[Openstack-security] [OSSG] DRAFT: Security Note: Keystone Resource Exhaustion without HTTP POST limiting
Thierry Carrez
thierry at openstack.org
Tue Apr 23 08:37:28 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Kurt Seifried wrote:
> So if it's ok with you guys I'd like to make sure that all
> OpenStack security issues get CVE's assigned regardless of whether
> or not they are going to be fixed in code (e.g. addressed with a
> security note, maybe a config change, a documentation change,
> whatever).
Makes sense to me.
- --
Thierry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCAAGBQJRdkhIAAoJEFB6+JAlsQQjdtUQAJvH6RRZVpklkTyhUevJE2cg
ppKf4B4CDb/c5fkPc8efwNDNNF9n5cnw3xCMq8yQ9jShEesWphPynUPtjVAYbBbg
LTO3fBjJsDkkAKlZgkHjuMm3j2buNqOYqLhZ+r683l8TSG4QcDuO+I5mIcet3G0g
kHfW0+FVlW0ZIelwBhL9ovt4wOQHpurqCX3ON9B3wj6UlgEP4yExw8R76R9tLRn2
+BCjWo4nVHy04F8FfQ1ojkIiOqdnLUtwsUXkSSj/pKytYzJKhfON2nBZDHklrlTN
KjxsSnCfdlsJ4jTm6Bi5mK9CDyc2PAks/nxPBwiTZO4gA+zuaL1lGRELy80Db90u
yKYxZAJVfmOW6fFBXcmnNsZQ0PBXHFE1wyyEuzXxGY0jtX0jHdrRxG2Lgxzxbray
wCSGizb4a2duD0YkHgc07V5JqihamXwnvMu7Vxs37K7gfmCQjtBAagupVyWqRhNF
f7qXntOHQFKijcHJosN09zd5fXX0vEBYrb/DV2YlnMdxmJ5Q5ap3ZxoCtQaO7K3d
6DO7DlMGbGM9V/dlp/I9h5uPUTjsL3PYRTGlZaHp7oCe1PR02KMT7y4eGUta01nw
5mdTk2ExeCZ+GZ6HnsM6abhEqTQ07Nv9kjIZNUMTdo3NFi6OAHz6LuG4hhcloFGW
CeeSWT3uJDpx3RemOXaC
=mjLd
-----END PGP SIGNATURE-----
More information about the Openstack-security
mailing list