Security update for ardana-ansible, ardana-horizon, ardana-keystone, ardana-manila, ardana-neutron, crowbar-core, crowbar-openstack, grafana, openstack-cinder, openstack-dashboard, openstack-horizon-p
Announcement ID: | SUSE-SU-2019:2906-1 |
---|---|
Rating: | important |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves two vulnerabilities and contains 17 features can now be installed.
Description:
This update for ardana-ansible, ardana-horizon, ardana-keystone, ardana-manila, ardana-neutron, crowbar-core, crowbar-openstack, grafana, openstack-cinder, openstack-dashboard, openstack-horizon-plugin-manila-ui, openstack-keystone, openstack-manila, openstack-neutron, openstack-neutron-fwaas, openstack-neutron-lbaas, openstack-nova, openstack-octavia, openstack-octavia-amphora-image, pdns, python-Django1, python-keystonemiddleware, python-octaviaclient, python-os-brick, python-oslo.cache, python-oslo.messaging fixes the following issues:
Security issues fixed:
- CVE-2019-3871: Fixed an insufficient validation in the HTTP remote back end (pdns, bsc#1129734).
- CVE-2019-15043: Added authentication to a few REST endpoints (Grafana, SOC-10357, bsc#1148383).
Non-security issues fixed:
- Update to version 9.0+git.1568821007.4e73730:
-
Include manila-pre-upgrade.yml in ardana-upgrade.yml (SOC-10609)
-
Update to version 9.0+git.1569869028.8edfc22:
-
Added command to minify the django compressed css files (SOC-10305)
-
Update to version 9.0+git.1570035317.78077ac:
-
support OpenID Connect WebSSO (SOC-10509)
-
Update to version 9.0+git.1569444107.add6a40:
-
Manila parallelised upgrade workflow enhancements (SOC-10609)
-
Update to version 9.0+git.1571328680.3a89cb8:
-
Add neutron-common role dependencies (SOC-10875)
-
Update to version 6.0+git.1571412352.8da4d261f:
-
upgrade: Reload repo config in repochecks (SOC-10718)
-
Update to version 6.0+git.1571210108.12bd2ffa3:
-
crowbar: Give more time for reboot for physical hardware reboots
-
Update to version 6.0+git.1570004730.b56b8983b:
-
Revert "Use block-migration when needed" (SOC-10133)
-
Update to version 6.0+git.1569911671.d44b0035c:
-
Designate: Don't add the admin node to the public network (SOC-10658)
-
Update to version 6.0+git.1572264221.3826a58b8:
- Octavia: account for long ops in HA deployments (SOC-9894)
- Octavia: use correct IP addresses for listening (SOC-9894)
- Octavia: fix subnet creation race condition (SOC-9894)
- Updated copyright notices (SOC-9894)
-
Octavia: Follow up patch addressing comments from last PR (SOC-9894)
-
Update to version 6.0+git.1571986150.c5b827b7a:
-
Fix the migration that tried to access Array as a Hash (SOC-10896)
-
Update to version 6.0+git.1571731423.957dcfecd:
-
mysql: fix WSREP sync race (SOC-10717)
-
Update to version 6.0+git.1571660392.997fee49d:
-
mysql: stop service for mysql_install_db (SOC-10717)
-
Update to version 6.0+git.1571241502.2f673d0a9:
- rabbitmq: fix migration 200 (SOC-10623)
-
Changes to integrate with ACI 4.1 and new packages (SOC-10403)
-
Update to version 6.0+git.1570143515.9b1546ed3:
-
No rndc key if no public DNS server (SOC-10835)
-
Update to version 6.0+git.1570048281.815e06ff3:
-
create watcher barclamp (SOC-4183)
-
Update to version 6.0+git.1569942913.15b24bec5:
- monasca: Fix restore condition (SOC-9772)
-
database: really fix migration 102 (SOC-10717)
-
Update to version 6.0+git.1569823669.91f267e96:
-
Designate: Filter out the admin node (SOC-10658)
