Added Authors to Security Notes
All OSSN authors, added under the "Author:" metadata field Change-Id: I81771dd3ec8d2c133ebc6ddf9f2c5f0f958d603a Closes-Bug: #1599064
This commit is contained in:
parent
7c2198fb37
commit
1bf55f1eb0
@ -37,6 +37,7 @@ The OSSG recommends against using LXC for enforcing secure separation of
|
|||||||
guests. Even with appropriate AppArmour policies applied.
|
guests. Even with appropriate AppArmour policies applied.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
Nova : http://docs.openstack.org/developer/nova/
|
Nova : http://docs.openstack.org/developer/nova/
|
||||||
LXC : http://lxc.sourceforge.net/
|
LXC : http://lxc.sourceforge.net/
|
||||||
Libvirt : http://libvirt.org/
|
Libvirt : http://libvirt.org/
|
||||||
|
@ -30,6 +30,7 @@ Apache: HTTP Server Project
|
|||||||
Apache Config: http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
|
Apache Config: http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN Bug: https://bugs.launchpad.net/ossn/+bug/1155566
|
This OSSN Bug: https://bugs.launchpad.net/ossn/+bug/1155566
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1098177
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1098177
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -37,6 +37,7 @@ Ensure that in your deployment keystone.conf uses the most restrictive
|
|||||||
permissions that allow the system to continue proper operations.
|
permissions that allow the system to continue proper operations.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://bugs.launchpad.net/ossn/+bug/1168252
|
This OSSN : https://bugs.launchpad.net/ossn/+bug/1168252
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/devstack/+bug/1168252
|
Original LaunchPad Bug : https://bugs.launchpad.net/devstack/+bug/1168252
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -53,6 +53,7 @@ Despite this restriction in Horizon, it is recommended to leave the default
|
|||||||
directly without using Horizon to initiate a password change.
|
directly without using Horizon to initiate a password change.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://bugs.launchpad.net/ossn/+bug/1237989
|
This OSSN : https://bugs.launchpad.net/ossn/+bug/1237989
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1237989
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1237989
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -47,6 +47,7 @@ enable_v1_api = False
|
|||||||
---- end example glance-api.conf snippet ----
|
---- end example glance-api.conf snippet ----
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://bugs.launchpad.net/ossn/+bug/1226078
|
This OSSN : https://bugs.launchpad.net/ossn/+bug/1226078
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1226078
|
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1226078
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -57,6 +57,7 @@ authentication plugin can be created that uses the external username that
|
|||||||
contains an "@" character as-is.
|
contains an "@" character as-is.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://bugs.launchpad.net/ossn/+bug/1254619
|
This OSSN : https://bugs.launchpad.net/ossn/+bug/1254619
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1254619
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1254619
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -209,6 +209,7 @@ Please consult the documentation for your firewall software for
|
|||||||
instructions on configuring the appropriate firewall rules.
|
instructions on configuring the appropriate firewall rules.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN: https://wiki.openstack.org/wiki/OSSN/OSSN-0007
|
This OSSN: https://wiki.openstack.org/wiki/OSSN/OSSN-0007
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/openstack-manuals/+bug/1287194
|
Original LaunchPad Bug : https://bugs.launchpad.net/openstack-manuals/+bug/1287194
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -43,6 +43,8 @@ Future OpenStack releases are looking to add the ability to restrict
|
|||||||
noVNC and SPICE console connections.
|
noVNC and SPICE console connections.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
|
Author: Sriram Subramanian, CloudDon
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0008
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0008
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1227575
|
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1227575
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -39,6 +39,7 @@ tokens for other users by performing group deletion operations. You
|
|||||||
should take caution with who you delegate these capabilities to.
|
should take caution with who you delegate these capabilities to.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0009
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0009
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1268751
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1268751
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -40,6 +40,7 @@ IDs and consider it for applicability to your Keystone deployment:
|
|||||||
https://git.openstack.org/cgit/openstack/keystone/commit/?id=a2fa6a6f01a4884edf369cafa39946636af5cf1a
|
https://git.openstack.org/cgit/openstack/keystone/commit/?id=a2fa6a6f01a4884edf369cafa39946636af5cf1a
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Jamie Finnigan, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0010
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0010
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1287219
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1287219
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -138,6 +138,7 @@ security group references to ensure that the resulting network rules
|
|||||||
are as intended.
