Security update for ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-he
Announcement ID: | SUSE-SU-2020:3897-1 |
---|---|
Rating: | important |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves seven vulnerabilities, contains eight features and has one security fix can now be installed.
Description:
This update for ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark fixes the following issues:
Security changes included on this update:
grafana: - CVE-2020-24303: Fixed an XXS with series overides. (bsc#1178243)
influxdb: - CVE-2019-20933: Fixed an authentication bypass. (bsc#1178988)
python-Jinja2: - CVE-2019-10906,CVE-2019-8341,CVE-2016-10745: "SandboxedEnvironment" securely handles "str.format_map" in order to prevent code execution through untrusted format strings. (bsc#1132323, bsc#1125815, bsc#1132174)
python-pysaml2: - CVE-2020-5390: Fixed an issue where there was no check that the signature in a SAML document is enveloped. (bsc#1160851)
python-urllib3: - CVE-2020-26137: Fixed a CRLF injection via HTTP request method. (bsc#1177120)
Non-security changes included in this update:
Changes in ardana-cassandra: - Update to version 9.0+git.1600802664.7e480a2: * Remove freezer related backup/restore code (SOC-7751)
Changes in ardana-mq: - Update to version 9.0+git.1605174486.a78ddce: * Re-enable mirroring of fanout and reply queues (bsc#1177611)
Changes in ardana-osconfig: - Update to version 9.0+git.1601621747.a87e5a0: * HOS8 check needs to be a shell rather than command (SOC-11184)
Changes in ardana-tempest: - Update to version 9.0+git.1603378983.fc0bca9: * Enable VPNaaS testing (SOC-8764)
- Update to version 9.0+git.1599855218.875b2f3:
- unblacklist some revert tests (SOC-9178)
Changes in crowbar-core: - Update to version 6.0+git.1606314264.bf9ada813: * ntp: Do not use rate-limiting (bsc#1179161)
- Update to version 6.0+git.1600414599.150832ca2:
- Ignore CVE-2020-15169 (SOC-11391)
Changes in crowbar-openstack: - Update to version 6.0+git.1604573541.bb18c172d: * rabbitmq: Fix crm running check (SOC-11240)
- Update to version 6.0+git.1604491402.b4dbba849:
- Remove aspiers from CODEOWNERS
- Remove cmurphy from CODEOWNERS
Changes in grafana: - Fix bsc#1178243 CVE-2020-24303 by adding 25401-Fix-XSS-vulnerability-with-series-overrides.patch
Changes in influxdb: - Add CVE-2019-20933.patch (bsc#1178988, CVE-2019-20933) to fix authentication bypass - Declare license files correctly
Changes in openstack-cinder: - Update to version cinder-13.0.10.dev20: * PowerMax Driver - Legacy volumes fail to live migrate
- Update to version cinder-13.0.10.dev19:
-
RBD: Cleanup temporary file during exception
-
Update to version cinder-13.0.10.dev17:
- Remove experimental job legacy-tempest-dsvm-zeromq-multibackend
Changes in openstack-cinder: - Update to version cinder-13.0.10.dev20: * PowerMax Driver - Legacy volumes fail to live migrate
- Update to version cinder-13.0.10.dev19:
-
RBD: Cleanup temporary file during exception
-
Update to version cinder-13.0.10.dev17:
- Remove experimental job legacy-tempest-dsvm-zeromq-multibackend
Changes in openstack-heat: - Update to version openstack-heat-11.0.4.dev4: * Check external resources after creation
- Update to version openstack-heat-11.0.4.dev2:
- Don't store signal_url for ec2 signaling of deployments
- Allow scale-down of ASG as part of update 11.0.3
Changes in openstack-heat: - Update to version openstack-heat-11.0.4.dev4: * Check external resources after creation
- Update to version openstack-heat-11.0.4.dev2:
- Don't store signal_url for ec2 signaling of deployments
- Allow scale-down of ASG as part of update 11.0.3
Changes in openstack-heat-gbp: - Update to version group-based-policy-automation-12.0.1.dev2: * Add support for victoria
- Update to version group-based-policy-automation-12.0.1.dev1:
- Add network_id field for L2 Policy Heat Extensions 12.0.0
- Add support for ussuri
- Fix master/train gate
- Add support for train 10.0.0
- Upgrade for stable/stein branch 9.0.0
- Updated with 'stable/rocky' branch
- Replace openstack.org URLs with 'git+https://'
- OpenDev Migration Patch
