Upstream information

CVE-2019-16789 at MITRE

Description

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.4
Vector AV:N/AC:L/Au:N/C:P/I:P/A:N
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact None
CVSS v3 Scores
  National Vulnerability Database SUSE
Base Score 8.2 7.1
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
Access Vector Network Network
Access Complexity Low Low
Privileges Required None Low
User Interaction None None
Scope Unchanged Unchanged
Confidentiality Impact Low Low
Integrity Impact High High
Availability Impact None None
CVSSv3 Version 3.1 3.1
SUSE Bugzilla entry: 1160790 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Container ses/6/cephcsi/cephcsi:1.2.0.0.1.5.338
Container ses/6/rook/ceph:1.1.1.0.1.5.334
Container ses/7.1/cephcsi/cephcsi:3.5.1.0.3.2.10
Container ses/7.1/rook/ceph:1.8.6.0.3.2.5
Container ses/7/cephcsi/cephcsi:3.1.1.0.3.62
Container ses/7/rook/ceph:sle15.2.octopus
  • python3-waitress >= 1.4.3-3.3.1
HPE Helion Openstack 8
  • ansible >= 2.4.6.0-3.9.1
  • ansible1 >= 1.9.6-7.3.1
  • ardana-ansible >= 8.0+git.1589740980.6c3bcdc-3.73.1
  • ardana-cluster >= 8.0+git.1585685203.3e71e49-3.36.1
  • ardana-freezer >= 8.0+git.1586539529.b7d295f-3.21.1
  • ardana-input-model >= 8.0+git.1589740934.0e0ad61-3.39.1
  • ardana-logging >= 8.0+git.1591194866.b7375d0-3.24.1
  • ardana-mq >= 8.0+git.1589715269.62ad6df-3.22.1
  • ardana-neutron >= 8.0+git.1590756744.ba84abc-3.42.1
  • ardana-octavia >= 8.0+git.1590100427.cf4cc8f-3.29.1
  • ardana-osconfig >= 8.0+git.1587034587.eac37b8-3.45.1
  • caasp-openstack-heat-templates >= 1.0+git.1560518045.ad7dc6d-4.18.1
  • documentation-hpe-helion-openstack-installation >= 8.20200527-1.26.1
  • documentation-hpe-helion-openstack-operations >= 8.20200527-1.26.1
  • documentation-hpe-helion-openstack-opsconsole >= 8.20200527-1.26.1
  • documentation-hpe-helion-openstack-planning >= 8.20200527-1.26.1
  • documentation-hpe-helion-openstack-security >= 8.20200527-1.26.1
  • documentation-hpe-helion-openstack-user >= 8.20200527-1.26.1
  • grafana >= 4.6.5-4.9.1
  • kibana >= 4.6.3-3.3.1
  • openstack-dashboard >= 12.0.5~dev3-3.26.1
  • openstack-dashboard-theme-HPE >= 8+git.1523473653.6599ec8-3.3.1
  • openstack-heat-templates >= 0.0.0+git.1582270132.8a20477-3.15.1
  • openstack-keystone >= 12.0.4~dev11-5.33.2
  • openstack-keystone-doc >= 12.0.4~dev11-5.33.2
  • openstack-monasca-agent >= 2.2.6~dev4-3.18.1
  • openstack-monasca-installer >= 20190923_16.32-3.12.1
  • openstack-neutron >= 11.0.9~dev65-3.33.2
  • openstack-neutron-dhcp-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-doc >= 11.0.9~dev65-3.33.2
  • openstack-neutron-ha-tool >= 11.0.9~dev65-3.33.2
  • openstack-neutron-l3-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-linuxbridge-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-macvtap-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-metadata-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-metering-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-openvswitch-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-server >= 11.0.9~dev65-3.33.2
  • openstack-octavia-amphora-image-x86_64 >= 0.1.4-3.12.2
  • python-Django >= 1.11.23-3.15.1
  • python-Flask >= 0.12.1-3.3.1
  • python-GitPython >= 2.1.8-3.3.1
  • python-Pillow >= 4.2.1-3.5.1
  • python-amqp >= 2.4.2-3.12.1
  • python-apicapi >= 1.6.0-3.6.1
  • python-horizon >= 12.0.5~dev3-3.26.1
  • python-keystone >= 12.0.4~dev11-5.33.2
  • python-keystoneauth1 >= 3.1.2~dev2-3.3.1
  • python-monasca-agent >= 2.2.6~dev4-3.18.1
  • python-neutron >= 11.0.9~dev65-3.33.2
  • python-oslo.messaging >= 5.30.8-3.11.1
  • python-psutil >= 5.2.2-3.3.1
  • python-pyroute2 >= 0.4.21-3.3.1
  • python-pysaml2 >= 4.0.2-5.6.1
  • python-tooz >= 1.58.1-3.3.1
  • python-waitress >= 1.4.3-3.3.1
  • storm >= 1.1.3-3.3.1
  • storm-nimbus >= 1.1.3-3.3.1
  • storm-supervisor >= 1.1.3-3.3.1
  • venv-openstack-aodh-x86_64 >= 5.1.1~dev7-12.26.2
