SUSE-RU-2021:0497-1: important: Recommended update for ardana-db, ardana-horizon, ardana-logging, ardana-monasca, ardana-opsconsole-ui, ardana-osconfig, crowbar-core, crowbar-openstack, kibana, openstack-dashboard, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, release-notes-suse-openstack-cloud, sleshammer

sle-updates at lists.suse.com sle-updates at lists.suse.com
Wed Feb 17 20:15:28 UTC 2021


   SUSE Recommended Update: Recommended update for ardana-db, ardana-horizon, ardana-logging, ardana-monasca, ardana-opsconsole-ui, ardana-osconfig, crowbar-core, crowbar-openstack, kibana, openstack-dashboard, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, release-notes-suse-openstack-cloud, sleshammer
______________________________________________________________________________

Announcement ID:    SUSE-RU-2021:0497-1
Rating:             important
References:         #1048688 #1149535 #1179189 #1179955 #1180507 
                    #1181040 #1181379 #1181521 SOC-11429 
Affected Products:
                    SUSE OpenStack Cloud Crowbar 9
                    SUSE OpenStack Cloud 9
______________________________________________________________________________

   An update that solves one vulnerability, contains one
   feature and has 7 fixes is now available.

Description:

   This update for ardana-db, ardana-horizon, ardana-logging, ardana-monasca,
   ardana-opsconsole-ui, ardana-osconfig, crowbar-core, crowbar-openstack,
   kibana, openstack-dashboard, openstack-manila, openstack-neutron,
   openstack-neutron-gbp, openstack-nova, python-Django1,
   release-notes-suse-openstack-cloud, sleshammer fixes the following issues:

   Security fix included in this update: python-Django1
   - CVE-2021-3281: Fixed a potential directory traversal when extracting
     archives (bsc#1181379).

   Non-security fixes included in this update

   Changes in ardana-db:
   - Update to version 9.0+git.1611600773.5f1de5f:
     * Add tasks to check for the TLS certificate expiry (bsc#1181040)

   Changes in ardana-horizon:
   - Update to version 9.0+git.1610491814.38661c2:
     * Add Fix for logfile permissions (bsc#1179189)

   Changes in ardana-logging:
   - Update to version 9.0+git.1610490922.d5f9813:
     * Remove some files and fix mysql logs locations (bsc#1179189)

   Changes in ardana-monasca:
   - Update to version 9.0+git.1610547641.d79ecfd:
     * Add Fix for logfile permissions (bsc#1179189)

   Changes in ardana-opsconsole-ui:
   - Update to version 9.0+git.1611867924.eb82818:
     * Adjust period used to query monasca summary metrics (bsc#1181521)

   Changes in ardana-osconfig:
   - Update to version 9.0+git.1610634027.5934cf8:
     * Fix logrotate code that needs to silence the grep (bsc#1179189)

   Changes in crowbar-core:
   - Update to version 6.0+git.1611320924.849e748ff:
     * avoid v4.1.5 of delayed_job_active_record (noref)
     * add CVE-2020-26247 to travis ignore list (bsc#1180507)

   Changes in crowbar-openstack:
   - Update to version 6.0+git.1610402342.21499240d:
     * neutron: Fix handling of networks with non-ascii names (SOC-11429)

   - Update to version 6.0+git.1610374680.e68ff27d2:
     * Terminate ssl on haproxy for cinder (bsc#1149535)
     * Terminate ssl on haproxy for nova (bsc#1149535)

   Changes in kibana:
   - Added kibana.yml symlink (bsc#1048688, FATE#323204) Changes in
     openstack-dashboard:
   - add 0001-Fix-network_topology-view-memory-and-file-leaks.patch

   - Update to version horizon-14.1.1.dev10:
     * Fix open redirect (OSSA-2020-008, CVE-2020-29565)

   - Update to version horizon-14.1.1.dev8:
     * Cap bandit for python 2.7 env

   Changes in openstack-manila:
   - Update to version manila-7.4.2.dev60:
     * [stable/rocky] Adjust CI jobs
     * [NetApp] Fix CIFS promote back issue

   - Update to version manila-7.4.2.dev58:
     * [stable/rocky] Adjust CI jobs

   Changes in openstack-manila:
   - Update to version manila-7.4.2.dev60:
     * [stable/rocky] Adjust CI jobs
     * [NetApp] Fix CIFS promote back issue

   - Update to version manila-7.4.2.dev58:
     * [stable/rocky] Adjust CI jobs

   Changes in openstack-neutron:
   - Update to version neutron-13.0.8.dev147:
     * Improve DHCP agent's debug messages

   - Update to version neutron-13.0.8.dev145:
     * Use consistent filter API syntax

   - Update to version neutron-13.0.8.dev144:
     * Improve the CIDRs overlap check method for router add interface

   - Update to version neutron-13.0.8.dev142:
     * [GRE] Add possibility to create GRE tunnels over IPv6

   - Update to version neutron-13.0.8.dev140:
     * Fix migration from the HA to non-HA routers

   - Update to version neutron-13.0.8.dev138:
     * Dropping lower constraints testing (stable Rocky)
     * Fix calling of add\_tunnel\_port method from sanity checks module

