(RHSA-2014:1078) Moderate: openstack-neutron security update

OpenStack Networking (Neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines.

A denial of service flaw was found in Neutron’s handling of allowed address
pairs. There was no enforced quota on the amount of allowed address pairs,
possibly allowing a sufficiently authorized user to create such a large
number of firewall rules as to impact performance, or potentially render a
compute node unusable. (CVE-2014-3555)

Red Hat would like to thank the OpenStack project for reporting this issue.
Upstream acknowledges Liping Mao from Cisco as the original reporter.

All openstack-neutron users are advised to upgrade to these updated
packages, which correct this issue.