  • venv-openstack-barbican-x86_64 >= 5.0.2~dev3-12.27.2
  • venv-openstack-ceilometer-x86_64 >= 9.0.8~dev7-12.24.2
  • venv-openstack-cinder-x86_64 >= 11.2.3~dev23-14.27.2
  • venv-openstack-designate-x86_64 >= 5.0.3~dev7-12.25.2
  • venv-openstack-freezer-x86_64 >= 5.0.0.0~xrc2~dev2-10.22.1
  • venv-openstack-glance-x86_64 >= 15.0.3~dev3-12.25.1
  • venv-openstack-heat-x86_64 >= 9.0.8~dev22-12.27.1
  • venv-openstack-horizon-hpe-x86_64 >= 12.0.5~dev3-14.30.1
  • venv-openstack-ironic-x86_64 >= 9.1.8~dev8-12.27.2
  • venv-openstack-keystone-x86_64 >= 12.0.4~dev11-11.28.2
  • venv-openstack-magnum-x86_64 >= 5.0.2_5.0.2_5.0.2~dev31-11.26.2
  • venv-openstack-manila-x86_64 >= 5.1.1~dev5-12.31.2
  • venv-openstack-monasca-ceilometer-x86_64 >= 1.5.1_1.5.1_1.5.1~dev3-8.22.2
  • venv-openstack-monasca-x86_64 >= 2.2.2~dev1-11.22.3
  • venv-openstack-murano-x86_64 >= 4.0.2~dev2-12.22.1
  • venv-openstack-neutron-x86_64 >= 11.0.9~dev65-13.30.2
  • venv-openstack-nova-x86_64 >= 16.1.9~dev61-11.28.2
  • venv-openstack-octavia-x86_64 >= 1.0.6~dev3-12.27.2
  • venv-openstack-sahara-x86_64 >= 7.0.5~dev4-11.26.2
  • venv-openstack-swift-x86_64 >= 2.15.2_2.15.2_2.15.2~dev32-11.18.1
  • venv-openstack-trove-x86_64 >= 8.0.2~dev2-11.26.1
Patchnames:
HPE-Helion-OpenStack-8-2020-1901
SUSE Enterprise Storage 5
  • python-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE-Storage-5-2020-3292
SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
  • python3-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE-SLE-Module-Basesystem-15-SP1-2020-3269
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
  • python3-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE-SLE-Module-Basesystem-15-SP2-2020-3269
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Basesystem 15 SP3
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
  • python3-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE Linux Enterprise Module for Basesystem 15 SP3 GA python3-waitress-1.4.3-3.3.1
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise Module for Basesystem 15 SP4
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
  • python3-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE Linux Enterprise Module for Basesystem 15 SP4 GA python3-waitress-1.4.3-3.3.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
  • python3-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE-SLE-Product-HPC-15-2020-3269
SUSE Linux Enterprise Module for Package Hub 15 SP1
  • python2-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE-SLE-Module-Packagehub-Subpackages-15-SP1-2020-3269
SUSE Linux Enterprise Module for Package Hub 15 SP2
  • python2-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-3269
SUSE Linux Enterprise Server 15-LTSS
  • python3-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE-SLE-Product-SLES-15-2020-3269
SUSE Linux Enterprise Server for SAP Applications 15
  • python3-waitress >= 1.4.3-3.3.1
Patchnames:
SUSE-SLE-Product-SLES_SAP-15-2020-3269
SUSE OpenStack Cloud 7
  • ansible >= 2.2.3.0-12.2
  • crowbar-core >= 4.0+git.1580209654.1d112d31f-9.66.5
  • crowbar-core-branding-upstream >= 4.0+git.1580209654.1d112d31f-9.66.5
  • crowbar-ha >= 4.0+git.1585316203.d6ad2c8-4.52.4
  • crowbar-openstack >= 4.0+git.1589804581.9972163f0-9.71.4
  • grafana >= 4.6.5-1.14.1
  • keepalived >= 2.0.19-1.8.1
  • kibana >= 4.6.3-5.1
  • memcached >= 1.5.17-3.6.1
  • monasca-installer >= 20180608_12.47-12.1
  • openstack-dashboard-theme-SUSE >= 2016.2-5.12.4
  • openstack-manila >= 3.0.1~dev30-4.12.2
  • openstack-manila-api >= 3.0.1~dev30-4.12.2
  • openstack-manila-data >= 3.0.1~dev30-4.12.2
  • openstack-manila-doc >= 3.0.1~dev30-4.12.3
  • openstack-manila-scheduler >= 3.0.1~dev30-4.12.2
  • openstack-manila-share >= 3.0.1~dev30-4.12.2
  • openstack-neutron-fwaas >= 9.0.2~dev5-4.9.3
  • openstack-neutron-fwaas-doc >= 9.0.2~dev5-4.9.4
  • openstack-nova >= 14.0.11~dev13-4.40.2
