Closing the horizon portion of this bug since it is now
outside of the support window.
** Changed in: horizon
Status: New => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://b
** Changed in: ospurge
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1422046
Title:
cinder backup-list is always listi
** Changed in: python-cinderclient (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1422046
Title:
cinder backup-lis
Correct, we consider that latter case a "security hardening opportunity"
and I'm triaging this report as one now (class D in our taxonomy
https://security.openstack.org/vmt-process.html#incident-report-taxonomy
). Depending on severity and available time from editors in the Security
Team, these sor
Since this report concerns a possible security risk, an incomplete
security advisory task has been added while the core security reviewers
for the affected project or projects confirm the bug and discuss the
scope of any vulnerability along with potential solutions.
** Also affects: ossa
Import
Horizon is affected because as long as cinderclient <1.4.0, if the user
is logged in with admin permissions, the user lists all cinderbackup
resources instead of the ones of his own tenant, with the reisk of
tampering with ressources from another tenant/user.
** Also affects: horizon
Importance
6 matches
Mail list logo
