Security update for ardana-cinder, ardana-cobbler, ardana-designate, ardana-extensions-example, ardana-extensions-nsx, ardana-glance, ardana-heat, ardana-input-model, ardana-ironic, ardana-keystone, a

Announcement ID: SUSE-SU-2020:0640-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2017-1002201 ( SUSE ): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2017-1002201 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • CVE-2018-17954 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2018-17954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2019-13117 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
  • CVE-2019-13117 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • CVE-2019-13117 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2019-16770 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-16770 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-18901 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2019-18901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • CVE-2019-2737 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2737 ( NVD ): 4.9 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2739 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
  • CVE-2019-2739 ( NVD ): 5.1 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
  • CVE-2019-2740 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2740 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2758 ( SUSE ): 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
  • CVE-2019-2758 ( NVD ): 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
  • CVE-2019-2758 ( NVD ): 5.5 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
  • CVE-2019-2805 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2805 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2805 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2938 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2938 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2974 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-2974 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-2574 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-2574 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-7595 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  • CVE-2020-7595 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
  • HPE Helion OpenStack 8
  • SUSE Linux Enterprise High Performance Computing 12 SP3
  • SUSE Linux Enterprise Server 12 SP3
  • SUSE OpenStack Cloud 8
  • SUSE OpenStack Cloud Crowbar 8

An update that solves 14 vulnerabilities, contains 54 features and has 10 security fixes can now be installed.

Description:

This update for ardana-cinder, ardana-cobbler, ardana-designate, ardana-extensions-example, ardana-extensions-nsx, ardana-glance, ardana-heat, ardana-input-model, ardana-ironic, ardana-keystone, ardana-logging, ardana-monasca, ardana-monasca-transform, ardana-mq, ardana-neutron, ardana-nova, ardana-octavia, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui, keepalived, mariadb, openstack-cinder, openstack-dashboard, openstack-dashboard-theme-SUSE, openstack-heat, openstack-heat-templates, openstack-horizon-plugin-designate-ui, openstack-horizon-plugin-neutron-lbaas-ui, openstack-ironic, openstack-keystone, openstack-monasca-agent, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vsphere, openstack-nova, openstack-octavia, openstack-octavia-amphora-image, openstack-resource-agents, openstack-sahara, openstack-trove, python-cinderlm, python-congressclient, python-designateclient, python-ironic-lib, python-networking-cisco, python-osc-lib, python-oslo.context, python-oslo.rootwrap, python-oslo.serialization, python-oslo.service, python-stevedore, python-taskflow, rubygem-crowbar-client, rubygem-puma, venv-openstack-swift fixes the following issues: Security issues fixed:

The update of rubygem-crowbar-client, rubygem-puma fixes the following security issues: - CVE-2018-17954: Fixed an issue where crowbar was leaking the secret admin passwords to all nodes (bsc#1117080). - CVE-2019-16770: Fixed a denial-of-service vulnerability that was exploitable by clients sending extraneous keepalive requests (bsc#1158675).

The update of mariadb to 10.2.29 fixes several security issues: - CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388). - CVE-2019-18901: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388). - CVE-2017-1002201: Fixed an issue where special characters did not escpae properly (bsc#1155089) - CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2938, CVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service (bsc#1156669)

Non-security issues fixed:

Changes in ardana-cinder: - Update to version 8.0+git.1579279939.ee7da88: * Add option to flatten snapshots when using SES (SOC-11054)

  • Update to version 8.0+git.1571846011.1a2f62b:
  • SCRD-4764 move v2.0 endpoints to v3 (SOC-9753)

Changes in ardana-cobbler: - Update to version 8.0+git.1575037115.0326803: * Set root device on SLES autoyast templates (SOC-7365)

Changes in ardana-designate: - Update to version 8.0+git.1573597788.15b7984: * Update gerrit location (SOC-9140)

Changes in ardana-extensions-example: - Switch to new Gerrit Server

  • Update to version 8.0+git.1534266307.db1ec28:
  • SCPL-409 Fix .gitreview for stable/pike

