Difference between revisions of "ReleaseNotes/2013.1.5/ko KR"
(Created page with "Category:I18n") |
(→Bugs Fixed) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[Category:I18n]] | [[Category:I18n]] | ||
| + | |||
| + | = Release Notes, 2013.1.5 = | ||
| + | |||
| + | The 2013.1.5 release is a Grizzly bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking, OpenStack Block Storage (Cinder) and OpenStack Dashboard (Horizon). No further official Grizzly releases of these projects are planned. | ||
| + | |||
| + | The bugfixes contained in this release were backported from the development branches into a [[StableBranch|stable branch]]. The release is intended to be a low risk update with no intentional regressions or API changes. | ||
| + | |||
| + | __TOC__ | ||
| + | |||
| + | == 해결된 시큐리티 이슈 == | ||
| + | |||
| + | === OpenStack Compute (Nova) === | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2013-October/000159.html OSSA 2013-029] / [https://bugs.launchpad.net/nova/+bug/1206081 CVE-2013-4463 CVE-2013-4469] - Potential Nova denial of service through compressed disk images | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2013-November/000161.html OSSA 2013-030] / [https://bugs.launchpad.net/nova/+bug/1073306 CVE-2013-4497] - XenAPI security groups not kept through migrate or resize | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2013-December/000169.html OSSA 2013-033] / [https://launchpad.net/bugs/1235450 CVE-2013-6419] - Metadata queries from Neutron to Nova are not restricted by tenant | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html OSSA 2013-037] / [https://bugs.launchpad.net/nova/+bug/1253980 CVE-2013-6437] - Nova compute DoS through ephemeral disk backing files | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2014-January/000184.html OSSA 2014-001] / [https://bugs.launchpad.net/nova/+bug/1227027 CVE-2013-7048] - Nova live snapshots use an insecure local directory | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2014-January/000188.html OSSA 2014-003] / [https://bugs.launchpad.net/nova/+bug/1251590 CVE-2013-7130] - Live migration can leak root disk into ephemeral storage | ||
| + | |||
| + | === OpenStack Identity (Keystone) === | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2013-October/000158.html OSSA 2013-028]/[https://bugs.launchpad.net/keystone/+bug/1242855 CVE-2013-4477] - Unintentional role granting with Keystone LDAP backend | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2013-December/000168.html OSSA 2013-032]/[https://launchpad.net/bugs/1242597 CVE-2013-6391] - Keystone trust circumvention through EC2-style tokens | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2014-March/000204.html OSSA 2014-006]/[https://bugs.launchpad.net/keystone/+bug/1260080 CVE-2014-2237] - Trustee token revocation does not work with memcache backend | ||
| + | |||
| + | === OpenStack Networking === | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2013-December/000169.html OSSA 2013-033] / [https://launchpad.net/bugs/1235450 CVE-2013-6419] - Metadata queries from Neutron to Nova are not restricted by tenant | ||
| + | |||
| + | === OpenStack Dashboard (Horizon) === | ||
| + | * [http://lists.openstack.org/pipermail/openstack-announce/2013-December/000173.html OSSA 2013-036] / [https://launchpad.net/bugs/1247675 CVE-2013-6458] - Insufficient sanitization of Instance Name in Horizon | ||
| + | |||
| + | == Bugs Fixed == | ||
| + | |||
| + | 모두 44 개의 launchpade 버그가 이번 업데이트에서 픽스되었습니다. | ||
| + | |||
| + | * [https://launchpad.net/nova/grizzly/2013.1.5 이번 릴리즈에서 OpenStack Compute (Nova) 버그 픽스된 목록] | ||
| + | * [https://launchpad.net/keystone/grizzly/2013.1.5 이번 릴리즈에서 OpenStack Identity (Keystone) 버그 픽스된 목록] | ||
| + | * [https://launchpad.net/glance/grizzly/2013.1.5 이번 릴리즈에서 OpenStack Image Registry and Delivery Service (Glance) 버그 픽스된 목록] | ||
| + | * [https://launchpad.net/neutron/grizzly/2013.1.5 이번 릴리즈에서 OpenStack Networking 버그 픽스된 목록] | ||
| + | * [https://launchpad.net/cinder/grizzly/2013.1.5 이번 릴리즈에서 OpenStack Block Storage (Cinder) 버그 픽스된 목록] | ||
| + | * [https://launchpad.net/horizon/grizzly/2013.1.5 이번 릴리즈에서 OpenStack Dashboard (Horizon) 버그 픽스된 목록] | ||
| + | |||
| + | == 알려진 이슈 및 제한 사항 == | ||
| + | |||
| + | 서비스 간의 메타 데이터 요청을 보장하기 위하여 OpenStack Networking 및 Nova에서 [https://launchpad.net/bugs/1235450 CVE-2013-6419]에 필요한 패치에대한 픽스는 tenant에 의해 제한됩니다. 업그레이드하는 동안 메타 데이터 서비스에 인터럽트가 걸리는 것을 방지학 위해, OpenStack Networking을 업그레이드하고, Nova 업그레이드 전 quantum-metadata-agent를 재시작할 것을 권장합니다. | ||
Latest revision as of 18:56, 21 March 2014
Release Notes, 2013.1.5
The 2013.1.5 release is a Grizzly bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking, OpenStack Block Storage (Cinder) and OpenStack Dashboard (Horizon). No further official Grizzly releases of these projects are planned.
The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.
Contents
해결된 시큐리티 이슈
OpenStack Compute (Nova)
- OSSA 2013-029 / CVE-2013-4463 CVE-2013-4469 - Potential Nova denial of service through compressed disk images
- OSSA 2013-030 / CVE-2013-4497 - XenAPI security groups not kept through migrate or resize
- OSSA 2013-033 / CVE-2013-6419 - Metadata queries from Neutron to Nova are not restricted by tenant
- OSSA 2013-037 / CVE-2013-6437 - Nova compute DoS through ephemeral disk backing files
- OSSA 2014-001 / CVE-2013-7048 - Nova live snapshots use an insecure local directory
- OSSA 2014-003 / CVE-2013-7130 - Live migration can leak root disk into ephemeral storage
OpenStack Identity (Keystone)
- OSSA 2013-028/CVE-2013-4477 - Unintentional role granting with Keystone LDAP backend
- OSSA 2013-032/CVE-2013-6391 - Keystone trust circumvention through EC2-style tokens
- OSSA 2014-006/CVE-2014-2237 - Trustee token revocation does not work with memcache backend
OpenStack Networking
- OSSA 2013-033 / CVE-2013-6419 - Metadata queries from Neutron to Nova are not restricted by tenant
OpenStack Dashboard (Horizon)
- OSSA 2013-036 / CVE-2013-6458 - Insufficient sanitization of Instance Name in Horizon
Bugs Fixed
모두 44 개의 launchpade 버그가 이번 업데이트에서 픽스되었습니다.
- 이번 릴리즈에서 OpenStack Compute (Nova) 버그 픽스된 목록
- 이번 릴리즈에서 OpenStack Identity (Keystone) 버그 픽스된 목록
- 이번 릴리즈에서 OpenStack Image Registry and Delivery Service (Glance) 버그 픽스된 목록
- 이번 릴리즈에서 OpenStack Networking 버그 픽스된 목록
- 이번 릴리즈에서 OpenStack Block Storage (Cinder) 버그 픽스된 목록
- 이번 릴리즈에서 OpenStack Dashboard (Horizon) 버그 픽스된 목록
알려진 이슈 및 제한 사항
서비스 간의 메타 데이터 요청을 보장하기 위하여 OpenStack Networking 및 Nova에서 CVE-2013-6419에 필요한 패치에대한 픽스는 tenant에 의해 제한됩니다. 업그레이드하는 동안 메타 데이터 서비스에 인터럽트가 걸리는 것을 방지학 위해, OpenStack Networking을 업그레이드하고, Nova 업그레이드 전 quantum-metadata-agent를 재시작할 것을 권장합니다.