-
Create plugin directory and clean up (create in %install, add to %files) handling of /var/lib/grafana/* and
- Update to version cinder-13.0.8.dev8:
- Extend timeout for database migration tests 13.0.7
-
Add context to cloning snapshots in remotefs driver
-
Update to version cinder-13.0.7.dev22:
- Add retry to LVM deactivation
- Fix DetachedInstanceError for VolumeAttachment
-
Don't allow retype to encrypted+multiattach type
-
Update to version cinder-13.0.8.dev8:
- Extend timeout for database migration tests 13.0.7
-
Add context to cloning snapshots in remotefs driver
-
Update to version cinder-13.0.7.dev22:
- Add retry to LVM deactivation
- Fix DetachedInstanceError for VolumeAttachment
-
Don't allow retype to encrypted+multiattach type
-
Update to version horizon-14.0.5.dev1:
-
Fix aes-xts key length in Horizon Admin Guide / Manage Volumes 14.0.4
-
Add python-csscompressor as a requirement
-
python-csscompressor will be used to minify compressed css files
-
Update to version horizon-14.0.4.dev17:
-
Remove the check which causes plugin's quotas update failure
-
Update to version horizon-14.0.4.dev16:
-
Add Allowed Address Pair/Delete buttons are only visible to admin
-
Update to version horizon-14.0.4.dev14:
-
Updated max-width to be dynamic for .member class
-
Update to version horizon-14.0.4.dev13:
-
Avoid forced logout when 403 error encountered
-
Update to version manila-ui-2.16.2.dev2:
- Updated to get quotas data for Modify Quotas dialog Share tab
-
OpenDev Migration Patch 2.16.1
-
Update to version keystone-14.1.1.dev26:
-
Make system tokens work with domain-specific drivers
-
Update to version keystone-14.1.1.dev24:
-
Add test case for expanding implied roles in system tokens
-
Update to version keystone-14.1.1.dev22:
-
Add retry for DBDeadlock in credential delete
-
Update to version keystone-14.1.1.dev20:
- Import LDAP job into project
-
Update broken links to dogpile.cache docs
-
Update to version keystone-14.1.1.dev26:
-
Make system tokens work with domain-specific drivers
-
Update to version keystone-14.1.1.dev24:
-
Add test case for expanding implied roles in system tokens
-
Update to version keystone-14.1.1.dev22:
-
Add retry for DBDeadlock in credential delete
-
Update to version keystone-14.1.1.dev20:
- Import LDAP job into project
-
Update broken links to dogpile.cache docs
-
Update to version manila-7.3.1.dev15:
-
Fix [Unity] verification and convert mgmt ipv6
-
Update to version manila-7.3.1.dev14:
-
Adding documentation for User Messages in Manila Documentation
-
Update to version manila-7.3.1.dev12:
-
[NetApp] Allow extension/shrinking of NetApp replicated share
-
Update to version manila-7.3.1.dev11:
-
Fix pagination does not speed up queries bug
-
Update to version manila-7.3.1.dev9:
-
Remove backend spec from share type while creating replica
-
Update to version manila-7.3.1.dev8:
-
Check NetApp SnapRestore license for pools
-
Update to version manila-7.3.1.dev7:
-
Fix manila-tempest-minimal-dsvm-lvm-centos-7 job
-
Update to version manila-7.3.1.dev15:
-
Fix [Unity] verification and convert mgmt ipv6
-
Update to version manila-7.3.1.dev14:
-
Adding documentation for User Messages in Manila Documentation
-
Update to version manila-7.3.1.dev12:
-
[NetApp] Allow extension/shrinking of NetApp replicated share
-
Update to version manila-7.3.1.dev11:
-
Fix pagination does not speed up queries bug
-
Update to version manila-7.3.1.dev9:
-
Remove backend spec from share type while creating replica
-
Update to version manila-7.3.1.dev8:
-
Check NetApp SnapRestore license for pools
-
Update to version manila-7.3.1.dev7:
-
Fix manila-tempest-minimal-dsvm-lvm-centos-7 job
-
Update to version neutron-13.0.6.dev3:
- Add radvd_user config option
-
Fix mismatch of tags in dnsmasq options 13.0.5
-
Update to version neutron-13.0.5.dev55:
-
Handle ports assigned to routers without routerports
-
Update to version neutron-13.0.5.dev54:
-
fixed_configured=True when Add/Remove port IPs
-
Update to version neutron-13.0.5.dev53:
- raise priority of dead vlan drop
-
OVS flows for custom ethertypes must be on EGRESS
-
Update to version neutron-13.0.6.dev3:
- Add radvd_user config option
-
Fix mismatch of tags in dnsmasq options 13.0.5
-
Update to version neutron-13.0.5.dev55:
-
Handle ports assigned to routers without routerports
-
Update to version neutron-13.0.5.dev54:
-
fixed_configured=True when Add/Remove port IPs
-
Update to version neutron-13.0.5.dev53:
- raise priority of dead vlan drop
-
OVS flows for custom ethertypes must be on EGRESS
-
Update to version neutron-fwaas-13.0.3.dev2:
-
Fix AttributeError with third-party L3 service plugins
-
Update to version neutron-fwaas-13.0.3.dev1:
-
FWaaS-DVR: FWaaS rules not updated in DVR routers on compute host 13.0.2
-
Update to version neutron-fwaas-13.0.3.dev2:
-
Fix AttributeError with third-party L3 service plugins
-
Update to version neutron-fwaas-13.0.3.dev1:
-
FWaaS-DVR: FWaaS rules not updated in DVR routers on compute host 13.0.2
-
Update to version neutron-lbaas-13.0.1.dev15:
-
Fix lb stats model
-
Update to version neutron-lbaas-13.0.1.dev15:
-
Fix lb stats model
-
Update to version nova-18.2.4.dev18:
- Error out interrupted builds
- Functional reproduce for bug 1833581
- Prevent init_host test to interfere with other tests
- Add functional test for resize crash compute restart revert
-
cleanup evacuated instances not on hypervisor
-
Update to version nova-18.2.4.dev8:
- Fix unit of hw_rng:rate_period
- Fix exception translation when creating volume
- Skip test_parallel_evacuate_with_server_group until fixed
- Handle get_host_availability_zone error during reschedule
-
Noop CantStartEngineError in targets_cell if API DB not configured
-
Update to version nova-18.2.4.dev1:
-
Stop sending bad values from libosinfo to libvirt 18.2.3
-
Update to version nova-18.2.3.dev25:
-
Add useful error log when _determine_version_cap raises DBNotAllowed
-
Update to version nova-18.2.3.dev23:
-
Reduce scope of 'path' query parameter to noVNC consoles
-
Update to version nova-18.2.4.dev18:
- Error out interrupted builds
- Functional reproduce for bug 1833581
- Prevent init_host test to interfere with other tests
- Add functional test for resize crash compute restart revert
-
cleanup evacuated instances not on hypervisor
-
Update to version nova-18.2.4.dev8:
- Fix unit of hw_rng:rate_period
- Fix exception translation when creating volume
- Skip test_parallel_evacuate_with_server_group until fixed
- Handle get_host_availability_zone error during reschedule
-
Noop CantStartEngineError in targets_cell if API DB not configured
-
Update to version nova-18.2.4.dev1:
-
Stop sending bad values from libosinfo to libvirt 18.2.3
-
Update to version nova-18.2.3.dev25:
-
Add useful error log when _determine_version_cap raises DBNotAllowed
-
