Security update for openstack-neutron and crowbar-barclamp-neutron

Announcement ID: SUSE-SU-2015:1890-1
Rating: low
References:
Cross-References:
CVSS scores:
Affected Products:
  • SUSE Cloud 5

An update that solves two vulnerabilities and has three security fixes can now be installed.

Description:

This update provides security fixes and improvements for openstack-neutron and crowbar-barclamp-neutron.

crowbar-barclamp-neutron:

  • Add infoblox support.
  • Add configurations required to support DHCP relay.
  • Create "floating" network as "flat" provider network. (bsc#946882)
  • Fix search for Nova instance.

openstack-neutron:

  • Fix usage_audit to work with ML2.
  • Fix UDP offloading issue with virtio VMs. (bsc#948704)
  • Fix ipset can't be destroyed when last rule is deleted.
  • Add ARP spoofing protection for LinuxBridge agent.
  • Don't use ARP responder for IPv6 addresses in ovs.
  • Stop device_owner from being set to 'network:*'. (bsc#943648, CVE-2015-5240)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Cloud 5
    zypper in -t patch sleclo50sp3-neutron-201510-12183=1

Package List:

  • SUSE Cloud 5 (noarch)
    • openstack-neutron-doc-2014.2.4~a0~dev103-16.4
    • crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2
  • SUSE Cloud 5 (x86_64)
    • openstack-neutron-2014.2.4~a0~dev103-16.2
    • openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-server-2014.2.4~a0~dev103-16.2
    • openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2
    • python-neutron-2014.2.4~a0~dev103-16.2
    • openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2
    • openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2
    • openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2
    • openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2

References: