User contributions
- 19:51, 9 June 2016 (diff | hist) . . (-10) . . Security Notes (→Published Security Notes)
- 19:49, 9 June 2016 (diff | hist) . . (+2,402) . . N OSSN/OSSN-0063 (Created page with "__NOTOC__ == Nova and Cinder key manager for Barbican misuses cached credentials == === Summary === During the Icehouse release the Cinder and Nova projects added a feature t...")
- 20:56, 25 January 2016 (diff | hist) . . (+10) . . OSSN/OSSN-0060 (→Contacts / References)
- 20:55, 25 January 2016 (diff | hist) . . (-6) . . Security Notes (→Published Security Notes)
- 23:00, 15 December 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 23:00, 15 December 2015 (diff | hist) . . (+2,957) . . N OSSN/OSSN-0062 (Created page with "__NOTOC__ == Potential reuse of revoked Identity tokens == === Summary === An authorization token issued by the Identity service can be revoked, which is designed to immediat...")
- 22:43, 15 December 2015 (diff | hist) . . (+15) . . Security Notes (→Published Security Notes)
- 22:39, 15 December 2015 (diff | hist) . . (-5) . . Security Notes (→Published Security Notes)
- 22:38, 15 December 2015 (diff | hist) . . (+1,677) . . OSSN/OSSN-0061
- 20:23, 15 December 2015 (diff | hist) . . (+108) . . Security Notes (→Published Security Notes)
- 21:33, 16 November 2015 (diff | hist) . . (-11) . . Security Notes
- 21:33, 16 November 2015 (diff | hist) . . (+1,812) . . OSSN/OSSN-0059
- 22:08, 15 October 2015 (diff | hist) . . (-153) . . Security Notes (→Published Security Notes)
- 22:07, 15 October 2015 (diff | hist) . . (+2,218) . . N OSSN/OSSN-0057 (Created page with "__NOTOC__ == DoS attack on Glance service can lead to interruption or disruption == === Summary === The typical Glance workflow allows authenticated users to create an image...")
- 19:39, 23 September 2015 (diff | hist) . . (-72) . . OSSN/OSSN-0033 (→Contacts / References)
- 19:38, 23 September 2015 (diff | hist) . . (+271) . . OSSN/OSSN-0033 (→Contacts / References)
- 19:21, 23 September 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 19:20, 23 September 2015 (diff | hist) . . (+3,103) . . OSSN/OSSN-0053
- 02:21, 18 September 2015 (diff | hist) . . (-12) . . Security Notes
- 02:20, 18 September 2015 (diff | hist) . . (+2,569) . . OSSN/OSSN-0056
- 21:16, 17 September 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 21:16, 17 September 2015 (diff | hist) . . (+2,512) . . OSSN/OSSN-0058
- 21:08, 17 September 2015 (diff | hist) . . (-24) . . Security Notes (→Published Security Notes)
- 21:07, 17 September 2015 (diff | hist) . . (+2,115) . . N OSSN/OSSN-0054 (Created page with "__NOTOC__ == Potential Denial of Service in Horizon login == === Summary === Horizon uses the Python based Django web framework. Older versions of this framework allow an una...")
- 18:41, 17 September 2015 (diff | hist) . . (+1) . . Security Notes (→Published Security Notes)
- 18:38, 17 September 2015 (diff | hist) . . (+10) . . OSSN/OSSN-0055
- 18:27, 17 September 2015 (diff | hist) . . (+5) . . Security Notes (→Published Security Notes)
- 18:26, 17 September 2015 (diff | hist) . . (+1,515) . . OSSN/OSSN-0052
- 13:46, 7 July 2015 (diff | hist) . . (+1) . . m OSSN/OSSN-0049 (→Discussion)
- 13:43, 7 July 2015 (diff | hist) . . (-12) . . Security Notes (→Published Security Notes)
- 13:42, 7 July 2015 (diff | hist) . . (+3,037) . . N OSSN/OSSN-0049 (Created page with "__NOTOC__ == Nova ironic driver logs sensitive information while operating in debug mode == === Summary === The password and authentication token configuration options for th...")
- 14:17, 11 May 2015 (diff | hist) . . (-8) . . Security Notes (→Published Security Notes)
- 14:17, 11 May 2015 (diff | hist) . . (+1,708) . . OSSN/OSSN-0046 (→OSSN-0046)
- 14:54, 30 April 2015 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 14:54, 30 April 2015 (diff | hist) . . (+3,192) . . N OSSN/OSSN-0048 (Created page with "__notoc__ == Glance method filtering does not work under certain conditions == === Summary === Glance is using the Python assert statement for validating the HTTP method typ...")
- 18:32, 19 April 2015 (diff | hist) . . (+14) . . Security Notes (→Published Security Notes)
- 18:31, 19 April 2015 (diff | hist) . . (+6,366) . . N OSSN/OSSN-0047 (Created page with "__NOTOC__ == Keystone does not validate that identity providers match federation mappings == === Summary === Keystone's OS-FEDERATION extension does not enforce a link betwee...")
- 14:53, 9 April 2015 (diff | hist) . . (+114) . . Security Notes (→Published Security Notes)
- 18:10, 11 March 2015 (diff | hist) . . (+2) . . Security Notes (→Published Security Notes)
- 18:10, 11 March 2015 (diff | hist) . . (+4,413) . . OSSN/OSSN-0045
- 21:08, 2 March 2015 (diff | hist) . . (+9) . . Security Notes (→Published Security Notes)
- 21:07, 2 March 2015 (diff | hist) . . (+1,583) . . N OSSN/OSSN-0044 (Created page with "__NOTOC__ == Older versions of noVNC allow session theft == === Summary === Commonly packaged versions of noVNC allow an attacker to hijack user sessions even when TLS is ena...")
- 16:37, 6 February 2015 (diff | hist) . . (-8) . . Security Notes (→Published Security Notes)
- 12:49, 5 February 2015 (diff | hist) . . (+2,986) . . N OSSN/OSSN-0043 (Created page with "__NOTOC__ == glibc 'GHOST' vulnerability can allow remote code execution == === Summary === A serious vulnerability in the GNU C library (glibc) gethostbyname* functions can...")
- 06:41, 18 December 2014 (diff | hist) . . (-11) . . Security Notes
- 02:06, 18 December 2014 (diff | hist) . . (+2,384) . . N OSSN/OSSN-0038 (Created page with "__NOTOC__ == Suds client subject to cache poisoning by local attacker == === Summary === Suds is a Python SOAP client for consuming Web Services. Its default cache implement...")
- 16:17, 17 December 2014 (diff | hist) . . (+8) . . Security Notes (→Published Security Notes)
- 16:16, 17 December 2014 (diff | hist) . . (-41) . . Security Notes
- 01:42, 17 December 2014 (diff | hist) . . (+2,376) . . N OSSN/OSSN-0042 (Created page with "__NOTOC__ == Keystone token scoping provides no security benefit == === Summary === Keystone provides "scoped" tokens that are constrained to use by a single project. A user...")
- 17:38, 23 October 2014 (diff | hist) . . (+4,886) . . N Security/Kilo/Keystone (Created page with "This page documents security related details for the Keystone project in the OpenStack Kilo release. === Implemented Crypto === Keystone doesn't have an home-brewed encryption...") (current)
- 17:35, 23 October 2014 (diff | hist) . . (+692) . . N Security/Kilo/Sahara (Created page with "This page documents security related details for the Sahara project in the OpenStack Kilo release. === Implemented Crypto === ? === Used Crypto === ? ==== Libraries ==== ? ===...") (current)
- 17:32, 23 October 2014 (diff | hist) . . (-27) . . Security/Kilo (→Incubated Projects) (current)
- 17:31, 23 October 2014 (diff | hist) . . (+52) . . Security/Kilo (→Integrated Projects)
- 17:29, 23 October 2014 (diff | hist) . . (+2,189) . . N Security/Kilo (Created page with "'''WORK IN PROGRESS''' This page aims to capture an overview of security related information for integrated projects in the OpenStack Kilo release. The information that this...")
- 19:47, 21 October 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 19:46, 21 October 2014 (diff | hist) . . (+6,416) . . N OSSN/OSSN-0039 (Created page with "__NOTOC__ == Configuring OpenStack deployments to prevent POODLE attacks == === Summary === POODLE (CVE-2014-3566) is a new attack on SSLv3 that allows an active network-bas...")