Update to version nova-18.2.3.dev23:
-
Reduce scope of 'path' query parameter to noVNC consoles
-
Move tempest tests into the python-octavia package (SOC-9455)
-
Update to version octavia-3.2.1.dev1: 3.2.0
-
loadbalancer vip-network-id IP availability check
-
Update to version octavia-3.1.2.dev46:
- Fix urgent amphora two-way auth security bug
Update image to 0.1.1 to include latest changes in openstack-octavia: - Update to include version octavia-3.2.1.dev1: * loadbalancer vip-network-id IP availability check * Fix urgent amphora two-way auth security bug * Fix member API handling of None/null updates * Validate server_certs_key_passphrase is 32 chars * Work around strptime threading issue * Fix base (VRRP) port abandoned on revert * Do not run non-voting jobs in gate * Fix l7rule API handling of None updates * Fix template that generates vrrp check script * elements: add arch property for ``open-vm-tools`` * Prevent UDP LBs to use different IP protocol versions in amphora driver * Fixed down server issue after reloading keepalived * Fixed pool and members status with UDP loadbalancers * Add support for monitor_{address,port} in UDP members * Fix auto setup Barbican's ACL in the legacy driver * Fix L7 repository create methods * Add warning log if auth_strategy is not keystone * Add failover logging to show the amphora details * Revert "Use the infra pypi mirror for DIB" * Use the infra pypi mirror for DIB * only rollback DB when we have a connection to the DB * Add octavia-v2-dsvm jobs to the gate queue * Fix for utils LB DM transformation function * Update amphora-agent to report UDP listener health * Update tox.ini for new upper constraints strategy * Add bindep.txt for Octavia * Fix allocate_and_associate DB deadlock * Treat null admin_state_up as False * Performance improvement for non-udp health checks * Bandit test exclusions syntax change * Fix IPv6 in Active/Standby topology on CentOS * Fix listener API handling of None/null updates * OpenDev Migration Patch * Fix a lifecycle bug with child objects * Fix the amphora base port coming up * Fix setting of VIP QoS policy * Fix VIP plugging on CentOS-based amphorae * Fix possible state machine hole in failover * Add missing import octavia/opts.py * Fix the loss of access to barbican secrets * Fix initialization of Barbican client * Replace openstack.org git:// URLs with https:// * Fix prefix for vip_ipv6 * Fix ifup failures on member interfaces with IPv6 * Adds server_certs_key_passphrase to octavia.conf * Fix LB failover when in ERROR * Resolve amphora agent read timeout issue * Fix performance of housekeeping DB clean up * Encrypt certs and keys * Enable debug for Octavia services in grenade job * Fix oslo messaging connection leakage * Simplify keepalived lvsquery parsing for UDP * Fix functional tests under Python >= 3.6 * Fix check redirect pool for creating a fully populated load balancer * Fix missing print format error - Remove superfluous octavia-db-manage invocation from service file - Incorporate the patch from https://review.openstack.org/#/c/541811/9.
- Update to 4.1.8
-
7604: Correctly interpret an empty AXFR response to an IXFR query,
-
7610: Fix replying from ANY address for non-standard port,
-
7609: Fix rectify for ENT records in narrow zones,
-
7607: Do not compress the root,
-
7608: Fix dot stripping in
setcontent()
, -
7605: Fix invalid SOA record in MySQL which prevented the authoritative server from starting,
