Red Hat Customer Portal

Skip to main content

Main Navigation

  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Tower
      • Red Hat Ansible Engine
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat Cloud Suite
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Quay
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Open Liberty
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Mobile
      • Back
      • Red Hat Mobile Application Platform
    • Support
    • Production Support
    • Development Support
    • Product Life Cycle & Update Policies
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
Red Hat Customer Portal
  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Tower
      • Red Hat Ansible Engine
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat Cloud Suite
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Quay
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Open Liberty
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Mobile
      • Back
      • Red Hat Mobile Application Platform
    • Support
    • Production Support
    • Development Support
    • Product Life Cycle & Update Policies
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Search
  • Log In
  • Language
Troubleshooting an issue? Try Solution Engine—our new support tool.

Log in to Your Red Hat Account

Log In

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

Register

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

  • Account Details
  • User Management
  • Account Maintenance
  • Account Team

Customer Portal

  • My Profile
  • Notifications
  • Help

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Log Out

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)
Red Hat Customer Portal
  • Products & Services
  • Tools
  • Security
  • Community
  • Infrastructure and Management

  • Cloud Computing

  • Storage

  • Runtimes

  • Integration and Automation

  • Mobile

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Tower
  • Red Hat Ansible Engine
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat Cloud Suite
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Quay
  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat Openshift Container Storage
  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Open Liberty
  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
  • Red Hat Mobile Application Platform
View All Products
  • Support
  • Production Support
  • Development Support
  • Product Life Cycle & Update Policies

Services

  • Consulting
  • Technical Account Management
  • Training & Certifications
  • Documentation
  • Red Hat Enterprise Linux
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Ecosystem
  • Red Hat in the Public Cloud
  • Partner Resources

Tools

  • Solution Engine
  • Packages
  • Errata
  • Customer Portal Labs
  • Configuration
  • Deployment
  • Security
  • Troubleshooting

Red Hat Insights

Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

  • Learn more
  • Go to Insights

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Security Updates

  • Security Advisories
  • Red Hat CVE Database
  • Security Labs

Keep your systems secure with Red Hat's specialized responses for high-priority security vulnerabilities.

  • View Responses

Resources

  • Overview
  • Security Blog
  • Security Measurement
  • Severity Ratings
  • Backporting Policies
  • Product Signing (GPG) Keys

Customer Portal Community

  • Discussions
  • Blogs
  • Private Groups
  • Community Activity

Customer Events

  • Red Hat Convergence
  • Red Hat Summit

Stories

  • Red Hat Subscription Value
  • You Asked. We Acted.
  • Open Source Communities
Red Hat Product Errata RHSA-2014:1942 - Security Advisory
Issued:
2014-12-02
Updated:
2014-12-02

RHSA-2014:1942 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: openstack-neutron security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

Updated openstack-neutron packages that fix one security issue and several
bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0
for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines. As of Red
Hat Enterprise Linux OpenStack Platform 4.0, 'neutron' replaces 'quantum'
as the core component of OpenStack Networking.

A denial of service flaw was found in the way neutron handled the
'dns_nameservers' parameter. By providing specially crafted
'dns_nameservers' values, an authenticated user could use this flaw to
crash the neutron service. (CVE-2014-7821)

Red Hat would like to thank the OpenStack project for reporting this issue.
Upstream acknowledges Henry Yamauchi, Charles Neill, and Michael Xin
(Rackspace) as the original reporters.

This update also fixes the following bugs:

  • Prior to this update, the network name and UUID were not sent to N1KV
    during the subnet creation process. Consequently, N1KV was unable to
    properly associate the network and subnet in its local configuration.
    This update addresses this issue by sending the required network name and
    UUID during subnet creation, with the result that they are now properly
    associated on the N1KV. (BZ#1118508)
  • Previously, a rollback did not result in all entries being cleared from
    the N1KV-specific database tables, resulting in the presence of stale
    entries. This update addresses the issue by performing a proper cleanup of
    all N1KV tables. Consequently, stale entries are no longer left in the N1KV
    tables. (BZ#1124991)
  • Previously, the N1KV OpenStack Networking (neutron) plug-in did not sent
    the subtype for overlay networks during the network segment pool creation
    process. This update addresses this issue by sending the required details
    during the creation process. (BZ#1130336)

All openstack-neutron users are advised to upgrade to these updated
packages, which contain backported patches to correct these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenStack 5.0 for RHEL 7 x86_64

Fixes

  • BZ - RHSA-2014:1942 - Clear entries in Cisco N1KV specific tables on rollback
  • BZ - RHSA-2014:1942 - Neutron refuses to delete instance associated with multiple floating addresses
  • BZ - RHSA-2014:1942 - Unable to delete 'active' namespaces via cleanup utility with "force" attribute
  • BZ - RHSA-2014:1942 - CVE-2014-7821 openstack-neutron: DoS via maliciously crafted dns_nameservers
  • BZ - RHSA-2014:1942 - dhcp assignments aren't updated on neutron-dhcp-agent restart

CVEs

  • CVE-2014-7821

References

  • http://www.redhat.com/security/updates/classification/#normal
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 5.0 for RHEL 7