- 17:51, 21 October 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 17:50, 21 October 2014 (diff | hist) . . (+2,772) . . N OSSN/OSSN-0025 (Created page with "__NOTOC__ == Possible Glance image exposure via Swift == === Summary === Glance is able to use Swift as a back end for storing virtual machine images. When Glance is configu...")
- 16:39, 21 October 2014 (diff | hist) . . (-78) . . Security Notes (→Published Security Notes)
- 16:34, 21 October 2014 (diff | hist) . . (+1,679) . . N OSSN/OSSN-0037 (Created page with "__NOTOC__ == Configure Horizon to mitigate BREACH/CRIME attacks == === Summary === Horizon is vulnerable to BREACH/CRIME style chosen plaintext attacks in it's default confi...")
- 16:30, 21 October 2014 (diff | hist) . . (+1,215) . . N OSSN/OSSN-0036 (Created page with "__NOTOC__ == Horizon does not set Secure Attribute in cookies == === Summary === Horizon does not, by default, set the Secure Attribute in cookies. === Affected Services /...")
- 16:24, 21 October 2014 (diff | hist) . . (+2,011) . . N OSSN/OSSN-0035 (Created page with "__NOTOC__ == HTTP Strict Transport Security not enabled on Horizon Dashboard == === Summary === Deployers using Horizon for production or internet facing operations should s...")
- 16:14, 21 October 2014 (diff | hist) . . (+1,891) . . N OSSN/OSSN-0034 (Created page with "__NOTOC__ == Restarting memcached loses revoked token list == === Summary === When a cloud is deployed using Memcached as a backend for Keystone tokens, there is a security...")
- 15:59, 21 October 2014 (diff | hist) . . (+1,789) . . N OSSN/OSSN-0033 (Created page with "__NOTOC__ == Some SSL-Enabled connections fail to perform basic certificate checks == === Summary === In many places, OpenStack components use Python 2.x HTTPSConnection to e...")
- 15:57, 21 October 2014 (diff | hist) . . (+1,834) . . N OSSN/OSSN-0032 (Created page with "__NOTOC__ ==Disabling a tenant does not disable a user token == === Summary === When a tenant is disabled in Keystone, tokens that have been issued to that tenant are not in...")
- 15:52, 21 October 2014 (diff | hist) . . (+1,418) . . N OSSN/OSSN-0031 (Created page with "__NOTOC__ == Nova Baremetal is insecure for use in multi-tenant environments == === Summary === Data of previous tenants may be exposed to new ones when using Nova Baremetal...")
- 02:37, 21 October 2014 (diff | hist) . . (+656) . . Meetings/KeystoneMeeting (→Agenda for next meeting)
- 02:44, 16 October 2014 (diff | hist) . . (+640) . . ReleaseNotes/Juno (→Known Issues)
- 22:41, 5 October 2014 (diff | hist) . . (+779) . . Security Notes (→Published Security Notes)
- 19:19, 3 October 2014 (diff | hist) . . (-23) . . Security Notes (→Published Security Notes)
- 19:18, 3 October 2014 (diff | hist) . . (+2,977) . . N OSSN/OSSN-0028 (Created page with "__NOTOC__ == Nova leaks compute host SMBIOS serial number to guests == === Summary === When Nova is using the libvirt virtualization driver, the SMBIOS serial number supplie...")
- 19:31, 29 September 2014 (diff | hist) . . (+275) . . OSSN/OSSN-0029
- 20:24, 26 September 2014 (diff | hist) . . (-7) . . Security Notes (→Published Security Notes)
- 20:23, 26 September 2014 (diff | hist) . . (+3,587) . . N OSSN/OSSN-0030 (Created page with "__NOTOC__ == Bash 'shellshock' bug can lead to code injection vulnerability == === Summary === A bug in the GNU Bash shell (4.3 and lower) exposes a code injection vulnerabi...")
- 02:24, 26 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 02:24, 26 September 2014 (diff | hist) . . (+3,330) . . N OSSN/OSSN-0024 (Created page with "__NOTOC__ == Sensitive data is exposed in log statements by python-keystoneclient == === Summary === Python-keystoneclient is a client tool for the OpenStack Identity API, w...")
- 16:58, 24 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 16:23, 24 September 2014 (diff | hist) . . (+2,512) . . N OSSN/OSSN-0029 (Created page with "__NOTOC__ == Neutron FWaaS rules lack port restrictions when using protocol 'any' == === Summary === A bug in the Neutron FWaaS (Firewall as a Service) code results in iptab...")
- 16:15, 24 September 2014 (diff | hist) . . (0) . . Security Notes (→Published Security Notes)
- 16:13, 16 September 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 16:13, 16 September 2014 (diff | hist) . . (+3,164) . . N OSSN/OSSN-0027 (Created page with "__NOTOC__ == Neutron ARP cache poisoning vulnerability == === Summary === The Neutron firewall driver 'iptables_firewall' does not prevent ARP cache poisoning, as this drive...")
- 23:52, 15 September 2014 (diff | hist) . . (+124) . . Security Notes (→Published Security Notes)
- 23:50, 15 September 2014 (diff | hist) . . (-15) . . Security Notes (→Published Security Notes)
- 23:46, 15 September 2014 (diff | hist) . . (+11) . . OSSN/OSSN-0020
- 20:16, 5 September 2014 (diff | hist) . . (-12) . . Security Notes (→Published Security Notes)
- 20:15, 5 September 2014 (diff | hist) . . (+2,751) . . OSSN/OSSN-0026
- 19:17, 4 September 2014 (diff | hist) . . (+10) . . Security Notes (→Published Security Notes)
- 19:16, 4 September 2014 (diff | hist) . . (+17) . . Security Notes (→Published Security Notes)
- 19:16, 4 September 2014 (diff | hist) . . (+3,262) . . N OSSN/OSSN-0023 (Created page with "__NOTOC__ == Keystone logs auth tokens in URLs at the INFO log level == === Summary === When a client accesses Keystone using the Identity API version 2, the tokens will be...")
- 14:21, 12 August 2014 (diff | hist) . . (-83) . . Security/Security Note Process (→Wiki)
- 14:15, 12 August 2014 (diff | hist) . . (-12) . . Security/Security Note Process (→Reviewing)
- 14:15, 12 August 2014 (diff | hist) . . (-241) . . Security/Security Note Process (→Templates)
- 19:53, 11 August 2014 (diff | hist) . . (+26) . . Security Notes (→Published Security Notes)
- 13:53, 11 August 2014 (diff | hist) . . (-11) . . Security Notes (→Published Security Notes)
- 13:53, 11 August 2014 (diff | hist) . . (+2,716) . . OSSN/OSSN-0022 (→Soft reboot of instance does not ensure iptables rules are present)
- 22:15, 1 August 2014 (diff | hist) . . (+123) . . Security/Talks (→OpenStack Paris Summit 2014 Talks submitted by OpenStack Security Group)
- 21:28, 25 July 2014 (diff | hist) . . (+330) . . Security/Security Note Process (→Reviewing)
- 21:19, 25 July 2014 (diff | hist) . . (0) . . Security/Security Note Process (→Mailing Lists)
- 20:56, 25 July 2014 (diff | hist) . . (-10) . . Security Notes
- 20:55, 25 July 2014 (diff | hist) . . (+2,727) . . N OSSN/OSSN-0021 (Created page with "__NOTOC__ == Owners of compromised accounts should verify Keystone trusts == === Summary === The Keystone 'trusts' API allows for delegation of privileges to one user on beh...")
- 21:13, 17 July 2014 (diff | hist) . . (+37) . . Security Notes (→Published Security Notes)
- 18:37, 30 June 2014 (diff | hist) . . (+2,985) . . N OSSN/OSSN-0019 (Created page with "__NOTOC__ == Cinder SSH Pool will auto-accept SSH host signatures by default == === Summary === In OpenStack releases prior to Juno, the SSH connection pool used by Cinder d...")
- 18:33, 30 June 2014 (diff | hist) . . (0) . . Security Notes (→Published Security Notes)
- 18:32, 30 June 2014 (diff | hist) . . (-4) . . Security Notes (→Published Security Notes)
- 14:26, 25 June 2014 (diff | hist) . . (+30) . . Security Notes
- 14:25, 25 June 2014 (diff | hist) . . (-4) . . Security Notes (→Published Security Notes)
- 14:24, 25 June 2014 (diff | hist) . . (+2,838) . . N OSSN/OSSN-0018 (Created page with "__NOTOC__ == Nova Network configuration allows guest VMs to connect to host services == === Summary === When using Nova Network to manage networking for compute instances, in...")
