SUSE-RU-2020:2161-1: moderate: Security update for ansible1, ardana-ansible, ardana-cobbler, ardana-glance, ardana-input-model, ardana-logging, ardana-manila, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-openstack, grafana, kibana, openstack-barbican, openstack-ceilometer, openstack-cinder, openstack-dashboard, openstack-designate, openstack-heat-templates, openstack-ironic, openstack-keystone, openstack-magnum, openstack-manila, openstack-monasca-agent, openstack-neutron, openstack-neutron-vsphere, openstack-nova, openstack-octavia, openstack-octavia-amphora-image, openstack-resource-agents, python-Django1, python-Pillow, python-ardana-packager, python-heatclient, python-neutron-tempest-plugin, python-octavia-tempest-plugin, python-os-brick, python-oslo.messaging, python-pyroute2, python-urllib3, python-waitress, release-notes-suse-openstack-cloud, rubygem-activeresource, rubygem-json-1_7, rubygem-puma
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Thu Aug 6 19:12:34 MDT 2020
SUSE Recommended Update: Security update for ansible1, ardana-ansible, ardana-cobbler, ardana-glance, ardana-input-model, ardana-logging, ardana-manila, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-openstack, grafana, kibana, openstack-barbican, openstack-ceilometer, openstack-cinder, openstack-dashboard, openstack-designate, openstack-heat-templates, openstack-ironic, openstack-keystone, openstack-magnum, openstack-manila, openstack-monasca-agent, openstack-neutron, openstack-neutron-vsphere, openstack-nova, openstack-octavia, openstack-octavia-amphora-image, openstack-resource-agents, python-Django1, python-Pillow, python-ardana-packager, python-heatclient, python-neutron-tempest-plugin, python-octavia-tempest-plugin, python-os-brick, python-oslo.messaging, python-pyroute2, python-urllib3, python-waitress, release-notes-suse-openstack-cloud, rubygem-activeresource, rubygem-json-1_7, rubygem-puma
______________________________________________________________________________
Announcement ID: SUSE-RU-2020:2161-1
Rating: moderate
References: #1019111 #1107190 #1126503 #1136928 #1153191
#1159046 #1159447 #1160151 #1160152 #1160153
#1160192 #1160790 #1161088 #1161089 #1161670
#1161919 #1163446 #1165022 #1170657 #1171070
#1171071 #1171072 #1171273 #1171594 #1171909
#1172166 #1172167 #1172409 #1172522 #1173413
#1173416 #1173418 #1173420 #1174006
Affected Products:
SUSE OpenStack Cloud Crowbar 9
SUSE OpenStack Cloud 9
______________________________________________________________________________
An update that solves 24 vulnerabilities and has 10 fixes
is now available.
Description:
This update for ansible1, ardana-ansible, ardana-cobbler, ardana-glance,
ardana-input-model, ardana-logging, ardana-manila, ardana-monasca,
ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core,
crowbar-openstack, grafana, kibana, openstack-barbican,
openstack-ceilometer, openstack-cinder, openstack-dashboard,
openstack-designate, openstack-heat-templates, openstack-ironic,
openstack-keystone, openstack-magnum, openstack-manila,
openstack-monasca-agent, openstack-neutron, openstack-neutron-vsphere,
openstack-nova, openstack-octavia, openstack-octavia-amphora-image,
openstack-resource-agents, python-Django1, python-Pillow,
python-ardana-packager, python-heatclient, python-neutron-tempest-plugin,
python-octavia-tempest-plugin, python-os-brick, python-oslo.messaging,
python-pyroute2, python-urllib3, python-waitress,
release-notes-suse-openstack-cloud, rubygem-activeresource,
rubygem-json-1_7, rubygem-puma fixes the following issues:
Security fixes included in this update:
ansible1:
- CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503).
grafana:
- CVE-2020-13379: Fixed an incorrect access control issue which could lead
to information leaks or denial of service (bsc#1172409).
- CVE-2020-12052: Fixed an cross site scripting vulnerability related to
the annotation popup (bsc#1170657).
kibana:
- CVE-2020-10743: Fixed a clickjacking vulnerability (bsc#1171909).
python-Django1 to 1.11.29:
- CVE-2020-13254: Fixed a data leakage via malformed memcached keys
(bsc#1172167).
- CVE-2020-13596: Fixed a cross site scripting vulnerability related to
the admin parameters of the ForeignKeyRawIdWidget (bsc#1172166).
- CVE-2020-7471: Fixed a SQL injection via StringAgg delimiter
(bsc#1161919).
- CVE-2020-9402: Fixed a SQL injection via tolerance parameter in GIS
functions and aggregates (bsc#1165022).
- CVE-2019-19844: Fixed a potential account hijack via password reset form
(bsc#1159447).
python-Pillow:
- CVE-2020-10177: Fixed multiple out-of-bounds reads in
libImaging/FliDecode.c (bsc#1173413).
- CVE-2020-11538: Fixed multiple out-of-bounds reads via a crafted JP2
files (bsc#1173420).
- CVE-2020-10994: Fixed multiple out-of-bounds reads via a crafted JP2
files (bsc#1173418).
- CVE-2020-10378: Fixed an out-of-bounds read when reading PCX files
(bsc#1173416).
- CVE-2019-16865: Fixed a denial of service with specially crafted image
files (bsc#1153191).
- CVE-2020-5311: Fixed an SGI buffer overflow (bsc#1160151).
- CVE-2020-5312: Fixed a buffer overflow in the PCX P mode (bsc#1160152).
- CVE-2020-5313: Fixed a buffer overflow related to FLI (bsc#1160153).
- CVE-2019-19911: Fixed a denial of service in FpxImagePlugin.py
(bsc#1160192).
python-waitress to version 1.4.3:
- CVE-2019-16785: Fixed HTTP request smuggling through LF vs CRLF handling
(bsc#1161088).
- CVE-2019-16786: Fixed HTTP request smuggling through invalid
Transfer-Encoding (bsc#1161089).
- CVE-2019-16789: Fixed HTTP Request Smuggling through invalid whitespace
characters (bsc#1160790).
- CVE-2019-16792: Fixed HTTP Request Smuggling through Content-Length
header handling (bsc#1161670).
rubygem-activeresource:
- CVE-2020-8151: Fixed possible information disclosure through specially
crafted requests (bsc#1171560).
Non security fixes:
Changes in ansible1.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch
(bsc#1126503, CVE-2019-3828)
Changes in ardana-ansible.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1591138508.e269bdb:
* Use internal endpoint for upload image (SOC-11294)
- Update to version 9.0+git.1589740968.d339a28:
* Reconfigure rabbitmq user permissions on update (SOC-11082)
- Update to version 9.0+git.1588953276.b8b5512:
* Fix incorrect prefix used to collect supportconfig files (bsc#1171273)
Changes in ardana-cobbler.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1588181228.bae3b1f:
* Ensure distro_signatures.json gets updated if needed (SOC-11249)
Changes in ardana-glance.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1593631708.9354a78:
* Idempotent cirros image upload to glance (SOC-11342)
Changes in
ardana-input-model.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1589740948.c24fc0b:
* Add default rabbitmq exchange write permissions (SOC-11082)
Changes in ardana-logging.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1591193994.d93b668:
* kibana: set x-frame-options header (bsc#1171909)
Changes in ardana-manila.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1594158642.b5905e4:
* Ensure manila_upgrade_mode is initialised appropriately (SOC-11341)
- Update to version 9.0+git.1593516580.6c83767:
* Skip openstack-manila-share status check during upgrade (SOC-11341)
Changes in ardana-monasca.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1589385256.7fbfaaf:
* Fix stop start/stop logic (SOC-11209)
- Update to version 9.0+git.1588610558.98958f3:
* Fix monasca-thresh-wrapper status action (SOC-11209)
- Update to version 9.0+git.1588343155.0e67455:
* monasca-thresh restart and storm upgrade enhancements (SOC-11209)
Changes in ardana-mq.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1593618110.cbd1a37:
* Ensure epmd.service started/stopped independent of rabbitmq (SOC-6780)
- Update to version 9.0+git.1589715197.9196f62:
* Don't mirror reply queues (SOC-10317)
Changes in ardana-neutron.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1590756257.e09d54f:
* Update L3 rootwrap filters (SOC-11306)
Changes in ardana-octavia.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1590079609.a2ae6ab:
* fix octavia to glance communication over internal endpoint (SOC-11294)
Changes in ardana-tempest.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 9.0+git.1593033709.9495bb2:
* load-balancer: set check timeout to 120 seconds (SOC-11330)
- Update to version 9.0+git.1593010160.cb417d7:
* Blacklist neutron test_snat_external_ip test (SOC-11279)
- Update to version 9.0+git.1592341936.3b5ad41:
* Remove blacklisted octavia test (SOC-11289)
- Update to version 9.0+git.1592239656.b18289a:
* Blacklist NetworkMigration tests (SOC-11279)
- Update to version 9.0+git.1590429931.4fa308a:
* Install only needed tempest pluguins (SOC-11297)
- Update to version 9.0+git.1590164310.9e7888e:
* Enable tempest shelve tests (SOC-9775)
- Update to version 9.0+git.1590151267.16bddd9:
* Add NetworkMigration tests back in neutron filter (SOC-11279)
- Update to version 9.0+git.1589460689.e3bd243:
* Enable test_delete_policies_while_tenant_attached_to_net test
(SOC-9235)
- Update to version 9.0+git.1589206665.aedb17d:
* Blacklist some NetworkMigration tests (SOC-11279)
Changes in crowbar-core.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 6.0+git.1594619891.b75a61d0d:
* upgrade: Do not stop pacemaker managed apache service (SOC-11298)
- Update to version 6.0+git.1593156244.533c05c01:
* Ignore CVE-2020-8184 (SOC-11299)
- Update to version 6.0+git.1592589539.e0cbb8c8f:
* provisioner: allow tftp access from admin network only (bsc#1019111)
- Update to version 6.0+git.1590650924.e7548b2ac:
* Ignore latest ruby-related CVEs in the CI (SOC-11299)
- Update to version 6.0+git.1589803358.48ba3f4a6:
* provisioner: Fix ssh key validation (SOC-11126)
- Update to version 6.0+git.1588062060.de79301bf:
* upgrade: disable zypper process check temporarily (SOC-11203)
Changes in crowbar-openstack.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 6.0+git.1591795073.49cb6400e:
* kibana: set x-frame-options header (bsc#1171909, CVE-2020-10743)
- Update to version 6.0+git.1591104467.7de344556:
* Restore undeprecated nova dhcp_domain option (bsc#1171594)
- Update to version 6.0+git.1590579980.5258ac04a:
* tempest: Enable shelve tests when using RBD ephemeral (SOC-11176)
- Update to version 6.0+git.1589957131.fcfccecc1:
* galera: Make sure checks are executed without password (bsc#1136928)
- Update to version 6.0+git.1589573559.3bf36a7cd:
* rabbitmq: sync startup definitions.json with recipe
(SOC-11077,SOC-11274)
- Update to version 6.0+git.1589544034.e52fd938a:
* trove: fix rabbitmq connection URL (SOC-11286)
- Update to version 6.0+git.1589389407.5a306c6d3:
* tempest: remove port_admin_state_change workaround (SOC-10029)
- Update to version 6.0+git.1588686448.3c0060ca7:
* Fix monasca libvirt ping checks (bsc#1107190)
- Update to version 6.0+git.1588259003.a4e938422:
* run keystone_register on cluster founder only when HA (SOC-11248)
* ceilometer: Post API removal cleanup (SOC-10124)
- Update to version 6.0+git.1588096476.79154bb30:
* nova: run keystone_register on cluster founder only (SOC-11243)
Changes in grafana.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Add CVE-2020-13379.patch
* Security: fix unauthorized avatar proxying (bsc#1172409,
CVE-2020-13379)
- Add
0001-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch
* Security: Fix annotation popup XSS vulnerability (bsc#1170657,
CVE-2020-12052)
- Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#1148383)
- Create plugin directory and clean up (create in %install, add to %files)
handling of /var/lib/grafana/* and Changes in
kibana.SUSE_SLE-12-SP4_Update_Products_Cloud9:
- Add 0001-Configurable-custom-response-headers-for-server.patch
(bsc#1171909, CVE-2020-10743)
Changes in
openstack-barbican.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- drop python-argparse buildrequires
Changes in
openstack-ceilometer.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version ceilometer-11.1.1.dev7:
* [stable-only] Add confluent-kafka to test-requirements
- Update to version ceilometer-11.1.1.dev6:
* Temporary failures should be treated as temporary
Changes in
openstack-ceilometer.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version ceilometer-11.1.1.dev7:
* [stable-only] Add confluent-kafka to test-requirements
- Update to version ceilometer-11.1.1.dev6:
* Temporary failures should be treated as temporary
Changes in openstack-cinder.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version cinder-13.0.10.dev12:
* Remove VxFlex OS credentials from connection\_properties
- Update to version cinder-13.0.10.dev11:
* [stable only] Add warning about rbd\_keyring\_conf
- Update to version cinder-13.0.10.dev10:
* VMAX Driver - Backport fix for Rocky and Queens
Changes in openstack-cinder.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- drop obsolete python-argparse buildrequires
- Update to version cinder-13.0.10.dev12:
* Remove VxFlex OS credentials from connection\_properties
- Update to version cinder-13.0.10.dev11:
* [stable only] Add warning about rbd\_keyring\_conf
- Update to version cinder-13.0.10.dev10:
* VMAX Driver - Backport fix for Rocky and Queens
Changes in
openstack-dashboard.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version horizon-14.1.1.dev6:
* Fix tenant\_id for a new port
- Update to version horizon-14.1.1.dev5:
* Fix .zuul.yaml syntax errors
* Gate fix: use tempest-horizon 0.2.0 explicitly
* Authenticate before Authorization
Changes in
openstack-designate.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version designate-7.0.2.dev2:
* Worker should send NOTIFY also to all servers in 'also\_notifies' pool
settings
- Update to version designate-7.0.2.dev1:
* Pin stable/rocky tempest tests to 0.7.0 tag 7.0.1
Changes in
openstack-designate.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version designate-7.0.2.dev2:
* Worker should send NOTIFY also to all servers in 'also\_notifies' pool
settings
- Update to version designate-7.0.2.dev1:
* Pin stable/rocky tempest tests to 0.7.0 tag 7.0.1
Changes in
openstack-heat-templates.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 0.0.0+git.1582270132.8a20477:
* Drop use of git.openstack.org
* Add example for running Zun container
* OpenDev Migration Patch
* Replace openstack.org git:// URLs with https://
* Add sample templates for Blazar
* Remove docs, deprecated hooks, tests
* Update the bugs link to storyboard
* Add an example of OS::Mistral::ExternalResource