Changes in openstack-heat-templates: - Update to version 0.0.0+git.1605509190.64f020b: * Fix software config on rdo * optimize size and time using --no-cache-dir * add template for servers using Octavia
- Update to version 0.0.0+git.1604032742.c5733ee:
- Move heat-templates-check job to zuul v3
Changes in openstack-horizon-plugin-gbp-ui: - Update to version group-based-policy-ui-12.0.1.dev3: * Remove mox3 from requirements
- Update to version group-based-policy-ui-12.0.1.dev2:
- Fix python namespacing
- Add stable victoria 12.0.0
- Add support for ussuri
- Fix master/train gate
- Add support for train 10.0.0
- Upgrade for stable/stein branch 9.0.0
- Upgrading for stable/rocky branch
- Added Python3 support
- OpenDev Migration Patch
Changes in openstack-ironic-python-agent: - Update to version ironic-python-agent-3.3.4.dev6: * Fix: make Intel CNA hardware manager none generic
Changes in openstack-manila: - Update to version manila-7.4.2.dev57: * fix reno file location and indention
- Update to version manila-7.4.2.dev56:
-
[Glusterfs] Fix delete share, Couldn't find the 'gluster_used_vols'
-
Update to version manila-7.4.2.dev55:
- [Glusterfs] Fix delete share, mount point not disconnected
Changes in openstack-manila: - Update to version manila-7.4.2.dev57: * fix reno file location and indention
- Update to version manila-7.4.2.dev56:
-
[Glusterfs] Fix delete share, Couldn't find the 'gluster_used_vols'
-
Update to version manila-7.4.2.dev55:
- [Glusterfs] Fix delete share, mount point not disconnected
Changes in openstack-neutron: - Update to version neutron-13.0.8.dev135: * Rehome api tests for propagate_uplink_status
- Update to version neutron-13.0.8.dev134:
-
Revert "[Security] fix allowed-address-pair 0.0.0.0/0 issue"
-
Update to version neutron-13.0.8.dev132:
- Drop invalid rootwrap filters
- ovs firewall: fix mac learning on the ingress rule table when ovs offload enabled
-
Add update_id for ResourceUpdate
-
Update to version neutron-13.0.8.dev126:
-
"ping"/"ping6" command support in rootwrap filters
-
Update to version neutron-13.0.8.dev124:
- Import "oslo_config.cfg" before "eventlet"
-
[OvS] Handle re_added multi ports
-
Update to version neutron-13.0.8.dev120:
- Local mac direct flow for non-openflow firewall
-
Replace ctype.CDLL by ctypes.PyDLL in linux.ip_lib
-
Update to version neutron-13.0.8.dev116:
- Support gateway which is not in subnet CIDR in ha_router
-
Ensure fip ip rules deleted when fip removed
-
Update to version neutron-13.0.8.dev112:
- windows: fix terminating processes
- [stable/rocky] Drop rally job
- Don't raise FileNotFoundError during disabling keepalived
-
Load the glibc library only once for Pyroute2
-
Update to version neutron-13.0.8.dev106:
-
Do not fail deleting namespace if it does not exist
-
Update to version neutron-13.0.8.dev104:
-
Avoid raising NetworkInterfaceNotFound exception in DHCP agent logs
-
Update to version neutron-13.0.8.dev103:
-
Use dict .get() to avoid a KeyError in the segment plugin
-
Update to version neutron-13.0.8.dev101:
- Pass context in l3 flavor notifications
-
Handle properly existing LLA address during l3 agent restart
-
Update to version neutron-13.0.8.dev97:
- Add 'keepalived_use_no_track' config option
Changes in openstack-neutron: - Update to version neutron-13.0.8.dev135: * Rehome api tests for propagate_uplink_status
- Update to version neutron-13.0.8.dev134:
-
Revert "[Security] fix allowed-address-pair 0.0.0.0/0 issue"
-
Update to version neutron-13.0.8.dev132:
- Drop invalid rootwrap filters
- ovs firewall: fix mac learning on the ingress rule table when ovs offload enabled
-
Add update_id for ResourceUpdate
-
Update to version neutron-13.0.8.dev126:
-
"ping"/"ping6" command support in rootwrap filters
-
Update to version neutron-13.0.8.dev124:
- Import "oslo_config.cfg" before "eventlet"
-
[OvS] Handle re_added multi ports
-
Update to version neutron-13.0.8.dev120:
- Local mac direct flow for non-openflow firewall
-
Replace ctype.CDLL by ctypes.PyDLL in linux.ip_lib
-
Update to version neutron-13.0.8.dev116:
- Support gateway which is not in subnet CIDR in ha_router
-
