(RHSA-2024:2736) Moderate: openstack-tripleo-heat-templates and tripleo-ansible update

openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools (codename heat), which can be used to help deploy OpenStack.

Security Fix(es):

• tripleo-ansible: bind keys are world readable (CVE-2023-6725)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Banner text is not being displayed for overcloud hosts (BZ#2237000)

• RHOSP16.2 to 17.1 upgrade: During Leapp uprade steps the network interface names are not preserved (BZ#2249024)

• [FFU][DCN] ceph-ansible package is removed at the end of ceph adopt" stage during ceph upgrade (BZ#2249690)

• [FFU] The Host System upgrade of HCI nodes fails on setting noout flags (BZ#2254036)

• Config state files created during update run for tripleo ha services has unexpected file suffixes (BZ#2256780)

• [OSP17.1] After upgrade to OSP16.2.6 Octavia Mgmt network amphoras having random MTU change: smaller MTU (1500) compared to orginal value 8950 (jumbo frames) (BZ#2257274)

• multi-rhel-container-image-prepare.py for 16.2 to 17.1 upgrades returning wrong ceph image (BZ#2259286)

• Upgrade [OSP16.2 -> OSP17.1] VMS stoped due to use Libvirt on RHEL-8 computes instead of LibvirtLegacy (BZ#2263916)

• iptables on the undercloud not starting due to neutron rules (BZ#2272006)

• [RHOSP 17.1] “ipmi/main” plugin read error in collectd container (BZ#2274010)

Enhancement(s):

• DCN - FFU 16.2 to 17.1.1 computes only (BZ#1900663)