@Dolph: Thanks for the great analysis. I suspect you'd find a higher failure rate if you change the ratio of requests. When I tested using the clients I used 1 endlessly looping user client and 5 admin clients, and saw the bug a few times per second.
@Thierry: I'm running Havana. I always forget to mention that...
I would list the OpenStack services/versions affected too. Most of the other projects except Ceilometer [1] seem to be patching thread already (at least on master). We don't have memcache enabled for Ceilometer so I can't check whether it is vulnerable in practice.
@Dolph: Thanks for the great analysis. I suspect you'd find a higher failure rate if you change the ratio of requests. When I tested using the clients I used 1 endlessly looping user client and 5 admin clients, and saw the bug a few times per second.
@Thierry: I'm running Havana. I always forget to mention that...
@Tristan /github. com/openstack/ python- keystoneclient/ commit/ 7920899af119d16 97c333d202ca327 2f167c19b0
I think this has been an issue since 0.2.0 (and before that the code was in Keystone itself):
https:/
I would list the OpenStack services/versions affected too. Most of the other projects except Ceilometer [1] seem to be patching thread already (at least on master). We don't have memcache enabled for Ceilometer so I can't check whether it is vulnerable in practice.
[1] https:/ /github. com/openstack/ ceilometer/ search? q=monkey_ patch&type= Code