Ensure fip ip rules deleted when fip removed
-
Update to version neutron-13.0.8.dev112:
- windows: fix terminating processes
- [stable/rocky] Drop rally job
- Don't raise FileNotFoundError during disabling keepalived
-
Load the glibc library only once for Pyroute2
-
Update to version neutron-13.0.8.dev106:
-
Do not fail deleting namespace if it does not exist
-
Update to version neutron-13.0.8.dev104:
-
Avoid raising NetworkInterfaceNotFound exception in DHCP agent logs
-
Update to version neutron-13.0.8.dev103:
-
Use dict .get() to avoid a KeyError in the segment plugin
-
Update to version neutron-13.0.8.dev101:
- Pass context in l3 flavor notifications
-
Handle properly existing LLA address during l3 agent restart
-
Update to version neutron-13.0.8.dev97:
- Add 'keepalived_use_no_track' config option
Changes in openstack-neutron-gbp: - Update to version group-based-policy-12.0.1.dev5: * Fix ICMP type and ICMP code fields for named and numbered ICMP Protocol 2014.2.0rc1
- Update to version group-based-policy-12.0.1.dev4:
-
Fix erroneous comma (,) in the LOG.exception call 2014.2rc1
-
Update to version group-based-policy-12.0.1.dev3:
- Fix top of tree in gate
- Endpoint level qos changes 12.0.0
- Add support for ussuri
- Update subnets for SVI port corresponding to bound port
- Fix the intermittent QOS UT failure
- Fixed the QOS UT failure
- Use train branch instead of stein
- Add support for train
- Prepare for removal of CommonDbMixin
- Make AIM dsvm job voting
- Add support for upstream Stein release
- Fix python2/3 compatibility
- Fix DNS Domain Name in endpoint file
- When a subnet added to a bound SVI port, ensure it is added to SVI port
- Add support for qos
- Fix DNS issue in endpoint file
- [AIM] Add pre-existing BD to network extension
- Remove get_current_session
- Remove get_current_session method
- [AIM] Add EPG contract masters to network extension
- Revert "Remove get_current_session method"
- Remove get_current_session method
- Support Dual Stack on SVI nets along with BGP 9.0.0
- Add support for upstream Rocky release
- Cleanup Queens (part 2)
- Fix missing DB migration
- Make aim functional gate job voting
- Added Python3 support
- [AIM] Sanitize the AIM tenant description field
- Fix field sizes for VM names
- Bind baremetal VNIC trunk ports
- Fix missing trunk_details for a trunk without subports
- [AIM] Insert remote_group_id to SG rules properly
- Revert "[AIM] Convert remote_ips for SG rules properly"
- Cleanup Queens
- [AIM] Convert remote_ips for SG rules properly
- Clean up baremetal port handling
- [AIM] Clean up the mock and stop the looping thread in the UT env
- Don't stop this looping thread when an exception is thrown
- [AIM] Fix router_id allocation for SVI
- Support non SVI static VLAN type segments with OpFlex agent
- Baremetal VNIC Trunk support
- [AIM] Don't queue notifications (4 of 4)
- [AIM] Don't queue registry callbacks (3 of 4)
- [AIM] Enable Neutron transaction guards (2 of 4)
- Don't call GBP or Neutron APIs from GBP PD precommit methods
- [AIM] Retry L3 Plugin Operations
- [AIM] Fix most common random UT failures
- [AIM] Fixed external subnet ANY_CIDRs for l3out EPGs for SVI
- Revert "Nested domain parameters support for openShift networks"
- Fix for unbinding baremetal VNIC ports
- Nested domain parameters support for openShift networks
- Fix tox coverage job
- Add suport for baremetal vnic_type 2014.2.rc1
Changes in openstack-neutron-vpnaas: - Remove remove-tempest-entry-point.patch thus enabling the tempest_vpnaas plugin for tempest testing. (SCRD-8681) - Package the neutron-vpnaas/tests/ directory contents in a new RPM RPM package, python-neutron-vpnaas-tempest-plugin, that depend on python-neutron-vpnaas, which provides the main neutron-vpnaas code base. Additionally this new package can now safely depend on the python-neutron-tempest-plugin package, providing the required neutron_tempest_plugin module, without causing tempest packages to be installed when python-neutron-vpnaas installed. (SOC-8764) NOTE: This implicitly enables the neutron_tempest_plugin. - Corrected LBaaS references to VPNaaS.
