Difference between revisions of "ReleaseNotes/2014.2.3"
(Created page with "= Release Notes, 2014.2.3 = The 2014.2.3 release is a Juno bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Se...") |
|||
| Line 10: | Line 10: | ||
=== OpenStack Image Registry and Delivery Service (Glance) === | === OpenStack Image Registry and Delivery Service (Glance) === | ||
| − | * [http:// | + | * [http://security.openstack.org/ossa/OSSA-2015-004.html http://security.openstack.org/ossa/OSSA-2015-004.html] Image data remains in backend after deleting the image created using task api (import-from) |
| − | * [http:// | + | * [http://security.openstack.org/ossa/OSSA-2015-004.html http://security.openstack.org/ossa/OSSA-2015-004.html] Image file stays in store if image has been deleted during upload |
=== OpenStack Compute (Nova) === | === OpenStack Compute (Nova) === | ||
| − | * [http:// | + | * [http://security.openstack.org/ossa/OSSA-2015-005.html http://security.openstack.org/ossa/OSSA-2015-005.html] Nova console Cross-Site WebSocket hijacking |
=== OpenStack Networking (Neutron) === | === OpenStack Networking (Neutron) === | ||
| − | * [http:// | + | * [http://security.openstack.org/ossa/OSSA-2014-039.html http://security.openstack.org/ossa/OSSA-2014-039.html] Neutron DoS through invalid DNS configuration |
== Bugs Fixed == | == Bugs Fixed == | ||
Latest revision as of 20:38, 9 April 2015
Release Notes, 2014.2.3
The 2014.2.3 release is a Juno bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat), OpenStack Telemetry (Ceilometer), OpenStack Data Processing (Sahara) and OpenStack Database Service (Trove).
The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.
Contents
Resolved Security Issues
OpenStack Image Registry and Delivery Service (Glance)
- http://security.openstack.org/ossa/OSSA-2015-004.html Image data remains in backend after deleting the image created using task api (import-from)
- http://security.openstack.org/ossa/OSSA-2015-004.html Image file stays in store if image has been deleted during upload
OpenStack Compute (Nova)
- http://security.openstack.org/ossa/OSSA-2015-005.html Nova console Cross-Site WebSocket hijacking
OpenStack Networking (Neutron)
- http://security.openstack.org/ossa/OSSA-2014-039.html Neutron DoS through invalid DNS configuration
Bugs Fixed
In total, 108 bugs are fixed by this update.
- List of OpenStack Compute (Nova) bugs fixed in the 2014.2.3 release
- List of OpenStack Identity (Keystone) bugs fixed in the 2014.2.3 release
- List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.2.3 release
- List of OpenStack Networking (Neutron) bugs fixed in the 2014.2.3 release
- List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.2.3 release
- List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.2.3 release
- List of OpenStack Orchestration (Heat) bugs fixed in the 2014.2.3 release
- List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.2.3 release
- List of OpenStack Data Processing (Sahara) bugs fixed in the 2014.2.3 release
- List of OpenStack Database Service (Trove) bugs fixed in the 2014.2.3 release
Known Issues and Limitations
Nova
- Fix live migration RPC compatibility with older versions Users wishing to use shared storage based live migration during upgrade between Icehouse and Juno have been unable to do so because of an existing safeguard against a known issue with shared block devices. This patch allows users of non-shared block based migration (ie, NFS) to use live migration, though it does not fix the original bug affecting shared block device users (ie, RBD). Those users should take special care if using this feature, refer to review #151775 for more details.