|
are as intended.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0011
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0011
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/heat/+bug/1291091
|
Original LaunchPad Bug : https://bugs.launchpad.net/heat/+bug/1291091
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -66,6 +66,8 @@ recommended that cloud administrators change any passwords, tokens, or
|
|||||||
other credentials that may have been communicated over SSL/TLS.
|
other credentials that may have been communicated over SSL/TLS.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0012
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0012
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
OpenStack Security Group : https://launchpad.net/~openstack-ossg
|
OpenStack Security Group : https://launchpad.net/~openstack-ossg
|
||||||
|
@ -83,6 +83,7 @@ tested to ensure that CRUD actions are constrained in the way the administrator
|
|||||||
intended.
|
intended.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0013
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0013
|
||||||
Original Launchpad Bug : https://bugs.launchpad.net/glance/+bug/1271426
|
Original Launchpad Bug : https://bugs.launchpad.net/glance/+bug/1271426
|
||||||
Original Report : http://lists.openstack.org/pipermail/openstack-dev/2014-January/024861.html
|
Original Report : http://lists.openstack.org/pipermail/openstack-dev/2014-January/024861.html
|
||||||
|
@ -65,6 +65,7 @@ alternatives such as applying mandatory access control policies
|
|||||||
to the files in order to minimize the possible exposure.
|
to the files in order to minimize the possible exposure.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0014
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0014
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/cinder/+bug/1260679
|
Original LaunchPad Bug : https://bugs.launchpad.net/cinder/+bug/1260679
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -40,6 +40,7 @@ restrict the ability to publicize images to users with the "admin" role
|
|||||||
in the Juno release of OpenStack.
|
in the Juno release of OpenStack.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0015
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0015
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1313746
|
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1313746
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -38,6 +38,7 @@ volume_clear option” <logfile>)
|
|||||||
|
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Doug Chivers, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0016
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0016
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/cinder/+bug/1322766
|
Original LaunchPad Bug : https://bugs.launchpad.net/cinder/+bug/1322766
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -84,6 +84,7 @@ cookie is compromised, an attacker may assume all privileges of the
|
|||||||
user for as long as their session is valid.
|
user for as long as their session is valid.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Travis McPeak, Symantec
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0017
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0017
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/horizon/+bug/1327425
|
Original LaunchPad Bug : https://bugs.launchpad.net/horizon/+bug/1327425
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -57,6 +57,7 @@ allow traffic coming from the running instances to services controlled
|
|||||||
by Nova - DHCP and DNS providers.
|
by Nova - DHCP and DNS providers.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Stanislaw Pitucha, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0018
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0018
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1316271
|
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1316271
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -56,6 +56,7 @@ that could be used to impersonate a SAN host and enact an Man in the
|
|||||||
Middle attack.
|
Middle attack.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Tim Kelsey, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0019
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0019
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/cinder/+bug/1320056
|
Original LaunchPad Bug : https://bugs.launchpad.net/cinder/+bug/1320056
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -53,6 +53,7 @@ The Neutron development team plans to address this issue in a future
|
|||||||
version of Neutron.
|
version of Neutron.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author Priti Desai, Symantec
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0020
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0020
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/neutron/+bug/1334926
|
Original LaunchPad Bug : https://bugs.launchpad.net/neutron/+bug/1334926
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -63,6 +63,7 @@ In the future, operators will be able to use keystoneclient for a more
|
|||||||
convenient method of accessing and updating this information.
|
convenient method of accessing and updating this information.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Stanislaw Pitucha, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0021
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0021
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1341849
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1341849
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -51,6 +51,7 @@ boot <instance_id>" or reboot using "nova reboot --hard <instance_id>"
|
|||||||
to force the security group rules to be applied.
|
to force the security group rules to be applied.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Doug Chivers, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0022
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0022
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1316822
|
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1316822
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -62,6 +62,7 @@ configured to switch to a customised log format using directive
|
|||||||
'access_log' only for requests matching location '/v2.0/tokens/...'.
|
'access_log' only for requests matching location '/v2.0/tokens/...'.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Stanislaw Pitucha, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0023
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0023
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1348844
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1348844
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -71,6 +71,7 @@ An alternate approach is to never run a production system with the log
|
|||||||
level in DEBUG mode.
