← Back to team overview

cloud-init team mailing list archive

cloud-init security bugs

 

Hi,

Earlier this week there were four security bugs [1][2][3][4] reported
against cloud-init. These were a result of IBM passing cloud-init
through their code analysis tool. I want to thank them for taking the
time to do the scan and filing bugs for any issue found. This was a good
opportunity for us to test out our proposed security process.

After reviewing the reports we did not feel any of the issues were
security issues. All bugs are now marked public and have comments added
providing analysis.

If there are any further questions or concerns please feel free to reach
out in each of the bugs or here. We are still working on finalizing the
security process and will post an update in the coming weeks.

Thanks,
Josh

[1] https://bugs.launchpad.net/bugs/1848290
[2] https://bugs.launchpad.net/bugs/1848291
[3] https://bugs.launchpad.net/bugs/1848293
[4] https://bugs.launchpad.net/bugs/1848297
-- 
Ubuntu Server Engineering Manager
Canonical Ltd.