[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2021:1962-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":60,"duplicates":61,"related":62,"reserved_at":9,"published_at":86,"modified_at":87,"state":9,"summary":88,"references_raw":90,"kevs":283,"epss":9,"epss_history":284,"metrics":285,"affected":286},"SUSE-SU-2021:1962-1","Security update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone\n\nThis update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone contains the following fixes:\n\nSecurity fixes included in this update:\n\ncassandra:\n- CVE-2020-17516: Fixed an issue where encryption between nodes was not enforced\n correctly for certain internode_encryption settings (bsc#1181689)\n\ngrafana:\n- CVE-2018-18623, CVE-2018-18624, CVE-2018-18625: Fixed multiple cross\n site scripting vulnerabilities in the dashboard. (bsc#1172450)\n- CVE-2021-27358: Fixed a denial of service via remote API call. (bsc#1183803)\n- CVE-2019-15043: Fixed a denial of service by an unauthenticated user\n in the snapshot HTTP API (bsc#1148383)\n- CVE-2020-13379: Fixed an information leak to unauthenticated users. (bsc#1172409)\n- CVE-2020-12052: Fixed a cross site scripting vulnerability with the annotation\n popup (bsc#1170657)\n- CVE-2018-19039: Fixed an issue where a privileged user could\n exfiltrate files (bsc#1115960)\n- CVE-2020-11110: Fixed a stored cross site scripting vulnerability. (bsc#1174583)\n- CVE-2020-24303: Fixed a cross site scripting vulnerability in a query alias for\n ElasticSearch datasources (bsc#1178243)\n\nkibana:\n- CVE-2017-11499: Fixed a vulnerability in nodejs, related to the HashTable\n implementation, which could cause a denial of service. (bsc#1044849)\n- CVE-2017-11481: Fixed a cross site scripting vulnerability via via URL fields.\n (bsc#1044849)\n- CVE-2020-10743: Fixed a clickjacking issue because X-Frame-Option was not used\n by default. (bsc#1171909)\n\npython-Django:\n- CVE-2021-23336: Fixed a web cache poisoning via django.utils.http.limited_parse_qsl().\n (bsc#1182433)\n- CVE-2021-28658: Fixed a directory traversal via uploaded files. (bsc#1184148)\n- CVE-2021-31542: Fixed a directory traversal via uploaded files with suitably crafted\n file names. (bsc#1185623)\n- CVE-2021-33203: Fixed potential path-traversal via admindocs' TemplateDetailView.\n (bsc#1186608)\n- CVE-2021-33571: Tighten validator checks to not allow leading zeros in IPv4 addresses,\n which potentially leads to further attacks. (bsc#1186611)\n\npython-py:\n- CVE-2020-29651: Fixed a denial of service via regular expressions. (bsc#1179805)\n\npython-pysaml2:\n- CVE-2021-21238: Fixed improper verification of cryptographic signatures for signed\n SAML documents. (bsc#1181277)\n- CVE-2021-21239: Fixed improper verification of cryptographic signatures when using\n CryptoBackendXmlSec1(). (bsc#1181278)\n\nrubygem-activerecord-session_store:\n- CVE-2019-25025: Fixed a timing attacks targeting the session id which could allow\n an attack to hijack sessions. (bsc#1183174)\n\n\nNon-security changes included in this update:\n\nChanges in ardana-neutron:\n- Update to version 9.0+git.1615223676.777f0b3:\n  * Allow users to stop monitoring rootwrap daemon (bsc#1182317)\n\nChanges in ardana-swift:\n- Update to version 9.0+git.1618235096.90974ed:\n  * Run swiftlm-scan in the UTC timezone (bsc#1181690)\n\nChanges in cassandra:\n- update to 3.11.10 (bsc#1181689, CVE-2020-17516)  \n * Fix digest computation for queries with fetched but non queried columns (CASSANDRA-15962)\n * Reduce amount of allocations during batch statement execution (CASSANDRA-16201)\n * Update jflex-1.6.0.jar to match upstream (CASSANDRA-16393)\n * Fix DecimalDeserializer#toString OOM (CASSANDRA-14925)\n * Rate limit validation compactions using compaction_throughput_mb_per_sec (CASSANDRA-16161)\n * SASI's `max_compaction_flush_memory_in_mb` settings over 100GB revert to default of 1GB (CASSANDRA-16071)\n * Prevent unbounded number of pending flushing tasks (CASSANDRA-16261)\n * Improve empty hint file handling during startup (CASSANDRA-16162)\n * Allow empty string in collections with COPY FROM in cqlsh (CASSANDRA-16372)\n * Fix skipping on pre-3.0 created compact storage sstables due to missing primary key liveness (CASSANDRA-16226)\n * Extend the exclusion of replica filtering protection to other indices instead of just SASI (CASSANDRA-16311)\n * Synchronize transaction logs for JBOD (CASSANDRA-16225)\n * Fix the counting of cells per partition (CASSANDRA-16259)\n * Fix serial read/non-applying CAS linearizability (CASSANDRA-12126)\n * Avoid potential NPE in JVMStabilityInspector (CASSANDRA-16294)\n * Improved check of num_tokens against the length of initial_token (CASSANDRA-14477)\n * Fix a race condition on ColumnFamilyStore and TableMetrics (CASSANDRA-16228)\n * Remove the SEPExecutor blocking behavior (CASSANDRA-16186)\n * Fix invalid cell value skipping when reading from disk (CASSANDRA-16223)\n * Prevent invoking enable/disable gossip when not in NORMAL (CASSANDRA-16146)\n * Wait for schema agreement when bootstrapping (CASSANDRA-15158)\n * Fix the histogram merge of the table metrics (CASSANDRA-16259)\n * Synchronize Keyspace instance store/clear (CASSANDRA-16210)\n * Fix ColumnFilter to avoid querying cells of unselected complex columns (CASSANDRA-15977)\n * Fix memory leak in CompressedChunkReader (CASSANDRA-15880)\n * Don't attempt value skipping with mixed version cluster (CASSANDRA-15833)\n * Avoid failing compactions with very large partitions (CASSANDRA-15164)\n * Make sure LCS handles duplicate sstable added/removed notifications correctly (CASSANDRA-14103)\n * Fix OOM when terminating repair session (CASSANDRA-15902)\n * Avoid marking shutting down nodes as up after receiving gossip shutdown message (CASSANDRA-16094)\n * Check SSTables for latest version before dropping compact storage (CASSANDRA-16063)\n * Handle unexpected columns due to schema races (CASSANDRA-15899)\n * Add flag to ignore unreplicated keyspaces during repair (CASSANDRA-15160)\n * Package tools/bin scripts as executable (CASSANDRA-16151)\n * Fixed a NullPointerException when calling nodetool enablethrift (CASSANDRA-16127)\n * Correctly interpret SASI's `max_compaction_flush_memory_in_mb` setting in megabytes not bytes (CASSANDRA-16071)\n * Fix short read protection for GROUP BY queries (CASSANDRA-15459)\n * Frozen RawTuple is not annotated with frozen in the toString method (CASSANDRA-15857)\nMerged from 3.0:\n * Use IF NOT EXISTS for index and UDT create statements in