- Issued:
- 2015-03-05
- Updated:
- 2015-03-05
RHBA-2015:0639 - Bug Fix Advisory
Synopsis
openstack-keystone bug fix advisory
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated OpenStack Identity packages that resolve various issues are now
available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno)
for RHEL 7.
Description
Red Hat Enterprise Linux OpenStack Platform provides the facilities
for building a private or public infrastructure-as-a-service (IaaS)
cloud running on commonly available physical hardware. This advisory
includes packages for:
- OpenStack Identity service
The OpenStack Identity service (keystone) authenticates and authorizes
OpenStack users by keeping track of users and their permitted
activities. The Identity service supports multiple forms of authentication
including user name and password credentials, token-based systems,
and AWS-style logins.
Changes to the openstack-keystone component:
- With this release, keystone now emits CADF notifications for role assignment events, providing a more complete audit trail. Role assignment operations affect a user's access to cloud resources; keeping an audit trail of these actions can be important to detect malicious actions. (BZ#1130726)
Solution
Before applying this update, ensure all previously released errata relevant to your system have been applied.
Red Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise Linux 7.1.
This update is available through 'yum update' on systems registered through Red Hat Subscription manager. For more information about Red Hat Subscription manager, refer to:
https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html
Red Hat Enterprise Linux OpenStack Platform 6 documentation is available at:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform
The Release Notes include:
- Technology Previews, Recommended Practices, and Known Issues.
- The channels required for Red Hat Enterprise Linux OpenStack
Platform 6, including which channels need to be enabled and disabled.
Affected Products
- Red Hat OpenStack 6.0 x86_64
Fixes
- BZ - 1097992 - [RFE][keystone]: Keystone to Keystone federation
- BZ - 1130726 - [RFE][keystone]: Add CADF notifications for role assignments
- BZ - 1188387 - Rebase openstack-keystone to 2014.2.2
CVEs
(none)
Red Hat OpenStack 6.0
SRPM | |
---|---|
x86_64 | |
openstack-keystone-2014.2.2-1.el7ost.noarch.rpm | SHA-256: ce2f479b463be3a91bbbd30ef4fe90d64e3ef50f1be37e26d28c3782889d5a90 |
openstack-keystone-doc-2014.2.2-1.el7ost.noarch.rpm | SHA-256: bd448ec8265eb106081d8e5ce5d09f99efb661325811c7a897cedab0df8243ec |
python-keystone-2014.2.2-1.el7ost.noarch.rpm | SHA-256: 05c1be37fcdba6cf8c6560127577f7a47fe78ea071bdce9f5e653c0cdea46e7a |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.