security-doc/security-notes
lhinds 57aeac354b Fix ambiguity around releases and workarounds
Note speaks of two workarounds, but only one is listed (unless
upgrade is considered workaround).

Also rocky is not released yet, so cannot be a recommended action
operators can take in thd moment of time.

This patch is just to fine tune the above, the rest looks good
though.

Change-Id: I931c5737d6e0a6ed5ae912693bad6b49438c80e1
2018-07-05 16:02:03 +01:00
..
OSSN-0001 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0002 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0003 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0004 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0005 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0006 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0007 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0008 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0009 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0010 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0011 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0012 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0013 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0014 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0015 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0016 Replace chinese double quotes to English double quotes 2018-06-17 16:44:02 +08:00
OSSN-0017 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0018 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0019 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0020 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0021 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0022 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0023 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0024 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0025 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0026 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0027 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0028 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0029 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0030 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0031 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0032 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0033 Revise OSSN-033 to note fix for HTTPSConnection 2017-03-08 10:09:04 -08:00
OSSN-0034 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0035 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0036 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0037 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0038 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0039 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0042 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0043 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0044 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0045 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0046 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0047 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0048 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0049 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0052 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0053 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0054 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0055 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0056 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0057 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0058 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0059 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0060 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0061 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0062 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0063 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0064 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0066 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0068 Fix typo 2018-05-31 04:53:37 +00:00
OSSN-0069 Updated OSSN-0069 2016-09-07 16:43:47 +00:00
OSSN-0070 OSSN-0070: bandit version < 1.1.0 have possible XSS 2016-08-30 02:39:37 +00:00
OSSN-0073 Updated OSSN-0073 2016-09-08 18:14:30 +00:00
OSSN-0077 Adding Security Note OSSN-0077 2016-11-11 19:52:25 +01:00
OSSN-0078 Adding OSSN-0078 2017-03-14 18:26:27 +00:00
OSSN-0079 Adding OSSN-0079 2017-07-20 15:56:20 +01:00
OSSN-0081 Adding OSSN-0081 2017-09-07 13:37:29 +01:00
OSSN-0082 Adding OSSN-0082 2017-10-04 15:42:26 +01:00
OSSN-0083 Publish OSSN-0083 2018-04-17 23:21:08 -06:00
OSSN-0084 Fix ambiguity around releases and workarounds 2018-07-05 16:02:03 +01:00
README.md Migrate OSSNs to the security-doc repo 2014-08-11 12:59:28 -07:00
template.txt Rename OpenStack Security Group/Project 2017-03-14 18:27:44 +00:00

OpenStack Security Notes (OSSN)

The OpenStack Security Group (OSSG) publishes Security Notes to advise users of security related issues. Security notes are similar to advisories; they address vulnerabilities in 3rd party tools typically used within OpenStack deployments and provide guidance on common configuration mistakes that can result in an insecure operating environment.

Repository Layout

This repository contains published Security Notes and templates that should be used when creating new Security Notes.

notes - contains Security Notes in e-mail format (see the templates)
templates - contains e-mail and wiki format templates

A list of published Security Notes is available here:

https://wiki.openstack.org/wiki/Security_Notes

The process used to create new Security Notes is available here:

https://wiki.openstack.org/wiki/Security/Security_Note_Process