Changes in openstack-ironic.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version ironic-11.1.5.dev6:
* Fix issue where server fails to reboot
- Update to version ironic-11.1.5.dev4:
* Fix SpanLength calculation for DRAC RAID configuration
Changes in openstack-ironic.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version ironic-11.1.5.dev6:
* Fix issue where server fails to reboot
- Update to version ironic-11.1.5.dev4:
* Fix SpanLength calculation for DRAC RAID configuration
Changes in
openstack-keystone.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version keystone-14.2.1.dev4:
* Fix security issues with EC2 credentials
* Ensure OAuth1 authorized roles are respected
- Update to version keystone-14.2.1.dev2:
* Check timestamp of signed EC2 token request
- Update to version keystone-14.2.1.dev1:
* Add cadf auditing to credentials 14.2.0
Changes in
openstack-keystone.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Remove patches (merged upstream)
* 0002-Check-timestamp-of-signed-EC2-token-request.patch
* 0002-Ensure-OAuth1-authorized-roles-are-respected.patch
* 0002-Fix-security-issues-with-EC2-credentials.patch
- Update to version keystone-14.2.1.dev4:
* Fix security issues with EC2 credentials
* Ensure OAuth1 authorized roles are respected
- Update to version keystone-14.2.1.dev2:
* Check timestamp of signed EC2 token request
- Add security patches (bsc#1171070, bsc#1171071, bsc#1171072):
* 0002-Check-timestamp-of-signed-EC2-token-request.patch
* 0002-Ensure-OAuth1-authorized-roles-are-respected.patch
* 0002-Fix-security-issues-with-EC2-credentials.patch
- Update to version keystone-14.2.1.dev1:
* Add cadf auditing to credentials 14.2.0
Changes in openstack-magnum.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- drop obsolete python-argparse buildrequires
Changes in openstack-manila.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version manila-7.4.2.dev31:
* [Unity]: Failed to delete cifs share if wrong access set
- Update to version manila-7.4.2.dev29:
* [devstack][ci] Move bgp setup to plugin
- Update to version manila-7.4.2.dev27:
* [devstack][ci] Modify firewall in ds-plugin
- Update to version manila-7.4.2.dev25:
* [devstack][ci] Set public network ID in tempest.conf
* Make manila-tempest-plugin installation optional
- Update to version manila-7.4.2.dev21:
* fix bug in consume from share
- Update to version manila-7.4.2.dev19:
* Conditionally restore default route in setup\_ipv6
- Update to version manila-7.4.2.dev18:
* [NetApp] Fix driver to honor standard extra specs
* [NetApp] cDOT to set valid QoS during migration
- Update to version manila-7.4.2.dev14:
* Remove provisioned calculation on non thin provision backends
- Update to version manila-7.4.2.dev12:
* [NetApp] Fix share replica failing for 'transfer in progress' error
* [NetApp] Fix share shrink error status
* Delete type access list when deleting types
* fix bug in quota checking
* Prevent share type deletion if linked to group types
Changes in openstack-manila.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- drop obsolete python-argparse buildrequires
- Update to version manila-7.4.2.dev31:
* [Unity]: Failed to delete cifs share if wrong access set
- Update to version manila-7.4.2.dev29:
* [devstack][ci] Move bgp setup to plugin
- Update to version manila-7.4.2.dev27:
* [devstack][ci] Modify firewall in ds-plugin
- Update to version manila-7.4.2.dev25:
* [devstack][ci] Set public network ID in tempest.conf
* Make manila-tempest-plugin installation optional
- Update to version manila-7.4.2.dev21:
* fix bug in consume from share
- Update to version manila-7.4.2.dev19:
* Conditionally restore default route in setup\_ipv6
- Update to version manila-7.4.2.dev18:
* [NetApp] Fix driver to honor standard extra specs
* [NetApp] cDOT to set valid QoS during migration
- Update to version manila-7.4.2.dev14:
* Remove provisioned calculation on non thin provision backends
- Update to version manila-7.4.2.dev12:
* [NetApp] Fix share replica failing for 'transfer in progress' error
* [NetApp] Fix share shrink error status
* Delete type access list when deleting types
* fix bug in quota checking
* Prevent share type deletion if linked to group types
Changes in
openstack-monasca-agent.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- update to version 2.8.2~dev5
- Fix libvirt ping_checks documentation
- update to version 2.8.2~dev3
- Add debug output for libvirt ping checks
- Lockdown /bin/ip permissions for the monasca-agent (bsc#1107190)
- add addtional arguments to /bin/ip in sudoers
- Fix missing sudo privleges (bsc#1107190)
- add /bin/ip and /usr/bin/ovs-vsctl to monasca-agent sudoers
- update to version 2.8.2~dev2
- Remove incorrect assignment of ping_cmd to 'True'
- Do not copy /sbin/ip to /usr/bin/monasa-agent-ip
Changes in openstack-neutron.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version neutron-13.0.8.dev68:
* [DVR] Related routers should be included if are requested
- Update to version neutron-13.0.8.dev67:
* [EM releases] Move non-voting jobs to the experimental queue
* [OVS] Make QoS OVS agent deletion operations more resilient
* Add "igmp\_snooping\_enable" config option for OVS agent
- Update to version neutron-13.0.8.dev61:
* Unnecessary routers should not be created
* Ensure that stale flows are cleaned from phys\_bridges
* Do not block connection between br-int and br-phys on startup
* Improve log message when port losts its vlan tag
* [DVR] Reconfigure re-created physical bridges for dvr routers
- Update to version neutron-13.0.8.dev52:
* Fix rocky gates, multiple fixes
- Update to version neutron-13.0.8.dev51:
* Dynamically increase l3 router process queue green pool size
- Update to version neutron-13.0.8.dev49:
* Allow usage of legacy 3rd-party interface drivers
- Update to version neutron-13.0.8.dev47:
* Router synch shouldn't return unrelated routers
- Update to version neutron-13.0.8.dev45:
* Only notify nova of port status changes if configured
- Update to version neutron-13.0.8.dev44:
* Add Rocky milestone tag for alembic migration revisions
- Update to version neutron-13.0.8.dev42:
* Cap pycodestyle to be < 2.6.0
* Report L3 extensions enabled in the L3 agent's config
- Update to version neutron-13.0.8.dev39:
* Adding LOG statements to debug 1838449
- Update to version neutron-13.0.8.dev38:
* Improve VLAN allocations synchronization
* [L3 HA] Add "no\_track" option to VIPs in keepalived config
* Change ovs-agent iteration log level to INFO
* Refactor the L3 agent batch notifier
* Do not link up HA router gateway in backup node
Changes in openstack-neutron.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version neutron-13.0.8.dev68:
* [DVR] Related routers should be included if are requested
- Add 0001-Revert-Do-not-block-connection-between-br-int-and-br.patch
(LP#1887148)
- Update to version neutron-13.0.8.dev67:
* [EM releases] Move non-voting jobs to the experimental queue
* [OVS] Make QoS OVS agent deletion operations more resilient
* Add "igmp\_snooping\_enable" config option for OVS agent
- Update to version neutron-13.0.8.dev61:
* Unnecessary routers should not be created
* Ensure that stale flows are cleaned from phys\_bridges
* Do not block connection between br-int and br-phys on startup
* Improve log message when port losts its vlan tag
* [DVR] Reconfigure re-created physical bridges for dvr routers
- Update to version neutron-13.0.8.dev52:
* Fix rocky gates, multiple fixes
- Update to version neutron-13.0.8.dev51:
* Dynamically increase l3 router process queue green pool size
- Update to version neutron-13.0.8.dev49:
* Allow usage of legacy 3rd-party interface drivers
- Update to version neutron-13.0.8.dev47:
* Router synch shouldn't return unrelated routers
- Update to version neutron-13.0.8.dev45:
* Only notify nova of port status changes if configured
- Update to version neutron-13.0.8.dev44:
* Add Rocky milestone tag for alembic migration revisions
- Update to version neutron-13.0.8.dev42:
* Cap pycodestyle to be < 2.6.0
* Report L3 extensions enabled in the L3 agent's config
- Update to version neutron-13.0.8.dev39:
* Adding LOG statements to debug 1838449
- Update to version neutron-13.0.8.dev38:
* Improve VLAN allocations synchronization
* [L3 HA] Add "no\_track" option to VIPs in keepalived config
* Change ovs-agent iteration log level to INFO
* Refactor the L3 agent batch notifier
* Do not link up HA router gateway in backup node
Changes in
openstack-neutron-vsphere.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- The networking-vsphere repo got moved from github to opendev.org. We no
longer able to automatically generate changelogs from
opendev.org as it doesn't provide the same API as github. We'll need to
manually update it from now on.
