1383415 – [CVE-2015-5162] oslo.concurrency: Backport support for 'prlimit' parameter [OSP-7]

Bug 1383415 - [CVE-2015-5162] oslo.concurrency: Backport support for 'prlimit' parameter [OSP-7]

Summary: [CVE-2015-5162] oslo.concurrency: Backport support for 'prlimit' parameter [O...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	python-oslo-concurrency
Sub Component:
Version:	7.0 (Kilo)
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	async
Target Release:	7.0 (Kilo)
Assignee:	Victor Stinner
QA Contact:	Udi Shkalim
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1380289 1382552 1382570 1382571 1383421 1384855
TreeView+	depends on / blocked

Reported:	2016-10-10 14:38 UTC by Eric Harney
Modified:	2022-07-09 08:39 UTC (History)
CC List:	10 users (show)
Fixed In Version:	python-oslo-concurrency-1.8.2-2.el7ost
Doc Type:	If docs needed, set a value
Doc Text:	qemu-img calls were unrestricted by ulimit. oslo.concurrency has been updated to add support for process limits ('prlimit'), which is needed to fix the CVE-2015-5162 security vulnerability.
Clone Of:
Clones:	1383421 1384855 (view as bug list)
Environment:
Last Closed:	2017-02-15 22:58:50 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
OpenStack gerrit	327630	None	None	None	2016-10-10 14:39:34 UTC
OpenStack gerrit	332222	None	None	None	2016-10-10 14:38:54 UTC
Red Hat Issue Tracker	OSP-16803	None	None	None	2022-07-09 08:39:00 UTC
Red Hat Product Errata	RHSA-2017:0282	normal	SHIPPED_LIVE	Moderate: openstack-cinder, openstack-glance, and openstack-nova security update	2017-02-16 03:52:44 UTC

Description Eric Harney 2016-10-10 14:38:54 UTC

Security fixes in Nova, Cinder, and Glance require support for prlimit in oslo.concurrency.

The following changes need to be backported:

d65d931 processutils: add support for missing process limits
e33f64f Add prlimit parameter to execute()

Comment 9 Udi Shkalim 2017-01-01 13:00:08 UTC

Verified on: python-oslo-concurrency-1.8.2-2.el7ost.noarch
Code verified

Comment 11 errata-xmlrpc 2017-02-15 22:58:50 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2017-0282.html

Note You need to log in before you can comment on or make changes to this bug.