Restrict Memcached to only work on TCP and internal_api network.
The restriction is made at the application and firewall levels.
It will prevent DDoS amplification attacks using memcached.
Change-Id: I8fb81d7f3938b04ff7652e30de35a1ec23ae723d
Related-Bug: #1754607
(cherry picked from commit 1d16ceb5fbd4422571c4f0606c84951f3f3d2353)
Reviewed: https:/ /review. openstack. org/551380 /git.openstack. org/cgit/ openstack/ tripleo- heat-templates/ commit/ ?id=8fb9ff784da 9b317b5d32b6d51 b649c5930baeab
Committed: https:/
Submitter: Zuul
Branch: stable/queens
commit 8fb9ff784da9b31 7b5d32b6d51b649 c5930baeab
Author: Emilien Macchi <email address hidden>
Date: Fri Mar 9 11:22:37 2018 +0100
[CVE- 2018-1000115] memcached: restrict to TCP & internal_api network
https:/ /access. redhat. com/security/ cve/cve- 2018-1000115
Restrict Memcached to only work on TCP and internal_api network.
The restriction is made at the application and firewall levels.
It will prevent DDoS amplification attacks using memcached.
Change-Id: I8fb81d7f3938b0 4ff7652e30de35a 1ec23ae723d 571c4f0606c8495 1f3f3d2353)
Related-Bug: #1754607
(cherry picked from commit 1d16ceb5fbd4422