- Issued:
- 2015-02-09
- Updated:
- 2015-02-09
RHEA-2015:0150 - Product Enhancement Advisory
Synopsis
openstack-glance enhancement advisory
Type/Severity
Product Enhancement Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated OpenStack Image Service packages that resolve various issues are
now available for Red Hat Enterprise Linux OpenStack Platform 6.0
(Icehouse) for RHEL 7.
Description
Red Hat Enterprise Linux OpenStack Platform provides the facilities for
building a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware. This advisory includes
packages for:
- OpenStack Image Service
OpenStack Image Service (glance) provides discovery, registration, and
delivery services for disk and server images. It provides the ability to
copy or snapshot a server image, and immediately store it away. Stored
images can be used as a template to get new servers up and running quickly
and more consistently than installing a server operating system and
individually configuring additional services.
This update addresses the following bugs:
- A new feature allows users to download an image's data partially and
restart the download at any time, as long as the image data is available
in the server. This has been implemented using the 'Content-Range' header,
which follows the form:
Content-Range: bytes FIRST_BYTE-LAST_BYTE/INSTANCE_BYTES
This header will be parsed only on download requests and there is no
support on the client library yet.
Refer to the HTTP's specification for more information about the specific
forms of this header. (BZ#1084072)
- A new rule now makes it possible to restrict an image's downloads by
using the built-in policy engine. This rule ("download_image": "role:admin
or rule:restricted") must be added to the policy.json file to ensure it is
effective. (BZ#1090741)
- This advisory also rebases openstack-glance package to version 2014.2.1.
This version included several critical and high bug fixes, including:
- * Normal user not able to download image if protected property is not
associated with the image with restrict-download policy.
- * osprofiler crashed when updated from Icehouse.
- * glance_store 0.1.9 broke multiple unit tests.
- * Expired image location URL caused Image service client errors.
- * Swift multi-tenant store upload was broken.
(BZ#1170343)
Solution
Before applying this update, ensure all previously released errata relevant
to your system have been applied.
Red Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise
Linux 7.0.
The Red Hat Enterprise Linux OpenStack Platform 6 Release Notes contain the
following:
- An explanation of the way in which the provided components interact to
form a working cloud computing environment.
- Technology Previews, Recommended Practices, and Known Issues.
- The channels required for Red Hat Enterprise Linux OpenStack Platform 6,
including which channels need to be enabled and disabled.
The Release Notes are available at:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/6/html/Release_Notes/index.html
This update is available through the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at:
https://access.redhat.com/site/articles/11258
Affected Products
- Red Hat OpenStack 6.0 x86_64
Fixes
- BZ - 985077 - [RFE][glance] Asynchronous Processing in Glance
- BZ - 1084072 - [RFE][glance] Glance API should provide a method for downloading partial image data
- BZ - 1090741 - [RFE][glance]: Restrict users from downloading image based on protected properties rules
- BZ - 1170343 - Rebase openstack-glance to 2014.2.1
CVEs
(none)
References
(none)
Red Hat OpenStack 6.0
SRPM | |
---|---|
x86_64 | |
openstack-glance-2014.2.1-3.el7ost.noarch.rpm | SHA-256: 13f491d64624b4ac635e5127b7ed7d35fd4bcc243d6ca488c40d820fa2089c62 |
openstack-glance-doc-2014.2.1-3.el7ost.noarch.rpm | SHA-256: 714d1110aa86afcde165e9182e8e3b691ea3533c51d47f306f1aac31a93fe6ed |
python-glance-2014.2.1-3.el7ost.noarch.rpm | SHA-256: 6e5d73b56c53f0aa1b1d6fe23bd4b590afca6b23c845d7c329d034d13f15cb63 |
python-glanceclient-0.14.2-1.el7ost.noarch.rpm | SHA-256: 67a237b2487ef8234a38b6b188624309d46dd91e5394f2142139a4c99bdfa99e |
python-glanceclient-doc-0.14.2-1.el7ost.noarch.rpm | SHA-256: 960d1fc338818aa73370f65b31b602e2efdc7489cb0d0ea75cd9f70ccc1619dd |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.