Glance

  1. Bug #1135541
  2. Comment #32

Comment 32 for bug 1135541

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to glance (stable/essex)

Reviewed: https://review.openstack.org/24439
Committed: http://github.com/openstack/glance/commit/74b067df9726f9cf3e6e17e248719794a6ee0745
Submitter: Jenkins
Branch: stable/essex

commit 74b067df9726f9cf3e6e17e248719794a6ee0745
Author: Stuart McLaren <email address hidden>
Date: Thu Mar 14 14:22:00 2013 +0000

    Do not return location in headers

    In some cases credentials were being leaked when downloading a cached
    v1 image.

    Fixes bug 1135541, CVE-2013-1840

    Change-Id: Ib16ad40d3ea1c642384053be54ce029c386d7ea6