SUSE-SU-2019:2906-1: important: Security update for ardana-ansible, ardana-horizon, ardana-keystone, ardana-manila, ardana-neutron, crowbar-core, crowbar-openstack, grafana, openstack-cinder, openstack-dashboard, openstack-horizon-plugin-manila-ui, openstack-keystone, openstack-manila, openstack-neutron, openstack-neutron-fwaas, openstack-neutron-lbaas, openstack-nova, openstack-octavia, openstack-octavia-amphora-image, pdns, python-Django1, python-keystonemiddleware, python-octaviaclient, python-os-brick, python-oslo.cache, python-oslo.messaging
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Wed Nov 6 07:16:06 MST 2019
SUSE Security Update: Security update for ardana-ansible, ardana-horizon, ardana-keystone, ardana-manila, ardana-neutron, crowbar-core, crowbar-openstack, grafana, openstack-cinder, openstack-dashboard, openstack-horizon-plugin-manila-ui, openstack-keystone, openstack-manila, openstack-neutron, openstack-neutron-fwaas, openstack-neutron-lbaas, openstack-nova, openstack-octavia, openstack-octavia-amphora-image, pdns, python-Django1, python-keystonemiddleware, python-octaviaclient, python-os-brick, python-oslo.cache, python-oslo.messaging
______________________________________________________________________________
Announcement ID: SUSE-SU-2019:2906-1
Rating: important
References: #1129734 #1148383
Cross-References: CVE-2019-15043 CVE-2019-3871
Affected Products:
SUSE OpenStack Cloud Crowbar 9
SUSE OpenStack Cloud 9
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for ardana-ansible, ardana-horizon, ardana-keystone,
ardana-manila, ardana-neutron, crowbar-core, crowbar-openstack, grafana,
openstack-cinder, openstack-dashboard, openstack-horizon-plugin-manila-ui,
openstack-keystone, openstack-manila, openstack-neutron,
openstack-neutron-fwaas, openstack-neutron-lbaas, openstack-nova,
openstack-octavia, openstack-octavia-amphora-image, pdns, python-Django1,
python-keystonemiddleware, python-octaviaclient, python-os-brick,
python-oslo.cache, python-oslo.messaging fixes the following issues:
Security issues fixed:
- CVE-2019-3871: Fixed an insufficient validation in the HTTP remote back
end (pdns, bsc#1129734).
- CVE-2019-15043: Added authentication to a few REST endpoints (Grafana,
SOC-10357, bsc#1148383).
Non-security issues fixed:
- Update to version 9.0+git.1568821007.4e73730:
* Include manila-pre-upgrade.yml in ardana-upgrade.yml (SOC-10609)
- Update to version 9.0+git.1569869028.8edfc22:
* Added command to minify the django compressed css files (SOC-10305)
- Update to version 9.0+git.1570035317.78077ac:
* support OpenID Connect WebSSO (SOC-10509)
- Update to version 9.0+git.1569444107.add6a40:
* Manila parallelised upgrade workflow enhancements (SOC-10609)
- Update to version 9.0+git.1571328680.3a89cb8:
* Add neutron-common role dependencies (SOC-10875)
- Update to version 6.0+git.1571412352.8da4d261f:
* upgrade: Reload repo config in repochecks (SOC-10718)
- Update to version 6.0+git.1571210108.12bd2ffa3:
* crowbar: Give more time for reboot for physical hardware reboots
- Update to version 6.0+git.1570004730.b56b8983b:
* Revert "Use block-migration when needed" (SOC-10133)
- Update to version 6.0+git.1569911671.d44b0035c:
* Designate: Don't add the admin node to the public network (SOC-10658)
- Update to version 6.0+git.1572264221.3826a58b8:
* Octavia: account for long ops in HA deployments (SOC-9894)
* Octavia: use correct IP addresses for listening (SOC-9894)
* Octavia: fix subnet creation race condition (SOC-9894)
* Updated copyright notices (SOC-9894)
* Octavia: Follow up patch addressing comments from last PR (SOC-9894)
- Update to version 6.0+git.1571986150.c5b827b7a:
* Fix the migration that tried to access Array as a Hash (SOC-10896)
- Update to version 6.0+git.1571731423.957dcfecd:
* mysql: fix WSREP sync race (SOC-10717)
