Bug 1172167 (CVE-2020-13254)

Summary:	VUL-1: CVE-2020-13254: python-Django,python-Django1: Potential data leakage via malformed memcached keys
Product:	[Novell Products] SUSE Security Incidents	Reporter:	Alexandros Toptsoglou <atoptsoglou>
Component:	Incidents	Assignee:	Security Team bot <security-team>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P4 - Low	CC:	calmeidadeoliveira, ceph-bugs, framalho, holgi, johannes.grassler, kberger, lgrimmer, meissner, nkrinner, security-team, tserong, wolfgang.frisch
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
URL:	https://smash.suse.de/issue/260127/
Whiteboard:	CVSSv2:NVD:CVE-2020-13254:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv3.1:NVD:CVE-2020-13254:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSSv3.1:RedHat:CVE-2020-13254:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Found By:	---	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Comment 13 OBSbugzilla Bot 2020-06-04 15:30:07 UTC

This is an autogenerated message for OBS integration:
This bug (1172167) was mentioned in
https://build.opensuse.org/request/show/811528 Factory / python-Django

Comment 14 Marcus Meissner 2020-06-05 06:34:41 UTC

is public via oss-sec

https://www.djangoproject.com/weblog/2020/jun/03/security-releases/ <https://www.djangoproject.com/weblog/2020/jun/03/security-releases/>

In accordance with `our security release policy <https://docs.djangoproject.com/en/dev/internals/security/>`_, the Django team is issuing `Django 3.0.7 <https://docs.djangoproject.com/en/o.

CVE-2020-13254: Potential data leakage via malformed memcached keys
===================================================================

In cases where a memcached backend does not perform key validation, passing
malformed cache keys could result in a key collision, and potential data
leakage. In order to avoid this vulnerability, key validation is added to the
memcached cache backends.

Thank you to Dan Palmer for the report and patch.

CVE-2020-13596: Possible XSS via admin ``ForeignKeyRawIdWidget``
================================================================

Query parameters for the admin ``ForeignKeyRawIdWidget`` were not properly URL
encoded, posing an XSS attack vector. ``ForeignKeyRawIdWidget`` now
ensures query parameters are correctly URL encoded.

Thank you to Jon Dufresne for the report and patch.

Affected supported versions
===========================

* Django master branch
* Django 3.1 (currently at alpha status)
* Django 3.0
* Django 2.2

Resolution
==========

Patches to resolve the issue have been applied to Django's master branch and
the 3.1, 3.0, and 2.2 release branches. The patches may be obtained from the following changesets:

CVE-2020-13254:

* On the `master branch <https://github.com/django/django/commit/2c82414914ae6476be5a166be9ff49c24d0d9069>`__
* On the `3.1 release branch <https://github.com/django/django/commit/580bd64c0482ae9b7c05715390e25f4405a12719>`__
* On the `3.0 release branch <https://github.com/django/django/commit/84b2da5552e100ae3294f564f6c862fef8d0e693>`__
* On the `2.2 release branch <https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206>`__

CVE-2020-13596:

* On the `master branch <https://github.com/django/django/commit/2dd4d110c159d0c81dff42eaead2c378a0998735>`__
* On the `3.1 release branch <https://github.com/django/django/commit/49d7cc19e33a104bb23f7ae1dbb1240b4f6c40f9>`__
* On the `3.0 release branch <https://github.com/django/django/commit/1f2dd37f6fcefdd10ed44cb233b2e62b520afb38>`__
* On the `2.2 release branch <https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815>`__

The following releases have been issued:

>`_)
m.txt>`_)

The PGP key ID used for these releases is Carlton Gibson: E17DF5C82B4F9D00.

General notes regarding security reporting
==========================================

As always, we ask that potential security issues be reported via
private email to ``security@djangoproject.com``, and not via Django's
Trac instance or the django-developers list. Please see `our security
policies <https://www.djangoproject.com/security/>`_ for further
information.

