User contributions
(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)
- 19:19, 3 October 2014 (diff | hist) . . (-23) . . Security Notes (→Published Security Notes)
- 19:18, 3 October 2014 (diff | hist) . . (+2,977) . . N OSSN/OSSN-0028 (Created page with "__NOTOC__ == Nova leaks compute host SMBIOS serial number to guests == === Summary === When Nova is using the libvirt virtualization driver, the SMBIOS serial number supplie...")
- 19:31, 29 September 2014 (diff | hist) . . (+275) . . OSSN/OSSN-0029
- 20:24, 26 September 2014 (diff | hist) . . (-7) . . Security Notes (→Published Security Notes)
- 20:23, 26 September 2014 (diff | hist) . . (+3,587) . . N OSSN/OSSN-0030 (Created page with "__NOTOC__ == Bash 'shellshock' bug can lead to code injection vulnerability == === Summary === A bug in the GNU Bash shell (4.3 and lower) exposes a code injection vulnerabi...")
- 02:24, 26 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 02:24, 26 September 2014 (diff | hist) . . (+3,330) . . N OSSN/OSSN-0024 (Created page with "__NOTOC__ == Sensitive data is exposed in log statements by python-keystoneclient == === Summary === Python-keystoneclient is a client tool for the OpenStack Identity API, w...")
- 16:58, 24 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 16:23, 24 September 2014 (diff | hist) . . (+2,512) . . N OSSN/OSSN-0029 (Created page with "__NOTOC__ == Neutron FWaaS rules lack port restrictions when using protocol 'any' == === Summary === A bug in the Neutron FWaaS (Firewall as a Service) code results in iptab...")
- 16:15, 24 September 2014 (diff | hist) . . (0) . . Security Notes (→Published Security Notes)
- 16:13, 16 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 16:13, 16 September 2014 (diff | hist) . . (+3,164) . . N OSSN/OSSN-0027 (Created page with "__NOTOC__ == Neutron ARP cache poisoning vulnerability == === Summary === The Neutron firewall driver 'iptables_firewall' does not prevent ARP cache poisoning, as this drive...")
- 23:52, 15 September 2014 (diff | hist) . . (+124) . . Security Notes (→Published Security Notes)
- 23:50, 15 September 2014 (diff | hist) . . (-15) . . Security Notes (→Published Security Notes)
- 23:46, 15 September 2014 (diff | hist) . . (+11) . . OSSN/OSSN-0020
- 20:16, 5 September 2014 (diff | hist) . . (-12) . . Security Notes (→Published Security Notes)
- 20:15, 5 September 2014 (diff | hist) . . (+2,751) . . OSSN/OSSN-0026
- 19:17, 4 September 2014 (diff | hist) . . (+10) . . Security Notes (→Published Security Notes)
- 19:16, 4 September 2014 (diff | hist) . . (+17) . . Security Notes (→Published Security Notes)
- 19:16, 4 September 2014 (diff | hist) . . (+3,262) . . N OSSN/OSSN-0023 (Created page with "__NOTOC__ == Keystone logs auth tokens in URLs at the INFO log level == === Summary === When a client accesses Keystone using the Identity API version 2, the tokens will be...")
- 14:21, 12 August 2014 (diff | hist) . . (-83) . . Security/Security Note Process (→Wiki)
- 14:15, 12 August 2014 (diff | hist) . . (-12) . . Security/Security Note Process (→Reviewing)
- 14:15, 12 August 2014 (diff | hist) . . (-241) . . Security/Security Note Process (→Templates)
- 19:53, 11 August 2014 (diff | hist) . . (+26) . . Security Notes (→Published Security Notes)
- 13:53, 11 August 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 13:53, 11 August 2014 (diff | hist) . . (+2,716) . . OSSN/OSSN-0022 (→Soft reboot of instance does not ensure iptables rules are present)
- 22:15, 1 August 2014 (diff | hist) . . (+123) . . Security/Talks (→OpenStack Paris Summit 2014 Talks submitted by OpenStack Security Group)
- 21:28, 25 July 2014 (diff | hist) . . (+330) . . Security/Security Note Process (→Reviewing)
- 21:19, 25 July 2014 (diff | hist) . . (0) . . Security/Security Note Process (→Mailing Lists)
- 20:56, 25 July 2014 (diff | hist) . . (-10) . . Security Notes
- 20:55, 25 July 2014 (diff | hist) . . (+2,727) . . N OSSN/OSSN-0021 (Created page with "__NOTOC__ == Owners of compromised accounts should verify Keystone trusts == === Summary === The Keystone 'trusts' API allows for delegation of privileges to one user on beh...")
- 21:13, 17 July 2014 (diff | hist) . . (+37) . . Security Notes (→Published Security Notes)
- 18:37, 30 June 2014 (diff | hist) . . (+2,985) . . N OSSN/OSSN-0019 (Created page with "__NOTOC__ == Cinder SSH Pool will auto-accept SSH host signatures by default == === Summary === In OpenStack releases prior to Juno, the SSH connection pool used by Cinder d...")
- 18:33, 30 June 2014 (diff | hist) . . (0) . . Security Notes (→Published Security Notes)
- 18:32, 30 June 2014 (diff | hist) . . (-4) . . Security Notes (→Published Security Notes)
- 14:26, 25 June 2014 (diff | hist) . . (+30) . . Security Notes
- 14:25, 25 June 2014 (diff | hist) . . (-4) . . Security Notes (→Published Security Notes)
- 14:24, 25 June 2014 (diff | hist) . . (+2,838) . . N OSSN/OSSN-0018 (Created page with "__NOTOC__ == Nova Network configuration allows guest VMs to connect to host services == === Summary === When using Nova Network to manage networking for compute instances, in...")
- 15:27, 20 June 2014 (diff | hist) . . (-4) . . Security Notes (→Published Security Notes)
- 22:54, 19 June 2014 (diff | hist) . . (-10) . . OSSN/OSSN-0017
- 17:27, 11 June 2014 (diff | hist) . . (+529) . . OSSN/OSSN-0013 (Revised note to provide correct description/workaround) (current)
- 15:29, 31 May 2014 (diff | hist) . . (+1,889) . . OSSN/OSSN-0015
- 15:20, 31 May 2014 (diff | hist) . . (-22) . . Security Notes
- 15:14, 31 May 2014 (diff | hist) . . (+2,981) . . OSSN/OSSN-0014
- 16:02, 30 May 2014 (diff | hist) . . (0) . . Security Notes
- 00:13, 30 May 2014 (diff | hist) . . (+286) . . Security/Security Note Process
- 03:22, 29 May 2014 (diff | hist) . . (0) . . Security Notes
- 03:19, 29 May 2014 (diff | hist) . . (+112) . . Security Notes (→Published Security Notes)
- 16:41, 27 May 2014 (diff | hist) . . (+62) . . Meetings/KeystoneMeeting (→Agenda for next meeting)
- 16:45, 8 May 2014 (diff | hist) . . (+497) . . Security/Security Note Process
(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)