Changes in openstack-nova: - Update to version nova-18.3.1.dev77: * Follow up for cherry-pick check for merge patch
- Update to version nova-18.3.1.dev76:
-
post live migration: don't call Neutron needlessly
-
Update to version nova-18.3.1.dev74:
-
libvirt: Do not reference VIR_ERR_DEVICE_MISSING when libvirt is smaller than v4.1.0
-
Update to version nova-18.3.1.dev72:
-
libvirt: Handle VIR_ERR_DEVICE_MISSING when detaching devices
-
Update to version nova-18.3.1.dev70:
- compute: Don't delete the original attachment during pre LM rollback
- Add regression tests for bug #1889108
-
compute: refactor volume bdm rollback error handling
-
Update to version nova-18.3.1.dev64:
- compute: Use source_bdms to reset attachment_ids during LM rollback
-
Robustify attachment tracking in CinderFixtureNewAttachFlow
-
Update to version nova-18.3.1.dev60:
-
Improve CinderFixtureNewAttachFlow
-
Update to version nova-18.3.1.dev58:
-
Removed the host FQDN from the exception message
-
Update to version nova-18.3.1.dev56:
- libvirt: Provide VIR_MIGRATE_PARAM_PERSIST_XML during live migration
Changes in openstack-nova: - Update to version nova-18.3.1.dev77: * Follow up for cherry-pick check for merge patch
- Update to version nova-18.3.1.dev76:
-
post live migration: don't call Neutron needlessly
-
Update to version nova-18.3.1.dev74:
-
libvirt: Do not reference VIR_ERR_DEVICE_MISSING when libvirt is smaller than v4.1.0
-
Update to version nova-18.3.1.dev72:
-
libvirt: Handle VIR_ERR_DEVICE_MISSING when detaching devices
-
Update to version nova-18.3.1.dev70:
- compute: Don't delete the original attachment during pre LM rollback
- Add regression tests for bug #1889108
-
compute: refactor volume bdm rollback error handling
-
Update to version nova-18.3.1.dev64:
- compute: Use source_bdms to reset attachment_ids during LM rollback
-
Robustify attachment tracking in CinderFixtureNewAttachFlow
-
Update to version nova-18.3.1.dev60:
-
Improve CinderFixtureNewAttachFlow
-
Update to version nova-18.3.1.dev58:
-
Removed the host FQDN from the exception message
-
Rebased patches:
-
0004-Provide-VIR_MIGRATE_PARAM_PERSIST_XML-during-live-migration.patch dropped (merged upstream)
-
Update to version nova-18.3.1.dev56:
- libvirt: Provide VIR_MIGRATE_PARAM_PERSIST_XML during live migration
Changes in python-Jinja2: - Trim bias from descriptions. Make sure % is escaped.
- update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341):
-
"SandboxedEnvironment" securely handles "str.format_map" in order to prevent code execution through untrusted format strings. The sandbox already handled "str.format".
