[Openstack] [OSSA 2013-018] Missing SSL certificate check in Python glance client (CVE-2013-4111)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-018 CVE: CVE-2013-4111 Date: July 30, 2013 Title: Missing SSL certificate check in Python glance client Reporter: Thomas Leaman (HP) Products: python-glanceclient Affects: All versions Description: Thomas Leaman from HP reported that the Python Glance client was failing to properly check certificates during the establishment of HTTPS connections. A remote attacker with access over segments of the network between client and server could potentially set up a man-in the-middle attack and access the contents of the Glance client request (or response). python-glanceclient fix (will be included in a future release): https://review.openstack.org/#/c/33464/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4111 https://bugs.launchpad.net/python-glanceclient/+bug/1192229 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJR98rhAAoJEFB6+JAlsQQjm30P/3zp1YGzDb30pSOcfKz683VR KGYEoRUx3wPLMCC5Vzl4y63xwrl7nrarKNj6VeyU/JUzBVhlIa/MHgIkrBzNDPkj 9yewE6ITihnbRfYIp/u+QnXkX0IgNsfeLPL5DW6qgV4aKRVZQdz0TcTjbQrhDQiV iEVEEq1lZVMwP5Oah38YVxWg5EmL+9vmMqfkcXpWsMa1I2yWcw0YN5m4QqHw5BcD GGeagHDZIQ+nxzpWd67E/OV946uHrhshCRZq+o3lZoGSv1C33bpkcDoruskDYvUm gKtwD63/ifHmXnti8TVNaX9D80C2NdSPzAUFNa/Akht5b/VIzuhqvUDECernDckx UBOYjXsTFVfFkqFYLE+Xderm6iTAX4mC8yCdIEONLRVdZGNMWk4WVPjJ4vhpUUNA uTaFq+csTbwH/DttbxlniiEbJAhoTPAHDKmwzwStTBVIc6mbxeF72vx9GBV6Hx9x 7qA+Hn5otlSWt8WbqU6K14ypFQRwjtswfY38ZZ9YkAQFFnI/dEUWp5P/Ld8JaiiQ RQU6h/m3crdaeoATK020TK2QZBjUAVgLARFNAL2UT3IwfmZixJAsuWn5QfGPHojI PYjdutW1VlBhL8ak8oN/Q2pzkho/ufR9czSMGN35X3U/7db87OrG/0gz8Rp5FZVH diSr4/bWdzDrbfkY/sCI =v33d -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Summit Sessions
Anne Gentle wrote: > On Mon, Jul 29, 2013 at 11:48 AM, Jarret Raim <mailto:jarret.r...@rackspace.com>> wrote: > >> Second, submitting a design session says to go to this >> page: http://summit.openstack.org/ and hit 'Suggest a session'. I'm >>logged in through my launchpad account, but there is no Suggest list >> anywhere on that page. How would I go about submitting a session? > > That site's still set to the Havanah sessions. I expect Theirry will > have an update soon so that you can submit for Icehouse. Indeed, the Design Summit proposals are not open yet. We need to make progress in the PTLs discussion about scheduling first. To avoid confusion I took down the Havana design summit site for the moment. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Minutes from the Technical Committee meeting (July 30)
The OpenStack Technical Committee ("TC") met in #openstack-meeting at
20:00 UTC last Tuesday.
Here is a quick summary of the outcome of this meeting:
* The Devstack effort was accepted as a Program, with the following
mission statement:
"""
To provide an installation of OpenStack from git repository master, or
specific branches, suitable for development and operational testing. It
also attempts to document the process and provide examples of command
line usage.
"""
See details and full logs at:
http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-07-30-20.02.html
More information on the Technical Committee at:
http://wiki.openstack.org/Governance/TechnicalCommittee
--
Thierry Carrez (ttx)
Chair, OpenStack Technical Committee
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Long lag in mailing list
Sean Dague wrote: > On 07/31/2013 09:32 PM, Jeremy Stanley wrote: >> On 2013-07-31 11:51:42 +0900 (+0900), Jake G. wrote: >>> I have noticed it sometimes takes an hour or more for some of my >>> messages to get sent out from the new mailing list address. Anyone >>> else notice this? >> >> The list server wasn't sufficiently tuned for the substantial >> subscriber base of the migrated list. Queue settings are being >> tweaked to chew through the delivery backlog and get things back on >> track, so hopefully should be much quicker soon. > > Great! It was very jarring to see my responses to questions from > yesterday morning only land this morning. :) The 3-hour lag is now down to 20 minutes. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Minutes from the Technical Committee meeting (August 6)
The OpenStack Technical Committee ("TC") met in #openstack-meeting at
20:00 UTC yesterday.
Here is a quick summary of the outcome of this meeting:
* Release cycle management (which includes dev cycle coordination,
stable branch maintenance and vulnerability management) was accepted as
a Program, with the following mission statement:
"""
To organize the release cycle and the work necessary to produce
coordinated releases of the integrated components of OpenStack. To
collect bugfix backports and produce stable point releases for the
previously-released branch. To coordinate the publication of security
patches and advisories (OSSA) for security-supported branches.
"""
* Trove project scope (currently in incubation) was expanded to allow
the provisioning of non-relational databases
See details and full logs at:
http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-08-06-20.01.html
More information on the Technical Committee at:
http://wiki.openstack.org/Governance/TechnicalCommittee
--
Thierry Carrez (ttx)
Chair, OpenStack Technical Committee
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-022] Swift Denial of Service using superfluous object tombstones (CVE-2013-4155)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-022 CVE: CVE-2013-4155 Date: August 7, 2013 Title: Swift Denial of Service using superfluous object tombstones Reporter: Peter Portante (Red Hat) Products: Swift Affects: All versions Description: Peter Portante from Red Hat reported a vulnerability in Swift. By issuing requests with an old X-Timestamp value, an authenticated attacker can fill an object server with superfluous object tombstones, which may significantly slow down subsequent requests to that object server, facilitating a Denial of Service attack against Swift clusters. Havana (development branch) fix: https://review.openstack.org/40643 Grizzly fix: https://review.openstack.org/40645 Folsom fix: https://review.openstack.org/40646 Note: The havana fix will be included in the upcoming Swift 1.9.1 release. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4155 https://bugs.launchpad.net/swift/+bug/1196932 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSAmwaAAoJEFB6+JAlsQQjgbEP/2hCZIRuMQoMPCcPg1LzA2PR BIOGBII7jXTjc/ku5/E29kTL2GwtiHC6PLezXdlGQFcLdJV4wi8Tq4OtVwFDEhHz 8wIhFVzKyPP1N9kktWH80PXhYUVECffuhL3+GKGcIMkz8+BPUj5EKeEHAZpkVw+S bu37N3IB5kpBN2riNBo+7BciKK81fXvJh5QH9T10pee6VrQMYk+fyAITPD91Ft1S ramVEM+L9m0n4oDXSg9bTuKdACPxNqR1ftn3AIS2xJFNz0jeECuI6bV/6MPpCtds 0bVDjgZfidz3LDvY/1LsUKGSAkcVViWCxYqYgZYFnnnGKgopPcvOzGXM2zZ5EHMa ypciysUSJ/HC4jQpmqNBmHbaHHaWIhO5krVC4Soh2Kj4gA5YgUFi2ybKkKo/RLpm THHjgo8bfCVdnVZMt+BjkGGXvNenv3tsE8ByfEKWZ+AGf0CcZGih5ONtRRgLsiew vC4p0haonrHkzWqNusdtXZcEXdEQRmMlCWS0PO+pzSypKgI8I5Pg34IHrNjgk4fa inkSMLxYDTTtHWoeQoczL6MQ0UYrDZmmSlXO4U7FE69I0uMPYt5b0eLWG28YEF3T pe+fbm4qkpMZN11DvduMtswSro1BZq9zJrJLGFG9HdOXN7vrXc0bWVuykh6q31tv w1Tar2ybFkiV+huvn2zb =YWXH -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-023] Denial of Service using XML entities in Nova/Cinder extensions (CVE-2013-4179, CVE-2013-4202)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-023 CVE: CVE-2013-4179, CVE-2013-4202 Date: August 8, 2013 Title: Denial of Service using XML entities in Nova/Cinder extensions Reporter: Grant Murphy (Red Hat) Products: Nova, Cinder Affects: Grizzly and later Description: Grant Murphy from Red Hat reported that vulnerabilities in XML request parsers were not fully patched in OSSA 2013-004. By leveraging XML entity expansion in specific extensions, an unauthenticated attacker may still consume excessive resources on the Nova (CVE-2013-4179) or Cinder (CVE-2013-4202) API servers, resulting in a denial of service and potentially a crash. Only Nova setups making use of the security group extension in Grizzly are affected. Only Cinder setups making use of the backups or volume transfer API extension in Grizzly are affected. Havana (development branch) fixes: Nova: https://review.openstack.org/40879 Cinder: https://review.openstack.org/40881 Grizzly fixes: Nova: https://review.openstack.org/40880 Cinder: https://review.openstack.org/40883 Note: The Nova and Cinder Grizzly fixes will be included in the upcoming 2013.1.3 stable release. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4202 https://launchpad.net/bugs/1190229 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSA8K6AAoJEFB6+JAlsQQj05EP/Rq9FXVZJCNfXgCBEpeSgrh/ kaglidx9JMqnvxJd92M+KFHZrZgBazwH9ZwsD1i4zs64XP1KH2UbvXzlwfaCb3M0 5/9cbqocyHJAeOFpYPvQCz/TmsHVH7CgftNL474AGixyTXfaH745/zveABNIYhou aEpq3CxHOcNycCuPYj4FgcXZ7lf8Eu7vaVsNhXmk/qgWo+l6N4LYznHf6UxHMnHf fB7+ZcjMCZtfZHO/9LRmROiprHHX9CprWtTZX+RUNjTa38VzyEetXG50zCEIiI/S wsxAUSOA6tremYLeuNXZwRawLdpolzvhEt04GITa7AC8udnjXkvHyA1VUcAtysMT SP5abGWdKMibSVwOmJ6+YLVMMXpTn9ww5LD2yJrcRy+xXyD9k2ofq8VMY9P/DJ2w kEEEQaMtmmqYqoVZc/rLRjBNiGgvD58hxYtLEVMShgbkduAUgfWmBnsZ7zgbzY9X ZDUN3wYkEQk6UZepa4g4mIjTFM0PkqXNoCOl8q7xNpLNYpmbF5rheIeE1HjIglGq hbCWzxDJZtKjvd2MqtYlZGfTgjpPA6tEDC3vto8nfsHQqvZUxv/OKg6KSCIq/6UA wxUD952GPmhImN+UVYiFMuNufufb0EI/EkVsmPJm54siOeq/ZOYvEc44M6K++7ve 3MySqda3xPZMaZn8KTFz =XFeJ -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] 'sudo ovs-vsctl' hit no tty issue
yulin...@dell.com wrote: > I’m developing a Quantum plugin and need to run ‘sudo ovs-vsctl’ command > in my python code. When I run it as a script on Ubuntu, it was OK. > However, if I run it as a background service(process), I hit the > following error: > > **YuLing debug -->line=sudo: no tty present and no askpass program specified You should use the rootwrap to make sudo calls. See other examples in the code where you call execute with run_as_root=True and add the corresponding filter to etc/rootwrap.d. Slightly outdated doc @ https://wiki.openstack.org/wiki/Nova/Rootwrap -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Minutes from the Technical Committee meeting (August 20)
The OpenStack Technical Committee ("TC") met in #openstack-meeting at
20:00 UTC yesterday.
Here is a quick summary of the outcome of this meeting:
* We approved a motion to start using Gerrit in the near future to track
motions and record TC votes. We will still require that motions are
discussed on the development mailing-list for a minimum of 4 business
days, and during at least one Technical Committee IRC meeting.
* Jaromir Coufal and Liz Blanchard were granted exceptional ATC status
for their contributions to the OpenStack Dashboard UX.
