SUSE-SU-2015:2064-1: moderate: Security update for openstack-dashboard

sle-updates at sle-updates at
Fri Nov 20 09:13:13 MST 2015

   SUSE Security Update: Security update for openstack-dashboard

Announcement ID:    SUSE-SU-2015:2064-1
Rating:             moderate
References:         #928891 #931437 #933607 #933722 #935442 #936059 
                    #936368 #945052 #945515 
Cross-References:   CVE-2015-3219 CVE-2015-3988
Affected Products:
                    SUSE OpenStack Cloud 5

   An update that solves two vulnerabilities and has 7 fixes
   is now available.


   This update provides fixes and enhancements for openstack-dashboard,
   crowbar-barclamp-nova_dashboard and python-django_openstack_auth.


   - Reset flavors for other than "Boot from Image" source type. (bsc#945515)
   - Add deactivated status for glance image.
   - Fix TemplateSyntaxError at hypervisors view.
   - Fix addition of plugin panel to panel group.
   - Remove admin role name 'admin' hardcode. (bsc#935442)
   - Escape the description param from heat template. (bsc#933722,
   - Enhance policy rules to workflow actions and identity project.
   - Sanitation of metadata passed from Django to avoid persistent XSS.
     (bsc#931437, CVE-2015-3988)
   - Fix Terminate Instance on network topology page.
   - Show ports from shared nets in floating IP assoc.
   - Fix incorrect ca arguments for calling ceilometer client.
   - Fix dynamic select layout when help block is displayed.
   - Pass correct project ID to get tenant_usages. (bsc#928891)


   - Allow switching on multidomain support. (bsc#945052)
   - Fix quoting of supported_provider_types. (bsc#936368)
   - Enable the POLICY_FILES setting configuration.
   - Fix attribute being fetched from wrong node. (bsc#936059)


   - Remove admin role name 'admin' hardcode in User.is_superuser().

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 5:

      zypper in -t patch sleclo50sp3-openstack-crowbar-dashboard-201510-12220=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE OpenStack Cloud 5 (x86_64):


   - SUSE OpenStack Cloud 5 (noarch):



More information about the sle-updates mailing list