[Bug 1884028] Re: [SRU] stein stable releases

Corey Bryant 1884028 at bugs.launchpad.net
Wed Jul 8 21:11:39 UTC 2020 

This bug was fixed in the package cinder - 2:14.1.0-0ubuntu1~cloud0
---------------

 cinder (2:14.1.0-0ubuntu1~cloud0) bionic-stein; urgency=medium
 .
   [ Chris MacNaughton ]
   * New stable point release for OpenStack Stein (LP: #1884028).
 .
   [ Corey Bryant ]
   * SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
     (LP: #1823200)
     - Remove VxFlex OS credentials from connection_properties. Passwords are
       now stored in separate file and are retrieved during each attach/detach
       operation. Cinder is patched in 14.1.0 stable point release.
     - d/control: Align (Build-)Depends with min version of python3-os-brick
       required to fix credential exposure.
     - CVE-2020-10755


** Changed in: cloud-archive/stein
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to cinder in Ubuntu.
https://bugs.launchpad.net/bugs/1884028

Title:
   [SRU] stein stable releases

Status in Ubuntu Cloud Archive:
  Invalid
Status in Ubuntu Cloud Archive stein series:
  Fix Released
Status in cinder package in Ubuntu:
  Invalid
Status in heat package in Ubuntu:
  Invalid
Status in neutron package in Ubuntu:
  Invalid
Status in octavia-dashboard package in Ubuntu:
  Invalid

Bug description:
  [Impact]
  This release sports mostly bug-fixes and we would like to make sure all of our supported customers have access to these improvements. The update contains the following package updates:

  cinder 14.1.0
  heat 12.1.0
  neutron 14.2.0
  octavia-dashboard 3.0.1

  [Test Case]
  The following SRU process was followed:
  https://wiki.ubuntu.com/OpenStackUpdates

  In order to avoid regression of existing consumers, the OpenStack team
  will run their continuous integration test against the packages that
  are in -proposed. A successful run of all available tests will be
  required before the proposed packages can be let into -updates.

  The OpenStack team will be in charge of attaching the output summary
  of the executed tests. The OpenStack team members will not mark
  ‘verification-done’ until this has happened.

  [Regression Potential]
  In order to mitigate the regression potential, the results of the
  aforementioned tests are attached to this bug.

  [Discussion]

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1884028/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list