SUSE-SU-2015:1666-1: moderate: Security update for Cloud Compute 12

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Oct 1 08:10:01 MDT 2015


   SUSE Security Update: Security update for Cloud Compute 12
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:1666-1
Rating:             moderate
References:         #915245 #917091 #920573 #922751 #926596 #926773 
                    #927625 #930574 #931839 #934523 #944339 
Affected Products:
                    SUSE OpenStack Cloud Compute 5
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:


   This collective update for the Cloud Compute 12 Module provides several
   fixes and enhancements.

   openstack-suse:

   - Do not copy upstream Python requirements to the package. (bsc#920573)

   openstack-nova:

   - Fix metadata not returning just instance private IP. (bsc#934523)
   - Enable tenant/user specific instance filtering. (bsc#927625)
   - Cleanup allocated networks after rescheduling. (bsc#931839)
   - Fix instance filtering. (bsc#927625)
   - Websocket Proxy should verify Origin header to prevent Cross-Site
     WebSocket hijacking. (bsc#917091, CVE-2015-0259)

   openstack-neutron:

   - Change neutron-ha-tool to read password from /etc/neutron/os_password.
     (bsc#922751)
   - Change port status when it is bound. (bsc#926773)
   - Require conntrack-tools for SLE12. (bsc#944339)
   - Allow images with existing routes in the network 169.254.0.0/16 to
     access metadata server. (bsc#915245)

   openstack-ceilometer:

   - Fix issue when ceilometer-expirer is called from the wrong user via
     cronjob and the resulting logs end up having wrong ownership.
     (bsc#930574)
   - Move the cron job to collector package. (bsc#926596)

   For a comprehensive list of changes, please refer to the packages' change
   log.


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Compute 5:

      zypper in -t patch SUSE-SLE12-CLOUD-5-2015-629=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE OpenStack Cloud Compute 5 (noarch):

      openstack-ceilometer-2014.2.4.dev18-3.2
      openstack-ceilometer-agent-compute-2014.2.4.dev18-3.2
      openstack-neutron-2014.2.4~a0~dev78-7.2
      openstack-neutron-dhcp-agent-2014.2.4~a0~dev78-7.2
      openstack-neutron-ha-tool-2014.2.4~a0~dev78-7.2
      openstack-neutron-l3-agent-2014.2.4~a0~dev78-7.2
      openstack-neutron-lbaas-agent-2014.2.4~a0~dev78-7.2
      openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev78-7.2
      openstack-neutron-metadata-agent-2014.2.4~a0~dev78-7.2
      openstack-neutron-metering-agent-2014.2.4~a0~dev78-7.2
      openstack-neutron-openvswitch-agent-2014.2.4~a0~dev78-7.2
      openstack-neutron-vpn-agent-2014.2.4~a0~dev78-7.2
      openstack-nova-2014.2.4~a0~dev61-6.2
      openstack-nova-compute-2014.2.4~a0~dev61-6.2
      openstack-suse-sudo-2014.2-5.1
      python-ceilometer-2014.2.4.dev18-3.2
      python-neutron-2014.2.4~a0~dev78-7.2
      python-nova-2014.2.4~a0~dev61-6.2


References:

   https://bugzilla.suse.com/915245
   https://bugzilla.suse.com/917091
   https://bugzilla.suse.com/920573
   https://bugzilla.suse.com/922751
   https://bugzilla.suse.com/926596
   https://bugzilla.suse.com/926773
   https://bugzilla.suse.com/927625
   https://bugzilla.suse.com/930574
   https://bugzilla.suse.com/931839
   https://bugzilla.suse.com/934523
   https://bugzilla.suse.com/944339



More information about the sle-security-updates mailing list