EC2 error response does no XML escaping
Bug #978439 reported by
Joshua Harlow
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Andrew James |
Bug Description
When an error happens in EC2 (or in openestack) a function called ec2_error is used, this creates a xml body of which none of the variables used in its content are xml escaped. This could be bad....
Changed in nova: | |
milestone: | none → folsom-rc1 |
Changed in nova: | |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | folsom-rc1 → 2012.2 |
To post a comment you must log in.
Adding security since this may have some interesting potential.