OpenStack Compute (nova)

In Nova, conf_key_manager logs encryption key value

Bug #1806471 reported by David Hill
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Fix Released
Undecided
David Hill

Bug Description

the value of the encryption key is logged. that value is sensitive and should not be logged.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/621684

Changed in nova:
assignee: nobody → David Hill (david-hill-ubisoft)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/rocky)

Fix proposed to branch: stable/rocky
Review: https://review.openstack.org/623507

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.openstack.org/623509

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/pike)

Fix proposed to branch: stable/pike
Review: https://review.openstack.org/623510

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (master)

Reviewed: https://review.openstack.org/621684
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=37a036672e459b0d83b7b91120c8ec40e3759190
Submitter: Zuul
Branch: master

commit 37a036672e459b0d83b7b91120c8ec40e3759190
Author: David Hill <email address hidden>
Date: Mon Dec 3 14:39:51 2018 -0500

    Add secret=true to fixed_key configuration parameter

    Add secret=true to fixed_key configuration parameter as that value
    shouldn't be logged.

    Change-Id: Ie6da21e8680b2deb6b1da3add31cd725ba855c1c
    Closes-Bug: #1806471

Changed in nova:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/queens)

Reviewed: https://review.openstack.org/623509
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=33dc9f7bbd4ceecf2a590a30e6df034a32a31597
Submitter: Zuul
Branch: stable/queens

commit 33dc9f7bbd4ceecf2a590a30e6df034a32a31597
Author: David Hill <email address hidden>
Date: Mon Dec 3 14:39:51 2018 -0500

    Add secret=true to fixed_key configuration parameter

    Add secret=true to fixed_key configuration parameter as that value
    shouldn't be logged.

    Change-Id: Ie6da21e8680b2deb6b1da3add31cd725ba855c1c
    Closes-Bug: #1806471
    (cherry picked from commit 37a036672e459b0d83b7b91120c8ec40e3759190)
    (cherry picked from commit 7ef3304b12e2a6a89cfedc99e09b214ae6de3d7a)

tags: added: in-stable-queens
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/pike)

Reviewed: https://review.openstack.org/623510
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=44e2ecd8e1b5b11e3ff06344a97032b7da510624
Submitter: Zuul
Branch: stable/pike

commit 44e2ecd8e1b5b11e3ff06344a97032b7da510624
Author: David Hill <email address hidden>
Date: Mon Dec 3 14:39:51 2018 -0500

    Add secret=true to fixed_key configuration parameter

    Add secret=true to fixed_key configuration parameter as that value
    shouldn't be logged.

    Change-Id: Ie6da21e8680b2deb6b1da3add31cd725ba855c1c
    Closes-Bug: #1806471
    (cherry picked from commit 37a036672e459b0d83b7b91120c8ec40e3759190)
    (cherry picked from commit 7ef3304b12e2a6a89cfedc99e09b214ae6de3d7a)
    (cherry picked from commit 33dc9f7bbd4ceecf2a590a30e6df034a32a31597)

tags: added: in-stable-pike
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/rocky)

Reviewed: https://review.openstack.org/623507
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=7ef3304b12e2a6a89cfedc99e09b214ae6de3d7a
Submitter: Zuul
Branch: stable/rocky

commit 7ef3304b12e2a6a89cfedc99e09b214ae6de3d7a
Author: David Hill <email address hidden>
Date: Mon Dec 3 14:39:51 2018 -0500

    Add secret=true to fixed_key configuration parameter

    Add secret=true to fixed_key configuration parameter as that value
    shouldn't be logged.

    Change-Id: Ie6da21e8680b2deb6b1da3add31cd725ba855c1c
    Closes-Bug: #1806471
    (cherry picked from commit 37a036672e459b0d83b7b91120c8ec40e3759190)

tags: added: in-stable-rocky
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova 18.1.0

This issue was fixed in the openstack/nova 18.1.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova 16.1.7

This issue was fixed in the openstack/nova 16.1.7 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova 17.0.9

This issue was fixed in the openstack/nova 17.0.9 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova 19.0.0.0rc1

This issue was fixed in the openstack/nova 19.0.0.0rc1 release candidate.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.