- 15:27, 20 June 2014 (diff | hist) . . (-4) . . Security Notes (→Published Security Notes)
- 22:54, 19 June 2014 (diff | hist) . . (-10) . . OSSN/OSSN-0017
- 17:27, 11 June 2014 (diff | hist) . . (+529) . . OSSN/OSSN-0013 (Revised note to provide correct description/workaround) (current)
- 15:29, 31 May 2014 (diff | hist) . . (+1,889) . . OSSN/OSSN-0015
- 15:20, 31 May 2014 (diff | hist) . . (-22) . . Security Notes
- 15:14, 31 May 2014 (diff | hist) . . (+2,981) . . OSSN/OSSN-0014
- 16:02, 30 May 2014 (diff | hist) . . (0) . . Security Notes
- 00:13, 30 May 2014 (diff | hist) . . (+286) . . Security/Security Note Process
- 03:22, 29 May 2014 (diff | hist) . . (0) . . Security Notes
- 03:19, 29 May 2014 (diff | hist) . . (+112) . . Security Notes (→Published Security Notes)
- 16:41, 27 May 2014 (diff | hist) . . (+62) . . Meetings/KeystoneMeeting (→Agenda for next meeting)
- 16:45, 8 May 2014 (diff | hist) . . (+497) . . Security/Security Note Process
- 22:45, 7 May 2014 (diff | hist) . . (-1) . . Security Notes (→Published Security Notes)
- 22:35, 7 May 2014 (diff | hist) . . (-46) . . OSSN/OSSN-0013
- 22:22, 1 May 2014 (diff | hist) . . (+606) . . N Security/Stackforge/Solum (Created page with "This page documents security related details for the Solum stackforge project. === Implemented Crypto === === Used Crypto === ==== Libraries ==== ==== Encryption Algorithm...") (current)
- 22:20, 1 May 2014 (diff | hist) . . (+627) . . N Security/Juno/Marconi (Created page with "This page documents security related details for the Marconi project in the OpenStack Juno release. === Implemented Crypto === === Used Crypto === ==== Libraries ==== ====...")
- 22:15, 1 May 2014 (diff | hist) . . (+93) . . Security/Juno (→Incubated Projects) (current)
- 00:53, 27 April 2014 (diff | hist) . . (0) . . OpenPGP Web of Trust/Juno Summit
- 19:56, 25 April 2014 (diff | hist) . . (-2) . . Security/Juno/Barbican (→Encryption Algorithms) (current)
- 19:54, 25 April 2014 (diff | hist) . . (+149) . . Security/Juno/Barbican (→Encryption Algorithms)
- 19:36, 25 April 2014 (diff | hist) . . (+54) . . Security/Juno/Barbican (→Libraries)
- 19:32, 25 April 2014 (diff | hist) . . (+276) . . Security/Juno/Barbican (→Encryption Algorithms)
- 19:27, 25 April 2014 (diff | hist) . . (+79) . . Security/Juno/Barbican (→Encryption Algorithms)
- 19:22, 25 April 2014 (diff | hist) . . (+189) . . Security/Juno/Barbican (→Encryption Algorithms)
- 19:17, 25 April 2014 (diff | hist) . . (-34) . . Security/Juno/Barbican (→Encryption Algorithms)
- 19:17, 25 April 2014 (diff | hist) . . (-68) . . Security/Juno/Barbican (→Hashing Algorithms)
- 19:13, 25 April 2014 (diff | hist) . . (+255) . . Security/Juno/Barbican (→Used Crypto)
- 19:08, 25 April 2014 (diff | hist) . . (+98) . . Security/Juno/Barbican (→Encryption Algorithms)
- 19:05, 25 April 2014 (diff | hist) . . (+673) . . Security/Juno/Barbican (→Hashing Algorithms)
- 18:53, 25 April 2014 (diff | hist) . . (+11) . . Security/Juno/Barbican (→Libraries)
- 18:48, 25 April 2014 (diff | hist) . . (+604) . . N Security/Juno/Barbican (Created page with "This page documents security related details for the Barbican project in the OpenStack Juno release. === Implemented Crypto === === Used Crypto === ==== Libraries ==== ===...")
