Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.2924
SUSE-SU-2019:2046-1 Security update for ardana packages
6 August 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: ardana
Publisher: SUSE
Operating System: SUSE
Impact/Access: Denial of Service -- Existing Account
Access Confidential Data -- Existing Account
Unauthorised Access -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2019-11068 CVE-2019-10876 CVE-2018-19039
Reference: ESB-2019.1257
Original Bulletin:
https://www.suse.com/support/update/announcement/2019/suse-su-20192046-1.html
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for ardana packages
______________________________________________________________________________
Announcement ID: SUSE-SU-2019:2046-1
Rating: moderate
References: #1115960 #1120657 #1121530 #1122053 #1122825 #1124170
#1128453 #1131712 #1131791 #1131899 #1132542 #1132654
#1132832 #1132852 #1132853 #1132860 #1134336
Cross-References: CVE-2018-19039 CVE-2019-10876 CVE-2019-11068
Affected Products:
SUSE OpenStack Cloud Crowbar 9
SUSE OpenStack Cloud 9
______________________________________________________________________________
An update that solves three vulnerabilities and has 14 fixes is now available.
Description:
This update for ardana package fixes the following issues:
o Update to version 9.0+git.1560211997.7ac9792: * Adds repository list
parameter (bsc#1122825)
o Update to version 9.0+git.1557219331.457b6e7: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1559292830.208d258: * Convert number of workers
to int (SOC-9418)
o Update to version 9.0+git.1557424689.2b085d5: * Update gerrit location
(SCRD-9140)
o Update to version 9.0+git.1556225774.492d42c: * SCRD-8748 Fix default
worker count determination logic (SCRD-8748)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557220194.6a90deb: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557219517.7b97993: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1559039284.6fc1d47: * Convert number of workers
to int (SOC-9384)
o Update to version 9.0+git.1558583814.a96bada: * Restrict rootwrap
directories for cinder (bsc#1132542)
o Update to version 9.0+git.1557421539.521a486: * SCRD-8748 Fix default
worker count determination logic (SCRD-8748)
o Update to version 9.0+git.1557219553.d850ca4: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557219586.7c96a6d: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557219626.b190680: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1560868957.42bcb70: * MariaDB conf changes IPv6
(SOC-9089)
o Update to version 9.0+git.1559351643.a440414: * Configure xinted mysqlchk
to accept ipv6 (SOC-9369)
o Update to version 9.0+git.1557219651.3d4d2d5: * Update gerrit location
(SCRD-9140)
o Update to version 9.0+git.1554995553.23d9513: * Configurable innodb flush
options (SCRD-7496)
o Switch to new Gerrit Server
o Update to version 9.0+git.1558588538.9211022: * Secure designate's rootwrap
files (bsc#1132542)
o Update to version 9.0+git.1558549508.9bfa9e7: * specify rootwrap config
file in designate sudoer (bsc#1132542)
o Update to version 9.0+git.1557219686.0e71bf9: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1559033522.5e5be1c: * Convert number of workers
to int (SOC-9381)
o Update to version 9.0+git.1557421456.f1e5016: * SCRD-8748 Fix default
worker count determination logic (SCRD-8748)
o Update to version 9.0+git.1557219717.fe1bde6: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1559036788.b727b53: * Convert number of workers
to int (SOC-9382)
o Update to version 9.0+git.1557421526.a8c13bf: * SCRD-8748 Fix default
worker count determination logic (SCRD-8748)
o Update to version 9.0+git.1557219773.fe2f6aa: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557219807.6036a8e: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557220534.883f8c9: * Update gerrit location
(SCRD-9140)
o Update to version 9.0+git.1557189507.c786525: * add external network to
Ironic multi-tenancy input model (SCRD-8930)
o Update to version 9.0+git.1557189482.8931e67: * add neutron_l3_agent plugin
(SCRD-8929)
o Switch to new Gerrit Server
o Update to version 9.0+git.1556199488.bdf1cdc: * SCRD-7471 Don't set
external-name in ardana-ci models (SCRD-7471)
o Update to version 9.0+git.1559171053.476225c: * Move keystone error url to
locale bundle (SOC-3456) * Add doc link to 503 error from Keystone
(SOC-3456)
o Update to version 9.0+git.1558732415.467c8ab: * Consolidate
setCloseButtonDisabled * Disable close button when playbook or action in
progress * Disable close button when playbook or action in progress *
Updated comments * Fixed an issue for replacing controller page * Prevent
operations when replacing a server in progress (SCRD-8756)
o Update to version 9.0+git.1558726203.bae5a7d: * Updated the message for
full deployment (SOC-8879) * Add SES integration into day0/2 (SoC-8555) (#
342)
o Update to version 9.0+git.1557281300.f3e29e9: * Use Lato font version 2.015
from latofonts.com (#349)
o Update to version 9.0+git.1556908018.7801990: * Update documentation useful
link (SCRD-8689) * Open useful links in a new tab (SCRD-8910) * Added
prepare deployment/deploy capability to model config (SCRD-8879)
o Update to version 9.0+git.1560365077.17250c6: * Sync up rootwrap filters
with upstream (SOC-9500)
o Update to version 9.0+git.1557219834.53dbb0b: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1559292289.b5ed172: * Convert number of processes
to int (SOC-9418)
o Update to version 9.0+git.1557421499.3e9fe25: * SCRD-8748 Fix default
worker count determination logic (SCRD-8748)
o Update to version 9.0+git.1557219888.c532b5e: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557219914.6d7ebb5: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557219960.226e32b: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Switch to new Gerrit Server
o Update to version 9.0+git.1556646861.58ce24f: * update audit API map for
Manila (SCRD-8747)
o Update to version 9.0+git.1557219995.cd49525: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1556731170.c8210e0: * Rip out vertica related
code (SCRD-9031)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557220073.7e88cfa: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1560214193.fc0378b: * bind epmd.socket to ipv4
and ipv6 (SOC-8364)
o Update to version 9.0+git.1557220112.00d7117: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1560464557.d2f6200: * Remove the creation of /etc
/neutron/rootwrap.conf (SOC-9472)
o Update to version 9.0+git.1560196282.28bbf67: * Change how lbaasv2 rootwrap
filters are installed (SOC-9457)
o Update to version 9.0+git.1560195873.c45568f: * Rootwrap changes for
supported L3-agent extensions (SOC-9459)
o Update to version 9.0+git.1559846163.ca22b06: * Improve neutron service
restart limit handling (SOC-8746)
o Update to version 9.0+git.1559031432.b99d89a: * Convert number of workers
to int (SOC-9379)
o Update to version 9.0+git.1558569689.36fbbd5: * Tighten neutron sudoers to
only execute rootwrap (bsc#1132542) (SOC-9031)
o Update to version 9.0+git.1557942331.3c74f81: * Kill dhclient before
restarting neutron-openvswitch-agent (SOC-9230)
o Update to version 9.0+git.1557421465.faf2c38: * SCRD-8748 Fix default
worker count determination logic (SCRD-8748)
o Update to version 9.0+git.1557322578.4542665: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1559869848.7a706df: * Adding support for
qemu-ovmf to ardana (SOC-8985)
o Update to version 9.0+git.1559823309.d3d23fe: * Convert number of workers
to int (SOC-9380)
o Update to version 9.0+git.1559234129.2fd63a9: * SCRD-9031 Change permitted
nova-rootwrap config file pattern (bsc#1132542)
o Update to version 9.0+git.1558549516.86e9f59: * specify rootwrap config
file in nova sudoer (bsc#1132542)
o Update to version 9.0+git.1554825274.040de21: * SCRD-8748 Fix default
worker count determination logic (SCRD-8748)
o Switch to new Gerrit Server
o Update to version 9.0+git.1560519270.e0a2620: * Tune bumpng anphora retries
(SOC-9285)
o Update to version 9.0+git.1558549438.4ce3e83: * Stop installing a sudoers
root escalator (SCRD-9031)
o Update to version 9.0+git.1555319067.9e6f74e: * Increase number of connect
retries (SCRD-7496)
o Switch to new Gerrit Server
o Switch to new Gerrit Server
o Update to version 9.0+git.1555530925.206f1a8: * Fix 'Add New Dashboard
Card' button on Ops Console dashboard (SCRD-7697)
o Switch to new Gerrit Server
o Update to version 9.0+git.1560269313.7ddaff2: * Configure sysctl
neigh.default.gc_thres for ipv6 (SOC-5771)
o Update to version 9.0+git.1559870350.2cde7ea: * Remove '/32' from iptables
tasks (SOC-9349)
o Update to version 9.0+git.1557219143.2fc9eb2: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1560974342.47a5b12: * Correctly handle HttpError
during authentication (SOC-3456)
o Switch to new Gerrit Server
o Update to version 9.0+git.1557220501.ebd3011: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Switch to new Gerrit Server
o Update to version 9.0+git.1557220247.e78d1c3: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 9.0+git.1559038506.cc119d9: * Convert number of workers
to int (SOC-9383)
o Update to version 9.0+git.1557421607.00a5fae: * Update gerrit location
(SCRD-9140) * SCRD-8748 Fix default worker count determination logic
(SCRD-8748)
o Switch to new Gerrit Server
o Update to version 9.0+git.1560949748.f0bd816: * Blacklist
test_delete_policies_while_tenant_attached_to_net (SOC-9235)
o Update to version 9.0+git.1560694157.69a4419: * Blacklist some revert tests
(SOC-9178)
o Update to version 9.0+git.1560529053.50e76bf: * Blacklist some revert tests
(SOC-9178)
o Update to version 9.0+git.1560517118.0aac5fd: * Add configuration for
manila-tempest-plugin (SOC-7496)
o Update to version 9.0+git.1560180804.42077a8: * Revert Remove common
failing tests from tempest runs (SOC-9366)
o Update to version 9.0+git.1559833566.10d972d: * Fix lbaas tempest filter
(SOC-7496)
o Update to version 9.0+git.1559139132.a92980b: * Move some nova tests to
serial (SOC-9366)
o Update to version 9.0+git.1558706119.27e844b: * Remove comoonly failing
tests from tempest runs (SOC-9366)
o Update to version 9.0+git.1557825747.1002f16: * run neutron-lbaas tempest