See details and full logs at:
http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-08-20-20.01.html
More information on the Technical Committee at:
http://wiki.openstack.org/Governance/TechnicalCommittee
--
Thierry Carrez (ttx)
Chair, OpenStack Technical Committee
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-024] Resource limit circumvention in Nova private flavors (CVE-2013-4278)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-024 CVE: CVE-2013-4278 Date: August 28, 2013 Title: Resource limit circumvention in Nova private flavors Reporter: Ken'ichi Ohmichi (NEC) Products: Nova Affects: All versions Description: Ken'ichi Ohmichi from NEC reported that the fix for OSSA 2013-019 (CVE-2013-2256) was incomplete. Any tenant was still able to boot any other tenant's private flavors by guessing a flavor ID. This potentially allowed circumvention of any resource limits enforced through the os-flavor-access:is_public property. Havana (development branch) fix: https://review.openstack.org/#/c/42922/ Grizzly fix: https://review.openstack.org/#/c/43281/ Folsom fix: https://review.openstack.org/#/c/43296/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4278 https://bugs.launchpad.net/nova/+bug/1212179 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIbBAEBCAAGBQJSHfbsAAoJEFB6+JAlsQQjPUkP9i/41IQPecZ/1V7nsQLPWssp AUgP5tEwEUGVNGaMM6ptaQtQxrLD+aACi7z8zRZgJopHrDptbIckbRikeSxrzsLB eWQxynkFPhcjRQTFZOuoEwDdqYUFCr614uGUmCFomYTBIWEZS3ea5aN7PAO4fd62 6hsOHr6xcj7JcZY1GlVNZBcpWel9rvxcXroPrPqmecyDdSPCuiWj8QNiWQ8Y62Vy ZSOzHjyAWe32sqMSYp3zygdhpX1yacTVf76jDNw+FcLHkqFf4kRX7uJCCPFKNpIk 2nngSjWZEizIkinIc+mzt2vFKt7JMjCJsy7uLKIp9HsJzVN8qH0x6axe3nuMoliC xdzybOzlCfEOU+L1q0fVVAiuTnXqE562mnm7HchHiUpKHJRv+4hWwukOsy2Wv+aD TweNziKwmxYdakhEduql4BJ1/6Mqk+1014Q/uOAyO8iKra8JO9i/ZULvuJgQNIao oXdFCJoKItP+UouaZ4PrRwilwWgVu4rsRWL1STcHgnHorFrCJQ0iO/W9ofn+ft4z R2q3tBpJDaeorM2D/Q2VkzYvUzAEAa+BCh1CRxMCVIMh6VmSv40TzczmgrdSRUVj 7cKaxc0xiLiPOoYorWuL0A7RPkadOMk9SihmakX70UR5NyfoqdOoAYnl8xcKNaD8 MlxVcQfdPQMWbw6UltQ= =DGPB -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Ironic release date?
Jake G. wrote: > I have been unable to get the nova baremetal driver to work to save my life, > so I was wondering when Ironic is expected to be released? Ironic is still very much in incubation at this point. I'll let devananda answer more precisely, but at this point I expect a first usable release by the end of the Icehouse cycle (April 2014) and full integration in OpenStack common release by the end of the J cycle (October 2014). -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Minutes from the Technical Committee meeting (Sept 3)
The OpenStack Technical Committee ("TC") met in #openstack-meeting at
20:00 UTC yesterday.
Here is a quick summary of the outcome of this meeting:
* The Marconi project (queue service) was approved for incubation during
the Icehouse cycle
* The Trove project (database as a service) graduated from incubation
and will be part of the OpenStack Icehouse integrated release in Spring
2014.
See details and full logs at:
http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-09-03-20.01.html
More information on the Technical Committee at:
http://wiki.openstack.org/Governance/TechnicalCommittee
--
Thierry Carrez (ttx)
Chair, OpenStack Technical Committee
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Havana-3 development milestone available
Hi everyone, The last milestone in the Havana development cycle, "havana-3" is now available for Keystone, Glance, Nova, Horizon, Neutron, Cinder, Ceilometer, and Heat. In the last 7 weeks, more than 200 features were added and more than 750 bugs fixed (!). You can see the full list of new features and fixed bugs, as well as tarball downloads, at: https://launchpad.net/keystone/havana/havana-3 https://launchpad.net/glance/havana/havana-3 https://launchpad.net/nova/havana/havana-3 https://launchpad.net/horizon/havana/havana-3 https://launchpad.net/neutron/havana/havana-3 https://launchpad.net/cinder/havana/havana-3 https://launchpad.net/ceilometer/havana/havana-3 https://launchpad.net/heat/havana/havana-3 This milestone is nearly feature-complete. A few exceptions should land next week, but those projects are otherwise feature-frozen in preparation of the first Havana release candidate. We should now all switch to testing and bugfixing mode for the next weeks, and make Havana as bug-free as we can. The release-critical bugs will be tracked on the havana-rc1 milestone pages. Once all those bugs are fixed and the first release candidates are out, the next development cycle (Icehouse) will start. Final coordinated release is expected on October 17th. More information on the OpenStack development cycle can be found at: https://wiki.openstack.org/wiki/Release_Cycle Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [OpenStack] Links to summit sessions
John Griffith wrote: > Not sure if I'm missing something but... I've had a number of people ask > me "what happened to the links to the summit sessions". It seems that > if you try and go to a link for a session it just redirects back to the > main page. Even from there if you search and find the session topic and > click, it seems to again redirect back to main page. Do you mean design summit sessions, or summit (conference) presentations ? Direct links to design summit sessions seem to work alright: http://summit.openstack.org/cfp/details/1 -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Fwd: Making the Hong Kong Summit as inclusive as possible
David Mortman wrote: > Given the recent and ongoing issues with sexism (not to mention racism, > homophobia and general bigotry) at tech conferences, I recently engaged > with several folks on twitter about what was being done to make sure > that the Hong Kong Summit was as inclusive as possible regardless of an > attendee's age, sex, orientation, race or anything else. I think a good > place to start would be an official anti-harassment policy and a > process for people to report issues to the event organizers who can then > deal with the issue appropriately. I am happy to help with the drafting > of both the policy and the process. What do folks think? FWIW the summit already has a minimal policy and reporting guidelines (see at the bottom of http://www.openstack.org/summit/openstack-summit-hong-kong-2013/): """ Reminder: Be Excellent Be excellent to everyone. If you think someone is not being excellent to you at the OpenStack Summit call or email . """ -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Fwd: Making the Hong Kong Summit as inclusive as possible
Eric Windisch wrote: > Are Bill & Ted really our patrons of anti-harassment? We need something > more substantial than a Bill & Ted quote. Party on! I'm not saying what we have is sufficient. I'm just accurately describing the current state. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-025] Token revocation failure using Keystone memcache/KVS backends (CVE-2013-4294)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-025 CVE: CVE-2013-4294 Date: September 11, 2013 Title: Token revocation failure using Keystone memcache/KVS backends Reporter: Kieran Spear (University of Melbourne) Products: Keystone Affects: Folsom, Grizzly Description: Kieran Spear from the University of Melbourne reported a vulnerability in Keystone memcache and KVS token backends. The PKI token revocation lists stored the entire token instead of the token ID, triggering comparison failures, ultimately resulting in revoked PKI tokens still being considered valid. Only Folsom and Grizzly Keystone setups making use of PKI tokens with the memcache or KVS token backends are affected. Havana setups, setups using UUID tokens, or setups using PKI tokens with the SQL token backend are all unaffected. Grizzly fix: https://review.openstack.org/#/c/46080/ Folsom fix: https://review.openstack.org/#/c/46079/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4294 https://bugs.launchpad.net/keystone/+bug/1202952 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSMI+5AAoJEFB6+JAlsQQj2hAQAI/S5bAv+XrYUaXRBgJxvBz4 xVXdrXl/iA7R9iDIlmaFThOCvw4SCsWB7jBYRv8wAk3V3HZw9jEmC3OoebpCFWNb 1q3an25kroviy8rfZyQIqe9KTrwXRa/jDVlun2EEiw7KyUty/HIAjUCVUXVKBhyh 8Bctn90A/Nt2D5Am3hyofsS5fOjmzwW6b73RCY7CDntduxUtPn6lbUthFESXTCwv lojClZ5X78XnCh2/WJuxKkAEm8EujlNqkIHziGgc3HrForxSc2GKSPzgFbg5eBbt BaDTxFkDHW3EwSK/69b+699e9BvN/vuBxbNa7YW2ANiM1IJ34QHouPk4XULMZIeH cZ4QOBX7MtUhvD1htfTlHQfvb1syqlvul49WVmmsk48CMVW6hArSMQvTVbArUqD0 fN2INqfghZMQCkQIlXE+38J88OOL/S+sq6p8dIn96JxP2tnw4rIs9YclSa9E1Ub0 SIDaWPu7NN+wuY1WN+EzHV0zHI8HYs2HkOlrRW3E02JEm3xcEEmYLCwf+c2mwOee Grick3VlxNuQNBP6bls+NtxCzhUzLVI7nOfaxZyzQtOMLjJPKpip4QKMjzotO3nf +6JNk5766T2f63fsNtw0kltbtm4R+RzKzv29vVsaOh+ba57w7xnpEkAA1oaYyFa+ IHvUVYkOhX3quLUgBkCR =pm0d -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-026] Potential denial of service on Nova when using Qpid (CVE-2013-4261)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-026 CVE: CVE-2013-4261 Date: September 12, 2013 Title: Potential denial of service on Nova when using Qpid Reporter: Jaroslav Henner (Red Hat) Products: Nova Affects: Folsom, Grizzly Description: Jaroslav Henner from Red Hat reported a vulnerability in Nova when using Apache Qpid as the RPC backend. By sending any random text longer than 65K characters to an instance console and requesting the console log contents through the API, an authenticated user may disrupt the nova-compute node his instance is running on. This vulnerability could be leveraged in a Denial of Service attack against the cloud provider. Only Folsom and Grizzly setups using Qpid as their RPC backend are affected. Havana setups, or setups using other RPC backends (like RabbitMQ), are all unaffected. Grizzly fix: https://review.openstack.org/#/c/43303/ Folsom fix: https://review.openstack.org/#/c/45426/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4261 https://bugs.launchpad.net/nova/+bug/1215091 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSMducAAoJEFB6+JAlsQQjYqUP/1ebNaaz+k3DxiRfoNpsbRkV EKJtD/W/6/UkCYUzPNGGZSl1ijp9CEQXh6IL82lTBw82nTbsHc3mt22FgusdU6WZ JH6PevC95PlyNWQYsUGO5GzQ6lb28VjzgYUt36Z2ZatQ4lUGJHv9iZcsIBVYayJy OKPnnt2ztiG62B88Ka1GQx4iyEtU50QCcpZEbWHcX5dIXWfWWfYNEMVU+gIfaxlo sVZH+up2ERKVDH7l/JzhvD4ut1zAoM0sp29/GROJLmzh1dqd9P+QIh5WO4e6VLZp 5y90uMZ03O1lN16IZE0B3r9JBc9ekn7JhJ5YXBvwM+Z3Am1ZlDjUL1ojiZ2aBT9B RnPF/oz4CsuGXjghg0mzPrjJuwR/Z46pg1t92FbVXW94Fxx7VfORLF6ELaDoqoiu nmRUpDQxpg+dYw7OS9lQF10eC2M6S0EwKWzlQlloZGR5/kG9VR4fyhLE1w8+YrRF Gr8pDaF6MJoxZxxb4rRhaDsPaXuUX/QPr0GsMeCy6vfV+yX/Yk99YJoNtar7Z7I+ llslcbaet3C2sONR2EbCD2J03E8/3VztdkG32iVGwxn0LHh2K1o+wfno73w1PW4u DV4LIvbypZgmMEbVzHDkDGs1jOfSzFzDhIsCtgEih53rr2HIsd8AmkWeTPirpXN6 EOmohe9HXVlvPUPcVJNd =zUsw -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Minutes from the Technical Committee meeting (Sept 24)
The OpenStack Technical Committee ("TC") met in #openstack-meeting at
20:00 UTC yesterday.
