Bump Kolla images for CVE-2024-36039

assumptionsandg · assumptionsandg · commit bba01faf80df · 2024-07-03T11:19:56.000+01:00
diff --git a/etc/kayobe/kolla-image-tags.yml b/etc/kayobe/kolla-image-tags.yml
@@ -4,6 +4,9 @@
 # where the key is the OS distro and the value is the tag to deploy.
 kolla_image_tags:
   openstack:
+    rocky-9: 2023.1-rocky-9-20240621T104542
+    ubuntu-jammy: 2023.1-ubuntu-jammy-20240621T104542
+  bifrost_deploy:
     rocky-9: 2023.1-rocky-9-20240423T125905
     ubuntu-jammy: 2023.1-ubuntu-jammy-20240423T125905
   cinder:
@@ -21,9 +24,6 @@ kolla_image_tags:
   letsencrypt:
     rocky-9: 2023.1-rocky-9-20240509T102329
     ubuntu-jammy: 2023.1-ubuntu-jammy-20240509T102329
-  magnum:
-    rocky-9: 2023.1-rocky-9-20240607T082105
-    ubuntu-jammy: 2023.1-ubuntu-jammy-20240607T082105
   nova:
     rocky-9: 2023.1-rocky-9-20240702T082319
     ubuntu-jammy: 2023.1-ubuntu-jammy-20240702T082319
diff --git a/releasenotes/notes/kolla-bump-cve-2024-36039-07f18e18b5c86980.yaml b/releasenotes/notes/kolla-bump-cve-2024-36039-07f18e18b5c86980.yaml
@@ -0,0 +1,7 @@
+---
+security:
+  - |
+    Addresses critical vulnerability CVE-2024-36039 by
+    bumping the PyMySQL library to 1.1.1 in all affected
+    Kolla images. This vulnerability allows SQL injection 
+    through untrusted JSON objects.