- 18:40, 25 April 2014 (diff | hist) . . (+169) . . Security/Juno
- 17:59, 22 April 2014 (diff | hist) . . (+64) . . Security/Juno/Keystone (→Notable changes since Icehouse)
- 17:45, 22 April 2014 (diff | hist) . . (+159) . . Security/Juno/Keystone (→Notable changes since Icehouse)
- 17:38, 22 April 2014 (diff | hist) . . (+7,165) . . N Security/Juno/Heat (Created page with "This page documents security related details for the Heat project in the OpenStack Juno release. === Overview of Heat Auth Model === Heat provides a native ReST API (heat-ap...") (current)
- 17:36, 22 April 2014 (diff | hist) . . (-18) . . Security/Icehouse (→Projects) (current)
- 17:34, 22 April 2014 (diff | hist) . . (+1,927) . . N Security/Juno (Created page with "'''WORK IN PROGRESS''' This page aims to capture an overview of security related information for integrated projects in the OpenStack Juno release. The information that this...")
- 17:27, 22 April 2014 (diff | hist) . . (+4,699) . . N Security/Juno/Keystone (Created page with "This page documents security related details for the Keystone project in the OpenStack Juno release. === Implemented Crypto === Keystone doesn't have an home-brewed encryption...")
- 19:19, 17 April 2014 (diff | hist) . . (-3) . . Security Notes (→Published Security Notes)
- 19:18, 17 April 2014 (diff | hist) . . (+2,089) . . N OSSN/OSSN-0010 (Created page with "__NOTOC__ == Sample Keystone v3 policy exposes privilege escalation vulnerability == === Summary === The ''policy.v3cloudsample.json'' sample Keystone policy file combined wi...")
- 18:58, 10 April 2014 (diff | hist) . . (+133) . . Meetings/OpenStackSecurity (→2014)
- 07:10, 10 April 2014 (diff | hist) . . (+2,822) . . N OSSN/OSSN-0012 (Created page with "__NOTOC__ == OpenSSL Heartbleed vulnerability can lead to OpenStack compromise == === Summary === A vulnerability in OpenSSL can lead to leaking of confidential data protecte...")
- 07:01, 10 April 2014 (diff | hist) . . (+113) . . Security Notes
- 23:41, 8 April 2014 (diff | hist) . . (+106) . . OpenPGP Web of Trust/Juno Summit (→Juno Summit Key Signing)
- 18:48, 8 April 2014 (diff | hist) . . (+9) . . Meetings/KeystoneMeeting (→Regular attendees)
- 16:43, 8 April 2014 (diff | hist) . . (+68) . . Meetings/KeystoneMeeting (→Agenda for next meeting)
- 03:07, 6 April 2014 (diff | hist) . . (+96) . . Security/Icehouse/Keystone (→Used Crypto)
- 02:47, 6 April 2014 (diff | hist) . . (+310) . . Security/Icehouse/Keystone (→Used Crypto)
- 02:34, 6 April 2014 (diff | hist) . . (+105) . . Security/Icehouse/Keystone
- 02:32, 6 April 2014 (diff | hist) . . (+1,857) . . Security/Icehouse/Keystone (→Sensitive Data)
- 02:19, 6 April 2014 (diff | hist) . . (+1,100) . . Security/Icehouse/Keystone (→Hashing Algorithms)
- 02:06, 6 April 2014 (diff | hist) . . (+1,145) . . N Security/Icehouse/Keystone (Created page with "=== Implemented Crypto === None. === Used Crypto === ==== Encryption Algorithms ==== {| class="wikitable sortable" |- ! Algorithm !! Purpose !! Configurable !! Implementation...")
- 01:40, 6 April 2014 (diff | hist) . . (+61) . . Security/Icehouse
- 01:16, 6 April 2014 (diff | hist) . . (+1,851) . . N Security/Icehouse (Created page with "'''WORK IN PROGRESS''' This page aims to capture an overview of security related information for integrated projects in the OpenStack Icehouse release. The information that...")
- 03:35, 5 April 2014 (diff | hist) . . (+5,146) . . N OSSN/OSSN-0011 (Created page with "__NOTOC__ == Heat templates with invalid references allows unintended network access == === Summary === Orchestration templates can create security groups to define network a...")
