(RHSA-2016:1222) Important: rhosp-director-images security and bug fix update

2016-06-13T21:49:12
ID RHSA-2016:1222
Type redhat
Reporter RedHat
Modified 2018-03-19T16:27:18

Description

Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.

Security Fix(es):

  • An issue was discovered in the image build process for the overcloud images, as used by director, resulting in all previous images to have a default root password of "rootpw". Remote root access via SSH is disabled by default. (CVE-2016-4474)

Red Hat would like to thank David Patterson (Dell) for reporting this issue.