snapshot schema files (CASSANDRA-13935)\n * Fix gossip shutdown order (CASSANDRA-15816)\n * Remove broken 'defrag-on-read' optimization (CASSANDRA-15432)\n * Check for endpoint collision with hibernating nodes (CASSANDRA-14599)\n * Operational improvements and hardening for replica filtering protection (CASSANDRA-15907)\n * stop_paranoid disk failure policy is ignored on CorruptSSTableException after node is up (CASSANDRA-15191)\n * Forbid altering UDTs used in partition keys (CASSANDRA-15933)\n * Fix empty/null json string representation (CASSANDRA-15896)\n * 3.x fails to start if commit log has range tombstones from a column which is also deleted (CASSANDRA-15970)\n * Handle difference in timestamp precision between java8 and java11 in LogFIle.java (CASSANDRA-16050)\nMerged from 2.2:\n * Fix CQL parsing of collections when the column type is reversed (CASSANDRA-15814)\n * Only allow strings to be passed to JMX authentication (CASSANDRA-16077)\n * Fix cqlsh output when fetching all rows in batch mode (CASSANDRA-15905)\n * Upgrade Jackson to 2.9.10 (CASSANDRA-15867)\n * Fix CQL formatting of read command restrictions for slow query log (CASSANDRA-15503)\n * Allow sstableloader to use SSL on the native port (CASSANDRA-14904)\n * Backport CASSANDRA-12189: escape string literals (CASSANDRA-15948)\n * Avoid hinted handoff per-host throttle being arounded to 0 in large cluster (CASSANDRA-15859)\n * Avoid emitting empty range tombstones from RangeTombstoneList (CASSANDRA-15924)\n * Avoid thread starvation, and improve compare-and-swap performance, in the slab allocators (CASSANDRA-15922)\n * Add token to tombstone warning and error messages (CASSANDRA-15890)\n * Fixed range read concurrency factor computation and capped as 10 times tpc cores (CASSANDRA-15752)\n * Catch exception on bootstrap resume and init native transport (CASSANDRA-15863)\n * Fix replica-side filtering returning stale data with CL > ONE (CASSANDRA-8272, CASSANDRA-8273)\n * Fix duplicated row on 2.x upgrades when multi-rows range tombstones interact with collection ones (CASSANDRA-15805)\n * Rely on snapshotted session infos on StreamResultFuture.maybeComplete to avoid race conditions (CASSANDRA-15667)\n * EmptyType doesn't override writeValue so could attempt to write bytes when expected not to (CASSANDRA-15790)\n * Fix index queries on partition key columns when some partitions contains only static data (CASSANDRA-13666)\n * Avoid creating duplicate rows during major upgrades (CASSANDRA-15789)\n * liveDiskSpaceUsed and totalDiskSpaceUsed get corrupted if IndexSummaryRedistribution gets interrupted (CASSANDRA-15674)\n * Fix Debian init start/stop (CASSANDRA-15770)\n * Fix infinite loop on index query paging in tables with clustering (CASSANDRA-14242)\n * Fix chunk index overflow due to large sstable with small chunk length (CASSANDRA-15595)\n * Allow selecting static column only when querying static index (CASSANDRA-14242)\n * cqlsh return non-zero status when STDIN CQL fails (CASSANDRA-15623)\n * Don't skip sstables in slice queries based only on local min/max/deletion timestamp (CASSANDRA-15690)\n * Memtable memory allocations may deadlock (CASSANDRA-15367)\n * Run evictFromMembership in GossipStage (CASSANDRA-15592)\n * Fix nomenclature of allow and deny lists (CASSANDRA-15862)\n * Remove generated files from source artifact (CASSANDRA-15849)\n * Remove duplicated tools binaries from tarballs (CASSANDRA-15768)\n * Duplicate results with DISTINCT queries in mixed mode (CASSANDRA-15501)\n * Disable JMX rebinding (CASSANDRA-15653)\n * Fix writing of snapshot manifest when the table has table-backed secondary indexes (CASSANDRA-10968)\n * Fix parse error in cqlsh COPY FROM and formatting for map of blobs (CASSANDRA-15679)\n * Fix Commit log replays when static column clustering keys are collections (CASSANDRA-14365)\n * Fix Red Hat init script on newer systemd versions (CASSANDRA-15273)\n * Allow EXTRA_CLASSPATH to work on tar/source installations (CASSANDRA-15567)\n * Fix bad UDT sstable metadata serialization headers written by C* 3.0 on upgrade and in sstablescrub (CASSANDRA-15035)\n * Fix nodetool compactionstats showing extra pending task for TWCS - patch implemented (CASSANDRA-15409)\n * Fix SELECT JSON formatting for the 'duration' type (CASSANDRA-15075)\n * Fix LegacyLayout to have same behavior as 2.x when handling unknown column names (CASSANDRA-15081)\n * Update nodetool help stop output (CASSANDRA-15401)\n * Run in-jvm upgrade dtests in circleci (CASSANDRA-15506)\n * Include updates to static column in mutation size calculations (CASSANDRA-15293)\n * Fix point-in-time recoevery ignoring timestamp of updates to static columns (CASSANDRA-15292)\n * GC logs are also put under $CASSANDRA_LOG_DIR (CASSANDRA-14306)\n * Fix sstabledump's position key value when partitions have multiple rows (CASSANDRA-14721)\n * Avoid over-scanning data directories in LogFile.verify() (CASSANDRA-15364)\n * Bump generations and document changes to system_distributed and system_traces in 3.0, 3.11\n   (CASSANDRA-15441)\n * Fix system_traces creation timestamp; optimise system keyspace upgrades (CASSANDRA-15398)\n * Fix various data directory prefix matching issues (CASSANDRA-13974)\n * Minimize clustering values in metadata collector (CASSANDRA-15400)\n * Avoid over-trimming of results in mixed mode clusters (CASSANDRA-15405)\n * validate value sizes in LegacyLayout (CASSANDRA-15373)\n * Ensure that tracing doesn't break connections in 3.x/4.0 mixed mode by default (CASSANDRA-15385)\n * Make sure index summary redistribution does not start when compactions are paused (CASSANDRA-15265)\n * Ensure legacy rows have primary key livenessinfo when they contain illegal cells (CASSANDRA-15365)\n * Fix race condition when setting bootstrap flags (CASSANDRA-14878)\n * Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426)\n * Fix SELECT JSON output for empty blobs (CASSANDRA-15435)\n * In-JVM DTest: Set correct internode message version for upgrade test (CASSANDRA-15371)\n * In-JVM DTest: Support NodeTool in dtest (CASSANDRA-15429)\n * Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426)\n * Fix SASI non-literal string comparisons (range operators) (CASSANDRA-15169)\n * Make sure user defined compaction transactions are always closed (CASSANDRA-15123)\n * Fix cassandra-env.sh to use $CASSANDRA_CONF to find cassandra-jaas.config (CASSANDRA-14305)\n * Fixed nodetool cfstats printing index name twice (CASSANDRA-14903)\n * Add flag to disable SASI indexes, and warnings on