-
Activate test suite
-
Add minimum build dependency to match runtime dependency
-
Fix fdupes call
-
Remove superfluous devel dependency for noarch package
-
Update to 2.9.5 (bsc#1132174, CVE-2016-10745) Changes in python-pysaml2:
- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch (CVE-2020-5390, bsc#1160851)
Changes in python-pytest: - update to 3.7.4 - drop 0001-Use-unittest.mock-if-is-only-aviable.patch * Fix possible infinite recursion when writing .pyc files * Cache plugin now obeys the -q flag when --last-failed and --failed-first flags are used. * Fix bad console output when using console_output_style=classic * Fixtures during teardown can again use capsys and capfd to inspect output captured during tests. * Fix bugs where unicode arguments could not be passed to testdir.runpytest on Python 2. * Fix double collection of tests within packages when the filename starts with a capital letter * Fix collection error when specifying test functions directly in the command line using test.py::test syntax together with --doctest-modules * Fix stdout/stderr not getting captured when real-time cli logging is active. * Fix bug where --show-capture=no option would still show logs printed during fixture teardown. * Fix issue where teardown of fixtures of consecutive sub-packages were executed once, at the end of the outer package.
- update to 3.7.2
- add 0001-Use-unittest.mock-if-is-only-aviable.patch
- Fix filterwarnings not being registered as a builtin mark.
- Fix test collection from packages mixed with normal directories.
- Fix infinite recursion during collection if a pytest_ignore_collect hook returns False instead of None.
- Fix bug where decorated fixtures would lose functionality
- Fix bug where importing modules or other objects with prefix pytest_ prefix would raise a PluginValidationError.
- Fix AttributeError during teardown of TestCase subclasses which raise an exception during init.
- Fix traceback reporting for exceptions with cause cycles.
Changes in python-pytest: - update to 3.7.4 - drop 0001-Use-unittest.mock-if-is-only-aviable.patch * Fix possible infinite recursion when writing .pyc files * Cache plugin now obeys the -q flag when --last-failed and --failed-first flags are used. * Fix bad console output when using console_output_style=classic * Fixtures during teardown can again use capsys and capfd to inspect output captured during tests. * Fix bugs where unicode arguments could not be passed to testdir.runpytest on Python 2. * Fix double collection of tests within packages when the filename starts with a capital letter * Fix collection error when specifying test functions directly in the command line using test.py::test syntax together with --doctest-modules * Fix stdout/stderr not getting captured when real-time cli logging is active. * Fix bug where --show-capture=no option would still show logs printed during fixture teardown. * Fix issue where teardown of fixtures of consecutive sub-packages were executed once, at the end of the outer package.
- update to 3.7.2
- add 0001-Use-unittest.mock-if-is-only-aviable.patch
- Fix filterwarnings not being registered as a builtin mark.
- Fix test collection from packages mixed with normal directories.
- Fix infinite recursion during collection if a pytest_ignore_collect hook returns False instead of None.
- Fix bug where decorated fixtures would lose functionality
- Fix bug where importing modules or other objects with prefix pytest_ prefix would raise a PluginValidationError.
- Fix AttributeError during teardown of TestCase subclasses which raise an exception during init.
- Fix traceback reporting for exceptions with cause cycles.
Changes in python-urllib3: - Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.
-
Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for CVE-2019-9740.
-
Add urllib3-cve-2020-26137.patch. Don't allow control chars in request method. (bsc#1177120, CVE-2020-26137)
Changes in release-notes-suse-openstack-cloud: - Update to version 9.20200917: * Change wording to correctly refer to future SES versions * Update adoc/limitations.adoc * Add SES version limitation, remove deprecated note about Octavia for Crowbar
- Update to version 9.20200917:
- Announce Upgrade is now available (SOC-9781)
