This is a class B3 type of bug (according to
https://security.openstack.org/vmt-process.html#incident-report-taxonomy
)
** Changed in: ossa
Status: Incomplete => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1524675
Title:
lbaasv2-agent is logging credentials from barbican
Status in neutron:
In Progress
Status in OpenStack Security Advisory:
Won't Fix
Bug description:
In liberty, a neutron-lbaasv2-agent is logging credentials retrieved
from barbican when debug=True. (e.g. cert, private key, passphrase)
this makes security issue.
example: http://paste.openstack.org/show/481439/ (part of
/var/log/neutron/neutron-lbaasv2-agent.log)
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1524675/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