Here is a quick summary of the outcome of this meeting:
* The Savanna project (data processing service) was approved for
incubation during the Icehouse cycle
See details and full logs at:
http://eavesdrop.openstack.org/meetings/tc/2013/tc.2013-09-24-20.01.html
More information on the Technical Committee at:
http://wiki.openstack.org/Governance/TechnicalCommittee
--
Thierry Carrez (ttx)
Chair, OpenStack Technical Committee
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Keystone] Havana RC1 available
Hello everyone, The first project to publish a release candidate in preparation for the Havana release is Keystone ! Congratulations to the Keystone development team for reaching that milestone first. The RC1 is available for download at: https://launchpad.net/keystone/havana/havana-rc1 Unless release-critical issues are found that warrant a release candidate respin, this RC1 will be formally released as the 2013.2 final version on October 17. You are therefore strongly encouraged to test and validate this tarball. Alternatively, you can directly test the milestone-proposed branch at: https://github.com/openstack/keystone/tree/milestone-proposed If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/keystone/+filebug and tag it *havana-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Keystone is now open for Icehouse development, and feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Glance] Havana RC1 available
Hello everyone, Next in line, we now have a Glance release candidate for the Havana release. The RC1 is available for download at: https://launchpad.net/glance/havana/havana-rc1 Unless release-critical issues are found that warrant a release candidate respin, this RC1 will be formally released as the 2013.2 final version on October 17. You are therefore strongly encouraged to test and validate this tarball. Alternatively, you can directly test the milestone-proposed branch at: https://github.com/openstack/glance/tree/milestone-proposed If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/glance/+filebug and tag it *havana-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Glance is now open for Icehouse development, and feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Ceilometer] Havana RC1 available
Hello everyone, Last for today, the Ceilometer first release candidate for the Havana release was just published. 50 bugs were fixed since feature freeze 3 weeks ago. RC1 is available for download at: https://launchpad.net/ceilometer/havana/havana-rc1 Unless release-critical issues are found that warrant a release candidate respin, this RC1 will be formally released as the 2013.2 final version on October 17. You are therefore strongly encouraged to test and validate this tarball. Alternatively, you can directly test the milestone-proposed branch at: https://github.com/openstack/glance/tree/milestone-proposed If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/ceilometer/+filebug and tag it *havana-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Ceilometer is now open for Icehouse development, and feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Ceilometer] Havana RC1 available
Thierry Carrez wrote: > Hello everyone, > > Last for today, the Ceilometer first release candidate for the Havana > release was just published. 50 bugs were fixed since feature freeze 3 > weeks ago. RC1 is available for download at: > > https://launchpad.net/ceilometer/havana/havana-rc1 > > Unless release-critical issues are found that warrant a release > candidate respin, this RC1 will be formally released as the 2013.2 final > version on October 17. You are therefore strongly encouraged to test and > validate this tarball. > > Alternatively, you can directly test the milestone-proposed branch at: > https://github.com/openstack/glance/tree/milestone-proposed Yay copypaste! This should read: https://github.com/openstack/ceilometer/tree/milestone-proposed Cheers, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Nova, Neutron, Heat and Horizon Havana RC1 available
Hello everyone, This morning we've got Nova, Neutron, Heat and Horizon all publishing their first release candidate for the Havana release ! You can download those RC1 tarballs at: https://launchpad.net/nova/havana/havana-rc1 https://launchpad.net/neutron/havana/havana-rc1 https://launchpad.net/heat/havana/havana-rc1 https://launchpad.net/horizon/havana/havana-rc1 Unless release-critical issues are found that warrant a release candidate respin, those RC1s will be formally released as the 2013.2 final version on October 17. You are therefore strongly encouraged to test and validate those tarballs. Alternatively, you can directly test the milestone-proposed branches at: https://github.com/openstack/nova/tree/milestone-proposed https://github.com/openstack/neutron/tree/milestone-proposed https://github.com/openstack/heat/tree/milestone-proposed https://github.com/openstack/horizon/tree/milestone-proposed If you find an issue that could be considered release-critical, please file it against the corresponding project: https://bugs.launchpad.net/nova/+filebug https://bugs.launchpad.net/neutron/+filebug https://bugs.launchpad.net/heat/+filebug https://bugs.launchpad.net/horizon/+filebug and tag it *havana-rc-potential* to bring it to the release crew's attention. Note that the "master" branches of Nova, Neutron, Heat and Horizon are now open for Icehouse development, and feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Cinder] Havana RC1 available
Hello everyone, The Cinder first release candidate for the Havana release was just published. 109 bugs were fixed since feature freeze ! This RC1 is available for download at: https://launchpad.net/cinder/havana/havana-rc1 Unless release-critical issues are found that warrant a release candidate respin, this RC1 will be formally released as the 2013.2 final version on October 17. You are therefore strongly encouraged to test and validate this tarball. Alternatively, you can directly test the milestone-proposed branch at: https://github.com/openstack/cinder/tree/milestone-proposed If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/cinder/+filebug and tag it *havana-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Cinder is now open for Icehouse development, and feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Swift] Havana RC1 (1.10.0-rc1) available
Hello everyone,
The havana release cycle for Swift already saw the releases of the 1.9.0
and 1.9.1 versions. The final coordinated release for the Havana cycle
shall include Swift 1.10.0. We now have a Swift release candidate for this:
https://launchpad.net/swift/havana/1.10.0-rc1
Unless release-critical issues are found that warrant a release
candidate respin, this RC1 will be formally released as the 1.10.0
("havana") final version on October 17. You are therefore strongly
encouraged to test and validate this tarball.
Alternatively, you can directly test the milestone-proposed branch at:
https://github.com/openstack/swift/tree/milestone-proposed
If you find an issue that could be considered release-critical, please
file it at:
https://bugs.launchpad.net/swift/+filebug
and tag it *havana-rc-potential* to bring it to the release crew's
attention.
Note that the "master" branch of Swift is now open for Icehouse
development.
Regards,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [All] Summit Session Proposal Voting
Maish Saidel-Keesing wrote: > CFP is upon us, and thereafter will be a period of voting for the sessions. > > What is the purpose of the voting period? Is it for the Foundation to > gauge what sessions are more popular? > How is this measured? > What weight does the popularity have in deciding if a session is > accepted or not? My understanding is that each conference track has a chair (or group of people) responsible for selecting the talks, and that the voting helps them select popular talks. It's not the only criteria they follow though (otherwise you would end up with 12 Docker talks). (disclaimer: I have never been a track chair so I only speculate on the process they follow) -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] OpenStack "L" naming poll
Hi everyone, As you may know, OpenStack development cycles and releases are named after cities or landmarks placed near where the corresponding design summit will happen. We'd like your help again in selecting the right name for the development cycle and release coming after "Kilo". Our next summit will happen in Vancouver, BC (Canada) in May. L candidate names were proposed, selected and checked for various issues... leaving 4 candidates on the final public poll. Please take a moment to participate to our poll: https://www.surveymonkey.com/r/openstack-l-naming and order the 4 candidates in your personal order of preference! You can find a quick rationale behind each name at: https://wiki.openstack.org/wiki/Release_Naming The poll closes Tuesday, February 10th at 19:59 UTC (just before the TC IRC meeting where the results will be proclaimed). Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] OpenStack "L" naming poll
Thierry Carrez wrote: > The poll closes Tuesday, February 10th at 19:59 UTC (just before the TC > IRC meeting where the results will be proclaimed). I failed to follow up officially on the results. This ended up being an extremely close call between Liberty and Lizard, but in the end "Liberty" wins (with 740 people preferring it over Lizard, against 734 people preferring Lizard over Liberty). I actually had to feed the ballots to a proper Condorcet poll to get the final result: http://civs.cs.cornell.edu/cgi-bin/results.pl?id=E_dc5ea66e94acc07a So the development cycle starting in May 2015, after the Kilo cycle completed, will be called "Liberty"! Thanks to all the 1474 voters who took the time to register their personal preference. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [OpenStack] no irc log for #openstack-nova?
Huangkun (Gareth) wrote: > Hi > > I didn't find irc logs for #openstack-nova at > http://eavesdrop.openstack.org/irclogs/ > > at some other place? It is not logged currently. Change was proposed though: https://review.openstack.org/#/c/156979/ If the new IRC policy[1] is approved by the Technical Committee, we'll be able to rely on logging being present in any OpenStack IRC channel. [1] https://review.openstack.org/#/c/159930/ -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Heat] Kilo RC1 available
Hello everyone, Heat is the first project to produce a release candidate for the Kilo release! The RC1 tarball, as well as a list of last-minute features and fixed bugs since kilo-3 are available at: https://launchpad.net/heat/kilo/kilo-rc1 Unless release-critical issues are found that warrant a release candidate respin, this RC1 will be formally released as the 2015.1.0 final version on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the proposed/kilo branch at: https://github.com/openstack/heat/tree/proposed/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/heat/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Heat is now open for Liberty development, and feature freeze restrictions no longer apply there ! Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Keystone] Kilo RC1 available
Hello everyone, Second to pass the kilo release candidate post is Keystone ! The RC1 tarball, as well as a list of last-minute features and fixed bugs since kilo-3 are available at: https://launchpad.net/keystone/kilo/kilo-rc1 Unless release-critical issues are found that warrant a release candidate respin, this RC1 will be formally released as the 2015.1.0 final version on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the proposed/kilo branch at: https://github.com/openstack/keystone/tree/proposed/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/keystone/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Keystone is now open for Liberty development, and feature freeze restrictions no longer apply there ! Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Cinder] [Sahara] Kilo RC1 available
Hello everyone, Next to each the release candidate stage, we have Cinder and Sahara. Their RC1 tarballs, as well as a lists of last-minute features and fixed bugs since kilo-3 are available at: https://launchpad.net/cinder/kilo/kilo-rc1 https://launchpad.net/sahara/kilo/kilo-rc1 Unless release-critical issues are found that warrant a release candidate respin, these RC1 will be formally released as the 2015.1.0 final version on April 30. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the proposed/kilo branches at: https://github.com/openstack/cinder/tree/proposed/kilo https://github.com/openstack/sahara/tree/proposed/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/cinder/+filebug or https://bugs.launchpad.net/sahara/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Note that the "master" branches of Cinder and Sahara are now open for Liberty development, and feature freeze restrictions no longer apply there ! Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Neutron] [Ceilometer] Kilo RC1 available
Hello everyone, It's Neutron and Ceilometer's turn to reach the release candidate stage. Their RC1 tarballs, as well as a lists of last-minute features and fixed bugs since kilo-3 are available at: https://launchpad.net/neutron/kilo/kilo-rc1 https://launchpad.net/ceilometer/kilo/kilo-rc1 Unless release-critical issues are found that warrant a release candidate respin, these RC1 will be formally released as the 2015.1.0 final version on April 30. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the proposed/kilo branches at: https://github.com/openstack/neutron/tree/proposed/kilo https://github.com/openstack/neutron-fwaas/tree/proposed/kilo https://github.com/openstack/neutron-lbaas/tree/proposed/kilo https://github.com/openstack/neutron-vpnaas/tree/proposed/kilo https://github.com/openstack/ceilometer/tree/proposed/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/neutron/+filebug or https://bugs.launchpad.net/ceilometer/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Note that the "master" branches of Neutron and Ceilometer are now open for Liberty development, and feature freeze restrictions no longer apply there ! Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [ironic] Kilo RC1 available
Hello everyone, It's Ironic turn to produce a release candidate. The RC1 tarball, as well as a list of last-minute features and fixed bugs since kilo-3 are available at: https://launchpad.net/ironic/kilo/kilo-rc1 Unless release-critical issues are found that warrant a release candidate respin, this RC1 will be formally released as the 2015.1.0 final version on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the proposed/kilo branch at: https://github.com/openstack/ironic/tree/proposed/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/ironic/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Ironic is now open for Liberty development, and feature freeze restrictions no longer apply there ! Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Horizon] Kilo RC1 available
Hello everyone, Almost there... Horizon just published its first release candidate for Kilo. The RC1 tarball, as well as a list of last-minute features and fixed bugs since kilo-3 are available at: https://launchpad.net/horizon/kilo/kilo-rc1 Unless release-critical issues are found that warrant a release candidate respin, this RC1 will be formally released as the 2015.1.0 final version on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the proposed/kilo branch at: https://github.com/openstack/horizon/tree/proposed/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/horizon/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Horizon is now open for Liberty development, and feature freeze restrictions no longer apply there ! Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Swift] Kilo RC1 available
Hello everyone, Last RC1 (but not least), Swift just published its release candidate for Kilo. The 2.3.0 RC1 tarball is available for download at: https://launchpad.net/swift/kilo/2.3.0-rc1 Unless release-critical issues are found that warrant a release candidate respin, this tarball will be formally released as the Swift 2.3.0 final "Kilo" version on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the proposed/kilo branch at: https://github.com/openstack/swift/tree/proposed/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/swift/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Swift] Kilo RC2 available
Hello everyone, Swift was last to RC1, but they are first in the RC2 race :) Due to release-critical issues spotted in RC1 testing, a new release candidate was created for Kilo. The 2.3.0 RC2 tarball is available for download at: https://launchpad.net/swift/kilo/2.3.0-rc2 Unless release-critical issues are found that warrant a release candidate respin, this tarball will be formally released as the Swift 2.3.0 final "Kilo" version on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the stable/kilo branch at: https://github.com/openstack/swift/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/swift/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Nova][Sahara][Heat] Kilo RC2 available
Hello everyone, Due to release-critical issues spotted in Nova, Sahara and Heat during RC1 testing, new release candidates were created for Kilo. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/nova/kilo/kilo-rc2 https://launchpad.net/nova/sahara/kilo-rc2 https://launchpad.net/nova/heat/kilo-rc2 Unless new release-critical issues are found that warrant a release candidate respin, these tarballs will be formally released as the final "Kilo" versions on April 30. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/kilo branches at: https://github.com/openstack/nova/tree/stable/kilo https://github.com/openstack/sahara/tree/stable/kilo https://github.com/openstack/heat/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/nova/+filebug https://bugs.launchpad.net/sahara/+filebug https://bugs.launchpad.net/heat/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Trove] Kilo RC2 available
Hello everyone, Due to release-critical issues spotted in Trove during RC1 testing, a new release candidate was created for Kilo. The list of RC2 fixes, as well as the RC2 tarball are available at: https://launchpad.net/trove/kilo/kilo-rc2 Unless new release-critical issues are found that warrant a release candidate respin, this tarball will be formally released as the final "Kilo" versions on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the stable/kilo branch at: https://github.com/openstack/trove/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/trove/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Neutron][Keystone] Kilo RC2 available
Hello everyone, Due to release-critical issues spotted in Neutron and Keystone during RC1 testing, new release candidates were created for Kilo. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/neutron/kilo/kilo-rc2 https://launchpad.net/keystone/sahara/kilo-rc2 Unless new release-critical issues are found that warrant a release candidate respin, these tarballs will be formally released as the final "Kilo" versions on April 30. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/kilo branches at: https://github.com/openstack/neutron/tree/stable/kilo https://github.com/openstack/keystone/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/neutron/+filebug https://bugs.launchpad.net/keystone/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Ironic] Kilo RC2 available
Hello everyone, Due to release-critical issues spotted in Ironic during RC1 testing, a new release candidate was created for Kilo. The list of RC2 fixes, as well as the RC2 tarball are available at: https://launchpad.net/ironic/kilo/kilo-rc2 Unless new release-critical issues are found that warrant a release candidate respin, this tarball will be formally released as the final "Kilo" versions on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the stable/kilo branch at: https://github.com/openstack/ironic/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/ironic/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Ceilometer] Kilo RC2 available
Hello everyone, Due to release-critical issues spotted in Ceilometer during RC1 testing, a new release candidate was created for Kilo. The list of RC2 fixes, as well as the RC2 tarball are available at: https://launchpad.net/ceilometer/kilo/kilo-rc2 Unless new release-critical issues are found that warrant a release candidate respin, this tarball will be formally released as the final "Kilo" versions on April 30. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the stable/kilo branch at: https://github.com/openstack/ceilometer/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/ceilometer/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Glance][Horizon][Cinder] Kilo RC2 available
Hello everyone, Due to release-critical issues spotted in Glance, Horizon and Cinder during RC1 testing, new release candidates were created for Kilo. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/glance/kilo/kilo-rc2 https://launchpad.net/horizon/kilo/kilo-rc2 https://launchpad.net/cinder/kilo/kilo-rc2 Unless new release-critical issues are found that warrant a release candidate respin, these tarballs will be formally released as the final "Kilo" versions on April 30. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/kilo branches at: https://github.com/openstack/glance/tree/stable/kilo https://github.com/openstack/horizon/tree/stable/kilo https://github.com/openstack/cinder/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/glance/+filebug or https://bugs.launchpad.net/horizon/+filebug or https://bugs.launchpad.net/cinder/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Neutron] Kilo RC3 available
Hello everyone, Due to a security issue (bug 1447883) discovered in RC2 testing, a new Neutron release candidate was just created for Kilo. The list of RC3 last-minute fixes, as well as the RC3 tarballs are available at: https://launchpad.net/neutron/kilo/kilo-rc3 At this late stage, these tarballs are very likely to be formally released as the final "Kilo" version on April 30. You are therefore strongly encouraged to test and validate them ! Alternatively, you can directly test the stable/kilo branches at: https://github.com/openstack/neutron/tree/stable/kilo https://github.com/openstack/neutron-fwaas/tree/stable/kilo https://github.com/openstack/neutron-lbaas/tree/stable/kilo https://github.com/openstack/neutron-vpnaas/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/neutron/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Nova] Kilo RC3 available
Hello everyone, Due to a critical upgrade issue (bug 1448075) discovered in RC2 testing, a new Nova release candidate was just created for Kilo. The list of RC3 last-minute fixes, as well as the RC3 tarball are available at: https://launchpad.net/nova/kilo/kilo-rc3 At this late stage, this tarball is very likely to be formally released as the final "Kilo" version on April 30. You are therefore strongly encouraged to test and validate it ! Alternatively, you can directly test the stable/kilo branch at: https://github.com/openstack/nova/tree/stable/kilo If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/nova/+filebug and tag it *kilo-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] OpenStack 2015.1.0 ("Kilo") is released !
Hello everyone, I'm delighted to announce the final release of OpenStack 2015.1.0, code-named "Kilo". This concludes the 6-month Kilo development cycle, which saw the completion of more than 400 features and the fixing of more than 3300 bugs (only considering the 12 projects that make up this release !). In the name of all the contributors to this release, the OpenStack Technical Committee would like to dedicate it to the loving memory of Chris Yeoh, who passed away from cancer earlier this month. Chris was a long time and prolific open source developer, most recently with IBM. He contributed significantly to the OpenStack project, most notably in the Nova project team. His community spirit, technical contributions and friendship will be missed. You can find source tarballs, together with complete lists of features and bugfixes for each project, at the following links: Compute (Nova): https://launchpad.net/nova/kilo/2015.1.0 Object Storage (Swift): https://launchpad.net/swift/kilo/2.3.0 Image Service (Glance): https://launchpad.net/glance/kilo/2015.1.0 Networking (Neutron): https://launchpad.net/neutron/kilo/2015.1.0 Block Storage (Cinder): https://launchpad.net/cinder/kilo/2015.1.0 Identity (Keystone): https://launchpad.net/keystone/kilo/2015.1.0 Dashboard (Horizon): https://launchpad.net/horizon/kilo/2015.1.0 Telemetry (Ceilometer): https://launchpad.net/ceilometer/kilo/2015.1.0 Orchestration (Heat): https://launchpad.net/heat/kilo/2015.1.0 Database Service (Trove): https://launchpad.net/trove/kilo/2015.1.0 Data Processing (Sahara): https://launchpad.net/sahara/kilo/2015.1.0 Bare metal (Ironic): https://launchpad.net/ironic/kilo/2015.1.0 The Kilo Release Notes wikipage contains an overview of the key features, as well as upgrade notes and current lists of known issues. You can access them at: https://wiki.openstack.org/wiki/ReleaseNotes/Kilo Thanks again to all the individuals who contributed to this development cycle and helped in making this release a success ! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Data from the OpenStack Dashboard for MSR Conference
Jesus M. Gonzalez-Barahona wrote: > [...] > Do you agree that we use the OpenStack data, and would you nominate some > person(s) from your community that could collaborate, as stated above? The data is collected from public activity so it's certainly OK to reuse in the data mining challenge. Is anyone interested in leading that from the OpenStack community side ? -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [release] Release announcements convergence
Hi everyone, Release announcements in OpenStack come in various forms and shapes. So far we had: - Integrated release "service" components being announced on openstack-announce and openstack general lists. - Other "service" components sometimes being announced on openstack-dev - Oslo libraries being announced on openstack-dev - Other libraries sometimes being announced on openstack-announce, sometimes on openstack-dev, sometimes not at all With the move out of the "integrated release" we'd like to streamline release announcements and make them *all* converge to openstack-announce. The release management team proposes to push all announcements (services, libraries that they release, etc) to openstack-announce, with reply-to: set to openstack-dev (in case the announce generates a thread, it will happen on openstack-dev and not on the moderated "announce" list). Teams with deliverables that are not released by the release management team are encouraged to publish their release announcements on openstack-announce (their email there will be moderated through as long as it's a release of an "openstack" project). In summary, if you're not yet subscribed to -announce and would like to be the first to know when something is released in the OpenStack world, now would be a good time to do so. openstack-announce is very low traffic, you should expect less than 12 emails per week on average. Comments ? -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [openstack-dev] [Openstack-operators] Rescinding the M name decision
Adam Lawson wrote: > The alternative of course is to just number the releases since names > ultimately don't mean anything but it seems there are problems with that > level of simplicity. I personally prefer Tristan's suggestion to keep it > as simple as possible. In a few years we'll run out of letters anyway. Part of the confusion here is that we are not naming "releases". We are naming release *cycles*. We are giving a name to a period of time, basically. In that period of time, various version numbers for various components will be released. Saying "Glance 12.0.0 was released in OpenStack 13 cycle" is not really helping. We won't run out of letters, because the names can cycle back to A (potentially using a new theme, away from "geographic features near where the corresponding design summit happened"). So while we could technically name a release cycle "14", I feel it's a bit more difficult to rally around a number than a name. Also, numbers wouldn't really solve the perceived issues with names: numbers happen to also be culturally meaningful. You don't have a 13th floor in many US buildings. In China, building miss the 4th floor instead. 9 is feared in Japan. And don't talk about 39 to Afghans. I think "growing up" is accepting the pain that comes with picking a good name, rather than sidestepping the issue. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] will there be any more ATC code
V.Mock wrote: > I was just wondering whether all the ATC codes for Tokyo have been given > out already? would there be any chance to receive ATC code at this point? We usually do a last run of invites for late contributors as we near the liberty-3 milestone. Please stay put ! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Keystone] [Manila] Liberty RC1 available
Hello everyone, Manila and Keystone are the first projects to produce a release candidate for the end of the Liberty cycle! The RC1 tarballs, as well as a list of last-minute features and fixed bugs since liberty-1 are available at: https://launchpad.net/manila/liberty/liberty-rc1 https://launchpad.net/keystone/liberty/liberty-rc1 Unless release-critical issues are found that warrant a release candidate respin, these RC1s will be formally released as final versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty release branch at: http://git.openstack.org/cgit/openstack/manila/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/keystone/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/manila/+filebug or https://bugs.launchpad.net/keystone/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Note that the "master" branch of Manila and Keystone are now open for Mitaka development, and feature freeze restrictions no longer apply there ! Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Heat] [Zaqar] Liberty RC1 available
Hello everyone, Heat and Zaqar just produced their first release candidate for the end of the Liberty cycle. The RC1 tarballs, as well as a list of last-minute features and fixed bugs since liberty-1 are available at: https://launchpad.net/heat/liberty/liberty-rc1 https://launchpad.net/zaqar/liberty/liberty-rc1 Unless release-critical issues are found that warrant a release candidate respin, these RC1s will be formally released as final versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty release branch at: http://git.openstack.org/cgit/openstack/heat/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/zaqar/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/heat/+filebug or https://bugs.launchpad.net/zaqar/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Note that the "master" branches of Heat and Zaqar are now officially open for Mitaka development, so feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Cinder] [Designate] Liberty RC1 available