- Update to version 6.0+git.1571660392.997fee49d:
* mysql: stop service for mysql_install_db (SOC-10717)
- Update to version 6.0+git.1571241502.2f673d0a9:
* rabbitmq: fix migration 200 (SOC-10623)
* Changes to integrate with ACI 4.1 and new packages (SOC-10403)
- Update to version 6.0+git.1570143515.9b1546ed3:
* No rndc key if no public DNS server (SOC-10835)
- Update to version 6.0+git.1570048281.815e06ff3:
* create watcher barclamp (SOC-4183)
- Update to version 6.0+git.1569942913.15b24bec5:
* monasca: Fix restore condition (SOC-9772)
* database: really fix migration 102 (SOC-10717)
- Update to version 6.0+git.1569823669.91f267e96:
* Designate: Filter out the admin node (SOC-10658)
- Create plugin directory and clean up (create in %install, add to %files)
handling of /var/lib/grafana/* and
- Update to version cinder-13.0.8.dev8:
* Extend timeout for database migration tests 13.0.7
* Add context to cloning snapshots in remotefs driver
- Update to version cinder-13.0.7.dev22:
* Add retry to LVM deactivation
* Fix DetachedInstanceError for VolumeAttachment
* Don't allow retype to encrypted+multiattach type
- Update to version cinder-13.0.8.dev8:
* Extend timeout for database migration tests 13.0.7
* Add context to cloning snapshots in remotefs driver
- Update to version cinder-13.0.7.dev22:
* Add retry to LVM deactivation
* Fix DetachedInstanceError for VolumeAttachment
* Don't allow retype to encrypted+multiattach type
- Update to version horizon-14.0.5.dev1:
* Fix aes-xts key length in Horizon Admin Guide / Manage Volumes 14.0.4
- Add python-csscompressor as a requirement
* python-csscompressor will be used to minify compressed css files
- Update to version horizon-14.0.4.dev17:
* Remove the check which causes plugin's quotas update failure
- Update to version horizon-14.0.4.dev16:
* Add Allowed Address Pair/Delete buttons are only visible to admin
- Update to version horizon-14.0.4.dev14:
* Updated max-width to be dynamic for .member class
- Update to version horizon-14.0.4.dev13:
* Avoid forced logout when 403 error encountered
- Update to version manila-ui-2.16.2.dev2:
* Updated to get quotas data for Modify Quotas dialog Share tab
* OpenDev Migration Patch 2.16.1
- Update to version keystone-14.1.1.dev26:
* Make system tokens work with domain-specific drivers
- Update to version keystone-14.1.1.dev24:
* Add test case for expanding implied roles in system tokens
- Update to version keystone-14.1.1.dev22:
* Add retry for DBDeadlock in credential delete
- Update to version keystone-14.1.1.dev20:
* Import LDAP job into project
* Update broken links to dogpile.cache docs
- Update to version keystone-14.1.1.dev26:
* Make system tokens work with domain-specific drivers
- Update to version keystone-14.1.1.dev24:
* Add test case for expanding implied roles in system tokens
- Update to version keystone-14.1.1.dev22:
* Add retry for DBDeadlock in credential delete
- Update to version keystone-14.1.1.dev20:
* Import LDAP job into project
* Update broken links to dogpile.cache docs
- Update to version manila-7.3.1.dev15:
* Fix [Unity] verification and convert mgmt ipv6
- Update to version manila-7.3.1.dev14:
* Adding documentation for User Messages in Manila Documentation
- Update to version manila-7.3.1.dev12:
* [NetApp] Allow extension/shrinking of NetApp replicated share
- Update to version manila-7.3.1.dev11:
* Fix pagination does not speed up queries bug
- Update to version manila-7.3.1.dev9:
* Remove backend spec from share type while creating replica
- Update to version manila-7.3.1.dev8:
* Check NetApp SnapRestore license for pools
- Update to version manila-7.3.1.dev7:
* Fix manila-tempest-minimal-dsvm-lvm-centos-7 job
- Update to version manila-7.3.1.dev15:
* Fix [Unity] verification and convert mgmt ipv6
- Update to version manila-7.3.1.dev14:
