Glance

Comment 31 for bug 1135541

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-03-14: Fix merged to glance (stable/folsom)

#31

commit dd849a9be540bedd4fd904cc0b86ccd9c3e34af2
Author: Stuart McLaren <email address hidden>
Date: Thu Mar 14 13:43:36 2013 +0000

Do not return location in headers

In some cases credentials were being leaked when downloading a cached
v1 image.

Fixes bug 1135541, CVE-2013-1840

Change-Id: I3ec0a8f484fe1bdc32c3c56fce810fcef347a7f6