Difference between revisions of "ReleaseNotes/2014.1.2"
(→OpenStack Identity (Keystone)) |
(→OpenStack Identity (Keystone)) |
||
Line 13: | Line 13: | ||
=== OpenStack Identity (Keystone) === | === OpenStack Identity (Keystone) === | ||
+ | |||
+ | '''Note:''' There was an issue with the Keystone 2014.1.2 tarballs, so new tarballs (versioned 2014.1.2.1) were generated. | ||
+ | |||
* [http://lists.openstack.org/pipermail/openstack-announce/2014-June/000240.html OSSA 2014-018] / [https://launchpad.net/bugs/1324592 CVE-2014-3476] - Keystone privilege escalation through trust chained delegation | * [http://lists.openstack.org/pipermail/openstack-announce/2014-June/000240.html OSSA 2014-018] / [https://launchpad.net/bugs/1324592 CVE-2014-3476] - Keystone privilege escalation through trust chained delegation | ||
* [http://lists.openstack.org/pipermail/openstack-announce/2014-July/000248.html OSSA 2014-022] / [https://launchpad.net/bugs/1331912 CVE-2014-3520] - Keystone V2 trusts privilege escalation through user supplied project id | * [http://lists.openstack.org/pipermail/openstack-announce/2014-July/000248.html OSSA 2014-022] / [https://launchpad.net/bugs/1331912 CVE-2014-3520] - Keystone V2 trusts privilege escalation through user supplied project id |
Revision as of 15:53, 11 August 2014
Release Notes, 2014.1.2
The 2014.1.2 release is a Icehouse bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), Openstack Database (Trove), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat) and OpenStack Telemetry (Ceilometer).
The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.
Contents
Resolved Security Issues
OpenStack Networking (Neutron)
OpenStack Identity (Keystone)
Note: There was an issue with the Keystone 2014.1.2 tarballs, so new tarballs (versioned 2014.1.2.1) were generated.
- OSSA 2014-018 / CVE-2014-3476 - Keystone privilege escalation through trust chained delegation
- OSSA 2014-022 / CVE-2014-3520 - Keystone V2 trusts privilege escalation through user supplied project id
OpenStack Orchestration (Heat)
OpenStack Compute (Nova)
Bugs Fixed
- List of OpenStack Compute (Nova) bugs fixed in the 2014.1.2 release
- List of OpenStack Identity (Keystone) bugs fixed in the 2014.1.2 release
- List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.1.2 release
- List of OpenStack Networking (Neutron) bugs fixed in the 2014.1.2 release
- List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.1.2 release
- List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.1.2 release
- List of OpenStack Orchestration (Heat) bugs fixed in the 2014.1.2 release
- List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.1.2 release
Known Issues and Limitations
None