* Adding documentation for User Messages in Manila Documentation
- Update to version manila-7.3.1.dev12:
* [NetApp] Allow extension/shrinking of NetApp replicated share
- Update to version manila-7.3.1.dev11:
* Fix pagination does not speed up queries bug
- Update to version manila-7.3.1.dev9:
* Remove backend spec from share type while creating replica
- Update to version manila-7.3.1.dev8:
* Check NetApp SnapRestore license for pools
- Update to version manila-7.3.1.dev7:
* Fix manila-tempest-minimal-dsvm-lvm-centos-7 job
- Update to version neutron-13.0.6.dev3:
* Add radvd\_user config option
* Fix mismatch of tags in dnsmasq options 13.0.5
- Update to version neutron-13.0.5.dev55:
* Handle ports assigned to routers without routerports
- Update to version neutron-13.0.5.dev54:
* fixed\_configured=True when Add/Remove port IPs
- Update to version neutron-13.0.5.dev53:
* raise priority of dead vlan drop
* OVS flows for custom ethertypes must be on EGRESS
- Update to version neutron-13.0.6.dev3:
* Add radvd\_user config option
* Fix mismatch of tags in dnsmasq options 13.0.5
- Update to version neutron-13.0.5.dev55:
* Handle ports assigned to routers without routerports
- Update to version neutron-13.0.5.dev54:
* fixed\_configured=True when Add/Remove port IPs
- Update to version neutron-13.0.5.dev53:
* raise priority of dead vlan drop
* OVS flows for custom ethertypes must be on EGRESS
- Update to version neutron-fwaas-13.0.3.dev2:
* Fix AttributeError with third-party L3 service plugins
- Update to version neutron-fwaas-13.0.3.dev1:
* FWaaS-DVR: FWaaS rules not updated in DVR routers on compute host
13.0.2
- Update to version neutron-fwaas-13.0.3.dev2:
* Fix AttributeError with third-party L3 service plugins
- Update to version neutron-fwaas-13.0.3.dev1:
* FWaaS-DVR: FWaaS rules not updated in DVR routers on compute host
13.0.2
- Update to version neutron-lbaas-13.0.1.dev15:
* Fix lb stats model
- Update to version neutron-lbaas-13.0.1.dev15:
* Fix lb stats model
- Update to version nova-18.2.4.dev18:
* Error out interrupted builds
* Functional reproduce for bug 1833581
* Prevent init\_host test to interfere with other tests
* Add functional test for resize crash compute restart revert
* cleanup evacuated instances not on hypervisor
- Update to version nova-18.2.4.dev8:
* Fix unit of hw\_rng:rate\_period
* Fix exception translation when creating volume
* Skip test\_parallel\_evacuate\_with\_server\_group until fixed
* Handle get\_host\_availability\_zone error during reschedule
* Noop CantStartEngineError in targets\_cell if API DB not configured
- Update to version nova-18.2.4.dev1:
* Stop sending bad values from libosinfo to libvirt 18.2.3
- Update to version nova-18.2.3.dev25:
* Add useful error log when \_determine\_version\_cap raises DBNotAllowed
- Update to version nova-18.2.3.dev23:
* Reduce scope of 'path' query parameter to noVNC consoles
- Update to version nova-18.2.4.dev18:
* Error out interrupted builds
* Functional reproduce for bug 1833581
* Prevent init\_host test to interfere with other tests
* Add functional test for resize crash compute restart revert
* cleanup evacuated instances not on hypervisor
- Update to version nova-18.2.4.dev8:
* Fix unit of hw\_rng:rate\_period
* Fix exception translation when creating volume
* Skip test\_parallel\_evacuate\_with\_server\_group until fixed
* Handle get\_host\_availability\_zone error during reschedule
* Noop CantStartEngineError in targets\_cell if API DB not configured
- Update to version nova-18.2.4.dev1:
* Stop sending bad values from libosinfo to libvirt 18.2.3
- Update to version nova-18.2.3.dev25:
* Add useful error log when \_determine\_version\_cap raises DBNotAllowed
- Update to version nova-18.2.3.dev23:
* Reduce scope of 'path' query parameter to noVNC consoles
