Parameters to "create" are not validated in heat-cfn-api
Bug #1317667 reported by
Zane Bitter
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Heat |
Fix Released
|
Critical
|
andersonvom |
Bug Description
The change https:/
This could a major security hole, since it allows users to pass arbitrary arguments to the constructor of parser.Stack.
Changed in heat: | |
status: | In Progress → Triaged |
assignee: | Zane Bitter (zaneb) → nobody |
assignee: | nobody → Jason Dunsmore (jasondunsmore) |
milestone: | none → juno-1 |
Changed in heat: | |
status: | Triaged → In Progress |
no longer affects: | ossa |
Changed in heat: | |
assignee: | Jason Dunsmore (jasondunsmore) → andersonvom (andersonvom) |
Changed in heat: | |
status: | Fix Committed → Fix Released |
Changed in heat: | |
milestone: | juno-1 → 2014.2 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/92919
Review: https:/