- 03:26, 5 April 2014 (diff | hist) . . (+120) . . Security Notes (→Published Security Notes)
- 14:57, 2 April 2014 (diff | hist) . . (+2,039) . . N OSSN/OSSN-0009 (Created page with "__NOTOC__ == Potential token revocation abuse via group membership == === Summary === Deletion of groups in Keystone causes token revocation for group members. If group capa...")
- 14:49, 2 April 2014 (diff | hist) . . (+99) . . Security Notes (→Published Security Notes)
- 23:59, 28 March 2014 (diff | hist) . . (-891) . . Security/Security Note Template (current)
- 23:58, 28 March 2014 (diff | hist) . . (+69) . . Security/Security Note Process (→Wiki)
- 23:55, 28 March 2014 (diff | hist) . . (+153) . . Security/Security Note Process (→Reviewing)
- 23:46, 28 March 2014 (diff | hist) . . (-585) . . Security/Security Note Process (→Template)
- 16:57, 9 March 2014 (diff | hist) . . (+126) . . Security Notes (→Published Security Notes)
- 16:46, 9 March 2014 (diff | hist) . . (-104) . . OSSN/OSSN-0008 (→Summary)
- 04:19, 8 March 2014 (diff | hist) . . (-16) . . OSSN/OSSN-0008 (→Affected Services / Software)
- 04:13, 8 March 2014 (diff | hist) . . (+1) . . OSSN/OSSN-0008 (→Recommended Actions)
- 04:12, 8 March 2014 (diff | hist) . . (-196) . . OSSN/OSSN-0008 (→Recommended Actions)
- 04:04, 8 March 2014 (diff | hist) . . (-3) . . OSSN/OSSN-0008
- 03:59, 8 March 2014 (diff | hist) . . (0) . . m OSSN/OSSN-0008 (Nkinder moved page OSSN/1227575 to OSSN/OSSN-0008: Use new OSSN naming)
- 03:59, 8 March 2014 (diff | hist) . . (+28) . . N OSSN/1227575 (Nkinder moved page OSSN/1227575 to OSSN/OSSN-0008: Use new OSSN naming) (current)
- 03:57, 8 March 2014 (diff | hist) . . (+11) . . OSSN/OSSN-0008 (→Discussion)
- 03:56, 8 March 2014 (diff | hist) . . (+131) . . OSSN/OSSN-0008 (→Recommended Actions)
- 03:51, 8 March 2014 (diff | hist) . . (-110) . . OSSN/OSSN-0008 (→Discussion)
- 03:04, 8 March 2014 (diff | hist) . . (+8) . . OSSN/OSSN-0008 (→Summary)
- 03:04, 8 March 2014 (diff | hist) . . (+3) . . OSSN/OSSN-0008 (→Summary)
- 02:55, 8 March 2014 (diff | hist) . . (-2) . . OSSN/OSSN-0008 (→Affected Services / Software)
- 03:11, 7 March 2014 (diff | hist) . . (+169) . . Security/Security Note Process (→Publishing)
- 03:09, 7 March 2014 (diff | hist) . . (+290) . . Security/Security Note Process (→Wiki)
- 02:50, 7 March 2014 (diff | hist) . . (+299) . . Security/Security Note Process (→Template)
- 02:42, 7 March 2014 (diff | hist) . . (-5) . . Security/Security Note Process (→Template)
- 19:30, 6 March 2014 (diff | hist) . . (+8,981) . . N OSSN/OSSN-0007 (Created page with "__NOTOC__ == Live migration instructions recommend unsecured libvirt remote access == === Summary === When using the KVM hypervisor with libvirt on OpenStack Compute nodes, l...")
- 19:17, 6 March 2014 (diff | hist) . . (+128) . . Security Notes (→Published Security Notes)
- 19:08, 17 January 2014 (diff | hist) . . (+3,170) . . N OSSN/1254619 (Created page with "__NOTOC__ == Keystone can allow user impersonation when using REMOTE_USER for external authentication == === Summary === When external authentication is used with Keystone us...")
- 19:03, 17 January 2014 (diff | hist) . . (+9) . . Security Notes (→Published Security Notes)
- 16:12, 13 January 2014 (diff | hist) . . (+817) . . Security/Security Note Process (→Writing)
- 05:37, 13 January 2014 (diff | hist) . . (+150) . . Security/Security Note Process (→Wiki)
- 05:36, 13 January 2014 (diff | hist) . . (+1,048) . . N Security/Security Note Template (Created page with "__NOTOC__ == Title (single sentence) == === Summary === A few sentences describing the issue at a high level. === Affected Services / Software === A comma separated list of ...")
