RedHat: RHSA-2020-3711-01 Important: OpenStack Nova Security Update

RedHat OpenStack 10: RHSA-2020-3711-01 Important: Security Update for Nova

An update for openstack-nova is now available for Red Hat OpenStack Platform 10 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: openstack-nova security update
Advisory ID:       RHSA-2020:3711-01
Product:           Red Hat OpenStack Platform
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:3711
Issue date:        2020-09-10
CVE Names:         CVE-2020-17376 
====================================================================
1. Summary:

An update for openstack-nova is now available for Red Hat OpenStack
Platform 10 (Newton).

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 10.0 - noarch

3. Description:

OpenStack Compute (nova) launches and schedules large networks of virtual
machines, creating a redundant and scalable cloud computing platform.
Compute provides the software, control panels, and APIs required to
orchestrate a cloud, including running virtual machine instances and
controlling access through users and projects.

Security Fix(es):

* Soft reboot after live-migration reverts instance to original source
domain XML (CVE-2020-17376)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1869426 - CVE-2020-17376 openstack-nova: Soft reboot after live-migration reverts instance to original source domain XML

6. Package List:

Red Hat OpenStack Platform 10.0:

Source:
openstack-nova-14.1.0-65.el7ost.src.rpm

noarch:
openstack-nova-14.1.0-65.el7ost.noarch.rpm
openstack-nova-api-14.1.0-65.el7ost.noarch.rpm
openstack-nova-cells-14.1.0-65.el7ost.noarch.rpm
openstack-nova-cert-14.1.0-65.el7ost.noarch.rpm
openstack-nova-common-14.1.0-65.el7ost.noarch.rpm
openstack-nova-compute-14.1.0-65.el7ost.noarch.rpm
openstack-nova-conductor-14.1.0-65.el7ost.noarch.rpm
openstack-nova-console-14.1.0-65.el7ost.noarch.rpm
openstack-nova-migration-14.1.0-65.el7ost.noarch.rpm
openstack-nova-network-14.1.0-65.el7ost.noarch.rpm
openstack-nova-novncproxy-14.1.0-65.el7ost.noarch.rpm
openstack-nova-placement-api-14.1.0-65.el7ost.noarch.rpm
openstack-nova-scheduler-14.1.0-65.el7ost.noarch.rpm
openstack-nova-serialproxy-14.1.0-65.el7ost.noarch.rpm
openstack-nova-spicehtml5proxy-14.1.0-65.el7ost.noarch.rpm
python-nova-14.1.0-65.el7ost.noarch.rpm
python-nova-tests-14.1.0-65.el7ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-17376
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX1nfptzjgjWX9erEAQggOQ/+NSiKBJagFxkbCmFCFMAFdkdPhDmaK7WO
8F5yhng9OSqcJIHmGyYDQg4KGz4c/wD9NNkF665iRdRA4M7LUA/7WMpqcFxrXuKp
LucuoF66rtlqMcuxfquP5U+0BIc3RP0JJ0V5RVzvzf9tr3QuvIroaolpWoknkfqV
f49xKU5T6y55yFC6HznqMvtGpSZygcY4TRuKLOz7+f1+ufSWtka8afoX86mZU3z8
ZYyeoSTYHz2/xH30cyT0flFB4wsgpZCQCClTDibNEZ5rQc20BJOwo2mseL+WCZOd
ZEv9xGbBuP7eIdLXVE/xymTU8O4hjN8nyaSL5O6TKVeV6kRztaSJ+K3gBRDE/85F
Xvq2RJ6B1U/JgoVupkew6lsYB2Q+cfTVnQS8/Ip8xvT2Xd6NLm9CXRvSi/DzpZHs
csGDzuxHWqqBKLEssW9mmCI4cE0YI71w+nfqh+TWyChr7Mnk+/rxkiZeA/7dwYTZ
et7pKbsCDHLD0kbiEKetnGKkrh7+RjkBZvQaaLL9YbOmqc95xiVyJt0snWx/1od6
M0ZFtaYKZnXReho9MpdeB+AuY52kpaAlwOzPwBV8gTgXFdWsS0svFVHUub0s9gSx
Nz1B01Uz+Tap2QtOr2HA5vecd6EccShC1rCrmqn79lXI4HfCycxJ6/Bgw0+UDP6j
yKx3hLkZQio=Ab7k
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
This email address is being protected from spambots. You need JavaScript enabled to view it.

RedHat OpenStack 10: RHSA-2020-3711-01 Important: Security Update for Nova

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

RedHat OpenStack 10: RHSA-2020-3711-01 Important: Security Update for Nova

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

RedHat OpenStack 10: RHSA-2020-3711-01 Important: Security Update for Nova

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

RedHat OpenStack 10: RHSA-2020-3711-01 Important: Security Update for Nova

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!