Difference between revisions of "Security Notes"
(→Published Security Notes) |
(→Published Security Notes) |
||
Line 5: | Line 5: | ||
* [[OSSN/1237989|1237989]] - Authenticated users are able to update passwords without providing their current password (22 Nov 2013) | * [[OSSN/1237989|1237989]] - Authenticated users are able to update passwords without providing their current password (22 Nov 2013) | ||
* [[OSSN/1168252|1168252]] - Keystone configuration should not be world readable (13 May 2013) | * [[OSSN/1168252|1168252]] - Keystone configuration should not be world readable (13 May 2013) | ||
+ | * [[OSSN/1155566|1155566]] - HTTP POST limiting advised to avoid Essex/Folsom Keystone DoS (23 Apr 2013) |
Revision as of 18:44, 12 December 2013
The OpenStack Security Group publishes Security Notes to advise users of security related issues.
Published Security Notes
- 1226078 - Glance allows sharing of images between projects without consumer project approval (11 Dec 2013)
- 1237989 - Authenticated users are able to update passwords without providing their current password (22 Nov 2013)
- 1168252 - Keystone configuration should not be world readable (13 May 2013)
- 1155566 - HTTP POST limiting advised to avoid Essex/Folsom Keystone DoS (23 Apr 2013)