web-download is subject to same port scan vulnerability as v1 copy_from
Bug #1748512 reported by
Erno Kuvaja
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Glance |
Fix Released
|
Critical
|
Erno Kuvaja |
Bug Description
The feature is currently at parr with v1 copy_from which means https:/
Changed in glance: | |
importance: | Undecided → Critical |
assignee: | nobody → Erno Kuvaja (jokke) |
milestone: | none → queens-rc2 |
Changed in glance: | |
status: | New → In Progress |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/542956 /git.openstack. org/cgit/ openstack/ glance/ commit/ ?id=1591f573ae2 0037c8b87ca6c33 1e8e5ce4f77a0a
Committed: https:/
Submitter: Zuul
Branch: master
commit 1591f573ae20037 c8b87ca6c331e8e 5ce4f77a0a
Author: Erno Kuvaja <email address hidden>
Date: Fri Feb 9 13:18:19 2018 +0000
URI filtering for web-download
Implement URI filtering to prevent port scanning with the web-download
Image import method.
Closes-Bug: #1748512
Change-Id: Ide5ace8979bb12 239c99a312747b3 151c1e64ce8