SUSE-SU-2015:1666-1

Source
https://www.suse.com/support/update/announcement/2015/suse-su-20151666-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1666-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:1666-1
Related
Published
2015-09-23T01:53:39Z
Modified
2015-09-23T01:53:39Z
Summary
Security update for Cloud Compute 12
Details

This collective update for the Cloud Compute 12 Module provides several fixes and enhancements.

openstack-suse:

  • Do not copy upstream Python requirements to the package. (bsc#920573)

openstack-nova:

  • Fix metadata not returning just instance private IP. (bsc#934523)
  • Enable tenant/user specific instance filtering. (bsc#927625)
  • Cleanup allocated networks after rescheduling. (bsc#931839)
  • Fix instance filtering. (bsc#927625)
  • Websocket Proxy should verify Origin header to prevent Cross-Site WebSocket hijacking. (bsc#917091, CVE-2015-0259)

openstack-neutron:

  • Change neutron-ha-tool to read password from /etc/neutron/os_password. (bsc#922751)
  • Change port status when it is bound. (bsc#926773)
  • Require conntrack-tools for SLE12. (bsc#944339)
  • Allow images with existing routes in the network 169.254.0.0/16 to access metadata server. (bsc#915245)

openstack-ceilometer:

  • Fix issue when ceilometer-expirer is called from the wrong user via cronjob and the resulting logs end up having wrong ownership. (bsc#930574)
  • Move the cron job to collector package. (bsc#926596)

For a comprehensive list of changes, please refer to the packages' change log.

References

Affected packages

SUSE:Cloud Compute Node for SUSE Linux Enterprise 12 5 / openstack-ceilometer

Package

Name
openstack-ceilometer
Purl
pkg:rpm/suse/openstack-ceilometer&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2014.2.4.dev18-3.2

Ecosystem specific

{
    "binaries": [
        {
            "openstack-neutron-openvswitch-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-nova-compute": "2014.2.4~a0~dev61-6.2",
            "openstack-neutron-dhcp-agent": "2014.2.4~a0~dev78-7.2",
            "python-ceilometer": "2014.2.4.dev18-3.2",
            "openstack-ceilometer": "2014.2.4.dev18-3.2",
            "openstack-ceilometer-agent-compute": "2014.2.4.dev18-3.2",
            "openstack-neutron-l3-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-metadata-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-vpn-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-nova": "2014.2.4~a0~dev61-6.2",
            "python-nova": "2014.2.4~a0~dev61-6.2",
            "openstack-neutron-lbaas-agent": "2014.2.4~a0~dev78-7.2",
            "python-neutron": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-ha-tool": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-linuxbridge-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-metering-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-suse-sudo": "2014.2-5.1"
        }
    ]
}

SUSE:Cloud Compute Node for SUSE Linux Enterprise 12 5 / openstack-neutron

Package

Name
openstack-neutron
Purl
pkg:rpm/suse/openstack-neutron&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2014.2.4~a0~dev78-7.2

Ecosystem specific

{
    "binaries": [
        {
            "openstack-neutron-openvswitch-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-nova-compute": "2014.2.4~a0~dev61-6.2",
            "openstack-neutron-dhcp-agent": "2014.2.4~a0~dev78-7.2",
            "python-ceilometer": "2014.2.4.dev18-3.2",
            "openstack-ceilometer": "2014.2.4.dev18-3.2",
            "openstack-ceilometer-agent-compute": "2014.2.4.dev18-3.2",
            "openstack-neutron-l3-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-metadata-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-vpn-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-nova": "2014.2.4~a0~dev61-6.2",
            "python-nova": "2014.2.4~a0~dev61-6.2",
            "openstack-neutron-lbaas-agent": "2014.2.4~a0~dev78-7.2",
            "python-neutron": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-ha-tool": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-linuxbridge-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-metering-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-suse-sudo": "2014.2-5.1"
        }
    ]
}

SUSE:Cloud Compute Node for SUSE Linux Enterprise 12 5 / openstack-nova

Package

Name
openstack-nova
Purl
pkg:rpm/suse/openstack-nova&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2014.2.4~a0~dev61-6.2

Ecosystem specific

{
    "binaries": [
        {
            "openstack-neutron-openvswitch-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-nova-compute": "2014.2.4~a0~dev61-6.2",
            "openstack-neutron-dhcp-agent": "2014.2.4~a0~dev78-7.2",
            "python-ceilometer": "2014.2.4.dev18-3.2",
            "openstack-ceilometer": "2014.2.4.dev18-3.2",
            "openstack-ceilometer-agent-compute": "2014.2.4.dev18-3.2",
            "openstack-neutron-l3-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-metadata-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-vpn-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-nova": "2014.2.4~a0~dev61-6.2",
            "python-nova": "2014.2.4~a0~dev61-6.2",
            "openstack-neutron-lbaas-agent": "2014.2.4~a0~dev78-7.2",
            "python-neutron": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-ha-tool": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-linuxbridge-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-metering-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-suse-sudo": "2014.2-5.1"
        }
    ]
}

SUSE:Cloud Compute Node for SUSE Linux Enterprise 12 5 / openstack-suse

Package

Name
openstack-suse
Purl
pkg:rpm/suse/openstack-suse&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2014.2-5.1

Ecosystem specific

{
    "binaries": [
        {
            "openstack-neutron-openvswitch-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-nova-compute": "2014.2.4~a0~dev61-6.2",
            "openstack-neutron-dhcp-agent": "2014.2.4~a0~dev78-7.2",
            "python-ceilometer": "2014.2.4.dev18-3.2",
            "openstack-ceilometer": "2014.2.4.dev18-3.2",
            "openstack-ceilometer-agent-compute": "2014.2.4.dev18-3.2",
            "openstack-neutron-l3-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-metadata-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-vpn-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-nova": "2014.2.4~a0~dev61-6.2",
            "python-nova": "2014.2.4~a0~dev61-6.2",
            "openstack-neutron-lbaas-agent": "2014.2.4~a0~dev78-7.2",
            "python-neutron": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-ha-tool": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-linuxbridge-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-neutron-metering-agent": "2014.2.4~a0~dev78-7.2",
            "openstack-suse-sudo": "2014.2-5.1"
        }
    ]
}