Please help the OpenStack Vulnerability Management Team by taking a
look at the following reports:
Metadata iptables rules never inserted upon exception on router
creation
https://launchpad.net/bugs/1735724
Neutron RBAC not working for multiple extensions
https://launchpad.net/bugs/1784259
tenant isolation is bypassed if port admin-state-up=false
https://launchpad.net/bugs/1798904
non-IP ethertypes are permitted with iptables_hybrid firewall
driver
https://launchpad.net/bugs/1838473
RA Leak on tenant network
https://launchpad.net/bugs/1844712
Anti-spoofing bypass
https://launchpad.net/bugs/1884341
Anti-spoofing bypass using Open vSwitch
https://launchpad.net/bugs/1902917
Can these be exploited by a nefarious actor, and if so, how? Are
they likely to be fixable in all our supported stable branches,
respecting stable backport policy? What deployment configurations
and options might determine whether a particular installation is
susceptible? This is the sort of feedback we depend on to make
determinations regarding whether and how to keep the public
notified, so they can make informed decisions.
Thanks for doing your part to keep our users safe!
--
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20210218/b19b13af/attachment.sig>