   - Update to version neutron-13.0.8.dev136:
     * Dropping lower constraints testing (stable Rocky)

   Changes in openstack-neutron:
   - Update to version neutron-13.0.8.dev147:
     * Improve DHCP agent's debug messages

   - Update to version neutron-13.0.8.dev145:
     * Use consistent filter API syntax

   - Update to version neutron-13.0.8.dev144:
     * Improve the CIDRs overlap check method for router add interface

   - Update to version neutron-13.0.8.dev142:
     * [GRE] Add possibility to create GRE tunnels over IPv6

   - Update to version neutron-13.0.8.dev140:
     * Fix migration from the HA to non-HA routers

   - Update to version neutron-13.0.8.dev138:
     * Dropping lower constraints testing (stable Rocky)
     * Fix calling of add\_tunnel\_port method from sanity checks module

   - Update to version neutron-13.0.8.dev136:
     * Dropping lower constraints testing (stable Rocky)

   Changes in openstack-neutron-gbp:
   - Update to version group-based-policy-12.0.1.dev16:
     * [AIM] Add extension for ERSPAN 2014.2.rc1

   - Update to version group-based-policy-12.0.1.dev15:
     * Fix QoS unit tests 2014.2rc1

   - Update to version group-based-policy-12.0.1.dev14:
     * Fix session handling
     * Fix DB query call 2014.2.0rc1

   - Update to version group-based-policy-12.0.1.dev11:
     * Fix bug where security-group rule config doesn't reflect new VMs
       addition
     * Fix DB performance with sessions 2014.2rc1

   - Update to version group-based-policy-12.0.1.dev8: 2014.2.0rc1

   - Update to version group-based-policy-12.0.1.dev11:
     * Fix bug where security-group rule config doesn't reflect new VMs
       addition
     * Fix DB performance with sessions 2014.2rc1

   - Update to version group-based-policy-12.0.1.dev8:
     * Fix upstream gate 2014.2.0rc1

   - Update to version group-based-policy-12.0.1.dev7:
     * Block qos config in floating ip
     * Fix upstream gate 2014.2rc1

   Changes in openstack-nova:
   - Update to version nova-18.3.1.dev78:
     * [stable-only] Cap bandit and make lower-constraints job non-voting

   Changes in openstack-nova:
   - Update to version nova-18.3.1.dev78:
     * [stable-only] Cap bandit and make lower-constraints job non-voting

   Changes in python-Django1:
   - Add CVE-2021-3281.patch (bsc#1181379, CVE-2021-3281)
     * Fixes a potential directory traversal when extracting archives

   Changes in release-notes-suse-openstack-cloud:
   - Update to version 9.20201214:
     * Add workaround for secure boot issue when shim package is updated.
       Removed deprecated note about Crowbar Octavia plugin. (bsc#1179955)


Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Crowbar 9:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-497=1

   - SUSE OpenStack Cloud 9:

      zypper in -t patch SUSE-OpenStack-Cloud-9-2021-497=1



Package List:

   - SUSE OpenStack Cloud Crowbar 9 (x86_64):

      crowbar-core-6.0+git.1611320924.849e748ff-3.34.1
      crowbar-core-branding-upstream-6.0+git.1611320924.849e748ff-3.34.1
      kibana-4.6.3-4.6.1
      kibana-debuginfo-4.6.3-4.6.1

   - SUSE OpenStack Cloud Crowbar 9 (noarch):

      crowbar-openstack-6.0+git.1610402342.21499240d-3.31.1
      openstack-dashboard-14.1.1~dev10-3.21.3
      openstack-manila-7.4.2~dev60-4.33.2
      openstack-manila-api-7.4.2~dev60-4.33.2
      openstack-manila-data-7.4.2~dev60-4.33.2
      openstack-manila-scheduler-7.4.2~dev60-4.33.2
      openstack-manila-share-7.4.2~dev60-4.33.2
      openstack-neutron-13.0.8~dev147-3.34.2
      openstack-neutron-dhcp-agent-13.0.8~dev147-3.34.2
      openstack-neutron-gbp-12.0.1~dev16-3.22.2
      openstack-neutron-ha-tool-13.0.8~dev147-3.34.2
      openstack-neutron-l3-agent-13.0.8~dev147-3.34.2
      openstack-neutron-linuxbridge-agent-13.0.8~dev147-3.34.2
      openstack-neutron-macvtap-agent-13.0.8~dev147-3.34.2
      openstack-neutron-metadata-agent-13.0.8~dev147-3.34.2
      openstack-neutron-metering-agent-13.0.8~dev147-3.34.2
      openstack-neutron-openvswitch-agent-13.0.8~dev147-3.34.2
      openstack-neutron-server-13.0.8~dev147-3.34.2
      openstack-nova-18.3.1~dev78-3.34.2
      openstack-nova-api-18.3.1~dev78-3.34.2
      openstack-nova-cells-18.3.1~dev78-3.34.2
      openstack-nova-compute-18.3.1~dev78-3.34.2
      openstack-nova-conductor-18.3.1~dev78-3.34.2
      openstack-nova-console-18.3.1~dev78-3.34.2
      openstack-nova-novncproxy-18.3.1~dev78-3.34.2
      openstack-nova-placement-api-18.3.1~dev78-3.34.2
      openstack-nova-scheduler-18.3.1~dev78-3.34.2
      openstack-nova-serialproxy-18.3.1~dev78-3.34.2
      openstack-nova-vncproxy-18.3.1~dev78-3.34.2
      python-Django1-1.11.29-3.18.2
      python-horizon-14.1.1~dev10-3.21.3
      python-manila-7.4.2~dev60-4.33.2
      python-neutron-13.0.8~dev147-3.34.2
      python-neutron-gbp-12.0.1~dev16-3.22.2
      python-nova-18.3.1~dev78-3.34.2
      python-openstack_auth-14.1.1~dev10-3.21.3
      release-notes-suse-openstack-cloud-9.20201214-3.27.2
      sleshammer-debugsource-0.9.0-7.6.1
      sleshammer-x86_64-0.9.0-7.6.1

   - SUSE OpenStack Cloud 9 (noarch):

      ardana-db-9.0+git.1611600773.5f1de5f-3.22.1
      ardana-horizon-9.0+git.1610491814.38661c2-3.16.1
      ardana-logging-9.0+git.1610490922.d5f9813-3.16.1
      ardana-monasca-9.0+git.1610547641.d79ecfd-3.22.1
      ardana-opsconsole-ui-9.0+git.1611867924.eb82818-4.16.1
      ardana-osconfig-9.0+git.1610634027.5934cf8-3.25.1
      openstack-dashboard-14.1.1~dev10-3.21.3
      openstack-manila-7.4.2~dev60-4.33.2
      openstack-manila-api-7.4.2~dev60-4.33.2
      openstack-manila-data-7.4.2~dev60-4.33.2
      openstack-manila-scheduler-7.4.2~dev60-4.33.2
      openstack-manila-share-7.4.2~dev60-4.33.2
      openstack-neutron-13.0.8~dev147-3.34.2
      openstack-neutron-dhcp-agent-13.0.8~dev147-3.34.2
      openstack-neutron-gbp-12.0.1~dev16-3.22.2
      openstack-neutron-ha-tool-13.0.8~dev147-3.34.2
      openstack-neutron-l3-agent-13.0.8~dev147-3.34.2
      openstack-neutron-linuxbridge-agent-13.0.8~dev147-3.34.2
      openstack-neutron-macvtap-agent-13.0.8~dev147-3.34.2
      openstack-neutron-metadata-agent-13.0.8~dev147-3.34.2
      openstack-neutron-metering-agent-13.0.8~dev147-3.34.2
      openstack-neutron-openvswitch-agent-13.0.8~dev147-3.34.2
      openstack-neutron-server-13.0.8~dev147-3.34.2
      openstack-nova-18.3.1~dev78-3.34.2
      openstack-nova-api-18.3.1~dev78-3.34.2
      openstack-nova-cells-18.3.1~dev78-3.34.2
      openstack-nova-compute-18.3.1~dev78-3.34.2
      openstack-nova-conductor-18.3.1~dev78-3.34.2
      openstack-nova-console-18.3.1~dev78-3.34.2
      openstack-nova-novncproxy-18.3.1~dev78-3.34.2
      openstack-nova-placement-api-18.3.1~dev78-3.34.2
      openstack-nova-scheduler-18.3.1~dev78-3.34.2
      openstack-nova-serialproxy-18.3.1~dev78-3.34.2
      openstack-nova-vncproxy-18.3.1~dev78-3.34.2
      python-Django1-1.11.29-3.18.2
      python-horizon-14.1.1~dev10-3.21.3
      python-manila-7.4.2~dev60-4.33.2
      python-neutron-13.0.8~dev147-3.34.2
      python-neutron-gbp-12.0.1~dev16-3.22.2
      python-nova-18.3.1~dev78-3.34.2
      python-openstack_auth-14.1.1~dev10-3.21.3
      release-notes-suse-openstack-cloud-9.20201214-3.27.2
      venv-openstack-horizon-x86_64-14.1.1~dev10-4.25.2
      venv-openstack-manila-x86_64-7.4.2~dev60-3.27.2
      venv-openstack-neutron-x86_64-13.0.8~dev147-6.25.2
      venv-openstack-nova-x86_64-18.3.1~dev78-3.25.2

   - SUSE OpenStack Cloud 9 (x86_64):

      kibana-4.6.3-4.6.1
      kibana-debuginfo-4.6.3-4.6.1


References:

   https://www.suse.com/security/cve/CVE-2021-3281.html
   https://bugzilla.suse.com/1048688
   https://bugzilla.suse.com/1149535
   https://bugzilla.suse.com/1179189
   https://bugzilla.suse.com/1179955
   https://bugzilla.suse.com/1180507
   https://bugzilla.suse.com/1181040
   https://bugzilla.suse.com/1181379
   https://bugzilla.suse.com/1181521



More information about the sle-updates mailing list