[Openstack-security] [Bug 1404862] Re: Horizon SSL configuration vulnerable
Darren Birkett
1404862 at bugs.launchpad.net
Wed Jan 14 13:06:57 UTC 2015
** Tags removed: juno-backport-potential
** Also affects: openstack-ansible/juno
Importance: Undecided
Status: New
** Also affects: openstack-ansible/icehouse
Importance: Undecided
Status: New
** Changed in: openstack-ansible/juno
Importance: Undecided => Critical
** Changed in: openstack-ansible/icehouse
Importance: Undecided => Critical
** Changed in: openstack-ansible/juno
Status: New => In Progress
** Changed in: openstack-ansible/icehouse
Assignee: (unassigned) => Darren Birkett (darren-birkett)
** Changed in: openstack-ansible/juno
Assignee: (unassigned) => Darren Birkett (darren-birkett)
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1404862
Title:
Horizon SSL configuration vulnerable
Status in Ansible playbooks for deploying OpenStack:
Fix Committed
Status in openstack-ansible icehouse series:
In Progress
Status in openstack-ansible juno series:
In Progress
Bug description:
Currently the Apache configuration for Horizon is very simple and
therefore vulnerable to various forms of SSL and TLS attack vectors.
The Qualys SSL test on the default setup results in a C grading. In
order to ensure that best practices are implemented and anyone using
os-ansible-deployment has a secure by default setup, this needs to be
addressed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/openstack-ansible/+bug/1404862/+subscriptions
More information about the Openstack-security
mailing list