SUSE-RU-2013:0020-1: Recommended update for crowbar components

sle-updates at sle-updates at
Tue Jan 8 10:08:36 MST 2013

   SUSE Recommended Update: Recommended update for crowbar components

Announcement ID:    SUSE-RU-2013:0020-1
Rating:             low
References:         #772230 #773041 #776901 #780406 #782053 #782275 
                    #784345 #784494 #784857 #785469 #785689 #787344 
Affected Products:
                    SUSE Cloud 1.0

   An update that solves one vulnerability and has 11 fixes is
   now available.


   This update to the crowbar components of SUSE Cloud 1.0
   provides the  following fixes:

   crowbar: * 784494: Add more stringent checks that
   /srv/tftpboot/repos are  set up correctly

   crowbar-barclamp-provisioner: * 785689: Fix TFTP server not
   running because  xinetd was not reloaded

   crowbar-barclamp-crowbar: * 782275: forgotten nodes remain
   in proposals *  784857: Fix crowbar server production.log
   permissions (CVE-2012-0434) *  784345: With default
   setting, nova scheduler will over-commit memory *  773041:
   Usability: crowbar: do not allow allocate before node is
   in  discovered state * 772230: CSS file reverences fonts
   from google server

   crowbar-barclamp-database: * 782053: postgresql can run out
   of connections

   crowbar-barclamp-nova: * 780406: postgresql: grant
   privileges tuple  concurrently updated * 776901:
   barclamp-nova: deploy of nova in default  mode fails,
   because open-iscsi init script returns with 6 on start

   crowbar-barclamp-dns: * Expose nameservers chef attribute
   to crowbar  proposals * Fix wrong /etc/bind/named.conf
   template * 785469: Provide  "allow_transfer" proposal /
   chef attribute * 787344: explicitly do not run  chrooted

   After installation of this update you might experience
   temporary error  messages in various SUSE Cloud components
   that stop after a few minutes.  This occurs when several
   services have to recover from a potential restart  of the
   database. In order to be safe, please schedule a short
   downtime  window.

   Security Issues:

   * CVE-2012-0434


Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Cloud 1.0:

      zypper in -t patch sleclo10sp2-crowbar-7210

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Cloud 1.0 (noarch):



More information about the sle-updates mailing list