PackStack is a command-line utility for deploying OpenStack on existing
servers over an SSH connection. Deployment options are provided either
interactively, using the command line, or non-interactively by means of a
text file containing a set of preconfigured values for OpenStack
parameters. PackStack is suitable for deploying proof-of-concept
installations.
It was discovered that the puppet manifests, as provided with the
openstack-puppet-modules package, would configure the pcsd daemon with a
known default password. If this password was not changed and an attacker
was able to gain access to pcsd, they could potentially run shell
commands as root. (CVE-2015-1842)
This issue was discovered by Alessandro Vozza of Red Hat.
This update also adds the following enhancement:
All openstack-packstack and openstack-puppet-modules users are advised to
upgrade to these updated packages, which corrects this issue and adds
this enhancement.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | noarch | openstack-packstack-doc | < 2014.1.1-0.46.dev1280.el7ost | openstack-packstack-doc-2014.1.1-0.46.dev1280.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-packstack-puppet | < 2014.1.1-0.46.dev1280.el7ost | openstack-packstack-puppet-2014.1.1-0.46.dev1280.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-packstack | < 2014.1.1-0.46.dev1280.el7ost | openstack-packstack-2014.1.1-0.46.dev1280.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-puppet-modules | < 2014.1.2-1.el7ost | openstack-puppet-modules-2014.1.2-1.el7ost.noarch.rpm |