Jump to: navigation, search

Difference between revisions of "ReleaseNotes/2013.2.3"

(DRAFT Release Notes, 2013.2.3 DRAFT - release planned Apr 03)
Line 1: Line 1:
= DRAFT Release Notes, 2013.2.3 DRAFT - release planned Apr 03 =
+
= Release Notes, 2013.2.3 =
 +
 
 
The 2013.2.3 release is a Havana bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat) and OpenStack Telemetry (Ceilometer).
 
The 2013.2.3 release is a Havana bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat) and OpenStack Telemetry (Ceilometer).
  
Line 10: Line 11:
 
=== OpenStack Identity (Keystone) ===
 
=== OpenStack Identity (Keystone) ===
 
* [http://lists.openstack.org/pipermail/openstack-announce/2014-March/000204.html OSSA 2014-006] / [https://launchpad.net/bugs/1260080 CVE-2014-2237] - Trustee token revocation does not work with memcache backend
 
* [http://lists.openstack.org/pipermail/openstack-announce/2014-March/000204.html OSSA 2014-006] / [https://launchpad.net/bugs/1260080 CVE-2014-2237] - Trustee token revocation does not work with memcache backend
 +
 +
=== OpenStack Compute (Nova) ===
 +
* [http://lists.openstack.org/pipermail/openstack-announce/2014-March/000213.html OSSA 2014-009] / [https://bugs.launchpad.net/nova/+bug/1221190 CVE 2014-0134] - Nova host data leak to vm instance in rescue mode
 +
 +
=== OpenStack Networking (Neutron) ===
 +
* [http://lists.openstack.org/pipermail/openstack-announce/2014-March/000212.html OSSA 2014-008] / [https://bugs.launchpad.net/neutron/+bug/1243327 CVE 2014-0056] - Routers can be cross plugged by other tenants
 +
  
 
== Bugs Fixed ==
 
== Bugs Fixed ==
  
In total, NN launchpad bugs are fixed by this update.
+
In total, 106 launchpad bugs are fixed by this update.
 
 
'''DRAFT remove milestone links before release DRAFT'''
 
* https://launchpad.net/nova/+milestone/2013.2.3
 
* https://launchpad.net/keystone/+milestone/2013.2.3
 
* https://launchpad.net/glance/+milestone/2013.2.3
 
* https://launchpad.net/neutron/+milestone/2013.2.3
 
* https://launchpad.net/cinder/+milestone/2013.2.3
 
* https://launchpad.net/horizon/+milestone/2013.2.3
 
'''DRAFT remove milestone links before release DRAFT'''
 
  
 
* [https://launchpad.net/nova/havana/2013.2.3 List of OpenStack Compute (Nova) bugs fixed in the 2013.2.3 release]
 
* [https://launchpad.net/nova/havana/2013.2.3 List of OpenStack Compute (Nova) bugs fixed in the 2013.2.3 release]
Line 34: Line 33:
  
 
== Known Issues and Limitations ==
 
== Known Issues and Limitations ==
 +
 +
=== Keystone ===
 +
 +
The use of the oauth2 Python library has been removed in Icehouse in favor of oauthlib.  oauth2 is largely unmaintained upstream and contains open and unresolved security issues.  However, it was determined that the required changes to Keystone and a change in the dependencies of stable/havana did not fit the critieria for a potential backport.  Instead, Havana users are encouraged to backport this change manually or rely on their vendors to do so.  For more context, see the [http://lists.openstack.org/pipermail/openstack-stable-maint/2014-March/002242.html mailling list thread] and [https://review.openstack.org/#/c/70750/ patch].

Revision as of 20:24, 3 April 2014

Release Notes, 2013.2.3

The 2013.2.3 release is a Havana bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat) and OpenStack Telemetry (Ceilometer).

The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.

Resolved Security Issues

OpenStack Identity (Keystone)

OpenStack Compute (Nova)

OpenStack Networking (Neutron)


Bugs Fixed

In total, 106 launchpad bugs are fixed by this update.

Known Issues and Limitations

Keystone

The use of the oauth2 Python library has been removed in Icehouse in favor of oauthlib. oauth2 is largely unmaintained upstream and contains open and unresolved security issues. However, it was determined that the required changes to Keystone and a change in the dependencies of stable/havana did not fit the critieria for a potential backport. Instead, Havana users are encouraged to backport this change manually or rely on their vendors to do so. For more context, see the mailling list thread and patch.