- Issued:
- 2015-09-10
- Updated:
- 2015-09-10
RHBA-2015:1753 - Bug Fix Advisory
Synopsis
openstack-keystone bug fix advisory
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated OpenStack Identity packages that resolve various issues are now
available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse)
for RHEL 6.
Description
Red Hat Enterprise Linux OpenStack Platform provides the facilities for
building a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware. This advisory includes
packages for:
- OpenStack Identity service
The OpenStack Identity service (keystone) authenticates and authorizes
OpenStack users by keeping track of users and their permitted activities.
The Identity service supports multiple forms of authentication including
user name and password credentials, token-based systems, and AWS-style
logins.
This update addresses the following issues:
- Previously, Keystone used an older python-ldap API to perform paged LDAP search operations. As a result, when performing Keystone operations that trigger LDAP search operations (such as listing users), Keystone encountered 'AttributeError' messages.
The older API has now been removed in python-ldap 2.4 and is replaced with a non-backwards compatible API. Keystone is now able to detect which paged search API is available in the underlying python-ldap module, allowing it to use the available API properly. Thereby, paged LDAP search operations are performed by Keystone without error. (BZ#1153695)
- Rebase package(s) to version:
2014.1.5 https://launchpad.net/ceilometer/icehouse/2014.1.5
Highlights and important bug fixes:
Two VMware and ceilometer-compute-agent related bug fixes that prevented the compute-agent from operating correctly:
https://bugs.launchpad.net/ceilometer/+bug/1326230 https://bugs.launchpad.net/ceilometer/+bug/1415307 (BZ#1254715)
Solution
Before applying this update, ensure all previously released errata relevant to your system have been applied.
Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6 runs on Red Hat Enterprise Linux 6.7.
The Red Hat Enterprise Linux OpenStack Platform 5 Release Notes (see the References section) contain the following:
- An explanation of the way in which the provided components interact to form a working cloud computing environment.
- Technology Previews, Recommended Practices, and Known Issues.
- The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for Red Hat Enterprise Linux 6, including which channels need to be enabled and disabled.
This update is available through the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
Affected Products
- Red Hat OpenStack 5.0 for RHEL 6 x86_64
Fixes
- BZ - 1153695 - LDAP paged searches don't work with python-ldap 2.4
- BZ - 1254715 - Rebase openstack-keystone to 2014.1.5
CVEs
(none)
Red Hat OpenStack 5.0 for RHEL 6
SRPM | |
---|---|
openstack-keystone-2014.1.5-2.el6ost.src.rpm | SHA-256: c50685bd900d806fa06f7a1a7bb7f4069ea305d3e054fbe85bf78579945a51c7 |
x86_64 | |
openstack-keystone-2014.1.5-2.el6ost.noarch.rpm | SHA-256: 41d1cd44d24f9a96aa5094c7fcf820aaf3535c6e759edf70492a8f05a2c18b09 |
openstack-keystone-doc-2014.1.5-2.el6ost.noarch.rpm | SHA-256: 2c8e4d447f40f0ab7d70bc4dadd8c8fe15cc0bf6198fa55003f4b370dd718eb7 |
python-keystone-2014.1.5-2.el6ost.noarch.rpm | SHA-256: 7b31ec7cfe71b2d465f83f84b691f975814ada5e95be4d759f6de3e968d33d36 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.