SUSE-SU-2019:2671-1

Description of the patch:

This update for crowbar-core, crowbar-openstack, grafana, novnc, openstack-keystone, openstack-neutron, openstack-neutron-lbaas, openstack-nova, openstack-tempest, python-pysaml2, python-urllib3, rubygem-chef, rubygem-easy_diff, sleshammer fixes the following issues:

In python-pysaml2 the following security issue was fixed:

• CVE-2016-10127: Fixed an XML external entity attack. (bsc#1019074)

crowbar-core was updated to version 4.0+git.1570463621.40b11cd48:

• network: Don't set datapath-ids on ovs-bridges anymore (bsc#1152916)
• barclamp_lib: Sync timeout with other barclamps (SOC-10513, SOC-10011)
• gems: Update easy_diff to 1.0.0 (SOC-10505)
• crowbar: Do not read /etc/crowbar.install.key in non-SUSE init script
• transition.sh: Do not read /etc/crowbar.install.key
• gather_logs: Make it a bit useful again
• gather_logs: Do not read /etc/crowbar.install.key
• network: Allow locking down the network config for nodes (bsc#1120657)
• network: Check existing upper layers before bond setup (bsc#1120657)
• network: never plug two interface into the same ovs bridge (bsc#1120657)
• network: Avoid plugging the same interface to two ovs bridges (bsc#1120657)
• nic library: some helper for identifying base interface (bsc#1120657)
• network: Rework the vlan port replugging code (bsc#1120657)
• network: DRY out 'kill_nic_files' (noref)
• Add CVE-2019-5477 the to travis ignore list (SOC-9635)

crowbar-openstack was updated to version 4.0+git.1569429513.e7016b2b6:

• tempest: don't rely on service catalogue (SOC-10633)
• nova: set default attribute for max_threads_per_process
• database: Hardcode ruby version for package installation (SOC-10010)
• neutron: restore dhcp_domain in stable/4.0 (bsc#1145867)
• nova: add max_threads_per_process tuneable (SOC-10001, bsc#1133719)

grafana was updated to:

• CVE-2019-15043: Adds authentication to a few rest endpoints that could be used to access grafana snapshot apis to cause denial of service (SOC-10357...