Reviewed: https://review.openstack.org/194290 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=3b9ae165f7f93424b489bfb992f935d5d5e749f2 Submitter: Jenkins Branch: stable/juno commit 3b9ae165f7f93424b489bfb992f935d5d5e749f2 Author: Joe Gordon <joe.gordon0 at gmail.com> Date: Mon May 4 11:19:33 2015 -0700 Mark ironic credential config as secret Mark ironic credentials as secret so we don't log the values. Detected with bandit while testing out: I3026b81317f0a6322acfc94784899a7453af586f Change-Id: Icfd13b3294a9fa0881a5ab01f50864ebcbce393e Closes-Bug: #1451931 ** Changed in: nova/juno Status: New => Fix Committed -- You received this bug notification because you are a member of OpenStack Security, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1451931 Title: ironic password config not marked as secret Status in OpenStack Compute (Nova): Fix Released Status in OpenStack Compute (nova) juno series: Fix Committed Status in OpenStack Compute (nova) kilo series: Fix Committed Status in OpenStack Security Advisories: Won't Fix Status in OpenStack Security Notes: New Bug description: The ironic config option for the password and auth token are not marked as secret so the values will get logged during startup in debug mode. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1451931/+subscriptions