*** This bug is a security vulnerability *** Public security bug reported:
The ironic config option for the password and auth token are not marked as secret so the values will get logged during startup in debug mode. ** Affects: nova Importance: Medium Assignee: Joe Gordon (jogo) Status: Triaged ** Tags: kilo-backport-potential ** Information type changed from Public to Public Security ** Tags added: kilo-backport-potential ** Changed in: nova Status: New => Triaged ** Changed in: nova Assignee: (unassigned) => Joe Gordon (jogo) ** Changed in: nova Importance: Undecided => Medium -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1451931 Title: ironic password config not marked as secret Status in OpenStack Compute (Nova): Triaged Bug description: The ironic config option for the password and auth token are not marked as secret so the values will get logged during startup in debug mode. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1451931/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp