From dd68ebe75a4d85073ac64fc093f4dcd600167b6a Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Tue, 25 Jun 2024 15:49:56 +0100 Subject: [PATCH] Fix CVE-2024-32498 Fixes CVE-2024-32498 [1] with updated container images for Cinder, Glance and Nova services. [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32498 --- etc/kayobe/kolla-image-tags.yml | 9 +++++++++ releasenotes/notes/cve-2024-32498-2cbd205129351766.yaml | 7 +++++++ 2 files changed, 16 insertions(+) create mode 100644 releasenotes/notes/cve-2024-32498-2cbd205129351766.yaml diff --git a/etc/kayobe/kolla-image-tags.yml b/etc/kayobe/kolla-image-tags.yml index 6a2931fb7..aa0cfb4a2 100644 --- a/etc/kayobe/kolla-image-tags.yml +++ b/etc/kayobe/kolla-image-tags.yml @@ -6,9 +6,15 @@ kolla_image_tags: openstack: rocky-9: 2023.1-rocky-9-20240423T125905 ubuntu-jammy: 2023.1-ubuntu-jammy-20240423T125905 + cinder: + rocky-9: 2023.1-rocky-9-20240701T123544 + ubuntu-jammy: 2023.1-ubuntu-jammy-20240701T123544 cloudkitty: rocky-9: 2023.1-rocky-9-20240509T111619 ubuntu-jammy: 2023.1-ubuntu-jammy-20240509T111619 + glance: + rocky-9: 2023.1-rocky-9-20240701T123544 + ubuntu-jammy: 2023.1-ubuntu-jammy-20240701T123544 haproxy_ssh: rocky-9: 2023.1-rocky-9-20240509T102329 ubuntu-jammy: 2023.1-ubuntu-jammy-20240509T102329 @@ -18,5 +24,8 @@ kolla_image_tags: magnum: rocky-9: 2023.1-rocky-9-20240607T082105 ubuntu-jammy: 2023.1-ubuntu-jammy-20240607T082105 + nova: + rocky-9: 2023.1-rocky-9-20240702T082319 + ubuntu-jammy: 2023.1-ubuntu-jammy-20240702T082319 opensearch: ubuntu-jammy: 2023.1-ubuntu-jammy-20240509T094444 diff --git a/releasenotes/notes/cve-2024-32498-2cbd205129351766.yaml b/releasenotes/notes/cve-2024-32498-2cbd205129351766.yaml new file mode 100644 index 000000000..4265e95c9 --- /dev/null +++ b/releasenotes/notes/cve-2024-32498-2cbd205129351766.yaml @@ -0,0 +1,7 @@ +--- +critical: + - | + Fixes `CVE-2024-32498 + `_ with + updated container images for Cinder, Glance and Nova services. +