- Move tempest tests into the python-octavia package (SOC-9455)
- Update to version octavia-3.2.1.dev1: 3.2.0
* loadbalancer vip-network-id IP availability check
- Update to version octavia-3.1.2.dev46:
* Fix urgent amphora two-way auth security bug
Update image to 0.1.1 to include latest changes in openstack-octavia:
- Update to include version octavia-3.2.1.dev1:
* loadbalancer vip-network-id IP availability check
* Fix urgent amphora two-way auth security bug
* Fix member API handling of None/null updates
* Validate server\_certs\_key\_passphrase is 32 chars
* Work around strptime threading issue
* Fix base (VRRP) port abandoned on revert
* Do not run non-voting jobs in gate
* Fix l7rule API handling of None updates
* Fix template that generates vrrp check script
* elements: add arch property for \`\`open-vm-tools\`\`
* Prevent UDP LBs to use different IP protocol versions in amphora driver
* Fixed down server issue after reloading keepalived
* Fixed pool and members status with UDP loadbalancers
* Add support for monitor\_{address,port} in UDP members
* Fix auto setup Barbican's ACL in the legacy driver
* Fix L7 repository create methods
* Add warning log if auth\_strategy is not keystone
* Add failover logging to show the amphora details
* Revert "Use the infra pypi mirror for DIB"
* Use the infra pypi mirror for DIB
* only rollback DB when we have a connection to the DB
* Add octavia-v2-dsvm jobs to the gate queue
* Fix for utils LB DM transformation function
* Update amphora-agent to report UDP listener health
* Update tox.ini for new upper constraints strategy
* Add bindep.txt for Octavia
* Fix allocate\_and\_associate DB deadlock
* Treat null admin\_state\_up as False
* Performance improvement for non-udp health checks
* Bandit test exclusions syntax change
* Fix IPv6 in Active/Standby topology on CentOS
* Fix listener API handling of None/null updates
* OpenDev Migration Patch
* Fix a lifecycle bug with child objects
* Fix the amphora base port coming up
* Fix setting of VIP QoS policy
* Fix VIP plugging on CentOS-based amphorae
* Fix possible state machine hole in failover
* Add missing import octavia/opts.py
* Fix the loss of access to barbican secrets
* Fix initialization of Barbican client
* Replace openstack.org git:// URLs with https://
* Fix prefix for vip\_ipv6
* Fix ifup failures on member interfaces with IPv6
* Adds server\_certs\_key\_passphrase to octavia.conf
* Fix LB failover when in ERROR
* Resolve amphora agent read timeout issue
* Fix performance of housekeeping DB clean up
* Encrypt certs and keys
* Enable debug for Octavia services in grenade job
* Fix oslo messaging connection leakage
* Simplify keepalived lvsquery parsing for UDP
* Fix functional tests under Python >= 3.6
* Fix check redirect pool for creating a fully populated load balancer
* Fix missing print format error
- Remove superfluous octavia-db-manage invocation from service file
- Incorporate the patch from https://review.openstack.org/#/c/541811/9.
- Update to 4.1.8
* #7604: Correctly interpret an empty AXFR response to an IXFR query,
* #7610: Fix replying from ANY address for non-standard port,
* #7609: Fix rectify for ENT records in narrow zones,
* #7607: Do not compress the root,
* #7608: Fix dot stripping in `setcontent()`,
* #7605: Fix invalid SOA record in MySQL which prevented the
authoritative server from starting,
* #7603: Prevent leak of file descriptor if running out of ports for
incoming AXFR,
* #7602: Fix API search failed with “Commands out of sync; you can’t
run this command nowâ€,
* #7509: Plug `mysql_thread_init` memory leak,
* #7567: EL6: fix `CXXFLAGS` to build with compiler optimizations.
* Prevent more than one CNAME/SOA record in the same RRset
- Update to 1.11.24:
* Fixed crash of KeyTransform() for JSONField and HStoreField when using
on expressions with params (#30672).