- update to version 2.0.1~dev167
- Making networking-vsphere run under Python3
- OVSvApp Security Group Changes
Changes in openstack-nova.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version nova-18.3.1.dev38:
* libvirt: Don't delete disks on shared storage during evacuate
* Add functional test for bug 1550919
- Update to version nova-18.3.1.dev36:
* Fix os\_CODENAME detection and repo refresh during ceph tests
- Update to version nova-18.3.1.dev35:
* Update scheduler instance info at confirm resize
- Update to version nova-18.3.1.dev33:
* Reproduce bug 1869050
- Update to version nova-18.3.1.dev31:
* Revert "nova shared storage: rbd is always shared storage"
- Update to version nova-18.3.1.dev29:
* Clean up allocation if unshelve fails due to neutron
* Reset the cell cache for database access in Service
* Reproduce bug 1862633
* Make RBD imagebackend flatten method idempotent
- Update to version nova-18.3.1.dev21:
* Add config option for neutron client retries
- Update to version nova-18.3.1.dev19:
* Add retry to cinder API calls related to volume detach
- Update to version nova-18.3.1.dev18:
* Lowercase ironic driver hash ring and ignore case in cache
Changes in openstack-nova.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version nova-18.3.1.dev38:
* libvirt: Don't delete disks on shared storage during evacuate
* Add functional test for bug 1550919
- Update to version nova-18.3.1.dev36:
* Fix os\_CODENAME detection and repo refresh during ceph tests
- Update to version nova-18.3.1.dev35:
* Update scheduler instance info at confirm resize
- Update to version nova-18.3.1.dev33:
* Reproduce bug 1869050
- Update to version nova-18.3.1.dev31:
* Revert "nova shared storage: rbd is always shared storage"
- Update to version nova-18.3.1.dev29:
* Clean up allocation if unshelve fails due to neutron
* Reset the cell cache for database access in Service
* Reproduce bug 1862633
* Make RBD imagebackend flatten method idempotent
- Update to version nova-18.3.1.dev21:
* Add config option for neutron client retries
- Update to version nova-18.3.1.dev19:
* Add retry to cinder API calls related to volume detach
- Update to version nova-18.3.1.dev18:
* Lowercase ironic driver hash ring and ignore case in cache
Changes in openstack-octavia.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update patch for SUSE distro support
* Fix osutils.py to handle secondary interfaces (SOC-11289)
* Add 020-amphora-logging.conf for configuring log targets
- Update to version octavia-3.2.3.dev7:
* Fix the amphora noop driver
* Validate resource access when creating loadbalancer or member
- Update to version octavia-3.2.3.dev3:
* Fix Rocky v2 scenario and grenade jobs
Changes in
openstack-octavia-amphora-image.SUSE_SLE-12-SP4_Update_Products_Cloud9_Upda
te:
- Update image to 0.1.4 to include latest changes
Changes in
openstack-resource-agents.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 1.0+git.1569436425.8b9c49f:
* Add a configurable delay to Nova Evacuate calls
* OpenDev Migration Patch
* NovaEvacuate: fix a syntax error
* NovaEvacuate: Support the new split-out IHA fence agents with
backwards compatibility
* NovaEvacuate: Correctly handle stopped hypervisors
* neutron-ha-tool: do not replicate dhcp
* NovaCompute: Support parsing host option from /etc/nova/nova.conf.d
* NovaCompute: Use variable to avoid calling crudini a second time
* NovaEvacuate: Allow debug logging to be turned on easily
Changes in python-Django1.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Update to version 1.11.29 (bsc#1161919, CVE-2020-7471, bsc#1165022,
CVE-2020-9402, bsc#1159447, CVE-2019-19844)
* Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS
functions and aggregates on Oracle.
* Pinned PyYAML < 5.3 in test requirements.
* Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter.
* Fixed timezones tests for PyYAML 5.3+.
* Fixed CVE-2019-19844 -- Used verified user email for password reset
requests.
* Fixed #31073 -- Prevented CheckboxInput.get_context() from mutating
attrs.
* Fixed #30826 -- Fixed crash of many JSONField lookups when one hand
side is key transform.
* Fixed #30769 -- Fixed a crash when filtering against a subquery
JSON/HStoreField annotation.