|
level in DEBUG mode.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Abu Shohel Ahmed, Ericsson
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0024
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0024
|
||||||
Original Launchpad Bug: https://bugs.launchpad.net/python-keystoneclient/+bug/1004114
|
Original Launchpad Bug: https://bugs.launchpad.net/python-keystoneclient/+bug/1004114
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1004114
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1004114
|
||||||
|
@ -62,6 +62,7 @@ environment, so test configurations before deploying them in a
|
|||||||
production environment.
|
production environment.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathaniel Dillon, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0025
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0025
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1354512
|
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1354512
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -50,6 +50,7 @@ plaintext credentials, can result from permissions which allow
|
|||||||
malicious users to view sensitive data (read access).
|
malicious users to view sensitive data (read access).
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Travis McPeak, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0026
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0026
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1343657
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1343657
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -64,6 +64,7 @@ The Neutron development team plan to address this issue in a future
|
|||||||
version
|
version
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Tim Kelsey, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0027
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0027
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/neutron/+bug/1274034
|
Original LaunchPad Bug : https://bugs.launchpad.net/neutron/+bug/1274034
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -57,6 +57,7 @@ underlying compute node by it's serial number may wish to disable
|
|||||||
reporting of any sysinfo serial field at all by using the 'none' value.
|
reporting of any sysinfo serial field at all by using the 'none' value.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0028
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0028
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1337349
|
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1337349
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -57,6 +57,7 @@ independently.
|
|||||||
This issue has been fixed in the Juno release of OpenStack.
|
This issue has been fixed in the Juno release of OpenStack.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Tim Kelsey, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0029
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0029
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/neutron/+bug/1365961
|
Original LaunchPad Bug : https://bugs.launchpad.net/neutron/+bug/1365961
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -70,6 +70,7 @@ System logs should also be interrogated for any such strings as an
|
|||||||
indication of possible attacks.
|
indication of possible attacks.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Tim Kelsey, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0030
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0030
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1374055
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1374055
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -27,6 +27,7 @@ is a requirement without a full verifiable boot chain and network
|
|||||||
hardware.
|
hardware.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0031
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0031
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1174153
|
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1174153
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -35,6 +35,7 @@ NOTE: Flushing Memcached can result in losing token revocation
|
|||||||
information as addressed in https://bugs.launchpad.net/ossn/+bug/1182920
|
information as addressed in https://bugs.launchpad.net/ossn/+bug/1182920
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0032
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0032
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1179955
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1179955
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -37,6 +37,7 @@ mentioned in the 'References' section of this note to see if the
|
|||||||
projects they require have updated.
|
projects they require have updated.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0033
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0033
|
||||||
Launchpad Bugs :
|
Launchpad Bugs :
|
||||||
|
|
||||||
|
@ -38,6 +38,7 @@ suggest you consider using an on-disk DB such as MySQL / PostgreSQL or
|
|||||||
perhaps look into Memcachedb.
|
perhaps look into Memcachedb.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0034
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0034
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1182920
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1182920
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -50,6 +50,7 @@ As always, test these configuration settings before deploying them to
|
|||||||
production in order to catch any bugs or errors.
|
production in order to catch any bugs or errors.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0035
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0035
|
||||||
SSL Strip : http://www.thoughtcrime.org/software/sslstrip
|
SSL Strip : http://www.thoughtcrime.org/software/sslstrip
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/horizon/+bug/1191050
|
Original LaunchPad Bug : https://bugs.launchpad.net/horizon/+bug/1191050
|
||||||
|
@ -22,6 +22,7 @@ true as described in the Django documentation:
|
|||||||
https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SESSION_COOKIE_SECURE
|
https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SESSION_COOKIE_SECURE
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0036
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0036
|
||||||
Related OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0035
|
Related OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0035
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/horizon/+bug/1191051
|
Original LaunchPad Bug : https://bugs.launchpad.net/horizon/+bug/1191051
|
||||||
|
@ -36,6 +36,7 @@ For Nginx, you can do this by disabling the gzip module:
|
|||||||
http://wiki.nginx.org/HttpGzipModule
|
http://wiki.nginx.org/HttpGzipModule
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, HP
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0037
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0037
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1209250
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1209250
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -43,6 +43,7 @@ the cache should ascertain whether or not their vendor shipped suds package
|
|||||||
is susceptible and consider the above advice.