tests sequentially (SCRD-9176)
o Update to version 9.0+git.1557421599.43d2140: * Update gerrit location
(SCRD-9140)
o Update to version 9.0+git.1557335657.ab2f1b9: * Disable
TestVolumeBootPattern.test_volume_boot_pattern (SCRD-9015) * Make
--os-test-timeout configurable and increase default (SCRD-7496)
o Update to version 9.0+git.1556893395.1813ec1: * Increase and make timeout
values configurable (SCRD-7496) * Configure tempest heat_plugin (SCRD-7496)
o Switch to new Gerrit Server
o Update to version 9.0+git.1556788546.313ff00: * Enable additional features
for cinder testing (SCRD-7496) * Enable volume backed live migration tests
(SCRD-7496)
o Update to version 9.0+git.1556788508.468dae0: * Set admin project to cloud
admin project (SCRD-7496)
o Update to version 9.0+git.1556728115.62a8427: * Set cinder/glance admin on
tempest roles (SCRD-7496)
o Update to version 9.0+git.1556721233.8750e33: * Configure neutron tempest
plugin (SCRD-7496)
o Update to version 9.0+git.1556721213.3c2f140: * Update neutron api
extensions list (SCRD-7496)
o Update to version 9.0+git.1556530821.e592de1: * Update tempest test filters
(SCRD-7496)
o Update to version 9.0+git.1557220381.5641a2e: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Update to version 1.0+git.1560518045.ad7dc6d: * Patching node before
bootstraping
o Update to version 6.0+git.1561125496.b7508480: * IPv6: Export ip_version
and handle the DHCP domain
o Update to version 6.0+git.1558489909.b45da865: * ipv6: Update start-up.sh
to be IPv6 compatible
o Update to version 6.0+git.1558002425.cc651aae: * crowbar: Make potential
output of reset_crowbar visible
o Update to version 6.0+git.1562154525.5e2983308: * Crowbar: DomainName
verification relaxed
o Update to version 6.0+git.1561729566.22019624e: * upgrade: Mark correctly
the set of nodes that was selected for upgrade
o Update to version 6.0+git.1561555935.31c4165cc: * Use proper names for the
Travis Tests (SOC-9565) * Replace Danger with Gitlint (SOC-9565) * Switch
from Travis dist from Trusty to Xenial (SOC-9565)
o Update to version 6.0+git.1561381017.8aab650d0: * network: Don't set
datapath-ids on ovs-bridges anymore
o Update to version 6.0+git.1560962186.456663e42: * crowbar: Save sync_mark
attributes in databag * dns: fix designate migration
o Update to version 6.0+git.1560522168.7a376b958: * travis: pin
sexp_processor to 4.12.0 * Allow restricted API access during upgrade
o Update to version 6.0+git.1559635691.42aa36659: * deployer: Use dhcp on
crowbar_register only when enable_pxe is set (bsc#1132654) * network: Allow
locking down the network config for nodes (bsc#1120657)
o Update to version 6.0+git.1558533504.0a5369b05: * provisioner: enabled
tuned profiles
o Update to version 6.0+git.1558029089.90c1cb545: * crowbar: Add debug
logging to restore API * crowbar: Move crowbarrc mgmt into crowbar cookbook
(SCRD-8330)
o Update to version 6.0+git.1557765503.660dd52c5: * Ignore CVE-2019-11068
during Travis (SOC-9262)
o Update to version 6.0+git.1557210549.ec8c84852: * Fix order of values in
nodes piechart
o Update to version 6.0+git.1556186576.4d681c4ed: * Update Lato font to
version 2.015 (SCRD-8948)
o Update to version 6.0+git.1560951093.4af1ee5: * Add timeout multiplier *
Make default sync_mark timeout configurable
o update suse-branding.patch (SOC-9297)
o Update to version 6.0+git.1562153583.4735fcf34: * Sync Travis with
crowbar-core (SOC-9565)
o Update to version 6.0+git.1561546411.c9b99ebbb: * Make ovs
of_inactivity_probe configurable from neutron barclamp
o Update to version 6.0+git.1561124272.c447b965b: * Configurable timeout for
Galera pre-sync
o Update to version 6.0+git.1560962133.cf99aa9eb: * monasca: use string keys
for attrs in migrations
o Update to version 6.0+git.1560502325.7de215873: * nova: only create
nonexistent cell1 * nova: reinstate old db sync ordering
o Update to version 6.0+git.1560353653.b92e4f9c1: * designate: do not use
pacemaker as all the services are stateless * designate: allow worker on
cluster.
o Update to version 6.0+git.1559857307.9cb8796a6: * rabbitmq: Fix ACL of SSL
key after uid/gid change
o Update to version 6.0+git.1559841020.dfbbc5be5: * tempest: Disable Barbican
validation of signed image (SOC-8578)
o Update to version 6.0+git.1559637225.141253d99: * ironic: Add Redfish
drivers by default
o Update to version 6.0+git.1559542941.26fe90143: * ironic: Install deploy
image with ironic
o Update to version 6.0+git.1559214145.66de78575: * nova: Don't retry
creating existing flavors
o Update to version 6.0+git.1558698448.10d30a50d: * ironic: Use IP also in
[swift] section
o Update to version 6.0+git.1558609537.4ebc9b31d: * neutron: increase
interval between checks to 30s * neutron: remove .openrc creation from
neutron cookbooks * neutron: Don't restart l3-ha on .openrc change
o Update to version 6.0+git.1558326886.306598770: * nova: Show stdout/stderr
when "openstack flavor list" fails
o Update to version 6.0+git.1558084779.634ff6e8a: * neutron: Add 'insecure'
to old cli calls
o Update to version 6.0+git.1557932150.575791c62: * database: Make
wsrep_provider_options configurable (fate#327745) * horizon: Disable Ceph
dashboard if not monitored (SOC-7573)
o Update to version 6.0+git.1557840648.637a6f7e6: * monasca: Fix notification
types initialisation * monasca: Add openvswitch plugin (SCRD-7571) *
designate: do not install the keystone_authtoken on worker nodes * monasca:
Configure `delegate_authorized_roles`
o Update to version 6.0+git.1557734236.12a27293f: * database: Raise and align
promote/demote timeouts (bsc#1131791)
o Update to version 6.0+git.1557393769.797307d6f: * neutron: use crm_resource
restart for restarting neutron-l3-ha-service
o Update to version 6.0+git.1556267896.b86529796: * neutron: restart
neutron-ha-tool when the config file changes
o Update to version 6.0+git.1556220665.450d8de69: * tempest: Enable
BaremetalBasicOps test
o Update to version 9.20190621: * Update after branching change * Update
operations-maintenance-update_maintenance.xml * add scottwulf content *
address recommended changes * change PTF deploy instructions (bsc#1128453)
o switch to maintenance/cloud_9 git branch
o Update to version 9.20190620: * add designate barclamp (SCRD-8739)
o Update to version 9.20190613: * Language update to copy-on-write * model
tab for day2 UI (SOC-8879) - replaces PR992 * Updated model tab for day2 UI
(SOC-8879)
o Update to version 9.20190611: * Fixing merge conflicts * Fixing minor issue
* Fixing Tim's edits to the config file * Adding Carl's edits * updating
versions and intro * Adding comments from Walter Boring * Fixes * Fix
broken build and comments * Fix SES Integration chapter: SOC-9343
o Update to version 9.20190610: * Triggering a re-build * Fixing filename
error * Update install_caasp_heat_templates.xml * Update
installation-installation-ses_integration.xml * Updating based on Carl's
clarification * Fix bsc#1131899 * Further CaaSP restructuring and removing
outdated instructions * Include instructions for registering CaaSP for MU's
(SCRD-8793)
o Update to version 9.20190607: * add OVSvApp, Nova proxy VM sizing (no bsc,
no Jira) * optipng deployment images (no bsc, no Jira) * add nova-proxy
description to ESXi and OVSvApp section (no bsc, no Jira)
o Update to version 9.20190605: * move fernet token to supported Keystone
feature
o Update to version 9.20190528: * Remove docmanager section * Reformat the
file * Feedback from csymons * Crowbar POC initial version
o Update to version 9.20190522: * Remove completely outdated Bugzilla
association from Supplement Guide * Remove upstream admin/user guides
o Update to version 9.20190521: * add Network Security Group logging
(SCRD-9124)
o Update to version 9.20190520: * CLM - update MariaDB manually (bsc#1132852,
SOC-9022) * add instructions for updating MariaDB manually (bsc#1132852)
o Update to version 9.20190516: * Fix command to create external network *
Remove sudo from commands in "Setting Up Multiple External Networks"
o Update to version 9.20190515: * Update README.adoc
o Update to version 9.20190514: * Grammar fix * README: Add super dummy docs
how to build locally * Document bootstrap galera cluster with a missing
node (bsc#1132853) * Remove authors.xml * Refinements to CaaSP MU process *
Included changes requested by reviewers * Instruct CaaS users to install
Tiller component (SCRD-8793) * Update install_caasp_heat_templates.xml *
Document more necessary CaaSP settings (SCRD-8793)
o Update to version 9.20190509: * update boot from SAN and multipath
configuration (SCRD-8942) * remove outdated Swift instructions (SCRD-8941)
* replace SOC 8 with SOC 9 (no bsc) * make Fernet token default (bsc#
1134336)
o Update to version 9.20190508: * increase VMs supported to 12000 (no bsc, no
SCRD)
o Update to version 9.20190506: * change repo location cloud8 to cloud9
Rocket Chat * remove note re uefi, secure boot (bsc#1132832)
o Update to version 9.20190425: * address requested changes * change Monasca
documentation (SCRD-7786) * changes to RHEL Installation Guide requested by
T.R. (no bsc#, no SCRD) * adjust table structure and headings * restructure
console alarm table (SCRD-7710, bsc#1124170) * restructure esx alarm table
(SCRD-7710, bsc#1124170) * restructure identity alarm table (SCRD-7710, bsc
#1124170) * restructure system alarms table (SCRD-7710, bsc#1124170) *
restructure networking table (SCRD-7710, bsc#1124170) * restructure other
alarms table (SCRD-7710, bsc#1124170) * restructure telemetry table
(SCRD-7710, bsc#1124170) * restructure storage table (SCRD-7710, bsc#
1124170) * complete compute alarm table
o Update to version 9.20190424: * update Manila component installation
(SCRD-8940)
o Update to version 9.20190423: * Update Day0 screenshots (SCRD-8976) (#951)
o Update to version 9.20190422: * add cobbler deprecation notice (no bsc#, no
SCRD) * set up security rule before creating VM (SCRD-8947)
o Update to version 9.20190419: * fix neutron ovsvapp commands (SCRD-8911)
o Add 0001-Use-strings-when-setting-X-Cache-header.patch Fixes a problem with
Twisted versions where headers values must be strings, not bools.
o Update to version 0.0+git.1562242499.36b8b64 (bsc#1122053): * Add optional
systemd ready and watchdog support * Drop unneeded check for "conn" * Reset
last_query_response when the cache needs to be updated * Drop unneeded
"conn" var initialization * Move respone header generation to own function
* Use None as default result * Drop opts.being_updated variable * Use
contextmanager for DB connection * Refactor DB method to get WSREP local
state * Refactor method to get readonly DB status * pep8: Fix E712
comparison to False should be 'if cond is False:' * pep8: Fix E305 expected
2 blank lines after class or function def * pep8: Fix E124 closing bracket
does not match visual indentation * pep8: Fix E251 unexpected spaces around
keyword / parameter equals * pep8: Fix E262 inline comment should start
with '# ' * pep8: Fix E261 at least two spaces before inline comment *
pep8: Fix F841 local variable is assigned to but never used * pep8: Fix
E302 expected 2 blank lines, found 1 * pep8: Fix E265 block comment should
start with '# ' * pep8: Fix E231 missing whitespace after ',' * pep8: Fix
E999 SyntaxError: invalid syntax * pep8: Fix F821 undefined name * pep8:
Fix E225 missing whitespace around operator * pep8: Fix E221 multiple
spaces before operator * pep8: Fix F401 module imported but unused * Add
clustercheck to console_scripts * Add basic test infrastructure and a first
pep8 job * Fix exception handling for pymysql exception * Readd argparse
usage * Fix installation requirements * Add read timeout to prevent
connection hanging forever * Exclude benchmark/ directory when creating
sdist tarball * Use argparse instead of optparse * Add basic logging
infrastructure * Add a standard setup.py file * Catch all query exceptions
* Switch to PyMySQL
o Drop pymysql.patch and readtimeout.patch. Both merged upstream.
o Use systemd service type=notify which is now supported upstream
o Use systemd watchdog which is now supported upstream
o Update to version 5.3.3 (CVE-2018-19039, bsc#1115960) : * File Exfiltration
vulnerability Security fix
o Update to version ceilometer-11.0.2.dev13: * Update reno for stable/rocky
o Update to version ceilometer-11.0.2.dev12: * [stable-only] Fix sphinx
requirement
o Update to version ceilometer-11.0.2.dev10: * tempest: Allow to configure
tempest config
o Update to version ceilometer-11.0.2.dev8: * Remove \_ceilometer\_check\_for
\_storage check * OpenDev Migration Patch
o Update to version ceilometer-11.0.2.dev6: * Added snapshot delete event *
Fixes KeyError on volume create/delete
o Update to version ceilometer-11.0.2.dev13: * Update reno for stable/rocky
o Update to version ceilometer-11.0.2.dev12: * [stable-only] Fix sphinx
requirement
o Update to version ceilometer-11.0.2.dev10: * tempest: Allow to configure
tempest config
o Update to version ceilometer-11.0.2.dev8: * Remove \_ceilometer\_check\_for
\_storage check * OpenDev Migration Patch
o Update to version ceilometer-11.0.2.dev6: * Added snapshot delete event *
Fixes KeyError on volume create/delete
o Update to version cinder-13.0.6.dev12: * Create new image volume cache
entry when cloning fails
o Update to version cinder-13.0.6.dev10: * Fix python3 compatibility of rbd
get\_fsid
o Update to version cinder-13.0.6.dev9: * lvm: Only use initiators when
comparing connector dicts
o Update to version cinder-13.0.6.dev7: * Declare multiattach support for HPE
MSA
o Update to version cinder-13.0.6.dev6: * Fix "connector=None" issue in
Kaminario drivers
o Update to version cinder-13.0.6.dev5: * NetApp: Return all iSCSI
targets-portals
o Update to version cinder-13.0.6.dev4: * Make sure we install cinder
requirements during the correct tox phase 13.0.5
o Update to version cinder-13.0.5.dev27: * Remove LOCI publishing from the
post pipeline * 3PAR: Provide an option duing creation of volume from
snapshot * OpenDev Migration Patch * Tests: Fix up test\_volume notify
tests * Remove auth\_uri usage * Tests: Fix up migrate notify tests *
Handle multiattach attribute when managing volumes * Set right attach mode
after migration * Replace openstack.org git:// URLs with https:// * Check
Volume Status on attahcment create/update 13.0.4 * NetApp SolidFire: Fix
multi-attach volume deletion * Fix Support Matrix - Pure does support
Multiattach * Fix Snapshot object metadata loading * VNX: update sg in
cache * Restore VMAX unit test mock * VMAX Driver - Fix for invalid device
id length * Raise the ImageTooBig exception when found it * hpe 3par driver
initialization failure * Fix unexpected behavior in \_clone\_image\_volume
* VNX: Add constraints for async migration * Handle drivers that do not
support list manageable * Fix wrong uuid recognized when create group *
Exclude disabled API versions from listing * Tintri: Inherit tests from
BaseDriverTestCase * VMware: Fix revert-to-snapshot * Fix api-ref title
levels and index * Fix group availability zone-backend host mismatch * Fix
version return incorrect when endpoint url end without / * Fix for auth
version change in Brcd HTTP * VNX Driver: delete\_hba() instead of remove\
_hba() * Fix for HPE MSA 2050 login failures 13.0.3 * Avoid using
'truncate' on Windows * Fix permissions with NFS-backed snapshots and
backups * Delete related encryption provider when a volume type is deleting
o Update to version cinder-13.0.6.dev12: * Create new image volume cache
entry when cloning fails
o Update to version cinder-13.0.6.dev10: * Fix python3 compatibility of rbd
get\_fsid
o Update to version cinder-13.0.6.dev9: * lvm: Only use initiators when
comparing connector dicts
o Update to version cinder-13.0.6.dev7: * Declare multiattach support for HPE
MSA
o Update to version cinder-13.0.6.dev6: * Fix "connector=None" issue in
Kaminario drivers
o Update to version cinder-13.0.6.dev5: * NetApp: Return all iSCSI
targets-portals
o Update to version cinder-13.0.6.dev4: * Make sure we install cinder
requirements during the correct tox phase 13.0.5
o Update to version cinder-13.0.5.dev27: * Remove LOCI publishing from the
post pipeline * 3PAR: Provide an option duing creation of volume from
snapshot * OpenDev Migration Patch * Tests: Fix up test\_volume notify
tests * Remove auth\_uri usage * Tests: Fix up migrate notify tests *
Handle multiattach attribute when managing volumes * Set right attach mode
after migration * Replace openstack.org git:// URLs with https:// * Check
Volume Status on attahcment create/update 13.0.4 * NetApp SolidFire: Fix
multi-attach volume deletion * Fix Support Matrix - Pure does support
Multiattach * Fix Snapshot object metadata loading * VNX: update sg in
cache * Restore VMAX unit test mock * VMAX Driver - Fix for invalid device
id length * Raise the ImageTooBig exception when found it * hpe 3par driver
initialization failure * Fix unexpected behavior in \_clone\_image\_volume
* VNX: Add constraints for async migration * Handle drivers that do not
support list manageable * Fix wrong uuid recognized when create group *
Exclude disabled API versions from listing * Tintri: Inherit tests from
BaseDriverTestCase * VMware: Fix revert-to-snapshot * Fix api-ref title
levels and index * Fix group availability zone-backend host mismatch * Fix
version return incorrect when endpoint url end without / * Fix for auth
version change in Brcd HTTP * VNX Driver: delete\_hba() instead of remove\
_hba() * Fix for HPE MSA 2050 login failures 13.0.3 * Avoid using
'truncate' on Windows * Fix permissions with NFS-backed snapshots and
backups * Delete related encryption provider when a volume type is deleting
o add dependency on nfs-utils
o Update to version horizon-14.0.4.dev4: * Make project volume group table
work even with volumev3 only env
o Update to version horizon-14.0.4.dev3: * Complete angular translation
extract pattern 14.0.3 * OpenDev Migration Patch * Imported Translations
from Zanata
o Update to version designate-7.0.1.dev20: * Allow pdns4 backend to select
tsigkey
o Update to version designate-7.0.1.dev18: * Clean fix for bandit exclusions
change
o Update to version designate-7.0.1.dev17: * Fixing RabbitMQ gate timeouts *
Fix DBDeadLock error resulting into 500
o Update to version designate-7.0.1.dev13: * Use branched version of
neutron-tempest-plugin job * OpenDev Migration Patch
o Update to version designate-7.0.1.dev20: * Allow pdns4 backend to select
tsigkey
o Update to version designate-7.0.1.dev18: * Clean fix for bandit exclusions
change
o Update to version designate-7.0.1.dev17: * Fixing RabbitMQ gate timeouts *
Fix DBDeadLock error resulting into 500
o Update to version designate-7.0.1.dev13: * Use branched version of
neutron-tempest-plugin job * OpenDev Migration Patch
o Update to version openstack-heat-11.0.3.dev5: * Return None for attributes
of sd with no actions * Fix regression with SW deployments when region not
configured
o Update to version openstack-heat-11.0.3.dev2: * Blacklist bandit 1.6.0 and
cap Sphinx on Python2 * OpenDev Migration Patch 11.0.2
o Update to version openstack-heat-11.0.3.dev5: * Return None for attributes
of sd with no actions * Fix regression with SW deployments when region not
configured
o Update to version openstack-heat-11.0.3.dev2: * Blacklist bandit 1.6.0 and
cap Sphinx on Python2 * OpenDev Migration Patch 11.0.2
o Update to version designate-dashboard-7.0.1.dev7: * OpenDev Migration Patch
* Imported Translations from Zanata
o Update to latest spec from rpm-packaging * Don't exclude python bytecode
files in dashboards * do not compress files during installation * install
settings file for heat-dashboard
o Update to version magnum-ui-5.0.2.dev9: * Limit cluster update properties *
OpenDev Migration Patch
o Update to latest spec from rpm-packaging * Don't exclude python bytecode
files in dashboards
o Update to version ironic-11.1.4.dev2: * Ansible module: fix configdrive
partition creation step
o Update to version ironic-11.1.4.dev1: 11.1.3 * Place upper bound on
python-dracclient version
o Update to version ironic-11.1.3.dev26: * Update sphinx requirements
o Update to version ironic-11.1.3.dev25: * Do not try to return mock as JSON
in unit tests * Ansible module fix: stream\_url
o Update to version ironic-11.1.3.dev22: * Disable metadata\_csum when
creating ext4 filesystems
o Update to version ironic-11.1.3.dev21: * Fix pyghmi path * OpenDev
Migration Patch * Reuse checksum calculation from oslo
o Update to version ironic-11.1.3.dev17: * Ansible module: fix clean error
handling * Ansible module: fix partition\_configdrive.sh file
o Update to version ironic-11.1.4.dev2: * Ansible module: fix configdrive
partition creation step
o Update to version ironic-11.1.4.dev1: 11.1.3 * Place upper bound on
python-dracclient version
o Update to version ironic-11.1.3.dev26: * Update sphinx requirements
o Update to version ironic-11.1.3.dev25: * Do not try to return mock as JSON
in unit tests * Ansible module fix: stream\_url
o Update to version ironic-11.1.3.dev22: * Disable metadata\_csum when
creating ext4 filesystems
o Update to version ironic-11.1.3.dev21: * Fix pyghmi path * OpenDev
Migration Patch * Reuse checksum calculation from oslo
o Update to version ironic-11.1.3.dev17: * Ansible module: fix clean error
handling * Ansible module: fix partition\_configdrive.sh file
o Update to version ironic-python-agent-3.3.2.dev13: * Bind mount /run into
chroot when installing grub * Ironic python agent does not extract correct
available memory
o Update to version ironic-python-agent-3.3.2.dev9: * Fix download upper
constraints
o Update to version ironic-python-agent-3.3.2.dev7: * Add more channel number
for detecting BMC IP address
o Update to version ironic-python-agent-3.3.2.dev5: * Fixes for building
images with CoreOS
o Update to version ironic-python-agent-3.3.2.dev4: * Fetch upper constraints
from opendev.org * OpenDev Migration Patch
o Update to version keystone-14.1.1.dev7: * Blacklist bandit 1.6.0 * OpenDev
Migration Patch
o Update to version keystone-14.1.1.dev5: * Remove message about circular
role inferences
o Update to version keystone-14.1.1.dev3: * Delete shadow users when domain
is deleted
o Update to version keystone-14.1.1.dev7: * Blacklist bandit 1.6.0 * OpenDev
Migration Patch
o Update to version keystone-14.1.1.dev5: * Remove message about circular
role inferences
o Update to version keystone-14.1.1.dev3: * Delete shadow users when domain
is deleted
* fix self-service credential APIs (bsc#1121530)
o Update to version magnum-7.1.1.dev24: * Fix registry on k8s\_fedora\_atomic
o Update to version magnum-7.1.1.dev23: * Blacklist bandit 1.6.0 and cap
Sphinx on Python2
o Update to version magnum-7.1.1.dev22: * Partial backport: Disable broken
image building * OpenDev Migration Patch
o Update to version magnum-7.1.1.dev24: * Fix registry on k8s\_fedora\_atomic
o Update to version magnum-7.1.1.dev23: * Blacklist bandit 1.6.0 and cap
Sphinx on Python2
o Update to version magnum-7.1.1.dev22: * Partial backport: Disable broken
image building * OpenDev Migration Patch
o Update to version manila-7.3.1.dev2: * [CI] Add bindep.txt * OpenDev
Migration Patch 7.3.0
o Update to version manila-7.3.1.dev2: * [CI] Add bindep.txt * OpenDev
Migration Patch 7.3.0
o Updated the openstack-monasca-agent-sudoers file (bsc#1132542)
o update to version 1.14.1~dev8 - Fix team and repository tags in README.rst
o update to version 1.14.1~dev7 - OpenDev Migration Patch - Blacklist bandit
and update sphinx requirement - Fix loading of notification plugins - Bug
Fix: Parses notifier configuration options
o Update to version neutron-13.0.4.dev89: * Treat networks shared by RBAC in
same way as shared with all tenants * Turn CIDR in query filter into proper
subnet
o Update to version neutron-13.0.4.dev86: * Prevent create port forwarding to
port which has binding fip
o Update to version neutron-13.0.4.dev84: * Release notes for dns\_domain
behavioural changes
o Update to version neutron-13.0.4.dev83: * DVR: on new port only send router
update on port's host
o Update to version neutron-13.0.4.dev81: * Reset MAC on unbinding
direct-physical port
o Update to version neutron-13.0.4.dev79: * Optimize the code that fixes the
race condition of DHCP agent
o Update to version neutron-13.0.4.dev77: * Switch to new engine facade for
Route objects * Revert "Pass network's dns\_domain to dnsmasq conf"
o Update to version neutron-13.0.4.dev73: * SRIOV agent: wait VFs
initialization on embedded switch create
o Update to version neutron-13.0.4.dev72: * Make OVS controller inactivity\
_probe configurable * improve dvr port update under large scale deployment
* Packets getting lost during SNAT with too many connections * [DVR] Block
ARP to dvr router's port instead of subnet's gateway * Use list instead of
six.viewkeys to avoid py2 to py3 problems * Only store segmenthostmapping
when enable segment plugin * Wait to ipv6 accept\_ra be really changed by
L3 agent * Add port\_forwarding to devstack plugin * Allow first address in
an IPv6 subnet as valid unicast * Show all SG rules belong to SG in group's
details * [DHCP] Don't resync network if same port is alredy in cache *
Remove rootwrap configuration from neutron-keepalived-state-change * Use
six.viewkeys instead of dict.keys to avoid py2 to py3 problems
o Update to version neutron-13.0.4.dev50: * Ensure dvr ha router gateway port
binding host
o Update to version neutron-13.0.4.dev48: * Async notify neutron-server for
HA states * Fix handling of network:shared field in policy module * Fix
creating policy rules from subattributes * Keep HA ports info for HA router
during entire lifecycle * Don't count ports with inactive bindings as
serviceable dvr ports * Use dynamic lazy mode for fetching security group
rules
o Update to version neutron-13.0.4.dev38: * Revert iptables TCP checksum-fill
code
o Update to version neutron-13.0.4.dev36: * Get ports query: extract limit
and use it only at the end
o Update to version neutron-13.0.4.dev34: * Not process port forwarding if no
snat functionality * Move subnet postcommit out of transaction for bulk
create
o Update to version neutron-13.0.4.dev30: * Give some HA router case specific
resources
o Update to version neutron-13.0.4.dev28: * Check master/backup router status
in DVR functional tests
o Update to version neutron-13.0.4.dev26: * OpenDev Migration Patch * Set HA
failover bridges veth pair devices UP
o Update to version neutron-13.0.4.dev23: * neutron.conf needs lock\_path set
for router to operate This change is adding required configuration in
neutron.conf to set the lock\_path parameter, which was missing in
compute-install-ubuntu.rst
o Update to version neutron-13.0.4.dev21: * Do not call update\_device\_list
in large sets
o Update to version neutron-13.0.4.dev19: * Avoid loading same service plugin
more than once * Add dependency for service plugin * Prevent bind fip to
port has port forwarding * Make test service\_plugins override simple *
DVR: Correctly change MTU in fip namespace
o Update to version neutron-13.0.4.dev9: * Choose random value for HA routes'
vr\_id 13.0.3 * Set router\_id if floating IP has port\_forwardings *
Change default local ovs connection timeout
o Update to version neutron-13.0.4.dev89: * Treat networks shared by RBAC in
same way as shared with all tenants * Turn CIDR in query filter into proper
subnet
o Update to version neutron-13.0.4.dev86: * Prevent create port forwarding to
port which has binding fip
o Update to version neutron-13.0.4.dev84: * Release notes for dns\_domain
behavioural changes
o Update to version neutron-13.0.4.dev83: * DVR: on new port only send router
update on port's host
o Update to version neutron-13.0.4.dev81: * Reset MAC on unbinding
direct-physical port
o Update to version neutron-13.0.4.dev79: * Optimize the code that fixes the
race condition of DHCP agent
o Update to version neutron-13.0.4.dev77: * Switch to new engine facade for
Route objects * Revert "Pass network's dns\_domain to dnsmasq conf"
o Update to version neutron-13.0.4.dev73: * SRIOV agent: wait VFs
initialization on embedded switch create
o Update to version neutron-13.0.4.dev72: * Make OVS controller inactivity\
_probe configurable * improve dvr port update under large scale deployment
* Packets getting lost during SNAT with too many connections * [DVR] Block
ARP to dvr router's port instead of subnet's gateway * Use list instead of
six.viewkeys to avoid py2 to py3 problems * Only store segmenthostmapping
when enable segment plugin * Wait to ipv6 accept\_ra be really changed by
L3 agent * Add port\_forwarding to devstack plugin * Allow first address in
an IPv6 subnet as valid unicast * Show all SG rules belong to SG in group's
details * [DHCP] Don't resync network if same port is alredy in cache *
Remove rootwrap configuration from neutron-keepalived-state-change * Use
six.viewkeys instead of dict.keys to avoid py2 to py3 problems
o Update to version neutron-13.0.4.dev50: * Ensure dvr ha router gateway port
binding host
o Update to version neutron-13.0.4.dev48: * Async notify neutron-server for
HA states * Fix handling of network:shared field in policy module * Fix
creating policy rules from subattributes * Keep HA ports info for HA router
during entire lifecycle * Don't count ports with inactive bindings as
serviceable dvr ports * Use dynamic lazy mode for fetching security group
rules
o Don't restart neutron-ovs-cleanup on RPM update (bsc#1132860)
o Update to version neutron-13.0.4.dev38: * Revert iptables TCP checksum-fill
code
o Update to version neutron-13.0.4.dev36: * Get ports query: extract limit
and use it only at the end
o Update to version neutron-13.0.4.dev34: * Not process port forwarding if no
snat functionality * Move subnet postcommit out of transaction for bulk
create
o Update to version neutron-13.0.4.dev30: * Give some HA router case specific
resources
o Update to version neutron-13.0.4.dev28: * Check master/backup router status
in DVR functional tests
o Update to version neutron-13.0.4.dev26: * OpenDev Migration Patch * Set HA
failover bridges veth pair devices UP
o Update to version neutron-13.0.4.dev23: * neutron.conf needs lock\_path set
for router to operate This change is adding required configuration in
neutron.conf to set the lock\_path parameter, which was missing in
compute-install-ubuntu.rst
o Update to version neutron-13.0.4.dev21: * Do not call update\_device\_list
in large sets
o Update to version neutron-13.0.4.dev19: * Avoid loading same service plugin
more than once * Add dependency for service plugin * Prevent bind fip to
port has port forwarding * Make test service\_plugins override simple *
DVR: Correctly change MTU in fip namespace
o Update to version neutron-13.0.4.dev9: * Choose random value for HA routes'
vr\_id 13.0.3 * Set router\_id if floating IP has port\_forwardings *
Change default local ovs connection timeout
* Fix KeyError in OVS firewall (bsc#1131712, CVE-2019-10876)
o Update to version neutron-fwaas-13.0.2.dev14: * netfilter\_log: Correctly
decode binary type prefix * OpenDev Migration Patch
o Update to version neutron-fwaas-13.0.2.dev12: * Fix the verification method
before creating and updating the firewall rule
o Update to version neutron-fwaas-13.0.2.dev14: * netfilter\_log: Correctly
decode binary type prefix * OpenDev Migration Patch
o Update to version neutron-fwaas-13.0.2.dev12: * Fix the verification method
before creating and updating the firewall rule
o Update to version group-based-policy-5.0.1.dev443: * Fix the thread
concurrency issue while calling gbp purge * Workaround expunge failure for
SubnetRoute in session identity\_map
o Update to version group-based-policy-5.0.1.dev440: * [AIM] Fix handling of
missing PortSecurityBinding
o Update to version group-based-policy-5.0.1.dev439: * Pull the upper
constraint file also from the opendev.org site
o Update to version group-based-policy-5.0.1.dev438: * [AIM] Don't override
loading of SG rules when validating
o Update to version group-based-policy-5.0.1.dev437: * Enhance the log while
getting the keystone notification
o Update to version group-based-policy-5.0.1.dev436: * [AIM] Cleanup RPC
implementations * [AIM] Pass in limit=-1 to work around a Nova bug * [AIM]
Some enhancements
o Update to version group-based-policy-5.0.1.dev433: * Fix CI again * OpenDev
Migration Patch
o Update to version group-based-policy-5.0.1.dev431: * Re-enable unit tests
and fix CI jobs
o Update to version neutron-lbaas-13.0.1.dev12: * Fix memory leak in the
haproxy provider driver
o Update to version neutron-lbaas-13.0.1.dev11: * OpenDev Migration Patch *
Revert "Updated "create\_pool" method in plugin"
o Update to version neutron-lbaas-13.0.1.dev12: * Fix memory leak in the
haproxy provider driver
o Update to version neutron-lbaas-13.0.1.dev11: * OpenDev Migration Patch *
Revert "Updated "create\_pool" method in plugin"
o Update to version neutron-vpnaas-13.0.2.dev4: * Execute
neutron-vpn-netns-wrapper with rootwrap\_config argument * OpenDev
Migration Patch
o Update to version neutron-vpnaas-13.0.2.dev4: * Execute
neutron-vpn-netns-wrapper with rootwrap\_config argument * OpenDev
Migration Patch
o Update to version nova-18.2.2.dev9: * Init HostState.failed\_builds *
libvirt: Rework 'EBUSY' (SIGKILL) error handling code path
o Update to version nova-18.2.2.dev5: * Grab fresh power state info from the
driver
o Update to version nova-18.2.2.dev3: * libvirt: flatten rbd images when
unshelving an instance 18.2.1 * Share snapshot image membership with
instance owner
o Update to version nova-18.2.1.dev95: * [ironic] Don't remove instance info
twice in destroy * docs: Don't version links to reno docs * tox: Use
basepython of python3.5 * Allow driver to properly unplug VIFs on
destination on confirm resize * Move get\_pci\_mapping\_for\_migration to
MigrationContext * Fixes multi-registry config in Quobyte driver * Include
all network devices in nova diagnostics
o Update to version nova-18.2.1.dev81: * Fix live-migration when glance image
deleted
o Update to version nova-18.2.1.dev79: * Replace the invalid index of
nova-rocky releasenote * Workaround missing RequestSpec.instance\
_group.uuid * Add regression recreate test for bug 1830747 * [stable-only]
Improve the reno for consoleauth upgrade check * Restore connection\_info
after live migration rollback * libvirt: Do not reraise DiskNotFound
exceptions during resize * Stop logging traceback when skipping quiesce *
libvirt: Avoid using os-brick encryptors when device\_path isn't provided
o Update to version nova-18.2.1.dev63: * Block swap volume on volumes with >1
rw attachment
o Update to version nova-18.2.1.dev62: * Fix retry of instance\_update\_and\
_get\_original
o Update to version nova-18.2.1.dev60: * Fix assert methods in unit tests *
Skip \_exclude\_nested\_providers() if not nested
o Update to version nova-18.2.1.dev56: * Pass on region when we don't have a
valid ironic endpoint
o Update to version nova-18.2.1.dev54: * Add functional confirm\_migration\
_error test * [stable-only] Delete allocations even if \_confirm\_resize
raises (part 2)
o Update to version nova-18.2.1.dev50: * xenapi/agent: Change openssl error
handling
o Update to version nova-18.2.1.dev48: * Use migration\_status during volume
migrating and retyping
o Update to version nova-18.2.1.dev47: * libvirt: Always disconnect volumes
after libvirtError exceptions * libvirt: Stop ignoring unknown libvirtError
exceptions during volume attach
o Update to version nova-18.2.1.dev45: * AZ list performance optimization:
avoid double service list DB fetch
o Update to version nova-18.2.1.dev44: * Create request spec, build request
and mappings in one transaction * Fix {min|max}\_version in ironic Adapter
setup
o Update to version nova-18.2.1.dev41: * Fix regression in glance client call
o Update to version nova-18.2.1.dev40: * OpenDev Migration Patch * libvirt:
set device address tag only if setting disk unit
o Update to version nova-18.2.1.dev37: * Update instance.availability\_zone
on revertResize * Add functional recreate test for bug 1819963 * Fix
incomplete instance data returned after build failure
o Update to version nova-18.2.1.dev31: * Delete allocations even if \_confirm
\_resize raises * Error out migration when confirm\_resize fails * Don't
warn on network-vif-unplugged event during live migration * libvirt:
disconnect volume when encryption fails * Temporarily mutate migration
object in finish\_revert\_resize * Override the 'get' method in
DriverBlockDevice class
o Update to version nova-18.2.1.dev19: * Add missing libvirt exception during
device detach * Fix bug preventing forbidden traits from working * Adding
tests to demonstrate bug #1821824
o Update to version nova-18.2.2.dev9: * Init HostState.failed\_builds *
libvirt: Rework 'EBUSY' (SIGKILL) error handling code path
o Update to version nova-18.2.2.dev5: * Grab fresh power state info from the
driver
o Update to version nova-18.2.2.dev3: * libvirt: flatten rbd images when
unshelving an instance 18.2.1 * Share snapshot image membership with
instance owner
o Update to version nova-18.2.1.dev95: * [ironic] Don't remove instance info
twice in destroy * docs: Don't version links to reno docs * tox: Use
basepython of python3.5 * Allow driver to properly unplug VIFs on
destination on confirm resize * Move get\_pci\_mapping\_for\_migration to
MigrationContext * Fixes multi-registry config in Quobyte driver * Include
all network devices in nova diagnostics
o Update to version nova-18.2.1.dev81: * Fix live-migration when glance image
deleted
o Update to version nova-18.2.1.dev79: * Replace the invalid index of
nova-rocky releasenote * Workaround missing RequestSpec.instance\
_group.uuid * Add regression recreate test for bug 1830747 * [stable-only]
Improve the reno for consoleauth upgrade check * Restore connection\_info
after live migration rollback * libvirt: Do not reraise DiskNotFound
exceptions during resize * Stop logging traceback when skipping quiesce *
libvirt: Avoid using os-brick encryptors when device\_path isn't provided
o Update to version nova-18.2.1.dev63: * Block swap volume on volumes with >1
rw attachment
o Update to version nova-18.2.1.dev62: * Fix retry of instance\_update\_and\
_get\_original
o Update to version nova-18.2.1.dev60: * Fix assert methods in unit tests *
Skip \_exclude\_nested\_providers() if not nested
o Update to version nova-18.2.1.dev56: * Pass on region when we don't have a
valid ironic endpoint
o Update to version nova-18.2.1.dev54: * Add functional confirm\_migration\
_error test * [stable-only] Delete allocations even if \_confirm\_resize
raises (part 2)
o Update to version nova-18.2.1.dev50: * xenapi/agent: Change openssl error
handling
o Update to version nova-18.2.1.dev48: * Use migration\_status during volume
migrating and retyping
o Update to version nova-18.2.1.dev47: * libvirt: Always disconnect volumes
after libvirtError exceptions * libvirt: Stop ignoring unknown libvirtError
exceptions during volume attach
o Update to version nova-18.2.1.dev45: * AZ list performance optimization:
avoid double service list DB fetch
o Update to version nova-18.2.1.dev44: * Create request spec, build request
and mappings in one transaction * Fix {min|max}\_version in ironic Adapter
setup
o Update to version nova-18.2.1.dev41: * Fix regression in glance client call
o Update to version nova-18.2.1.dev40: * OpenDev Migration Patch * libvirt:
set device address tag only if setting disk unit
o Update to version nova-18.2.1.dev37: * Update instance.availability\_zone
on revertResize * Add functional recreate test for bug 1819963 * Fix
incomplete instance data returned after build failure
o Update to version nova-18.2.1.dev31: * Delete allocations even if \_confirm
\_resize raises * Error out migration when confirm\_resize fails * Don't
warn on network-vif-unplugged event during live migration * libvirt:
disconnect volume when encryption fails * Temporarily mutate migration
object in finish\_revert\_resize * Override the 'get' method in
DriverBlockDevice class
o Update to version nova-18.2.1.dev19: * Add missing libvirt exception during
device detach * Fix bug preventing forbidden traits from working * Adding
tests to demonstrate bug #1821824
o Update to version octavia-3.1.2.dev2: * Add bindep.txt for Octavia
o Update to version octavia-3.1.2.dev1: * Fix allocate\_and\_associate DB
deadlock 3.1.1
o Update to version octavia-3.1.1.dev8: * Treat null admin\_state\_up as
False * Performance improvement for non-udp health checks
o Update to version octavia-3.1.1.dev5: * Bandit test exclusions syntax
change
o Update to version octavia-3.1.1.dev4: * Fix IPv6 in Active/Standby topology
on CentOS
o Update to version octavia-3.1.1.dev3: * Fix listener API handling of None/
null updates * OpenDev Migration Patch
o Update to version octavia-3.1.1.dev1: * Fix a lifecycle bug with child
objects 3.1.0
o Update to version 9.0+git.1558039547.f0d0ddf: * Fix validate ip version
call (SOC-9301)
o Update to version 9.0+git.1557220468.f113719: * Update gerrit location
(SCRD-9140)
o Switch to new Gerrit Server
o Add patch to toggle signed image validation (SCRD-8578)
o update to version 4.0.2 - Update UPPER_CONSTRAINTS_FILE for stable/rocky -
Replace openstack.org git:// URLs with https:// - Update .gitreview for
stable/rocky - OpenDev Migration Patch - import zuul job settings from
project-config - Raise API max version for Rocky updates
o Switch to new Gerrit Server
o removed 0001-pass-endpoint-interface-to-http-client.patch
o update to version 2.5.2 - Replace openstack.org git:// URLs with https:// -
pass endpoint interface to http client - Use endpoint_override in version
negotiation
o Add back tarball
o added 0002-Skip-read-only-test-for-CIFS.patch
o added 0001-Fix-CIFS-access-for-non-multitenant-setup.patch
o update to version 1.24.2 - Fix get_base_url - [CI] Fix logs for the
functional test job - Return is_default as a value instead of a function
object - Update UPPER_CONSTRAINTS_FILE for stable/rocky - Replace
openstack.org git:// URLs with https:// - Don't quote {posargs} in tox.ini
- import zuul job settings from project-config
o update to version 2.5.7 - Fix FC case sensitive scanning
o update to version 4.40.2 - OpenDev Migration Patch - exc_filters: fix
deadlock detection for MariaDB/Galera cluster
o update to 2.8.4 (SOC-9280) * Adding fix for nic\_capacity calculation
o Update to version 9.0.1562324636.e7046a3: * Add the freezer service to
config file and log file collection * Change the dir from where the ardana
model/config files are collected
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE OpenStack Cloud Crowbar 9:
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2019-2046=1
o SUSE OpenStack Cloud 9:
zypper in -t patch SUSE-OpenStack-Cloud-9-2019-2046=1
Package List:
o SUSE OpenStack Cloud Crowbar 9 (noarch):
caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-3.3.5
crowbar-6.0+git.1561125496.b7508480-3.6.5
crowbar-devel-6.0+git.1561125496.b7508480-3.6.5
crowbar-ha-6.0+git.1560951093.4af1ee5-3.3.7
crowbar-openstack-6.0+git.1562153583.4735fcf34-3.3.7
documentation-suse-openstack-cloud-crowbar-deployment-9.20190621-3.3.7
documentation-suse-openstack-cloud-crowbar-operations-9.20190621-3.3.7
documentation-suse-openstack-cloud-supplement-9.20190621-3.3.7
galera-python-clustercheck-0.0+git.1562242499.36b8b64-6.3.5
grafana-monasca-ui-drilldown-1.14.1~dev7-3.3.9
openstack-ceilometer-11.0.2~dev13-3.3.9
openstack-ceilometer-agent-central-11.0.2~dev13-3.3.9
openstack-ceilometer-agent-compute-11.0.2~dev13-3.3.9
openstack-ceilometer-agent-ipmi-11.0.2~dev13-3.3.9
openstack-ceilometer-agent-notification-11.0.2~dev13-3.3.9
openstack-ceilometer-polling-11.0.2~dev13-3.3.9
openstack-cinder-13.0.6~dev12-3.3.8
openstack-cinder-api-13.0.6~dev12-3.3.8
openstack-cinder-backup-13.0.6~dev12-3.3.8
openstack-cinder-scheduler-13.0.6~dev12-3.3.8
openstack-cinder-volume-13.0.6~dev12-3.3.8
openstack-dashboard-14.0.4~dev4-3.3.8
openstack-designate-7.0.1~dev20-3.3.8
openstack-designate-agent-7.0.1~dev20-3.3.8
openstack-designate-api-7.0.1~dev20-3.3.8
openstack-designate-central-7.0.1~dev20-3.3.8
openstack-designate-producer-7.0.1~dev20-3.3.8
openstack-designate-sink-7.0.1~dev20-3.3.8
openstack-designate-worker-7.0.1~dev20-3.3.8
openstack-heat-11.0.3~dev5-3.3.8
openstack-heat-api-11.0.3~dev5-3.3.8
openstack-heat-api-cfn-11.0.3~dev5-3.3.8
openstack-heat-engine-11.0.3~dev5-3.3.8
openstack-heat-plugin-heat_docker-11.0.3~dev5-3.3.8
openstack-horizon-plugin-designate-ui-7.0.1~dev7-3.3.8
openstack-horizon-plugin-heat-ui-1.4.1~dev4-4.3.7
openstack-horizon-plugin-magnum-ui-5.0.2~dev9-3.3.8
openstack-horizon-plugin-monasca-ui-1.14.1~dev7-3.3.9
openstack-ironic-11.1.4~dev2-3.3.9
openstack-ironic-api-11.1.4~dev2-3.3.9
openstack-ironic-conductor-11.1.4~dev2-3.3.9
openstack-ironic-python-agent-3.3.2~dev13-3.3.6
openstack-keystone-14.1.1~dev7-3.3.9
openstack-magnum-7.1.1~dev24-3.3.8
openstack-magnum-api-7.1.1~dev24-3.3.8
openstack-magnum-conductor-7.1.1~dev24-3.3.8
openstack-manila-7.3.1~dev2-4.3.8
openstack-manila-api-7.3.1~dev2-4.3.8
openstack-manila-data-7.3.1~dev2-4.3.8
openstack-manila-scheduler-7.3.1~dev2-4.3.8
openstack-manila-share-7.3.1~dev2-4.3.8
openstack-monasca-agent-2.8.1~dev10-3.3.6
openstack-monasca-notification-1.14.1~dev8-6.3.6
openstack-neutron-13.0.4~dev89-3.3.7
openstack-neutron-dhcp-agent-13.0.4~dev89-3.3.7
openstack-neutron-fwaas-13.0.2~dev14-3.3.7
openstack-neutron-gbp-5.0.1~dev443-3.3.6
openstack-neutron-ha-tool-13.0.4~dev89-3.3.7
openstack-neutron-l3-agent-13.0.4~dev89-3.3.7
openstack-neutron-lbaas-13.0.1~dev12-3.3.7
openstack-neutron-lbaas-agent-13.0.1~dev12-3.3.7
openstack-neutron-linuxbridge-agent-13.0.4~dev89-3.3.7
openstack-neutron-macvtap-agent-13.0.4~dev89-3.3.7
openstack-neutron-metadata-agent-13.0.4~dev89-3.3.7
openstack-neutron-metering-agent-13.0.4~dev89-3.3.7
openstack-neutron-openvswitch-agent-13.0.4~dev89-3.3.7
openstack-neutron-server-13.0.4~dev89-3.3.7
openstack-neutron-vpnaas-13.0.2~dev4-3.3.7
openstack-neutron-vyatta-agent-13.0.2~dev4-3.3.7
openstack-nova-18.2.2~dev9-3.3.8
openstack-nova-api-18.2.2~dev9-3.3.8
openstack-nova-cells-18.2.2~dev9-3.3.8
openstack-nova-compute-18.2.2~dev9-3.3.8
openstack-nova-conductor-18.2.2~dev9-3.3.8
openstack-nova-console-18.2.2~dev9-3.3.8
openstack-nova-novncproxy-18.2.2~dev9-3.3.8
openstack-nova-placement-api-18.2.2~dev9-3.3.8
openstack-nova-scheduler-18.2.2~dev9-3.3.8
openstack-nova-serialproxy-18.2.2~dev9-3.3.8
openstack-nova-vncproxy-18.2.2~dev9-3.3.8
openstack-octavia-3.1.2~dev2-3.3.6
openstack-octavia-amphora-agent-3.1.2~dev2-3.3.6
openstack-octavia-api-3.1.2~dev2-3.3.6
openstack-octavia-health-manager-3.1.2~dev2-3.3.6
openstack-octavia-housekeeping-3.1.2~dev2-3.3.6
openstack-octavia-worker-3.1.2~dev2-3.3.6
python-barbican-tempest-plugin-0.1.0-4.3.1
python-ceilometer-11.0.2~dev13-3.3.9
python-cinder-13.0.6~dev12-3.3.8
python-cinderclient-4.0.2-3.3.7
python-cinderclient-doc-4.0.2-3.3.7
python-designate-7.0.1~dev20-3.3.8
python-heat-11.0.3~dev5-3.3.8
python-horizon-14.0.4~dev4-3.3.8
python-horizon-plugin-designate-ui-7.0.1~dev7-3.3.8
python-horizon-plugin-heat-ui-1.4.1~dev4-4.3.7
python-horizon-plugin-magnum-ui-5.0.2~dev9-3.3.8
python-horizon-plugin-monasca-ui-1.14.1~dev7-3.3.9
python-ironic-11.1.4~dev2-3.3.9
python-ironicclient-2.5.2-4.3.7
python-ironicclient-doc-2.5.2-4.3.7
python-keystone-14.1.1~dev7-3.3.9
python-magnum-7.1.1~dev24-3.3.8
python-manila-7.3.1~dev2-4.3.8
python-manila-tempest-plugin-0.1.0-3.3.5
python-manilaclient-1.24.2-3.3.7
python-manilaclient-doc-1.24.2-3.3.7
python-monasca-agent-2.8.1~dev10-3.3.6
python-monasca-notification-1.14.1~dev8-6.3.6
python-neutron-13.0.4~dev89-3.3.7
python-neutron-fwaas-13.0.2~dev14-3.3.7
python-neutron-gbp-5.0.1~dev443-3.3.6
python-neutron-lbaas-13.0.1~dev12-3.3.7
python-neutron-vpnaas-13.0.2~dev4-3.3.7
python-nova-18.2.2~dev9-3.3.8
python-octavia-3.1.2~dev2-3.3.6
python-openstack_auth-14.0.4~dev4-3.3.8
python-os-brick-2.5.7-3.3.7
python-os-brick-common-2.5.7-3.3.7
python-oslo.db-4.40.2-3.3.8
python-proliantutils-2.8.4-1.1
supportutils-plugin-suse-openstack-cloud-9.0.1562324636.e7046a3-1.1
o SUSE OpenStack Cloud Crowbar 9 (x86_64):
crowbar-core-6.0+git.1562154525.5e2983308-3.3.8
crowbar-core-branding-upstream-6.0+git.1562154525.5e2983308-3.3.8
grafana-5.3.3-3.3.1
grafana-debuginfo-5.3.3-3.3.1
o SUSE OpenStack Cloud 9 (noarch):
ardana-ansible-9.0+git.1560211997.7ac9792-3.3.5
ardana-barbican-9.0+git.1559292830.208d258-3.3.5
ardana-cassandra-9.0+git.1557220194.6a90deb-3.3.3
ardana-ceilometer-9.0+git.1557219517.7b97993-3.3.5
ardana-cinder-9.0+git.1559039284.6fc1d47-3.3.5
ardana-cluster-9.0+git.1557219586.7c96a6d-3.3.5
ardana-cobbler-9.0+git.1557219626.b190680-3.3.5
ardana-db-9.0+git.1560868957.42bcb70-3.3.5
ardana-designate-9.0+git.1558588538.9211022-3.3.5
ardana-glance-9.0+git.1559033522.5e5be1c-3.3.5
ardana-heat-9.0+git.1559036788.b727b53-3.3.5
ardana-horizon-9.0+git.1557219807.6036a8e-3.3.5
ardana-input-model-9.0+git.1557220534.883f8c9-3.3.5
ardana-installer-ui-9.0+git.1559171053.476225c-3.3.6
ardana-installer-ui-debugsource-9.0+git.1559171053.476225c-3.3.6
ardana-ironic-9.0+git.1560365077.17250c6-3.3.5
ardana-keystone-9.0+git.1559292289.b5ed172-3.3.5
ardana-logging-9.0+git.1557219914.6d7ebb5-3.3.5
ardana-magnum-9.0+git.1557219960.226e32b-3.3.5
ardana-manila-9.0+git.1556646861.58ce24f-3.3.5
ardana-memcached-9.0+git.1557219995.cd49525-3.3.5
ardana-monasca-9.0+git.1556731170.c8210e0-3.3.5
ardana-monasca-transform-9.0+git.1557220073.7e88cfa-3.3.5
ardana-mq-9.0+git.1560214193.fc0378b-3.3.5
ardana-neutron-9.0+git.1560464557.d2f6200-3.3.5
ardana-nova-9.0+git.1559869848.7a706df-3.3.5
ardana-octavia-9.0+git.1560519270.e0a2620-3.3.5
ardana-opsconsole-9.0+git.1553642196.ba23382-3.3.5
ardana-opsconsole-ui-9.0+git.1555530925.206f1a8-4.3.7
ardana-osconfig-9.0+git.1560269313.7ddaff2-3.3.5
ardana-service-9.0+git.1560974342.47a5b12-3.3.5
ardana-service-ansible-9.0+git.1557220501.ebd3011-3.3.5
ardana-ses-9.0+git.1554740095.48252d3-3.3.5
ardana-spark-9.0+git.1557220247.e78d1c3-3.3.5
ardana-swift-9.0+git.1559038506.cc119d9-3.3.5
ardana-tempest-9.0+git.1560949748.f0bd816-3.3.5
ardana-tls-9.0+git.1557220381.5641a2e-3.3.5
caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-3.3.5
documentation-suse-openstack-cloud-deployment-9.20190621-3.3.7
documentation-suse-openstack-cloud-operations-9.20190621-3.3.7
documentation-suse-openstack-cloud-security-9.20190621-3.3.7
documentation-suse-openstack-cloud-supplement-9.20190621-3.3.7
galera-python-clustercheck-0.0+git.1562242499.36b8b64-6.3.5
grafana-monasca-ui-drilldown-1.14.1~dev7-3.3.9
openstack-ceilometer-11.0.2~dev13-3.3.9
openstack-ceilometer-agent-central-11.0.2~dev13-3.3.9
openstack-ceilometer-agent-compute-11.0.2~dev13-3.3.9
openstack-ceilometer-agent-ipmi-11.0.2~dev13-3.3.9
openstack-ceilometer-agent-notification-11.0.2~dev13-3.3.9
openstack-ceilometer-polling-11.0.2~dev13-3.3.9
openstack-cinder-13.0.6~dev12-3.3.8
openstack-cinder-api-13.0.6~dev12-3.3.8
openstack-cinder-backup-13.0.6~dev12-3.3.8
openstack-cinder-scheduler-13.0.6~dev12-3.3.8
openstack-cinder-volume-13.0.6~dev12-3.3.8
openstack-dashboard-14.0.4~dev4-3.3.8
openstack-designate-7.0.1~dev20-3.3.8
openstack-designate-agent-7.0.1~dev20-3.3.8
openstack-designate-api-7.0.1~dev20-3.3.8
openstack-designate-central-7.0.1~dev20-3.3.8
openstack-designate-producer-7.0.1~dev20-3.3.8
openstack-designate-sink-7.0.1~dev20-3.3.8
openstack-designate-worker-7.0.1~dev20-3.3.8
openstack-heat-11.0.3~dev5-3.3.8
openstack-heat-api-11.0.3~dev5-3.3.8
openstack-heat-api-cfn-11.0.3~dev5-3.3.8
openstack-heat-engine-11.0.3~dev5-3.3.8
openstack-heat-plugin-heat_docker-11.0.3~dev5-3.3.8
openstack-horizon-plugin-designate-ui-7.0.1~dev7-3.3.8
openstack-horizon-plugin-heat-ui-1.4.1~dev4-4.3.7
openstack-horizon-plugin-magnum-ui-5.0.2~dev9-3.3.8
openstack-horizon-plugin-monasca-ui-1.14.1~dev7-3.3.9
openstack-ironic-11.1.4~dev2-3.3.9
openstack-ironic-api-11.1.4~dev2-3.3.9
openstack-ironic-conductor-11.1.4~dev2-3.3.9
openstack-ironic-python-agent-3.3.2~dev13-3.3.6
openstack-keystone-14.1.1~dev7-3.3.9
openstack-magnum-7.1.1~dev24-3.3.8
openstack-magnum-api-7.1.1~dev24-3.3.8
openstack-magnum-conductor-7.1.1~dev24-3.3.8
openstack-manila-7.3.1~dev2-4.3.8
openstack-manila-api-7.3.1~dev2-4.3.8
openstack-manila-data-7.3.1~dev2-4.3.8
openstack-manila-scheduler-7.3.1~dev2-4.3.8
openstack-manila-share-7.3.1~dev2-4.3.8
openstack-monasca-agent-2.8.1~dev10-3.3.6
openstack-monasca-notification-1.14.1~dev8-6.3.6
openstack-neutron-13.0.4~dev89-3.3.7
openstack-neutron-dhcp-agent-13.0.4~dev89-3.3.7
openstack-neutron-fwaas-13.0.2~dev14-3.3.7
openstack-neutron-gbp-5.0.1~dev443-3.3.6
openstack-neutron-ha-tool-13.0.4~dev89-3.3.7
openstack-neutron-l3-agent-13.0.4~dev89-3.3.7
openstack-neutron-lbaas-13.0.1~dev12-3.3.7
openstack-neutron-lbaas-agent-13.0.1~dev12-3.3.7
openstack-neutron-linuxbridge-agent-13.0.4~dev89-3.3.7
openstack-neutron-macvtap-agent-13.0.4~dev89-3.3.7
openstack-neutron-metadata-agent-13.0.4~dev89-3.3.7
openstack-neutron-metering-agent-13.0.4~dev89-3.3.7
openstack-neutron-openvswitch-agent-13.0.4~dev89-3.3.7
openstack-neutron-server-13.0.4~dev89-3.3.7
openstack-neutron-vpnaas-13.0.2~dev4-3.3.7
openstack-neutron-vyatta-agent-13.0.2~dev4-3.3.7
openstack-nova-18.2.2~dev9-3.3.8
openstack-nova-api-18.2.2~dev9-3.3.8
openstack-nova-cells-18.2.2~dev9-3.3.8
openstack-nova-compute-18.2.2~dev9-3.3.8
openstack-nova-conductor-18.2.2~dev9-3.3.8
openstack-nova-console-18.2.2~dev9-3.3.8
openstack-nova-novncproxy-18.2.2~dev9-3.3.8
openstack-nova-placement-api-18.2.2~dev9-3.3.8
openstack-nova-scheduler-18.2.2~dev9-3.3.8
openstack-nova-serialproxy-18.2.2~dev9-3.3.8
openstack-nova-vncproxy-18.2.2~dev9-3.3.8
openstack-octavia-3.1.2~dev2-3.3.6
openstack-octavia-amphora-agent-3.1.2~dev2-3.3.6
openstack-octavia-api-3.1.2~dev2-3.3.6
openstack-octavia-health-manager-3.1.2~dev2-3.3.6
openstack-octavia-housekeeping-3.1.2~dev2-3.3.6
openstack-octavia-worker-3.1.2~dev2-3.3.6
python-ardana-configurationprocessor-9.0+git.1558039547.f0d0ddf-3.4.1
python-barbican-tempest-plugin-0.1.0-4.3.1
python-ceilometer-11.0.2~dev13-3.3.9
python-cinder-13.0.6~dev12-3.3.8
python-cinderclient-4.0.2-3.3.7
python-cinderclient-doc-4.0.2-3.3.7
python-cinderlm-0.0.2+git.1541454501.6148725-3.3.5
python-designate-7.0.1~dev20-3.3.8
python-heat-11.0.3~dev5-3.3.8
python-horizon-14.0.4~dev4-3.3.8
python-horizon-plugin-designate-ui-7.0.1~dev7-3.3.8
python-horizon-plugin-heat-ui-1.4.1~dev4-4.3.7
python-horizon-plugin-magnum-ui-5.0.2~dev9-3.3.8
python-horizon-plugin-monasca-ui-1.14.1~dev7-3.3.9
python-ironic-11.1.4~dev2-3.3.9
python-ironicclient-2.5.2-4.3.7
python-ironicclient-doc-2.5.2-4.3.7
python-keystone-14.1.1~dev7-3.3.9
python-magnum-7.1.1~dev24-3.3.8
python-manila-7.3.1~dev2-4.3.8
python-manila-tempest-plugin-0.1.0-3.3.5
python-manilaclient-1.24.2-3.3.7
python-manilaclient-doc-1.24.2-3.3.7
python-monasca-agent-2.8.1~dev10-3.3.6
python-monasca-notification-1.14.1~dev8-6.3.6
python-neutron-13.0.4~dev89-3.3.7
python-neutron-fwaas-13.0.2~dev14-3.3.7
python-neutron-gbp-5.0.1~dev443-3.3.6
python-neutron-lbaas-13.0.1~dev12-3.3.7
python-neutron-vpnaas-13.0.2~dev4-3.3.7
python-nova-18.2.2~dev9-3.3.8
python-octavia-3.1.2~dev2-3.3.6
python-openstack_auth-14.0.4~dev4-3.3.8
python-os-brick-2.5.7-3.3.7
python-os-brick-common-2.5.7-3.3.7
python-oslo.db-4.40.2-3.3.8
python-proliantutils-2.8.4-1.1
supportutils-plugin-suse-openstack-cloud-9.0.1562324636.e7046a3-1.1
venv-openstack-barbican-x86_64-7.0.1~dev18-3.2.1
venv-openstack-cinder-x86_64-13.0.6~dev12-3.2.1
venv-openstack-designate-x86_64-7.0.1~dev20-3.3.1
venv-openstack-glance-x86_64-17.0.1~dev16-3.3.1
venv-openstack-heat-x86_64-11.0.3~dev5-3.3.1
venv-openstack-horizon-x86_64-14.0.4~dev4-4.3.2
venv-openstack-ironic-x86_64-11.1.4~dev2-4.3.2
venv-openstack-keystone-x86_64-14.1.1~dev7-3.3.1
venv-openstack-magnum-x86_64-7.1.1~dev24-4.3.2
venv-openstack-manila-x86_64-7.3.1~dev2-3.3.1
venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.3.1
venv-openstack-monasca-x86_64-2.7.1~dev10-3.3.1
venv-openstack-neutron-x86_64-13.0.4~dev89-6.3.1
venv-openstack-nova-x86_64-18.2.2~dev9-3.3.1
venv-openstack-octavia-x86_64-3.1.2~dev2-4.3.1
venv-openstack-sahara-x86_64-9.0.2~dev9-3.3.1
o SUSE OpenStack Cloud 9 (x86_64):
grafana-5.3.3-3.3.1
grafana-debuginfo-5.3.3-3.3.1
References:
o https://www.suse.com/security/cve/CVE-2018-19039.html
o https://www.suse.com/security/cve/CVE-2019-10876.html
o https://www.suse.com/security/cve/CVE-2019-11068.html
o https://bugzilla.suse.com/1115960
o https://bugzilla.suse.com/1120657
o https://bugzilla.suse.com/1121530
o https://bugzilla.suse.com/1122053
o https://bugzilla.suse.com/1122825
o https://bugzilla.suse.com/1124170
o https://bugzilla.suse.com/1128453
o https://bugzilla.suse.com/1131712
o https://bugzilla.suse.com/1131791
o https://bugzilla.suse.com/1131899
o https://bugzilla.suse.com/1132542
o https://bugzilla.suse.com/1132654
o https://bugzilla.suse.com/1132832
o https://bugzilla.suse.com/1132852
o https://bugzilla.suse.com/1132853
o https://bugzilla.suse.com/1132860
o https://bugzilla.suse.com/1134336
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXUjbGWaOgq3Tt24GAQh1Mw//XEZaQmIxkq+Tmn43a26DZo+dDEHuXJtW
2DeHBg3BG9fn7ik+qe7ozkFf76dlLeuYkbGfJ7iJ8Z+3BmKpbkXWeHMA/unmp8SR
cxTu/2T6XNQCD8q4YMve7abWTVTn1tGJuukhjfaiFKMPrDsrKKAyYBoqTh2tJN20
MFFL8eMjJWRFyTxpcBuQDNZTkgmzq2T2AjetlqDJBtvx2nqn5cRWr+z/ECnQIh16
Bj/j7L+yhcDOBx+iLY6wwssAvfdCEUGLAUVqtHXlnXS5brfQ3os4BXFtS9twxF3N
z3Am+I7hSrX0BFL2vvqtEiGZR2K9nYKyINN14JGUNFFtO3menfYonjy8MbPFsyLJ
W+ECXprlunJaVlE4ihH2yzKtR1anGviuPfhaBDUMdQORdG3AcBpTSaxLYhrMg4Cb
hYFClR4r8jgpH1dSbksb8Ho33+ekTzs5dSi285xw8miCDy3rcyeMaEnE4LqV2uXo
B4tUQF2C3OqVPV11u1IFCvqKNfRJtYVfOhf8hF/HLyZOHLUuo1YzuHv8yw9Axsuw
lvvqMSwnDexFL5Fuqs09IbPSxw8mEyKTpvdtwlKl9BPcAZ45YM07xZDoHrsYg9b0
A3ve907jdilGokgDSsSIijjYJUp5aaa2STD0sHwA0Hshv5scn1XjnEhQcCHx3V8i
ClQKi0qetFs=
=RyKq
-----END PGP SIGNATURE-----