SUSE-SU-2016:1966-1: Security update for several openstack-components

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Fri Aug 5 07:09:26 MDT 2016


   SUSE Security Update: Security update for several openstack-components
______________________________________________________________________________

Announcement ID:    SUSE-SU-2016:1966-1
Rating:             low
References:         #984802 #988729 
Cross-References:   CVE-2016-4985
Affected Products:
                    SUSE OpenStack Cloud 6
______________________________________________________________________________

   An update that solves one vulnerability and has one errata
   is now available.

Description:


   This update provides the latest code from OpenStack Liberty for
   openstack-designate,
   -ironic, -neutron-vpnaas, -nova-docker, -sahara, -tempest and -trove.

   Additionally the following security issue has been fixed:

   openstack-ironic:

   - Mask password on agent lookup according to policy (bsc#984802,
     CVE-2016-4985)

   For a detailed description of all changes, please refer to the changelog.


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 6:

      zypper in -t patch SUSE-OpenStack-Cloud-6-2016-1160=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE OpenStack Cloud 6 (noarch):

      openstack-designate-1.0.3~a0~dev10-6.1
      openstack-designate-agent-1.0.3~a0~dev10-6.1
      openstack-designate-api-1.0.3~a0~dev10-6.1
      openstack-designate-central-1.0.3~a0~dev10-6.1
      openstack-designate-doc-1.0.3~a0~dev10-6.2
      openstack-designate-sink-1.0.3~a0~dev10-6.1
      openstack-ironic-4.2.5-6.1
      openstack-ironic-api-4.2.5-6.1
      openstack-ironic-conductor-4.2.5-6.1
      openstack-ironic-doc-4.2.5-6.2
      openstack-neutron-vpn-agent-7.0.5~a0~dev3-6.1
      openstack-neutron-vpnaas-7.0.5~a0~dev3-6.1
      openstack-neutron-vpnaas-doc-7.0.5~a0~dev3-6.1
      openstack-nova-docker-0.0.1~a0~dev238-4.1
      openstack-sahara-3.0.3~a0~dev1-6.1
      openstack-sahara-api-3.0.3~a0~dev1-6.1
      openstack-sahara-doc-3.0.3~a0~dev1-6.1
      openstack-sahara-engine-3.0.3~a0~dev1-6.1
      openstack-tempest-7.0.0-9.1
      openstack-tempest-test-7.0.0-9.1
      openstack-trove-4.0.1~a0~dev19-8.1
      openstack-trove-api-4.0.1~a0~dev19-8.1
      openstack-trove-conductor-4.0.1~a0~dev19-8.1
      openstack-trove-doc-4.0.1~a0~dev19-8.1
      openstack-trove-guestagent-4.0.1~a0~dev19-8.1
      openstack-trove-taskmanager-4.0.1~a0~dev19-8.1
      python-designate-1.0.3~a0~dev10-6.1
      python-ironic-4.2.5-6.1
      python-neutron-vpnaas-7.0.5~a0~dev3-6.1
      python-sahara-3.0.3~a0~dev1-6.1
      python-tempest-7.0.0-9.1
      python-trove-4.0.1~a0~dev19-8.1


References:

   https://www.suse.com/security/cve/CVE-2016-4985.html
   https://bugzilla.suse.com/984802
   https://bugzilla.suse.com/988729



More information about the sle-security-updates mailing list