creation (CASSANDRA-14866)\n * Add ability to cap max negotiable protocol version (CASSANDRA-15193)\n * Gossip tokens on startup if available (CASSANDRA-15335)\n * Fix resource leak in CompressedSequentialWriter (CASSANDRA-15340)\n * Fix bad merge that reverted CASSANDRA-14993 (CASSANDRA-15289)\n * Fix LegacyLayout RangeTombstoneList IndexOutOfBoundsException when upgrading and RangeTombstone bounds are asymmetric (CASSANDRA-15172)\n * Fix NPE when using allocate_tokens_for_keyspace on new DC/rack (CASSANDRA-14952)\n * Filter sstables earlier when running cleanup (CASSANDRA-15100)\n * Use mean row count instead of mean column count for index selectivity calculation (CASSANDRA-15259)\n * Avoid updating unchanged gossip states (CASSANDRA-15097)\n * Prevent recreation of previously dropped columns with a different kind (CASSANDRA-14948)\n * Prevent client requests from blocking on executor task queue (CASSANDRA-15013)\n * Toughen up column drop/recreate type validations (CASSANDRA-15204)\n * LegacyLayout should handle paging states that cross a collection column (CASSANDRA-15201)\n * Prevent RuntimeException when username or password is empty/null (CASSANDRA-15198)\n * Multiget thrift query returns null records after digest mismatch (CASSANDRA-14812)\n * Skipping illegal legacy cells can break reverse iteration of indexed partitions (CASSANDRA-15178)\n * Handle paging states serialized with a different version than the session's (CASSANDRA-15176)\n * Throw IOE instead of asserting on unsupporter peer versions (CASSANDRA-15066)\n * Update token metadata when handling MOVING/REMOVING_TOKEN events (CASSANDRA-15120)\n * Add ability to customize cassandra log directory using $CASSANDRA_LOG_DIR (CASSANDRA-15090)\n * Skip cells with illegal column names when reading legacy sstables (CASSANDRA-15086)\n * Fix assorted gossip races and add related runtime checks (CASSANDRA-15059)\n * Fix mixed mode partition range scans with limit (CASSANDRA-15072)\n * cassandra-stress works with frozen collections: list and set (CASSANDRA-14907)\n * Fix handling FS errors on writing and reading flat files - LogTransaction and hints (CASSANDRA-15053)\n * Avoid double closing the iterator to avoid overcounting the number of requests (CASSANDRA-15058)\n * Improve `nodetool status -r` speed (CASSANDRA-14847)\n * Improve merkle tree size and time on heap (CASSANDRA-14096)\n * Add missing commands to nodetool_completion (CASSANDRA-14916)\n * Anti-compaction temporarily corrupts sstable state for readers (CASSANDRA-15004)\n * Catch non-IOException in FileUtils.close to make sure that all resources are closed (CASSANDRA-15225)\n * Handle exceptions during authentication/authorization (CASSANDRA-15041)\n * Support cross version messaging in in-jvm upgrade dtests (CASSANDRA-15078)\n * Fix index summary redistribution cancellation (CASSANDRA-15045)\n * Fixing invalid CQL in security documentation (CASSANDRA-15020)\n * Allow instance class loaders to be garbage collected for inJVM dtest (CASSANDRA-15170)\n * Add support for network topology and query tracing for inJVM dtest (CASSANDRA-15319)\n * Correct sstable sorting for garbagecollect and levelled compaction (CASSANDRA-14870)\n * Severe concurrency issues in STCS,DTCS,TWCS,TMD.Topology,TypeParser\n * Add a script to make running the cqlsh tests in cassandra repo easier (CASSANDRA-14951)\n * If SizeEstimatesRecorder misses a 'onDropTable' notification, the size_estimates table will never be cleared for that table. (CASSANDRA-14905)\n * Counters fail to increment in 2.1/2.2 to 3.X mixed version clusters (CASSANDRA-14958)\n * Streaming needs to synchronise access to LifecycleTransaction (CASSANDRA-14554)\n * Fix cassandra-stress write hang with default options (CASSANDRA-14616)\n * Differentiate between slices and RTs when decoding legacy bounds (CASSANDRA-14919)\n * Netty epoll IOExceptions caused by unclean client disconnects being logged at INFO (CASSANDRA-14909)\n * Unfiltered.isEmpty conflicts with Row extends AbstractCollection.isEmpty (CASSANDRA-14588)\n * RangeTombstoneList doesn't properly clean up mergeable or superseded rts in some cases (CASSANDRA-14894)\n * Fix handling of collection tombstones for dropped columns from legacy sstables (CASSANDRA-14912)\n * Throw exception if Columns serialized subset encode more columns than possible (CASSANDRA-14591)\n * Drop/add column name with different Kind can result in corruption (CASSANDRA-14843)\n * Fix missing rows when reading 2.1 SSTables with static columns in 3.0 (CASSANDRA-14873)\n * Move TWCS message 'No compaction necessary for bucket size' to Trace level (CASSANDRA-14884)\n * Sstable min/max metadata can cause data loss (CASSANDRA-14861)\n * Dropped columns can cause reverse sstable iteration to return prematurely (CASSANDRA-14838)\n * Legacy sstables with  multi block range tombstones create invalid bound sequences (CASSANDRA-14823)\n * Expand range tombstone validation checks to multiple interim request stages (CASSANDRA-14824)\n * Reverse order reads can return incomplete results (CASSANDRA-14803)\n * Avoid calling iter.next() in a loop when notifying indexers about range tombstones (CASSANDRA-14794)\n * Fix purging semi-expired RT boundaries in reversed iterators (CASSANDRA-14672)\n * DESC order reads can fail to return the last Unfiltered in the partition (CASSANDRA-14766)\n * Fix corrupted collection deletions for dropped columns in 3.0 \u003C->  2.{1,2} messages (CASSANDRA-14568)\n * Fix corrupted static collection deletions in 3.0 \u003C-> 2.{1,2} messages (CASSANDRA-14568)\n * Handle failures in parallelAllSSTableOperation (cleanup/upgradesstables/etc) (CASSANDRA-14657)\n * Improve TokenMetaData cache populating performance avoid long locking (CASSANDRA-14660)\n * Backport: Flush netty client messages immediately (not by default) (CASSANDRA-13651)\n * Fix static column order for SELECT * wildcard queries (CASSANDRA-14638)\n * sstableloader should use discovered broadcast address to connect intra-cluster (CASSANDRA-14522)\n * Fix reading columns with non-UTF names from schema (CASSANDRA-14468)\n * Don't enable client transports when bootstrap is pending (CASSANDRA-14525)\n * MigrationManager attempts to pull schema from different major version nodes (CASSANDRA-14928)\n * Fix incorrect cqlsh results when selecting same columns multiple times (CASSANDRA-13262)\n * Returns null instead of NaN or Infinity in JSON strings (CASSANDRA-14377)\n * Paged Range Slice queries with DISTINCT can drop rows from results (CASSANDRA-14956)\n\nChanges in crowbar-openstack:\n- Update to version 6.0+git.1616146717.a89ae0f4e:\n  * monasca: restart Kibana on update (bsc#1044849)\n\nChanges in grafana\n- Add CVE-2021-27358.patch (bsc#1183803, CVE-2021-27358)\n  * Prevent unauthenticated remote attackers from causing a DoS through the\n    snapshots API.