|
is susceptible and consider the above advice.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Tim Kelsey, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0038
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0038
|
||||||
Original Launchpad Bug : https://bugs.launchpad.net/ossn/+bug/1341954
|
Original Launchpad Bug : https://bugs.launchpad.net/ossn/+bug/1341954
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -133,6 +133,7 @@ above to verify that each service is configured as expected.
|
|||||||
|
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Bryan D. Payne, Nebula
|
||||||
This OSSN: https://wiki.openstack.org/wiki/OSSN/OSSN-0039
|
This OSSN: https://wiki.openstack.org/wiki/OSSN/OSSN-0039
|
||||||
Original Launchpad Bug: https://bugs.launchpad.net/ossn/+bug/1382270
|
Original Launchpad Bug: https://bugs.launchpad.net/ossn/+bug/1382270
|
||||||
OpenStack Security ML: openstack-security@lists.openstack.org
|
OpenStack Security ML: openstack-security@lists.openstack.org
|
||||||
|
@ -42,6 +42,7 @@ Concerned users are encouraged to read (OSSG member) Nathan Kinder's
|
|||||||
blog post on this issue and some of the potential future solutions.
|
blog post on this issue and some of the potential future solutions.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, IBM
|
||||||
Nathan Kinder on Token Scoping : https://blog-nkinder.rhcloud.com/?p=101
|
Nathan Kinder on Token Scoping : https://blog-nkinder.rhcloud.com/?p=101
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0042
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0042
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1341816
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1341816
|
||||||
|
@ -52,6 +52,7 @@ of places where these vulnerable functions are used, this effectively
|
|||||||
means that vulnerable systems must be restarted after updating glibc.
|
means that vulnerable systems must be restarted after updating glibc.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Doug Chivers, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0043
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0043
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1415416
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1415416
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -30,6 +30,7 @@ Upstream patch:
|
|||||||
https://github.com/kanaka/noVNC/commit/ad941faddead705cd611921730054767a0b32dcd
|
https://github.com/kanaka/noVNC/commit/ad941faddead705cd611921730054767a0b32dcd
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Paul McMillan, Nebula
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0044
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0044
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1420942
|
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1420942
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -72,6 +72,7 @@ and are beyond the scope of this note. Some good starting places are
|
|||||||
provided below in the section: "Resources for configuring TLS options".
|
provided below in the section: "Resources for configuring TLS options".
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Travis McPeak, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0045
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0045
|
||||||
Original LaunchPad Bug : N/A
|
Original LaunchPad Bug : N/A
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -33,6 +33,7 @@ using the debug configuration for affected services in production
|
|||||||
environments.
|
environments.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, IBM
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0046
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0046
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ironic/+bug/1425206
|
Original LaunchPad Bug : https://bugs.launchpad.net/ironic/+bug/1425206
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -113,6 +113,7 @@ identity provider specific 'Location' directives as described above in
|
|||||||
addition to using the new 'remote_ids' checking in the Kilo release.
|
addition to using the new 'remote_ids' checking in the Kilo release.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0047
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0047
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1390124
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1390124
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -56,6 +56,7 @@ deployments of glance should consider upgrading to the Juno 2014.2.4
|
|||||||
release.
|
release.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Michael McCune, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0048
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0048
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1414532
|
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1414532
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -57,6 +57,7 @@ editted as follows:
|
|||||||
debug = False
|
debug = False
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Michael McCune, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0049
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0049
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1451931
|
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1451931
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -31,6 +31,7 @@ the `glance-api.conf` file:
|
|||||||
debug = false
|
debug = false
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathaniel Dillon, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0052
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0052
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/python-swiftclient/+bug/1470740
|
Original LaunchPad Bug : https://bugs.launchpad.net/python-swiftclient/+bug/1470740
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -56,6 +56,7 @@ installations have increased token lifespans back to the old value of
|
|||||||
24 hours - increasing their exposure to this issue.
|
24 hours - increasing their exposure to this issue.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Michael McCune, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0053
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0053
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1455582
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1455582
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -41,6 +41,7 @@ If possible, affected users should upgrade to the Kilo or newer release
|
|||||||
of Horizon, allowing them to use the fixed version of Django.
