Comment 21 for bug 1916926
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: Glance leaks namespace existence to unauthorized users | #21 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
So I think the following set of tasks need to happen all at roughly the same time:
0. Pick the next OSSN number in sequence... looks like that should be OSSN-0088.
1. I will update this bug to Public Security, setting the security task Won't Fix and adding a security note bugtask assigned to Abhishek; I'll also remove the embargo preamble from the bug description and add [OSSN-0088] as a prefix on the title.
2. Abhishek (preferably) sends a copy of the security note from comment #13 to the openstack-announce mailing list with openstack-discuss in Cc (remember to prefix the subject with [OSSN-0088] when you do).
3. Someone paste a copy of the same into https:/
4. I'll approve Abhishek's message through the openstack-announce moderation queue.
5. Someone pushes the default change for the master branch of openstack/glance to Gerrit for review.
Does this sound like a reasonable plan? If so, I'm ready to do #1 when Abhishek is ready to send the message for #2.