\n\nChanges in kibana:\n- Ensure /etc/sysconfig/kibana is present\n\n- Update to Kibana 4.6.6 (bsc#1044849, CVE-2017-11499, ESA-2017-14, ESA-2017-16)\n  * [4.6] ignore forked code for babel transpile build phase (#13483)\n  * Allow more than match queries in custom filters (#8614) (#10857)\n  * [state] don't make extra $location.replace() calls (#9954)\n  * [optimizer] move to querystring-browser package for up-to-date api\n  * [state/unhashUrl] use encode-uri-query to generate cleanly encoded urls\n  * server: refactor log_interceptor to be more DRY (#9617)\n  * server: downgrade ECANCELED logs to debug (#9616)\n  * server: do not treat logged warnings as errors (#8746) (#9610)\n  * [server/logger] downgrade EPIPE errors to debug level (#9023)\n  * Add basepath when redirecting from a trailling slash (#9035)\n  * [es/kibanaIndex] use unmapped_type rather than ignore_unmapped (#8968)\n  * [server/shortUrl] validate urls before shortening them\n- Add CVE-2017-11481.patch (bsc#1044849, CVE-2017-11481)\n  * This fixes an XSS vulnerability in URL fields\n- Remove %dir declaration from /opt/kibana/optimize to ensure\n  no files owned by root end up in there\n- Exclude /opt/kibana/optimize from %fdupes\n- Restart service on upgrade\n- Do not copy LICENSE.txt and README.txt to /opt/kibana\n- Fix rpmlint warnings/errors\n- Switch to explicit patch application\n- Fix source URL\n- Fix logic for systemd/systemv detection\n\n- Add 0001-Configurable-custom-response-headers-for-server.patch\n  (bsc#1171909, CVE-2020-10743)\n\n- Added kibana.yml symlink (bsc#1048688, FATE#323204)\nChanges in openstack-dashboard:\n- Update to version horizon-14.1.1.dev11:\n  * Consume tempest-horizon from PyPI release\n\nChanges in openstack-ironic:\n- Update to version ironic-11.1.5.dev17:\n  * Remove lower-constraints job\n\nChanges in openstack-ironic:\n- Update to version ironic-11.1.5.dev17:\n  * Remove lower-constraints job\n\nChanges in openstack-neutron:\n- Update to version neutron-13.0.8.dev164:\n  * Schedule networks to new segments if needed\n\n- Update to version neutron-13.0.8.dev162:\n  * Fix invalid JSON generated by quota details\n\n- Update to version neutron-13.0.8.dev160:\n  * Fix deletion of rfp interfaces when router is re-enabled\n\n- Update to version neutron-13.0.8.dev159:\n  * [OVS FW] Allow egress ICMPv6 only for know addresses\n  * [OVS FW] Clean conntrack entries with mark == CT\\_MARK\\_INVALID\n\n- Update to version neutron-13.0.8.dev155:\n  * Fix removal of dvr-src mac flows when non-gateway port on router is deleted\n\n- Update to version neutron-13.0.8.dev153:\n  * Add some wait time between stopping and starting again ovsdb monitor\n  * Workaround for TCP checksum issue with ovs-dpdk and  veth pair\n\n- Update to version neutron-13.0.8.dev149:\n  * Fix wrong packet\\_type set for IPv6 GRE tunnels in OVS\n\n- Update to version neutron-13.0.8.dev148:\n  * Fix losses of ovs flows when ovs is restarted\n\nChanges in openstack-neutron:\n- Update to version neutron-13.0.8.dev164:\n  * Schedule networks to new segments if needed\n\n- Update to version neutron-13.0.8.dev162:\n  * Fix invalid JSON generated by quota details\n\n- Update to version neutron-13.0.8.dev160:\n  * Fix deletion of rfp interfaces when router is re-enabled\n\n- Update to version neutron-13.0.8.dev159:\n  * [OVS FW] Allow egress ICMPv6 only for know addresses\n  * [OVS FW] Clean conntrack entries with mark == CT\\_MARK\\_INVALID\n\n- Update to version neutron-13.0.8.dev155:\n  * Fix removal of dvr-src mac flows when non-gateway port on router is deleted\n\n- Update to version neutron-13.0.8.dev153:\n  * Add some wait time between stopping and starting again ovsdb monitor\n  * Workaround for TCP checksum issue with ovs-dpdk and  veth pair\n\n- Update to version neutron-13.0.8.dev149:\n  * Fix wrong packet\\_type set for IPv6 GRE tunnels in OVS\n\n- Update to version neutron-13.0.8.dev148:\n  * Fix losses of ovs flows when ovs is restarted\n\nChanges in openstack-neutron-gbp:\n- Update to version group-based-policy-12.0.1.dev29:\n  * gbp-validate: Tenant and resource level scoping\n  2014.2.0rc1\n\n- Update to version group-based-policy-12.0.1.dev27:\n  * Import data\\_utils from the new location\n\n- Update to version group-based-policy-12.0.1.dev26:\n  * Add SNAT port's Mac Address to the host\\_snat\\_ips dictionary\n\n- Update to version group-based-policy-12.0.1.dev25:\n  * Add support for victoria\n  2014.2.rc1\n\n- Update to version group-based-policy-12.0.1.dev24:\n  * Fix deletion of SVI networks\n\n- Update to version group-based-policy-12.0.1.dev23:\n  * Allow per-port qos configuration on dhcp port\n  2014.2rc1\n\n- Update to version group-based-policy-12.0.1.dev22:\n  * Add connectivity parameter to driver\n  * [AIM] Fix ERSPAN extension\n  2014.2.rc1\n\n- Update to version group-based-policy-12.0.1.dev19:\n  * Fix exception with cleanup\n  2014.2.0rc1\n\n- Update to version group-based-policy-12.0.1.dev18:\n  * Add workaround to get\\_subnets\n\nChanges in openstack-nova:\n- Update to version nova-18.3.1.dev82:\n  * [stable-only] gate: Pin CEPH\\_RELEASE to nautilus in LM hook\n  * Change default num\\_retries for glance to 3\n\nChanges in openstack-nova:\n- Update to version nova-18.3.1.dev82:\n  * [stable-only] gate: Pin CEPH\\_RELEASE to nautilus in LM hook\n  * Change default num\\_retries for glance to 3\n\nChanges in python-Django1:\n- Add CVE-2021-33203.patch (bsc#1186608, CVE-2021-33203)\n    * Fixed potential path-traversal via admindocs' TemplateDetailView.\n- Add CVE-2021-33571.patch (bsc#1186611, CVE-2021-33571)\n    * Prevented leading zeros in IPv4 addresses.\n\n- Add CVE-2021-31542.patch (bsc#1185623, CVE-2021-31542)\n    * Fixed CVE-2021-31542 -- Tightened path and file name sanitation in file\n      uploads.\n\n- Add CVE-2021-28658.patch (bsc#1184148, CVE-2021-28658)\n  * Fixed potential directory-traversal via uploaded files\n\n- Add CVE-2021-23336.patch (bsc#1182433, CVE-2021-23336)\n  * Fixed web cache poisoning via django.utils.http.limited_parse_qsl()\n\n\nChanges in python-py:\n- Add CVE-2020-29651.patch ((bsc#1179805, CVE-2020-29651)\n  * svnwc: fix regular expression vulnerable to DoS in blame\n    functionality\n\nChanges in python-pysaml2:\n- Fix patches (SOC-11453)\n  * 0005-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch\n     - rename saml2.xml to saml2.samlxml to avoid overriding\n       the xml module in the system module path\n     - add missing __init__.py files\n     - add missing saml2/data package to setup.py\n  * 0007-Make-previous-commits-python2-compatible.patch so as not to\n     - Adjust to saml2.xml to saml2.samlxml changes\n     - Fix a few more syntax errors and Python2-isms.\n\n- Fix CVE-2021-21238, bsc#1181277 with\n  0002-Strengthen-XSW-tests.patch ,\n  0003-Fix-the-parser-to-not-break-on-ePTID-AttributeValues.patch ,\n  0004-Add-xsd-schemas.patch ,\n  0005-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch .\n  This adds a dependency on python-xmlschema, which depends on\n  python-elementpath, thus both need to be added for this to work.\n  The used python-xmlschema needs to support the sandbox argument\n  which was added in 1.2.0 and refined in 1.2.1, but that version\n  doesn't support python2, so a patched version that does both is\n  needed.\n  Add 0007-Make-previous-commits-python2-compatible.patch to\n  not add a dependency on reportlib_resources and make other\n  changes python2 compatible.\n. Fix CVE-2021-21239, bsc#1181278 with\n  0006-Fix-CVE-2021-21239-Restrict-the-key-data-that-xmlsec.patch\n\nChanges in python-xmlschema:\n\n- Add 3 patches to backport sandbox argument, which is needed by a security fix\n  in python-pysaml2 and one patch to make backport python2 compatible.\n- Upstream url changed\n- Add rpmlintrc to make it work on Leap 42.3\n- Update to 1.0.18:\n  * Fix for *ModelVisitor.iter_unordered_content()*\n  * Fixed default converter, AbderaConverter and JsonMLConverter for xs:anyType decode\n  * Fixed validation tests with all converters\n  * Added UnorderedConverter to validation tests\n- Update to 1.0.17:\n  * Enhancement of validation-only speed (~15%)\n  * Added *is_valid()* and *iter_errors()* to module API\n- Update to 1.0.16:\n  * Improved XMLResource class for working with compressed files\n  * Fix for validation with XSD wildcards and 'lax' process content\n  * Fix ambiguous items validation for xs:choice and xs:sequence models\n\n- Handle UnicodeDecodeErrors during build process\n\n- Update to 1.0.15:\n  * Improved XPath 2.0 bindings\n  * Added logging for schema initialization and building (handled with argument loglevel)\n  * Update encoding of collapsed contents with a new model based reordering method\n  * Removed XLink namespace from meta-schema (loaded from a fallback location like XHTML)\n  * Fixed half of failed W3C instance tests (remain 255 over 15344 tests)\n\n- Initial commit, needed by pytest 5.1.2\nChanges in python-elementpath:\n\n- Update to 1.3.1:\n  * Improved schema proxy\n  * Improved XSD type matching using paths\n  * Cached parent path for XPathContext (only Python 3)\n  * Improve typed selection with TypedAttribute and TypedElement named-tuples\n  * Add iter_results to XPathContext\n  * Remove XMLSchemaProxy from package\n  * Fix descendant shortcut operator '//'\n  * Fix text() function\n  * Fix typed select of '(name)' token\n  * Fix 24-hour time for DateTime\n\n- Skip test_hashing to fix 32bit builds\n\n- Initial commit needed by python-xmlschema\nChanges in rubygem-activerecord-session_store:\n- added CVE-2019-25025.patch (CVE-2019-25025, bsc#1183174)\n  * This requires CVE-2019-16782.patch to be included in\n    rubygem-actionpack-4_2 to work correctly.\n\nChanges in venv-openstack-keystone\n- Add python-xmlschema and python-elementpath for new python-pysaml2 version.\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58],{"_key":15},"CVE-2017-11481",{"_key":17},"CVE-2017-11499",{"_key":19},"CVE-2018-18623",{"_key":21},"CVE-2018-18624",{"_key":23},"CVE-2018-18625",{"_key":25},"CVE-2018-19039",{"_key":27},"CVE-2019-15043",{"_key":29},"CVE-2019-25025",{"_key":31},"CVE-2020-10743",{"_key":33},"CVE-2020-11110",{"_key":35},"CVE-2020-12052",{"_key":37},"CVE-2020-13379",{"_key":39},"CVE-2020-17516",{"_key":41},"CVE-2020-24303",{"_key":43},"CVE-2020-29651",{"_key":45},"CVE-2021-21238",{"_key":47},"CVE-2021-21239",{"_key":49},"CVE-2021-23336",{"_key":51},"CVE-2021-27358",{"_key":53},"CVE-2021-28658",{"_key":55},"CVE-2021-31542",{"_key":57},"CVE-2021-33203",{"_key":59},"CVE-2021-33571",[],[],[63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},"2021-06-11T13:13:53Z","2026-02-04T03:22:05.167952Z",{"cisa_kev":89,"cisa_ransomware":89,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[91,97,102,106,110,114,118,122,126,130,134,138,142,146,150,154,158,162,166,170,174,178,182,186,190,195,199,203,207,211,215,219,223,227,231,235,239,243,247,251,255,259,263,267,271,275,279],{"url":92,"sources":93,"tags":95},"https://www.suse.com/support/update/announcement/2021/suse-su-20211962-1/",[94],"osv_suse",[96],"Advisory",{"url":98,"sources":99,"tags":100},"https://bugzilla.suse.com/1044849",[94],[101],"REPORT",{"url":103,"sources":104,"tags":105},"https://bugzilla.suse.com/1048688",[94],[101],{"url":107,"sources":108,"tags":109},"https://bugzilla.suse.com/1115960",[94],[101],{"url":111,"sources":112,"tags":113},"https://bugzilla.suse.com/1148383",[94],[101],{"url":115,"sources":116,"tags":117},"https://bugzilla.suse.com/1170657",[94],[101],{"url":119,"sources":120,"tags":121},"https://bugzilla.suse.com/1171909",[94],[101],{"url":123,"sources":124,"tags":125},"https://bugzilla.suse.com/1172409",[94],[101],{"url":127,"sources":128,"tags":129},"https://bugzilla.suse.com/1172450",[94],[101],{"url":131,"sources":132,"tags":133},"https://bugzilla.suse.com/1174583",[94],[101],{"url":135,"sources":136,"tags":137},"https://bugzilla.suse.com/1178243",[94],[101],{"url":139,"sources":140,"tags":141},"https://bugzilla.suse.com/1179805",[94],[101],{"url":143,"sources":144,"tags":145},"https://bugzilla.suse.com/1181277",[94],[101],{"url":147,"sources":148,"tags":149},"https://bugzilla.suse.com/1181278",[94],[101],{"url":151,"sources":152,"tags":153},"https://bugzilla.suse.com/1181689",[94],[101],{"url":155,"sources":156,"tags":157},"https://bugzilla.suse.com/1181690",[94],[101],{"url":159,"sources":160,"tags":161},"https://bugzilla.suse.com/1182317",[94],[101],{"url":163,"sources":164,"tags":165},"https://bugzilla.suse.com/1182433",[94],[101],{"url":167,"sources":168,"tags":169},"https://bugzilla.suse.com/1183174",[94],[101],{"url":171,"sources":172,"tags":173},"https://bugzilla.suse.com/1183803",[94],[101],{"url":175,"sources":176,"tags":177},"https://bugzilla.suse.com/1184148