[security-announce] SUSE-SU-2017:1443-1: important: Security update for several openstack-components

30 May 2017

      SUSE Security Update: Security update for several openstack-components
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1443-1
Rating:             important
References:         #1024328 #1030406 #1032322 
Cross-References:   CVE-2017-7214 CVE-2017-7400
Affected Products:
                    SUSE OpenStack Cloud 7
______________________________________________________________________________

   An update that solves two vulnerabilities and has one
   errata is now available.

Description:

   This update for openstack-ceilometer, -cinder, -dashboard, -glance, -heat,
   -keystone, -manila, -magnum and
   -novaopenstack-keystone provides the latest code from OpenStack Newton.

   - nova: Add release note that legacy notification exception contexts
     appearing in ERROR level logs may include sensitive information such as
     account passwords and authorization tokens. (bsc#1030406, CVE-2017-7214)
   - nova: Remove PrivTmp from openstack-nova-compute service. (bsc#1024328)
   - dashboard: Remove dangerous safestring declaration. (bsc#1032322,
     CVE-2017-7400)

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 7:

      zypper in -t patch SUSE-OpenStack-Cloud-7-2017-882=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE OpenStack Cloud 7 (noarch):

      openstack-ceilometer-7.0.4~a0~dev7-3.1
      openstack-ceilometer-agent-central-7.0.4~a0~dev7-3.1
      openstack-ceilometer-agent-compute-7.0.4~a0~dev7-3.1
      openstack-ceilometer-agent-ipmi-7.0.4~a0~dev7-3.1
      openstack-ceilometer-agent-notification-7.0.4~a0~dev7-3.1
      openstack-ceilometer-api-7.0.4~a0~dev7-3.1
      openstack-ceilometer-collector-7.0.4~a0~dev7-3.1
      openstack-ceilometer-doc-7.0.4~a0~dev7-3.2
      openstack-ceilometer-polling-7.0.4~a0~dev7-3.1
      openstack-cinder-9.1.5~a0~dev1-3.1
      openstack-cinder-api-9.1.5~a0~dev1-3.1
      openstack-cinder-backup-9.1.5~a0~dev1-3.1
      openstack-cinder-doc-9.1.5~a0~dev1-3.1
      openstack-cinder-scheduler-9.1.5~a0~dev1-3.1
      openstack-cinder-volume-9.1.5~a0~dev1-3.1
      openstack-dashboard-10.0.4~a0~dev2-3.1
      openstack-glance-13.0.1~a0~dev6-3.1
      openstack-glance-api-13.0.1~a0~dev6-3.1
      openstack-glance-doc-13.0.1~a0~dev6-3.3
      openstack-glance-glare-13.0.1~a0~dev6-3.1
      openstack-glance-registry-13.0.1~a0~dev6-3.1
      openstack-heat-7.0.4~a0~dev4-4.1
      openstack-heat-api-7.0.4~a0~dev4-4.1
      openstack-heat-api-cfn-7.0.4~a0~dev4-4.1
      openstack-heat-api-cloudwatch-7.0.4~a0~dev4-4.1
      openstack-heat-doc-7.0.4~a0~dev4-4.2
      openstack-heat-engine-7.0.4~a0~dev4-4.1
      openstack-heat-plugin-heat_docker-7.0.4~a0~dev4-4.1
      openstack-heat-test-7.0.4~a0~dev4-4.1
      openstack-keystone-10.0.2~a0~dev2-6.1
      openstack-keystone-doc-10.0.2~a0~dev2-6.2
      openstack-magnum-3.1.2~a0~dev22-13.1
      openstack-magnum-api-3.1.2~a0~dev22-13.1
      openstack-magnum-conductor-3.1.2~a0~dev22-13.1
      openstack-magnum-doc-3.1.2~a0~dev22-13.1
      openstack-manila-3.0.1~a0~dev27-3.1
      openstack-manila-api-3.0.1~a0~dev27-3.1
      openstack-manila-data-3.0.1~a0~dev27-3.1
      openstack-manila-doc-3.0.1~a0~dev27-3.1
      openstack-manila-scheduler-3.0.1~a0~dev27-3.1
      openstack-manila-share-3.0.1~a0~dev27-3.1
      openstack-nova-14.0.6~a0~dev16-3.1
      openstack-nova-api-14.0.6~a0~dev16-3.1
      openstack-nova-cells-14.0.6~a0~dev16-3.1
      openstack-nova-cert-14.0.6~a0~dev16-3.1
      openstack-nova-compute-14.0.6~a0~dev16-3.1
      openstack-nova-conductor-14.0.6~a0~dev16-3.1
      openstack-nova-console-14.0.6~a0~dev16-3.1
      openstack-nova-consoleauth-14.0.6~a0~dev16-3.1
      openstack-nova-doc-14.0.6~a0~dev16-3.3
      openstack-nova-novncproxy-14.0.6~a0~dev16-3.1
      openstack-nova-placement-api-14.0.6~a0~dev16-3.1
      openstack-nova-scheduler-14.0.6~a0~dev16-3.1
      openstack-nova-serialproxy-14.0.6~a0~dev16-3.1
      openstack-nova-vncproxy-14.0.6~a0~dev16-3.1
      python-ceilometer-7.0.4~a0~dev7-3.1
      python-cinder-9.1.5~a0~dev1-3.1
      python-glance-13.0.1~a0~dev6-3.1
      python-heat-7.0.4~a0~dev4-4.1
      python-horizon-10.0.4~a0~dev2-3.1
      python-keystone-10.0.2~a0~dev2-6.1
      python-magnum-3.1.2~a0~dev22-13.1
      python-manila-3.0.1~a0~dev27-3.1
      python-nova-14.0.6~a0~dev16-3.1

References:

   https://www.suse.com/security/cve/CVE-2017-7214.html
   https://www.suse.com/security/cve/CVE-2017-7400.html
   https://bugzilla.suse.com/1024328
   https://bugzilla.suse.com/1030406
   https://bugzilla.suse.com/1032322

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

[security-announce] SUSE-SU-2017:1443-1: important: Security update for several openstack-components

opensuse-security＠opensuse.org