Comment 21 for bug 1400966

Revision history for this message
Tristan Cacqueray (tristan-cacqueray) wrote : Re: Glance allows users to download and delete any file in glance-api server

@Grant, the affected version may be too broad, the bug might have been introduced by https://review.openstack.org/#/c/35134/ which was not merged before 2013.2. And as we don't support Havana anymore I think the version line should be:

Versions: up to 2014.1.3 and 2014.2 version up to 2014.2.1

Also while the leak seems to happens on the glance-api server, shouldn't we also consider registry and storage node to be likely affected as well ?