Open Stack

Thu Oct 9 13:18:38 UTC 2014

Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/127203

Log:
commit d90a19e99f1b75b9fb8b9f65d64a0e97bc06d102
Author: Sylvain Bauza <sbauza at redhat.com>
Date:   Mon Sep 29 13:33:50 2014 +0200

    Fix unsafe SSL connection on TrustedFilter

    TrustedFilter was using httplib which doesn't check for CAs.
    Here the change is using Requests and verifies local CAs by default (or another
    one if provided)
    This effort is related to CVE 2013-2255.

    SecurityImpact

    Closes-Bug: #1373993
    (cherry picked from commit 30871e8702737edbbfbcbbb5f21858873b37685c)

    Conflicts:
    	nova/tests/scheduler/test_host_filters.py

    Change-Id: I0b8e6319a4cc39876b1e396ef705f0fc5def1e44

Open Stack

[Openstack-security] [openstack/nova] SecurityImpact review request change I0b8e6319a4cc39876b1e396ef705f0fc5def1e44

OpenStack

Community

Documentation

Branding & Legal