[Yahoo-eng-team] [Bug 1275062] Re: [OSSA 2014-004] sensitive info in image location is logged when authentication to single tenant swift store fails (CVE-2014-1948)

Jeremy Stanley Wed, 12 Feb 2014 09:22:09 -0800

** Changed in: ossa
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1275062


Title:
  [OSSA 2014-004] sensitive info in image location is logged when
  authentication to single tenant swift store fails (CVE-2014-1948)

Status in OpenStack Image Registry and Delivery Service (Glance):
  Fix Committed
Status in Glance havana series:
  Fix Committed
Status in OpenStack Security Advisories:
  Fix Released

Bug description:
  WARNING glance.store [-] Get image <UUID> data from {'url':
  u'swift+https://XXXXX@my_auth_url.com/v2.0/my-images/<uuid>,
  'metadata': {}} failed: Auth GET failed: https://my_auth_url.com
  RESP_CODE

  19:13:05.027  ERROR glance.store [-] Glance tried all locations to get
  data for image <UUID> but all have failed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1275062/+subscriptions

-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

[Yahoo-eng-team] [Bug 1275062] Re: [OSSA 2014-004] sensitive info in image location is logged when authentication to single tenant swift store fails (CVE-2014-1948)

Reply via email to