SRPM
openstack-neutron-2014.1.3-11.el7ost.src.rpm SHA-256: c206e47dd16b79579b54d3c9f32cb3e622b19f6b5aed32f69719a57e59ef21b9
x86_64
openstack-neutron-2014.1.3-11.el7ost.noarch.rpm SHA-256: e14fffdae8382a23199d5542c095e9eda956ab2aa793e92ed3958bc3470d0b0d
openstack-neutron-bigswitch-2014.1.3-11.el7ost.noarch.rpm SHA-256: 46d1621a4e14637e4d18455c3ed692907cbd4d0dbe152d8e26f8de1adde097b0
openstack-neutron-brocade-2014.1.3-11.el7ost.noarch.rpm SHA-256: c47c438c8c8de08233c561e6db4283ba2359014f6545bc622b639581842ee9ec
openstack-neutron-cisco-2014.1.3-11.el7ost.noarch.rpm SHA-256: 9d6c22f2fee5b6f44264940003253fc3c8919cbc66c3792379e5cf42b41cce0c
openstack-neutron-embrane-2014.1.3-11.el7ost.noarch.rpm SHA-256: a1749beefedf01a6925056ef3e5f8c9bb0f10732ed579bdcc0f8b3926e133b8a
openstack-neutron-hyperv-2014.1.3-11.el7ost.noarch.rpm SHA-256: 4f35bdb4b724316022c654410d30dca14ee9f8e0d895505cf1b52e31728f7ca5
openstack-neutron-ibm-2014.1.3-11.el7ost.noarch.rpm SHA-256: d6efeffadd5e33f3e115ba5f1267d2745d8833cdf829bba73d2bc99071d58170
openstack-neutron-linuxbridge-2014.1.3-11.el7ost.noarch.rpm SHA-256: 60afd7ad0ee2d3c373d987fb21da19a968112d7f95310d2c7d52206e2f1d9569
openstack-neutron-mellanox-2014.1.3-11.el7ost.noarch.rpm SHA-256: 6373f573a24b6622dbaa44e6f2192d428679e263479323bb8b51482840e60d89
openstack-neutron-metaplugin-2014.1.3-11.el7ost.noarch.rpm SHA-256: 468db3fcb229bbd726fa6cdc4cfe28b5a747fedd796e14baf5981c537ea7a32d
openstack-neutron-metering-agent-2014.1.3-11.el7ost.noarch.rpm SHA-256: 2e646ffa7d988c9d8a3e35b139fa95bfccc908ace18ab017f24082eee24c9f2b
openstack-neutron-midonet-2014.1.3-11.el7ost.noarch.rpm SHA-256: 3ccbca545fd5c009effb40ed2c54967c0b59e6e62a9dc598c9b65f5026e570ad
openstack-neutron-ml2-2014.1.3-11.el7ost.noarch.rpm SHA-256: f9525bae628b5368d17f233d7caec5720bb4a0ae23158bba40d8522b01e8ac41
openstack-neutron-nec-2014.1.3-11.el7ost.noarch.rpm SHA-256: 514263b10558b9b1a1d35f7ac806785ec6c76d9f28e744db69256df023215a2a
openstack-neutron-nuage-2014.1.3-11.el7ost.noarch.rpm SHA-256: 5b8e4a63f60e78d465edd825b4e941f113cb6407ae618ab7e28221c11dd4e044
openstack-neutron-ofagent-2014.1.3-11.el7ost.noarch.rpm SHA-256: 75175faf81819d6832e64ed4fe322e771038d67f1a4c758f9433b8a1523cf2c5
openstack-neutron-oneconvergence-nvsd-2014.1.3-11.el7ost.noarch.rpm SHA-256: 139396523386dfb0cd9c5acf387b0df6fd9c5f858013c9b4a6ea5c4446bc8e2d
openstack-neutron-openvswitch-2014.1.3-11.el7ost.noarch.rpm SHA-256: e3b4bac844cadf9904453030367f8946932218de7e6e40ad94cbce06fcb89cbe
openstack-neutron-plumgrid-2014.1.3-11.el7ost.noarch.rpm SHA-256: 8588f89bcbe07db88e30cdfbd98d240e7e523615c126f91ceb28f2c68555255d
openstack-neutron-ryu-2014.1.3-11.el7ost.noarch.rpm SHA-256: 4432a51cfb1e87aca8e08ba59561c15555f46131f927c99c97b860ac38c97bb8
openstack-neutron-vmware-2014.1.3-11.el7ost.noarch.rpm SHA-256: ab0793de65a1b73c91aa2fb7d286a0fbe05a92a4f9f06b4ea58fae1c124cba11
openstack-neutron-vpn-agent-2014.1.3-11.el7ost.noarch.rpm SHA-256: 994daaf50e891762e6fe68803d331e157c463ce74c7439df94856f94086f4d3f
python-neutron-2014.1.3-11.el7ost.noarch.rpm SHA-256: 090c80d6b2fa330048fa9d51c85f30b5125fd64a420ad8dfe40df577c51cfc69

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • openshift.com
  • developers.redhat.com
  • connect.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2019 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter Facebook