Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Red Hat OpenStack 16.2 RHSA-2023-1948 Low Risk: OpenStack-Nova Update

red hat
Calendar Grey April 26, 2023
Dist Redhat Esm H88
Red Hat OpenShift Container Platform 4.10 update resolves minor vulnerabilities involving openshift-sdn. Crucial for enhancing cloud reliability!
An update for openstack-nova is now available for Red Hat OpenStack Platform 16.2 (Train)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

OpenStack Compute (codename Nova) is open source software designed to provision and manage large networks of virtual machines,creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances, managing networks, and controlling access through users and projects.OpenStack Compute strives to be both hardware and hypervisor agnostic, currently supporting a variety of standard hardware configurations and seven major hypervisors.
Security Fix(es):
* Compute service fails to restart if the vnic_type of a bound port changed from direct to macvtap (CVE-2022-37394)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.

Topics%20covered

Topics Covered

security advisory Red Hat update low severity openstack-nova

References

https://access.redhat.com/security/cve/CVE-2022-37394 https://access.redhat.com/security/updates/classification#low

Package List

Red Hat OpenStack Platform 16.2:
Source: openstack-nova-20.6.2-2.20230308185148.fc01371.el8ost.src.rpm
noarch: openstack-nova-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-api-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-common-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-compute-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-conductor-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-console-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-migration-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-novncproxy-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-scheduler-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-serialproxy-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm openstack-nova-spicehtml5proxy-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm python3-nova-20.6.2-2.20230308185148.fc01371.el8ost.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key


Severity
low
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2023:1948-01
Product: Red Hat OpenStack Platform
Advisory URL: https://access.redhat.com/errata/RHSA-2023:1948
Issue date: 2023-04-26

Topic

An update for openstack-nova is now available for Red Hat OpenStackPlatform 16.2 (Train).Red Hat Product Security has rated this update as having a security impactof Low. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory Red Hat update low severity openstack-nova

Relevant Releases Architectures

Red Hat OpenStack Platform 16.2 - noarch

Bugs Fixed

2051631 - Fresh deployment - nova api calls timing out

2075467 - Ensure that at startup nova-compute cleans up unavailable PCI devices from the DB that are not reported from the hypervisor

2084239 - nova host-evacuation returns erroneous pci addresses and an error: Unable to correlate PCI slot

2088676 - [OSP16.2] while live-migrating many instances concurrently, libvirt sometimes return internal error: migration was active, but no RAM info was set

2117333 - CVE-2022-37394 openstack-nova: Compute service fails to restart if the vnic_type of a bound port changed from direct to macvtap

2138381 - [OSP 16.2] Unacceptable CPU info: CPU doesn't have compatibility

2140992 - 16.2 - Update instance host and task state when post live migration fails

2151410 - [OSP16.2] Invalid bdm record is left when cinder api call to delete a volume attachment times out

2158181 - nova-compute container won't start when specifying x86_Icelake-Server CPU model

2164970 - Backport "Improving logging at '_allocate_mdevs'." to 16.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here