Removed the OSSA task and marking invalid.
** Changed in: ossa
Status: Incomplete => Invalid
** No longer affects: ossa
** Changed in: nova
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed
Removed the OSSA task and opened the bug. Will leave it to the Nova PTL
to close.
** Changed in: ossa
Status: Incomplete => Won't Fix
** Information type changed from Private Security to Public
** No longer affects: ossa
--
You received this bug notification because you are a member of
** Changed in: ossa
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1516765
Title:
xenapi: volume_utils._parse_volume_info can
*** This bug is a security vulnerability ***
Public security bug reported:
Multiple reports that the fix for [OSSA 2015-005] Websocket Hijacking
Vulnerability in Nova VNC Server (CVE-2015-0259) is incomplete.
https://bugs.launchpad.net/nova/+bug/1409142/comments/146
https://bugs.launchpad.net/no
** Information type changed from Public Security to Public
** No longer affects: ossa
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1461734
Title:
duplicate detach vol
** Changed in: ossa
Status: Incomplete => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1464461
Title:
delete action always cause error ( in kilo)
Reopening bug as fix was incomplete. Will request a new CVE id when a
fix is ready.
** Changed in: glance
Status: Fix Released => In Progress
** Changed in: glance
Assignee: Zhi Yan Liu (lzy-dev) => Grant Murphy (gmurphy)
** Changed in: ossa
Assignee: (unassigned) =&
** Changed in: ossa
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1400966
Title:
[OSSA-2014-041] Glance allows users to download and delete a
Added OSSA bug task, set to incomplete until confirmed by core
developer. Even then I suspect we might issue a OSSN instead of a OSSA
for this.
Thoughts?
** Also affects: ossa
Importance: Undecided
Status: New
** Changed in: ossa
Status: New => Incomplete
--
You received this
** Also affects: ossa
Importance: Undecided
Status: New
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1300274
Title:
** Changed in: ossa
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1243327
Title:
[OSSA 2014-008] Routers can be cross plugged by other tenan
This seems like something that might catch out unsuspecting sysadmins.
Do you think it is worth issuing an OSSN for this?
** Also affects: ossn
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscrib
** Also affects: ossa
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1257566
Title:
EC2 and S3 token middleware create insecure connections
13 matches
Mail list logo
