Since the fix provided for the upcoming 2024.1 coordinated release
requires additional actions on the part of the operator to apply to
existing deployments affected by the former behavior, it won't qualify
for a security advisory (OSSA) but may still warrant a security note
(OSSN) if anyone feels
Reviewed: https://review.opendev.org/c/openstack/neutron/+/905125
Committed:
https://opendev.org/openstack/neutron/commit/27601f8eead444283e4d1c258298ac5afaff377f
Submitter: "Zuul (22348)"
Branch:master
commit 27601f8eead444283e4d1c258298ac5afaff377f
Author: Bence Romsics
Date: Tue Jan 9
Thanks for flagging the potential security impact of this. Can someone
provide a succinct exploit scenario for how an attacker might cause this
to occur and then take advantage of it? Or is it merely one of those
situations where someone could take advantage of the issue if they
happen to find an
3 matches
Mail list logo