Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2019:2631 - Security Advisory
Issued:
2019-09-03
Updated:
2019-09-03

RHSA-2019:2631 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: openstack-nova security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openstack-nova is now available for Red Hat OpenStack Platform 10.0 (Newton).

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects.

Security Fix(es):

  • openstack-nova: Nova server resource faults leak external exception details (CVE-2019-14433)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenStack 10 x86_64

Fixes

  • BZ - 1669225 - [BACKPORT Request] Nova returns a traceback when it's unable to detach a volume still in use
  • BZ - 1697517 - [OSP10.z] Creating snapshot fails when image metadata has version field
  • BZ - 1711390 - Scheduler is dumping all instances on a compute host
  • BZ - 1721754 - nova-compute continuously records "Instance not resizing, skipping migration." for evacuated instances
  • BZ - 1735522 - CVE-2019-14433 openstack-nova: Nova server resource faults leak external exception details

CVEs

  • CVE-2019-14433

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 10

SRPM
openstack-nova-14.1.0-56.el7ost.src.rpm SHA-256: d63ef19cdc0c29e9a739175d4a8baf299f8b1fdd6aef8460524229d6224d19ec
x86_64
openstack-nova-14.1.0-56.el7ost.noarch.rpm SHA-256: 95da4280ce80f005eb3a0056a7455d10a90db88526d21bec85bcafb9117e72fe
openstack-nova-api-14.1.0-56.el7ost.noarch.rpm SHA-256: 9db72af0e7dc99f501dee349b7de7ebdec04121507cbcfe0c373a95935e094a0
openstack-nova-cells-14.1.0-56.el7ost.noarch.rpm SHA-256: 42946d2e8c02bbd3376de9b081fb475967222efa9f068bd684d180bc128dd98e
openstack-nova-cert-14.1.0-56.el7ost.noarch.rpm SHA-256: 0b9ad710af87330251f2fa5a59abd431d26f697dcf894a951361e58d072666cc
openstack-nova-common-14.1.0-56.el7ost.noarch.rpm SHA-256: 5c58dc53d52815551745c33e26161b00fb37dcb467c40ba6a7393eb441f18b26
openstack-nova-compute-14.1.0-56.el7ost.noarch.rpm SHA-256: 5ece9faca69665064505b214e89c8100c70dff2ee276393ffe0d0418db5459ba
openstack-nova-conductor-14.1.0-56.el7ost.noarch.rpm SHA-256: 2ceb3997627665d83b0f672bdbe0c5906e04e7f042f67782ee305520d56b5d19
openstack-nova-console-14.1.0-56.el7ost.noarch.rpm SHA-256: a19bb667f25c8ac6773062b1c1905cb04a46aa387588211af6409e6836fbbe91
openstack-nova-migration-14.1.0-56.el7ost.noarch.rpm SHA-256: 3a0d051b23814586e4ea8187482b0ea1ef51df17124a01580fde0f2b4b6511ad
openstack-nova-network-14.1.0-56.el7ost.noarch.rpm SHA-256: f63ee869fe2747ce77577590d0f7b1639fa71266f0dce73264494c3aeafd9a4e
openstack-nova-novncproxy-14.1.0-56.el7ost.noarch.rpm SHA-256: d714d80e0ed9d289811b1e60dba2e8f0312c04d760720de061e7331c728ef474
openstack-nova-placement-api-14.1.0-56.el7ost.noarch.rpm SHA-256: 6a8ef322d47648c3368e9758476d704b7d8e925887c7c3c6db3c74f68729a6b2
openstack-nova-scheduler-14.1.0-56.el7ost.noarch.rpm SHA-256: 6a35db816ab06b7ed557f70dde23b17a9f511546fa9c2f8c14b918dc6020c1e4
openstack-nova-serialproxy-14.1.0-56.el7ost.noarch.rpm SHA-256: bce9aa6235c8d7b451537e7f4921ec869efa7ff8969e409ebea36bc97114a458
openstack-nova-spicehtml5proxy-14.1.0-56.el7ost.noarch.rpm SHA-256: d94863138fac96a567f5e14011b104c3a36ebbf1468b5226e40e09ce89bb5abd
python-nova-14.1.0-56.el7ost.noarch.rpm SHA-256: 122b13e04a717d93c2edde4d2e73d08f967c6e951e226ba87a8809c22ee502aa
python-nova-tests-14.1.0-56.el7ost.noarch.rpm SHA-256: 683f52138678fabc795584974a80c1b399fcea51278e945e419e9ae1c0dc44c3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility