OVAL Reference oval:org.opensuse.security:def:60848

Oval Definition:

oval:org.opensuse.security:def:60848

Revision Date:	2020-12-01	Version:	1
Title:	Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui (Moderate)
Description:	This update for crowbar, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui fixes the following issues: This security issues was fixed: - CVE-2018-3760: Upgrade rubygem-sprockets to prevent an information leak. Specially crafted requests could have been be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production (bsc#1098369). - CVE-2016-861: Add rate limiting for glance api (bsc#1005886) These non-security issues were fixed for crowbar: - upgrade: Lock crowbar-ui before admin upgrade - upgrade: Make sure schemas are properly migrated after the upgrade - upgrade: No need for database dump before the upgrade - upgrade: No need to use crowbar-init during the upgrade These non-security issues were fixed for crowbar-core: - upgrade: Remove pre-upgrade constraints from existing locations - upgrade: Show the grep result when checking for not-migrated instances - upgrade: Set clone_stateless_services to false on upgrade - control_lib: fix host allocation check - Fix exception handling in get_log_lines - apache: copytruncate apache logs bsc#1083093 - upgrade: Refresh repos before crowbar-ui update (bsc#1099392) - upgrade: Reset RabbitMQ nodes during upgrade - upgrade: Do not allow cinder-volume on compute nodes - upgrade: Wait until all nova-compute services are up before evacuation - upgrade: Save the information which set of nodes should be upgraded - Let skip_unready_nodes skip also nodes that are in crowbar_upgrade state - upgrade: Add missing brackets checking for nodes - upgrade: Make sure postponed nodes can be skipped when applying proposal - upgrade: When the upgrade is not finished, show a link to wizard - upgrade: Correctly delete remaining upgrade scripts - upgrade: Wait for services shutdown to finish - upgrade: Unlock crowbar-ui after completed upgrade - upgrade: Stop cron before stopping any other service - upgrade: Provide better information after the failure - upgrade: Report missing scripts - upgrade: Better check for upgraded nodes - do not rely on state - upgrade: Improve error messages with lists - upgrade: Check input is a valid node for nodes - upgrade: Delete upgrade scripts really at the end of upgrade - upgrade: Increase the timeout for deleting pacemaker resources - upgrade: Adapt the check for upgraded? value - upgrade: Move step to mark the admin upgrade end - upgrade: Do not finalize nodes that are not upgraded - upgrade: Fix file layout for rails' autoloading (bsc#1096759) - upgrade: Deleting cinder services from database no longer needed - upgrade: Allow postpone and resume of compute nodes upgrade - upgrade: Allow the access to controller actions when upgrade is postponed - upgrade: Finalize upgrade of controller nodes after they are done - upgrade: Added API calls for postponing/resuming compute nodes upgrade - upgrade: Unblock upgrade status API in Cloud8 - upgrade: Do not end admin step while it is still running (bsc#1095420) - upgrade: Adapt ceph-related checks to 7-8 upgrade - upgrade: Allow running schema migrations on upgrade - upgrade: Fix platform retrieval These non-security issues were fixed for crowbar-ha: - pacemaker: allow multiple meta parameters (bsc#1093898) - haproxy: active-active mode, just one VIP These non-security issues were fixed for crowbar-openstack: - Synchronize SSL in the cluster (bsc#1081518) - neutron: add force_metadata attribute - rabbitmq: set client timout to default value - /etc/sysctl.d/99-sysctl.conf is a symlink to /etc/sysctl.conf - Do not automatically put manila-share roles to compute nodes - rabbitmq: check for rabbit readiness - rabbitmq: Make sure rabbit is running on cluster - monasca: various monasca-installer improvements - monasca: reduce monasca-installer runs (bsc#1096043) - manila: Correct field name for cluster name - Do not mark [:nova][:db_synced] too early - nova: Do not do partial online migrations, that was Newton specific - monasca: add elasticsearch tunables (bsc#1090336) - copytruncate apache logs instead of creating - rabbitmq: Better dependency check - aodh: Add config for alarm_history_ttl (bsc#1073703) - upgrade: cinder: run live migrations at correct rev These non-security issues were fixed for crowbar-ui: - upgrade: Dummy backend for status testing - upgrade: Refactor postpone nodes upgrade - upgrade: Allow interruption of status wait loop - upgrade: Added ability to postpone upgrade nodes - upgrade: Add ability to postpone upgrade nodes - upgrade: Add ability to postpone upgrade nodes - upgrade: Add ability to postpone upgrade nodes - Add ability to postpone upgrade - upgrade: Remove openstack precheck - upgrade: Fixed error key for ha_configured - upgrade: Remove CEPH related code - Remove the non-essential database-configuration controller - remove ui typo test - Remove database configuration option - upgrade: Update SUSE-OpenStack-Cloud-8 label - upgrade: Update admin and nodes repo names
Family:	unix	Class:	patch
Status:		Reference(s):	1005886 1012382 1015342 1015343 1017967 1019695 1019699 1020412 1021121 1022604 1024361 1024365 1024376 1027968 1030552 1033962 1042286 1048317 1049825 1050431 1053685 1055014 1055825 1056058 1056596 1061343 1062604 1063646 1064232 1065363 1065364 1065729 1066223 1066242 1068032 1068075 1069138 1073703 1077717 1078921 1080157 1081518 1083093 1083663 1084632 1085042 1085536 1085539 1086457 1087092 1089066 1090336 1090888 1091171 1091860 1092903 1093414 1093898 1094717 1095420 1096043 1096254 1096748 1096759 1097105 1098253 1098369 1098822 1099392 1099597 1099810 1099811 1099813 1099832 1099844 1099845 1099846 1099849 1099863 1099864 1099922 1099999 1100000 1100001 1100132 1101428 1101566 1101567 1101568 1101569 1101570 1101571 1101573 1101576 1101577 1101578 1101581 1101582 1101583 1101588 1101589 1101822 1101841 1102346 1102486 1102517 1102715 1102797 1103269 1103445 1104319 1104485 1104494 1104495 1104683 1104897 1105271 1105292 1105322 1105392 1105396 1105524 1105536 1105769 1106016 1106105 1106185 1106229 1106271 1106275 1106276 1106278 1106281 1106283 1106369 1106509 1106511 1106594 1106697 1106929 1106934 1106995 1107060 1107078 1107319 1107320 1107689 1107735 1107966 1109893 1110542 1111319 1112911 1113296 1116995 1117080 1117840 1120629 1120630 1120631 1123191 1127155 1127223 1127308 1128574 1131823 1133204 1133205 1133498 1133501 1134075 1134226 1135232 1135236 1136183 1136732 1137977 1138425 1138464 1139083 1139885 1139886 1140039 1140100 1140102 1140103 1140106 1140110 1140111 1140290 1140501 1140513 1140534 1140538 1140554 1140664 1140666 1140669 1140673 1141171 1145092 1145521 1146351 1148158 1149652 1150734 1152007 1152457 1154235 1155089 1155942 1156305 1156669 1156914 1157028 1157198 1157206 1157482 1158675 1159856 1159858 1159860 1160048 1160250 1160251 1160878 1160883 1160895 1160912 1160937 1161351 1161517 1162002 1162388 1164910 1168994 1170011 1170618 1171078 1171189 1171191 1171220 1171732 1171988 1172453 1172458 1172775 1172999 1173280 1173658 1173812 1174115 1174462 1174463 1174543 1174570 963575 966170 966172 969470 969476 969477 970506 980830 982129 986534 CVE-2009-5155 CVE-2014-9116 CVE-2016-8611 CVE-2017-1002201 CVE-2017-12805 CVE-2017-12806 CVE-2017-3735 CVE-2017-3736 CVE-2018-10876 CVE-2018-10877 CVE-2018-10878 CVE-2018-10879 CVE-2018-10880 CVE-2018-10881 CVE-2018-10882 CVE-2018-10883 CVE-2018-10902 CVE-2018-10938 CVE-2018-10940 CVE-2018-1128 CVE-2018-1129 CVE-2018-12896 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095 CVE-2018-14349 CVE-2018-14350 CVE-2018-14351 CVE-2018-14352 CVE-2018-14353 CVE-2018-14354 CVE-2018-14355 CVE-2018-14356 CVE-2018-14357 CVE-2018-14358 CVE-2018-14359 CVE-2018-14360 CVE-2018-14361 CVE-2018-14362 CVE-2018-14363 CVE-2018-15572 CVE-2018-16658 CVE-2018-17954 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2018-3760 CVE-2018-6554 CVE-2018-6555 CVE-2018-9363 CVE-2019-10131 CVE-2019-10208 CVE-2019-11470 CVE-2019-11472 CVE-2019-11505 CVE-2019-11506 CVE-2019-11597 CVE-2019-11598 CVE-2019-12900 CVE-2019-12974 CVE-2019-12975 CVE-2019-12976 CVE-2019-12978 CVE-2019-12979 CVE-2019-13117 CVE-2019-13133 CVE-2019-13134 CVE-2019-13135 CVE-2019-13173 CVE-2019-13295 CVE-2019-13297 CVE-2019-13300 CVE-2019-13301 CVE-2019-13307 CVE-2019-13308 CVE-2019-13310 CVE-2019-13311 CVE-2019-13391 CVE-2019-13454 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2019-16770 CVE-2019-18901 CVE-2019-20810 CVE-2019-20812 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2758 CVE-2019-2805 CVE-2019-2938 CVE-2019-2974 CVE-2019-3688 CVE-2019-3690 CVE-2019-9169 CVE-2020-0305 CVE-2020-10135 CVE-2020-10711 CVE-2020-10713 CVE-2020-10732 CVE-2020-10751 CVE-2020-10773 CVE-2020-12771 CVE-2020-13974 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-14416 CVE-2020-15706 CVE-2020-15707 CVE-2020-2574 CVE-2020-7595 SUSE-SU-2017:3169-1 SUSE-SU-2018:2762-1 SUSE-SU-2018:2858-1 SUSE-SU-2019:2159-1 SUSE-SU-2019:2181-1 SUSE-SU-2019:2265-1 SUSE-SU-2019:3180-1 SUSE-SU-2020:0159-1 SUSE-SU-2020:0640-1 SUSE-SU-2020:2079-1 SUSE-SU-2020:2152-1
Platform(s):	openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libraw-0.18.9-lp151.4.3 is installed OR libraw-devel-0.18.9-lp151.4.3 is installed OR libraw-devel-static-0.18.9-lp151.4.3 is installed OR libraw-tools-0.18.9-lp151.4.3 is installed OR libraw16-0.18.9-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libopenssl-devel-1.0.2j-60.16 is installed OR libopenssl1_0_0-1.0.2j-60.16 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.16 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.16 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.16 is installed OR openssl-1.0.2j-60.16 is installed OR openssl-doc-1.0.2j-60.16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mutt-1.10.1-55.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND ant-1.9.4-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information libX11-1.6.2-12.12 is installed OR libX11-6-1.6.2-12.12 is installed OR libX11-6-32bit-1.6.2-12.12 is installed OR libX11-data-1.6.2-12.12 is installed OR libX11-xcb1-1.6.2-12.12 is installed OR libX11-xcb1-32bit-1.6.2-12.12 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.23-3.9 is installed

BACK