Comment 16 Keith Berger 2020-06-10 15:34:58 UTC

patches submitted and ready for release.

https://build.suse.de/package/show/Devel:Cloud:7/python-Django
https://build.suse.de/package/show/Devel:Cloud:8/python-Django
https://build.suse.de/package/show/Devel:Cloud:9/python-Django1

Security: Please review and close /comment

Comment 25 Swamp Workflow Management 2020-07-14 16:18:01 UTC

SUSE-SU-2020:1901-1: An update that solves 23 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1068612,1092420,1107190,1108719,1123872,1126503,1141968,11483483,1148383,1153191,1156525,1159046,1160152,1160153,1160192,1160790,1160851,1161088,1161089,1161670,1164322,1167244,1168593,1169770,1170657,1171273,1171560,1171594,1171661,1171909,1172166,1172167,1172175,1172176,1172409
CVE References: CVE-2017-1000246,CVE-2019-1010083,CVE-2019-15043,CVE-2019-16785,CVE-2019-16786,CVE-2019-16789,CVE-2019-16792,CVE-2019-16865,CVE-2019-18874,CVE-2019-19911,CVE-2019-3828,CVE-2020-10663,CVE-2020-10743,CVE-2020-11076,CVE-2020-11077,CVE-2020-12052,CVE-2020-13254,CVE-2020-13379,CVE-2020-13596,CVE-2020-5312,CVE-2020-5313,CVE-2020-5390,CVE-2020-8151
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    ansible-2.4.6.0-3.9.1, caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1, crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2, crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2, documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1, documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1, documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1, documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1, grafana-4.6.5-4.9.1, kibana-4.6.3-3.3.1, openstack-dashboard-12.0.5~dev3-3.26.1, openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1, openstack-keystone-12.0.4~dev11-5.33.2, openstack-keystone-doc-12.0.4~dev11-5.33.2, openstack-monasca-agent-2.2.6~dev4-3.18.1, openstack-monasca-installer-20190923_16.32-3.12.1, openstack-neutron-11.0.9~dev65-3.33.2, openstack-neutron-doc-11.0.9~dev65-3.33.2, openstack-octavia-amphora-image-0.1.4-3.12.2, python-Django-1.11.23-3.15.1, python-Flask-0.12.1-3.3.1, python-Pillow-4.2.1-3.5.1, python-amqp-2.4.2-3.12.1, python-apicapi-1.6.0-3.6.1, python-keystoneauth1-3.1.2~dev2-3.3.1, python-oslo.messaging-5.30.8-3.11.1, python-psutil-5.2.2-3.3.1, python-pyroute2-0.4.21-3.3.1, python-pysaml2-4.0.2-5.6.1, python-tooz-1.58.1-3.3.1, python-waitress-1.4.3-3.3.1, rubygem-activeresource-4.0.0-3.3.1, rubygem-crowbar-client-3.9.2-3.12.1, rubygem-json-1_7-1.7.7-3.3.1, rubygem-puma-2.16.0-3.9.1, storm-1.1.3-3.3.1
SUSE OpenStack Cloud 8 (src):    ansible-2.4.6.0-3.9.1, ansible1-1.9.6-7.3.1, ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1, ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1, ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1, ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1, ardana-logging-8.0+git.1591194866.b7375d0-3.24.1, ardana-mq-8.0+git.1589715269.62ad6df-3.22.1, ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1, ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1, ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1, caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1, documentation-suse-openstack-cloud-installation-8.20200527-1.26.1, documentation-suse-openstack-cloud-operations-8.20200527-1.26.1, documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1, documentation-suse-openstack-cloud-planning-8.20200527-1.26.1, documentation-suse-openstack-cloud-security-8.20200527-1.26.1, documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1, documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1, documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1, documentation-suse-openstack-cloud-user-8.20200527-1.26.1, grafana-4.6.5-4.9.1, kibana-4.6.3-3.3.1, openstack-dashboard-12.0.5~dev3-3.26.1, openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1, openstack-keystone-12.0.4~dev11-5.33.2, openstack-keystone-doc-12.0.4~dev11-5.33.2, openstack-monasca-agent-2.2.6~dev4-3.18.1, openstack-monasca-installer-20190923_16.32-3.12.1, openstack-neutron-11.0.9~dev65-3.33.2, openstack-neutron-doc-11.0.9~dev65-3.33.2, openstack-octavia-amphora-image-0.1.4-3.12.2, python-Django-1.11.23-3.15.1, python-Flask-0.12.1-3.3.1, python-GitPython-2.1.8-3.3.1, python-Pillow-4.2.1-3.5.1, python-amqp-2.4.2-3.12.1, python-apicapi-1.6.0-3.6.1, python-keystoneauth1-3.1.2~dev2-3.3.1, python-oslo.messaging-5.30.8-3.11.1, python-psutil-5.2.2-3.3.1, python-pyroute2-0.4.21-3.3.1, python-pysaml2-4.0.2-5.6.1, python-tooz-1.58.1-3.3.1, python-waitress-1.4.3-3.3.1, storm-1.1.3-3.3.1, venv-openstack-aodh-5.1.1~dev7-12.26.2, venv-openstack-barbican-5.0.2~dev3-12.27.2, venv-openstack-ceilometer-9.0.8~dev7-12.24.2, venv-openstack-cinder-11.2.3~dev23-14.27.2, venv-openstack-designate-5.0.3~dev7-12.25.2, venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.22.1, venv-openstack-glance-15.0.3~dev3-12.25.1, venv-openstack-heat-9.0.8~dev22-12.27.1, venv-openstack-horizon-12.0.5~dev3-14.30.1, venv-openstack-ironic-9.1.8~dev8-12.27.2, venv-openstack-keystone-12.0.4~dev11-11.28.2, venv-openstack-magnum-5.0.2_5.0.2_5.0.2~dev31-11.26.2, venv-openstack-manila-5.1.1~dev5-12.31.2, venv-openstack-monasca-2.2.2~dev1-11.22.3, venv-openstack-monasca-ceilometer-1.5.1_1.5.1_1.5.1~dev3-8.22.2, venv-openstack-murano-4.0.2~dev2-12.22.1, venv-openstack-neutron-11.0.9~dev65-13.30.2, venv-openstack-nova-16.1.9~dev61-11.28.2, venv-openstack-octavia-1.0.6~dev3-12.27.2, venv-openstack-sahara-7.0.5~dev4-11.26.2, venv-openstack-swift-2.15.2_2.15.2_2.15.2~dev32-11.18.1, venv-openstack-trove-8.0.2~dev2-11.26.1
HPE Helion Openstack 8 (src):    ansible-2.4.6.0-3.9.1, ansible1-1.9.6-7.3.1, ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1, ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1, ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1, ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1, ardana-logging-8.0+git.1591194866.b7375d0-3.24.1, ardana-mq-8.0+git.1589715269.62ad6df-3.22.1, ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1, ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1, ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1, caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1, documentation-hpe-helion-openstack-installation-8.20200527-1.26.1, documentation-hpe-helion-openstack-operations-8.20200527-1.26.1, documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1, documentation-hpe-helion-openstack-planning-8.20200527-1.26.1, documentation-hpe-helion-openstack-security-8.20200527-1.26.1, documentation-hpe-helion-openstack-user-8.20200527-1.26.1, grafana-4.6.5-4.9.1, kibana-4.6.3-3.3.1, openstack-dashboard-12.0.5~dev3-3.26.1, openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1, openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1, openstack-keystone-12.0.4~dev11-5.33.2, openstack-keystone-doc-12.0.4~dev11-5.33.2, openstack-monasca-agent-2.2.6~dev4-3.18.1, openstack-monasca-installer-20190923_16.32-3.12.1, openstack-neutron-11.0.9~dev65-3.33.2, openstack-neutron-doc-11.0.9~dev65-3.33.2, openstack-octavia-amphora-image-0.1.4-3.12.2, python-Django-1.11.23-3.15.1, python-Flask-0.12.1-3.3.1, python-GitPython-2.1.8-3.3.1, python-Pillow-4.2.1-3.5.1, python-amqp-2.4.2-3.12.1, python-apicapi-1.6.0-3.6.1, python-keystoneauth1-3.1.2~dev2-3.3.1, python-oslo.messaging-5.30.8-3.11.1, python-psutil-5.2.2-3.3.1, python-pyroute2-0.4.21-3.3.1, python-pysaml2-4.0.2-5.6.1, python-tooz-1.58.1-3.3.1, python-waitress-1.4.3-3.3.1, storm-1.1.3-3.3.1, venv-openstack-aodh-5.1.1~dev7-12.26.2, venv-openstack-barbican-5.0.2~dev3-12.27.2, venv-openstack-ceilometer-9.0.8~dev7-12.24.2, venv-openstack-cinder-11.2.3~dev23-14.27.2, venv-openstack-designate-5.0.3~dev7-12.25.2, venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.22.1, venv-openstack-glance-15.0.3~dev3-12.25.1, venv-openstack-heat-9.0.8~dev22-12.27.1, venv-openstack-horizon-hpe-12.0.5~dev3-14.30.1, venv-openstack-ironic-9.1.8~dev8-12.27.2, venv-openstack-keystone-12.0.4~dev11-11.28.2, venv-openstack-magnum-5.0.2_5.0.2_5.0.2~dev31-11.26.2, venv-openstack-manila-5.1.1~dev5-12.31.2, venv-openstack-monasca-2.2.2~dev1-11.22.3, venv-openstack-monasca-ceilometer-1.5.1_1.5.1_1.5.1~dev3-8.22.2, venv-openstack-murano-4.0.2~dev2-12.22.1, venv-openstack-neutron-11.0.9~dev65-13.30.2, venv-openstack-nova-16.1.9~dev61-11.28.2, venv-openstack-octavia-1.0.6~dev3-12.27.2, venv-openstack-sahara-7.0.5~dev4-11.26.2, venv-openstack-swift-2.15.2_2.15.2_2.15.2~dev32-11.18.1, venv-openstack-trove-8.0.2~dev2-11.26.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Swamp Workflow Management 2020-07-29 19:16:33 UTC

