Comment 12 for bug 1489749

Title: Wrong staticweb middleware order in Swift proxy Puppet configuration
Reporter: Christian Schwede
Products: openstack/puppet-swift
Affects: Icehouse, Juno, Kilo, Trunk (Liberty)

Description:
Christian Schwede reported a vulnerability in openstack/puppet-swift by configuring puppet-swift to enable staticweb middleware. The current state of the module is that it configures the middleware in the wrong place so private Swift containers might be public readable with data stored in it.
Only setups where staticweb middleware is explicitly enabled are affected.