The following is the first of a series of OpenStack Security Notes that will be
issued by the OpenStack Security Group. Security notes are similar to
advisories; they address vulnerabilities in 3rd party tools typically used
within OpenStack deployments and provide guidance on common configurati
Daniel,
I agree with your modification and have made a note of it on the bug page.
I'll make sure to change it when we have a sensible place to publish all
of our OSSNs.
Thanks for engaging on this issue, we now have an OSSG mailing list and
will be ramping up a number of efforts on there, having
It's literally just been allocated, I'll send round the details as soon as
I've
got that far down my todo list ;)
> -Original Message-
> From: Daniel P. Berrange [mailto:berra...@redhat.com]
> Sent: 19 March 2013 13:42
> To: Clark, Robert Graham
> Cc: Bry
HTTP POST limiting advised to avoid Essex/Folsom Keystone DoS
---
### Summary ###
Concurrent Keystone POST requests with large body messages are held in memory
without filtering or rate limiting, this can lead to resource exhaustion on the
Keystone server.
### Affected Services / Software ###
K
Keystone configuration should not be world readable
---
### Summary ###
In some deployments keystone.conf which contains confidential information, is
set to world readable.
### Affected Services / Software ###
Keystone, DevStack, Deployment
### Discussion ###
It is important that deployers of O
Nova Baremetal Exposes Previous Tenant Data
-
### Summary ###
Data of previous tenants may be exposed to new ones when using Nova Baremetal
### Affected Services / Software ###
Keystone, Databases
### Discussion ###
Nova Baremetal is intended for testing and development only, it is not inten
Nova Baremetal Exposes Previous Tenant Data
-
### Summary ###
Data of previous tenants may be exposed to new ones when using Nova Baremetal
### Affected Services / Software ###
Keystone, Databases
### Discussion ###
Nova Baremetal is intended for testing and development only, it is not inten
7 matches
Mail list logo
