Issued:: 2018-07-05
Updated:: 2018-07-05

RHBA-2018:2130 - Bug Fix Advisory

Overview
Updated Packages

Synopsis

Red Hat Enterprise Linux OpenStack Platform 7 director Bug Fix Advisory

Type/Severity

Bug Fix Advisory

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated packages that resolve various issues are now available for Red Hat
Enterprise Linux OpenStack Platform 7.0 director for RHEL 7.

Description

Red Hat OpenStack Platform director provides the facilities for deploying
and monitoring a private or public infrastructure-as-a-service (IaaS) cloud
based on Red Hat OpenStack Platform.

Changes to the openstack-tripleo-heat-templates component:

Redis on the overcloud was not password protected, which could allow an attacker access to Redis data. This fix adds password protection to the Redis service on the overcloud. (BZ#1500239)
The OpenStack Compute (nova) VNC server used a hardcoded value (0.0.0.0), which allowed access on all active interface. This fix allows you to change the value through the director's Heat template collection. (BZ#1350422)

Solution

Before applying this update, ensure all previously released errata relevant
to your system have been applied.

Red Hat Enterprise Linux OpenStack Platform 7 runs on Red Hat Enterprise
Linux 7.4.

The Red Hat Enterprise Linux OpenStack Platform 7 Release Notes contain the
following:

An explanation of the way in which the provided components interact to

form a working cloud computing environment.

Technology Previews, Recommended Practices, and Known Issues.
The channels required for Red Hat Enterprise Linux OpenStack Platform 7,

including which channels need to be enabled and disabled.

The Release Notes are available at:
https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/7/paged/release-notes

This update is available through 'yum update' on systems registered through
Red Hat Subscription Manager. For more information about Red Hat
Subscription Manager, see:

https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html

Affected Products

Red Hat OpenStack 7 x86_64

Fixes

BZ - 1350422 - [OSP7] Backport of Bug #1416994 (nova vnc server listens on all active interfaces)

CVEs

(none)

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 7

SRPM
openstack-tripleo-common-0.0.1.dev6-8.git49b57eb.el7ost.src.rpm	SHA-256: a83e8566ecf4085110a00d5fa6ca3f5b677c4c60a3baf785c03b9766dbc79425
openstack-tripleo-heat-templates-0.8.6-139.el7ost.src.rpm	SHA-256: 333e9056e4a80f265374c645a1a6c717f443d18709bc94356ae1c1ed25315e3e
python-rdomanager-oscplugin-0.0.10-37.el7ost.src.rpm	SHA-256: 99dcd3f413e86c886c04f64bc34236856d5dcbc1c3e7f2aad7834311b8de7c48
x86_64
openstack-tripleo-common-0.0.1.dev6-8.git49b57eb.el7ost.noarch.rpm	SHA-256: 0c63fdcdbf8f6e848efa0f76697da83fafc3350ab5782bea94c821305674b1dd
openstack-tripleo-heat-templates-0.8.6-139.el7ost.noarch.rpm	SHA-256: bcd694e67524fe30379eb8b5e5c51e8b963a7e5578d769d5288838143386278c
python-rdomanager-oscplugin-0.0.10-37.el7ost.noarch.rpm	SHA-256: 76573bc45317e9e011508bc6df1facf566189e5f066882d099e187863bcd287d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation