Revision as of 12:57, 21 February 2014

Release Notes, 2013.1.4

The 2013.1.4 release is a Grizzly bugfix update for OpenStack Compute (Nova), OpenStack Block Storage (Cinder), OpenStack Networking, OpenStack Identity (Keystone), OpenStack Dashboard (Horizon) and OpenStack Image Service (Glance).

The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a relatively risk free update with no intentional regressions or API changes.

Resolved Security Issues

OpenStack Compute (Nova)

• OSSA 2013-026/CVE 2013-4261 - Some sequence of characters in console-log can DoS nova-compute
• OSSA 2013-024/CVE 2013-4278 - Resource limit circumvention in Nova private flavors

OpenStack Image Registry and Delivery Service (Glance)

• [OSSA 2013-027 / CVE 2013-4428 'image_download' role in v2 causes traceback

OpenStack Identity (Keystone)

• OSSA 2013-025/CVE-2013-4294 PKI tokens are never revoked using memcache token backend

Bugs Fixed

In total, 68 launchpad bugs are fixed by this update.

• List of OpenStack Compute (Nova) bugs fixed in the 2013.1.4 release
• List of OpenStack Image Service (Glance) bugs fixed in the 2013.1.4 release
• List of OpenStack Block Storage (Cinder) bugs fixed in the 2013.1.4 release
• List of OpenStack Networking (Neutron) bugs fixed in the 2013.1.4 release
• List of OpenStack Identity (Keystone) bugs fixed in the 2013.1.4 release
• List of OpenStack Dashboard (Horizon) bugs fixed in the 2013.1.4 release

Known Issues and Limitations

Cinder

• https://bugs.launchpad.net/cinder/+bug/1245529