Hello everyone, Cinder and Designate just produced their first release candidate for the end of the Liberty cycle. The RC1 tarballs, as well as a list of last-minute features and fixed bugs since liberty-1 are available at: https://launchpad.net/cinder/liberty/liberty-rc1 https://launchpad.net/designate/liberty/liberty-rc1 Unless release-critical issues are found that warrant a release candidate respin, these RC1s will be formally released as final versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty release branch at: http://git.openstack.org/cgit/openstack/cinder/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/designate/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/cinder/+filebug or https://bugs.launchpad.net/designate/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Note that the "master" branches of Cinder and Designate are now officially open for Mitaka development, so feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Nova] [Trove] Liberty RC1 available
Hello everyone, Nova and Trove just produced their first release candidate for the end of the Liberty cycle. The RC1 tarballs, as well as a list of last-minute features and fixed bugs since liberty-1 are available at: https://launchpad.net/nova/liberty/liberty-rc1 https://launchpad.net/trove/liberty/liberty-rc1 Unless release-critical issues are found that warrant a release candidate respin, these RC1s will be formally released as final versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty release branch at: http://git.openstack.org/cgit/openstack/nova/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/trove/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/nova/+filebug or https://bugs.launchpad.net/trove/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Note that the "master" branches of Nova and Trove are now officially open for Mitaka development, so feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Neutron] [Ceilometer] Liberty RC1 available
Hello everyone, Ceilometer and Neutron just produced their first release candidate for the end of the Liberty cycle. The RC1 tarballs, as well as a list of last-minute features and fixed bugs since liberty-1 are available at: https://launchpad.net/ceilometer/liberty/liberty-rc1 https://launchpad.net/neutron/liberty/liberty-rc1 Unless release-critical issues are found that warrant a release candidate respin, these RC1s will be formally released as final versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty release branch at: http://git.openstack.org/cgit/openstack/ceilometer/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/neutron/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/ceilometer/+filebug or https://bugs.launchpad.net/neutron/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Note that the "master" branches of Ceilometer and Neutron are now officially open for Mitaka development, so feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Glance] [Horizon] [Sahara] [Barbican] Liberty RC1 available
Hello everyone, Last for this week, Glance, Horizon, Sahara, and Barbican just produced their first release candidate for the end of the Liberty cycle. The RC1 tarballs, as well as a list of last-minute features and fixed bugs since liberty-1 are available at: https://launchpad.net/glance/liberty/liberty-rc1 https://launchpad.net/horizon/liberty/liberty-rc1 https://launchpad.net/sahara/liberty/liberty-rc1 https://launchpad.net/barbican/liberty/liberty-rc1 Unless release-critical issues are found that warrant a release candidate respin, these RC1s will be formally released as final versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty release branch at: http://git.openstack.org/cgit/openstack/glance/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/horizon/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/sahara/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/barbican/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/glance/+filebug or https://bugs.launchpad.net/horizon/+filebug or https://bugs.launchpad.net/sahara/+filebug or https://bugs.launchpad.net/barbican/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Note that the "master" branches of Glance, Horizon, Sahara and Barbican are now officially open for Mitaka development, so feature freeze restrictions no longer apply there. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Manila] Liberty RC2 available
Hello everyone, Due to release-critical issues spotted in Manila during RC1 testing, a new release candidate was created for Liberty. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/manila/liberty/liberty-rc2 Unless new release-critical issues are found that warrant a last-minute release candidate respin, this tarball will be formally released as the final "Liberty" version on October 15. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the stable/liberty branch at: http://git.openstack.org/cgit/openstack/manila/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/manila/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Zaqar] Liberty RC2 available
Hello everyone, In order to include last-minute translations updates, a new liberty release candidate was created for Zaqar. RC2 tarballs are available at: https://launchpad.net/zaqar/liberty/liberty-rc2 Unless new release-critical issues are found that warrant a last-minute release candidate respin, this tarball will be formally released as the final "Liberty" version on October 15. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the stable/liberty branch at: http://git.openstack.org/cgit/openstack/zaqar/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/zaqar/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Trove][Barbican] Liberty RC2 available
Hello everyone, Due to release-critical issues spotted in Trove and Barbican during RC1 testing, new release candidates were created for Liberty. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/trove/liberty/liberty-rc2 https://launchpad.net/barbican/liberty/liberty-rc2 Unless new release-critical issues are found that warrant a last-minute release candidate respin, these tarballs will be formally released as final "Liberty" versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty branch at: http://git.openstack.org/cgit/openstack/trove/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/barbican/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/trove/+filebug or https://bugs.launchpad.net/barbican/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Designate][Ceilometer] Liberty RC2 available
Hello everyone, Due to release-critical issues spotted in Designate and Ceilometer during RC1 testing (as well as last-minute translations imports), new release candidates were created for Liberty. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/designate/liberty/liberty-rc2 https://launchpad.net/ceilometer/liberty/liberty-rc2 Unless new release-critical issues are found that warrant a last-minute release candidate respin, these tarballs will be formally released as final "Liberty" versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty branch at: http://git.openstack.org/cgit/openstack/designate/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/ceilometer/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/designate/+filebug or https://bugs.launchpad.net/ceilometer/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Cinder][Keystone] Liberty RC2 available
Hello everyone, Due to release-critical issues spotted in Cinder and Keystone during RC1 testing (as well as last-minute translations imports), new release candidates were created for Liberty. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/cinder/liberty/liberty-rc2 https://launchpad.net/keystone/liberty/liberty-rc2 Unless new release-critical issues are found that warrant a last-minute release candidate respin, these tarballs will be formally released as final "Liberty" versions on October 15. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty branch at: http://git.openstack.org/cgit/openstack/cinder/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/keystone/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/cinder/+filebug or https://bugs.launchpad.net/keystone/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Neutron][Heat] Liberty RC2 available
Hello everyone, Due to a number of release-critical issues spotted in Neutron and Heat during RC1 testing (as well as last-minute translations imports), new release candidates were created for Liberty. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/neutron/liberty/liberty-rc2 https://launchpad.net/heat/liberty/liberty-rc2 Unless new release-critical issues are found that warrant a last-minute release candidate respin, these tarballs will be formally released as final "Liberty" versions in a week. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty branch at: http://git.openstack.org/cgit/openstack/neutron/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/heat/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/neutron/+filebug or https://bugs.launchpad.net/heat/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Horizon] Liberty RC2 available
Hello everyone, In order to include last-minute translations updates and fix a couple of issues, a new liberty release candidate was created for Horizon. RC2 tarballs are available at: https://launchpad.net/horizon/liberty/liberty-rc2 Unless new release-critical issues are found that warrant a last-minute release candidate respin, this tarball will be formally released as the final "Liberty" version on October 15. You are therefore strongly encouraged to test and validate this tarball ! Alternatively, you can directly test the stable/liberty branch at: http://git.openstack.org/cgit/openstack/horizon/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/horizon/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Nova][Glance] Liberty RC2 available
Hello everyone, (Note: Those are the last of the release-candidate respins for common bugs and translations updates. In the coming week leading to final release, only major regressions or significant install/upgrade issues will trigger a release candidate respin.) Due to a number of release-critical issues spotted in Nova and Glance during RC1 testing (as well as last-minute translations imports), new release candidates were created for Liberty. The list of RC2 fixes, as well as RC2 tarballs are available at: https://launchpad.net/nova/liberty/liberty-rc2 https://launchpad.net/glance/liberty/liberty-rc2 Unless new release-critical issues are found that warrant a last-minute release candidate respin, these tarballs will be formally released as final "Liberty" versions in a week. You are therefore strongly encouraged to test and validate these tarballs ! Alternatively, you can directly test the stable/liberty branch at: http://git.openstack.org/cgit/openstack/nova/log/?h=stable/liberty http://git.openstack.org/cgit/openstack/glance/log/?h=stable/liberty If you find an issue that could be considered release-critical, please file it at: https://bugs.launchpad.net/nova/+filebug or https://bugs.launchpad.net/glance/+filebug and tag it *liberty-rc-potential* to bring it to the release crew's attention. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Nova][Cinder][Manila] Liberty RC3 available
Hello everyone, Due to Murphy's law and a mix of not-so-fun dependencies issues, we just respinned a release candidate for Nova, Cinder and Manila. The list of RC3 fixes, as well as RC3 tarballs are available at: https://launchpad.net/nova/liberty/liberty-rc3 https://launchpad.net/cinder/liberty/liberty-rc3 https://launchpad.net/manila/liberty/liberty-rc3 You'll have to walk over my dead body to get a release candidate respin for those at this stage, so these tarballs will likely be formally released as final "Liberty" versions Thursday. Cheers! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Neutron][Glance] Liberty RC3 available
Hello everyone, OK, last ones. Due to release-critical issues combined with recently-discovered dependencies issues, we just respinned a release candidate for Neutron and Glance. The list of RC3 fixes, as well as RC3 tarballs are available at: https://launchpad.net/glance/liberty/liberty-rc3 https://launchpad.net/neutron/liberty/liberty-rc3 Unless hell freezes in the next four hours, these tarballs be formally released as final "Liberty" versions tomorrow. Cheers! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] OpenStack "Liberty" is officially released !
Hello everyone, I'm very pleased to announce the final releases of OpenStack Liberty, which conclude the 6-month Liberty development cycle. This is the first of our "Big Tent" releases, which means that we have a lot more components around. You can find the complete list of already-released Liberty versions at: http://docs.openstack.org/releases/releases/liberty.html The Liberty Release Notes wikipage contains an overview of the key features, as well as upgrade notes and current lists of known issues. You can access them at: https://wiki.openstack.org/wiki/ReleaseNotes/Liberty The OpenStack release management team directly handled a number of services. You can find their source tarballs, together with complete lists of features and bugfixes for each project, at the following links: nova: https://launchpad.net/nova/liberty/12.0.0 swift: https://launchpad.net/swift/liberty/2.5.0 glance: https://launchpad.net/glance/liberty/11.0.0 neutron:https://launchpad.net/neutron/liberty/7.0.0 cinder: https://launchpad.net/cinder/liberty/7.0.0 keystone: https://launchpad.net/keystone/liberty/8.0.0 horizon:https://launchpad.net/horizon/liberty/8.0.0 ceilometer: https://launchpad.net/ceilometer/liberty/5.0.0 heat: https://launchpad.net/heat/liberty/5.0.0 trove: https://launchpad.net/trove/liberty/4.0.0 sahara: https://launchpad.net/sahara/liberty/3.0.0 ironic: https://launchpad.net/ironic/liberty/4.2.0 designate: https://launchpad.net/designate/liberty/1.0.0 zaqar: https://launchpad.net/zaqar/liberty/1.0.0 manila: https://launchpad.net/manila/liberty/1.0.0 barbican: https://launchpad.net/barbican/liberty/1.0.0 Thanks again to all the individuals who contributed to this development cycle and helped in making this release a success ! Our next development cycle, Mitaka, is already started. We'll all gather in Tokyo in 10 days at the Mitaka Design Summit to brainstorm and plan this next cycle. See you there ! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Glance] Havana RC2 available
Hello everyone,
Due to various issues and regressions detected in RC1 testing, we just
created a new Havana release candidate for OpenStack Image Service
("Glance").
You can find the RC2 tarball and the list of fixed bugs at:
https://launchpad.net/glance/havana/havana-rc2
This is hopefully the last Havana release candidate for Glance.
Unless a last-minute release-critical regression is found that warrant
another release candidate respin, this RC2 will be formally included in
the common OpenStack 2013.2 final release next Thursday. You are
therefore strongly encouraged to test and validate this tarball.