- update to version 5.2.1
- Update .gitreview for stable/rocky
- Update UPPER_CONSTRAINTS_FILE for stable/rocky
- OpenDev Migration Patch
- Remove tox_install.sh
- import zuul job settings from project-config
- Skip the services with no endpoints when parsing service catalog
- update to version 1.6.1
- Update UPPER_CONSTRAINTS_FILE for stable/rocky
- OpenDev Migration Patch
- import zuul job settings from project-config
- Update .gitreview for stable/rocky
- Make sure we always requests JSON responses
- update to version 2.5.8
- FC: Ignore some HBAs from map for single WWNN
- OpenDev Migration Patch
- Improve iSCSI device detection speed
- update to version 1.30.4
- Update UPPER_CONSTRAINTS_FILE for stable/rocky
- Fix memcache pool client in monkey-patched environments
- OpenDev Migration Patch
- Pass `flush_on_reconnect` to memcache pooled backend
- update to version 8.1.4
- Replace openstack.org git:// URLs with https://
- Cap Bandit below 1.6.0 and update Sphinx requirement
- Retry to declare a queue after internal error
- Add release note for amqp library TLS/SSL error
- Fix switch connection destination when a rabbitmq cluster node
disappear
- Mark telemetry tests nv and remove from gate
- OpenDev Migration Patch
- Issue blocking ACK for RPC requests from the consumer thread
- fix typos
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud Crowbar 9:
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2019-2906=1
- SUSE OpenStack Cloud 9:
zypper in -t patch SUSE-OpenStack-Cloud-9-2019-2906=1
Package List:
- SUSE OpenStack Cloud Crowbar 9 (noarch):
crowbar-openstack-6.0+git.1572264221.3826a58b8-3.13.3
openstack-cinder-13.0.8~dev8-3.13.5
openstack-cinder-api-13.0.8~dev8-3.13.5
openstack-cinder-backup-13.0.8~dev8-3.13.5
openstack-cinder-scheduler-13.0.8~dev8-3.13.5
openstack-cinder-volume-13.0.8~dev8-3.13.5
openstack-dashboard-14.0.5~dev1-3.9.4
openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3.3
openstack-keystone-14.1.1~dev26-3.13.4
openstack-manila-7.3.1~dev15-4.13.4
openstack-manila-api-7.3.1~dev15-4.13.4
openstack-manila-data-7.3.1~dev15-4.13.4
openstack-manila-scheduler-7.3.1~dev15-4.13.4
openstack-manila-share-7.3.1~dev15-4.13.4
openstack-neutron-13.0.6~dev3-3.13.4
openstack-neutron-dhcp-agent-13.0.6~dev3-3.13.4
openstack-neutron-fwaas-13.0.3~dev2-3.6.3
openstack-neutron-ha-tool-13.0.6~dev3-3.13.4
openstack-neutron-l3-agent-13.0.6~dev3-3.13.4
openstack-neutron-lbaas-13.0.1~dev15-3.10.3
openstack-neutron-lbaas-agent-13.0.1~dev15-3.10.3
openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13.4
openstack-neutron-macvtap-agent-13.0.6~dev3-3.13.4
openstack-neutron-metadata-agent-13.0.6~dev3-3.13.4
openstack-neutron-metering-agent-13.0.6~dev3-3.13.4
openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13.4
openstack-neutron-server-13.0.6~dev3-3.13.4
openstack-nova-18.2.4~dev18-3.13.5
openstack-nova-api-18.2.4~dev18-3.13.5
