SUSE-SU-2015:2220-1
- Source
- https://www.suse.com/support/update/announcement/2015/suse-su-20152220-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:2220-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2015:2220-1
- Related
- Published
- 2015-12-07T14:44:50Z
- Modified
- 2015-12-07T14:44:50Z
- Summary
- Security update for openstack-nova and openstack-neutron
- Details
-
This update for openstack-nova and openstack-neutron provides various fixes and improvements.
openstack-nova:
- Fix instance filtering. (bsc#927625)
- Remove error messages from multipath command output before parsing. (bsc#949529)
- Fix live-migration usage of the wrong connector information.
- Added requirement for memcached to python-nova. (bsc#942457)
- Don't expect meta attributes in object_compat that aren't in the db obj. (bsc#949070, CVE-2015-7713)
- Kill rsync/scp processes before deleting instance. (bsc#935017, CVE-2015-3241)
- Sync process utils from oslo for execute callbacks. (bsc#935017, CVE-2015-3241)
- Fix rebuild of an instance with a volume attached.
- Fixes cleanuprbd code to capture ImageBusy exception.
- Don't try to confine a non-NUMA instance.
- Include blank volumes in the block device mapping (bsc#945923)
- Delete orphaned instance files from compute nodes (bsc#944178, CVE-2015-3280)
openstack-neutron:
- Fix usage_audit to work with ML2.
- Fix UDP offloading issue with virtio VMs. (bsc#948704)
- Fix ipset can't be destroyed when last rule is deleted.
- Add ARP spoofing protection for LinuxBridge agent.
- Don't use ARP responder for IPv6 addresses in ovs.
- Stop device_owner from being set to 'network:*'. (bsc#943648, CVE-2015-5240)
- NSX-mh: use router_distributed flag.
- NSX-mh: Failover controller connections on socket failures.
- NSX-mh: Prevent failures on router delete.
- References
-
- https://www.suse.com/support/update/announcement/2015/suse-su-20152220-1/
- https://bugzilla.suse.com/927625
- https://bugzilla.suse.com/935017
- https://bugzilla.suse.com/935263
- https://bugzilla.suse.com/939691
- https://bugzilla.suse.com/942457
- https://bugzilla.suse.com/943648
- https://bugzilla.suse.com/944178
- https://bugzilla.suse.com/945923
- https://bugzilla.suse.com/948704
- https://bugzilla.suse.com/949070
- https://bugzilla.suse.com/949529
- https://www.suse.com/security/cve/CVE-2015-3221
- https://www.suse.com/security/cve/CVE-2015-3241
- https://www.suse.com/security/cve/CVE-2015-3280
- https://www.suse.com/security/cve/CVE-2015-5240
- https://www.suse.com/security/cve/CVE-2015-7713
Affected packages
SUSE:Cloud Compute Node for SUSE Linux Enterprise 12 5 / openstack-neutron
Package
- Name
- openstack-neutron
- Purl
- pkg:rpm/suse/openstack-neutron&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2014.2.4~a0~dev103-10.3
Ecosystem specific
{
"binaries": [
{
"openstack-neutron-openvswitch-agent": "2014.2.4~a0~dev103-10.3",
"python-python-memcached": "1.54-2.1",
"openstack-nova-compute": "2014.2.4~a0~dev80-14.1",
"openstack-neutron-dhcp-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-l3-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-metadata-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-vpn-agent": "2014.2.4~a0~dev103-10.3",
"openstack-nova": "2014.2.4~a0~dev80-14.1",
"python-nova": "2014.2.4~a0~dev80-14.1",
"openstack-neutron-lbaas-agent": "2014.2.4~a0~dev103-10.3",
"python-neutron": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-ha-tool": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-linuxbridge-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-metering-agent": "2014.2.4~a0~dev103-10.3"
}
]
}
SUSE:Cloud Compute Node for SUSE Linux Enterprise 12 5 / openstack-nova
Package
- Name
- openstack-nova
- Purl
- pkg:rpm/suse/openstack-nova&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2014.2.4~a0~dev80-14.1
Ecosystem specific
{
"binaries": [
{
"openstack-neutron-openvswitch-agent": "2014.2.4~a0~dev103-10.3",
"python-python-memcached": "1.54-2.1",
"openstack-nova-compute": "2014.2.4~a0~dev80-14.1",
"openstack-neutron-dhcp-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-l3-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-metadata-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-vpn-agent": "2014.2.4~a0~dev103-10.3",
"openstack-nova": "2014.2.4~a0~dev80-14.1",
"python-nova": "2014.2.4~a0~dev80-14.1",
"openstack-neutron-lbaas-agent": "2014.2.4~a0~dev103-10.3",
"python-neutron": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-ha-tool": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-linuxbridge-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-metering-agent": "2014.2.4~a0~dev103-10.3"
}
]
}
SUSE:Cloud Compute Node for SUSE Linux Enterprise 12 5 / python-python-memcached
Package
- Name
- python-python-memcached
- Purl
- pkg:rpm/suse/python-python-memcached&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.54-2.1
Ecosystem specific
{
"binaries": [
{
"openstack-neutron-openvswitch-agent": "2014.2.4~a0~dev103-10.3",
"python-python-memcached": "1.54-2.1",
"openstack-nova-compute": "2014.2.4~a0~dev80-14.1",
"openstack-neutron-dhcp-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-l3-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-metadata-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-vpn-agent": "2014.2.4~a0~dev103-10.3",
"openstack-nova": "2014.2.4~a0~dev80-14.1",
"python-nova": "2014.2.4~a0~dev80-14.1",
"openstack-neutron-lbaas-agent": "2014.2.4~a0~dev103-10.3",
"python-neutron": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-ha-tool": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-linuxbridge-agent": "2014.2.4~a0~dev103-10.3",
"openstack-neutron-metering-agent": "2014.2.4~a0~dev103-10.3"
}
]
}