Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.3119 openstack-nova security update 10 September 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openstack-nova Publisher: Red Hat Operating System: Red Hat Linux variants Impact/Access: Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2020-17376 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:3702 https://access.redhat.com/errata/RHSA-2020:3704 https://access.redhat.com/errata/RHSA-2020:3706 https://access.redhat.com/errata/RHSA-2020:3711 https://access.redhat.com/errata/RHSA-2020:3708 Comment: This advisory references vulnerabilities in products which run on platforms other than Red Hat. It is recommended that administrators running openstack-nova check for an updated version of the software for their operating system. This bulletin contains five (5) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: openstack-nova security update Advisory ID: RHSA-2020:3702-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:3702 Issue date: 2020-09-10 CVE Names: CVE-2020-17376 ===================================================================== 1. Summary: An update for openstack-nova is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 16.1 - noarch 3. Description: OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Security Fix(es): * Soft reboot after live-migration reverts instance to original source domain XML (CVE-2020-17376) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1869426 - CVE-2020-17376 openstack-nova: Soft reboot after live-migration reverts instance to original source domain XML 6. Package List: Red Hat OpenStack Platform 16.1: Source: openstack-nova-20.3.1-0.20200626213436.38ee1f3.el8ost.src.rpm noarch: openstack-nova-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-api-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-common-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-compute-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-conductor-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-console-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-migration-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-novncproxy-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-scheduler-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-serialproxy-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm openstack-nova-spicehtml5proxy-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm python3-nova-20.3.1-0.20200626213436.38ee1f3.el8ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-17376 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX1mwxtzjgjWX9erEAQhbjA//cHRWD8Y82/BNo0+lyuHQWngmoMuZ35gQ YpxCSbT42nzrfzXZnhY+/ZedM0ANoLfmwaht4+xzozA54DBj0haiEHvIhsv7Hq1+ K4tNcUAO9x/7+wGAYflftKbADqRH/3djqVMf+LcZVtOKA9SHQqb7rPlweg4wpDbA KBUiJ9uCUzxloiY4PrumU/JnUgObbh8k196d+s6lUNGELoqd7qAAkCKRqsdf78C2 QG1sdCtFr65cZ6u4+2/lwdexWzu8PXTzEDoz+mnFXsZ+Dm+19LEIV/OHSvdjupom lJnFIRFWHRksnECF7uiVhYeI7o7zwQbB3h2h7Zkw9zEEuX7LW0hxaJSxcSXUKdiJ cx0/NYPK0/ytTr7LUFXOZecjL4PWc8aFBG0OiLcJ95VfOQytL10bxq+A4fwu5i/p ikB3QmycuIv6phAB/tBoFnPLmSGvKL1d0Isx58jiT5yEfBgdkL4/0K4yX0S5Me2D pMR4RlBZmO7YC9MEwa10ZNhnx894TRN3wnngj7uy8kmWpurK+jI5VueINBNb/sC9 9AdKzXLlaz4YzodWpk7i/4p30XBAXfWJHE9magbUW4uYSk+9nnCjZtOyvJqNJ737 /C5VjPGgPRd2AQLNeXQ9CU660OKp0qTUTWmoXaVJ3QOF5avxjRxu7g4C4Lkz2aET mUCq0rAELUw= =aknR - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: openstack-nova security update Advisory ID: RHSA-2020:3704-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:3704 Issue date: 2020-09-10 CVE Names: CVE-2020-17376 ===================================================================== 1. Summary: An update for openstack-nova is now available for Red Hat OpenStack Platform 16 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 16.0 - noarch 3. Description: OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Security Fix(es): * Soft reboot after live-migration reverts instance to original source domain XML (CVE-2020-17376) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1869426 - CVE-2020-17376 openstack-nova: Soft reboot after live-migration reverts instance to original source domain XML 6. Package List: Red Hat OpenStack Platform 16.0: Source: openstack-nova-20.1.2-0.20200401205215.28324e6.el8ost.src.rpm noarch: openstack-nova-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-api-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-common-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-compute-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-conductor-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-console-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-migration-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-novncproxy-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-scheduler-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-serialproxy-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm openstack-nova-spicehtml5proxy-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm python3-nova-20.1.2-0.20200401205215.28324e6.el8ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-17376 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX1m1OtzjgjWX9erEAQg3vw//dmnTYdpD+nDi/hWb3eQV12JsPb0opsHL LIAIixmWSSYCH6MtQcbeYdkeX3LDL2d1D7mDbFF0qRjdH05J45uJkXv8C4UmMjc/ GbOYKmlGZBjoaESEF7EQUTqjNAGa+5CUFmm2j5CKSzBLXsujpuCl5Rk0gke7QK1J BHNTMe7pksywd7R0bPcpnGoeeWGKVQ4VTSFtz8nmf0FgrIT71UCV01DuBhVEFRCx Ywuy5tDSvb4YTA8C+MNmxhRmfV+5WKCOaq7Lb6boceD5z5RS0n2EXjHDXjpYBd1l AOnCyECGI5hiXAhYaMboZ1NvoGlNE8ojhoU5SPwravnx0SN/5KR46IrImCeWiUk0 mNK3EsICb7jPvJ+P54BnInZuujNPUMoTox75XssM2EHKoEiVttPXB0lnUQOx4roG tpnHAjSS4qIrambg5qcNwFzLaHCJZv02GbAJImI79xFkRaq9oylkWaJkqEaKIBd2 WKszo1/4ucRpKpEiIyW/6vc4X9tDpq0XwNX2M0lUoD+KjwlEnRpsRWwEt0LIt13S o5y7OITcp60XXwyk33Vxe/6ljCGeHBlRZBK0n3O+BFHMgDV6LOCIr15IOxHCq+BY VIkKqWp0qCmFgN6xSbXzJlGev7zA999mHZiDQiUKriwW9/Pc1Iy5BXTCSYzs6YoO LlpIbZIM5EE= =RQmt - -----END PGP SIGNATURE----- - ----------------------------------------------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: openstack-nova security update Advisory ID: RHSA-2020:3706-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:3706 Issue date: 2020-09-10 CVE Names: CVE-2020-17376 ===================================================================== 1. Summary: An update for openstack-nova is now available for Red Hat OpenStack Platform 15 (Stein). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 15.0 - noarch 3. Description: OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Security Fix(es): * Soft reboot after live-migration reverts instance to original source domain XML (CVE-2020-17376) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1869426 - CVE-2020-17376 openstack-nova: Soft reboot after live-migration reverts instance to original source domain XML 6. Package List: Red Hat OpenStack Platform 15.0: Source: openstack-nova-19.1.0-0.20200207070459.bf9d9e5.el8ost.src.rpm noarch: openstack-nova-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-api-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-cells-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-common-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-compute-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-conductor-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-console-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-migration-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-novncproxy-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-placement-api-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-scheduler-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-serialproxy-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm openstack-nova-spicehtml5proxy-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm python3-nova-19.1.0-0.20200207070459.bf9d9e5.el8ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-17376 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX1nMMtzjgjWX9erEAQgBrxAAlkcQE4dY9SiGA86aJAKpF6Rx19L4yhM0 yqFkV3TZZ+n9CDzHe2QQXw49Uar2fUvz7DHQeylsrBd/MdiwPsQRN1M8HnY4bBer gPAkHkOgiOJT/O18tm8ObAhGxtiDeMHHQiGlBTnYy2jbl6vWld962mUNChw4iqMj SByL6DXFz4Q9zqSEv+hyUUEZS9WCWu4IYYMRlfFbZY0rhhHV4dzGuYrfYCoTPJM8 hV+UzJ5Yxeig9Gf5WwnhESHhke8XLDoDp9KDd1GSzBdsi+2V0avB7KQ1J5zWYxdW rvaa8OHDoB/ksPE6hGgwrYH5QK+WOuCgBJEBZ7XDaHKPQAjze8LBGiqFWBjhjT/p XRKZJr0jMhEFzhaHquRwgatwvMY92Uh+rVAnx5nn5Db+H7eVhfKNF95oBKimEdXZ 1G933h36DyAi4GzKta5Ym3hkVFp10y3FJ2Q3LRHLH/nurc1JuLmMHdJj74CvqGuK HCyfWiEPktn7Os+lfxCUBsf32ytIo1ZMnGl1NdInToPwvHfIzt8T90FLmoUS0rnY kdIKXOU6H/gFsCbaNMpwpdk1WHKrWi0lHa3VHhm9bpzmvMaatxrtY7zA5bGb0+hd vRSvnU8pr+mOsFwobPIPnnN66Mczug8r3vYuOPFPmRrpzM86aUbYUtPy86QpMAwW vxrlCSXcb7M= =Kevx - -----END PGP SIGNATURE----- - ------------------------------------------------------------------------------------------------------ - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: openstack-nova security update Advisory ID: RHSA-2020:3708-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:3708 Issue date: 2020-09-10 CVE Names: CVE-2020-17376 ===================================================================== 1. Summary: An update for openstack-nova is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 13.0 - noarch Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server - noarch 3. Description: OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Security Fix(es): * Soft reboot after live-migration reverts instance to original source domain XML (CVE-2020-17376) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1869426 - CVE-2020-17376 openstack-nova: Soft reboot after live-migration reverts instance to original source domain XML 6. Package List: Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server: Source: openstack-nova-17.0.13-24.el7ost.src.rpm noarch: openstack-nova-17.0.13-24.el7ost.noarch.rpm openstack-nova-api-17.0.13-24.el7ost.noarch.rpm openstack-nova-cells-17.0.13-24.el7ost.noarch.rpm openstack-nova-common-17.0.13-24.el7ost.noarch.rpm openstack-nova-compute-17.0.13-24.el7ost.noarch.rpm openstack-nova-conductor-17.0.13-24.el7ost.noarch.rpm openstack-nova-console-17.0.13-24.el7ost.noarch.rpm openstack-nova-migration-17.0.13-24.el7ost.noarch.rpm openstack-nova-network-17.0.13-24.el7ost.noarch.rpm openstack-nova-novncproxy-17.0.13-24.el7ost.noarch.rpm openstack-nova-placement-api-17.0.13-24.el7ost.noarch.rpm openstack-nova-scheduler-17.0.13-24.el7ost.noarch.rpm openstack-nova-serialproxy-17.0.13-24.el7ost.noarch.rpm openstack-nova-spicehtml5proxy-17.0.13-24.el7ost.noarch.rpm python-nova-17.0.13-24.el7ost.noarch.rpm python-nova-tests-17.0.13-24.el7ost.noarch.rpm Red Hat OpenStack Platform 13.0: Source: openstack-nova-17.0.13-24.el7ost.src.rpm noarch: openstack-nova-17.0.13-24.el7ost.noarch.rpm openstack-nova-api-17.0.13-24.el7ost.noarch.rpm openstack-nova-cells-17.0.13-24.el7ost.noarch.rpm openstack-nova-common-17.0.13-24.el7ost.noarch.rpm openstack-nova-compute-17.0.13-24.el7ost.noarch.rpm openstack-nova-conductor-17.0.13-24.el7ost.noarch.rpm openstack-nova-console-17.0.13-24.el7ost.noarch.rpm openstack-nova-migration-17.0.13-24.el7ost.noarch.rpm openstack-nova-network-17.0.13-24.el7ost.noarch.rpm openstack-nova-novncproxy-17.0.13-24.el7ost.noarch.rpm openstack-nova-placement-api-17.0.13-24.el7ost.noarch.rpm openstack-nova-scheduler-17.0.13-24.el7ost.noarch.rpm openstack-nova-serialproxy-17.0.13-24.el7ost.noarch.rpm openstack-nova-spicehtml5proxy-17.0.13-24.el7ost.noarch.rpm python-nova-17.0.13-24.el7ost.noarch.rpm python-nova-tests-17.0.13-24.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-17376 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX1nWCtzjgjWX9erEAQgYHQ/+KVJROuN2vosZ2AoOOJ+lDaKSfl04ivl4 APJ7wElgwenLhH7KacUpoDuVQiTicXjcYG9MOlMW8/8iYDBO59UKSGu4IvIol9sS qGWQ/jcU2yk/iidPlVMh5e1OgJWWN7hCQgaHTCL1OMS3mvRXwI3Kc9SwExlI+MVu gPkwpzYgdcFWn/IM5WyHFgmxItUC94l32LlwEtqWLnzR2Nwgkzs0s506Wsce5tOQ vCPP2gO9efTtVmajDV4lhimvfV2rOl6jvYKCRSZCe//oZ35RlJif4dHVXf4VbvPV CcSu8fYkh2fR4JcBn+2k4ZThcPeCC9qXeV/ANkopkOm+nlmhDiyjpUSMZZGeaMUL d0a267F36O255PxvWUzT3KSE54Bjiom2i3kInJb8V6XxHcxNjSE1oufFFNBm0vrd vwMMEbSRUoP0RFxiGoXtjXZPFRi3SlfNV20pGQnKlIGz5xUlsn2/k0uiZCJ5Yw4Q mE567OtWMFoSjBb4OstLqRERTiMY0DxEdJ7ozXTAV40CVrxdEycTwMMfA78KUe0F r8BQjZ73QONJtsQrQNgXbJntZpo6CFpPNF+j53txpjt6SsXBWvIJpeaEN3cBka4Y 9m21u0FEUC+dmMLGfwbOOUFUYiBJ6pk3/UGBSNV+T6W4gieGzWdi8vRtaJufJddp TqODW5aYbp4= =lIEQ - -----END PGP SIGNATURE----- - ---------------------------------------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: openstack-nova security update Advisory ID: RHSA-2020:3711-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:3711 Issue date: 2020-09-10 CVE Names: CVE-2020-17376 ===================================================================== 1. Summary: An update for openstack-nova is now available for Red Hat OpenStack Platform 10 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 10.0 - noarch 3. Description: OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Security Fix(es): * Soft reboot after live-migration reverts instance to original source domain XML (CVE-2020-17376) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1869426 - CVE-2020-17376 openstack-nova: Soft reboot after live-migration reverts instance to original source domain XML 6. Package List: Red Hat OpenStack Platform 10.0: Source: openstack-nova-14.1.0-65.el7ost.src.rpm noarch: openstack-nova-14.1.0-65.el7ost.noarch.rpm openstack-nova-api-14.1.0-65.el7ost.noarch.rpm openstack-nova-cells-14.1.0-65.el7ost.noarch.rpm openstack-nova-cert-14.1.0-65.el7ost.noarch.rpm openstack-nova-common-14.1.0-65.el7ost.noarch.rpm openstack-nova-compute-14.1.0-65.el7ost.noarch.rpm openstack-nova-conductor-14.1.0-65.el7ost.noarch.rpm openstack-nova-console-14.1.0-65.el7ost.noarch.rpm openstack-nova-migration-14.1.0-65.el7ost.noarch.rpm openstack-nova-network-14.1.0-65.el7ost.noarch.rpm openstack-nova-novncproxy-14.1.0-65.el7ost.noarch.rpm openstack-nova-placement-api-14.1.0-65.el7ost.noarch.rpm openstack-nova-scheduler-14.1.0-65.el7ost.noarch.rpm openstack-nova-serialproxy-14.1.0-65.el7ost.noarch.rpm openstack-nova-spicehtml5proxy-14.1.0-65.el7ost.noarch.rpm python-nova-14.1.0-65.el7ost.noarch.rpm python-nova-tests-14.1.0-65.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-17376 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX1nfptzjgjWX9erEAQggOQ/+NSiKBJagFxkbCmFCFMAFdkdPhDmaK7WO 8F5yhng9OSqcJIHmGyYDQg4KGz4c/wD9NNkF665iRdRA4M7LUA/7WMpqcFxrXuKp LucuoF66rtlqMcuxfquP5U+0BIc3RP0JJ0V5RVzvzf9tr3QuvIroaolpWoknkfqV f49xKU5T6y55yFC6HznqMvtGpSZygcY4TRuKLOz7+f1+ufSWtka8afoX86mZU3z8 ZYyeoSTYHz2/xH30cyT0flFB4wsgpZCQCClTDibNEZ5rQc20BJOwo2mseL+WCZOd ZEv9xGbBuP7eIdLXVE/xymTU8O4hjN8nyaSL5O6TKVeV6kRztaSJ+K3gBRDE/85F Xvq2RJ6B1U/JgoVupkew6lsYB2Q+cfTVnQS8/Ip8xvT2Xd6NLm9CXRvSi/DzpZHs csGDzuxHWqqBKLEssW9mmCI4cE0YI71w+nfqh+TWyChr7Mnk+/rxkiZeA/7dwYTZ et7pKbsCDHLD0kbiEKetnGKkrh7+RjkBZvQaaLL9YbOmqc95xiVyJt0snWx/1od6 M0ZFtaYKZnXReho9MpdeB+AuY52kpaAlwOzPwBV8gTgXFdWsS0svFVHUub0s9gSx Nz1B01Uz+Tap2QtOr2HA5vecd6EccShC1rCrmqn79lXI4HfCycxJ6/Bgw0+UDP6j yKx3hLkZQio= =Ab7k - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBX1nloONLKJtyKPYoAQiYphAApSLCUqq/ysraLjfhciotaQxqYVLx5T74 FJK5Hp2/Xs7PsE1wFThVjgghi0XbaxhYBAvashSzK2nDmFEfPgkL4aSSfNwjB4Dq 8H019YzkA1rK+kRopstBDsIf6piPFJwT+JPO3mq4e2we963nRPnTm/x2h+s7z8Vl mBlh5TTqlRW9B4IeOgVbRFYstZak2qShTQOMAecO8OFFp2kGxB8IctIg/c77dWcK Pk5pWzQagFPwbDsHllpy1qxttgTviWiyw/FYWiN/lJTe+qmLrayEtSEnLHz4VsxO W0CEThOB9hBbt6vZOoKitkXuPPVpxdLT4gmglJYydbSUaivtZG7M3569y5rPk1BD pEDRajIh8mYjqa+l+snY94YKOk6Zedst6lr0jbfl3b+6CEDmeewO820cKck7oWbh 3fv0ckF0TJryXPreSrA3j2PupCwbRIIuqqPCl+gKN1XNmnmsfza0wq45L0nWK456 DWsL8vQovYBgKphykXo9k0rhICrMjyFNSlxny/48JCgRN1kTBVy0tTUA1Aa1U9XG AY8L50n61/BHVkpIyhwjF1doIcYprnk5lTFFRrWFfXs5JL7OyGiO8pyhbOYJC2sx tnK2siPeH8RraGfqHGw6wWWjXnk8rWk5X+B0q5jyNUQw6qH056TYtMJ9loIV8Jo7 U68xwHB/m7w= =Sw+Y -----END PGP SIGNATURE-----