
- Fix search for Nova instance.
openstack-neutron:
- Fix usage_audit to work with ML2.
- Fix UDP offloading issue with virtio VMs. (bsc#948704)
- Fix ipset can't be destroyed when last rule is deleted.
- Add ARP spoofing protection for LinuxBridge agent.
- Don't use ARP responder for IPv6 addresses in ovs.
- Stop device_owner from being set to 'network:*'. (bsc#943648,
CVE-2015-5240)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud 5:
zypper in -t patch sleclo50sp3-neutron-201510-12183=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE OpenStack Cloud 5 (x86_64):
openstack-neutron-2014.2.4~a0~dev103-16.2
openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2
openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2
openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2
openstack-neutron-server-2014.2.4~a0~dev103-16.2
openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2
python-neutron-2014.2.4~a0~dev103-16.2
- SUSE OpenStack Cloud 5 (noarch):
crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2
openstack-neutron-doc-2014.2.4~a0~dev103-16.4
References:
https://www.suse.com/security/cve/CVE-2015-3221.html
https://www.suse.com/security/cve/CVE-2015-5240.html
https://bugzilla.suse.com/935263
https://bugzilla.suse.com/939691
https://bugzilla.suse.com/943648
https://bugzilla.suse.com/946882
https://bugzilla.suse.com/948704
More information about the sle-security-updates
mailing list