[Openstack-security] [Bug 1201534] [NEW] heat.common.urlfetch does not validate server SSL certificates
Clint Byrum
clint at fewbar.com
Mon Jul 15 18:08:38 UTC 2013
Public bug reported:
urllib2 is not considered "safe" for SSL communications. It does nothing
to validate the server SSL certificate.
We should migrate to requests, which has become common in OpenStack.
** Affects: heat
Importance: High
Status: Triaged
** Tags: security
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1201534
Title:
heat.common.urlfetch does not validate server SSL certificates
Status in Orchestration API (Heat):
Triaged
Bug description:
urllib2 is not considered "safe" for SSL communications. It does
nothing to validate the server SSL certificate.
We should migrate to requests, which has become common in OpenStack.
To manage notifications about this bug go to:
https://bugs.launchpad.net/heat/+bug/1201534/+subscriptions
More information about the Openstack-security
mailing list