using glance v2 api does not remove temporary files
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Expired
|
Undecided
|
Unassigned | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Currently if you are using Glance v2 with TemporaryUpload
The issue is that if Glance v2 is used, the code never calls image_update which is responsible for deleting the temporary file.
https:/
https:/
Either the function image_update should always be called, or if data is a TemporaryUpload
description: | updated |
Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.