[Openstack-security] [Bug 1534299] Fix proposed to python-keystoneclient (stable/kilo)

OpenStack Infra 1534299 at bugs.launchpad.net
Mon Jan 18 23:41:39 UTC 2016


Fix proposed to branch: stable/kilo
Review: https://review.openstack.org/269368

-- 
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1534299

Title:
  keystoneclient needs to mark secret config options

Status in keystoneauth:
  Fix Released
Status in OpenStack Security Advisory:
  Won't Fix
Status in python-keystoneclient:
  Fix Released

Bug description:
  oslo_config allows marking config options such as password as
  "secret", such that when/if the config options are logged they're
  masked out of the logs.

  keystoneclient defines several options for auth plugins that should be
  secret but are not, such as the user's password in the identity, oidc,
  and saml2 plugins.

  I don't know if these really need to be private security but might as
  well start out that way.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystoneauth/+bug/1534299/+subscriptions




More information about the Openstack-security mailing list