- Security fixes (bsc#1172167, bsc#1172166, CVE-2020-13254,
CVE-2020-13596)
* Added patch CVE-2020-13254.patch
* Added patch CVE-2020-13596.patch
Changes in python-Pillow.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Add 010-Fix-OOB-reads-in-FLI-decoding.patch
* From upstream, backported
* Fixes CVE-2020-10177, bsc#1173413
- Add 011-Fix-buffer-overflow-in-SGI-RLE-decoding.patch
* From upstream, backported
* Fixes CVE-2020-11538, bsc#1173420
- Add 012-Fix-bounds-overflow-in-JPEG-2000-decoding.patch
* From upstream, backported
* Fixes CVE-2020-10994, bsc#1173418
- Add 013-Fix-bounds-overflow-in-PCX-decoding.patch
* From upstream, backported
* Fixes CVE-2020-10378, bsc#1173416
- Remove decompression_bomb.gif and relevant test case to avoid ClamAV
scan alerts during build
- Add 001-Corrected-negative-seeks.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 002-Added-decompression-bomb-checks.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 003-Raise-error-if-dimension-is-a-string.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 004-Catch-buffer-overruns.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 005-Catch-PCX-P-mode-buffer-overrun.patch
* From upstream, backported
* Fixes CVE-2020-5312, bsc#1160152
- Add 006-Catch-SGI-buffer-overruns.patch
* From upstream, backported
* Fixes CVE-2020-5311, bsc#1160151
- Add 007-Ensure-previous-FLI-frame-is-loaded.patch
* From upstream, backported
* Fixes https://github.com/python-pillow/Pillow/issues/2649
* Uncovers CVE-2020-5313, bsc#1160153
- Add 008-Catch-FLI-buffer-overrun.patch
* From upstream, backported
* Fixes CVE-2020-5313, bsc#1160153
- Add 009-Invalid-number-of-bands-in-FPX-image.patch
* From upstream, backported
* Fixes CVE-2019-19911, bsc#1160192
Changes in python-ardana-packager.SUSE_SLE-12-SP4_Update_Products_Cloud9:
- fetch updated nova_host_aggregate from git
- Add missing novaclient required domain entries (bsc#1174006)
- update from git repo
- Add missing novaclient required domain entries (bsc#1174006)
Changes in python-heatclient.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- update to version 1.16.3
- Replace openstack.org git:// URLs with https://
- OpenDev Migration Patch
Changes in
python-neutron-tempest-plugin.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update
:
- added
0002-Ensure-that-external-network-dont-have-any-ports-before-deletion.patch
Changes in
python-octavia-tempest-plugin.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update
:
- Fix broken compile options for httpd.bin
Changes in python-os-brick.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Apply patches to resolve CVE-2020-10755 (bsc#1172522)
- 0001-Remove-VxFlex-OS-credentials-from-connection_propert.patch
- 0002-Fix-Remove-VxFlex-OS-credentials-regression.patch
Changes in
python-oslo.messaging.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- added 0001-Use-default-exchange-for-direct-messaging.patch (SOC-11082,
SOC-11274, bsc#1159046)
Changes in python-pyroute2.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- update to 0.5.2
* ndb: read-only DB prototype
* remote: support communication via stdio
* general: fix async keyword -- Python 3.7 compatibility
* <https://github.com/svinota/pyroute2/issues/467>
* <https://bugzilla.redhat.com/show_bug.cgi?id=1583800>
* iproute: support monitoring on BSD systems via PF_ROUTE
* rtnl: support for SQL schema in message classes
* nl80211: improvements
* <https://github.com/svinota/pyroute2/issues/512>
* <https://github.com/svinota/pyroute2/issues/514>
* <https://github.com/svinota/pyroute2/issues/515>
* netlink: support generators
- update to 0.5.1
* ipdb: #310 -- route keying fix
* ipdb: #483, #484 -- callback internals change
* ipdb: #499 -- eventloop interface
* ipdb: #500 -- fix non-default :: routes
* netns: #448 -- API change: setns() doesn't remove FD
* netns: #504 -- fix resource leakage
* bsd: initial commits
- update to 0.5.0
* ACHTUNG: ipdb commit logic is changed
* ipdb: do not drop failed transactions
* ipdb: #388 -- normalize IPv6 addresses
* ipdb: #391 -- support both IPv4 and IPv6 default routes
* ipdb: #392 -- fix MPLS route key reference
* ipdb: #394 -- correctly work with route priorities
* ipdb: #408 -- fix IPv6 routes in tables >= 256
* ipdb: #416 -- fix VRF interfaces creation
* ipset: multiple improvements
* tuntap: #469 -- support s390x arch
* nlsocket: #443 -- fix socket methods resolve order for Python2
* netns: non-destructive `netns.create()`
Changes in python-urllib3.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Skip test_source_address_error as we raise different error with fixes
that we provide in new python2/3
- Update python-urllib3-recent-date.patch to have RECENT_DATE within the
needed boundaries for the test suite.
Changes in python-waitress.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- update to 1.4.3 to include fixes for:
* CVE-2019-16785 / bsc#1161088
* CVE-2019-16786 / bsc#1161089
* CVE-2019-16789 / bsc#1160790
* CVE-2019-16792 / bsc#1161670
- make sure UTF8 locale is used when runnning tests
* Sometimes functional tests executed in python3 failed if stdout was
not set to UTF-8. The error message was: ValueError: underlying buffer
has been detached
- %python3_only -> %python_alternative
- update to 1.4.3
* Waitress did not properly validate that the HTTP headers it received
were properly formed, thereby potentially allowing a front-end server
to treat a request different from Waitress. This could lead to HTTP
request smuggling/splitting.
- drop patch local-intersphinx-inventories.patch
* it was commented out, anyway
- update to 1.4.0:
- Waitress used to slam the door shut on HTTP pipelined requests without
setting the ``Connection: close`` header as appropriate in the
response. This is of course not very friendly. Waitress now explicitly
sets the header when responding with an internally generated error
such as 400 Bad Request or 500 Internal Server Error to notify the
remote client that it will be closing the connection after the
response is sent.
- Waitress no longer allows any spaces to exist between the header
field-name and the colon. While waitress did not strip the space and
thereby was not vulnerable to any potential header field-name
confusion, it should have sent back a 400 Bad Request. See
https://github.com/Pylons/waitress/issues/273
- CRLR handling Security fixes
- update to 1.3.1
* Waitress won’t accidentally throw away part of the path if it starts
with a double slash
- version update to 1.3.0 Deprecations ~~~~~~~~~~~~
- The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated
pending removal in a future release. and
https://github.com/Pylons/waitress/pull/246 Features ~~~~~~~~
- Add a new ``outbuf_high_watermark`` adjustment which is used to apply
backpressure on the ``app_iter`` to avoid letting it spin faster than
data can be written to the socket. This stabilizes responses that
iterate quickly with a lot of data. See
https://github.com/Pylons/waitress/pull/242
- Stop early and close the ``app_iter`` when attempting to write to a
closed socket due to a client disconnect. This should notify a
long-lived streaming response when a client hangs up. See
https://github.com/Pylons/waitress/pull/238 and
https://github.com/Pylons/waitress/pull/240 and
https://github.com/Pylons/waitress/pull/241
- Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was
set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls
how much waitress will buffer internally before flushing to the
kernel, whereas previously it used to also throttle how much data was
sent to the kernel. This change enables a streaming ``app_iter``
containing small chunks to still be flushed efficiently. See
https://github.com/Pylons/waitress/pull/246 Bugfixes ~~~~~~~~
- Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we
will no longer set the version to the string value "None". See
https://github.com/Pylons/waitress/pull/252 and
https://github.com/Pylons/waitress/issues/110
- When a client closes a socket unexpectedly there was potential for
memory leaks in which data was written to the buffers after they were
closed, causing them to reopen. See
https://github.com/Pylons/waitress/pull/239
- Fix the queue depth warnings to only show when all threads are busy.
See https://github.com/Pylons/waitress/pull/243 and
https://github.com/Pylons/waitress/pull/247
- Trigger the ``app_iter`` to close as part of shutdown. This will only
be noticeable for users of the internal server api. In more typical
operations the server will die before benefiting from these changes.
See https://github.com/Pylons/waitress/pull/245
- Fix a bug in which a streaming ``app_iter`` may never cleanup data
that has already been sent. This would cause buffers in waitress to
grow without bounds. These buffers now properly rotate and release
their data. See https://github.com/Pylons/waitress/pull/242
- Fix a bug in which non-seekable subclasses of ``io.IOBase`` would
trigger an exception when passed to the ``wsgi.file_wrapper``
callback. See https://github.com/Pylons/waitress/pull/249
- Trim marketing wording and other platform mentions.
