Difference between revisions of "ReleaseNotes/2014.2.4"
(→Bugs Fixed) |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | = | + | = Release Notes, 2014.2.4 = |
The 2014.2.4 release is a Juno bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat), OpenStack Telemetry (Ceilometer), OpenStack Data Processing (Sahara) and OpenStack Database Service (Trove). | The 2014.2.4 release is a Juno bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat), OpenStack Telemetry (Ceilometer), OpenStack Data Processing (Sahara) and OpenStack Database Service (Trove). | ||
| Line 9: | Line 9: | ||
== Resolved Security Issues == | == Resolved Security Issues == | ||
| − | === | + | === Cinder === |
| − | * [http://security.openstack.org/ossa/OSSA-2015- | + | * [http://security.openstack.org/ossa/OSSA-2015-011.html http://security.openstack.org/ossa/OSSA-2015-011.html] Cinder host file disclosure through qcow2 backing file |
| + | === Glance === | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-019.html http://security.openstack.org/ossa/OSSA-2015-019.html] Glance image status manipulation | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-020.html http://security.openstack.org/ossa/OSSA-2015-020.html] Glance storage overrun | ||
| + | |||
| + | === Horizon === | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-009.html http://security.openstack.org/ossa/OSSA-2015-009.html] Persistent XSS in Horizon metadata dashboard | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-010.html http://security.openstack.org/ossa/OSSA-2015-010.html] XSS in Horizon Heat stack creation | ||
| + | |||
| + | === Keystone === | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-008.html http://security.openstack.org/ossa/OSSA-2015-008.html] Potential Keystone cache backend password leak in log | ||
| + | |||
| + | === Neutron === | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-012.html http://security.openstack.org/ossa/OSSA-2015-012.html] Neutron L2 agent DoS through incorrect allowed address pairs | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-018.html http://security.openstack.org/ossa/OSSA-2015-018.html] Neutron firewall rules bypass through port update | ||
| + | |||
| + | === Nova === | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-017.html http://security.openstack.org/ossa/OSSA-2015-017.html] Nova may fail to delete images in resize state | ||
| + | * [http://security.openstack.org/ossa/OSSA-2015-021.html http://security.openstack.org/ossa/OSSA-2015-021.html] Nova network security group changes are not applied to running instances | ||
== Bugs Fixed == | == Bugs Fixed == | ||
| − | In total, | + | In total, 180 bugs are fixed by this update. |
| − | * [https://launchpad.net/nova/ | + | * [https://launchpad.net/nova/juno/2014.2.4 List of OpenStack Compute (Nova) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/keystone/ | + | * [https://launchpad.net/keystone/juno/2014.2.4 List of OpenStack Identity (Keystone) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/glance/ | + | * [https://launchpad.net/glance/juno/2014.2.4 List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/neutron/ | + | * [https://launchpad.net/neutron/juno/2014.2.4 List of OpenStack Networking (Neutron) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/cinder/ | + | * [https://launchpad.net/cinder/juno/2014.2.4 List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/horizon/ | + | * [https://launchpad.net/horizon/juno/2014.2.4 List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/heat/ | + | * [https://launchpad.net/heat/juno/2014.2.4 List of OpenStack Orchestration (Heat) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/ceilometer/ | + | * [https://launchpad.net/ceilometer/juno/2014.2.4 List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/sahara/ | + | * [https://launchpad.net/sahara/juno/2014.2.4 List of OpenStack Data Processing (Sahara) bugs fixed in the 2014.2.4 release] |
| − | * [https://launchpad.net/trove/ | + | * [https://launchpad.net/trove/juno/2014.2.4 List of OpenStack Database Service (Trove) bugs fixed in the 2014.2.4 release] |
== Known Issues and Limitations == | == Known Issues and Limitations == | ||
| + | === Neutron === | ||
| + | * Zero prefixed address pairs are no longer accepted by the Juno API, users need to use 0.0.0.0/1 and 128.0.0.1/1 or ::/1 and 8000::/1 instead. The fix_zero_length_ip_prefix.py tool is provided to clean ports previously configured with a zero prefixed address pair | ||
[[Category:Releases]] | [[Category:Releases]] | ||
[[Category:Juno]] | [[Category:Juno]] | ||
Latest revision as of 23:06, 19 November 2015
Release Notes, 2014.2.4
The 2014.2.4 release is a Juno bugfix update for OpenStack Compute (Nova), OpenStack Identity (Keystone), OpenStack Image Registry and Delivery Service (Glance), OpenStack Networking (Neutron), OpenStack Block Storage (Cinder), OpenStack Dashboard (Horizon), OpenStack Orchestration (Heat), OpenStack Telemetry (Ceilometer), OpenStack Data Processing (Sahara) and OpenStack Database Service (Trove).
The bugfixes contained in this release were backported from the development branches into a stable branch. The release is intended to be a low risk update with no intentional regressions or API changes.
Contents
Resolved Security Issues
Cinder
- http://security.openstack.org/ossa/OSSA-2015-011.html Cinder host file disclosure through qcow2 backing file
Glance
- http://security.openstack.org/ossa/OSSA-2015-019.html Glance image status manipulation
- http://security.openstack.org/ossa/OSSA-2015-020.html Glance storage overrun
Horizon
- http://security.openstack.org/ossa/OSSA-2015-009.html Persistent XSS in Horizon metadata dashboard
- http://security.openstack.org/ossa/OSSA-2015-010.html XSS in Horizon Heat stack creation
Keystone
- http://security.openstack.org/ossa/OSSA-2015-008.html Potential Keystone cache backend password leak in log
Neutron
- http://security.openstack.org/ossa/OSSA-2015-012.html Neutron L2 agent DoS through incorrect allowed address pairs
- http://security.openstack.org/ossa/OSSA-2015-018.html Neutron firewall rules bypass through port update
Nova
- http://security.openstack.org/ossa/OSSA-2015-017.html Nova may fail to delete images in resize state
- http://security.openstack.org/ossa/OSSA-2015-021.html Nova network security group changes are not applied to running instances
Bugs Fixed
In total, 180 bugs are fixed by this update.
- List of OpenStack Compute (Nova) bugs fixed in the 2014.2.4 release
- List of OpenStack Identity (Keystone) bugs fixed in the 2014.2.4 release
- List of OpenStack Image Registry and Delivery Service (Glance) bugs fixed in the 2014.2.4 release
- List of OpenStack Networking (Neutron) bugs fixed in the 2014.2.4 release
- List of OpenStack Block Storage (Cinder) bugs fixed in the 2014.2.4 release
- List of OpenStack Dashboard (Horizon) bugs fixed in the 2014.2.4 release
- List of OpenStack Orchestration (Heat) bugs fixed in the 2014.2.4 release
- List of OpenStack Telemetry (Ceilometer) bugs fixed in the 2014.2.4 release
- List of OpenStack Data Processing (Sahara) bugs fixed in the 2014.2.4 release
- List of OpenStack Database Service (Trove) bugs fixed in the 2014.2.4 release
Known Issues and Limitations
Neutron
- Zero prefixed address pairs are no longer accepted by the Juno API, users need to use 0.0.0.0/1 and 128.0.0.1/1 or ::/1 and 8000::/1 instead. The fix_zero_length_ip_prefix.py tool is provided to clean ports previously configured with a zero prefixed address pair
