User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2014-7954 (openstack-nova)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 20 Update: openstack-nova-2013.2.3-2.fc20
Date:  Sat, 12 Jul 2014 02:22:30 +0000
Message-ID:  <20140712022230.2EC23213C5@bastion01.phx2.fedoraproject.org>

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-7954 2014-07-01 06:31:55 -------------------------------------------------------------------------------- Name : openstack-nova Product : Fedora 20 Version : 2013.2.3 Release : 2.fc20 URL : http://openstack.org/projects/compute/ Summary : OpenStack Compute (nova) Description : OpenStack Compute (codename Nova) is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances, managing networks, and controlling access through users and projects. OpenStack Compute strives to be both hardware and hypervisor agnostic, currently supporting a variety of standard hardware configurations and seven major hypervisors. -------------------------------------------------------------------------------- Update Information: Add RBAC policy for ec2 API security groups calls - CVE-2014-0167 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 30 2014 Vladan Popovic <vpopovic@redhat.com> 2013.2.3-2 - Add RBAC policy for ec2 API security groups calls - CVE-2014-0167 - Move notification point to a better place - notify calling process we are ready to serve * Fri Apr 4 2014 Xavier Queralt <xqueralt@@redhat.com> - 2013.2.3-1 - Update to stable/havana 2013.2.3 release * Fri Feb 14 2014 Xavier Queralt <xqueralt@@redhat.com> - 2013.2.2-1 - Update to stable/havana 2013.2.2 release * Mon Jan 27 2014 Xavier Queralt <xqueralt@@redhat.com> - 2013.2.1-4 - Fix the patch for CVE-2013-7130 which was not backported properly * Fri Jan 24 2014 Xavier Queralt <xqueralt@@redhat.com> - 2013.2.1-3 - Require python-keystoneclient for api-paste - rhbz#909113 - Fix root disk leak in live migration - CVE-2013-7130 * Tue Dec 17 2013 Pádraig Brady <pbrady@redhat.com> - 2013.2.1-2 - Rotate log files by size rather than by age - rhbz#867747 * Mon Dec 16 2013 Xavier Queralt <xqueralt@redhat.com> - 2013.2.1-1 - Update to stable/havana 2013.2.1 release - Add python-oslo-sphinx to build requirements * Tue Dec 3 2013 Xavier Queralt <xqueralt@redhat.com> - 2013.2-4 - Fix the CVE number references from the latest change * Mon Nov 18 2013 Xavier Queralt <xqueralt@redhat.com> - 2013.2-3 - Remove cert and scheduler hard dependency on cinderclient - rhbz#1031679 - Require ipmitool for baremetal driver - rhbz#1022243 - Ensure we don't boot oversized images (CVE-2013-4463 and CVE-2013-2096) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1084868 - CVE-2014-0167 openstack-nova: RBAC policy not properly enforced in Nova EC2 API https://bugzilla.redhat.com/show_bug.cgi?id=1084868 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update openstack-nova' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds