Difference between revisions of "ReleaseNotes/2012.1.3"
m (added to Releases) |
|||
| (5 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | ||
= Release Notes, 2012.1.3 = | = Release Notes, 2012.1.3 = | ||
| Line 6: | Line 6: | ||
The bugfixes contained in this release were backported from the development branches into a [[StableBranch|stable branch]]. The release is intended to be a relatively risk free update with no intentional regressions or API changes. | The bugfixes contained in this release were backported from the development branches into a [[StableBranch|stable branch]]. The release is intended to be a relatively risk free update with no intentional regressions or API changes. | ||
| − | + | __TOC__ | |
== Bugs Fixed == | == Bugs Fixed == | ||
| Line 20: | Line 20: | ||
=== Keystone === | === Keystone === | ||
| − | * [https://lists.launchpad.net/openstack/msg16282.html 2012-013]/[https://bugs.launchpad.net/bugs/cve/2012-3542 2012-3542] - Lack of authorization for adding users to tenants (Critical) | + | * [https://lists.launchpad.net/openstack/msg16282.html OSSA 2012-013]/[https://bugs.launchpad.net/bugs/cve/2012-3542 CVE-2012-3542] - Lack of authorization for adding users to tenants (Critical) |
| − | * [https://lists.launchpad.net/openstack/msg16659.html 2012-014]/[https://bugs.launchpad.net/bugs/cve/2012-4413 2012-4413] - Revoking a role does not affect existing tokens (High) | + | * [https://lists.launchpad.net/openstack/msg16659.html OSSA 2012-014]/[https://bugs.launchpad.net/bugs/cve/2012-4413 CVE-2012-4413] - Revoking a role does not affect existing tokens (High) |
=== Horizon === | === Horizon === | ||
| − | * [https://lists.launchpad.net/openstack/msg16278.html 2012-012]/[https://bugs.launchpad.net/bugs/cve/2012-3540 2012-3540] - Open redirect through 'next' parameter (Medium) | + | * [https://lists.launchpad.net/openstack/msg16278.html OSSA 2012-012]/[https://bugs.launchpad.net/bugs/cve/2012-3540 CVE-2012-3540] - Open redirect through 'next' parameter (Medium) |
== Known Issues and Limitations == | == Known Issues and Limitations == | ||
| + | |||
| + | === Nova === | ||
| + | |||
| + | * [https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1062314 do_refresh_security_group_rules in nova.virt.firewall is very slow] | ||
| + | |||
| + | === Glance === | ||
| + | |||
| + | A further release of Glance may be announced to resolve this issue with migrating from Diablo to Essex: | ||
| + | |||
| + | * [https://bugs.launchpad.net/glance/essex/+bug/1012820 Diablo->Essex migration breaks Nova image_ref] | ||
| + | |||
| + | [[Category:Releases]] | ||
| + | [[Category:Essex]] | ||
Latest revision as of 00:21, 23 September 2014
Release Notes, 2012.1.3
The 2012.1.3 release is an Essex bugfix update for Nova, Keystone and Horizon. No further official Essex releases of these projects are planned.
The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a relatively risk free update with no intentional regressions or API changes.
Contents
Bugs Fixed
In total, 30 launchpad bugs are fixed by this update.
- List of Nova bugs fixed in the 2012.1.3 release
- List of Keystone bugs fixed in the 2012.1.3 release
- List of Horizon bugs fixed in the 2012.1.3 release
Resolved Security Issues
Keystone
- OSSA 2012-013/CVE-2012-3542 - Lack of authorization for adding users to tenants (Critical)
- OSSA 2012-014/CVE-2012-4413 - Revoking a role does not affect existing tokens (High)
Horizon
- OSSA 2012-012/CVE-2012-3540 - Open redirect through 'next' parameter (Medium)
Known Issues and Limitations
Nova
Glance
A further release of Glance may be announced to resolve this issue with migrating from Diablo to Essex:
