ReleaseNotes/2015.1.2

= Release Notes, 2015.1.2 =

The 2015.1.2 release is a Kilo bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat), OpenStack Telemetry (Ceilometer), OpenStack Data Processing (Sahara), and OpenStack Bare metal service (Ironic).

OpenStack Database Service (Trove) did not have stable/kilo fixes at this time and will skip 2015.1.2 release.

The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.

Resolved Security Issues

 * OSSA 2015-015 Resize/delete combo allows to overload nova-compute (CVE-2015-3241)
 * OSSA 2015-017 Deleting instance while resize instance is running leads to unuseable compute nodes (CVE-2015-3280)

Bugs Fixed
In total, 169 bugs are fixed by this update.


 * List of OpenStack Compute (Nova) bugs fixed in the 2015.1.2 release
 * List of OpenStack Identity (Keystone) bugs fixed in the 2015.1.2 release
 * List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2015.1.2 release
 * List of OpenStack Networking (Neutron) bugs fixed in the 2015.1.2 release
 * List of OpenStack Block Storage (Cinder) bugs fixed in the 2015.1.2 release
 * List of OpenStack Dashboard (Horizon) bugs fixed in the 2015.1.2 release
 * List of OpenStack Orchestration (Heat) bugs fixed in the 2015.1.2 release
 * List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2015.1.2 release
 * List of OpenStack Data Processing (Sahara) bugs fixed in the 2015.1.2 release
 * List of OpenStack Bare metal service (Ironic) bugs fixed in the 2015.1.2 release

Neutron
The fix for https://bugs.launchpad.net/neutron/+bug/1493492 adds a command filter for chown to the vpnaas rootwrap filters. The chown command is used by the LibreSwan VPNaaS device driver to modify the ownership of generated ipsec.secrets files to conform with tighter permission restrictions. Please update your rootwrap filters if you are using LibreSwan driver.