[Openstack-security] [OSSG] DRAFT: Security Note: Keystone Resource Exhaustion without HTTP POST limiting
Christopher Ricker (chricker)
chricker at cisco.com
Tue Apr 23 12:47:47 UTC 2013
On 4/23/13 2:33 AM, "Kurt Seifried" <kseifried at redhat.com> wrote:
>
>So if it's ok with you guys I'd like to make sure that all OpenStack
>security issues get CVE's assigned regardless of whether or not they
>are going to be fixed in code (e.g. addressed with a security note,
>maybe a config change, a documentation change, whatever).
Request seconded -- this will be helpful for the various down streams
packaging OpenStack
More information about the Openstack-security
mailing list