  • openstack-nova-api >= 14.0.11~dev13-4.40.2
  • openstack-nova-cells >= 14.0.11~dev13-4.40.2
  • openstack-nova-cert >= 14.0.11~dev13-4.40.2
  • openstack-nova-compute >= 14.0.11~dev13-4.40.2
  • openstack-nova-conductor >= 14.0.11~dev13-4.40.2
  • openstack-nova-console >= 14.0.11~dev13-4.40.2
  • openstack-nova-consoleauth >= 14.0.11~dev13-4.40.2
  • openstack-nova-doc >= 14.0.11~dev13-4.40.2
  • openstack-nova-novncproxy >= 14.0.11~dev13-4.40.2
  • openstack-nova-placement-api >= 14.0.11~dev13-4.40.2
  • openstack-nova-scheduler >= 14.0.11~dev13-4.40.2
  • openstack-nova-serialproxy >= 14.0.11~dev13-4.40.2
  • openstack-nova-vncproxy >= 14.0.11~dev13-4.40.2
  • openstack-tempest >= 12.2.1~a0~dev177-4.9.1
  • openstack-tempest-test >= 12.2.1~a0~dev177-4.9.1
  • python-Django >= 1.8.19-3.23.1
  • python-Pillow >= 2.8.1-4.12.1
  • python-manila >= 3.0.1~dev30-4.12.2
  • python-neutron-fwaas >= 9.0.2~dev5-4.9.3
  • python-nova >= 14.0.11~dev13-4.40.2
  • python-psql2mysql >= 0.5.0+git.1589351878.4ef877c-1.12.1
  • python-psutil >= 1.2.1-21.1
  • python-py >= 1.8.1-11.12.1
  • python-pysaml2 >= 4.0.2-3.17.1
  • python-tempest >= 12.2.1~a0~dev177-4.9.1
  • python-waitress >= 1.4.3-3.3.1
  • rabbitmq-server >= 3.4.4-3.16.1
  • rabbitmq-server-plugins >= 3.4.4-3.16.1
  • release-notes-suse-openstack-cloud >= 7.20180803-3.18.3
  • ruby2.1-rubygem-activeresource >= 4.0.0-3.3.1
  • ruby2.1-rubygem-crowbar-client >= 3.9.2-7.20.1
  • ruby2.1-rubygem-json-1_7 >= 1.7.7-3.3.1
  • ruby2.1-rubygem-puma >= 2.16.0-4.6.1
  • zookeeper-server >= 3.4.10-6.1
Patchnames:
SUSE-OpenStack-Cloud-7-2020-2072
SUSE OpenStack Cloud 8
  • ansible >= 2.4.6.0-3.9.1
  • ansible1 >= 1.9.6-7.3.1
  • ardana-ansible >= 8.0+git.1589740980.6c3bcdc-3.73.1
  • ardana-cluster >= 8.0+git.1585685203.3e71e49-3.36.1
  • ardana-freezer >= 8.0+git.1586539529.b7d295f-3.21.1
  • ardana-input-model >= 8.0+git.1589740934.0e0ad61-3.39.1
  • ardana-logging >= 8.0+git.1591194866.b7375d0-3.24.1
  • ardana-mq >= 8.0+git.1589715269.62ad6df-3.22.1
  • ardana-neutron >= 8.0+git.1590756744.ba84abc-3.42.1
  • ardana-octavia >= 8.0+git.1590100427.cf4cc8f-3.29.1
  • ardana-osconfig >= 8.0+git.1587034587.eac37b8-3.45.1
  • caasp-openstack-heat-templates >= 1.0+git.1560518045.ad7dc6d-4.18.1
  • documentation-suse-openstack-cloud-installation >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-operations >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-opsconsole >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-planning >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-security >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-supplement >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-upstream-admin >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-upstream-user >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-user >= 8.20200527-1.26.1
  • grafana >= 4.6.5-4.9.1
  • kibana >= 4.6.3-3.3.1
  • openstack-dashboard >= 12.0.5~dev3-3.26.1
  • openstack-heat-templates >= 0.0.0+git.1582270132.8a20477-3.15.1
  • openstack-keystone >= 12.0.4~dev11-5.33.2
  • openstack-keystone-doc >= 12.0.4~dev11-5.33.2
  • openstack-monasca-agent >= 2.2.6~dev4-3.18.1
  • openstack-monasca-installer >= 20190923_16.32-3.12.1
  • openstack-neutron >= 11.0.9~dev65-3.33.2
  • openstack-neutron-dhcp-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-doc >= 11.0.9~dev65-3.33.2
  • openstack-neutron-ha-tool >= 11.0.9~dev65-3.33.2
  • openstack-neutron-l3-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-linuxbridge-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-macvtap-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-metadata-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-metering-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-openvswitch-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-server >= 11.0.9~dev65-3.33.2
  • openstack-octavia-amphora-image-x86_64 >= 0.1.4-3.12.2
  • python-Django >= 1.11.23-3.15.1
  • python-Flask >= 0.12.1-3.3.1
  • python-GitPython >= 2.1.8-3.3.1
  • python-Pillow >= 4.2.1-3.5.1
  • python-amqp >= 2.4.2-3.12.1
  • python-apicapi >= 1.6.0-3.6.1
  • python-horizon >= 12.0.5~dev3-3.26.1
  • python-keystone >= 12.0.4~dev11-5.33.2
  • python-keystoneauth1 >= 3.1.2~dev2-3.3.1
  • python-monasca-agent >= 2.2.6~dev4-3.18.1
  • python-neutron >= 11.0.9~dev65-3.33.2
  • python-oslo.messaging >= 5.30.8-3.11.1
  • python-psutil >= 5.2.2-3.3.1
  • python-pyroute2 >= 0.4.21-3.3.1
  • python-pysaml2 >= 4.0.2-5.6.1
  • python-tooz >= 1.58.1-3.3.1
  • python-waitress >= 1.4.3-3.3.1
  • storm >= 1.1.3-3.3.1
  • storm-nimbus >= 1.1.3-3.3.1
  • storm-supervisor >= 1.1.3-3.3.1
  • venv-openstack-aodh-x86_64 >= 5.1.1~dev7-12.26.2
  • venv-openstack-barbican-x86_64 >= 5.0.2~dev3-12.27.2
  • venv-openstack-ceilometer-x86_64 >= 9.0.8~dev7-12.24.2
  • venv-openstack-cinder-x86_64 >= 11.2.3~dev23-14.27.2
  • venv-openstack-designate-x86_64 >= 5.0.3~dev7-12.25.2
  • venv-openstack-freezer-x86_64 >= 5.0.0.0~xrc2~dev2-10.22.1
  • venv-openstack-glance-x86_64 >= 15.0.3~dev3-12.25.1
  • venv-openstack-heat-x86_64 >= 9.0.8~dev22-12.27.1
  • venv-openstack-horizon-x86_64 >= 12.0.5~dev3-14.30.1
  • venv-openstack-ironic-x86_64 >= 9.1.8~dev8-12.27.2
  • venv-openstack-keystone-x86_64 >= 12.0.4~dev11-11.28.2
  • venv-openstack-magnum-x86_64 >= 5.0.2_5.0.2_5.0.2~dev31-11.26.2
  • venv-openstack-manila-x86_64 >= 5.1.1~dev5-12.31.2
  • venv-openstack-monasca-ceilometer-x86_64 >= 1.5.1_1.5.1_1.5.1~dev3-8.22.2
  • venv-openstack-monasca-x86_64 >= 2.2.2~dev1-11.22.3
  • venv-openstack-murano-x86_64 >= 4.0.2~dev2-12.22.1
  • venv-openstack-neutron-x86_64 >= 11.0.9~dev65-13.30.2
  • venv-openstack-nova-x86_64 >= 16.1.9~dev61-11.28.2
  • venv-openstack-octavia-x86_64 >= 1.0.6~dev3-12.27.2
  • venv-openstack-sahara-x86_64 >= 7.0.5~dev4-11.26.2
  • venv-openstack-swift-x86_64 >= 2.15.2_2.15.2_2.15.2~dev32-11.18.1
  • venv-openstack-trove-x86_64 >= 8.0.2~dev2-11.26.1
Patchnames:
SUSE-OpenStack-Cloud-8-2020-1901
SUSE OpenStack Cloud 9
  • ansible1 >= 1.9.6-9.7.2
  • ardana-ansible >= 9.0+git.1591138508.e269bdb-3.22.2
  • ardana-cobbler >= 9.0+git.1588181228.bae3b1f-3.13.2
  • ardana-glance >= 9.0+git.1593631708.9354a78-3.13.2
  • ardana-input-model >= 9.0+git.1589740948.c24fc0b-3.19.2
  • ardana-logging >= 9.0+git.1591193994.d93b668-3.13.2
  • ardana-manila >= 9.0+git.1594158642.b5905e4-3.12.2
  • ardana-monasca >= 9.0+git.1589385256.7fbfaaf-3.19.2
  • ardana-mq >= 9.0+git.1593618110.cbd1a37-3.16.2
  • ardana-neutron >= 9.0+git.1590756257.e09d54f-3.22.2
  • ardana-octavia >= 9.0+git.1590079609.a2ae6ab-3.19.2
  • ardana-tempest >= 9.0+git.1593033709.9495bb2-3.16.2
  • grafana >= 6.2.5-3.12.2
  • kibana >= 4.6.3-4.3.2
  • openstack-barbican >= 7.0.1~dev24-3.9.5
  • openstack-barbican-api >= 7.0.1~dev24-3.9.5
  • openstack-barbican-keystone-listener >= 7.0.1~dev24-3.9.5
  • openstack-barbican-retry >= 7.0.1~dev24-3.9.5
  • openstack-barbican-worker >= 7.0.1~dev24-3.9.5
  • openstack-ceilometer >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-agent-central >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-agent-compute >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-agent-ipmi >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-agent-notification >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-polling >= 11.1.1~dev7-3.16.3
  • openstack-cinder >= 13.0.10~dev12-3.22.4
  • openstack-cinder-api >= 13.0.10~dev12-3.22.4
  • openstack-cinder-backup >= 13.0.10~dev12-3.22.4
  • openstack-cinder-scheduler >= 13.0.10~dev12-3.22.4
  • openstack-cinder-volume >= 13.0.10~dev12-3.22.4
  • openstack-dashboard >= 14.1.1~dev6-3.15.5
  • openstack-designate >= 7.0.2~dev2-3.19.3
  • openstack-designate-agent >= 7.0.2~dev2-3.19.3
  • openstack-designate-api >= 7.0.2~dev2-3.19.3
  • openstack-designate-central >= 7.0.2~dev2-3.19.3
  • openstack-designate-producer >= 7.0.2~dev2-3.19.3
  • openstack-designate-sink >= 7.0.2~dev2-3.19.3
  • openstack-designate-worker >= 7.0.2~dev2-3.19.3
  • openstack-heat-templates >= 0.0.0+git.1582270132.8a20477-3.6.2
  • openstack-ironic >= 11.1.5~dev6-3.19.3
  • openstack-ironic-api >= 11.1.5~dev6-3.19.3
  • openstack-ironic-conductor >= 11.1.5~dev6-3.19.3
  • openstack-keystone >= 14.2.1~dev4-3.22.3
  • openstack-magnum >= 7.2.1~dev1-3.13.3
  • openstack-magnum-api >= 7.2.1~dev1-3.13.3
  • openstack-magnum-conductor >= 7.2.1~dev1-3.13.3
  • openstack-manila >= 7.4.2~dev31-4.24.3
  • openstack-manila-api >= 7.4.2~dev31-4.24.3
  • openstack-manila-data >= 7.4.2~dev31-4.24.3
  • openstack-manila-scheduler >= 7.4.2~dev31-4.24.3
  • openstack-manila-share >= 7.4.2~dev31-4.24.3
  • openstack-monasca-agent >= 2.8.2~dev5-3.9.3
  • openstack-neutron >= 13.0.8~dev68-3.25.3
  • openstack-neutron-dhcp-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-ha-tool >= 13.0.8~dev68-3.25.3
  • openstack-neutron-l3-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-linuxbridge-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-macvtap-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-metadata-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-metering-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-openvswitch-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-server >= 13.0.8~dev68-3.25.3
  • openstack-neutron-vsphere >= 2.0.1~dev167-3.3.3
  • openstack-neutron-vsphere-doc >= 2.0.1~dev167-3.3.3
  • openstack-neutron-vsphere-dvs-agent >= 2.0.1~dev167-3.3.3
  • openstack-neutron-vsphere-ovsvapp-agent >= 2.0.1~dev167-3.3.3
  • openstack-nova >= 18.3.1~dev38-3.25.4
  • openstack-nova-api >= 18.3.1~dev38-3.25.4
  • openstack-nova-cells >= 18.3.1~dev38-3.25.4
  • openstack-nova-compute >= 18.3.1~dev38-3.25.4
  • openstack-nova-conductor >= 18.3.1~dev38-3.25.4
  • openstack-nova-console >= 18.3.1~dev38-3.25.4
  • openstack-nova-novncproxy >= 18.3.1~dev38-3.25.4
  • openstack-nova-placement-api >= 18.3.1~dev38-3.25.4
  • openstack-nova-scheduler >= 18.3.1~dev38-3.25.4
  • openstack-nova-serialproxy >= 18.3.1~dev38-3.25.4
  • openstack-nova-vncproxy >= 18.3.1~dev38-3.25.4
  • openstack-octavia >= 3.2.3~dev7-3.25.3
  • openstack-octavia-amphora-agent >= 3.2.3~dev7-3.25.3
  • openstack-octavia-amphora-image-x86_64 >= 0.1.4-7.12.3
  • openstack-octavia-api >= 3.2.3~dev7-3.25.3
  • openstack-octavia-health-manager >= 3.2.3~dev7-3.25.3
  • openstack-octavia-housekeeping >= 3.2.3~dev7-3.25.3
  • openstack-octavia-worker >= 3.2.3~dev7-3.25.3
  • openstack-resource-agents >= 1.0+git.1569436425.8b9c49f-5.3.2
  • python-Django1 >= 1.11.29-3.15.2
  • python-Pillow >= 5.2.0-3.3.2
  • python-ardana-packager >= 0.0.3-9.3.2
  • python-barbican >= 7.0.1~dev24-3.9.5
  • python-ceilometer >= 11.1.1~dev7-3.16.3
  • python-cinder >= 13.0.10~dev12-3.22.4
  • python-designate >= 7.0.2~dev2-3.19.3
  • python-heatclient >= 1.16.3-3.3.3
  • python-heatclient-doc >= 1.16.3-3.3.3
  • python-horizon >= 14.1.1~dev6-3.15.5
  • python-ironic >= 11.1.5~dev6-3.19.3
  • python-keystone >= 14.2.1~dev4-3.22.3
  • python-magnum >= 7.2.1~dev1-3.13.3
  • python-manila >= 7.4.2~dev31-4.24.3
  • python-monasca-agent >= 2.8.2~dev5-3.9.3
  • python-networking-vsphere >= 2.0.1~dev167-3.3.3
  • python-neutron >= 13.0.8~dev68-3.25.3
  • python-neutron-tempest-plugin >= 0.2.0-3.3.2
  • python-nova >= 18.3.1~dev38-3.25.4
  • python-octavia >= 3.2.3~dev7-3.25.3
  • python-octavia-tempest-plugin >= 0.2.0-3.3.2
  • python-openstack_auth >= 14.1.1~dev6-3.15.5
  • python-os-brick >= 2.5.10-3.12.3
  • python-os-brick-common >= 2.5.10-3.12.3
  • python-oslo.messaging >= 8.1.4-3.6.2
  • python-pyroute2 >= 0.5.2-4.3.2
  • python-urllib3 >= 1.23-3.12.2
  • python-waitress >= 1.4.3-3.3.1
  • release-notes-suse-openstack-cloud >= 9.20200610-3.21.4
  • venv-openstack-barbican-x86_64 >= 7.0.1~dev24-3.19.3
  • venv-openstack-cinder-x86_64 >= 13.0.10~dev12-3.19.2
  • venv-openstack-designate-x86_64 >= 7.0.2~dev2-3.19.2
  • venv-openstack-glance-x86_64 >= 17.0.1~dev30-3.17.2
  • venv-openstack-heat-x86_64 >= 11.0.3~dev35-3.19.2
  • venv-openstack-horizon-x86_64 >= 14.1.1~dev6-4.18.3
  • venv-openstack-ironic-x86_64 >= 11.1.5~dev6-4.15.2
  • venv-openstack-keystone-x86_64 >= 14.2.1~dev4-3.19.2
  • venv-openstack-magnum-x86_64 >= 7.2.1~dev1-4.19.2
  • venv-openstack-manila-x86_64 >= 7.4.2~dev31-3.21.2
  • venv-openstack-monasca-ceilometer-x86_64 >= 1.8.2~dev3-3.19.2
  • venv-openstack-monasca-x86_64 >= 2.7.1~dev10-3.17.3
  • venv-openstack-neutron-x86_64 >= 13.0.8~dev68-6.19.2
  • venv-openstack-nova-x86_64 >= 18.3.1~dev38-3.19.3
  • venv-openstack-octavia-x86_64 >= 3.2.3~dev7-4.19.2
  • venv-openstack-sahara-x86_64 >= 9.0.2~dev15-3.19.2
  • venv-openstack-swift-x86_64 >= 2.19.2~dev48-2.14.2
Patchnames:
SUSE-OpenStack-Cloud-9-2020-2161
SUSE OpenStack Cloud Crowbar 8
  • ansible >= 2.4.6.0-3.9.1
  • caasp-openstack-heat-templates >= 1.0+git.1560518045.ad7dc6d-4.18.1
  • crowbar-core >= 5.0+git.1593156248.55bbdb26d-3.41.2
  • crowbar-core-branding-upstream >= 5.0+git.1593156248.55bbdb26d-3.41.2
  • crowbar-openstack >= 5.0+git.1593085772.64c4ab43c-4.40.2
  • documentation-suse-openstack-cloud-deployment >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-supplement >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-upstream-admin >= 8.20200527-1.26.1
  • documentation-suse-openstack-cloud-upstream-user >= 8.20200527-1.26.1
  • grafana >= 4.6.5-4.9.1
  • kibana >= 4.6.3-3.3.1
  • openstack-dashboard >= 12.0.5~dev3-3.26.1
  • openstack-heat-templates >= 0.0.0+git.1582270132.8a20477-3.15.1
  • openstack-keystone >= 12.0.4~dev11-5.33.2
  • openstack-keystone-doc >= 12.0.4~dev11-5.33.2
  • openstack-monasca-agent >= 2.2.6~dev4-3.18.1
  • openstack-monasca-installer >= 20190923_16.32-3.12.1
  • openstack-neutron >= 11.0.9~dev65-3.33.2
  • openstack-neutron-dhcp-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-doc >= 11.0.9~dev65-3.33.2
  • openstack-neutron-ha-tool >= 11.0.9~dev65-3.33.2
  • openstack-neutron-l3-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-linuxbridge-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-macvtap-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-metadata-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-metering-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-openvswitch-agent >= 11.0.9~dev65-3.33.2
  • openstack-neutron-server >= 11.0.9~dev65-3.33.2
  • openstack-octavia-amphora-image-x86_64 >= 0.1.4-3.12.2
  • python-Django >= 1.11.23-3.15.1
  • python-Flask >= 0.12.1-3.3.1
  • python-Pillow >= 4.2.1-3.5.1
  • python-amqp >= 2.4.2-3.12.1
  • python-apicapi >= 1.6.0-3.6.1
  • python-horizon >= 12.0.5~dev3-3.26.1
  • python-keystone >= 12.0.4~dev11-5.33.2
  • python-keystoneauth1 >= 3.1.2~dev2-3.3.1
  • python-monasca-agent >= 2.2.6~dev4-3.18.1
  • python-neutron >= 11.0.9~dev65-3.33.2
  • python-oslo.messaging >= 5.30.8-3.11.1
  • python-psutil >= 5.2.2-3.3.1
  • python-pyroute2 >= 0.4.21-3.3.1
  • python-pysaml2 >= 4.0.2-5.6.1
  • python-tooz >= 1.58.1-3.3.1
  • python-waitress >= 1.4.3-3.3.1
  • ruby2.1-rubygem-activeresource >= 4.0.0-3.3.1
  • ruby2.1-rubygem-crowbar-client >= 3.9.2-3.12.1
  • ruby2.1-rubygem-json-1_7 >= 1.7.7-3.3.1
  • ruby2.1-rubygem-puma >= 2.16.0-3.9.1
  • storm >= 1.1.3-3.3.1
  • storm-nimbus >= 1.1.3-3.3.1
  • storm-supervisor >= 1.1.3-3.3.1
Patchnames:
SUSE-OpenStack-Cloud-Crowbar-8-2020-1901
SUSE OpenStack Cloud Crowbar 9
  • crowbar-core >= 6.0+git.1594619891.b75a61d0d-3.25.5
  • crowbar-core-branding-upstream >= 6.0+git.1594619891.b75a61d0d-3.25.5
  • crowbar-openstack >= 6.0+git.1591795073.49cb6400e-3.25.3
  • grafana >= 6.2.5-3.12.2
  • kibana >= 4.6.3-4.3.2
  • openstack-barbican >= 7.0.1~dev24-3.9.5
  • openstack-barbican-api >= 7.0.1~dev24-3.9.5
  • openstack-barbican-keystone-listener >= 7.0.1~dev24-3.9.5
  • openstack-barbican-retry >= 7.0.1~dev24-3.9.5
  • openstack-barbican-worker >= 7.0.1~dev24-3.9.5
  • openstack-ceilometer >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-agent-central >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-agent-compute >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-agent-ipmi >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-agent-notification >= 11.1.1~dev7-3.16.3
  • openstack-ceilometer-polling >= 11.1.1~dev7-3.16.3
  • openstack-cinder >= 13.0.10~dev12-3.22.4
  • openstack-cinder-api >= 13.0.10~dev12-3.22.4
  • openstack-cinder-backup >= 13.0.10~dev12-3.22.4
  • openstack-cinder-scheduler >= 13.0.10~dev12-3.22.4
  • openstack-cinder-volume >= 13.0.10~dev12-3.22.4
  • openstack-dashboard >= 14.1.1~dev6-3.15.5
  • openstack-designate >= 7.0.2~dev2-3.19.3
  • openstack-designate-agent >= 7.0.2~dev2-3.19.3
  • openstack-designate-api >= 7.0.2~dev2-3.19.3
  • openstack-designate-central >= 7.0.2~dev2-3.19.3
  • openstack-designate-producer >= 7.0.2~dev2-3.19.3
  • openstack-designate-sink >= 7.0.2~dev2-3.19.3
  • openstack-designate-worker >= 7.0.2~dev2-3.19.3
  • openstack-heat-templates >= 0.0.0+git.1582270132.8a20477-3.6.2
  • openstack-ironic >= 11.1.5~dev6-3.19.3
  • openstack-ironic-api >= 11.1.5~dev6-3.19.3
  • openstack-ironic-conductor >= 11.1.5~dev6-3.19.3
  • openstack-keystone >= 14.2.1~dev4-3.22.3
  • openstack-magnum >= 7.2.1~dev1-3.13.3
  • openstack-magnum-api >= 7.2.1~dev1-3.13.3
  • openstack-magnum-conductor >= 7.2.1~dev1-3.13.3
  • openstack-manila >= 7.4.2~dev31-4.24.3
  • openstack-manila-api >= 7.4.2~dev31-4.24.3
  • openstack-manila-data >= 7.4.2~dev31-4.24.3
  • openstack-manila-scheduler >= 7.4.2~dev31-4.24.3
  • openstack-manila-share >= 7.4.2~dev31-4.24.3
  • openstack-monasca-agent >= 2.8.2~dev5-3.9.3
  • openstack-neutron >= 13.0.8~dev68-3.25.3
  • openstack-neutron-dhcp-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-ha-tool >= 13.0.8~dev68-3.25.3
  • openstack-neutron-l3-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-linuxbridge-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-macvtap-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-metadata-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-metering-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-openvswitch-agent >= 13.0.8~dev68-3.25.3
  • openstack-neutron-server >= 13.0.8~dev68-3.25.3
  • openstack-neutron-vsphere >= 2.0.1~dev167-3.3.3
  • openstack-neutron-vsphere-doc >= 2.0.1~dev167-3.3.3
  • openstack-neutron-vsphere-dvs-agent >= 2.0.1~dev167-3.3.3
  • openstack-neutron-vsphere-ovsvapp-agent >= 2.0.1~dev167-3.3.3
  • openstack-nova >= 18.3.1~dev38-3.25.4
  • openstack-nova-api >= 18.3.1~dev38-3.25.4
  • openstack-nova-cells >= 18.3.1~dev38-3.25.4
  • openstack-nova-compute >= 18.3.1~dev38-3.25.4
  • openstack-nova-conductor >= 18.3.1~dev38-3.25.4
  • openstack-nova-console >= 18.3.1~dev38-3.25.4
  • openstack-nova-novncproxy >= 18.3.1~dev38-3.25.4
  • openstack-nova-placement-api >= 18.3.1~dev38-3.25.4
  • openstack-nova-scheduler >= 18.3.1~dev38-3.25.4
  • openstack-nova-serialproxy >= 18.3.1~dev38-3.25.4
  • openstack-nova-vncproxy >= 18.3.1~dev38-3.25.4
  • openstack-octavia >= 3.2.3~dev7-3.25.3
  • openstack-octavia-amphora-agent >= 3.2.3~dev7-3.25.3
  • openstack-octavia-amphora-image-x86_64 >= 0.1.4-7.12.3
  • openstack-octavia-api >= 3.2.3~dev7-3.25.3
  • openstack-octavia-health-manager >= 3.2.3~dev7-3.25.3
  • openstack-octavia-housekeeping >= 3.2.3~dev7-3.25.3
  • openstack-octavia-worker >= 3.2.3~dev7-3.25.3
  • openstack-resource-agents >= 1.0+git.1569436425.8b9c49f-5.3.2
  • python-Django1 >= 1.11.29-3.15.2
  • python-Pillow >= 5.2.0-3.3.2
  • python-barbican >= 7.0.1~dev24-3.9.5
  • python-ceilometer >= 11.1.1~dev7-3.16.3
  • python-cinder >= 13.0.10~dev12-3.22.4
  • python-designate >= 7.0.2~dev2-3.19.3
  • python-heatclient >= 1.16.3-3.3.3
  • python-heatclient-doc >= 1.16.3-3.3.3
  • python-horizon >= 14.1.1~dev6-3.15.5
  • python-ironic >= 11.1.5~dev6-3.19.3
  • python-keystone >= 14.2.1~dev4-3.22.3
  • python-magnum >= 7.2.1~dev1-3.13.3
  • python-manila >= 7.4.2~dev31-4.24.3
  • python-monasca-agent >= 2.8.2~dev5-3.9.3
  • python-networking-vsphere >= 2.0.1~dev167-3.3.3
  • python-neutron >= 13.0.8~dev68-3.25.3
  • python-neutron-tempest-plugin >= 0.2.0-3.3.2
  • python-nova >= 18.3.1~dev38-3.25.4
  • python-octavia >= 3.2.3~dev7-3.25.3
  • python-octavia-tempest-plugin >= 0.2.0-3.3.2
  • python-openstack_auth >= 14.1.1~dev6-3.15.5
  • python-os-brick >= 2.5.10-3.12.3
  • python-os-brick-common >= 2.5.10-3.12.3
  • python-oslo.messaging >= 8.1.4-3.6.2
  • python-pyroute2 >= 0.5.2-4.3.2
  • python-urllib3 >= 1.23-3.12.2
  • python-waitress >= 1.4.3-3.3.1
  • release-notes-suse-openstack-cloud >= 9.20200610-3.21.4
  • ruby2.1-rubygem-activeresource >= 4.0.0-4.3.1
  • ruby2.1-rubygem-json-1_7 >= 1.7.7-4.3.1
  • ruby2.1-rubygem-puma >= 2.16.0-4.9.1
Patchnames:
SUSE-OpenStack-Cloud-Crowbar-9-2020-2161
openSUSE Leap 15.1
  • python2-waitress >= 1.4.3-lp151.3.3.1
  • python3-waitress >= 1.4.3-lp151.3.3.1
Patchnames:
openSUSE-2020-1922
openSUSE Leap 15.2
  • python2-waitress >= 1.4.3-lp152.4.3.1
  • python3-waitress >= 1.4.3-lp152.4.3.1
Patchnames:
openSUSE-2020-1911


Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.

Product(s) Source package State
HPE Helion OpenStack 8 python-waitress Released
HPE Helion OpenStack Cloud 8 python-waitress Affected
SUSE CaaS Platform 4.0 python-waitress In progress
SUSE Enterprise Storage 5 python-waitress Released
SUSE Enterprise Storage 6 python-waitress In progress
SUSE Linux Enterprise Desktop 15 python-waitress Affected
SUSE Linux Enterprise Desktop 15 SP1 python-waitress Released
SUSE Linux Enterprise Desktop 15 SP2 python-waitress Released
SUSE Linux Enterprise High Performance Computing 15 python-waitress Affected
SUSE Linux Enterprise High Performance Computing 15 LTSS python-waitress In progress
SUSE Linux Enterprise High Performance Computing 15 SP1 python-waitress Released
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS python-waitress In progress
SUSE Linux Enterprise High Performance Computing 15 SP2 python-waitress Released
SUSE Linux Enterprise Module for Basesystem 15 python-waitress Affected
SUSE Linux Enterprise Module for Basesystem 15 SP1 python-waitress Released
SUSE Linux Enterprise Module for Basesystem 15 SP2 python-waitress Released
SUSE Linux Enterprise Server 15 python-waitress Affected
SUSE Linux Enterprise Server 15 ESPOS python-waitress In progress
SUSE Linux Enterprise Server 15 LTSS python-waitress In progress
SUSE Linux Enterprise Server 15 SP1 python-waitress Released
SUSE Linux Enterprise Server 15 SP1 LTSS python-waitress In progress
SUSE Linux Enterprise Server 15 SP2 python-waitress Released
SUSE Linux Enterprise Server Business Critical Linux 15 SP1 python-waitress In progress
SUSE Linux Enterprise Server for SAP Applications 15 python-waitress Affected
SUSE Linux Enterprise Server for SAP Applications 15 SP1 python-waitress Released
SUSE Linux Enterprise Server for SAP Applications 15 SP2 python-waitress Released
SUSE Linux Enterprise Storage 6 python-waitress Released
SUSE Linux Enterprise Storage 7 python-waitress Released
SUSE Manager Proxy 4.0 python-waitress Released
SUSE Manager Proxy 4.1 python-waitress Released
SUSE Manager Retail Branch Server 4.0 python-waitress Released
SUSE Manager Retail Branch Server 4.1 python-waitress Released
SUSE Manager Server 4.0 python-waitress Released
SUSE Manager Server 4.1 python-waitress Released
SUSE OpenStack Cloud 6 LTSS python-waitress Unsupported
SUSE OpenStack Cloud 7 python-waitress Released
SUSE OpenStack Cloud 8 python-waitress Released
SUSE OpenStack Cloud 9 python-waitress Released
SUSE OpenStack Cloud Crowbar 8 python-waitress Released
SUSE OpenStack Cloud Crowbar 9 python-waitress Released