Changes in spark: - Add _constraints to prevent build from running out of disk space
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE OpenStack Cloud 9
zypper in -t patch SUSE-OpenStack-Cloud-9-2020-3897=1
-
SUSE OpenStack Cloud Crowbar 9
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-3897=1
Package List:
-
SUSE OpenStack Cloud 9 (noarch)
- openstack-neutron-vpnaas-13.0.2~dev6-3.9.2
- venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2
- venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2
- openstack-nova-placement-api-18.3.1~dev77-3.31.2
- openstack-nova-console-18.3.1~dev77-3.31.2
- openstack-heat-api-11.0.4~dev4-3.19.2
- python-nova-18.3.1~dev77-3.31.2
- openstack-manila-share-7.4.2~dev57-4.30.2
- openstack-heat-gbp-12.0.1~dev2-3.3.4
- openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2
- python-heat-gbp-12.0.1~dev2-3.3.4
- python-pytest-3.7.4-3.3.3
- openstack-neutron-server-13.0.8~dev135-3.31.2
- venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2
- venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2
- venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2
- openstack-nova-cells-18.3.1~dev77-3.31.2
- ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2
- python-neutron-gbp-12.0.1~dev5-3.19.4
- venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2
- ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2
- venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2
- openstack-heat-11.0.4~dev4-3.19.2
- openstack-neutron-l3-agent-13.0.8~dev135-3.31.2
- openstack-nova-conductor-18.3.1~dev77-3.31.2
- python-heat-11.0.4~dev4-3.19.2
- venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2
- openstack-manila-data-7.4.2~dev57-4.30.2
- openstack-nova-novncproxy-18.3.1~dev77-3.31.2
- python-manila-7.4.2~dev57-4.30.2
- release-notes-suse-openstack-cloud-9.20200917-3.24.3
- venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2
- openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3
- openstack-manila-api-7.4.2~dev57-4.30.2
- openstack-nova-serialproxy-18.3.1~dev77-3.31.2
- ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2
- openstack-manila-scheduler-7.4.2~dev57-4.30.2
- openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2
- openstack-neutron-13.0.8~dev135-3.31.2
- openstack-manila-7.4.2~dev57-4.30.2
- openstack-cinder-api-13.0.10~dev20-3.28.2
- openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2
- openstack-nova-18.3.1~dev77-3.31.2
- openstack-nova-scheduler-18.3.1~dev77-3.31.2
- python-neutron-vpnaas-13.0.2~dev6-3.9.2
- ardana-mq-9.0+git.1605174486.a78ddce-3.19.2
- python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2
- venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2
- venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2
- venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2
- openstack-cinder-scheduler-13.0.10~dev20-3.28.2
- openstack-neutron-ha-tool-13.0.8~dev135-3.31.2
- openstack-heat-api-cfn-11.0.4~dev4-3.19.2
- openstack-cinder-volume-13.0.10~dev20-3.28.2
- python-cinder-13.0.10~dev20-3.28.2
- python-neutron-13.0.8~dev135-3.31.2
- spark-2.2.3-5.3.3
- openstack-neutron-gbp-12.0.1~dev5-3.19.4
- openstack-cinder-backup-13.0.10~dev20-3.28.2
- openstack-ironic-python-agent-3.3.4~dev6-3.19.4
- openstack-nova-compute-18.3.1~dev77-3.31.2
- python-Jinja2-2.10.1-3.3.3
- python-pysaml2-4.5.0-4.3.3
- venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2
- venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2
- openstack-nova-api-18.3.1~dev77-3.31.2
- venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2
- openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2
- openstack-neutron-metering-agent-13.0.8~dev135-3.31.2
- openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4
- openstack-nova-vncproxy-18.3.1~dev77-3.31.2
- venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2
- openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2
- openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2
- openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2
- python-urllib3-1.23-3.15.3
- venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2
- openstack-cinder-13.0.10~dev20-3.28.2
- python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4
- openstack-heat-engine-11.0.4~dev4-3.19.2
-
SUSE OpenStack Cloud 9 (x86_64)
- grafana-6.7.4-3.20.1
