Open Stack

On Wed, Jun 4, 2014 at 10:24 AM, Thierry Carrez <thierry at openstack.org> wrote:
> Alan Pevec wrote:
>> 2014-06-03 15:04 GMT+02:00 Kyle Mestery <kmestery at cisco.com>:
>>>> https://review.openstack.org/96919
>>>> https://review.openstack.org/96920
>>
>>> These actually just landed in master last week. They close a long
>>> standing “High” priority bug reported by the TripleO folks. The failures
>>> are likely due to this issue [1], which may have been uncovered due to
>>> this tempest change [2]. That’s the theory we’re working on now, hopefully
>>> we’ll have this diagnosed a bit better soon.
>>>
>>> So, if we can get these two bugs into the next stable/icehouse release,
>>> I know the TripleO folks would at least be happy. But if they slip into a
>>> subsequent release, maybe that’s ok as well.
>>
>> Could you expand on "including obvious security reasons" from the
>> commit message in 96919 ?
>> I've added "security" tag to
>> https://bugs.launchpad.net/neutron/+bug/1290486 and if that's really
>> the issue, exception is justified to include those patches into
>> 2014.1.1.
>
> I suspect Kyle means that the failure triggered by this bug has security
> consequences. I think that would be a good addition to the 2014.1.1
> stable release mix.
>
Yes, what Thierry says is exactly correct. The failure trigged by this
leaves a possibly large security hole. Getting these into 2014.1.1
would be great if possible! Like I said, we're still working the gate
failures around "ssh timeouts" which are occuring now, and those have
affected these patches.

Thanks,
Kyle

> --
> Thierry Carrez (ttx)
>
> _______________________________________________
> Openstack-stable-maint mailing list
> Openstack-stable-maint at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint