——————————————————————————–
Fedora Update Notification
FEDORA-2014-6520
2014-05-21 01:30:42
——————————————————————————–

Name : openstack-neutron
Product : Fedora 20
Version : 2013.2.3
Release : 7.fc20
URL : http://launchpad.net/neutron/
Summary : OpenStack Networking Service
Description :
Neutron is a virtual network service for Openstack. Just like
OpenStack Nova provides an API to dynamically request and configure
virtual servers, Neutron provides an API to dynamically request and
configure virtual networks. These networks connect “interfaces” from
other OpenStack services (e.g., virtual NICs from Nova VMs). The
Neutron API supports extensions to provide advanced network
capabilities (e.g., QoS, ACLs, network monitoring, etc.)

——————————————————————————–
Update Information:

Fixed CVE-2014-0187 “openstack-neutron: security groups bypass through invalid CIDR”
Fixed CVE-2014-0187: “openstack-neutron: security groups bypass through invalid CIDR”, bz#1090136
Make neutron-vpn-agent read fwaas_driver.ini
——————————————————————————–
ChangeLog:

* Mon May 19 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-7
– netaddr<=0.7.10 raises ValueError instead of AddrFormatError, bz#1090137
* Mon May 19 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-6
– Validate CIDR given as ip-prefix in security-group-rule-create, bz#1090137
* Thu May 15 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-5
– Make neutron-vpn-agent read fwaas_driver.ini, bz#1098121
* Mon Apr 28 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-4
– Removed signing_dir from neutron.conf (bz#1050842)
– Sync service and systemd modules from oslo-incubator (bz#1063427)
* Thu Apr 10 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-2
– Remove signing_dir from neutron-dist.conf, bz#1050842
* Thu Apr 10 2014 Miguel Angel Ajo <mangelajo@redhat.com> 2013.2.3-1
– Update to upstream 2013.2.3
* Wed Feb 19 2014 Pádraig Brady <pbrady@redhat.com> – 2013.2.2-2
– Update to havana stable release 2013.2.2
– Sync up Quantum renaming changes from el6 branch
* Fri Jan 24 2014 Terry Wilson <twilson@redhat.com> – 2013.2.1-3
– Remove requirements.txt, bz#1057615
* Tue Jan 7 2014 Terry Wilson <twilson@redhat.com> – 2013.2.1-1
– Add python-psutil requirement for openvswitch agent, bz#1049235
* Wed Dec 18 2013 Pádraig Brady <pbrady@redhat.com> – 2013.2.1-1
– Update to havana stable release 2013.2.1
* Tue Dec 10 2013 Terry Wilson <twilson@redhat.com> – 2013.2-6
– Add rootwrap.conf limitation to sudoers.d/neutron, bz#984097
– neutron-server-setup: support mariadb
* Wed Dec 4 2013 Terry Wilson <twilson@redhat.com> – 2013.2-5
– Add missing debug and vpnaas rootwrap filters, bz#1034207
* Mon Dec 2 2013 Terry Wilson <twilson@redhat.com> – 2013.2-4
– Replace quantum references in neutron-dist.conf
* Wed Nov 13 2013 Terry Wilson <twilson@redhat.com> – 2013.2-3
– Add dnsmasq-utils dependency
* Wed Oct 30 2013 Terry Wilson <twilson@redaht.com> – 2013.2-2
– Better support for upgrading from grizzly to havana
– Update dependencies on python-{babel,keystoneclient,oslo-config}
——————————————————————————–
References:

[ 1 ] Bug #1090132 – CVE-2014-0187 openstack-neutron: security groups bypass through invalid CIDR
https://bugzilla.redhat.com/show_bug.cgi?id=1090132
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update openstack-neutron’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce