-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2012-6695 2012-08-13 02:26:21 --------------------------------------------------------------------------------
Name : openstack-nova Product : Fedora EPEL 6 Version : 2012.1.1 Release : 15.el6 URL : http://openstack.org/projects/compute/ Summary : OpenStack Compute (nova) Description : OpenStack Compute (codename Nova) is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances, managing networks, and controlling access through users and projects. OpenStack Compute strives to be both hardware and hypervisor agnostic, currently supporting a variety of standard hardware configurations and seven major hypervisors. -------------------------------------------------------------------------------- Update Information: - Fix package dependencies for updates - Fix CA cert permissions issue introduced in 2012.1.1-10 - Fix group installation issue introduced in 2012.1.1-10 - Split out into more sub packages - Update from stable upstream including... - Fix metadata file injection with xen - Fix affinity filters when hints is None - Fix marker behavior for flavors - Handle local remote exceptions consistently - Fix qcow2 size on libvirt live block migration - Fix for API listing of os hosts - Avoid lazy loading errors on instance_type - Avoid casts in network manager to prevent races - Conditionally allow queries for deleted flavours - Fix wrong regex in cleanup_file_locks - Add net rules to VMs on compute service start - Tolerate parsing null connection info in BDM - Support EC2 CreateImage API for boot from volume - EC2 DescribeImages reports correct rootDeviceType - Reject EC2 CreateImage for instance store - Fix EC2 CreateImage no_reboot logic - Convert remaining network API casts to calls - Move where the fixed ip deallocation happens - Fix the qpid_heartbeat option so that it's effective - Update to latest essex stable branch - Enable auto cleanup of old cached instance images - Fix ram_allocation_ratio based over subscription - Expose over quota exceptions via native API - Return 413 status on over quota in the native API - Fix call to network_get_all_by_uuids - Fix libvirt get_memory_mb_total with xen - Use compute_api.get_all in affinity filters (CVE-2012-3371) - Use default qemu img cluster size in libvirt connect - Ensure libguestfs has completed before proceeding - Distinguish volume overlimit exceptions - Prohibit host file corruption through file injection (CVE-2012-3360, CVE-2012-3361) - Support injecting new .ssh/authorized_keys files to SELinux enabled guests - Improve performance and stability of file injection - add upstart jobs, alternative to sysv initscripts - fix an exception caused by the fix for CVE-2012-2654 - fix the encoding of the dns_domains table (requires a db sync) - fix a crash due to a nova services startup race (#825051) - Fix for protocol case handling (CVE-2012-2654) - Prohibit host file corruption through file injection (CVE-2012-3447) -------------------------------------------------------------------------------- References: [ 1 ] Bug #825052 - Restarting nova-network removes ip packet filters https://bugzilla.redhat.com/show_bug.cgi?id=825052 [ 2 ] Bug #825051 - qpid timeout causing compute service to crash https://bugzilla.redhat.com/show_bug.cgi?id=825051 [ 3 ] Bug #829441 - CVE-2012-2654 OpenStack Nova security groups fail to be set correctly [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=829441 [ 4 ] Bug #844040 - CVE-2012-3360 OpenStack-Nova: compute nodes file injection in disk images [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=844040 [ 5 ] Bug #844039 - CVE-2012-3361 OpenStack-Nova: compute nodes disk image file corruption [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=844039 [ 6 ] Bug #844041 - CVE-2012-3371 OpenStack-Nova: Scheduler denial of service through scheduler_hints [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=844041 [ 7 ] Bug #846625 - CVE-2012-3447 OpenStack-Nova: compute nodes disk image file corruption (incomplete fix for CVE-2012-3361) [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=846625 -------------------------------------------------------------------------------- This update can be installed with the "yum" update programs. Use su -c 'yum update openstack-nova' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ epel-package-announce mailing list epel-package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-package-announce