openstack-nova-cells-18.2.4~dev18-3.13.5
openstack-nova-compute-18.2.4~dev18-3.13.5
openstack-nova-conductor-18.2.4~dev18-3.13.5
openstack-nova-console-18.2.4~dev18-3.13.5
openstack-nova-novncproxy-18.2.4~dev18-3.13.5
openstack-nova-placement-api-18.2.4~dev18-3.13.5
openstack-nova-scheduler-18.2.4~dev18-3.13.5
openstack-nova-serialproxy-18.2.4~dev18-3.13.5
openstack-nova-vncproxy-18.2.4~dev18-3.13.5
openstack-octavia-3.2.1~dev1-3.13.3
openstack-octavia-amphora-agent-3.2.1~dev1-3.13.3
openstack-octavia-amphora-image-debugsource-0.1.1-7.3.4
openstack-octavia-amphora-image-x86_64-0.1.1-7.3.4
openstack-octavia-api-3.2.1~dev1-3.13.3
openstack-octavia-health-manager-3.2.1~dev1-3.13.3
openstack-octavia-housekeeping-3.2.1~dev1-3.13.3
openstack-octavia-worker-3.2.1~dev1-3.13.3
python-Django1-1.11.24-3.12.3
python-cinder-13.0.8~dev8-3.13.5
python-horizon-14.0.5~dev1-3.9.4
python-horizon-plugin-manila-ui-2.16.2~dev2-3.3.3
python-keystone-14.1.1~dev26-3.13.4
python-keystonemiddleware-5.2.1-11.4
python-manila-7.3.1~dev15-4.13.4
python-neutron-13.0.6~dev3-3.13.4
python-neutron-fwaas-13.0.3~dev2-3.6.3
python-neutron-lbaas-13.0.1~dev15-3.10.3
python-nova-18.2.4~dev18-3.13.5
python-octavia-3.2.1~dev1-3.13.3
python-octaviaclient-1.6.1-3.3.3
python-openstack_auth-14.0.5~dev1-3.9.4
python-os-brick-2.5.8-3.6.3
python-os-brick-common-2.5.8-3.6.3
python-oslo.cache-1.30.4-3.3.3
python-oslo.messaging-8.1.4-3.3.3
- SUSE OpenStack Cloud Crowbar 9 (x86_64):
crowbar-core-6.0+git.1571412352.8da4d261f-3.13.3
crowbar-core-branding-upstream-6.0+git.1571412352.8da4d261f-3.13.3
grafana-6.2.5-3.9.3
grafana-debuginfo-6.2.5-3.9.3
- SUSE OpenStack Cloud 9 (noarch):
ardana-ansible-9.0+git.1568821007.4e73730-3.13.3
ardana-horizon-9.0+git.1569869028.8edfc22-3.10.3
ardana-keystone-9.0+git.1570035317.78077ac-3.10.3
ardana-manila-9.0+git.1569444107.add6a40-3.9.3
ardana-neutron-9.0+git.1571328680.3a89cb8-3.13.3
openstack-cinder-13.0.8~dev8-3.13.5
openstack-cinder-api-13.0.8~dev8-3.13.5
openstack-cinder-backup-13.0.8~dev8-3.13.5
openstack-cinder-scheduler-13.0.8~dev8-3.13.5
openstack-cinder-volume-13.0.8~dev8-3.13.5
openstack-dashboard-14.0.5~dev1-3.9.4
openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3.3
openstack-keystone-14.1.1~dev26-3.13.4
openstack-manila-7.3.1~dev15-4.13.4
openstack-manila-api-7.3.1~dev15-4.13.4
openstack-manila-data-7.3.1~dev15-4.13.4
openstack-manila-scheduler-7.3.1~dev15-4.13.4
openstack-manila-share-7.3.1~dev15-4.13.4
openstack-neutron-13.0.6~dev3-3.13.4
openstack-neutron-dhcp-agent-13.0.6~dev3-3.13.4
openstack-neutron-fwaas-13.0.3~dev2-3.6.3
openstack-neutron-ha-tool-13.0.6~dev3-3.13.4
openstack-neutron-l3-agent-13.0.6~dev3-3.13.4
openstack-neutron-lbaas-13.0.1~dev15-3.10.3
openstack-neutron-lbaas-agent-13.0.1~dev15-3.10.3
openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13.4
openstack-neutron-macvtap-agent-13.0.6~dev3-3.13.4
openstack-neutron-metadata-agent-13.0.6~dev3-3.13.4
