[SECURITY] Fedora EPEL 6 Update: openstack-glance-2012.2-3.el6
updates at fedoraproject.org
updates at fedoraproject.org
Sat Nov 17 19:51:20 UTC 2012
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2012-13088
2012-10-06 21:09:40
--------------------------------------------------------------------------------
Name : openstack-glance
Product : Fedora EPEL 6
Version : 2012.2
Release : 3.el6
URL : http://glance.openstack.org
Summary : OpenStack Image Service
Description :
OpenStack Image Service (code-named Glance) provides discovery, registration,
and delivery services for virtual disk images. The Image Service API server
provides a standard REST interface for querying information about virtual disk
images stored in a variety of back-end stores, including OpenStack Object
Storage. Clients can register new virtual disk images with the Image Service,
query for information on publicly available disk images, and use the Image
Service's client library for streaming virtual disk images.
This package contains the API and registry servers.
--------------------------------------------------------------------------------
Update Information:
* OpenStack Keystone (Identity service) Folsom release 2012.2
* python-keystoneclient new upstream release 0.1.3
* OpenStack Glance (Image service) Folsom release 2012.2
* OpenStack Glance fix for auth bypass for image deletion (CVE-2012-4573)
* python-glanceclient new package
* python-prettytable new upstream release 0.6.1
* OpenStack Quantum (Virtual network service) Folsom release 2012.2
* python-quantumclient new upstream release 2.1.1
* python-novaclient new upstream release 2.9.0
* python-cinderclient new package
* python-django-openstack-auth new package
* openstack-nova (compute service) Folsom release 2012.2
* openstack-cinder (volumes service) new package
* python-django-horizon Folsom release 2012.2
* novnc new upstream release 0.4
* python-websockify new upstream release 0.2.0
* openstack-utils new release to support Folsom
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #872302 - CVE-2012-4573 CVE-2012-5482 OpenStack: Glance Authentication bypass for image deletion
https://bugzilla.redhat.com/show_bug.cgi?id=872302
[ 2 ] Bug #873524 - CVE-2012-5476 OpenStack: Quantum /etc/quantum/quantum.conf secret password and token exposure
https://bugzilla.redhat.com/show_bug.cgi?id=873524
[ 3 ] Bug #873120 - CVE-2012-5474 OpenStack: Dashboard /etc/openstack-dashboard/local_settings secret key exposure
https://bugzilla.redhat.com/show_bug.cgi?id=873120
[ 4 ] Bug #873447 - CVE-2012-5483 OpenStack: Keystone /etc/keystone/ec2rc secret key exposure
https://bugzilla.redhat.com/show_bug.cgi?id=873447
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update openstack-glance' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the epel-package-announce
mailing list