",[94],[101],{"url":179,"sources":180,"tags":181},"https://bugzilla.suse.com/1185623",[94],[101],{"url":183,"sources":184,"tags":185},"https://bugzilla.suse.com/1186608",[94],[101],{"url":187,"sources":188,"tags":189},"https://bugzilla.suse.com/1186611",[94],[101],{"url":191,"sources":192,"tags":193},"https://www.suse.com/security/cve/CVE-2017-11481",[94],[194],"WEB",{"url":196,"sources":197,"tags":198},"https://www.suse.com/security/cve/CVE-2017-11499",[94],[194],{"url":200,"sources":201,"tags":202},"https://www.suse.com/security/cve/CVE-2018-18623",[94],[194],{"url":204,"sources":205,"tags":206},"https://www.suse.com/security/cve/CVE-2018-18624",[94],[194],{"url":208,"sources":209,"tags":210},"https://www.suse.com/security/cve/CVE-2018-18625",[94],[194],{"url":212,"sources":213,"tags":214},"https://www.suse.com/security/cve/CVE-2018-19039",[94],[194],{"url":216,"sources":217,"tags":218},"https://www.suse.com/security/cve/CVE-2019-15043",[94],[194],{"url":220,"sources":221,"tags":222},"https://www.suse.com/security/cve/CVE-2019-25025",[94],[194],{"url":224,"sources":225,"tags":226},"https://www.suse.com/security/cve/CVE-2020-10743",[94],[194],{"url":228,"sources":229,"tags":230},"https://www.suse.com/security/cve/CVE-2020-11110",[94],[194],{"url":232,"sources":233,"tags":234},"https://www.suse.com/security/cve/CVE-2020-12052",[94],[194],{"url":236,"sources":237,"tags":238},"https://www.suse.com/security/cve/CVE-2020-13379",[94],[194],{"url":240,"sources":241,"tags":242},"https://www.suse.com/security/cve/CVE-2020-17516",[94],[194],{"url":244,"sources":245,"tags":246},"https://www.suse.com/security/cve/CVE-2020-24303",[94],[194],{"url":248,"sources":249,"tags":250},"https://www.suse.com/security/cve/CVE-2020-29651",[94],[194],{"url":252,"sources":253,"tags":254},"https://www.suse.com/security/cve/CVE-2021-21238",[94],[194],{"url":256,"sources":257,"tags":258},"https://www.suse.com/security/cve/CVE-2021-21239",[94],[194],{"url":260,"sources":261,"tags":262},"https://www.suse.com/security/cve/CVE-2021-23336",[94],[194],{"url":264,"sources":265,"tags":266},"https://www.suse.com/security/cve/CVE-2021-27358",[94],[194],{"url":268,"sources":269,"tags":270},"https://www.suse.com/security/cve/CVE-2021-28658",[94],[194],{"url":272,"sources":273,"tags":274},"https://www.suse.com/security/cve/CVE-2021-31542",[94],[194],{"url":276,"sources":277,"tags":278},"https://www.suse.com/security/cve/CVE-2021-33203",[94],[194],{"url":280,"sources":281,"tags":282},"https://www.suse.com/security/cve/CVE-2021-33571",[94],[194],[],[],[],[287,300,307,314,318,325,332,336,343,347,354,358,365,369,376,380,387,391,398,402,409,413,420,424,431,435,442,446,453,457,464,471,478,485,492,499,506,513,520,527,534,541,548,555,562,569,576],{"ecosystem":288,"name":289,"vendor":290,"product":291,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":291,"source":9,"versions":293},"SUSE Linux Enterprise","ardana-neutron","suse","ardana-neutron&distro=SUSE OpenStack Cloud 9","rpm",[294],{"version":295,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":298,"version_end_type":299,"fixed_in":9},"lt9_0+git_1615223676_777f0b3_3_25_2",true,"ecosystem","9.0+git.1615223676.777f0b3-3.25.2","excluding",{"ecosystem":288,"name":301,"vendor":290,"product":302,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":302,"source":9,"versions":303},"ardana-swift","ardana-swift&distro=SUSE OpenStack Cloud 9",[304],{"version":305,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":306,"version_end_type":299,"fixed_in":9},"lt9_0+git_1618235096_90974ed_3_10_2","9.0+git.1618235096.90974ed-3.10.2",{"ecosystem":288,"name":308,"vendor":290,"product":309,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":309,"source":9,"versions":310},"cassandra","cassandra&distro=SUSE OpenStack Cloud 9",[311],{"version":312,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":313,"version_end_type":299,"fixed_in":9},"lt3_11_10_3_3_3","3.11.10-3.3.3",{"ecosystem":288,"name":308,"vendor":290,"product":315,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":315,"source":9,"versions":316},"cassandra&distro=SUSE OpenStack Cloud Crowbar 9",[317],{"version":312,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":313,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":319,"vendor":290,"product":320,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":320,"source":9,"versions":321},"crowbar-openstack","crowbar-openstack&distro=SUSE OpenStack Cloud Crowbar 9",[322],{"version":323,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":324,"version_end_type":299,"fixed_in":9},"lt6_0+git_1616146717_a89ae0f4e_3_34_4","6.0+git.1616146717.a89ae0f4e-3.34.4",{"ecosystem":288,"name":326,"vendor":290,"product":327,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":327,"source":9,"versions":328},"grafana","grafana&distro=SUSE OpenStack Cloud 9",[329],{"version":330,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":331,"version_end_type":299,"fixed_in":9},"lt6_7_4_3_23_2","6.7.4-3.23.2",{"ecosystem":288,"name":326,"vendor":290,"product":333,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":333,"source":9,"versions":334},"grafana&distro=SUSE OpenStack Cloud Crowbar 9",[335],{"version":330,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":331,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":337,"vendor":290,"product":338,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":338,"source":9,"versions":339},"kibana","kibana&distro=SUSE OpenStack Cloud 9",[340],{"version":341,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":342,"version_end_type":299,"fixed_in":9},"lt4_6_6_4_9_2","4.6.6-4.9.2",{"ecosystem":288,"name":337,"vendor":290,"product":344,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":344,"source":9,"versions":345},"kibana&distro=SUSE OpenStack Cloud Crowbar 9",[346],{"version":341,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":342,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":348,"vendor":290,"product":349,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":349,"source":9,"versions":350},"openstack-dashboard","openstack-dashboard&distro=SUSE OpenStack Cloud 9",[351],{"version":352,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":353,"version_end_type":299,"fixed_in":9},"lt14_1_1~dev11_3_24_6","14.1.1~dev11-3.24.6",{"ecosystem":288,"name":348,"vendor":290,"product":355,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":355,"source":9,"versions":356},"openstack-dashboard&distro=SUSE OpenStack Cloud Crowbar 9",[357],{"version":352,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":353,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":359,"vendor":290,"product":360,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":360,"source":9,"versions":361},"openstack-ironic","openstack-ironic&distro=SUSE OpenStack Cloud 9",[362],{"version":363,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":364,"version_end_type":299,"fixed_in":9},"lt11_1_5~dev17_3_25_5","11.1.5~dev17-3.25.5",{"ecosystem":288,"name":359,"vendor":290,"product":366,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":366,"source":9,"versions":367},"openstack-ironic&distro=SUSE OpenStack Cloud Crowbar 9",[368],{"version":363,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":364,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":370,"vendor":290,"product":371,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":371,"source":9,"versions":372},"openstack-neutron-gbp","openstack-neutron-gbp&distro=SUSE OpenStack Cloud 9",[373],{"version":374,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":375,"version_end_type":299,"fixed_in":9},"lt12_0_1~dev29_3_25_3","12.0.1~dev29-3.25.3",{"ecosystem":288,"name":370,"vendor":290,"product":377,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":377,"source":9,"versions":378},"openstack-neutron-gbp&distro=SUSE OpenStack Cloud Crowbar 9",[379],{"version":374,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":375,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":381,"vendor":290,"product":382,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":382,"source":9,"versions":383},"openstack-neutron","openstack-neutron&distro=SUSE OpenStack Cloud 9",[384],{"version":385,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":386,"version_end_type":299,"fixed_in":9},"lt13_0_8~dev164_3_37_4","13.0.8~dev164-3.37.4",{"ecosystem":288,"name":381,"vendor":290,"product":388,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":388,"source":9,"versions":389},"openstack-neutron&distro=SUSE OpenStack Cloud Crowbar 9",[390],{"version":385,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":386,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":392,"vendor":290,"product":393,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":393,"source":9,"versions":394},"openstack-nova","openstack-nova&distro=SUSE OpenStack Cloud 9",[395],{"version":396,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":397,"version_end_type":299,"fixed_in":9},"lt18_3_1~dev82_3_37_6","18.3.1~dev82-3.37.6",{"ecosystem":288,"name":392,"vendor":290,"product":399,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":399,"source":9,"versions":400},"openstack-nova&distro=SUSE OpenStack Cloud Crowbar 9",[401],{"version":396,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":397,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":403,"vendor":290,"product":404,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":404,"source":9,"versions":405},"python-Django1","python-Django1&distro=SUSE OpenStack Cloud 9",[406],{"version":407,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":408,"version_end_type":299,"fixed_in":9},"lt1_11_29_3_25_1","1.11.29-3.25.1",{"ecosystem":288,"name":403,"vendor":290,"product":410,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":410,"source":9,"versions":411},"python-Django1&distro=SUSE OpenStack Cloud Crowbar 9",[412],{"version":407,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":408,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":414,"vendor":290,"product":415,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":415,"source":9,"versions":416},"python-elementpath","python-elementpath&distro=SUSE OpenStack Cloud 9",[417],{"version":418,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":419,"version_end_type":299,"fixed_in":9},"lt1_3_1_1_3_2","1.3.1-1.3.2",{"ecosystem":288,"name":414,"vendor":290,"product":421,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":421,"source":9,"versions":422},"python-elementpath&distro=SUSE OpenStack Cloud Crowbar 9",[423],{"version":418,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":419,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":425,"vendor":290,"product":426,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":426,"source":9,"versions":427},"python-py","python-py&distro=SUSE OpenStack Cloud 9",[428],{"version":429,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":430,"version_end_type":299,"fixed_in":9},"lt1_5_4_3_3_2","1.5.4-3.3.2",{"ecosystem":288,"name":425,"vendor":290,"product":432,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":432,"source":9,"versions":433},"python-py&distro=SUSE OpenStack Cloud Crowbar 9",[434],{"version":429,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":430,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":436,"vendor":290,"product":437,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":437,"source":9,"versions":438},"python-pysaml2","python-pysaml2&distro=SUSE OpenStack Cloud 9",[439],{"version":440,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":441,"version_end_type":299,"fixed_in":9},"lt4_5_0_4_6_2","4.5.0-4.6.2",{"ecosystem":288,"name":436,"vendor":290,"product":443,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":443,"source":9,"versions":444},"python-pysaml2&distro=SUSE OpenStack Cloud Crowbar 9",[445],{"version":440,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":441,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":447,"vendor":290,"product":448,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":448,"source":9,"versions":449},"python-xmlschema","python-xmlschema&distro=SUSE OpenStack Cloud 9",[450],{"version":451,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":452,"version_end_type":299,"fixed_in":9},"lt1_0_18_1_3_2","1.0.18-1.3.2",{"ecosystem":288,"name":447,"vendor":290,"product":454,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":454,"source":9,"versions":455},"python-xmlschema&distro=SUSE OpenStack Cloud Crowbar 9",[456],{"version":451,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":452,"version_end_type":299,"fixed_in":9},{"ecosystem":288,"name":458,"vendor":290,"product":459,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":459,"source":9,"versions":460},"rubygem-activerecord-session_store","rubygem-activerecord-session_store&distro=SUSE OpenStack Cloud Crowbar 9",[461],{"version":462,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":463,"version_end_type":299,"fixed_in":9},"lt0_1_2_4_3_2","0.1.2-4.3.2",{"ecosystem":288,"name":465,"vendor":290,"product":466,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":466,"source":9,"versions":467},"venv-openstack-barbican","venv-openstack-barbican&distro=SUSE OpenStack Cloud 9",[468],{"version":469,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":470,"version_end_type":299,"fixed_in":9},"lt7_0_1~dev24_3_23_1","7.0.1~dev24-3.23.1",{"ecosystem":288,"name":472,"vendor":290,"product":473,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":473,"source":9,"versions":474},"venv-openstack-cinder","venv-openstack-cinder&distro=SUSE OpenStack Cloud 9",[475],{"version":476,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":477,"version_end_type":299,"fixed_in":9},"lt13_0_10~dev20_3_26_1","13.0.10~dev20-3.26.1",{"ecosystem":288,"name":479,"vendor":290,"product":480,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":480,"source":9,"versions":481},"venv-openstack-designate","venv-openstack-designate&distro=SUSE OpenStack Cloud 9",[482],{"version":483,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":484,"version_end_type":299,"fixed_in":9},"lt7_0_2~dev2_3_23_1","7.0.2~dev2-3.23.1",{"ecosystem":288,"name":486,"vendor":290,"product":487,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":487,"source":9,"versions":488},"venv-openstack-glance","venv-openstack-glance&distro=SUSE OpenStack Cloud 9",[489],{"version":490,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":491,"version_end_type":299,"fixed_in":9},"lt17_0_1~dev30_3_21_1","17.0.1~dev30-3.21.1",{"ecosystem":288,"name":493,"vendor":290,"product":494,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":494,"source":9,"versions":495},"venv-openstack-heat","venv-openstack-heat&distro=SUSE OpenStack Cloud 9",[496],{"version":497,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":498,"version_end_type":299,"fixed_in":9},"lt11_0_4~dev4_3_23_1","11.0.4~dev4-3.23.1",{"ecosystem":288,"name":500,"vendor":290,"product":501,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":501,"source":9,"versions":502},"venv-openstack-horizon","venv-openstack-horizon&distro=SUSE OpenStack Cloud 9",[503],{"version":504,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":505,"version_end_type":299,"fixed_in":9},"lt14_1_1~dev11_4_27_3","14.1.1~dev11-4.27.3",{"ecosystem":288,"name":507,"vendor":290,"product":508,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":508,"source":9,"versions":509},"venv-openstack-ironic","venv-openstack-ironic&distro=SUSE OpenStack Cloud 9",[510],{"version":511,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":512,"version_end_type":299,"fixed_in":9},"lt11_1_5~dev17_4_21_2","11.1.5~dev17-4.21.2",{"ecosystem":288,"name":514,"vendor":290,"product":515,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":515,"source":9,"versions":516},"venv-openstack-keystone","venv-openstack-keystone&distro=SUSE OpenStack Cloud 9",[517],{"version":518,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":519,"version_end_type":299,"fixed_in":9},"lt14_2_1~dev4_3_24_3","14.2.1~dev4-3.24.3",{"ecosystem":288,"name":521,"vendor":290,"product":522,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":522,"source":9,"versions":523},"venv-openstack-magnum","venv-openstack-magnum&distro=SUSE OpenStack Cloud 9",[524],{"version":525,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":526,"version_end_type":299,"fixed_in":9},"lt7_2_1~dev1_4_23_1","7.2.1~dev1-4.23.1",{"ecosystem":288,"name":528,"vendor":290,"product":529,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":529,"source":9,"versions":530},"venv-openstack-manila","venv-openstack-manila&distro=SUSE OpenStack Cloud 9",[531],{"version":532,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":533,"version_end_type":299,"fixed_in":9},"lt7_4_2~dev60_3_29_1","7.4.2~dev60-3.29.1",{"ecosystem":288,"name":535,"vendor":290,"product":536,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":536,"source":9,"versions":537},"venv-openstack-monasca-ceilometer","venv-openstack-monasca-ceilometer&distro=SUSE OpenStack Cloud 9",[538],{"version":539,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":540,"version_end_type":299,"fixed_in":9},"lt1_8_2~dev3_3_23_2","1.8.2~dev3-3.23.2",{"ecosystem":288,"name":542,"vendor":290,"product":543,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":543,"source":9,"versions":544},"venv-openstack-monasca","venv-openstack-monasca&distro=SUSE OpenStack Cloud 9",[545],{"version":546,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":547,"version_end_type":299,"fixed_in":9},"lt2_7_1~dev10_3_21_1","2.7.1~dev10-3.21.1",{"ecosystem":288,"name":549,"vendor":290,"product":550,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":550,"source":9,"versions":551},"venv-openstack-neutron","venv-openstack-neutron&distro=SUSE OpenStack Cloud 9",[552],{"version":553,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":554,"version_end_type":299,"fixed_in":9},"lt13_0_8~dev164_6_27_3","13.0.8~dev164-6.27.3",{"ecosystem":288,"name":556,"vendor":290,"product":557,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":557,"source":9,"versions":558},"venv-openstack-nova","venv-openstack-nova&distro=SUSE OpenStack Cloud 9",[559],{"version":560,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":561,"version_end_type":299,"fixed_in":9},"lt18_3_1~dev82_3_27_3","18.3.1~dev82-3.27.3",{"ecosystem":288,"name":563,"vendor":290,"product":564,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":564,"source":9,"versions":565},"venv-openstack-octavia","venv-openstack-octavia&distro=SUSE OpenStack Cloud 9",[566],{"version":567,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":568,"version_end_type":299,"fixed_in":9},"lt3_2_3~dev7_4_23_1","3.2.3~dev7-4.23.1",{"ecosystem":288,"name":570,"vendor":290,"product":571,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":571,"source":9,"versions":572},"venv-openstack-sahara","venv-openstack-sahara&distro=SUSE OpenStack Cloud 9",[573],{"version":574,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":575,"version_end_type":299,"fixed_in":9},"lt9_0_2~dev15_3_23_1","9.0.2~dev15-3.23.1",{"ecosystem":288,"name":577,"vendor":290,"product":578,"cpe_part":9,"purl_type":292,"purl_namespace":290,"purl_name":578,"source":9,"versions":579},"venv-openstack-swift","venv-openstack-swift&distro=SUSE OpenStack Cloud 9",[580],{"version":581,"is_range":296,"range_type":297,"version_start":9,"version_start_type":9,"version_end":582,"version_end_type":299,"fixed_in":9},"lt2_19_2~dev48_2_18_1","2.19.2~dev48-2.18.1"]