OpenStack + Chef

[dashboard] OSSN-0039 Prevent POODLE attacks

  1. Series icehouse
  2. Bug #1384438
Bug #1384438 reported by Mark Vanderwiel
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack + Chef
Fix Released
Critical
Mark Vanderwiel
Havana
Fix Released
Critical
Mark Vanderwiel
Icehouse
Fix Released
Critical
Mark Vanderwiel

Bug Description

See: https://wiki.openstack.org/wiki/OSSN/OSSN-0039

Add an attribute to dashboard to allow SSLProtocol selection, default to "All -SSLv2 -SSLv3 " as recommended.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to cookbook-openstack-dashboard (master)

Fix proposed to branch: master
Review: https://review.openstack.org/130350

Changed in openstack-chef:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to cookbook-openstack-dashboard (master)

Reviewed: https://review.openstack.org/130350
Committed: https://git.openstack.org/cgit/stackforge/cookbook-openstack-dashboard/commit/?id=f2f6bf0a36e8a7c2ceb278f3e48a2d21c06631c0
Submitter: Jenkins
Branch: master

commit f2f6bf0a36e8a7c2ceb278f3e48a2d21c06631c0
Author: Mark Vanderwiel <email address hidden>
Date: Wed Oct 22 15:18:37 2014 -0500

    OSSN-0039 Prevent POODLE attacks

    Allow SSL protocol attribute, default to only TLS.

    Change-Id: I58758e99ea1256aeefff27d441b0a527169829b5
    Closes-Bug: #1384438

Changed in openstack-chef:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to cookbook-openstack-dashboard (stable/icehouse)

Fix proposed to branch: stable/icehouse
Review: https://review.openstack.org/131166

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to openstack-chef-repo (stable/icehouse)

Related fix proposed to branch: stable/icehouse
Review: https://review.openstack.org/131168

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to cookbook-openstack-dashboard (stable/icehouse)

Reviewed: https://review.openstack.org/131166
Committed: https://git.openstack.org/cgit/stackforge/cookbook-openstack-dashboard/commit/?id=40de484ce72f1fa8ee37abb4392ef95bd11e337f
Submitter: Jenkins
Branch: stable/icehouse

commit 40de484ce72f1fa8ee37abb4392ef95bd11e337f
Author: Mark Vanderwiel <email address hidden>
Date: Wed Oct 22 15:18:37 2014 -0500

    OSSN-0039 Prevent POODLE attacks

    Allow SSL protocol attribute, default to only TLS.

    Change-Id: I61ecc68920ad72e49b68880f4b7977cd1a3c476b
    Closes-Bug: #1384438

tags: added: in-stable-icehouse
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to cookbook-openstack-dashboard (stable/grizzly)

Fix proposed to branch: stable/grizzly
Review: https://review.openstack.org/135627

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to cookbook-openstack-dashboard (stable/havana)

Fix proposed to branch: stable/havana
Review: https://review.openstack.org/135705

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to cookbook-openstack-dashboard (stable/havana)

Reviewed: https://review.openstack.org/135705
Committed: https://git.openstack.org/cgit/stackforge/cookbook-openstack-dashboard/commit/?id=0fe72f1fcf089db1ee4c3dc2be947e0e2b462d96
Submitter: Jenkins
Branch: stable/havana

commit 0fe72f1fcf089db1ee4c3dc2be947e0e2b462d96
Author: Mark Vanderwiel <email address hidden>
Date: Wed Nov 19 13:52:50 2014 -0600

    OSSN-0039 Prevent POODLE attacks

    Allow SSL protocol attribute, default to only TLS.
    Backport of Original Change-Id: I58758e99ea1256aeefff27d441b0a527169829b5
    to stable/havana

    Change-Id: I8feeae6fd19a8b0d9206178baccb75f84a89d419
    Closes-Bug: #1384438

tags: added: in-stable-havana
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on cookbook-openstack-dashboard (stable/grizzly)

Change abandoned by Mark Vanderwiel (<email address hidden>) on branch: stable/grizzly
Review: https://review.openstack.org/135627
Reason: No more changes going into the stable grizzly branch.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to openstack-chef-repo (stable/icehouse)

Reviewed: https://review.openstack.org/131168
Committed: https://git.openstack.org/cgit/stackforge/openstack-chef-repo/commit/?id=d84f04364ab2bf9e32e4389a2246761276945cc3
Submitter: Jenkins
Branch: stable/icehouse

commit d84f04364ab2bf9e32e4389a2246761276945cc3
Author: Mark Vanderwiel <email address hidden>
Date: Mon Oct 27 09:51:35 2014 -0500

    Update lock for dashboard, OpenStack security note OSSN-0039

    Change-Id: I30d6954067a07ddc9b9e689262fe05ad61145a07
    Related-Bug: #1384438

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/cookbook-openstack-dashboard ocata-eol

This issue was fixed in the openstack/cookbook-openstack-dashboard ocata-eol release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.