Alternatively, you can grab the code at:
https://github.com/openstack/glance/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/glance/+filebug and tag
it *havana-rc-potential* to bring it to the release crew's attention.
Happy regression hunting,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Cinder] Havana RC2 available
Good evening everyone,
Due to various issues detected in RC1 testing, we just created a new
Havana release candidate for OpenStack Block Storage ("Cinder").
You can find the RC2 tarball and the list of fixed bugs at:
https://launchpad.net/cinder/havana/havana-rc2
This is hopefully the last Havana release candidate for Cinder.
Unless a last-minute release-critical regression is found that warrant
another release candidate respin, this RC2 will be formally included in
the common OpenStack 2013.2 final release next Thursday. You are
therefore strongly encouraged to test and validate this tarball.
Alternatively, you can grab the code at:
https://github.com/openstack/cinder/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/cinder/+filebug and tag
it *havana-rc-potential* to bring it to the release crew's attention.
Happy regression hunting,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Nova] [Heat] Havana RC2 available
Happy Saturday everyone,
Due to major issues detected in key features during RC1 testing, we just
published new Havana release candidates for OpenStack Compute ("Nova")
and OpenStack Orchestration ("Heat").
You can find RC2 tarballs and lists of fixed bugs at:
https://launchpad.net/nova/havana/havana-rc2
https://launchpad.net/heat/havana/havana-rc2
This is hopefully the last Havana release candidate for Nova and Heat.
Unless a last-minute release-critical regression is found that warrant
another release candidate respin, those RC2s will be formally included
in the common OpenStack 2013.2 final release Thursday. You are therefore
strongly encouraged to test and validate these tarballs.
Alternatively, you can grab the code at:
https://github.com/openstack/nova/tree/milestone-proposed
https://github.com/openstack/heat/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/nova/+filebug (or
https://bugs.launchpad.net/heat/+filebug if the bug is in Heat) and tag
it *havana-rc-potential* to bring it to the release crew's attention.
Happy regression hunting,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Neutron] Havana RC2 available
Hi,
Probably the last before Monday: due to various issues detected in RC1
testing, we just created a new Havana release candidate for OpenStack
Networking ("Neutron").
You can find the RC2 tarball and the list of fixed bugs at:
https://launchpad.net/neutron/havana/havana-rc2
This is hopefully the last Havana release candidate for Neutron.
Unless a last-minute release-critical regression is found that warrant
another release candidate respin, this RC2 will be formally included in
the common OpenStack 2013.2 final release next Thursday. You are
therefore strongly encouraged to test and validate this tarball.
Alternatively, you can grab the code at:
https://github.com/openstack/neutron/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/neutron/+filebug and tag
it *havana-rc-potential* to bring it to the release crew's attention.
NB: we still have RC2 windows opened for Keystone, Ceilometer and
Horizon. Those should all be published very early next week.
Happy regression hunting,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Ceilometer] Havana RC2 available
Good morning,
Due to various issues detected in RC1 testing, we just created a new
Havana release candidate for OpenStack Metering ("Ceilometer").
You can find the RC2 tarball and see the list of fixed bugs at:
https://launchpad.net/ceilometer/havana/havana-rc2
This is hopefully the last Havana release candidate for Ceilometer.
Unless a last-minute release-critical regression is found that warrant
another release candidate respin, this RC2 will be formally included in
the common OpenStack 2013.2 final release next Thursday. You are
therefore strongly encouraged to test and validate this tarball.
Alternatively, you can grab the code at:
https://github.com/openstack/ceilometer/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/ceilometer/+filebug and tag
it *havana-rc-potential* to bring it to the release crew's attention.
Happy regression hunting,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Keystone] [Horizon] Havana RC2 available
Hi everyone,
Our last two RC2 windows just closed. Due to major issues detected in
key features during RC1 testing, we just published new Havana release
candidates for OpenStack Identity ("Keystone") and OpenStack Dashboard
("Horizon").
You can find RC2 tarballs and lists of fixed bugs at:
https://launchpad.net/keystone/havana/havana-rc2
https://launchpad.net/horizon/havana/havana-rc2
This is hopefully the last Havana release candidate for Keystone and
Horizon. Unless a last-minute release-critical regression is found that
warrant another release candidate respin, those RC2s will be formally
included in the common OpenStack 2013.2 final release Thursday. You are
therefore strongly encouraged to test and validate these tarballs.
Alternatively, you can grab the code at:
https://github.com/openstack/keystone/tree/milestone-proposed
https://github.com/openstack/horizon/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/keystone/+filebug (or
https://bugs.launchpad.net/horizon/+filebug if the bug is in Horizon)
and tag it *havana-rc-potential* to bring it to the release crew's
attention.
Happy regression hunting,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Cinder] Havana RC3 available
Hi everyone,
Two critical issues were discovered in Cinder RC2 testing, including one
that affected the ability to upgrade from a Grizzly setup. We fixed
those issues and published a new Havana release candidate for OpenStack
Block Storage ("Cinder").
You can find the RC3 tarball and the links to fixed bugs at:
https://launchpad.net/cinder/havana/havana-rc3
At this point it is very unlikely that we will release another RC for
Cinder, unless another last-minute release-critical regression is found.
This RC3 should therefore be formally included in the common OpenStack
2013.2 final release tomorrow. Please give this tarball a round of
last-minute sanity checks.
Alternatively, you can grab the code at:
https://github.com/openstack/cinder/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/cinder/+filebug and tag
it *havana-rc-potential* to bring it to the release crew's attention.
Cheers,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Keystone] Havana RC3 available
Hi everyone,
One issue was discovered in Keystone RC2 testing, preventing Heat's
usage of trusts from being usable. We decided to fix this specific issue
pre-release and published a new Havana release candidate for OpenStack
Identity ("Keystone").
You can find the RC3 tarball and a link to the fixed bug at:
https://launchpad.net/keystone/havana/havana-rc3
At this point it is very unlikely that we will release another RC for
Keystone, unless a last-minute release-critical regression is found.
This RC3 should therefore be formally included in the common OpenStack
2013.2 final release tomorrow. Please give this tarball a round of
last-minute sanity checks.
Alternatively, you can grab the code at:
https://github.com/openstack/keystone/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/keystone/+filebug and tag
it *havana-rc-potential* to bring it to the release crew's attention.
Cheers,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Keystone] Havana RC4 available !
What fun would it be without late RCs...
We discovered that Keystone RC3 was still using lazy translations mode,
which could trigger errors in specific locales. Since all the other
projects in 2013.2 disabled this mode, we decided to fix this
pre-release and published a new Havana release candidate for OpenStack
Identity ("Keystone").
You can find the RC4 tarball and a link to the fixed bug at:
https://launchpad.net/keystone/havana/havana-rc4
This RC4 should be formally included in the common OpenStack 2013.2
final release tomorrow. Please give this tarball a round of last-minute
sanity checks.
Alternatively, you can grab the code at:
https://github.com/openstack/keystone/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/keystone/+filebug and tag
it *havana-rc-potential* to bring it to the release crew's attention.
Cheers,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Neutron] Havana RC3 available !
Might be the last this time, if Horizon doesn't respin.
We discovered two issues in Neutron RC2, including one recent regression
with a security impact. We decided to fix these two pre-release and
published a new Havana release candidate for OpenStack Networking
("Neutron").
You can find the RC3 tarball and links to the two fixed bugs at:
https://launchpad.net/neutron/havana/havana-rc3
This RC3 should be formally included in the common OpenStack 2013.2
final release tomorrow. Please give this tarball a round of last-minute
sanity checks.
Alternatively, you can grab the code at:
https://github.com/openstack/neutron/tree/milestone-proposed
If you find a regression that could be considered release-critical,
please file it at https://bugs.launchpad.net/neutron/+filebug and tag
it *havana-rc-potential* to bring it to the release crew's attention.
Cheers,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [Horizon] Havana RC3 available !!
Ad... last but not least, the Horizon respin!
We discovered a critical bug in Horizon RC2, preventing operation of
booted-from-volume instances. We decided to fix this issue pre-release
and published a new Havana release candidate for OpenStack Dashboard
("Horizon").
You can find the RC3 tarball a link to the fixed bug at:
https://launchpad.net/horizon/havana/havana-rc3
This RC3 should be formally included in the common OpenStack 2013.2
final release tomorrow (or is it later today ?). Please give this
tarball a round of last-second sanity checks.
Alternatively, you can grab the code at:
https://github.com/openstack/horizon/tree/milestone-proposed
If you find a regression that could be considered release-critical,
it's probably a bit late to get it fixed at that point. Still, please
file it at https://bugs.launchpad.net/horizon/+filebug and tag
it *havana-rc-potential* so that it's properly documented in our release
notes as a known bug.
Cheers,
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] OpenStack 2013.2 ("Havana") is released !