- grafana-debuginfo-6.7.4-3.20.1
- influxdb-debuginfo-1.3.8-4.3.3
- influxdb-1.3.8-4.3.3
-
SUSE OpenStack Cloud Crowbar 9 (x86_64)
- crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2
- grafana-6.7.4-3.20.1
- grafana-debuginfo-6.7.4-3.20.1
- crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2
- influxdb-1.3.8-4.3.3
- influxdb-debuginfo-1.3.8-4.3.3
-
SUSE OpenStack Cloud Crowbar 9 (noarch)
- openstack-neutron-vpnaas-13.0.2~dev6-3.9.2
- openstack-nova-placement-api-18.3.1~dev77-3.31.2
- openstack-nova-console-18.3.1~dev77-3.31.2
- openstack-heat-api-11.0.4~dev4-3.19.2
- python-nova-18.3.1~dev77-3.31.2
- openstack-manila-share-7.4.2~dev57-4.30.2
- openstack-heat-gbp-12.0.1~dev2-3.3.4
- openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2
- python-heat-gbp-12.0.1~dev2-3.3.4
- python-pytest-3.7.4-3.3.3
- openstack-neutron-server-13.0.8~dev135-3.31.2
- openstack-nova-cells-18.3.1~dev77-3.31.2
- python-neutron-gbp-12.0.1~dev5-3.19.4
- openstack-heat-11.0.4~dev4-3.19.2
- crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3
- openstack-neutron-l3-agent-13.0.8~dev135-3.31.2
- openstack-nova-conductor-18.3.1~dev77-3.31.2
- python-heat-11.0.4~dev4-3.19.2
- openstack-manila-data-7.4.2~dev57-4.30.2
- openstack-nova-novncproxy-18.3.1~dev77-3.31.2
- python-manila-7.4.2~dev57-4.30.2
- release-notes-suse-openstack-cloud-9.20200917-3.24.3
- openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3
- openstack-manila-api-7.4.2~dev57-4.30.2
- openstack-nova-serialproxy-18.3.1~dev77-3.31.2
- openstack-nova-18.3.1~dev77-3.31.2
- openstack-manila-scheduler-7.4.2~dev57-4.30.2
- openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2
- openstack-neutron-13.0.8~dev135-3.31.2
- openstack-manila-7.4.2~dev57-4.30.2
- openstack-cinder-api-13.0.10~dev20-3.28.2
- openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2
- openstack-nova-scheduler-18.3.1~dev77-3.31.2
- python-neutron-vpnaas-13.0.2~dev6-3.9.2
- python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2
- openstack-cinder-scheduler-13.0.10~dev20-3.28.2
- openstack-neutron-ha-tool-13.0.8~dev135-3.31.2
- openstack-heat-api-cfn-11.0.4~dev4-3.19.2
- openstack-cinder-volume-13.0.10~dev20-3.28.2
- python-cinder-13.0.10~dev20-3.28.2
- python-neutron-13.0.8~dev135-3.31.2
- spark-2.2.3-5.3.3
- openstack-neutron-gbp-12.0.1~dev5-3.19.4
- openstack-cinder-backup-13.0.10~dev20-3.28.2
- openstack-ironic-python-agent-3.3.4~dev6-3.19.4
- openstack-nova-compute-18.3.1~dev77-3.31.2
- python-Jinja2-2.10.1-3.3.3
- python-pysaml2-4.5.0-4.3.3
- openstack-nova-api-18.3.1~dev77-3.31.2
- openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2
- openstack-neutron-metering-agent-13.0.8~dev135-3.31.2
- openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4
- openstack-nova-vncproxy-18.3.1~dev77-3.31.2
- openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2
- openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2
- openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2
- python-urllib3-1.23-3.15.3
- openstack-cinder-13.0.10~dev20-3.28.2
- python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4
- openstack-heat-engine-11.0.4~dev4-3.19.2
References:
- https://www.suse.com/security/cve/CVE-2016-10745.html
- https://www.suse.com/security/cve/CVE-2019-10906.html
- https://www.suse.com/security/cve/CVE-2019-20933.html
- https://www.suse.com/security/cve/CVE-2019-8341.html
- https://www.suse.com/security/cve/CVE-2020-24303.html
- https://www.suse.com/security/cve/CVE-2020-26137.html
- https://www.suse.com/security/cve/CVE-2020-5390.html
- https://bugzilla.suse.com/show_bug.cgi?id=1125815
- https://bugzilla.suse.com/show_bug.cgi?id=1132174
- https://bugzilla.suse.com/show_bug.cgi?id=1132323
- https://bugzilla.suse.com/show_bug.cgi?id=1160851
- https://bugzilla.suse.com/show_bug.cgi?id=1177120
- https://bugzilla.suse.com/show_bug.cgi?id=1177611
- https://bugzilla.suse.com/show_bug.cgi?id=1178243
- https://bugzilla.suse.com/show_bug.cgi?id=1178988
- https://jira.suse.com/browse/SCRD-8681
- https://jira.suse.com/browse/SOC-11184
- https://jira.suse.com/browse/SOC-11240
- https://jira.suse.com/browse/SOC-11391
- https://jira.suse.com/browse/SOC-7751
- https://jira.suse.com/browse/SOC-8764
- https://jira.suse.com/browse/SOC-9178
- https://jira.suse.com/browse/SOC-9781