- Add fetch-intersphinx-inventories.sh to sources
- Add local-intersphinx-inventories.patch for generating the docs correctly
- update to version 1.2.1: too many changes to list here, see:
https://github.com/Pylons/waitress/blob/master/CHANGES.txt
or even: https://github.com/Pylons/waitress/commits/master
- Remove superfluous devel dependency for noarch package
Changes in
rubygem-activeresource.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Add bsc#1171560-CVE-2020-8151-encode-id-param.patch Prevent possible
information disclosure issue that could allow an attacker to create
specially crafted requests to access data in an unexpected way
(bsc#1171560 CVE-2020-8151))_
Changes in rubygem-json-1_7.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Add CVE-2020-10663.patch (CVE-2020-10663, bsc#1167244)
Changes in rubygem-puma.SUSE_SLE-12-SP4_Update_Products_Cloud9_Update:
- Fix indentation in gem2rpm.yml_
- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)
- Add chunked-request-handling.patch (needed for CVE-2020-11076.patch)
- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)
- Add all patches to gem2rpm.yml
Changes in
release-notes-suse-openstack-cloud.SUSE_SLE-12-SP4_Update_Products_Cloud9_U
pdate:
- Update to version 9.20200610:
* Terraform support validation release note added (SOC-11314)
- Update to version 9.20200504:
* language change for accuracy - MANAGEMENT network group (SOC-10106)
* add limitation about MANAGEMENT network group (SOC-10106)
- Update to version 9.20200429:
* Mark identity api v2 as deprecated (bsc#1163446)
- Update to version 9.20200428:
* Update release notes to indicate Octavia support has shipped
(SOC-11241)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud Crowbar 9:
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-2161=1
- SUSE OpenStack Cloud 9:
zypper in -t patch SUSE-OpenStack-Cloud-9-2020-2161=1
Package List:
- SUSE OpenStack Cloud Crowbar 9 (noarch):
crowbar-openstack-6.0+git.1591795073.49cb6400e-3.25.3
openstack-barbican-7.0.1~dev24-3.9.5
openstack-barbican-api-7.0.1~dev24-3.9.5
openstack-barbican-keystone-listener-7.0.1~dev24-3.9.5
openstack-barbican-retry-7.0.1~dev24-3.9.5
openstack-barbican-worker-7.0.1~dev24-3.9.5
openstack-ceilometer-11.1.1~dev7-3.16.3
openstack-ceilometer-agent-central-11.1.1~dev7-3.16.3
openstack-ceilometer-agent-compute-11.1.1~dev7-3.16.3
openstack-ceilometer-agent-ipmi-11.1.1~dev7-3.16.3
openstack-ceilometer-agent-notification-11.1.1~dev7-3.16.3
openstack-ceilometer-polling-11.1.1~dev7-3.16.3
openstack-cinder-13.0.10~dev12-3.22.4
openstack-cinder-api-13.0.10~dev12-3.22.4
openstack-cinder-backup-13.0.10~dev12-3.22.4
openstack-cinder-scheduler-13.0.10~dev12-3.22.4
openstack-cinder-volume-13.0.10~dev12-3.22.4
openstack-dashboard-14.1.1~dev6-3.15.5
openstack-designate-7.0.2~dev2-3.19.3
openstack-designate-agent-7.0.2~dev2-3.19.3
openstack-designate-api-7.0.2~dev2-3.19.3
openstack-designate-central-7.0.2~dev2-3.19.3
openstack-designate-producer-7.0.2~dev2-3.19.3
openstack-designate-sink-7.0.2~dev2-3.19.3
openstack-designate-worker-7.0.2~dev2-3.19.3
openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.6.2
openstack-ironic-11.1.5~dev6-3.19.3
openstack-ironic-api-11.1.5~dev6-3.19.3
openstack-ironic-conductor-11.1.5~dev6-3.19.3
openstack-keystone-14.2.1~dev4-3.22.3
openstack-magnum-7.2.1~dev1-3.13.3
openstack-magnum-api-7.2.1~dev1-3.13.3
openstack-magnum-conductor-7.2.1~dev1-3.13.3
openstack-manila-7.4.2~dev31-4.24.3
openstack-manila-api-7.4.2~dev31-4.24.3
openstack-manila-data-7.4.2~dev31-4.24.3
openstack-manila-scheduler-7.4.2~dev31-4.24.3
openstack-manila-share-7.4.2~dev31-4.24.3
openstack-monasca-agent-2.8.2~dev5-3.9.3
openstack-neutron-13.0.8~dev68-3.25.3
openstack-neutron-dhcp-agent-13.0.8~dev68-3.25.3
openstack-neutron-ha-tool-13.0.8~dev68-3.25.3
openstack-neutron-l3-agent-13.0.8~dev68-3.25.3
openstack-neutron-linuxbridge-agent-13.0.8~dev68-3.25.3
openstack-neutron-macvtap-agent-13.0.8~dev68-3.25.3
openstack-neutron-metadata-agent-13.0.8~dev68-3.25.3
openstack-neutron-metering-agent-13.0.8~dev68-3.25.3
openstack-neutron-openvswitch-agent-13.0.8~dev68-3.25.3
openstack-neutron-server-13.0.8~dev68-3.25.3
openstack-neutron-vsphere-2.0.1~dev167-3.3.3
openstack-neutron-vsphere-doc-2.0.1~dev167-3.3.3
openstack-neutron-vsphere-dvs-agent-2.0.1~dev167-3.3.3
openstack-neutron-vsphere-ovsvapp-agent-2.0.1~dev167-3.3.3
openstack-nova-18.3.1~dev38-3.25.4
openstack-nova-api-18.3.1~dev38-3.25.4
openstack-nova-cells-18.3.1~dev38-3.25.4
openstack-nova-compute-18.3.1~dev38-3.25.4
openstack-nova-conductor-18.3.1~dev38-3.25.4
openstack-nova-console-18.3.1~dev38-3.25.4
openstack-nova-novncproxy-18.3.1~dev38-3.25.4
openstack-nova-placement-api-18.3.1~dev38-3.25.4
openstack-nova-scheduler-18.3.1~dev38-3.25.4
openstack-nova-serialproxy-18.3.1~dev38-3.25.4
openstack-nova-vncproxy-18.3.1~dev38-3.25.4
openstack-octavia-3.2.3~dev7-3.25.3
openstack-octavia-amphora-agent-3.2.3~dev7-3.25.3
openstack-octavia-amphora-image-debugsource-0.1.4-7.12.3
openstack-octavia-amphora-image-x86_64-0.1.4-7.12.3
openstack-octavia-api-3.2.3~dev7-3.25.3