-
7603: Prevent leak of file descriptor if running out of ports for incoming AXFR,
-
7602: Fix API search failed with “Commands out of sync; you can’t run this command now”,
-
7509: Plug
mysql_thread_init
memory leak, -
7567: EL6: fix
CXXFLAGS
to build with compiler optimizations. -
Prevent more than one CNAME/SOA record in the same RRset
-
Update to 1.11.24:
-
Fixed crash of KeyTransform() for JSONField and HStoreField when using on expressions with params (#30672).
-
update to version 5.2.1
- Update .gitreview for stable/rocky
- Update UPPER_CONSTRAINTS_FILE for stable/rocky
- OpenDev Migration Patch
- Remove tox_install.sh
- import zuul job settings from project-config
-
Skip the services with no endpoints when parsing service catalog
-
update to version 1.6.1
- Update UPPER_CONSTRAINTS_FILE for stable/rocky
- OpenDev Migration Patch
- import zuul job settings from project-config
- Update .gitreview for stable/rocky
-
Make sure we always requests JSON responses
-
update to version 2.5.8
- FC: Ignore some HBAs from map for single WWNN
- OpenDev Migration Patch
-
Improve iSCSI device detection speed
-
update to version 1.30.4
- Update UPPER_CONSTRAINTS_FILE for stable/rocky
- Fix memcache pool client in monkey-patched environments
- OpenDev Migration Patch
-
Pass
flush_on_reconnect
to memcache pooled backend -
update to version 8.1.4
- Replace openstack.org git:// URLs with https://
- Cap Bandit below 1.6.0 and update Sphinx requirement
- Retry to declare a queue after internal error
- Add release note for amqp library TLS/SSL error
- Fix switch connection destination when a rabbitmq cluster node disappear
- Mark telemetry tests nv and remove from gate
- OpenDev Migration Patch
- Issue blocking ACK for RPC requests from the consumer thread
- fix typos
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE OpenStack Cloud 9
zypper in -t patch SUSE-OpenStack-Cloud-9-2019-2906=1
-
SUSE OpenStack Cloud Crowbar 9
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2019-2906=1
Package List:
-
SUSE OpenStack Cloud 9 (noarch)
- venv-openstack-keystone-x86_64-14.1.1~dev26-3.11.3
- python-manila-7.3.1~dev15-4.13.4
- ardana-horizon-9.0+git.1569869028.8edfc22-3.10.3
- openstack-octavia-health-manager-3.2.1~dev1-3.13.3
- openstack-octavia-api-3.2.1~dev1-3.13.3
- python-neutron-13.0.6~dev3-3.13.4
- openstack-octavia-amphora-agent-3.2.1~dev1-3.13.3
- openstack-octavia-amphora-image-x86_64-0.1.1-7.3.4
- python-keystonemiddleware-5.2.1-11.4
- python-openstack_auth-14.0.5~dev1-3.9.4
- venv-openstack-cinder-x86_64-13.0.8~dev8-3.11.3
- openstack-neutron-ha-tool-13.0.6~dev3-3.13.4
- openstack-neutron-lbaas-13.0.1~dev15-3.10.3
- openstack-neutron-macvtap-agent-13.0.6~dev3-3.13.4
- ardana-ansible-9.0+git.1568821007.4e73730-3.13.3
- openstack-nova-placement-api-18.2.4~dev18-3.13.5
- python-cinder-13.0.8~dev8-3.13.5
- venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.11.3
- openstack-nova-serialproxy-18.2.4~dev18-3.13.5
- openstack-cinder-backup-13.0.8~dev8-3.13.5
- openstack-neutron-server-13.0.6~dev3-3.13.4
- openstack-neutron-lbaas-agent-13.0.1~dev15-3.10.3
- openstack-nova-api-18.2.4~dev18-3.13.5
- venv-openstack-octavia-x86_64-3.2.1~dev1-4.11.3
- python-octaviaclient-1.6.1-3.3.3
- venv-openstack-glance-x86_64-17.0.1~dev30-3.11.3
- openstack-neutron-dhcp-agent-13.0.6~dev3-3.13.4
- python-nova-18.2.4~dev18-3.13.5