Hello everyone, It is my great pleasure to announce the final release of OpenStack 2013.2. It marks the end of the "Havana" 6-month-long development cycle, which saw the addition of two integrated components (Ceilometer and Heat), the completion of more than 400 feature blueprints and the fixing of more than 3000 reported bugs ! You can find source tarballs for each integrated project, together with lists of features and bugfixes, at: OpenStack Compute:https://launchpad.net/nova/havana/2013.2 OpenStack Object Storage: https://launchpad.net/swift/havana/1.10.0 OpenStack Image Service: https://launchpad.net/glance/havana/2013.2 OpenStack Networking: https://launchpad.net/neutron/havana/2013.2 OpenStack Block Storage: https://launchpad.net/cinder/havana/2013.2 OpenStack Identity: https://launchpad.net/keystone/havana/2013.2 OpenStack Dashboard: https://launchpad.net/horizon/havana/2013.2 OpenStack Metering: https://launchpad.net/ceilometer/havana/2013.2 OpenStack Orchestration: https://launchpad.net/heat/havana/2013.2 The Havana Release Notes contain an overview of the key features, as well as upgrade notes and current lists of known issues. You can access them at: https://wiki.openstack.org/wiki/ReleaseNotes/Havana In 19 days, our community will gather in Hong-Kong for the OpenStack Summit: 4 days of conference to discuss all things OpenStack and a Design Summit to plan the next 6-month development cycle, codenamed "Icehouse". It's not too late to join us there, see http://www.openstack.org/summit/openstack-summit-hong-kong-2013/ for more details. Congratulations to everyone who contributed to this development cycle and participated in making this awesome release possible ! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Havana release notes in multiple languages
Ying Chun Guo wrote: > OpenStack Havana was released last Thursday. > The release notes describe key new features, known bugs and upgrade tips, > which are the summary of 6-month work and can be used as the > "advertisement". > > I18n team are translating Havana release notes into multiple languages. > We have done the translation in simplified Chinese, Japanese and Korean. > Other languages, e.g. Tradtional Chinese, Portuguese, German, Polish, > and Hindi, > are under processing now. > [...] That's great news! Please be aware that release notes are living creatures though, and some sections (especially the "known bugs" sections) may be updated in the future. I'd advise to subscribe to changes to that page so that further modifications can be translated as well. Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-027] Glance image_download policy not enforced for cached images (CVE-2013-4428)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-027 CVE: CVE-2013-4428 Date: October 22, 2013 Title: Glance image_download policy not enforced for cached images Reporter: Stuart McLaren (HP) Products: Glance Affects: Grizzly, Folsom (and earlier versions) Description: Stuart McLaren from HP reported a vulnerability in Glance download_image policy enforcement in the case of cached images. Deployers may opt to set a download_image policy to restrict image download to specific roles. However, when an image is previously cached by an authorized download, any authenticated user could download image contents if it can determine the image UUID, bypassing any download_image policy restrictions. This could result in disclosure of image contents that were thought to be protected by the download_image policy setting. Only setups making use of the download_image policy are affected. The Havana release (2013.2) is not affected. Grizzly fix (included in 2013.1.4 recent release): https://review.openstack.org/#/c/50103/ Folsom fix: https://review.openstack.org/#/c/50860/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4428 https://bugs.launchpad.net/glance/+bug/1235378 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSZpnsAAoJEFB6+JAlsQQjOpMQAMFKO3bARjWRONmB+MjllfYj VMouesgWTzzuak2PlPHjdfdr0HEzCSUqvaVUKaW2V2+3CogEONs/Wtlrw75WBM0p FqqkFQjlymR/CuB3GtspqkrDGerH4+zOoNE1jzwBZnmvSqunvfKz1jGKEatvMfQh 8rx7oMleUcAv/1+xrk48h+hdqwsjorIgdBkvaUwG/XbssfmYwbXeRYLDyk2zuoI5 tD0YiINQe+fe52HgZfpS9fpENteeUdTd5V2tS+ZhWNUD0b8FzxHvuiaseTSyjlNX brTcFz1ryHJT3Ki3m/lGe3Xg/ZRuN0zl1XM1Y+EJ5BXVcJV6Ee6DxdoMYaDi5Leb QSXeLchkBQxgvxs+Qn8cXlhtYKH7FWtWjsCPKvAJ5XBmtSbyVeiRd24/89PWUMZM UfZ9mBV+AXTaWcN+HyN8xdytXST6wNgPr99IA9/Pcb1dvKLQY4KbdEqnxIGtlvSQ Hh+VtIPYWsDbinpoeensYYLqpAA/e0WTnwU4PfHi/es+ezk6ZCiHbwvHaGPaKvhL uSa/053iJby/bmYu5/vEfqgGrCUOB0sSBVTed1KlF8SmiMMwT7iYgLPUC36FN+io W5CgdbqG+mYKAFpDUBbWI5Ss75QH+SkTCs2kakyybEx2X+MQ89U+X2VFcYEuoiQ6 wJ/pLl8ktLUERbo4uguT =MZ6l -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Promoting the role of +1 reviewers in our community
Daniel P. Berrange wrote: > On Wed, Oct 30, 2013 at 10:08:03AM +1100, Tom Fifield wrote: >> [...] >> I think it's time to bend that focus slightly, and promote the role >> of the +1 reviewers. Every review that a non-core reviewer does >> helps reduce the burden of core reviewers just that little bit. > > It absolutely does, and is much appreciated by us core team > members. > >> Do you see this too? How can we help encourage more +1 reviews? > > It is a tough question. You don't want to put up strict rules since that > is typically counterproductive. Perhaps the biggest carrot to encourage > more +1 reviews, is that it is a stepping stone to becoming a core team > member. eg if you find yourself in the top-10 reviewers on nova for an > extended period of time you'll likely get an invitation to become a > core team member from Russell. Fully agree. You don't really want to see noise +1s from people who did not really look into the proposed change but just want to get whatever carrot would be given to +1 reviewers. > Looking at our wiki page > > https://wiki.openstack.org/wiki/How_To_Contribute#If_you.27re_a_developer > > it is very much focused around that idea that you have to write code or > do code fixes to become involved. It isn't really mentioning contribution > via reviews at all. It merely mentions "learn gerrit" and use it to sign > the CLA. > > Similarly this page > > https://wiki.openstack.org/wiki/Gerrit_Workflow > > only mentions review in the context of what happens to *your* patch. Agreed. The "how to contribute" page was supposed to be completely overhauled anyway -- we should just include reviewing as one of the promoted activities there. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-028] Unintentional role granting with Keystone LDAP backend (CVE-2013-4477)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-028 CVE: CVE-2013-4477 Date: October 30, 2013 Title: Unintentional role granting with Keystone LDAP backend Reporter: The IBM OpenStack test team Products: Keystone Affects: All supported versions Description: The IBM OpenStack test team reported a vulnerability in role change code within the Keystone LDAP backend. When a role on a tenant is removed from a user, and that user doesn't have that role on the tenant, then the user may actually be granted the role on the tenant. A user could use social engineering and leverage that vulnerability to get extra roles granted, or may accidentally be granted extra roles. Only Keystone setups using a LDAP backend are affected. Icehouse (development branch) fix: https://review.openstack.org/53012 Havana fix: https://review.openstack.org/53146 Grizzly fix: https://review.openstack.org/53154 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4477 https://bugs.launchpad.net/keystone/+bug/1242855 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJScTVeAAoJEFB6+JAlsQQjJYkP/Aw7sQEKwKSLPbB/XO03TebK xPiZrBEa4ayO1StiFkVgsWEFYltFpRlq6FwNePenSpT5yb6GzbYaV/AL2UbZYL3N Zs+vVikk5nZENNd0HW5auywVcyC61IjjAVSOdZDrq6tLR3gheBm57TLZeAtmGv1r EHc0SlRiuFlnnFN5Drvcfk3Y0MhcbvGE/wor+vfEXn96/3mqmuA2AZ9i7KpOsZnV pGJMzd/d73JAW/SubhgBfLHmXqlcAhfU3jD9NRwW1wEHBQk/W+D4iZhtqSmSnpjI htcAel/gv85pjmsTH5Cm8jXgEgHye3/B8uKIStzSIAW6hyv5amxTdpPchafqIyLl xDivYmh5p+eZVh13sh6tWw12CIJz5784m5fiqyPh9bZYBZ60CXScO1P/LVb7RN+m dVh7wfQg/kUWH0bj1TX3c8ntcU0+9ve4nVEse0D0X8g9UF8Xp4UJQnMi1DBpHPj1 CcdlAO780ftvmRjn84Zf1CDSNcdesD3e/tpxp+eJJ3fVev10Ga2E6AUVnolm/Pvs a5tLe5gUpsEWVCx++cm8Lb+8ifzIJ55c05fOfvF23AHJ397fiwkZbhSHKj+Lwapt XZIYR0ENw2Xc4m+AMjSXOZuFwOkZ5+C5ZlFVT5L2nezyl1vbg/Mx5w6XWzywBEo9 hmS58i+92JQMbV93nTLH =rkrZ -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-029] Potential Nova denial of service through compressed disk images (CVE-2013-4463, CVE-2013-4469)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenStack Security Advisory: 2013-029 CVE: CVE-2013-4463, CVE-2013-4469 Date: October 31, 2013 Title: Potential Nova denial of service through compressed disk images Reporter: Bernhard M. Wiedemann (SUSE) & Pádraig Brady (Red Hat) Products: Nova Affects: All versions Description: Bernhard M. Wiedemann from SUSE reported a vulnerability in Nova's control of the size of disk images. By using malicious compressed qcow2 disk images, an authenticated user may consume large amounts of disk space for each image, potentially resulting in a Denial of Service attack on Nova compute nodes (CVE-2013-4463). While fixing this issue, Pádraig Brady from Red Hat additionally discovered that OSSA 2013-012 did not fully address CVE-2013-2096 in the non-default case where use_cow_images=False, and malicious qcow images are being transferred from Glance. In that specific case, an authenticated user could still consume large amounts of disk space for each instance using the malicious image, potentially also resulting in a Denial of Service attack on Nova compute nodes (CVE-2013-4469). The provided fixes address both issues. Icehouse (development branch) fix: https://review.openstack.org/54765 Havana fix: https://review.openstack.org/54767 Grizzly fix: https://review.openstack.org/54768 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4469 https://bugs.launchpad.net/nova/+bug/1206081 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJScomUAAoJEFB6+JAlsQQjKf8QALc4olBe4QHSUg+1Zxa2vPSI +w8Mn6g3rU1CgDRnTmIeGMJaDy3ph7yyKbAiEWkv4wa4/HzJ4/fh79fu6C5kl9WN A5wJUyhb1G2lMb1gMylnMoF4G/ei//dplnAqtht+kbiuqmbwhAs+MqMnOVqJwdrJ QJIV7d9wNUD2SVDPMc1GEN9AFKHncuSHmI1UF5JQ1T8t5lhp8lo//0Vh8YiG6bCu l9vvU4jJhuyfY7ehneMt4aLS6rLEMKg0o//yZ48+mBv8/i7WWSn2k+O3o7k3uv5r AOfT7Q9fliQEjnuGvJdQieyGpCWJRvxWUZtApmjnt+yK/QW4w8OvP1S7grrA/hmN HDewR4UVORDCTw1rU9inHu0tWUQ63T1JSdj7jqLfZLuYZXcILn0qS6Wm7yeZqEit SRsA0wbEz22ArfFhJW1FvC80dpeue8KyeKPfsAM5tX70Fa3GubgTf88dXjc8Dpgv xAmbvoF/1c3PmxsBiWG0sj44Sai82C/7YNedIyPdipGx9sX9rLHr1e9ZXmsNHED6 IT468mBedxcal8gNafHRJ/fr1OHVNCkapSOtIzZbHilYkwIFSFbT4VN2cgGstDfw p60O59nc8jzl03vXtJ8Sata567VsxEM3b2g619hJDz8XLBqhmqoQKESqRS/b7veV fP0hzFkhlAIwib9Ybb47 =s1nm -END PGP SIGNATURE- ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Resolutions from the Technical Committee
The OpenStack Technical Committee ("TC") recently adopted the following
resolutions:
* Thierry Carrez was selected as the TC chair for the 6-month Icehouse
session of the TC.
* The TC recommends that the Board of Directors approve the addition (by
the Secretary) of OpenStack Measurements (Ceilometer) and OpenStack
Orchestration (Heat) to the list of the modules in the "Core OpenStack
Project" as defined in Bylaws sections 4.1(b), so that they are clearly
allowed to use "OpenStack" in their names. Please see the complete text
of the TC resolution at [1].
[1]
http://git.openstack.org/cgit/openstack/governance/tree/resolutions/20131106-ceilometer-and-heat-official-names
As a sidenote, on August 20 we decided to start using a git repository
to track TC reference documents and resolutions. This move was completed
so anyone can track TC proposed decisions & votes through Gerrit [3] and
the resulting changes through git.o.o [4].
[3]
https://review.openstack.org/#/q/status:open+project:openstack/governance,n,z
[4] http://git.openstack.org/cgit/openstack/governance/log/
More information on the Technical Committee at:
http://wiki.openstack.org/Governance/TechnicalCommittee
--
Thierry Carrez (ttx)
Chair, OpenStack Technical Committee
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Foundation Board] Resolutions from the Technical Committee
Joshua McKenty wrote: > Thierry, I'll make sure this motion lands on the agenda for discussion > at the next board meeting. I don't see a gerritt entry for that motion, > though - where is the vote recorded? The review is at: https://review.openstack.org/#/c/55375/ The votes also appear on the git notes for the commit: http://git.openstack.org/cgit/openstack/governance/commit/resolutions/20131106-ceilometer-and-heat-official-names?id=493e7c65cfbd3bd75409c84d089f57f4aab88da4 (TC members vote using +2/-2, everyone else can voice their opinion by voting +1/-1) > Since I have grave concerns about the use of the term OpenStack in > relationship to either of these projects (in either of the two forms of > the term "core" that you've referenced), I imagine it will be, as usual, > a lively debate. Agreed :) I personally think that this resolution reflects the current usage on the technical side: we traditionally start calling projects "OpenStack X" once they are integrated (for example, we've been calling Heat "OpenStack Orchestration" in the Havana release announcement). So it is the TC recommendation that this usage is actually allowed. In all cases clarification for that grey area is definitely desirable... for the current projects and to set expectations right for the ones coming up. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Foundation Board] Resolutions from the Technical Committee
Boris Renski wrote: > So if I am interpreting this correctly, we are doing away with the > concept of Core entirely until after the interop work is done? > > Otherwise, I am a bit unclear as to the difference between "integrated" > and "core" at this point? I fear that the term "core" is way too overloaded at this point to be used in any useful context. Like Mark said there are two different trademark concepts, both of which are using the term "core". The first one is: >> 1) *Can* the projects themselves use the word "OpenStack" such as >> "OpenStack Orchestration"? Answer: yes absolutely. This is already a >> done deal and we are already doing it in practice. And its covered >> under the bylaws once they are included in the integrated release by >> TC vote. There is no need for further action. That one is designated as "The Core OpenStack project" in the bylaws, a list maintained by the secretary, recommended by the technical committee, and approved by the BoD. It is what the recent TC resolution was about. >> 2) *Must* a commercial product or service branded "OpenStack" use >> heat or ceilometer or project X from the integrated release? This is >> the work underway. This one is the effort around trademark usage and interop, and it's also using the "core" term (as in: "the 'what is core' spider"). So I'm not sure we can do away with the concept of core entirely until the interop work is done... but we could certainly stop using that same confusing term for both things. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Foundation Board] Resolutions from the Technical Committee
Boris Renski wrote: > None of this answers the question of "what is currently the difference > between core and integrated." I agree with everything you said, but it > sounds to me like *integrated* = *core* at this point. Well, no. "Integrated" is the list of projects we produce and release together every 6 months. That's fully determined by the TC. "The Core OpenStack Project" as defined in the bylaws is the list of projects that can call themselves "OpenStack X". The TC recommends that it's the same as the list of integrated projects, but the BoD may decide to exclude some of those (since the bylaws grant them that power). And then there are all the other fun use cases for the word "core". So while there is definitely a relation between "Integrated" and one of the many use cases of the term "Core", I definitely wouldn't go as far as saying *integrated* = *core* at this point. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Foundation Board] Resolutions from the Technical Committee
Stefano Maffulli wrote:
> On 11/14/2013 09:56 AM, Boris Renski wrote:
>> If per bylaws any integrated project can called itself "OpenStack Blah"
>> then we return to the question of current difference between integrated
>> and core. It seems like there is no alignment. Jonathan's opinion
>> contradicts Thierry's.