openstack-octavia-health-manager-3.2.3~dev7-3.25.3
openstack-octavia-housekeeping-3.2.3~dev7-3.25.3
openstack-octavia-worker-3.2.3~dev7-3.25.3
openstack-resource-agents-1.0+git.1569436425.8b9c49f-5.3.2
python-Django1-1.11.29-3.15.2
python-barbican-7.0.1~dev24-3.9.5
python-ceilometer-11.1.1~dev7-3.16.3
python-cinder-13.0.10~dev12-3.22.4
python-designate-7.0.2~dev2-3.19.3
python-heatclient-1.16.3-3.3.3
python-heatclient-doc-1.16.3-3.3.3
python-horizon-14.1.1~dev6-3.15.5
python-ironic-11.1.5~dev6-3.19.3
python-keystone-14.2.1~dev4-3.22.3
python-magnum-7.2.1~dev1-3.13.3
python-manila-7.4.2~dev31-4.24.3
python-monasca-agent-2.8.2~dev5-3.9.3
python-networking-vsphere-2.0.1~dev167-3.3.3
python-neutron-13.0.8~dev68-3.25.3
python-neutron-tempest-plugin-0.2.0-3.3.2
python-nova-18.3.1~dev38-3.25.4
python-octavia-3.2.3~dev7-3.25.3
python-openstack_auth-14.1.1~dev6-3.15.5
python-os-brick-2.5.10-3.12.3
python-os-brick-common-2.5.10-3.12.3
python-oslo.messaging-8.1.4-3.6.2
python-pyroute2-0.5.2-4.3.2
python-urllib3-1.23-3.12.2
python-waitress-1.4.3-3.3.1
release-notes-suse-openstack-cloud-9.20200610-3.21.4
- SUSE OpenStack Cloud Crowbar 9 (x86_64):
crowbar-core-6.0+git.1594619891.b75a61d0d-3.25.5
crowbar-core-branding-upstream-6.0+git.1594619891.b75a61d0d-3.25.5
grafana-6.2.5-3.12.2
grafana-debuginfo-6.2.5-3.12.2
kibana-4.6.3-4.3.2
kibana-debuginfo-4.6.3-4.3.2
python-Pillow-5.2.0-3.3.2
python-Pillow-debuginfo-5.2.0-3.3.2
python-Pillow-debugsource-5.2.0-3.3.2
python-octavia-tempest-plugin-0.2.0-3.3.2
ruby2.1-rubygem-activeresource-4.0.0-4.3.1
ruby2.1-rubygem-json-1_7-1.7.7-4.3.1
ruby2.1-rubygem-json-1_7-debuginfo-1.7.7-4.3.1
ruby2.1-rubygem-puma-2.16.0-4.9.1
ruby2.1-rubygem-puma-debuginfo-2.16.0-4.9.1
rubygem-json-1_7-debugsource-1.7.7-4.3.1
rubygem-puma-debugsource-2.16.0-4.9.1
- SUSE OpenStack Cloud 9 (x86_64):
grafana-6.2.5-3.12.2
grafana-debuginfo-6.2.5-3.12.2
kibana-4.6.3-4.3.2
kibana-debuginfo-4.6.3-4.3.2
python-Pillow-5.2.0-3.3.2
python-Pillow-debuginfo-5.2.0-3.3.2
python-Pillow-debugsource-5.2.0-3.3.2
python-octavia-tempest-plugin-0.2.0-3.3.2
- SUSE OpenStack Cloud 9 (noarch):
ansible1-1.9.6-9.7.2
ardana-ansible-9.0+git.1591138508.e269bdb-3.22.2
ardana-cobbler-9.0+git.1588181228.bae3b1f-3.13.2
ardana-glance-9.0+git.1593631708.9354a78-3.13.2
ardana-input-model-9.0+git.1589740948.c24fc0b-3.19.2
ardana-logging-9.0+git.1591193994.d93b668-3.13.2
ardana-manila-9.0+git.1594158642.b5905e4-3.12.2
ardana-monasca-9.0+git.1589385256.7fbfaaf-3.19.2
ardana-mq-9.0+git.1593618110.cbd1a37-3.16.2
ardana-neutron-9.0+git.1590756257.e09d54f-3.22.2
ardana-octavia-9.0+git.1590079609.a2ae6ab-3.19.2
ardana-tempest-9.0+git.1593033709.9495bb2-3.16.2
openstack-barbican-7.0.1~dev24-3.9.5
openstack-barbican-api-7.0.1~dev24-3.9.5
openstack-barbican-keystone-listener-7.0.1~dev24-3.9.5
openstack-barbican-retry-7.0.1~dev24-3.9.5
openstack-barbican-worker-7.0.1~dev24-3.9.5
openstack-ceilometer-11.1.1~dev7-3.16.3
openstack-ceilometer-agent-central-11.1.1~dev7-3.16.3
openstack-ceilometer-agent-compute-11.1.1~dev7-3.16.3
openstack-ceilometer-agent-ipmi-11.1.1~dev7-3.16.3
openstack-ceilometer-agent-notification-11.1.1~dev7-3.16.3
openstack-ceilometer-polling-11.1.1~dev7-3.16.3
openstack-cinder-13.0.10~dev12-3.22.4
openstack-cinder-api-13.0.10~dev12-3.22.4
openstack-cinder-backup-13.0.10~dev12-3.22.4
openstack-cinder-scheduler-13.0.10~dev12-3.22.4
openstack-cinder-volume-13.0.10~dev12-3.22.4
openstack-dashboard-14.1.1~dev6-3.15.5
openstack-designate-7.0.2~dev2-3.19.3
openstack-designate-agent-7.0.2~dev2-3.19.3
openstack-designate-api-7.0.2~dev2-3.19.3
openstack-designate-central-7.0.2~dev2-3.19.3
openstack-designate-producer-7.0.2~dev2-3.19.3
openstack-designate-sink-7.0.2~dev2-3.19.3
openstack-designate-worker-7.0.2~dev2-3.19.3
openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.6.2
openstack-ironic-11.1.5~dev6-3.19.3
openstack-ironic-api-11.1.5~dev6-3.19.3
openstack-ironic-conductor-11.1.5~dev6-3.19.3
openstack-keystone-14.2.1~dev4-3.22.3
openstack-magnum-7.2.1~dev1-3.13.3
openstack-magnum-api-7.2.1~dev1-3.13.3
openstack-magnum-conductor-7.2.1~dev1-3.13.3
openstack-manila-7.4.2~dev31-4.24.3
openstack-manila-api-7.4.2~dev31-4.24.3
openstack-manila-data-7.4.2~dev31-4.24.3
openstack-manila-scheduler-7.4.2~dev31-4.24.3
openstack-manila-share-7.4.2~dev31-4.24.3
openstack-monasca-agent-2.8.2~dev5-3.9.3
openstack-neutron-13.0.8~dev68-3.25.3
openstack-neutron-dhcp-agent-13.0.8~dev68-3.25.3
openstack-neutron-ha-tool-13.0.8~dev68-3.25.3
openstack-neutron-l3-agent-13.0.8~dev68-3.25.3
openstack-neutron-linuxbridge-agent-13.0.8~dev68-3.25.3
openstack-neutron-macvtap-agent-13.0.8~dev68-3.25.3
openstack-neutron-metadata-agent-13.0.8~dev68-3.25.3
openstack-neutron-metering-agent-13.0.8~dev68-3.25.3
openstack-neutron-openvswitch-agent-13.0.8~dev68-3.25.3
openstack-neutron-server-13.0.8~dev68-3.25.3
openstack-neutron-vsphere-2.0.1~dev167-3.3.3
openstack-neutron-vsphere-doc-2.0.1~dev167-3.3.3
openstack-neutron-vsphere-dvs-agent-2.0.1~dev167-3.3.3
openstack-neutron-vsphere-ovsvapp-agent-2.0.1~dev167-3.3.3
openstack-nova-18.3.1~dev38-3.25.4
openstack-nova-api-18.3.1~dev38-3.25.4