SUSE-RU-2020:2072-1: An update that solves 31 vulnerabilities and has 8 fixes is now available.

Category: recommended (low)
Bug References: 1037777,1068612,1069468,1070737,1077718,1083903,1111657,1126503,1133817,1135773,1138748,1148383,1149110,1149535,1153191,1156525,1159447,1160152,1160153,1160192,1160790,1160851,1161088,1161089,1161349,1161670,1164316,1165402,1167244,1170657,1171560,1171909,1172166,1172167,1172175,1172176,1172409,948198,981848
CVE References: CVE-2017-1000246,CVE-2017-4965,CVE-2017-4967,CVE-2018-1000115,CVE-2019-0201,CVE-2019-11596,CVE-2019-15026,CVE-2019-15043,CVE-2019-16785,CVE-2019-16786,CVE-2019-16789,CVE-2019-16792,CVE-2019-16865,CVE-2019-18874,CVE-2019-19844,CVE-2019-19911,CVE-2019-3498,CVE-2019-3828,CVE-2020-10663,CVE-2020-10743,CVE-2020-11076,CVE-2020-11077,CVE-2020-12052,CVE-2020-13254,CVE-2020-13379,CVE-2020-13596,CVE-2020-5247,CVE-2020-5312,CVE-2020-5313,CVE-2020-5390,CVE-2020-8151
JIRA References: ECO-1256,SOC-10357,SOC-11067,SOC-11077,SOC-11079,SOC-11082,SOC-11122,SOC-11174,SOC-11187,SOC-11224,SOC-11238,SOC-11243,SOC-11248,SOC-11251,SOC-11286,SOC-9298,SOC-9801
Sources used:
SUSE OpenStack Cloud 7 (src):    ansible-2.2.3.0-12.2, crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5, crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4, crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4, grafana-4.6.5-1.14.1, keepalived-2.0.19-1.8.1, kibana-4.6.3-5.1, memcached-1.5.17-3.6.1, monasca-installer-20180608_12.47-12.1, openstack-dashboard-theme-SUSE-2016.2-5.12.4, openstack-manila-3.0.1~dev30-4.12.2, openstack-manila-doc-3.0.1~dev30-4.12.3, openstack-neutron-fwaas-9.0.2~dev5-4.9.3, openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4, openstack-nova-14.0.11~dev13-4.40.2, openstack-nova-doc-14.0.11~dev13-4.40.2, openstack-tempest-12.2.1~a0~dev177-4.9.1, python-Django-1.8.19-3.23.1, python-Pillow-2.8.1-4.12.1, python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1, python-psutil-1.2.1-21.1, python-py-1.8.1-11.12.1, python-pysaml2-4.0.2-3.17.1, python-waitress-1.4.3-3.3.1, rabbitmq-server-3.4.4-3.16.1, release-notes-suse-openstack-cloud-7.20180803-3.18.3, rubygem-activeresource-4.0.0-3.3.1, rubygem-crowbar-client-3.9.2-7.20.1, rubygem-json-1_7-1.7.7-3.3.1, rubygem-puma-2.16.0-4.6.1, zookeeper-3.4.10-6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2020-08-07 01:15:42 UTC

SUSE-RU-2020:2161-1: An update that solves 24 vulnerabilities and has 10 fixes is now available.

Category: recommended (moderate)
Bug References: 1019111,1107190,1126503,1136928,1153191,1159046,1159447,1160151,1160152,1160153,1160192,1160790,1161088,1161089,1161670,1161919,1163446,1165022,1170657,1171070,1171071,1171072,1171273,1171594,1171909,1172166,1172167,1172409,1172522,1173413,1173416,1173418,1173420,1174006
CVE References: CVE-2019-16785,CVE-2019-16786,CVE-2019-16789,CVE-2019-16792,CVE-2019-16865,CVE-2019-19844,CVE-2019-19911,CVE-2019-3828,CVE-2020-10177,CVE-2020-10378,CVE-2020-10743,CVE-2020-10755,CVE-2020-10994,CVE-2020-11538,CVE-2020-12052,CVE-2020-13254,CVE-2020-13379,CVE-2020-13596,CVE-2020-5311,CVE-2020-5312,CVE-2020-5313,CVE-2020-7471,CVE-2020-8184,CVE-2020-9402
JIRA References: SOC-10029,SOC-10106,SOC-10124,SOC-10317,SOC-10357,SOC-11077,SOC-11082,SOC-11126,SOC-11176,SOC-11203,SOC-11209,SOC-11241,SOC-11243,SOC-11248,SOC-11249,SOC-11274,SOC-11279,SOC-11286,SOC-11289,SOC-11294,SOC-11297,SOC-11298,SOC-11299,SOC-11306,SOC-11314,SOC-11330,SOC-11341,SOC-11342,SOC-6780,SOC-9235,SOC-9775
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    crowbar-core-6.0+git.1594619891.b75a61d0d-3.25.5, crowbar-openstack-6.0+git.1591795073.49cb6400e-3.25.3, grafana-6.2.5-3.12.2, kibana-4.6.3-4.3.2, openstack-barbican-7.0.1~dev24-3.9.5, openstack-ceilometer-11.1.1~dev7-3.16.3, openstack-cinder-13.0.10~dev12-3.22.4, openstack-dashboard-14.1.1~dev6-3.15.5, openstack-designate-7.0.2~dev2-3.19.3, openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.6.2, openstack-ironic-11.1.5~dev6-3.19.3, openstack-keystone-14.2.1~dev4-3.22.3, openstack-magnum-7.2.1~dev1-3.13.3, openstack-manila-7.4.2~dev31-4.24.3, openstack-monasca-agent-2.8.2~dev5-3.9.3, openstack-neutron-13.0.8~dev68-3.25.3, openstack-neutron-vsphere-2.0.1~dev167-3.3.3, openstack-nova-18.3.1~dev38-3.25.4, openstack-octavia-3.2.3~dev7-3.25.3, openstack-octavia-amphora-image-0.1.4-7.12.3, openstack-resource-agents-1.0+git.1569436425.8b9c49f-5.3.2, python-Django1-1.11.29-3.15.2, python-Pillow-5.2.0-3.3.2, python-heatclient-1.16.3-3.3.3, python-neutron-tempest-plugin-0.2.0-3.3.2, python-octavia-tempest-plugin-0.2.0-3.3.2, python-os-brick-2.5.10-3.12.3, python-oslo.messaging-8.1.4-3.6.2, python-pyroute2-0.5.2-4.3.2, python-urllib3-1.23-3.12.2, python-waitress-1.4.3-3.3.1, release-notes-suse-openstack-cloud-9.20200610-3.21.4, rubygem-activeresource-4.0.0-4.3.1, rubygem-json-1_7-1.7.7-4.3.1, rubygem-puma-2.16.0-4.9.1
SUSE OpenStack Cloud 9 (src):    ansible1-1.9.6-9.7.2, ardana-ansible-9.0+git.1591138508.e269bdb-3.22.2, ardana-cobbler-9.0+git.1588181228.bae3b1f-3.13.2, ardana-glance-9.0+git.1593631708.9354a78-3.13.2, ardana-input-model-9.0+git.1589740948.c24fc0b-3.19.2, ardana-logging-9.0+git.1591193994.d93b668-3.13.2, ardana-manila-9.0+git.1594158642.b5905e4-3.12.2, ardana-monasca-9.0+git.1589385256.7fbfaaf-3.19.2, ardana-mq-9.0+git.1593618110.cbd1a37-3.16.2, ardana-neutron-9.0+git.1590756257.e09d54f-3.22.2, ardana-octavia-9.0+git.1590079609.a2ae6ab-3.19.2, ardana-tempest-9.0+git.1593033709.9495bb2-3.16.2, grafana-6.2.5-3.12.2, kibana-4.6.3-4.3.2, openstack-barbican-7.0.1~dev24-3.9.5, openstack-ceilometer-11.1.1~dev7-3.16.3, openstack-cinder-13.0.10~dev12-3.22.4, openstack-dashboard-14.1.1~dev6-3.15.5, openstack-designate-7.0.2~dev2-3.19.3, openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.6.2, openstack-ironic-11.1.5~dev6-3.19.3, openstack-keystone-14.2.1~dev4-3.22.3, openstack-magnum-7.2.1~dev1-3.13.3, openstack-manila-7.4.2~dev31-4.24.3, openstack-monasca-agent-2.8.2~dev5-3.9.3, openstack-neutron-13.0.8~dev68-3.25.3, openstack-neutron-vsphere-2.0.1~dev167-3.3.3, openstack-nova-18.3.1~dev38-3.25.4, openstack-octavia-3.2.3~dev7-3.25.3, openstack-octavia-amphora-image-0.1.4-7.12.3, openstack-resource-agents-1.0+git.1569436425.8b9c49f-5.3.2, python-Django1-1.11.29-3.15.2, python-Pillow-5.2.0-3.3.2, python-ardana-packager-0.0.3-9.3.2, python-heatclient-1.16.3-3.3.3, python-neutron-tempest-plugin-0.2.0-3.3.2, python-octavia-tempest-plugin-0.2.0-3.3.2, python-os-brick-2.5.10-3.12.3, python-oslo.messaging-8.1.4-3.6.2, python-pyroute2-0.5.2-4.3.2, python-urllib3-1.23-3.12.2, python-waitress-1.4.3-3.3.1, release-notes-suse-openstack-cloud-9.20200610-3.21.4, venv-openstack-barbican-7.0.1~dev24-3.19.3, venv-openstack-cinder-13.0.10~dev12-3.19.2, venv-openstack-designate-7.0.2~dev2-3.19.2, venv-openstack-glance-17.0.1~dev30-3.17.2, venv-openstack-heat-11.0.3~dev35-3.19.2, venv-openstack-horizon-14.1.1~dev6-4.18.3, venv-openstack-ironic-11.1.5~dev6-4.15.2, venv-openstack-keystone-14.2.1~dev4-3.19.2, venv-openstack-magnum-7.2.1~dev1-4.19.2, venv-openstack-manila-7.4.2~dev31-3.21.2, venv-openstack-monasca-2.7.1~dev10-3.17.3, venv-openstack-monasca-ceilometer-1.8.2~dev3-3.19.2, venv-openstack-neutron-13.0.8~dev68-6.19.2, venv-openstack-nova-18.3.1~dev38-3.19.3, venv-openstack-octavia-3.2.3~dev7-4.19.2, venv-openstack-sahara-9.0.2~dev15-3.19.2, venv-openstack-swift-2.19.2~dev48-2.14.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Marcus Meissner 2020-08-08 10:27:16 UTC

done

Comment 31 OBSbugzilla Bot 2020-09-15 14:50:14 UTC

This is an autogenerated message for OBS integration:
This bug (1172167) was mentioned in
https://build.opensuse.org/request/show/834663 15.2 / python-Django