Changes in ardana-extensions-nsx: - Update to version 8.0+git.1567529036.a41a037: * Update policy json templates for vmware-nsx (SOC-10254)

  • Switch to new Gerrit Server

Changes in ardana-glance: - Update to version 8.0+git.1571846045.ab9e3ea: * SCRD-4764 move v2.0 endpoints to v3 (SOC-9753)

Changes in ardana-heat: - Update to version 8.0+git.1571777596.14dce6a: * SCRD-4764 remove V2.0 auth end points (SOC-9753)

Changes in ardana-input-model: - Update to version 8.0+git.1582147997.b9ed134: * Enable port security extension neutron (SOC-11027)

  • Update to version 8.0+git.1573658751.38e822a:
  • Move manila share to controller (SOC-10938)

Changes in ardana-ironic: - Update to version 8.0+git.1571845225.006843d: * SCRD-4764 remove V2.0 auth end points (SOC-9753)

Changes in ardana-keystone: - Update to version 8.0+git.1573147067.09e3ea0: * enable debug and insecure_debug on demand (SOC-10934)

Changes in ardana-logging: - Update to version 8.0+git.1572452293.e65d714: * use correct Keystone v3 params bsc#1117840 (SOC-9753)

Changes in ardana-monasca: - Update to version 8.0+git.1572527728.9b34bdf: * use correct Keystone v3 params bsc#1117840 (SOC-9753) * SCRD-4764 remove V2.0 auth end points (SOC-9753)

Changes in ardana-monasca-transform: - Update to version 8.0+git.1571845965.97714fb: * SCRD-4764 remove V2.0 auth end points (SOC-9753)

Changes in ardana-mq: - Update to version 8.0+git.1581024906.fbf0be3: * Ensure HA queue sync wait fails (SOC-11083) * Fix HA policy setting comments (SOC-10317, SOC-11082)

  • Update to version 8.0+git.1580853688.4e72fc1:
  • Set HA policy accordingly (SOC-10317, SOC-11082)

  • Update to version 8.0+git.1579014733.a855e3a:

  • Change the HA policy mirror (SOC-10317)

Changes in ardana-neutron: - Update to version 8.0+git.1573050365.ff6fa06: * Kill dhclient before restarting neutron-openvswitch-agent (SOC-9230)

  • Update to version 8.0+git.1571846086.19cb7eb:
  • SCRD-4764 move v2.0 endpoints to v3 (SOC-9753)

Changes in ardana-nova: - Update to version 8.0+git.1571846125.584d988: * SCRD-4764 remove V2.0 auth end points (SOC-9753)

Changes in ardana-octavia: - Update to version 8.0+git.1575642049.1f321d0: * Change event_streamer_driver to noop (bsc#1154235)

Changes in ardana-osconfig: - Update to version 8.0+git.1581015942.2d21e63: * Adjust 'fs.inotify.max_user_instances' to align with crowbar (bsc#1161351)

  • Update to version 8.0+git.1580469528.0ac2a8b:
  • Start OVS services before wicked service at boot (SOC-11067)

Changes in ardana-tempest: - Update to version 8.0+git.1579261264.7dd213a: * Create network resources needed by some heat tests (SOC-7028)

  • Update to version 8.0+git.1573571182.8fa9823:
  • Restrore designate test (SOC-9753)

  • Update to version 8.0+git.1571846164.6279bc0:

  • SCRD-4764 remove V2.0 auth end points (SOC-9753)

Changes in crowbar-core: - Update to version 5.0+git.1582968668.1a55c77c5: * Ignore CVE-2020-7595 in CI (bsc#1161517)

  • Update to version 5.0+git.1582543433.f71d39544:
  • Fix deployment queue display (SOC-10741)

  • Update to version 5.0+git.1580209640.80f2ba3d9:

  • network: start OVS before wickedd (SOC-11067)

  • Update to version 5.0+git.1579705862.220974047:

  • dns: add checks to designate migration (SOC-11047)

  • Update to version 5.0+git.1579271614.eac1c490c:

  • upgrade: Add the upgrade menu entry (SOC-11053)
  • upgrade: Fix upgrade link (SOC-11053)