- venv-openstack-horizon-x86_64-14.0.5~dev1-4.11.3
- openstack-cinder-volume-13.0.8~dev8-3.13.5
- python-neutron-lbaas-13.0.1~dev15-3.10.3
- ardana-neutron-9.0+git.1571328680.3a89cb8-3.13.3
- openstack-neutron-metering-agent-13.0.6~dev3-3.13.4
- openstack-octavia-amphora-image-debugsource-0.1.1-7.3.4
- python-octavia-3.2.1~dev1-3.13.3
- openstack-nova-18.2.4~dev18-3.13.5
- venv-openstack-barbican-x86_64-7.0.1~dev18-3.11.3
- openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3.3
- venv-openstack-manila-x86_64-7.3.1~dev15-3.11.3
- openstack-nova-conductor-18.2.4~dev18-3.13.5
- venv-openstack-nova-x86_64-18.2.4~dev18-3.11.3
- openstack-dashboard-14.0.5~dev1-3.9.4
- python-horizon-plugin-manila-ui-2.16.2~dev2-3.3.3
- python-horizon-14.0.5~dev1-3.9.4
- openstack-nova-compute-18.2.4~dev18-3.13.5
- openstack-octavia-worker-3.2.1~dev1-3.13.3
- openstack-neutron-metadata-agent-13.0.6~dev3-3.13.4
- openstack-manila-data-7.3.1~dev15-4.13.4
- venv-openstack-heat-x86_64-11.0.3~dev23-3.11.3
- venv-openstack-designate-x86_64-7.0.1~dev22-3.11.3
- openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13.4
- ardana-manila-9.0+git.1569444107.add6a40-3.9.3
- openstack-manila-api-7.3.1~dev15-4.13.4
- openstack-octavia-housekeeping-3.2.1~dev1-3.13.3
- venv-openstack-neutron-x86_64-13.0.6~dev3-6.11.3
- python-keystone-14.1.1~dev26-3.13.4
- openstack-nova-scheduler-18.2.4~dev18-3.13.5
- openstack-octavia-3.2.1~dev1-3.13.3
- openstack-cinder-api-13.0.8~dev8-3.13.5
- python-neutron-fwaas-13.0.3~dev2-3.6.3
- openstack-nova-cells-18.2.4~dev18-3.13.5
- openstack-manila-share-7.3.1~dev15-4.13.4
- openstack-neutron-13.0.6~dev3-3.13.4
- python-Django1-1.11.24-3.12.3
- venv-openstack-swift-x86_64-2.19.2~dev1-2.8.3
- python-os-brick-2.5.8-3.6.3
- ardana-keystone-9.0+git.1570035317.78077ac-3.10.3
- openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13.4
- openstack-neutron-fwaas-13.0.3~dev2-3.6.3
- openstack-nova-console-18.2.4~dev18-3.13.5
- openstack-nova-vncproxy-18.2.4~dev18-3.13.5
- openstack-manila-scheduler-7.3.1~dev15-4.13.4
- openstack-neutron-l3-agent-13.0.6~dev3-3.13.4
- python-os-brick-common-2.5.8-3.6.3
- openstack-cinder-13.0.8~dev8-3.13.5
- python-oslo.messaging-8.1.4-3.3.3
- venv-openstack-magnum-x86_64-7.1.1~dev28-4.11.3
- openstack-keystone-14.1.1~dev26-3.13.4
- venv-openstack-monasca-x86_64-2.7.1~dev10-3.11.3
- openstack-nova-novncproxy-18.2.4~dev18-3.13.5
- venv-openstack-sahara-x86_64-9.0.2~dev12-3.11.3
- python-oslo.cache-1.30.4-3.3.3
- openstack-manila-7.3.1~dev15-4.13.4
- openstack-cinder-scheduler-13.0.8~dev8-3.13.5
-
SUSE OpenStack Cloud 9 (x86_64)
- pdns-4.1.8-3.3.3
- pdns-debugsource-4.1.8-3.3.3
- pdns-debuginfo-4.1.8-3.3.3
- pdns-backend-mysql-4.1.8-3.3.3
- grafana-6.2.5-3.9.3
- pdns-backend-mysql-debuginfo-4.1.8-3.3.3
- grafana-debuginfo-6.2.5-3.9.3
-
SUSE OpenStack Cloud Crowbar 9 (x86_64)
- grafana-6.2.5-3.9.3
- crowbar-core-6.0+git.1571412352.8da4d261f-3.13.3
- grafana-debuginfo-6.2.5-3.9.3
- crowbar-core-branding-upstream-6.0+git.1571412352.8da4d261f-3.13.3
-
SUSE OpenStack Cloud Crowbar 9 (noarch)
- python-manila-7.3.1~dev15-4.13.4
- openstack-octavia-health-manager-3.2.1~dev1-3.13.3
- openstack-octavia-api-3.2.1~dev1-3.13.3
- python-neutron-13.0.6~dev3-3.13.4
- openstack-octavia-amphora-agent-3.2.1~dev1-3.13.3
- openstack-octavia-amphora-image-x86_64-0.1.1-7.3.4
- python-keystonemiddleware-5.2.1-11.4
- python-openstack_auth-14.0.5~dev1-3.9.4
