(RHSA-2015:2684) Moderate: openstack-nova secuity and bug fix advisory

2015-12-2118:32:35

access.redhat.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

74.1%

JSON

OpenStack Compute (nova) launches and schedules large networks of
virtual machines, creating a redundant and scalable cloud computing
platform. Compute provides the software, control panels, and APIs
required to orchestrate a cloud, including running virtual machine
instances and controlling access through users and projects.

A vulnerability was discovered in the way OpenStack Compute (nova)
networking handled security group updates; changes were not applied to
already running VM instances. A remote attacker could use this flaw to
access running VM instances. (CVE-2015-7713)

Additional bug fixes include:

In some cases, Compute did not start instances when RHEL was
installed with a locale other than en_US. The update ensures that
logging an exception no longer causes Unicode issues. (BZ#1190837)

All openstack-nova users are advised to upgrade to these updated
packages, which correct these issues and add these enhancements.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchopenstack-nova< 2014.1.5-9.el7ostopenstack-nova-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-objectstore< 2014.1.5-9.el7ostopenstack-nova-objectstore-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchpython-nova< 2014.1.5-9.el7ostpython-nova-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-compute< 2014.1.5-9.el7ostopenstack-nova-compute-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-conductor< 2014.1.5-9.el7ostopenstack-nova-conductor-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-console< 2014.1.5-9.el7ostopenstack-nova-console-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-cert< 2014.1.5-9.el7ostopenstack-nova-cert-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-scheduler< 2014.1.5-9.el7ostopenstack-nova-scheduler-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-cells< 2014.1.5-9.el7ostopenstack-nova-cells-2014.1.5-9.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-api< 2014.1.5-9.el7ostopenstack-nova-api-2014.1.5-9.el7ost.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	openstack-nova	< 2014.1.5-9.el7ost	openstack-nova-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-objectstore	< 2014.1.5-9.el7ost	openstack-nova-objectstore-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	python-nova	< 2014.1.5-9.el7ost	python-nova-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-compute	< 2014.1.5-9.el7ost	openstack-nova-compute-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-conductor	< 2014.1.5-9.el7ost	openstack-nova-conductor-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-console	< 2014.1.5-9.el7ost	openstack-nova-console-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-cert	< 2014.1.5-9.el7ost	openstack-nova-cert-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-scheduler	< 2014.1.5-9.el7ost	openstack-nova-scheduler-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-cells	< 2014.1.5-9.el7ost	openstack-nova-cells-2014.1.5-9.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-api	< 2014.1.5-9.el7ost	openstack-nova-api-2014.1.5-9.el7ost.noarch.rpm