{"id":22140,"date":"2022-03-25T20:19:29","date_gmt":"2022-03-25T16:19:29","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/166456\/RHSA-2022-0983-01.txt"},"modified":"2022-03-29T10:23:40","modified_gmt":"2022-03-29T05:53:40","slug":"red-hat-security-advisory-2022-0983-01","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/red-hat-security-advisory-2022-0983-01\/","title":{"rendered":"Red Hat Security Advisory 2022-0983-01"},"content":{"rendered":"

—–BEGIN PGP SIGNED MESSAGE—–
\nHash: SHA256<\/p>\n

====================================================================
\nRed Hat Security Advisory<\/p>\n

Synopsis: Moderate: Red Hat OpenStack Platform 16.1 (openstack-nova) security update
\nAdvisory ID: RHSA-2022:0983-01
\nProduct: Red Hat OpenStack Platform
\nAdvisory URL: https:\/\/access.redhat.com\/errata\/RHSA-2022:0983
\nIssue date: 2022-03-24
\nCVE Names: CVE-2021-3654
\n====================================================================
\n1. Summary:<\/p>\n

An update for openstack-nova is now available for Red Hat OpenStack
\nPlatform 16.1 (Train).<\/p>\n

Red Hat Product Security has rated this update as having a security impact
\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
\ngives a detailed severity rating, is available for each vulnerability from
\nthe CVE link(s) in the References section.<\/p>\n

2. Relevant releases\/architectures:<\/p>\n

Red Hat OpenStack Platform 16.1 – noarch<\/p>\n

3. Description:<\/p>\n

OpenStack Compute (codename Nova) is open source software designed
\nto provision and manage large networks of virtual machines, creating a
\nredundant and scalable cloud computing platform. It gives you the software,
\ncontrol panels, and APIs required to orchestrate a cloud, including running
\ninstances, managing networks, and controlling access through users and
\nprojects.OpenStack Compute strives to be both hardware and hypervisor
\nagnostic, currently supporting a variety of standard hardware
\nconfigurations and seven major hypervisors.<\/p>\n

Security Fix(es):<\/p>\n

* novnc allows open redirection (CVE-2021-3654)<\/p>\n

For more details about the security issue(s), including the impact, a CVSS
\nscore, acknowledgments, and other related information, refer to the CVE
\npage listed in the References section.<\/p>\n

4. Solution:<\/p>\n

For details on how to apply this update, which includes the changes
\ndescribed in this advisory, refer to:<\/p>\n

https:\/\/access.redhat.com\/articles\/11258<\/p>\n

5. Bugs fixed (https:\/\/bugzilla.redhat.com\/):<\/p>\n

1961439 – CVE-2021-3654 openstack-nova: novnc allows open redirection
\n1977667 – Compute service DOWN after FFU from RHOSP13 to 16.1 because service version is still 30.
\n1999588 – [OSP 16.1.8] Provide a workaround option and\/or nova-manage command to force the refresh of connection_info during a hard reboot
\n2002773 – [OSP16.1] Nova is out of sync with ironic as hypervisor list in nova does not agree with ironic list after reboot of the nodes
\n2003258 – [OSP16.1] vm creation interrupted by cluster degradation results in required nova cell information being unpopulated.
\n2020313 – If an upper case mac address is used in a heat template, live migration won’t work in nova<\/p>\n

6. Package List:<\/p>\n

Red Hat OpenStack Platform 16.1:<\/p>\n

Source:
\nopenstack-nova-20.4.1-1.20220112153422.1ee93b9.el8ost.src.rpm<\/p>\n

noarch:
\nopenstack-nova-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-api-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-common-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-compute-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-conductor-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-console-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-migration-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-novncproxy-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-scheduler-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-serialproxy-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\nopenstack-nova-spicehtml5proxy-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm
\npython3-nova-20.4.1-1.20220112153422.1ee93b9.el8ost.noarch.rpm<\/p>\n

These packages are GPG signed by Red Hat for security. Our key and
\ndetails on how to verify the signature are available from
\nhttps:\/\/access.redhat.com\/security\/team\/key\/<\/p>\n

7. References:<\/p>\n

https:\/\/access.redhat.com\/security\/cve\/CVE-2021-3654
\nhttps:\/\/access.redhat.com\/security\/updates\/classification\/#moderate<\/p>\n

8. Contact:<\/p>\n

The Red Hat security contact is <secalert@redhat.com>. More contact
\ndetails at https:\/\/access.redhat.com\/security\/team\/contact\/<\/p>\n

Copyright 2022 Red Hat, Inc.
\n—–BEGIN PGP SIGNATURE—–
\nVersion: GnuPG v1<\/p>\n

iQIVAwUBYjyOj9zjgjWX9erEAQh9EQ\/\/UjGfTELgcyBvPIg\/+KGRhz5PI0IfcZz5
\nH81DndCxNZcR7uMy2sbv7I1N6gfknJVhcGVBnNbaPGv2M1UTe4a8tylnGeFytiJg
\nB6dAxjvuWMr5eRzSWYJWi4mpcGodBVwcrwXM4LWVtoH3gL2iYEs1yI3yPjkB8SQJ
\nN2IWUkwPdeGaYpLt4onyQ24bQPy060WNxgSNBEglgmzIg9H2XOWmT9ItQRoqKme1
\n2hto3VyA9q5SWnmb6VWnf7TZ922nuZVgDBICU0UvVbVExhe6530\/kYb5frOIfEfa
\npRrAHnSUrV9\/SUHwzml5OC3cSmBEojFLdUkFRf03p\/gSFwDmhuJtiH+6MgMU1+BG
\nAlhlXTrqFezts\/KznBg86E9DBhl6T8oGxAVP1cXVRUrG+siPBYQi4\/atXVEJLl\/8
\nwvX44Xq7FLqy5YDSGN\/OEN5ExmjQbBgF2krYgPJlEP2DK671YOc4s8cDzUw8QhAo
\nT9gEYy8L6j0oUzNHDsDzkjtCHhTavUz2uv9s9dZSh7Mhp0Ew9Hu6yq\/fM5+ORIIb
\n7mLz3bDSyH8oCT9n1tSnzdTJe64VMwxRoLljP7AXAW95Th3qcSCkRYc1Xdod\/ocF
\nSvkkYlGj2UaJSYv3wPFi1WMKJQoZ3TPRv9fvHKMu7ua0OhjQSN61P245Hn82RaJE
\nm12fF1p1eJs=u4ed
\n—–END PGP SIGNATURE—–
\n—
\nRHSA-announce mailing list
\nRHSA-announce@redhat.com
\nhttps:\/\/listman.redhat.com\/mailman\/listinfo\/rhsa-announce<\/p>\n","protected":false},"excerpt":{"rendered":"

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat OpenStack Platform 16.1 (openstack-nova) security update Advisory ID: RHSA-2022:0983-01 Product: Red Hat OpenStack Platform Advisory URL: https:\/\/access.redhat.com\/errata\/RHSA-2022:0983 Issue date: 2022-03-24 CVE Names: CVE-2021-3654 ==================================================================== 1. Summary: An update for openstack-nova is now available for Red Hat OpenStack Platform 16.1 (Train). …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-22140","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/22140","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=22140"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/22140\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=22140"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=22140"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=22140"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}