openstack-nova-cells-18.3.1~dev38-3.25.4
openstack-nova-compute-18.3.1~dev38-3.25.4
openstack-nova-conductor-18.3.1~dev38-3.25.4
openstack-nova-console-18.3.1~dev38-3.25.4
openstack-nova-novncproxy-18.3.1~dev38-3.25.4
openstack-nova-placement-api-18.3.1~dev38-3.25.4
openstack-nova-scheduler-18.3.1~dev38-3.25.4
openstack-nova-serialproxy-18.3.1~dev38-3.25.4
openstack-nova-vncproxy-18.3.1~dev38-3.25.4
openstack-octavia-3.2.3~dev7-3.25.3
openstack-octavia-amphora-agent-3.2.3~dev7-3.25.3
openstack-octavia-amphora-image-debugsource-0.1.4-7.12.3
openstack-octavia-amphora-image-x86_64-0.1.4-7.12.3
openstack-octavia-api-3.2.3~dev7-3.25.3
openstack-octavia-health-manager-3.2.3~dev7-3.25.3
openstack-octavia-housekeeping-3.2.3~dev7-3.25.3
openstack-octavia-worker-3.2.3~dev7-3.25.3
openstack-resource-agents-1.0+git.1569436425.8b9c49f-5.3.2
python-Django1-1.11.29-3.15.2
python-ardana-packager-0.0.3-9.3.2
python-barbican-7.0.1~dev24-3.9.5
python-ceilometer-11.1.1~dev7-3.16.3
python-cinder-13.0.10~dev12-3.22.4
python-designate-7.0.2~dev2-3.19.3
python-heatclient-1.16.3-3.3.3
python-heatclient-doc-1.16.3-3.3.3
python-horizon-14.1.1~dev6-3.15.5
python-ironic-11.1.5~dev6-3.19.3
python-keystone-14.2.1~dev4-3.22.3
python-magnum-7.2.1~dev1-3.13.3
python-manila-7.4.2~dev31-4.24.3
python-monasca-agent-2.8.2~dev5-3.9.3
python-networking-vsphere-2.0.1~dev167-3.3.3
python-neutron-13.0.8~dev68-3.25.3
python-neutron-tempest-plugin-0.2.0-3.3.2
python-nova-18.3.1~dev38-3.25.4
python-octavia-3.2.3~dev7-3.25.3
python-openstack_auth-14.1.1~dev6-3.15.5
python-os-brick-2.5.10-3.12.3
python-os-brick-common-2.5.10-3.12.3
python-oslo.messaging-8.1.4-3.6.2
python-pyroute2-0.5.2-4.3.2
python-urllib3-1.23-3.12.2
python-waitress-1.4.3-3.3.1
release-notes-suse-openstack-cloud-9.20200610-3.21.4
venv-openstack-barbican-x86_64-7.0.1~dev24-3.19.3
venv-openstack-cinder-x86_64-13.0.10~dev12-3.19.2
venv-openstack-designate-x86_64-7.0.2~dev2-3.19.2
venv-openstack-glance-x86_64-17.0.1~dev30-3.17.2
venv-openstack-heat-x86_64-11.0.3~dev35-3.19.2
venv-openstack-horizon-x86_64-14.1.1~dev6-4.18.3
venv-openstack-ironic-x86_64-11.1.5~dev6-4.15.2
venv-openstack-keystone-x86_64-14.2.1~dev4-3.19.2
venv-openstack-magnum-x86_64-7.2.1~dev1-4.19.2
venv-openstack-manila-x86_64-7.4.2~dev31-3.21.2
venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.19.2
venv-openstack-monasca-x86_64-2.7.1~dev10-3.17.3
venv-openstack-neutron-x86_64-13.0.8~dev68-6.19.2
venv-openstack-nova-x86_64-18.3.1~dev38-3.19.3
venv-openstack-octavia-x86_64-3.2.3~dev7-4.19.2
venv-openstack-sahara-x86_64-9.0.2~dev15-3.19.2
venv-openstack-swift-x86_64-2.19.2~dev48-2.14.2
References:
https://www.suse.com/security/cve/CVE-2019-16785.html
https://www.suse.com/security/cve/CVE-2019-16786.html
https://www.suse.com/security/cve/CVE-2019-16789.html
https://www.suse.com/security/cve/CVE-2019-16792.html
https://www.suse.com/security/cve/CVE-2019-16865.html
https://www.suse.com/security/cve/CVE-2019-19844.html
https://www.suse.com/security/cve/CVE-2019-19911.html
https://www.suse.com/security/cve/CVE-2019-3828.html
https://www.suse.com/security/cve/CVE-2020-10177.html
https://www.suse.com/security/cve/CVE-2020-10378.html
https://www.suse.com/security/cve/CVE-2020-10743.html
https://www.suse.com/security/cve/CVE-2020-10755.html
https://www.suse.com/security/cve/CVE-2020-10994.html
https://www.suse.com/security/cve/CVE-2020-11538.html
https://www.suse.com/security/cve/CVE-2020-12052.html
https://www.suse.com/security/cve/CVE-2020-13254.html
https://www.suse.com/security/cve/CVE-2020-13379.html
https://www.suse.com/security/cve/CVE-2020-13596.html
https://www.suse.com/security/cve/CVE-2020-5311.html
https://www.suse.com/security/cve/CVE-2020-5312.html
https://www.suse.com/security/cve/CVE-2020-5313.html
https://www.suse.com/security/cve/CVE-2020-7471.html
https://www.suse.com/security/cve/CVE-2020-8184.html
https://www.suse.com/security/cve/CVE-2020-9402.html
https://bugzilla.suse.com/1019111
https://bugzilla.suse.com/1107190
https://bugzilla.suse.com/1126503
https://bugzilla.suse.com/1136928
https://bugzilla.suse.com/1153191
https://bugzilla.suse.com/1159046
https://bugzilla.suse.com/1159447
https://bugzilla.suse.com/1160151
https://bugzilla.suse.com/1160152
https://bugzilla.suse.com/1160153
https://bugzilla.suse.com/1160192
https://bugzilla.suse.com/1160790
https://bugzilla.suse.com/1161088
https://bugzilla.suse.com/1161089
https://bugzilla.suse.com/1161670
https://bugzilla.suse.com/1161919
https://bugzilla.suse.com/1163446
https://bugzilla.suse.com/1165022
https://bugzilla.suse.com/1170657
https://bugzilla.suse.com/1171070
https://bugzilla.suse.com/1171071
https://bugzilla.suse.com/1171072
https://bugzilla.suse.com/1171273
https://bugzilla.suse.com/1171594
https://bugzilla.suse.com/1171909
https://bugzilla.suse.com/1172166
https://bugzilla.suse.com/1172167
https://bugzilla.suse.com/1172409
https://bugzilla.suse.com/1172522
https://bugzilla.suse.com/1173413
https://bugzilla.suse.com/1173416
https://bugzilla.suse.com/1173418
https://bugzilla.suse.com/1173420
https://bugzilla.suse.com/1174006
More information about the sle-updates
mailing list