zed: Fix CVE-2024-32498

markgoddard · markgoddard · commit bd622dddb16b · 2024-07-11T14:06:28.000+01:00
Fixes CVE-2024-32498 [1] with updated container images for Cinder, Glance and Nova services. [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32498
diff --git a/etc/kayobe/kolla-image-tags.yml b/etc/kayobe/kolla-image-tags.yml
@@ -6,9 +6,15 @@ kolla_image_tags:
   openstack:
     rocky-9: zed-rocky-9-20240202T105829
     ubuntu-jammy: zed-ubuntu-jammy-20240129T151534
+  cinder:
+    rocky-9: zed-rocky-9-20240711T104152
+    ubuntu-jammy: zed-ubuntu-jammy-20240711T101422
   cloudkitty:
     rocky-9: zed-rocky-9-20240503T150113
     ubuntu-jammy: zed-ubuntu-jammy-20240503T150113
+  glance:
+    rocky-9: zed-rocky-9-20240711T130523
+    ubuntu-jammy: zed-ubuntu-jammy-20240711T130523
   grafana:
     rocky-9: zed-rocky-9-20240514T095142
     ubuntu-jammy: zed-ubuntu-jammy-20240514T092357
@@ -24,6 +30,12 @@ kolla_image_tags:
   neutron:
     rocky-9: zed-rocky-9-20240202T141530
     ubuntu-jammy: zed-ubuntu-jammy-20240202T143208
+  nova:
+    rocky-9: zed-rocky-9-20240711T104152
+    ubuntu-jammy: zed-ubuntu-jammy-20240711T101422
+  nova_libvirt:
+    rocky-9: zed-rocky-9-20240202T105829
+    ubuntu-jammy: zed-ubuntu-jammy-20240129T151534
   prometheus:
     rocky-9: zed-rocky-9-20240514T095142
     ubuntu-jammy: zed-ubuntu-jammy-20240514T092357
diff --git a/releasenotes/notes/cve-2024-32498-2cbd205129351766.yaml b/releasenotes/notes/cve-2024-32498-2cbd205129351766.yaml
@@ -0,0 +1,7 @@
+---
+critical:
+  - |
+    Fixes `CVE-2024-32498
+    <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32498>`_ with
+    updated container images for Cinder, Glance and Nova services.
+
