Cinder

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #1823200
Comment #110

Comment 110 for bug 1823200

Revision history for this message

Corey Bryant (corey.bryant) wrote on 2020-07-08:

#110

This bug was fixed in the package cinder - 2:14.1.0-0ubuntu1~cloud0
---------------

cinder (2:14.1.0-0ubuntu1~cloud0) bionic-stein; urgency=medium
.
   [ Chris MacNaughton ]
   * New stable point release for OpenStack Stein (LP: #1884028).
.
   [ Corey Bryant ]
   * SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
     (LP: #1823200)
     - Remove VxFlex OS credentials from connection_properties. Passwords are
       now stored in separate file and are retrieved during each attach/detach
       operation. Cinder is patched in 14.1.0 stable point release.
     - d/control: Align (Build-)Depends with min version of python3-os-brick
       required to fix credential exposure.
     - CVE-2020-10755