Joyent provider uploads user's private ssh key by default
Bug #1415671 reported by
Tim Penhey
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
juju-core |
Fix Released
|
High
|
Nate Finch |
Bug Description
By default, the joyent provider uploads the user's private ssh key. We shouldn't do this.
We should default to registering a new ssh key and have one for the sole purpose of dealing with joyent.
CVE References
Changed in juju-core: | |
assignee: | Ian Booth (wallyworld) → nobody |
Changed in juju-core: | |
assignee: | nobody → Nate Finch (natefinch) |
milestone: | none → 1.23 |
Changed in juju-core: | |
milestone: | 1.23 → 1.23-beta1 |
importance: | High → Critical |
Changed in juju-core: | |
status: | Triaged → In Progress |
Changed in juju-core: | |
status: | In Progress → Fix Committed |
Changed in juju-core: | |
importance: | Critical → High |
Changed in juju-core: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
This is CVE-2015-1316