Launchpad CVE tracker

CVE 2013-0212

store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive information by reading the error messages.

Related bugs and status

CVE-2013-0212 (Candidate) is related to these bugs:

Bug #1089488: Meta bug for tracking Openstack Stable Updates

		In	Importance	Status
1089488	Meta bug for tracking Openstack Stable Updates	nova (Ubuntu)	Undecided	Invalid
1089488	Meta bug for tracking Openstack Stable Updates	horizon (Ubuntu)	Undecided	Invalid
1089488	Meta bug for tracking Openstack Stable Updates	keystone (Ubuntu)	Undecided	Invalid
1089488	Meta bug for tracking Openstack Stable Updates	horizon (Ubuntu Precise)	Undecided	Fix Released
1089488	Meta bug for tracking Openstack Stable Updates	keystone (Ubuntu Precise)	Undecided	Fix Released
1089488	Meta bug for tracking Openstack Stable Updates	nova (Ubuntu Precise)	Undecided	Fix Released
1089488	Meta bug for tracking Openstack Stable Updates	glance (Ubuntu)	Undecided	Fix Released

Bug #1098962: [OSSA 2013-002] glance image-download can display backend Swift password

		In	Importance	Status
1098962	[OSSA 2013-002] glance image-download can display backend Swift password	Glance	High	Fix Released
1098962	[OSSA 2013-002] glance image-download can display backend Swift password	Glance essex	High	Fix Committed
1098962	[OSSA 2013-002] glance image-download can display backend Swift password	Glance folsom	High	Fix Released
1098962	[OSSA 2013-002] glance image-download can display backend Swift password	Glance grizzly	High	Fix Released
1098962	[OSSA 2013-002] glance image-download can display backend Swift password	OpenStack Security Advisory	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-0212

References