openstack-neutron-metering-agent-13.0.6~dev3-3.13.4
openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13.4
openstack-neutron-server-13.0.6~dev3-3.13.4
openstack-nova-18.2.4~dev18-3.13.5
openstack-nova-api-18.2.4~dev18-3.13.5
openstack-nova-cells-18.2.4~dev18-3.13.5
openstack-nova-compute-18.2.4~dev18-3.13.5
openstack-nova-conductor-18.2.4~dev18-3.13.5
openstack-nova-console-18.2.4~dev18-3.13.5
openstack-nova-novncproxy-18.2.4~dev18-3.13.5
openstack-nova-placement-api-18.2.4~dev18-3.13.5
openstack-nova-scheduler-18.2.4~dev18-3.13.5
openstack-nova-serialproxy-18.2.4~dev18-3.13.5
openstack-nova-vncproxy-18.2.4~dev18-3.13.5
openstack-octavia-3.2.1~dev1-3.13.3
openstack-octavia-amphora-agent-3.2.1~dev1-3.13.3
openstack-octavia-amphora-image-debugsource-0.1.1-7.3.4
openstack-octavia-amphora-image-x86_64-0.1.1-7.3.4
openstack-octavia-api-3.2.1~dev1-3.13.3
openstack-octavia-health-manager-3.2.1~dev1-3.13.3
openstack-octavia-housekeeping-3.2.1~dev1-3.13.3
openstack-octavia-worker-3.2.1~dev1-3.13.3
python-Django1-1.11.24-3.12.3
python-cinder-13.0.8~dev8-3.13.5
python-horizon-14.0.5~dev1-3.9.4
python-horizon-plugin-manila-ui-2.16.2~dev2-3.3.3
python-keystone-14.1.1~dev26-3.13.4
python-keystonemiddleware-5.2.1-11.4
python-manila-7.3.1~dev15-4.13.4
python-neutron-13.0.6~dev3-3.13.4
python-neutron-fwaas-13.0.3~dev2-3.6.3
python-neutron-lbaas-13.0.1~dev15-3.10.3
python-nova-18.2.4~dev18-3.13.5
python-octavia-3.2.1~dev1-3.13.3
python-octaviaclient-1.6.1-3.3.3
python-openstack_auth-14.0.5~dev1-3.9.4
python-os-brick-2.5.8-3.6.3
python-os-brick-common-2.5.8-3.6.3
python-oslo.cache-1.30.4-3.3.3
python-oslo.messaging-8.1.4-3.3.3
venv-openstack-barbican-x86_64-7.0.1~dev18-3.11.3
venv-openstack-cinder-x86_64-13.0.8~dev8-3.11.3
venv-openstack-designate-x86_64-7.0.1~dev22-3.11.3
venv-openstack-glance-x86_64-17.0.1~dev30-3.11.3
venv-openstack-heat-x86_64-11.0.3~dev23-3.11.3
venv-openstack-horizon-x86_64-14.0.5~dev1-4.11.3
venv-openstack-keystone-x86_64-14.1.1~dev26-3.11.3
venv-openstack-magnum-x86_64-7.1.1~dev28-4.11.3
venv-openstack-manila-x86_64-7.3.1~dev15-3.11.3
venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.11.3
venv-openstack-monasca-x86_64-2.7.1~dev10-3.11.3
venv-openstack-neutron-x86_64-13.0.6~dev3-6.11.3
venv-openstack-nova-x86_64-18.2.4~dev18-3.11.3
venv-openstack-octavia-x86_64-3.2.1~dev1-4.11.3
venv-openstack-sahara-x86_64-9.0.2~dev12-3.11.3
venv-openstack-swift-x86_64-2.19.2~dev1-2.8.3
- SUSE OpenStack Cloud 9 (x86_64):
grafana-6.2.5-3.9.3
grafana-debuginfo-6.2.5-3.9.3
pdns-4.1.8-3.3.3
pdns-backend-mysql-4.1.8-3.3.3
pdns-backend-mysql-debuginfo-4.1.8-3.3.3
pdns-debuginfo-4.1.8-3.3.3
pdns-debugsource-4.1.8-3.3.3
References:
https://www.suse.com/security/cve/CVE-2019-15043.html
https://www.suse.com/security/cve/CVE-2019-3871.html
https://bugzilla.suse.com/1129734
https://bugzilla.suse.com/1148383
More information about the sle-security-updates
mailing list