[OSSA 2016-002] xenapi: volume_utils._parse_volume_info can leak connection password via StorageError (CVE-2015-8749)
Bug #1572594 reported by
Vitaly Sedelnik
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mirantis OpenStack |
Fix Released
|
High
|
Alexey Stupnikov | ||
7.0.x |
Fix Released
|
High
|
Alexey Stupnikov | ||
8.0.x |
Invalid
|
High
|
Alexey Stupnikov | ||
9.x |
Fix Released
|
High
|
Alexey Stupnikov |
Bug Description
The upstream fix for https:/
Upstream patch https:/
CVE References
Changed in mos: | |
importance: | Undecided → High |
information type: | Public → Public Security |
Changed in mos: | |
milestone: | 7.0-updates → 7.0-mu-4 |
Changed in mos: | |
assignee: | MOS Maintenance (mos-maintenance) → Alexey Stupnikov (astupnikov) |
Changed in mos: | |
status: | Fix Committed → Fix Released |
tags: | added: feature-security |
To post a comment you must log in.
MOS 7.0 patch https:/ /review. fuel-infra. org/#/c/ 20545/