Explore top 10 tips to secure your open-source projects now. Read More
×
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Red Hat Enterprise Linux OpenStack Platform director provides the
facilities for deploying and monitoring a private or public
infrastructure-as-a-service (IaaS) cloud based on Red Hat Enterprise Linux
OpenStack Platform.
A flaw was discovered in the pipeline ordering of OpenStack Object
Storage's staticweb middleware in the swiftproxy configuration generated
from the openstack-tripleo-heat-templates package (OpenStack director).
The staticweb middleware was incorrectly configured before the Identity
Service, and under some conditions an attacker could use this flaw to gain
unauthenticated access to private data. (CVE-2015-5271)
This issue was discovered by Christian Schwede and Emilien Macchi of
Red Hat.
This update also fixes numerous bugs and adds various enhancements.
Space precludes documenting all of these changes in this advisory.
Users are directed to the Red Hat Enterprise Linux OpenStack Platform 7
Release Notes, linked to in the References section, for information on the
most significant of these changes.
All Red Hat Enterprise Linux OpenStack Platform 7.0 director users are
advised to upgrade to these updated packages, which correct these issues
and add these enhancements.
https://access.redhat.com/security/cve/CVE-2015-5271 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/version-7/release-notes
Openstack 7.0 director for RHEL 7:
Source:
ahc-tools-0.1.1-6.el7ost.src.rpm
instack-undercloud-2.1.2-29.el7ost.src.rpm
openstack-ironic-discoverd-1.1.0-6.el7ost.src.rpm
openstack-tripleo-common-0.0.1.dev6-3.git49b57eb.el7ost.src.rpm
openstack-tripleo-heat-templates-0.8.6-71.el7ost.src.rpm
openstack-tripleo-image-elements-0.9.6-10.el7ost.src.rpm
openstack-tripleo-puppet-elements-0.0.1-5.el7ost.src.rpm
openstack-tuskar-0.4.18-4.el7ost.src.rpm
openstack-tuskar-ui-0.4.0-3.el7ost.src.rpm
os-cloud-config-0.2.8-7.el7ost.src.rpm
os-net-config-0.1.4-4.el7ost.src.rpm
python-hardware-0.14-7.el7ost.src.rpm
python-proliantutils-2.1.0-4.el7ost.src.rpm
python-rdomanager-oscplugin-0.0.10-8.el7ost.src.rpm
noarch:
ahc-tools-0.1.1-6.el7ost.noarch.rpm
instack-undercloud-2.1.2-29.el7ost.noarch.rpm
openstack-ironic-discoverd-1.1.0-6.el7ost.noarch.rpm
openstack-ironic-discoverd-ramdisk-1.1.0-6.el7ost.noarch.rpm
openstack-tripleo-common-0.0.1.dev6-3.git49b57eb.el7ost.noarch.rpm
openstack-tripleo-heat-templates-0.8.6-71.el7ost.noarch.rpm
openstack-tripleo-image-elements-0.9.6-10.el7ost.noarch.rpm
openstack-tripleo-puppet-elements-0.0.1-5.el7ost.noarch.rpm
openstack-tuskar-0.4.18-4.el7ost.noarch.rpm
openstack-tuskar-ui-0.4.0-3.el7ost.noarch.rpm
os-cloud-config-0.2.8-7.el7ost.noarch.rpm
Read the Full Advisory
Updated packages that fix one security issue, several bugs, and add variousenhancements are now available for Red Hat Enterprise Linux OpenStackPlatform 7.0 director for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having Moderate securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.
Openstack 7.0 director for RHEL 7 - noarch
1223022 - Ceilometer API port not allowed in firewall rules on undercloud
1226376 - Neutron API port not allowed in firewall rules on undercloud
1228862 - Can `openstack undercloud install` have a --force-clean option so an error doesn't require restarting?
1231777 - Its possible to scale up beyond the number of free nodes
1233949 - overcloud horizon apache config doesn't appear to use a network vip
1235320 - Unhelpful failure when incorrect parameters are given
1235325 - "openstack baremetal configure boot" should skip nodes that have maintenance=true
1236136 - All overcloud keystone endpoints get configured with the public IP when using network isolation
1236663 - No output for upload images command
1236707 - undercloud.conf.sample incorrectly states that heat db encryption key can be 8,16, or 32 chars1237020 - undercloud GUI- Image field is mandatory when setting VM for deploy overcloud
1240260 - introspection timed out for 2 VM nodes
1241199 - openstack baremetal configure boot is not safe to run a second time
1241668 - 'openstack help overcloud deploy' : doesn't cover comments/explanation for all deployment --arguments
1243015 - Overcloud stack name hard-coded
1243032 - Hard-coded reference to instackenv.json
1243062 - On deployment failure, no reason is returned
1243121 - Neutron port quota fails larger overcloud deployments
1243472 - don't save UpdateIdentifier in tuskar when running package update
Get the latest Linux and open source security news straight to your inbox.