|
of Horizon, allowing them to use the fixed version of Django.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, IBM
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0054
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0054
|
||||||
Django fix : https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
|
Django fix : https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
|
||||||
Django CVE : CVE-2015-5143
|
Django CVE : CVE-2015-5143
|
||||||
|
@ -50,6 +50,7 @@ unexpectedly. In particular, pay attention to unusual IPs using the
|
|||||||
service account.
|
service account.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Travis McPeak, HPE and Brant Knudson, IBM
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0055
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0055
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1464750
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1464750
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -43,6 +43,8 @@ time. If this is unacceptable, reduce the cache time to reduce the
|
|||||||
attack window or disable token caching entirely.
|
attack window or disable token caching entirely.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Shellee Arnold, HPE
|
||||||
|
Author: Dough Chivers, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0056
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0056
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/python-keystoneclient/+bug/1287301
|
Original LaunchPad Bug : https://bugs.launchpad.net/python-keystoneclient/+bug/1287301
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -49,6 +49,7 @@ Adding image metadata... add_image_metadata
|
|||||||
---- end example glance-api.log snippet ----
|
---- end example glance-api.log snippet ----
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Eric Brown, VMware
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0057
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0057
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1401170
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1401170
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -50,6 +50,7 @@ the nodes exposing the volumes to only allow traffic through port 3260
|
|||||||
from nodes that will need to attach volumes.
|
from nodes that will need to attach volumes.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Michael McCune, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0058
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0058
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/cinder/+bug/1329214
|
Original LaunchPad Bug : https://bugs.launchpad.net/cinder/+bug/1329214
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -31,6 +31,7 @@ secure boot with trusted boot. At the same time, Nova team has
|
|||||||
discussed deprecating Trusted Filter.
|
discussed deprecating Trusted Filter.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Michael Xin, Rackspace
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0059
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0059
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1456228
|
Original LaunchPad Bug : https://bugs.launchpad.net/nova/+bug/1456228
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -43,6 +43,7 @@ it is recommended that all users ensure that `use_user_token` is left
|
|||||||
at the default setting (`True`) or commented out.
|
at the default setting (`True`) or commented out.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Travis McPeak, HPE
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0060
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0060
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1493448
|
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1493448
|
||||||
OpenStack Security Documentation : https://security.openstack.org
|
OpenStack Security Documentation : https://security.openstack.org
|
||||||
|
@ -35,6 +35,7 @@ A specification for a fix has been proposed by the Glance development
|
|||||||
team and is targeted for the Mitaka release.
|
team and is targeted for the Mitaka release.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, IBM
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0061
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0061
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1516031
|
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1516031
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -65,6 +65,7 @@ cloud is vulnerable to this issue and you should switch to a different
|
|||||||
token provider.
|
token provider.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Nathan Kinder, Red Hat
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0062
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0062
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1490804
|
Original LaunchPad Bug : https://bugs.launchpad.net/keystone/+bug/1490804
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -42,6 +42,7 @@ Nova and Cinder. Additionally these patches have been backported to
|
|||||||
stable/kilo and stable/liberty.
|
stable/kilo and stable/liberty.
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Dave McCowan, Cisco
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0063
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0063
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1523646
|
Original LaunchPad Bug : https://bugs.launchpad.net/glance/+bug/1523646
|
||||||
OpenStack Security ML : openstack-security@lists.openstack.org
|
OpenStack Security ML : openstack-security@lists.openstack.org
|
||||||
|
@ -65,6 +65,7 @@ from the API pipelines in keystone-paste.ini.
|
|||||||
---- end good keystone-paste.ini snippet ----
|
---- end good keystone-paste.ini snippet ----
|
||||||
|
|
||||||
### Contacts / References ###
|
### Contacts / References ###
|
||||||
|
Author: Robert Clark, IBM
|
||||||
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0064
|
This OSSN : https://wiki.openstack.org/wiki/OSSN/OSSN-0064
|
||||||
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1545789
|
Original LaunchPad Bug : https://bugs.launchpad.net/ossn/+bug/1545789
|
||||||
Mailing list [Security] tag on : openstack-dev@lists.openstack.org
|
Mailing list [Security] tag on : openstack-dev@lists.openstack.org
|
||||||
|
Loading…
Reference in New Issue
Block a user