UbuntuUpdates.org

Package "python-neutron"

Name: python-neutron

Description:

Neutron is a virutal network service for Openstack - Python library

Latest version: 1:2014.1.3-0ubuntu1.1
Release: trusty (14.04)
Level: security
Repository: main
Head package: neutron

Links

Save this URL for the latest version of "python-neutron": https://www.ubuntuupdates.org/python-neutron


Download "python-neutron"


Other versions of "python-neutron" in Trusty

Repository Area Version
base main 1:2014.1-0ubuntu1
updates main 1:2014.1.5-0ubuntu8

Changelog

Version: 1:2014.1.3-0ubuntu1.1 2014-11-11 20:06:28 UTC

  neutron (1:2014.1.3-0ubuntu1.1) trusty-security; urgency=medium

  * No change rebuild for security:
    - [dd4b77f] Forbid regular users to reset admin-only attrs to default values
      + CVE-2014-6414
      + LP: #1357379
 -- Marc Deslauriers <email address hidden> Tue, 21 Oct 2014 11:59:06 -0400

Source diff to previous version
1357379 [OSSA 2014-031] policy admin_only rules not enforced when changing value to default (CVE-2014-6414)
CVE-2014-6414 OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via

Version: 1:2014.1.2-0ubuntu1.1 2014-08-21 20:06:38 UTC

  neutron (1:2014.1.2-0ubuntu1.1) trusty-security; urgency=medium

  * No change rebuild for security:
    - [0324965] remove token from notifier middleware
      + CVE-2014-4615
      + LP: #1321080
    - [2c4828e] no quota for allowed address pair
      + CVE-2014-3555
      + LP: #1336207
 -- Jamie Strandboge <email address hidden> Thu, 21 Aug 2014 08:54:55 -0500

Source diff to previous version
1336207 [OSSA 2014-025] There is no quota for allowed address pair (CVE-2014-3555)
CVE-2014-3555 OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno ...

Version: 1:2014.1-0ubuntu1.3 2014-06-25 22:06:37 UTC

  neutron (1:2014.1-0ubuntu1.3) trusty-security; urgency=medium

  * SECURITY UPDATE: specify /etc/neutron/rootwrap.conf for use with
    neutron-rootwrap
    - CVE-2013-6433 (LP: #1185019)
  * SECURITY UPDATE: Validate CIDR given as ip-prefix in
    security-group-rule-create
    - CVE-2014-0187
    - LP: #1300785
  * debian/patches/CVE-2014-0187b.patch: update for python-netaddr <= 0.7.10
  * SECURITY UPDATE: Install SNAT rules for ipv4 only
    - CVE-2014-4167
    - LP: #1309195
 -- Jamie Strandboge <email address hidden> Wed, 18 Jun 2014 16:12:37 -0500

1300785 [OSSA 2014-014] neutron allows security group rules with invalid cidrs, resulting in broken iptables rules (breaking iptables-restore) (CVE-2014-0187
1309195 [OSSA 2014-019] IPv6 prefix shouldn't be added in the NAT table (CVE-2014-4167)
CVE-2013-6433 The default configuration in the Red Hat openstack-neutron package ...
CVE-2014-0187 The openvswitch-agent process in OpenStack Neutron 2013.1 before ...
CVE-2014-4167 Neutron L3-agent DoS through IPv6 subnet



About   -   Send Feedback to @ubuntu_updates