Comment 16 for bug 1247675
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: Persistent XSS in OpenStack Web UI for Instances | #16 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
Alan: If we take any "emergency" actions from an infra perspective, I'd rather see an emergency revert of all code depending on newer iso8601 (until it can be introduced in a safer manner) rather than an emergency bypass of all testing for security changes (this isn't the only one it's blocking, after all).
Kurt: Thanks! We had been holding off requesting a CVE until we had an accurate description of the actual vulnerability (since that has a tendency to evolve while patches are written and tested). If that's not necessary, I will be happy to start formally requesting them sooner and allow you to simply edit or reject them later as needed.