>
> I don't see this contradiction between what Thierry says and what
> Jonathan says. On the contrary, I see Jonathan's words confirming what
> Thierry said.
>
> My understanding is that both are saying that since OpenStack
> Orchestration and Metering are released together with other packages
> (modules) in *one*, *integrated* release managed by the TC, they can be
> called 'OpenStack'-something under art. 4.1(b) of the bylaws. My
> understanding is that Trove will likely be in the same situation as Heat
> once it graduates out of incubation.
I'll admit that the language in the bylaws was a bit confusing to me
(and others on the TC), which is why we submitted this resolution in the
first place. Both Mark and Jonathan clarified that projects integrated
in the common OpenStack release ("integrated" projects) can all call
themselves "OpenStack Blah" without needing to ask permission from the
BoD. That just makes sense and is consistent with the way we operated in
the past, so I'm definitely fine with that.
I think we can go back to ignoring this confusing "Core OpenStack
project" language and continue using the term "core" to designate the
subset of integrated projects that you are /required/ to implement to
call your implementation "an OpenStack cloud".
--
Thierry Carrez (ttx)
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Nova] Proposed removal of the PowerVM driver
Russell Bryant wrote: > The maintainers of the PowerVM driver have proposed that it be removed > from Nova. Their reasons are: > > - it is no longer in line with IBM's strategic direction with OpenStack > > - they are not aware of anyone ever having used the driver (outside of >the team that developed and maintained it) > > The second point is quite important. If anyone is using it that they do > not know of, we need to find out. Normally we would approach something > like this with a phased deprecation plan (mark it deprecated in > Icehouse, remove it in J). There is a non-zero cost to keeping the > code, so if we can remove it immediately, there is some benefit to Nova > development. > > If you have an interest in this driver, please speak now. According to the user survey there was *1* deployment that reported using PowerVM: http://www.openstack.org/blog/2013/11/openstack-user-survey-statistics-november-2013/ Maybe the user committee could help us make sure that user knows about this plan ? -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Nova] Proposed removal of the PowerVM driver
Chuck Short wrote: > On Fri, Nov 22, 2013 at 4:45 PM, Michael Still <mailto:mi...@stillhq.com>> wrote: > >> So, a few questions... >> >> - If there are no users shall we remove it from Havana and Grizzly as >> well, or does that violate our stability principles too much? > > > Speaking with my stable maintainers hat on I would personally NACK this > since > it doesnt meet the standard of a stable maintenance requirement, imho. It definitely doesn't meet our stable maintenance rules. We want people to be able to safely upgrade to the latest stable/* when they are users of the release. We don't add new features, removing them would be even worse. >> - If we don't remove the code from stable, what about removing all >> references from the stable docs and putting in a warning saying that >> powervm is a dead end instead? I want to minimise confusion on the >> part of people deploying stable releases. > > This would be okay in my opinion. At the very minimum I would add the "dead-end" comment to the Havana release notes. If Anne is fine by it, it could also be added to the stable/havana version of the docs. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-031] Ceilometer DB2/MongoDB backend password leak (CVE-2013-6384)
OpenStack Security Advisory: 2013-031 CVE: CVE-2013-6384 Date: November 25, 2013 Title: Ceilometer DB2/MongoDB backend password leak Reporter: Eric Brown (IBM) Products: Ceilometer Affects: All supported versions Description: Eric Brown from IBM reported an information leak in Ceilometer logs. The password for the DB2 or MongoDB backends was logged at INFO level in the ceilometer-api logs. An attacker with access to the logs (local shell, log aggregation system access, or accidental leak) may leverage this vulnerability to elevate privileges and gain direct full access to the Ceilometer backend. Only Ceilometer setups using the DB2 or MongoDB backends are affected. Icehouse (development branch) fix: https://review.openstack.org/#/c/54553/ Havana fix: https://review.openstack.org/#/c/56396/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6384 https://bugs.launchpad.net/ceilometer/+bug/1244476 Regards, -- Thierry Carrez OpenStack Vulnerability Management Team signature.asc Description: OpenPGP digital signature ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Resolutions from the Technical Committee
The OpenStack Technical Committee ("TC") recently adopted the following
resolutions:
* David Chadwick has been exceptionally granted ATC status for his
contributions to the Keystone federated identity model design.
http://git.openstack.org/cgit/openstack/governance/commit/?id=c96259102ff80d0138f600ffad7835dffd3e7a07
* The "Metering/Monitoring" program (which currently covers Ceilometer
and the Python Ceilometer client) has been renamed to "Telemetry".
Consequently the proposed official OpenStack name for Ceilometer is now
"OpenStack Telemetry".
http://git.openstack.org/cgit/openstack/governance/commit/?id=9564eecb9769cb0fd52ff216b3e3172a6a323e3b
More information on the Technical Committee at:
http://wiki.openstack.org/Governance/TechnicalCommittee
--
Thierry Carrez (ttx)
Chair, OpenStack Technical Committee
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Icehouse-1 development milestone available
Hi everyone, The first milestone of the Icehouse development cycle, "icehouse-1" is now available for Keystone, Glance, Nova, Horizon, Neutron, Cinder, Ceilometer, Heat, and Trove. It contains all the new features that have been added since the Havana Feature Freeze in September. You can see the full list of new features and fixed bugs, as well as tarball downloads, at: https://launchpad.net/keystone/icehouse/icehouse-1 https://launchpad.net/glance/icehouse/icehouse-1 https://launchpad.net/nova/icehouse/icehouse-1 https://launchpad.net/horizon/icehouse/icehouse-1 https://launchpad.net/neutron/icehouse/icehouse-1 https://launchpad.net/cinder/icehouse/icehouse-1 https://launchpad.net/ceilometer/icehouse/icehouse-1 https://launchpad.net/heat/icehouse/icehouse-1 https://launchpad.net/trove/icehouse/icehouse-1 Including the oslo libraries, 69 blueprints were implemented and 738 bugs were fixed during this milestone. The next development milestone, icehouse-2, is scheduled for January 23rd. You can further track upcoming features and Icehouse release cycle status at: http://status.openstack.org/release/ Regards, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Bringing focus to the Operators and Users at the next summit
Tristan Goode wrote: > I'm trying to establish a feedback loop "because" we (Operators, Users, etc) > need to better present our actual real world, evidence based Operator, User, > and even other input like Sales and Marketing experiences back into the > development teams. Much of this does and will come from the great work of > the UC, the User surveys, and especially the folks that have volunteered to > analyse the survey results. I'm hoping to build on the survey analysis and > collaboratively and constructively focus that to present a blueprint or > roadmap with a "whole of OpenStack" scope. We can dig deeper into the user > survey feedback and break beyond the bounds of the limited format of the > user survey to seed the discussion. For me, the most valuable session in > Hong Kong was the discussion led by Tim of the user survey. It was however, > all too short. I think that ties nicely into the discussion of separating the Design Summit from the conference. Because there is a paradox there. We run the two events at the same time, originally because we wanted users and devs in the same place. But with the design summit being, for a lot of developers, an uninterrupted 4-day sprint, a lot of devs (including most of our PTLs) can't really participate in the conference. So running them at the same time ends up being a good way of *separating* users and key devs. It has another interesting set of consequences, like preventing key devs from presenting at the conference (we had more PTLs presenting at LinuxCon this year than we had in the two previous OpenStack Summits). Having a user/ops summit day in the conference is a good idea, but it would not be enough, if the goal is to expose user priorities to developers. You also have to run it while the Design Summit is not running. So separating (or at least staggering) the two events is a prerequisite for success. Yes, you won't have ALL the developers stay for all the conference days. But I'm pretty sure you'll have more of them active at the conference this way. -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Bringing focus to the Operators and Users at the next summit
Tim Bell wrote: > I would also propose that these user/operator points should be provided to > the PTLs at least one month in advance of the summit. Armed with this input, > the PTLs can factor this into the summit session planning. If there are needs > for a user/operator advocate in design sessions, I think we can find > candidates as we expand through the volunteers and ambassador programs. Yes, there would be more value if that user/operator feedback could be gathered early enough so that it influences the schedule of the Design Summit. I'm afraid that putting user/operator concerns discussion as "the first session of the design summit" would not significantly influence the content of the other pre-scheduled sessions. For example, I know that getting access to the User Survey pain points a few weeks earlier was really useful for PTLs working on design summit schedule. So yes, we need some forum to express user/operator pain points and priorities, but making it happen just after the PTL elections (one month before design summit) would be the most effective if the goal is to really influence what gets worked on for the next development cycle. Note that it doesn't prevent having a operator day at the conference (and making sure the devs can attend it). -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] OpenStack "J" naming poll
Hi everyone, As you may know, OpenStack development cycles and releases are named after cities, counties or places near where the corresponding design summit will happen. The current release cycle, "Icehouse", is named after a street in Hong-Kong, chosen by popular vote. We'd like your help again in selecting the right name for the development cycle and release coming after Icehouse. It shall be named after cities, counties and places in Georgia (USA) starting with a "J" (since we'll be having our next design summit in Atlanta in May 2014). Please take a moment to participate to our poll: https://www.surveymonkey.com/s/openstack-j-naming and order the 10 candidates in your personal order of preference. Thanks! -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] OpenStack "J" naming poll
Thierry Carrez wrote: > Please take a moment to participate to our poll: > https://www.surveymonkey.com/s/openstack-j-naming > > and order the 10 candidates in your personal order of preference. > Thanks! Oh. And as indicated in the poll description, poll will be closed next week (Dec 24, 23:59 PST). Happy ordering, -- Thierry Carrez (ttx) ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] [OSSA 2013-037] Nova compute DoS through ephemeral disk backing files (CVE-2013-6437)
OpenStack Security Advisory: 2013-037 CVE: CVE-2013-6437 Date: December 18, 2013 Title: Nova compute DoS through ephemeral disk backing files Reporter: Phil Day (HP) Products: Nova Affects: All supported versions Description: Phil Day from HP reported a vulnerability in the libvirt driver handling of ephemeral disk backing files on Nova compute nodes. By repeatedly creating snapshots, changing the os_type to a new random value, and spawning new instances from the snapshot (and quickly deleting those instances), an authenticated user could generate lots of different ephemeral disk backing files and fill up compute node disks, potentially resulting in a Denial of Service against a Nova setup. Only Nova setups running the libvirt driver are affected. Icehouse (development branch) fix: https://review.openstack.org/62910 Havana fix: https://review.openstack.org/62912 Grizzly fix: https://review.openstack.org/62913 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6437 https://bugs.launchpad.net/nova/+bug/1253980 Regards, -- Thierry Carrez OpenStack Vulnerability Management Team signature.asc Description: OpenPGP digital signature ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