  • Update to version 5.0+git.1578989446.a2d23b7e1:

  • Do not log an error for a case that is correct (trivial)

  • Update to version 5.0+git.1578472131.b88a31055:

  • apache2: Restart after enabling SSL flag (SOC-11029)

  • Update to version 5.0+git.1578295229.96952deab:

  • Avoid nil crash when provisioner attributes are not set (bsc#1160048)

  • Update to version 5.0+git.1578063264.d0223905b:

  • Ignore CVE-2019-16770 (SOC-10999)

  • Update to version 5.0+git.1576053049.a2f4c9820:

  • upgrade: Remove DRBD specific code from the preparation parts (SOC-10985)

  • Update to version 5.0+git.1575020613.fc167f4dc:

  • List XEN nodes when failing precheck (trivial)

  • Update to version 5.0+git.1574763025.0a6957f37:

  • Disable installation repository (bsc#1152007)
  • Disable automatic repo services (bsc#1152007)
  • Designate: Don't add the admin node to the public network (SOC-10658)

  • Update to version 5.0+git.1574715523.ee8e58f4b:

  • upgrade: Check the result after commiting proposal (noref)
  • upgrade: Do not try to disable services that might not exist (noref)

  • Update to version 5.0+git.1574667034.76644f658:

  • [upgrade] Remove existing upgrade directories from nodes (SOC-10956)

  • Update to version 5.0+git.1574348992.88de970a6:

  • [upgrade] Wait for keystone to be ready after start (bsc#1157206)

  • Update to version 5.0+git.1574270784.294f0e830:

  • upgrade: Ignore Cloud repository during repocheck (bsc#1152007)

  • Update to version 5.0+git.1574165163.52870c62e:

  • [upgrade] Call finalize_nodes_upgrade at the very end (bsc#1155942)

  • Update to version 5.0+git.1574103089.1fbb5a51d:

  • Ignore CVE-2019-13117 in CI builds (bsc#1157028)
  • upgrade: Make the time before next upgrade configurable (SOC-10955)
  • upgrade: Make sure cinder-volume is really stopped (bsc#1156305)

  • Update to version 5.0+git.1573110008.449237f0d:

  • Allow pacemaker remotes for upgrade (SOC-10133)
  • upgrade: Precheck for unsaved proposals (SOC-10912)

  • Update to version 5.0+git.1572880575.4a6efa3a1:

  • upgrade: Add a precheck for XEN compute nodes presence (SOC-10495)
  • upgrade: Reload repo config in repochecks (SOC-10718)

  • Update to version 5.0+git.1572097431.519baa552:

  • Ignore CVE-2017-1002201 in CI builds (bsc#1155089)

  • Update to version 5.0+git.1571210032.8648ab99c:

  • Revert "Use block-migration when needed" (SOC-10133)

Changes in crowbar-ha: - Update to version 5.0+git.1574286229.e0364c3: * Drop g-haproxy location before group deletion (bsc#1156914)

Changes in crowbar-openstack: - Update to version 5.0+git.1582911795.5081ef1da: * designate: Mark as user managed (SOC-10233) * Designate: make sure dns-server is active on a non-admin node (SOC-10636)

  • Update to version 5.0+git.1580549331.ba1e1a0a3:
  • [5.0] ec2-api: run keystone_register on cluster founder only (SOC-11079)

  • Update to version 5.0+git.1579182968.f54cfa8f5:

  • tempest: tempest run filters as templates (SOC-11052)

  • Update to version 5.0+git.1578515319.fdab3a0b2:

  • Install openstack client for neutron recipes (SOC-11039)

  • Update to version 5.0+git.1576764142.8efe58655:

  • Do not read data from barclamp that has not been saved (SOC-11028)

  • Update to version 5.0+git.1576666547.b7a0b8814:

  • Revert "Octavia: Hide UI until complete (SOC-10550)"

  • Update to version 5.0+git.1576250115.67b80cbca:

  • [5.0] tempest: Update default image on schema (SOC-11023)

  • Update to version 5.0+git.1576078873.ecc798ffe:

