Addressed issues¶

The MCP 2019.2.21 update contains fixes for the following MCP components:

• DriveTrain:

  • [36976] Updated the mysql, sf-reporter, phpldapadmin, postgresql, and gainsight Docker images to fix security vulnerabilities.

• OpenStack:

  • [36956][Queens] Fixed the issue causing a timeout during the Panko database execution and affecting the MySQL database.

  • [36953][Queens] Fixed the issue wherein Keystone failed to parse multi-valued claims from OpenID Connect (OIDC) tokens. Enhanced the Keystone Salt formula by implementing the capability to configure oidc_claim_delimiter.

  • [36948][Pike, Queens] Fixed the issue wherein the upgrade of a Galera cluster to version 5.7 was failing if AppArmor was present on the database nodes.

  • [36935][Pike, Queens] Updated the pyroute2 package to version 0.5.4 to prevent the privsep_helper process from leaking memory. The issue could cause slow router processing times.

  • [36897][Pike, Queens] Fixed the issue with the

    nova-serialproxy package failing to create the systemd unit.

  • [36888][Pike] Fixed the issue wherein upgrading OpenStack Pike to Queens failed with the an exception when applying the designate.upgrade Salt state.

  • [36780][Pike, Queens] Upgraded Redis to version 5.0.14 on OpenStack Pike and OpenStack Queens to eliminate the CVE-2021-32628 security vulnerability.

  • [35136][Queens] Fixed the issue wherein scheduling a VM failed with a number of Unexpected API errors.

• StackLight:

  • [36816] Replaced token-based authentication with basic HTTP authentication for the Alerta receiver for Alertmanager notifications.

• Ceph:

  • [36942] Fixed the issue wherein upgrading Ceph Luminous (v12.2.11 or v12.2.13) to Nautilus (v14.2.22) was causing PGs outage and failure of the cinder-volume and glance-api services.