- Issued:
- 2019-07-02
- Updated:
- 2019-07-02
RHSA-2019:1683 - Security Advisory
Synopsis
Moderate: openstack-tripleo-common security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 14.0 (Rocky).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
openstack-tripleo-common contains the python library for code common to the Red Hat OpenStack Platform director CLI and GUI (codename tripleo).
Security Fix(es):
- openstack-tripleo-common: Allows running new amphorae based on arbitrary images (CVE-2019-3895)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Upgrade prepare command hangs until timeout is reached (BZ#1667894)
- [OSP14] nova_metadata container is in unhealthy state on undercloud and overcloud nodes (BZ#1700760)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat OpenStack for IBM Power 14 ppc64le
- Red Hat OpenStack 14 x86_64
Fixes
- BZ - 1667894 - Upgrade prepare command hangs until timeout is reached
- BZ - 1694608 - CVE-2019-3895 openstack-tripleo-common: Allows running new amphorae based on arbitrary images
- BZ - 1700760 - [OSP14] nova_metadata container is in unhealthy state on undercloud and overcloud nodes
CVEs
Red Hat OpenStack for IBM Power 14
SRPM | |
---|---|
openstack-tripleo-common-9.5.0-5.el7ost.src.rpm | SHA-256: 00a7ca7fc2355d829fe99bd5dac2490f5fbf615b96a583e8c231a90416fb9c08 |
ppc64le | |
openstack-tripleo-common-9.5.0-5.el7ost.noarch.rpm | SHA-256: 30574ee8219675cda10d49e3752c9072c3a8811886d4ee8993af37cc402000bc |
openstack-tripleo-common-9.5.0-5.el7ost.noarch.rpm | SHA-256: 30574ee8219675cda10d49e3752c9072c3a8811886d4ee8993af37cc402000bc |
openstack-tripleo-common-container-base-9.5.0-5.el7ost.noarch.rpm | SHA-256: 976c022e5e09530c43f28193a080b665ed25df04aeb452eef762e983db145672 |
openstack-tripleo-common-container-base-9.5.0-5.el7ost.noarch.rpm | SHA-256: 976c022e5e09530c43f28193a080b665ed25df04aeb452eef762e983db145672 |
openstack-tripleo-common-containers-9.5.0-5.el7ost.noarch.rpm | SHA-256: 51458d3bebca316e1d45f7d1ca13d165a1a7ea5d50f0c4366417e2547de07ccc |
openstack-tripleo-common-containers-9.5.0-5.el7ost.noarch.rpm | SHA-256: 51458d3bebca316e1d45f7d1ca13d165a1a7ea5d50f0c4366417e2547de07ccc |
openstack-tripleo-common-devtools-9.5.0-5.el7ost.noarch.rpm | SHA-256: 15cbc027f7bad1ed73570d3aceb306e3a74e8b70e2cdb56244c12ae941725ad2 |
openstack-tripleo-common-devtools-9.5.0-5.el7ost.noarch.rpm | SHA-256: 15cbc027f7bad1ed73570d3aceb306e3a74e8b70e2cdb56244c12ae941725ad2 |
python2-tripleo-common-9.5.0-5.el7ost.noarch.rpm | SHA-256: bcb6a2244e9e895b1245bbed4dd8b23a4b5827cae11c9609bce891c7fdef0900 |
python2-tripleo-common-9.5.0-5.el7ost.noarch.rpm | SHA-256: bcb6a2244e9e895b1245bbed4dd8b23a4b5827cae11c9609bce891c7fdef0900 |
Red Hat OpenStack 14
SRPM | |
---|---|
openstack-tripleo-common-9.5.0-5.el7ost.src.rpm | SHA-256: 00a7ca7fc2355d829fe99bd5dac2490f5fbf615b96a583e8c231a90416fb9c08 |
x86_64 | |
openstack-tripleo-common-9.5.0-5.el7ost.noarch.rpm | SHA-256: 30574ee8219675cda10d49e3752c9072c3a8811886d4ee8993af37cc402000bc |
openstack-tripleo-common-container-base-9.5.0-5.el7ost.noarch.rpm | SHA-256: 976c022e5e09530c43f28193a080b665ed25df04aeb452eef762e983db145672 |
openstack-tripleo-common-containers-9.5.0-5.el7ost.noarch.rpm | SHA-256: 51458d3bebca316e1d45f7d1ca13d165a1a7ea5d50f0c4366417e2547de07ccc |
openstack-tripleo-common-devtools-9.5.0-5.el7ost.noarch.rpm | SHA-256: 15cbc027f7bad1ed73570d3aceb306e3a74e8b70e2cdb56244c12ae941725ad2 |
python2-tripleo-common-9.5.0-5.el7ost.noarch.rpm | SHA-256: bcb6a2244e9e895b1245bbed4dd8b23a4b5827cae11c9609bce891c7fdef0900 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.