  • neutron: Revert remove .openrc creation from neutron cookbooks (SOC-10378)
  • keystone: Add OS_INTERFACE env var to .openrc (SOC-11006)

  • Update to version 5.0+git.1574927541.694ac3863:

  • designate: move keystone resource lookup to convergence (SOC-10887)

  • Update to version 5.0+git.1574769056.07a7c373e:

  • designate: declare all mdns servers as master on pool config (SOC-10952)
  • designate: add support for SSL (SOC-10877)
  • designate: change default configuration (SOC-10899)

  • Update to version 5.0+git.1574421761.ace345683:

  • Add tempest filter for designate (SOC-10288)

  • Update to version 5.0+git.1574359417.113b616b2:

  • horizon: install lbaas horizon dashboard (SOC-10883)

  • Update to version 5.0+git.1572937880.ffb86e88b:

  • Make sure the input file with ssh key exists (SOC-10133)

  • Update to version 5.0+git.1571764038.ad48726d6:

  • mysql: fix WSREP sync race (SOC-10717)
  • mysql: stop service for mysql_install_db (SOC-10717)
  • Do not use obsoleted --endpoint-type option with CLI

  • Update to version 5.0+git.1571323259.7402ef5eb:

  • [5.0] Tempest: blacklist test_volume_boot_pattern (SOC-10874)

  • Update to version 5.0+git.1571241534.f4af21325:

  • rabbitmq: fix migration 200 (SOC-10623)
  • Fix Cloud 8 no-op migrations (SOC-10623)
  • neutron-lbaas: remove loadbalancer/pool limit
  • [5.0] Configurable timeout for Galera pre-sync

  • Update to version 5.0+git.1571138324.edb9e8b56:

  • horizon: tighten check for existence of monasca while deploying grafana
  • monasca: improve detection if monasca-server is available
  • monasca: install agent before run setup monitors in server
  • Monasca: Handle node reinstall (jsc#SOC-10440, bsc#1148158 )

  • Update to version 5.0+git.1570618886.06022a6ef:

  • glance: Set barbican auth endpoint (bsc#1123191, SOC-10844)
  • tempest: Add barbican run_filters from ardana (SOC-10844)
  • Fix nova tempest tests (SOC-9298, SOC-10844)

  • Update to version 5.0+git.1570505588.4bdc5aa6f:

  • No rndc key if no public DNS server (SOC-10835)

Changes in crowbar-ui: - Update to version 1.2.0+git.1575896697.a01a3a08: * upgrade: Added missing error title * travis: Stop testing against nodejs4

  • Update to version 1.2.0+git.1572871359.50fc6087:
  • Add title for XEN compute nodes precheck (SOC-10495)

Changes in keepalived: - update to 2.0.19 - new BR pkgconfig(libnftnl) to fix nftables support - add nftables to the BR - added patch * linux-4.15.patch - add buildrequires for file-devel - used in the checker to verify scripts - enable json stats and config dump support new BR: pkgconfig(json-c) - enable http regexp support: new BR pcre2-devel - disable dbus instance creation support as it is marked as dangerous - Add BFD build option to keepalived.spec rpm file Issue #1114 identified that the keepalived.spec file was not being generated to build BFD support even if keepalived had been configured to support it. - full changelog https://keepalived.org/changelog.html

Changes in mariadb: - update to 10.2.31 GA [bsc#1162388] * Fixes for the following security vulnerabilities: * 10.2.31: CVE-2020-2574 * 10.2.30: none * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-10231-release-notes https://mariadb.com/kb/en/library/mariadb-10231-changelog https://mariadb.com/kb/en/library/mariadb-10230-release-notes https://mariadb.com/kb/en/library/mariadb-10230-changelog - refresh mariadb-10.1.12-deharcode-libdir.patch - remove mariadb-10.2.29-bufferoverflowstrncat.patch (upstreamed) - pack pam_user_map.so module in the /%{_lib}/security directory and user_map.conf configuration file in the /etc/security directory