- 04:07, 13 January 2014 (diff | hist) . . (+663) . . Security/Security Note Process (→Publishing)
- 02:55, 13 January 2014 (diff | hist) . . (-113) . . Security/Security Note Process
- 02:54, 13 January 2014 (diff | hist) . . (+1,328) . . Security/Security Note Process (→Template)
- 22:37, 12 January 2014 (diff | hist) . . (+1,050) . . N Security/Security Note Process (Created page with "This page describes the process that should be followed for writing and publishing an OpenStack Security Note (OSSN). This page is intended to be used by members of the OpenS...")
- 21:26, 8 January 2014 (diff | hist) . . (+891) . . Security/Guidelines (→Guidelines)
- 21:14, 8 January 2014 (diff | hist) . . (+4) . . Security/Guidelines/logging guidelines
- 21:12, 8 January 2014 (diff | hist) . . (+3,922) . . N Security/Guidelines/logging guidelines (Created page with "In order to prevent accidental leakage of confidential information to unauthorized users, there are some guidelines to assist in isolating this confidential data for easy/accu...")
- 21:06, 8 January 2014 (diff | hist) . . (+58) . . Security/Projects (→Cross Project Security Guidelines)
- 21:05, 8 January 2014 (diff | hist) . . (+274) . . Security/Projects (→Cross Project Security Guidelines)
- 18:16, 8 January 2014 (diff | hist) . . (+4,994) . . Security/Guidelines (→Cross Project Security Guidelines)
- 18:08, 8 January 2014 (diff | hist) . . (+391) . . Security/Guidelines (→Goals)
- 15:57, 8 January 2014 (diff | hist) . . (+108) . . N Security/Guidelines (Created page with "Note - this document is currently a work in progress. == Cross Project Security Guidelines == === Goals ===")
- 17:18, 4 January 2014 (diff | hist) . . (+10) . . m OSSN/OSSN-0008 (Removed table of contents)
- 19:28, 12 December 2013 (diff | hist) . . (+250) . . Security Notes
- 19:27, 12 December 2013 (diff | hist) . . (0) . . Security Notes (→Published Security Notes)
- 19:25, 12 December 2013 (diff | hist) . . (+115) . . Security Notes (→Published Security Notes)
- 19:24, 12 December 2013 (diff | hist) . . (+2,332) . . N OSSN/1098582 (Created page with "__NOTOC__ == Selecting LXC as Nova Virtualization Driver can lead to data compromise == === Summary === LXC does not provide the same level of separation as hypervisors when ...")
- 18:44, 12 December 2013 (diff | hist) . . (+105) . . Security Notes (→Published Security Notes)
- 18:42, 12 December 2013 (diff | hist) . . (+1,600) . . N OSSN/1155566 (Created page with "__NOTOC__ == HTTP POST limiting advised to avoid Essex/Folsom Keystone DoS == === Summary === Concurrent Keystone POST requests with large body messages are held in memory wi...")
- 18:32, 12 December 2013 (diff | hist) . . (+95) . . Security Notes (→Published Security Notes)
- 18:28, 12 December 2013 (diff | hist) . . (+1,486) . . N OSSN/1168252 (Created page with "__NOTOC__ == Keystone configuration should not be world readable == === Summary === In some deployments keystone.conf which contains confidential information, is set to world...")
- 18:07, 12 December 2013 (diff | hist) . . (+133) . . Security Notes (→Published Security Notes)
- 18:06, 12 December 2013 (diff | hist) . . (+3,014) . . N OSSN/1237989 (Created page with "__NOTOC__ == Authenticated users are able to update passwords without providing their current password == === Summary === An authenticated user is able to change their passwo...")
- 17:21, 12 December 2013 (diff | hist) . . (+257) . . N Security Notes (Created page with "The OpenStack Security Group publishes Security Notes to advise users of security related issues. === Published Security Notes === * 1226078 - Glance allows ...")
- 17:00, 12 December 2013 (diff | hist) . . (+2,657) . . N OSSN/1226078 (Created page with "__NOTOC__ == Glance allows sharing of images between projects without consumer project approval == === Summary === Glance allows images to be shared between projects. In cert...")