Openstack Security Notice: OSSN-0090: glance configuration with COW backends
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Low
|
Lucas de Ataides Barreto |
Bug Description
Brief Description
-----------------
There is a new Openstack security notice: https:/
Checking the glance-api.conf file was confirmed that this is a security note that affects the current starlingx configuration, so we need to follow the proposed steps to secure it or review our use of "show_image_
Severity
---------
Medium: Security Issue
Steps to Reproduce
------------------
N/A
Expected Behavior
-----------------
N/A
Actual Behavior
-----------------
N/A
Reproducibility
-----------------
Reproducible
System Configuration
-----------------
N/A
Load info (eg: 2022-03-
-----------------
stx main branch
Last Pass
---------
N/A
Timestamp/Logs
--------------
$ kubectl -n openstack exec -it glance-
$ cat /etc/glance/
$ cat /etc/glance/
show_image_
Test Activity
-------------
Security vulnerabilities review
Workaround
----------
None
Changed in starlingx: | |
assignee: | nobody → Thales Elero Cervi (tcervi) |
status: | New → Triaged |
importance: | Undecided → Medium |
tags: | added: stx.distro.openstack |
tags: | added: stx.8.0 |
tags: | added: stx.security |
Changed in starlingx: | |
importance: | Medium → Low |
tags: | removed: stx.8.0 |
information type: | Public → Public Security |
Changed in starlingx: | |
assignee: | Thales Elero Cervi (tcervi) → Lucas de Ataides Barreto (ldeataid) |
tags: | added: stx.9.0 |
Fix proposed to branch: master /review. opendev. org/c/starlingx /openstack- armada- app/+/899419
Review: https:/