  • fix race condition with mysql_upgrade_info status file by moving it to the location owned by root (/var/lib/misc) CVE-2019-18901 [bsc#1160895]
  • move .run-mysql_upgrade file from $datadir/.run-mysql_upgrade to /var/lib/misc/.mariadb_run_upgrade so the mysql user can't use it for a symlink attack [bsc#1160912]

  • on BTRFS systems /var/lib/mysql is created as a subvolume with 755 permissions during the system installaion. Fix it to 700 as mysql_install_db doesn't do it [bsc#1077717]

  • add important options to mariadb.service and mariadb@.service (ProtectSystem, ProtectHome and UMask) [bsc#1160878]
  • mysql-systemd-helper: use systemd-tmpfiles instead of shell script operations for a cleaner and safer creating of /run/mysql [bsc#1160883]

  • update to 10.2.29 GA

  • Fixes for the following security vulnerabilities:
    • 10.2.29: none
    • 10.2.28: CVE-2019-2974, CVE-2019-2938
    • 10.2.27: none
    • 10.2.26: CVE-2019-2805, CVE-2019-2740, CVE-2019-2739, CVE-2019-2737, CVE-2019-2758
  • release notes and changelog: https://mariadb.com/kb/en/library/mariadb-10229-release-notes https://mariadb.com/kb/en/library/mariadb-10229-changelog https://mariadb.com/kb/en/library/mariadb-10228-release-notes https://mariadb.com/kb/en/library/mariadb-10228-changelog https://mariadb.com/kb/en/library/mariadb-10227-release-notes https://mariadb.com/kb/en/library/mariadb-10227-changelog https://mariadb.com/kb/en/library/mariadb-10226-release-notes https://mariadb.com/kb/en/library/mariadb-10226-changelog
  • refresh mariadb-10.0.15-logrotate-su.patch mariadb-10.2.4-logrotate.patch
  • add mariadb-10.2.29-bufferoverflowstrncat.patch to fix "Statement might be overflowing a buffer in strncat" error
  • tracker bug [bsc#1156669]
  • add main.gis_notembedded to the skipped tests (fails when latin1 is not set)

Changes in openstack-cinder: - Update to version cinder-11.2.3.dev23: * Fix handling of 'cinder_encryption_key_id' image metadata

  • Update to version cinder-11.2.3.dev21:
  • Add retry to LVM deactivation

  • Update to version cinder-11.2.3.dev19:

  • Fix ceph: only close rbd image after snapshot iteration is finished

  • Update to version cinder-11.2.3.dev17:

  • Exclude disabled API versions from listing

Changes in openstack-cinder: - Update to version cinder-11.2.3.dev23: * Fix handling of 'cinder_encryption_key_id' image metadata

  • Update to version cinder-11.2.3.dev21:
  • Add retry to LVM deactivation

  • Update to version cinder-11.2.3.dev19:

  • Fix ceph: only close rbd image after snapshot iteration is finished

  • Update to version cinder-11.2.3.dev17:

  • Exclude disabled API versions from listing

Changes in openstack-dashboard: - Update to version horizon-12.0.5.dev2: * Use python 2.7 as the default interpreter in tox * OpenDev Migration Patch 12.0.4

Changes in openstack-dashboard-theme-SUSE: - Update to version 2017.2+git.1573629528.6b21fa5: * SCRD-7984 fixed help links

Changes in openstack-heat: - Update to version heat-9.0.8.dev22: * Do deepcopy when copying templates

  • Update to version heat-9.0.8.dev21:
  • Set stack.thread_group_mgr for cancel_update
  • Eliminate client race condition in convergence delete
  • Delete snapshots using contemporary resources

  • Update to version heat-9.0.8.dev15:

  • Unskip StackSnapshotRestoreTest

  • Update to version heat-9.0.8.dev14:

  • Fix translate tenants in flavor

Changes in openstack-heat: - Update to version heat-9.0.8.dev22: * Do deepcopy when copying templates

  • Update to version heat-9.0.8.dev21:
  • Set stack.thread_group_mgr for cancel_update
  • Eliminate client race condition in convergence delete
  • Delete snapshots using contemporary resources

  • Update to version heat-9.0.8.dev15:

