You are here
Home > Preporuke > Ranjivost programskog paketa openstack-neutron

Ranjivost programskog paketa openstack-neutron

——————————————————————————–
Fedora Update Notification
FEDORA-2014-11892
2014-10-01 03:26:25
——————————————————————————–

Name : openstack-neutron
Product : Fedora 20
Version : 2013.2.4
Release : 4.fc20
URL : http://launchpad.net/neutron/
Summary : OpenStack Networking Service
Description :
Neutron is a virtual network service for Openstack. Just like
OpenStack Nova provides an ACVE-2014-5033PI to dynamically request and configure
virtual servers, Neutron provides an API to dynamically request and
configure virtual networks. These networks connect “interfaces” from
other OpenStack services (e.g., virtual NICs from Nova VMs). The
Neutron API supports extensions to provide advanced network
capabilities (e.g., QoS, ACLs, network monitoring, etc.)

——————————————————————————–
Update Information:

force_gateway_on_subnet=True in neutron-dist.conf
CVE fixed
Rebased Neutron for the last upstream Havana release (2013.2.4).
——————————————————————————–
ChangeLog:

* Mon Sep 29 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.4-4
– enforce force_gateway_on_subnet=True in neutron-dist.conf, rhbz#1090553
* Thu Sep 25 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.4-3
– Forbid regular users to reseCVE-2014-5033t admin-only attrs to default values, rhbz#1142013
* Mon Sep 22 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.4-2
– Merged in el6-havana branch, resolving conflicts between platforms
with if-else conditionals. This is needed because el6-havana was
(erroneously) locked when locking el6 branch.
* Mon Sep 22 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.4-1
– Update to upstream 2013.2.4
* Wed Jul 23 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-13
– no quota for allowed address pair, rhbz#1122428
* Wed Jul 16 2014 Miguel Ángel Ajo <majopela@redhat.com> 2013.2.3-12
– Moved all plugin sources to python-neutron to avoid breaking
hidden upstream dependencies from agents to plugins, etc.
fixes rhbz#1120146openstack-neutron
– Removed the hyper-v agent exclude.
– Added a few LICENSE files to packages that missed it.
* Tue Jun 24 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-11
– Send SIGTERM signal only to parent process when stopping neutron
service, bz#1110642
* Tue Jun 24 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-10
– Notify systemd when starting Neutron server, bz#1063427
* Tue Jun 17 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-9
– Install SNAT rules for ipv4 only, bz#1110142
* Wed Jun 11 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-8
– Ensure routing key is specified in the address for a direct producer, bz#1108025
* Mon May 19 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-7
– netaddr<=0.7.10 raises ValueError instead of AddrFormatError, bz#1090137
* Mon May 19 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-6
– Validate CIDR given as ip-prefix in security-group-rule-create, bz#1090137
* Thu May 15 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-5
– Make neutron-vpn-agent read fwaas_driver.ini, bz#1098121
* Mon Apr 28 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-4
– Removed signing_dir from neutron.conf (bz#1050842)
– Sync service and systemd modules from oslo-incubator (bz#1063427)
* Thu Apr 10 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-2
– Remove signing_dir from neutron-dist.conf, bz#1050842
* Thu Apr 10 2014 Miguel Angel Ajo <mangelajo@redhat.com> 2013.2.3-1
– Update to upstream 2013.2.3
* Wed Feb 19 2014 Pádraig Brady <pbrady@redhat.com> – 2013.2.2-2
– Update to havana stable release 2013.2.2
– Sync up Quantum renaming changes from el6 branch
* Fri Jan 24 2014 Terry Wilson <twilson@redhat.com> – 2013.2.1-3
– Remove requirements.txt, bz#1057615
* Tue Jan 7 2014 Terry Wilson <twilson@redhat.com> – 2013.2.1-1
– Add python-psutil requirement for openvswitch agent, bz#1049235
* Wed Dec 18 2013 Pádraig Brady <pbrady@redhat.com> – 2013.2.1-1
– Update to havana stable release 2013.2.1
* Tue Dec 10 2013 Terry Wilson <twilson@redhat.com> – 2013.2-6
– Add rootwrap.conf limitation to sudoers.d/neutron, bz#984097
– neutron-server-setup: support mariadb
* Wed Dec 4 2013 Terry Wilson <twilson@redhat.com> – 2013.2-5
– Add missing debug and vpnaas rootwrap filters, bz#1034207
* Mon Dec 2 2013 Terry Wilson <twilson@redhat.com> – 2013.2-4
– Replace quantum references in neutron-dist.conf
* Wed Nov 13 2013 Terry Wilson <twilson@redhat.com> – 2013.2-3
– Add dnsmasq-utils dependency
* Wed Oct 30 2013 Terry Wilson <twilson@redaht.com> – 2013.2-2
– Better support for upgrading from grizzly to havana
– Update dependencies on python-{babel,keystoneclient,oslo-config}
——————————————————————————–
References:

[ 1 ] Bug #1142012 – CVE-2014-6414 openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users
https://bugzilla.redhat.com/show_bug.cgi?id=1142012
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update openstack-neutron’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa golang

Otkriven je sigurnosni nedostatak u programskom paketu golang za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje "man-in-the-middle" napada....

Close