Issued:: 2024-08-07
Updated:: 2024-08-07

RHSA-2024:5083 - Security Advisory

Overview
Updated Packages

Synopsis

Important: Red Hat OpenStack Platform 17.1.3 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 17.1 (Wallaby) for Red Hat Enterprise Linux (RHEL) 9.2.

Red Hat Product Security has rated this update as having a security impact
of Important.

Description

Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenStack 17.1 for RHEL 9 x86_64

Fixes

BZ - 2297217 - CVE-2024-40767 openstack-nova: Regression VMDK/qcow arbitrary file access

CVEs

CVE-2024-40767

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 17.1 for RHEL 9

SRPM
openstack-nova-23.2.3-17.1.20231018130829.el9ost.src.rpm	SHA-256: f1055e8c143e3027423a63b4265a228d8bf58a8e149de5ed90e8895e0d10d905
x86_64
openstack-nova-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: 89315c5d7c6004f5363905fa276e74e49beac119393f1e16fb4f4b7d6eb808d0
openstack-nova-api-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: 77b3007fb9a3266784b84bdd544d2c031fe4dff48a4a4b31cd3172ad0e48e65f
openstack-nova-common-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: b782ec10c9d0ed7e468fc6d8cd1c6c4a735fb9af6319db802b8195d3e958f17b
openstack-nova-compute-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: f542075f8490bcc31b7938d22641cf888dbd619d811e0e61e0f6ac4156917ed2
openstack-nova-conductor-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: c97d3538a9f4bca345f8db77f8b2df8adc457257faea00b94c515962689ddaba
openstack-nova-migration-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: ee4c720fca8b8a4c401b6df3f68c8ef62e42425c29590ddcad64ebe1a52c36fb
openstack-nova-novncproxy-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: 2ababdea287d0a3d390f2f77791e2564b22db8b4726ff654139c8021091c30b6
openstack-nova-scheduler-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: 164e9bea575cb88ec993472886fe270178943a93a9673892a9d96f48409480aa
openstack-nova-serialproxy-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: efd4424ec3b8a43e6250ecdb679661f687f64f33d9209ab4b8fae1bb7fb18b88
openstack-nova-spicehtml5proxy-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: 2787fd059a19990031a37e273115762873145b621682f3cd797fdbc3a48726d9
python3-nova-23.2.3-17.1.20231018130829.el9ost.noarch.rpm	SHA-256: 0eb4aee4564d7cfe18b28958d4b6168c88912deac8ccccfaffb303812ee3b0c4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Ansible.com

Red Hat Ecosystem Catalog

Red Hat Hybrid Cloud Console

Red Hat Store

Red Hat Marketplace

Red Hat Summit and AnsibleFest