ReleaseNotes/2014.2.4

= Release Notes, 2014.2.4 =

The 2014.2.4 release is a Juno bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat), OpenStack Telemetry (Ceilometer), OpenStack Data Processing (Sahara) and OpenStack Database Service (Trove).

The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.

Cinder

 * http://security.openstack.org/ossa/OSSA-2015-011.html Cinder host file disclosure through qcow2 backing file

Glance

 * http://security.openstack.org/ossa/OSSA-2015-019.html Glance image status manipulation
 * http://security.openstack.org/ossa/OSSA-2015-020.html Glance storage overrun

Horizon

 * http://security.openstack.org/ossa/OSSA-2015-009.html Persistent XSS in Horizon metadata dashboard
 * http://security.openstack.org/ossa/OSSA-2015-010.html XSS in Horizon Heat stack creation

Keystone

 * http://security.openstack.org/ossa/OSSA-2015-008.html Potential Keystone cache backend password leak in log

Neutron

 * http://security.openstack.org/ossa/OSSA-2015-012.html Neutron L2 agent DoS through incorrect allowed address pairs
 * http://security.openstack.org/ossa/OSSA-2015-018.html Neutron firewall rules bypass through port update

Nova

 * http://security.openstack.org/ossa/OSSA-2015-017.html Nova may fail to delete images in resize state
 * http://security.openstack.org/ossa/OSSA-2015-021.html Nova network security group changes are not applied to running instances

Bugs Fixed
In total, 180 bugs are fixed by this update.


 * List of OpenStack Compute (Nova) bugs fixed in the 2014.2.4 release
 * List of OpenStack Identity (Keystone) bugs fixed in the 2014.2.4 release
 * List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.2.4 release
 * List of OpenStack Networking (Neutron) bugs fixed in the 2014.2.4 release
 * List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.2.4 release
 * List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.2.4 release
 * List of OpenStack Orchestration (Heat) bugs fixed in the 2014.2.4 release
 * List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.2.4 release
 * List of OpenStack Data Processing (Sahara) bugs fixed in the 2014.2.4 release
 * List of OpenStack Database Service (Trove) bugs fixed in the 2014.2.4 release

Neutron

 * Zero prefixed address pairs are no longer accepted by the Juno API, users need to use 0.0.0.0/1 and 128.0.0.1/1 or ::/1 and 8000::/1 instead. The fix_zero_length_ip_prefix.py tool is provided to clean ports previously configured with a zero prefixed address pair