Alon, which commit in particular makes this available in Juno? -- You received this bug notification because you are a member of OpenStack Security Group, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1372643 Title: MITM vulnerability with XIV driver Status in Cinder: Triaged Status in OpenStack Security Advisories: Won't Fix Bug description: The XIV driver in Juno appears to blindly trust whatever certificate it gets back from the device without any validation. This would leave it open to a MITM attack. To manage notifications about this bug go to: https://bugs.launchpad.net/cinder/+bug/1372643/+subscriptions