Security update for python modules

Announcement ID:	SUSE-SU-2015:1434-1
Rating:	low
References:	bsc#928205 bsc#932270 bsc#933758
Cross-References:	CVE-2015-1852
CVSS scores:
Affected Products:	SUSE Cloud 5

An update that solves one vulnerability and has two security fixes can now be installed.

Description:

This update provides the following fixes for various python-modules:

• python-openstackclient:

• Fix image create location attribute (bnc#932270)

• python-novaclient:

• Update novaclient shell to use shared arguments from Session

• Support using the Keystone V3 API from the Nova CLI

• python-keystoneclient:

• Fix s3_token middleware parsing insecure option (bsc#928205, CVE-2015-1852)

• python-glanceclient:

• remove deprecation warning

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Cloud 5
  zypper in -t patch sleclo50sp3-python-modules-201507-12046=1

Package List:

• SUSE Cloud 5 (x86_64)
  • python-openstackclient-0.4.1-9.2
  • python-keystonemiddleware-1.2.0-11.2
  • python-keystoneclient-1.0.0-11.1
  • python-novaclient-2.20.0-9.2
  • python-novaclient-doc-2.20.0-9.2
  • python-glanceclient-0.15.0-9.2
  • python-keystoneclient-doc-1.0.0-11.1

References:

• https://www.suse.com/security/cve/CVE-2015-1852.html
• https://bugzilla.suse.com/show_bug.cgi?id=928205
• https://bugzilla.suse.com/show_bug.cgi?id=932270
• https://bugzilla.suse.com/show_bug.cgi?id=933758