[Openstack-operators] [Openstack] [OSSA 2014-031] Admin-only network attributes may be reset to defaults by non-privileged users (CVE-2014-6414)

Jeremy Stanley fungi at yuggoth.org
Mon Sep 29 22:55:36 UTC 2014

On 2014-09-29 21:59:32 +0300 (+0300), George Shuklin wrote:
> Means no fixes for havana?

Yes, that should have just said "Versions: up to 2014.1.2" as havana
is already past the end of support from the OpenStack vulnerability
management team and stable branch managers. I'm presently working on
the patches to our CI to tear out testing for it, and the
stable/havana branches of all our projects will most likely be
tagged "havana-eol" and deleted some time this week.
Jeremy Stanley

More information about the OpenStack-operators mailing list