- openstack-neutron-ha-tool-13.0.6~dev3-3.13.4
- openstack-neutron-lbaas-13.0.1~dev15-3.10.3
- openstack-neutron-macvtap-agent-13.0.6~dev3-3.13.4
- openstack-nova-placement-api-18.2.4~dev18-3.13.5
- python-cinder-13.0.8~dev8-3.13.5
- openstack-nova-serialproxy-18.2.4~dev18-3.13.5
- openstack-cinder-backup-13.0.8~dev8-3.13.5
- openstack-neutron-server-13.0.6~dev3-3.13.4
- openstack-neutron-lbaas-agent-13.0.1~dev15-3.10.3
- openstack-nova-api-18.2.4~dev18-3.13.5
- python-octaviaclient-1.6.1-3.3.3
- openstack-neutron-dhcp-agent-13.0.6~dev3-3.13.4
- python-nova-18.2.4~dev18-3.13.5
- openstack-cinder-volume-13.0.8~dev8-3.13.5
- python-neutron-lbaas-13.0.1~dev15-3.10.3
- openstack-neutron-metering-agent-13.0.6~dev3-3.13.4
- openstack-octavia-amphora-image-debugsource-0.1.1-7.3.4
- python-octavia-3.2.1~dev1-3.13.3
- openstack-nova-18.2.4~dev18-3.13.5
- openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3.3
- openstack-nova-conductor-18.2.4~dev18-3.13.5
- openstack-dashboard-14.0.5~dev1-3.9.4
- python-horizon-plugin-manila-ui-2.16.2~dev2-3.3.3
- python-horizon-14.0.5~dev1-3.9.4
- openstack-nova-compute-18.2.4~dev18-3.13.5
- openstack-octavia-worker-3.2.1~dev1-3.13.3
- openstack-neutron-metadata-agent-13.0.6~dev3-3.13.4
- openstack-manila-data-7.3.1~dev15-4.13.4
- openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13.4
- openstack-manila-api-7.3.1~dev15-4.13.4
- openstack-octavia-housekeeping-3.2.1~dev1-3.13.3
- python-keystone-14.1.1~dev26-3.13.4
- openstack-nova-scheduler-18.2.4~dev18-3.13.5
- openstack-octavia-3.2.1~dev1-3.13.3
- openstack-cinder-api-13.0.8~dev8-3.13.5
- python-neutron-fwaas-13.0.3~dev2-3.6.3
- openstack-nova-cells-18.2.4~dev18-3.13.5
- openstack-manila-share-7.3.1~dev15-4.13.4
- openstack-neutron-13.0.6~dev3-3.13.4
- python-Django1-1.11.24-3.12.3
- python-os-brick-2.5.8-3.6.3
- openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13.4
- openstack-neutron-fwaas-13.0.3~dev2-3.6.3
- openstack-nova-console-18.2.4~dev18-3.13.5
- openstack-nova-vncproxy-18.2.4~dev18-3.13.5
- openstack-manila-scheduler-7.3.1~dev15-4.13.4
- openstack-neutron-l3-agent-13.0.6~dev3-3.13.4
- python-os-brick-common-2.5.8-3.6.3
- openstack-cinder-13.0.8~dev8-3.13.5
- python-oslo.messaging-8.1.4-3.3.3
- openstack-keystone-14.1.1~dev26-3.13.4
- crowbar-openstack-6.0+git.1572264221.3826a58b8-3.13.3
- openstack-nova-novncproxy-18.2.4~dev18-3.13.5
- python-oslo.cache-1.30.4-3.3.3
- openstack-manila-7.3.1~dev15-4.13.4
- openstack-cinder-scheduler-13.0.8~dev8-3.13.5
References:
- https://www.suse.com/security/cve/CVE-2019-15043.html
- https://www.suse.com/security/cve/CVE-2019-3871.html
- https://bugzilla.suse.com/show_bug.cgi?id=1129734
- https://bugzilla.suse.com/show_bug.cgi?id=1148383
- https://jira.suse.com/browse/SOC-10133
- https://jira.suse.com/browse/SOC-10305
- https://jira.suse.com/browse/SOC-10357
- https://jira.suse.com/browse/SOC-10403
- https://jira.suse.com/browse/SOC-10509
- https://jira.suse.com/browse/SOC-10609
- https://jira.suse.com/browse/SOC-10623
- https://jira.suse.com/browse/SOC-10658
- https://jira.suse.com/browse/SOC-10717
- https://jira.suse.com/browse/SOC-10718
- https://jira.suse.com/browse/SOC-10835
- https://jira.suse.com/browse/SOC-10875
- https://jira.suse.com/browse/SOC-10896
- https://jira.suse.com/browse/SOC-4183
- https://jira.suse.com/browse/SOC-9455
- https://jira.suse.com/browse/SOC-9772
- https://jira.suse.com/browse/SOC-9894