(RHSA-2018:0241) Moderate: openstack-nova security and bug fix update

OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects.

Security Fix(es):

• By rebuilding an instance using a new image, an authenticated user may be able to circumvent the Filter Scheduler, bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). (CVE-2017-16239)

Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges George Shuklin (Servers.com) as the original reporter.