Login
Newsletter
Werbung

Sicherheit: Denial of Service in openstack-neutron
Aktuelle Meldungen Distributionen
Name: Denial of Service in openstack-neutron
ID: FEDORA-2014-7446
Distribution: Fedora
Plattformen: Fedora 20
Datum: Do, 26. Juni 2014, 16:36
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4167
Applikationen: OpenStack

Originalnachricht

Name        : openstack-neutron
Product : Fedora 20
Version : 2013.2.3
Release : 9.fc20
URL : http://launchpad.net/neutron/
Summary : OpenStack Networking Service
Description :
Neutron is a virtual network service for Openstack. Just like
OpenStack Nova provides an API to dynamically request and configure
virtual servers, Neutron provides an API to dynamically request and
configure virtual networks. These networks connect "interfaces" from
other OpenStack services (e.g., virtual NICs from Nova VMs). The
Neutron API supports extensions to provide advanced network
capabilities (e.g., QoS, ACLs, network monitoring, etc.)

-------------------------------------------------------------------------------
-
Update Information:

Fixed a security issue that allowed an authorised user to break Neutron
L3-agent using a IPv6 subnet.
This is an update that fixes problems communicating with the latest upstream
stable Qpid >= 0.28.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Jun 17 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-9
- Install SNAT rules for ipv4 only, bz#1110142
* Wed Jun 11 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-8
- Ensure routing key is specified in the address for a direct producer,
bz#1108025
* Mon May 19 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-7
- netaddr<=0.7.10 raises ValueError instead of AddrFormatError, bz#1090137
* Mon May 19 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-6
- Validate CIDR given as ip-prefix in security-group-rule-create, bz#1090137
* Thu May 15 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-5
- Make neutron-vpn-agent read fwaas_driver.ini, bz#1098121
* Mon Apr 28 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-4
- Removed signing_dir from neutron.conf (bz#1050842)
- Sync service and systemd modules from oslo-incubator (bz#1063427)
* Thu Apr 10 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-2
- Remove signing_dir from neutron-dist.conf, bz#1050842
* Thu Apr 10 2014 Miguel Angel Ajo <mangelajo@redhat.com> 2013.2.3-1
- Update to upstream 2013.2.3
* Wed Feb 19 2014 Pádraig Brady <pbrady@redhat.com> - 2013.2.2-2
- Update to havana stable release 2013.2.2
- Sync up Quantum renaming changes from el6 branch
* Fri Jan 24 2014 Terry Wilson <twilson@redhat.com> - 2013.2.1-3
- Remove requirements.txt, bz#1057615
* Tue Jan 7 2014 Terry Wilson <twilson@redhat.com> - 2013.2.1-1
- Add python-psutil requirement for openvswitch agent, bz#1049235
* Wed Dec 18 2013 Pádraig Brady <pbrady@redhat.com> - 2013.2.1-1
- Update to havana stable release 2013.2.1
* Tue Dec 10 2013 Terry Wilson <twilson@redhat.com> - 2013.2-6
- Add rootwrap.conf limitation to sudoers.d/neutron, bz#984097
- neutron-server-setup: support mariadb
* Wed Dec 4 2013 Terry Wilson <twilson@redhat.com> - 2013.2-5
- Add missing debug and vpnaas rootwrap filters, bz#1034207
* Mon Dec 2 2013 Terry Wilson <twilson@redhat.com> - 2013.2-4
- Replace quantum references in neutron-dist.conf
* Wed Nov 13 2013 Terry Wilson <twilson@redhat.com> - 2013.2-3
- Add dnsmasq-utils dependency
* Wed Oct 30 2013 Terry Wilson <twilson@redaht.com> - 2013.2-2
- Better support for upgrading from grizzly to havana
- Update dependencies on python-{babel,keystoneclient,oslo-config}
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1110139 - CVE-2014-4167 openstack-neutron: L3-agent denial of
service through IPv6 subnet
https://bugzilla.redhat.com/show_bug.cgi?id=1110139
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update openstack-neutron' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung