openstack-attic/openstack-security-notes
Code Issues Proposed changes
Files
f291579bfb133f9f3b61c1f35d72849754d3c9b9
openstack-security-notes/notes
History
Nathan Kinder f291579bfb Add OSSN-0011 - Heat templates with invalid references allows unintended network access 
This adds OSSN-0011, which covers an issue related to invalid
security group references in CFN templates being improperly evaluated
by Heat.  This results in unintended network access being allowed.

Related-Bug: 1291091

Change-Id: I88ee23aadc74020f150332a619796ebd77ef9698
2014-04-04 15:18:26 -07:00
..
OSSN-0001
Add previously published security notes
2014-02-12 21:35:18 -08:00
OSSN-0002
Add previously published security notes
2014-02-12 21:35:18 -08:00
OSSN-0003
Add previously published security notes
2014-02-12 21:35:18 -08:00
OSSN-0004
Add previously published security notes
2014-02-12 21:35:18 -08:00
OSSN-0005
Add previously published security notes
2014-02-12 21:35:18 -08:00
OSSN-0006
Add previously published security notes
2014-02-12 21:35:18 -08:00
OSSN-0007
Add OSSN-0007 - unsecure libvirt live migration instructions
2014-03-06 14:59:19 -08:00
OSSN-0008
Add OSSN-0008 - DoS attack on noVNC/SPICE console due to lack of limiting
2014-03-09 09:58:57 -07:00
OSSN-0009
Add OSSN-0009 - Potential token revocation abuse via group membership
2014-04-01 19:48:58 -07:00
OSSN-0011
Add OSSN-0011 - Heat templates with invalid references allows unintended network access
2014-04-04 15:18:26 -07:00