Difference between revisions of "ReleaseNotes/2014.1.1"
(→Bugs Fixed) |
(→Release Notes, 2014.1.1) |
||
Line 11: | Line 11: | ||
== Resolved Security Issues == | == Resolved Security Issues == | ||
+ | |||
+ | === OpenStack Networking (Neutron) === | ||
+ | * [http://lists.openstack.org/pipermail/openstack-announce/2014-April/000227.html OSSA 2014-014] / [https://launchpad.net/bugs/1300785 CVE-2014-0187] - Neutron security groups bypass through invalid CIDR | ||
+ | |||
+ | === OpenStack Identity (Keystone) === | ||
+ | * [http://lists.openstack.org/pipermail/openstack-announce/2014-May/000231.html OSSA 2014-015] / [https://launchpad.net/bugs/1309228 CVE-2014-0204] - Keystone user and group id mismatch | ||
+ | |||
+ | === OpenStack Orchestration (Heat) === | ||
+ | * [http://lists.openstack.org/pipermail/openstack-announce/2014-May/000232.html OSSA 2014-016] / [https://launchpad.net/bugs/1311223 CVE-2014-3801] - Heat template URL information leakage | ||
+ | |||
+ | === OpenStack Compute (Nova) === | ||
+ | * [http://lists.openstack.org/pipermail/openstack-announce/2014-May/000235.html OSSA 2014-017] / [https://launchpad.net/bugs/1269418 CVE-2014-2573] - Nova VMWare driver leaks rescued images | ||
== Bugs Fixed == | == Bugs Fixed == |
Revision as of 01:31, 5 June 2014
Release Notes, 2014.1.1
DRAFT DRAFT DRAFT
The 2014.1.1 release is a Icehouse bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat) and OpenStack Telemetry (Ceilometer).
OpenStack Database Service (Trove) did not have stable/icehouse fixes at this time and will skip 2014.1.1 release.
The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.
Contents
Resolved Security Issues
OpenStack Networking (Neutron)
- OSSA 2014-014 / CVE-2014-0187 - Neutron security groups bypass through invalid CIDR
OpenStack Identity (Keystone)
- OSSA 2014-015 / CVE-2014-0204 - Keystone user and group id mismatch
OpenStack Orchestration (Heat)
- OSSA 2014-016 / CVE-2014-3801 - Heat template URL information leakage
OpenStack Compute (Nova)
- OSSA 2014-017 / CVE-2014-2573 - Nova VMWare driver leaks rescued images
Bugs Fixed
In total, 80 launchpad bugs are fixed by this update.
- List of OpenStack Compute (Nova) bugs fixed in the 2014.1.1 release
- List of OpenStack Identity (Keystone) bugs fixed in the 2014.1.1 release
- List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.1.1 release
- List of OpenStack Networking (Neutron) bugs fixed in the 2014.1.1 release
- List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.1.1 release
- List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.1.1 release
- List of OpenStack Orchestration (Heat) bugs fixed in the 2014.1.1 release
- List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.1.1 release