settingsLogin | Registersettings

Search:

Experts on ossa

Thierry_Carrez

Recent questions tagged ossa

0 votes
0 responses 16 views

================================================================== OSSA-2017-005: Nova Filter Scheduler bypass through rebuild action ================================================================== :Date: November 14, 2017 :CVE: ...

asked Nov 14, 2017 in openstack-announce by tdecacqu_at_redhat.c (2,120 points)   1 1 1
 
0 votes
5 responses 12 views

Hi everyone, Once upon a time we only had one governance construct to recognize activity in OpenStack, and that was the upstream project teams. As a result, we created teams for everything. However with the introduction of SIGs, we have a ...

asked Nov 3, 2017 in openstack-dev by Thierry_Carrez (57,480 points)   3 8 13
 
0 votes
83 responses 24 views

Last week at the Forum we had a couple of discussions about collaboration between the various teams building or consuming container images. One topic that came up was deciding how to publish images from the various teams to docker hub or ...

asked May 18, 2017 in openstack-dev by Doug_Hellmann (87,520 points)   3 4 10
11 x  
0 votes
0 responses 8 views

================================================================ OSSA-2017-004: Incorrect role assignment with federated Keystone ================================================================ :Date: April 25, 2017 :CVE: CVE-2017-2673 ...

asked Apr 25, 2017 in openstack-announce by tdecacqu_at_redhat.c (2,120 points)   1 1 1
 
0 votes
47 responses 21 views

Hi everyone, New in this TC election round, we have a few days between nominations and actual voting to ask questions and get to know the candidates a bit better. I'd like to kick off this new "campaigning period" with a basic question on ...

asked Apr 17, 2017 in openstack-dev by Thierry_Carrez (57,480 points)   3 8 13
9 x  
0 votes
0 responses 13 views

==================================================== OSSA-2017-003: XSS in Horizon federation mappings UI ==================================================== :Date: April 04, 2017 :CVE: CVE-2017-7400 Affects ~~~~~~~ - Horizon: >=9.0.0 ...

asked Apr 6, 2017 in openstack-announce by tdecacqu_at_redhat.c (2,120 points)   1 1 1
 
0 votes
0 responses 8 views

======================================================================= OSSA-2017-002: Nova logs sensitive context from notification exceptions ======================================================================= :Date: March 23, 2017 ...

asked Mar 23, 2017 in openstack-announce by jeremy_at_openstack. (160 points)  
 
0 votes
9 responses 10 views

Hi, I've asked on #openstack-security without success, so let me try here insteead: We, Telemetry, have a security bug and we're not managed by VMT, any hint as how to handle our bug? Or how to get covered by VMT?

asked Jan 17, 2017 in openstack-dev by Julien_Danjou (20,500 points)   2 4 6
6 x  
0 votes
0 responses 5 views

============================================================================== OSSA-2016-013: Network information disclosure through Heat template source URL ============================================================================== ...

asked Nov 18, 2016 in openstack-announce by tdecacqu_at_redhat.c (2,120 points)   1 1 1
 
0 votes
0 responses 9 views

================================================================ OSSA-2016-012: Malicious qemu-img input may exhaust resources in Cinder, Glance, Nova ================================================================ :Date: October 06, 2016 ...

asked Oct 6, 2016 in openstack-announce by Jeremy_Stanley (56,700 points)   3 5 7
 
0 votes
0 responses 5 views

======================================================================== OSSA-2016-011: Nova may fail to delete images in resize state regression ======================================================================== :Date: September 21, ...

asked Sep 23, 2016 in openstack-announce by tdecacqu_at_redhat.c (2,120 points)   1 1 1
 
0 votes
52 responses 29 views

Hi everyone, As announced previously[1][2], there were no PTL candidates within the election deadline for a number of official OpenStack project teams: Astara, UX, OpenStackSalt and Security. In the Astara case, the current team working on ...

asked Sep 21, 2016 in openstack-dev by Thierry_Carrez (57,480 points)   3 8 13
8 x  
0 votes
15 responses 8 views

The said patch in question fixes a CVE[x] in stable/liberty. We currently have two options, both of them have caused an impasse with the Nova upstream / stable maintainers. We've had two-ish months to mull over this. I'd prefer to get this ...

asked Sep 20, 2016 in openstack-dev by Kashyap_Chamarthy (4,520 points)   1 2 3
4 x  
0 votes
0 responses 9 views

================================================== OSSA-2016-010: XSS in Horizon client side template ================================================== :Date: June 15, 2016 :CVE: CVE-2016-4428 Affects ~~~~~~~ - Horizon: <=8.0.1, >=9.0.0 ...

asked Jun 17, 2016 in openstack-announce by tdecacqu_at_redhat.c (2,120 points)   1 1 1
 
0 votes
0 responses 10 views

===================================================================== OSSA-2016-009: Neutron IPTables firewall anti-spoof protection bypass ===================================================================== :Date: June 14, 2016 :CVE: ...

asked Jun 14, 2016 in openstack-announce by tdecacqu_at_redhat.c (2,120 points)   1 1 1
 
0 votes
0 responses 12 views

============================================================================================ OSSA-2016-008: Incorrect Audit IDs in Keystone Fernet Tokens can result in revocation bypass ...

asked Jun 2, 2016 in openstack-announce by Morgan_Fainberg (17,320 points)   2 4 9
 
0 votes
0 responses 4 views

============================================================================================ OSSA-2016-008: Incorrect Audit IDs in Keystone Fernet Tokens can result in revocation bypass ...

asked Jun 2, 2016 in openstack-announce by Morgan_Fainberg (17,320 points)   2 4 9
 
0 votes
1 response 5 views

Hi, The OpenStack Stable Maintenance team is happy to announce the release of the 2015.1.4 stable Kilo release. We have been busy reviewing and accepting backported bugfixes to the stable/kilo branches according to the criteria set at: ...

asked May 10, 2016 in openstack-announce by Dave_Walker (3,660 points)   1 4
 
0 votes
0 responses 6 views

I started writing this on a plane on the way home from Austin, TX where we just finished up the Newton design summit for OpenStack, and finished it a few days later - please excuse any weirdness in syntax or flow :) 6 Months On: Where are ...

asked May 9, 2016 in openstack-dev by graham.hayes_at_hpe. (6,780 points)   1 2 2
0 votes
0 responses 16 views

We are pumped to announce the release of: nova 12.0.3: Cloud computing fabric controller This release is part of the liberty stable release series. For more details, please see below. 12.0.3 ^^^^^^ Security Issues * [OSSA 2016-007] Host ...

asked Apr 14, 2016 in openstack-announce by no-reply_at_openstac (33,960 points)   2 14 30
...