- Issued:
- 2015-03-05
- Updated:
- 2015-03-06
RHBA-2015:0633 - Bug Fix Advisory
Synopsis
python-django-horizon bug fix advisory
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated OpenStack Dashboard packages that resolve various issues are
now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno)
for RHEL 7.
Description
Red Hat Enterprise Linux OpenStack Platform provides the facilities
for building a private or public infrastructure-as-a-service (IaaS)
cloud running on commonly available physical hardware. This advisory
includes packages for:
- OpenStack Dashboard
OpenStack Dashboard (horizon) provides administrators and users a
graphical interface to access, provision, and automate cloud-based
resources. The dashboard allows cloud administrators to get an overall
view of the size and state of the cloud, and it provides end-users a
self-service portal to provision their own resources within the limits
set by administrators.
Changes to the python-django-horizon component:
- Rebase package(s) to version: 2014.2.2
Highlights and important bug fixes:
- Project limits do not update when using the input selector to change instance count
- While the HA property is update-able, and resulting router-get invocations suggest that the router is HA, the migration itself fails on the agent. This is deceiving and confusing and should be blocked until the migration itself is fixed in a future patch.
- Project Limits don't refresh while selecting flavor
- Private flavor updates with horizon cause access issue with existing instances
- Horizon crashed when parsing volume lists including a volume without a name (BZ#1188394)
- In the Router Network Profiles panel (available only when using the Cisco N1K Neutron plug-in), many of the Network Profile fields could not be updated but they were still shown in the update form. Thereby, the update form was misleading, letting the user modify fields when the changes couldn't be saved.
The code has been fixed to mark the fields that cannot be changed as "read-only" in the form. Thus, when updating a network, only the fields that can be updated are editable and the issue is now resolved. (BZ#1127070)
- In some cases, such as environments where the Identity service was backed by LDAP with specific policies, there were previous restrictions as to how end-users could change their password. This meant that end users were unable to change their password through the dashboard and would receive an error message when trying to do so.
A policy check for "identity:check_password" has been added to the 'Change password' panel, so that when "identity:change_password" is set to a more restrictive policy in /etc/openstack-dashboard/keystone_policy.json, the 'Change password' panel is no longer displayed. This change has now resolved the issue. (BZ#1078956)
Changes to the python-django-openstack-auth component:
- One needed to log in twice after a keystone token timed out. The code has been updated, and the issue is now fixed. (BZ#1174748)
Solution
Before applying this update, ensure all previously released errata relevant to your system have been applied.
Red Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise Linux 7.1.
This update is available through 'yum update' on systems registered through Red Hat Subscription manager. For more information about Red Hat Subscription manager, refer to:
https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html
Red Hat Enterprise Linux OpenStack Platform 6 documentation is available at:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform
The Release Notes include:
- Technology Previews, Recommended Practices, and Known Issues.
- The channels required for Red Hat Enterprise Linux OpenStack
Platform 6, including which channels need to be enabled and disabled.
Affected Products
- Red Hat OpenStack 6.0 x86_64
Fixes
- BZ - 1078956 - Horizon change password fails when Keystone uses LDAP.
- BZ - 1174748 - when keystone token times out, one needs to login twice
- BZ - 1188394 - Rebase python-django-horizon to 2014.2.2
CVEs
(none)
Red Hat OpenStack 6.0
SRPM | |
---|---|
x86_64 | |
openstack-dashboard-2014.2.2-2.el7ost.noarch.rpm | SHA-256: 8843615bf544ba59d1bf28391bef5dacbb2284b84028ee2bf5dea9df665464fc |
openstack-dashboard-theme-2014.2.2-2.el7ost.noarch.rpm | SHA-256: 64a06d40f5a84aad7b781f25db1d07b3a9b57ce847ce5b81a3c5b3010a112c48 |
python-django-horizon-2014.2.2-2.el7ost.noarch.rpm | SHA-256: 0884762cc2d065d0523beeefc155a6caca304d10bca4237caa6dc8921b0face1 |
python-django-horizon-doc-2014.2.2-2.el7ost.noarch.rpm | SHA-256: 320ae0d1b308035558e69544ee7c858ec28c9d750c5f894398f0e9749bc19075 |
python-django-openstack-auth-1.1.7-4.el7ost.noarch.rpm | SHA-256: e36dfe329d2bc97f19c69c44584982a6df34acceeee5425ef0288908d55857af |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.