Restrict Memcached to only work on TCP and internal_api network.
The restriction is made at the application and firewall levels.
It will prevent DDoS amplification attacks using memcached.
Change-Id: I8fb81d7f3938b04ff7652e30de35a1ec23ae723d
Related-Bug: #1754607
(cherry picked from commit 1d16ceb5fbd4422571c4f0606c84951f3f3d2353)
Reviewed: https:/ /review. openstack. org/551382 /git.openstack. org/cgit/ openstack/ tripleo- heat-templates/ commit/ ?id=2b37b726aae 2c3c8351d95de7d 2a401f19467556
Committed: https:/
Submitter: Zuul
Branch: stable/pike
commit 2b37b726aae2c3c 8351d95de7d2a40 1f19467556
Author: Emilien Macchi <email address hidden>
Date: Fri Mar 9 11:22:37 2018 +0100
[CVE- 2018-1000115] memcached: restrict to TCP & internal_api network
https:/ /access. redhat. com/security/ cve/cve- 2018-1000115
Restrict Memcached to only work on TCP and internal_api network.
The restriction is made at the application and firewall levels.
It will prevent DDoS amplification attacks using memcached.
Change-Id: I8fb81d7f3938b0 4ff7652e30de35a 1ec23ae723d 571c4f0606c8495 1f3f3d2353)
Related-Bug: #1754607
(cherry picked from commit 1d16ceb5fbd4422