SUSE-SU-2015:1434-1: Security update for python modules

sle-updates at lists.suse.com sle-updates at lists.suse.com
Tue Aug 25 03:10:02 MDT 2015


   SUSE Security Update: Security update for python modules
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:1434-1
Rating:             low
References:         #928205 #932270 #933758 
Cross-References:   CVE-2015-1852
Affected Products:
                    SUSE OpenStack Cloud 5
______________________________________________________________________________

   An update that solves one vulnerability and has two fixes
   is now available.

Description:


   This update provides the following fixes for various python-modules:

   - python-openstackclient:
     + Fix image create location attribute (bnc#932270)

   - python-novaclient:
     + Update novaclient shell to use shared arguments from Session
     + Support using the Keystone V3 API from the Nova CLI

   - python-keystoneclient:
     + Fix s3_token middleware parsing insecure option (bsc#928205,
       CVE-2015-1852)

   - python-glanceclient:
     + remove deprecation warning


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 5:

      zypper in -t patch sleclo50sp3-python-modules-201507-12046=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE OpenStack Cloud 5 (x86_64):

      python-glanceclient-0.15.0-9.2
      python-keystoneclient-1.0.0-11.1
      python-keystoneclient-doc-1.0.0-11.1
      python-keystonemiddleware-1.2.0-11.2
      python-novaclient-2.20.0-9.2
      python-novaclient-doc-2.20.0-9.2
      python-openstackclient-0.4.1-9.2


References:

   https://www.suse.com/security/cve/CVE-2015-1852.html
   https://bugzilla.suse.com/928205
   https://bugzilla.suse.com/932270
   https://bugzilla.suse.com/933758



More information about the sle-updates mailing list