devstack

  1. Bug #1168252
  2. Comment #4

Comment 4 for bug 1168252

Revision history for this message
In , J-ago (j-ago) wrote :

From ${URL} :

A security flaw was found in the way Openstack Keystone (previously) performed management of LDAP
password and admin_token Keystone daemon configuration file values. A local attacker could use this
flaw to obtain sensitive information.

References:
[1] https://bugs.launchpad.net/keystone/+bug/1168252
[2] http://www.openwall.com/lists/oss-security/2013/04/19/2

Relevant upstream patch (Gerrit form):
[3] https://review.openstack.org/#/c/26826/