[Openstack-security] [openstack/cinder] SecurityImpact review request change I4799c2c5376fb54e5ebbdc4f9b6a1c526e7b8a8b
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Mar 11 15:26:44 UTC 2014
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/77346
Log:
commit 2c9a1132adf70e434e07e9c099d5a59347a95655
Author: Daniel Gollub <d.gollub at telekom.de>
Date: Sat Feb 22 21:37:59 2014 +0100
Replace HTTPSConnection in zadara driver
Replace HTTPSConnection in zadara driver with Requests.
SSL Verification is from now on enabled by default.
This changes the default behaviour and is the primary intention of this
change: verify SSL certificates.
This might break existing configuration/setups where the SSL certificate
used by the SAN would not pass the verification.
Old behaviour can be forced by using `san_ssl_insecure=True`.
SecurityImpact
DocImpact
Partial-Bug: 1188189
Change-Id: I4799c2c5376fb54e5ebbdc4f9b6a1c526e7b8a8b
More information about the Openstack-security
mailing list