Issued:: 2024-05-22
Updated:: 2024-05-22

RHSA-2024:2770 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: Red Hat OpenStack Platform 17.1 (tripleo-ansible and openstack-tripleo-heat-templates) security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tripleo-ansible and openstack-tripleo-heat-templates is now
available for Red Hat OpenStack Platform 17.1 (Wallaby).

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

Description

Heat templates for TripleO

TripleO Ansible project repository. Contains playbooks for use with TripleO
OpenStack deployments. https://opendev.org

Security Fix(es):

bind keys are world readable (CVE-2023-6725)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

Solution

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenStack 17.1 for RHEL 8 x86_64

Fixes

BZ - 2249273 - CVE-2023-6725 tripleo-ansible: bind keys are world readable

CVEs

CVE-2023-6725

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 17.1 for RHEL 8

SRPM
openstack-tripleo-heat-templates-14.3.1-17.1.20231103003762.el8ost.src.rpm	SHA-256: 9c8ba338fbe7cb055f643c6b8e4a41eb71dc83c9af33558c128768b1fc2bcb1c
tripleo-ansible-3.3.1-17.1.20231101233754.el8ost.src.rpm	SHA-256: 55ed1baf030e532d89b9a31419252a3570c4859e52f93a411b3937dc02eb6d3a
x86_64
openstack-tripleo-heat-templates-14.3.1-17.1.20231103003762.el8ost.noarch.rpm	SHA-256: bc81f1bc6b83b046f275c546c2ba696021ae6203a0faac182f117b50846220c8
tripleo-ansible-3.3.1-17.1.20231101233754.el8ost.noarch.rpm	SHA-256: 5a41e3bba39f8b938b795a490af0cb183ff01a51d869e0769352a60a759d7650

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation