RHBA-2016:0424 - Bug Fix Advisory

Overview
Updated Packages

Synopsis

Red Hat Enterprise Linux OSP 7 director Bug Fix Advisory

Type/Severity

Bug Fix Advisory

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated packages that resolve various issues are now available for Red Hat
Enterprise Linux OpenStack Platform director 7.0 for RHEL 7.

Description

Red Hat Enterprise Linux OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat Enterprise Linux OpenStack Platform.

This update addresses the following issues:

This update resolves an issue that prevented neutron-openvswitch-agent from starting correctly when the Tenant network was configured to be deployed to use IPv6. (BZ#1309520)
This update resolves an issue where all IPv6 network traffic to tenant instances would be allowed under certain circumstances. This was caused by the Neutron Open vSwitch agent incorrectly deactivating IPv6 security groups when IPv6 is disabled by default because it would assume that IPv6 would be disabled in all locations. (BZ#1309319)

Solution

Before applying this update, ensure all previously released errata relevant to your system have been applied.

Red Hat Enterprise Linux OpenStack Platform 7 runs on Red Hat Enterprise Linux 7.2.

The Red Hat Enterprise Linux OpenStack Platform 7 Release Notes contain the following:

An explanation of the way in which the provided components interact to form a working cloud computing environment.
Technology Previews, Recommended Practices, and Known Issues.
The channels required for Red Hat Enterprise Linux OpenStack Platform 7, including which channels need to be enabled and disabled.

The Release Notes are available at:
https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/version-7/red-hat-enterprise-linux-openstack-platform-7-release-notes/release-notes

This update is available through 'yum update' on systems registered through Red Hat Subscription Manager. For more information about Red Hat Subscription Manager, see:

https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html

Affected Products

Red Hat OpenStack 7 x86_64

Fixes

BZ - 1309319 - Default security group allows all IPv6 traffic to tenant instances
BZ - 1309483 - net.ipv6.conf.all.forwarding=0 in router namespace for ipv6 deployments
BZ - 1309520 - neutron-openvswitch-agent Will Not Start In VLAN Mode With IPv6 Tenant Network
BZ - 1309818 - RHEL Images for overcloud use EDT as timezone
BZ - 1309819 - iscsi initiatorname is identical for all overcloud nodes
BZ - 1309820 - when not using network isolation, after an update from GA to latest release the apis try to reach the old public_virtual_ip
BZ - 1309821 - Deploy an overcloud with SSL for the public API
BZ - 1309822 - Deployment of Ceph times out in IPv6
BZ - 1309823 - rhel-osp-director: Update overcloud 7.2->7.3 Timed out waiting for a reply to message ID 5c0c681a9efc40b0bde965ae625bf2aa
BZ - 1309824 - [openstack] Backport bulk inspection error output

CVEs

(none)

References

http://www.redhat.com/security/updates/classification/#normal

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 7

SRPM
openstack-tripleo-heat-templates-0.8.6-123.el7ost.src.rpm	SHA-256: d15ad2b6d50e968ccccccfc4a551da375207268bbdb4a13111f85645bd742e15
x86_64
openstack-tripleo-heat-templates-0.8.6-123.el7ost.noarch.rpm	SHA-256: 77773f3b5aab34e15ded304532fa77657d0173038a6f72eb51696827e41f72a9

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation