Horizon SSL configuration vulnerable
Bug #1404862 reported by
Jesse Pretorius
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
Critical
|
Jesse Pretorius | ||
Icehouse |
Fix Released
|
Critical
|
Darren Birkett | ||
Juno |
Fix Released
|
Critical
|
Darren Birkett |
Bug Description
Currently the Apache configuration for Horizon is very simple and therefore vulnerable to various forms of SSL and TLS attack vectors. The Qualys SSL test on the default setup results in a C grading. In order to ensure that best practices are implemented and anyone using os-ansible-
tags: | removed: juno-backport-potential |
Changed in openstack-ansible: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/143430
Review: https:/