yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #10573
[Bug 1275062] Re: [OSSA 2014-004] sensitive info in image location is logged when authentication to single tenant swift store fails (CVE-2014-1948)
** Changed in: glance
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1275062
Title:
[OSSA 2014-004] sensitive info in image location is logged when
authentication to single tenant swift store fails (CVE-2014-1948)
Status in OpenStack Image Registry and Delivery Service (Glance):
Fix Released
Status in Glance havana series:
Fix Released
Status in OpenStack Security Advisories:
Fix Released
Bug description:
WARNING glance.store [-] Get image <UUID> data from {'url':
u'swift+https://XXXXX@my_auth_url.com/v2.0/my-images/<uuid>,
'metadata': {}} failed: Auth GET failed: https://my_auth_url.com
RESP_CODE
19:13:05.027 ERROR glance.store [-] Glance tried all locations to get
data for image <UUID> but all have failed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1275062/+subscriptions