yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1748512] Re: web-download is subject to same port scan vulnerability as v1 copy_from

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1748512@xxxxxxxxxxxxxxxxxx>
Date: Thu, 15 Feb 2018 19:09:55 -0000
Reply-to: Bug 1748512 <1748512@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.openstack.org/542956
Committed: https://git.openstack.org/cgit/openstack/glance/commit/?id=1591f573ae20037c8b87ca6c331e8e5ce4f77a0a
Submitter: Zuul
Branch:    master

commit 1591f573ae20037c8b87ca6c331e8e5ce4f77a0a
Author: Erno Kuvaja <jokke@xxxxxx>
Date:   Fri Feb 9 13:18:19 2018 +0000

    URI filtering for web-download
    
    Implement URI filtering to prevent port scanning with the web-download
    Image import method.
    
    Closes-Bug: #1748512
    
    Change-Id: Ide5ace8979bb12239c99a312747b3151c1e64ce8


** Changed in: glance
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1748512

Title:
  web-download is subject to same port scan vulnerability as v1
  copy_from

Status in Glance:
  Fix Released

Bug description:
  The feature is currently at parr with v1 copy_from which means
  https://bugs.launchpad.net/glance/+bug/1606495 does apply as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1748512/+subscriptions

References

[Bug 1748512] [NEW] web-download is subject to same port scan vulnerability as v1 copy_from
From: Erno Kuvaja, 2018-02-09