  • Unskip StackSnapshotRestoreTest

  • Update to version heat-9.0.8.dev14:

  • Fix translate tenants in flavor

Changes in openstack-heat-templates: - Update to version 0.0.0+git.1560033670.e3b5a52: * Add example for running Zun container * OpenDev Migration Patch * Replace openstack.org git:// URLs with https:// * Remove docs, deprecated hooks, tests * Update the bugs link to storyboard * Use octavia resources for autoscaling example * Fix the incorrect cirros default password

Changes in openstack-horizon-plugin-designate-ui: - Update to version designate-dashboard-5.0.3.dev2: * Fix list zones updated at same time * OpenDev Migration Patch 5.0.2

Changes in openstack-horizon-plugin-neutron-lbaas-ui: - Add _1481_project_ng_loadbalancersv2_panel.pyc file to package (SOC-10883) The .pyc file needs to be removed when the package is uninstalled, otherwise the panel will remain enabled in the dashboard and cause errors.

Changes in openstack-ironic: - Update to version ironic-9.1.8.dev8: * Place upper bound on python-dracclient version

Changes in openstack-ironic: - Update to version ironic-9.1.8.dev8: * Place upper bound on python-dracclient version

Changes in openstack-keystone: - Update to version keystone-12.0.4.dev5: * Import LDAP job into project

Changes in openstack-keystone: - Update to version keystone-12.0.4.dev5: * Import LDAP job into project

Changes in openstack-monasca-agent: - Added dependency: * fdupes * pwdutils and shadow-utils for useradd/groupadd

  • added 0001-add-X.509-certificate-check-plugin.patch

Changes in openstack-neutron: - Update to version neutron-11.0.9.dev60: * Set DB retry for quota_enforcement pecan_wsgi hook

  • Update to version neutron-11.0.9.dev58:
  • don't clear skb mark when ovs is hw-offload enabled

  • Update to version neutron-11.0.9.dev57:

  • doc: add known limitation about attaching SR-IOV ports

  • Update to version neutron-11.0.9.dev56:

  • raise priority of dead vlan drop

  • Update to version neutron-11.0.9.dev54:

  • [Unit tests] Skip TestWSGIServer with IPv6 if no IPv6 enabled

  • Update to version neutron-11.0.9.dev52:

  • Initialize phys bridges before setup_rpc

Changes in openstack-neutron: - Update neutron-ha-tool to latest version: * Add DHCP agent evacuation (SOC-11046)

  • Update to version neutron-11.0.9.dev60:
  • Set DB retry for quota_enforcement pecan_wsgi hook

  • Update to version neutron-11.0.9.dev58:

  • don't clear skb mark when ovs is hw-offload enabled

  • neutron: Remove stop action from ovs-cleanup (bsc#1157482) backport of https://review.opendev.org/#/c/695867/

  • Update to version neutron-11.0.9.dev57:

  • doc: add known limitation about attaching SR-IOV ports

  • Update to version neutron-11.0.9.dev56:

  • raise priority of dead vlan drop

  • Update to version neutron-11.0.9.dev54:

  • [Unit tests] Skip TestWSGIServer with IPv6 if no IPv6 enabled

  • Update to version neutron-11.0.9.dev52:

  • Initialize phys bridges before setup_rpc

Changes in openstack-neutron-gbp: - Update to version group-based-policy-7.3.1.dev72: * Refactor static path code

  • Update to version group-based-policy-7.3.1.dev71:
  • Support named ip protocols for SecurityGroupRules

  • Update to version group-based-policy-7.3.1.dev70:

  • Allow both FIP and SNAT on a single port

  • Update to version group-based-policy-7.3.1.dev69:

  • Fix active-active AAP RPC query

  • Update to version group-based-policy-7.3.1.dev67:

  • [AIM] Add extra provided/consumed contracts to network extension

  • Update to version group-based-policy-7.3.1.dev66:

  • Active active AAP feature

  • Update to version group-based-policy-7.3.1.dev64:

  • Support cache option for legacy GBP driver

  • Update to version group-based-policy-7.3.1.dev63: