Difference between revisions of "ReleaseNotes/2014.1.3"
(→Neutron) |
|||
Line 8: | Line 8: | ||
== Resolved Security Issues == | == Resolved Security Issues == | ||
+ | |||
+ | === OpenStack Image Registry and Delivery Service (Glance) === | ||
+ | * [http://lists.openstack.org/pipermail/openstack-announce/2014-August/000267.html OSSA 2014-028 ] / [https://launchpad.net/bugs/1315321 CVE-2014-5356 ] - Glance store DoS through disk space exhaustion | ||
+ | |||
+ | === OpenStack Dashboard (Horizon) === | ||
+ | * [http://lists.openstack.org/pipermail/openstack-announce/2014-August/000266.html OSSA 2014-027] / [https://launchpad.net/bugs/1349491 CVE-2014-3594 ] - Persistent XSS in Horizon Host Aggregates interface | ||
+ | |||
+ | === OpenStack Identity (Keystone) === | ||
+ | * [http://lists.openstack.org/pipermail/openstack-announce/2014-September/000275.html OSSA 2014-029] / [https://launchpad.net/bugs/1354208 CVE-2014-3621 ] - Configuration option leak through Keystone catalog | ||
+ | |||
+ | === OpenStack Networking (Neutron) === | ||
+ | * [http://lists.openstack.org/pipermail/openstack-announce/2014-September/000285.html OSSA 2014-031] / [https://bugs.launchpad.net/neutron/+bug/1357379 CVE-2014-6414 ] - Admin-only network attributes may be reset to defaults by non-privileged users | ||
== Bugs Fixed == | == Bugs Fixed == | ||
− | In total, | + | In total, 129 bugs are fixed by this update. |
* [https://launchpad.net/nova/+milestone/2014.1.3 List of OpenStack Compute (Nova) bugs fixed in the 2014.1.3 release] | * [https://launchpad.net/nova/+milestone/2014.1.3 List of OpenStack Compute (Nova) bugs fixed in the 2014.1.3 release] | ||
Line 23: | Line 35: | ||
== Known Issues and Limitations == | == Known Issues and Limitations == | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
[[Category:Releases]] | [[Category:Releases]] | ||
[[Category:Icehouse]] | [[Category:Icehouse]] |
Revision as of 22:04, 1 October 2014
*DRAFT* Release Notes, 2014.1.3
The 2014.1.3 release is a Icehouse bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat), OpenStack Telemetry (Ceilometer) and Openstack Database (Trove).
The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.
Contents
Resolved Security Issues
OpenStack Image Registry and Delivery Service (Glance)
- OSSA 2014-028 / CVE-2014-5356 - Glance store DoS through disk space exhaustion
OpenStack Dashboard (Horizon)
- OSSA 2014-027 / CVE-2014-3594 - Persistent XSS in Horizon Host Aggregates interface
OpenStack Identity (Keystone)
- OSSA 2014-029 / CVE-2014-3621 - Configuration option leak through Keystone catalog
OpenStack Networking (Neutron)
- OSSA 2014-031 / CVE-2014-6414 - Admin-only network attributes may be reset to defaults by non-privileged users
Bugs Fixed
In total, 129 bugs are fixed by this update.
- List of OpenStack Compute (Nova) bugs fixed in the 2014.1.3 release
- List of OpenStack Identity (Keystone) bugs fixed in the 2014.1.3 release
- List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.1.3 release
- List of OpenStack Networking (Neutron) bugs fixed in the 2014.1.3 release
- List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.1.3 release
- List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.1.3 release
- List of OpenStack Orchestration (Heat) bugs fixed in the 2014.1.3 release
- List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.1.3 release
- List of OpenStack Database (Trove) bugs fixed in the 2014.1.3 release