Glance

Glance sends full tracebacks to the client on 500 errors

Bug #1192132 reported by Paul Bourke on 2013-06-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Glance	Fix Released	Undecided	Paul Bourke	Glance 2013.2 "havana"

Bug Description

eventlet.wsgi.server contains a "debug" param which is True by default.
This sends tracebacks to the client on 500 errors, which is not desirable for security reasons. This should be set to False by default.

OpenStack Infra (hudson-openstack) on 2013-06-18

Changed in glance:
assignee:	nobody → Paul Bourke (pauldbourke)
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-06-24: Fix merged to glance (master)

Reviewed: https://review.openstack.org/33307
Committed: http://github.com/openstack/glance/commit/33fc21a81526029d0c50ef82d744250ff1a99b42
Submitter: Jenkins
Branch: master

commit 33fc21a81526029d0c50ef82d744250ff1a99b42
Author: Paul Bourke <email address hidden>
Date: Mon Jun 17 16:12:59 2013 +0000

Do not send traceback to clients by default

    eventlet.wsgi.server contains a "debug" param which is True by default.
    This sends tracebacks to the client on 500 errors, which is not
    desirable for security reasons.

Set this to be False by default.

Fixes bug 1192132

Change-Id: Ib54fb79128c6922f7a38339c4256f0e4c81e1665

Changed in glance:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2013-07-17

Changed in glance:
milestone:	none → havana-2
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2013-10-17

Changed in glance:
milestone:	havana-2 → 2013.2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.