This update for crowbar-core, crowbar-openstack, grafana, novnc, openstack-keystone, openstack-neutron, openstack-neutron-lbaas, openstack-nova, openstack-tempest, python-pysaml2, python-urllib3, rubygem-chef, rubygem-easy_diff, sleshammer fixes the following issues:
In python-pysaml2 the following security issue was fixed:
- CVE-2016-10127: Fixed an XML external entity attack. (bsc#1019074)
crowbar-core was updated to version 4.0+git.1570463621.40b11cd48:
- network: Don't set datapath-ids on ovs-bridges anymore (bsc#1152916)
- barclamp_lib: Sync timeout with other barclamps (SOC-10513, SOC-10011)
- gems: Update easy_diff to 1.0.0 (SOC-10505)
- crowbar: Do not read /etc/crowbar.install.key in non-SUSE init script
- transition.sh: Do not read /etc/crowbar.install.key
- gather_logs: Make it a bit useful again
- gather_logs: Do not read /etc/crowbar.install.key
- network: Allow locking down the network config for nodes (bsc#1120657)
- network: Check existing upper layers before bond setup (bsc#1120657)
- network: never plug two interface into the same ovs bridge (bsc#1120657)
- network: Avoid plugging the same interface to two ovs bridges (bsc#1120657)
- nic library: some helper for identifying base interface (bsc#1120657)
- network: Rework the vlan port replugging code (bsc#1120657)
- network: DRY out 'kill_nic_files' (noref)
- Add CVE-2019-5477 the to travis ignore list (SOC-9635)
crowbar-openstack was updated to version 4.0+git.1569429513.e7016b2b6:
- tempest: don't rely on service catalogue (SOC-10633)
- nova: set default attribute for max_threads_per_process
- database: Hardcode ruby version for package installation (SOC-10010)
- neutron: restore dhcp_domain in stable/4.0 (bsc#1145867)
- nova: add max_threads_per_process tuneable (SOC-10001, bsc#1133719)
grafana was updated to:
- CVE-2019-15043: Adds authentication to a few rest endpoints that could be used to access grafana snapshot apis to cause denial of service (SOC-10357 bsc#1148383)
Also see...