PackStack is a command-line utility for deploying OpenStack on existing servers over an SSH connection. Deployment options are provided either interactively, using the command line, or non-interactively by means of a text file containing a set of preconfigured values for OpenStack parameters. PackStack is suitable for deploying proof-of-concept installations.
It was discovered that the puppet manifests, as provided with the openstack-puppet-modules package, would configure the pcsd daemon with a known default password. If this password was not changed and an attacker was able to gain access to pcsd, they could potentially run shell commands as root. (CVE-2015-1842)
This issue was discovered by Alessandro Vozza of Red Hat.
This update also adds the following enhancement:
All openstack-packstack and openstack-puppet-modules users are advised to upgrade to these updated packages, which corrects this issue and adds this enhancement.