For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
Library and utility to launch and manage containers using YAML based
configuration data.
openstack-tripleo-heat-templates is a collection of OpenStack Orchestration
templates and tools (codename heat), which can be used to help deploy
OpenStack.
Security Fix(es):
* EMBARGOED CVE-2020-10731 openstack-tripleo-heat-templates: No sVirt
protection for OSP16 VMs due to disabled SELinux (CVE-2020-10731)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
https://access.redhat.com/security/cve/CVE-2020-10731 https://access.redhat.com/security/updates/classification/#important
Red Hat OpenStack Platform 15.0:
Source:
openstack-tripleo-heat-templates-10.6.3-0.20200113185561.cf467ea.el8ost.src.rpm
python-paunch-4.5.3-0.20200108190460.3c38fe6.el8ost.src.rpm
noarch:
openstack-tripleo-heat-templates-10.6.3-0.20200113185561.cf467ea.el8ost.noarch.rpm
paunch-services-4.5.3-0.20200108190460.3c38fe6.el8ost.noarch.rpm
python3-paunch-4.5.3-0.20200108190460.3c38fe6.el8ost.noarch.rpm
Red Hat OpenStack Platform 15.0:
Source:
python-paunch-4.5.3-0.20200108190460.3c38fe6.el8ost.src.rpm
noarch:
paunch-services-4.5.3-0.20200108190460.3c38fe6.el8ost.noarch.rpm
python3-paunch-4.5.3-0.20200108190460.3c38fe6.el8ost.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
An update for python-paunch and openstack-tripleo-heat-templates is nowavailable for Red Hat OpenStack Platform 15 (Stein).Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Red Hat OpenStack Platform 15.0 - noarch
1831544 - CVE-2020-10731 openstack-tripleo-heat-templates: No sVirt protection for OSP16 VMs due to disabled SELinux
Get the latest Linux and open source security news straight to your inbox.