[Openstack-security] [Bug 1451931] Re: ironic password config not marked as secret
Jeremy Stanley
fungi at yuggoth.org
Tue May 5 17:22:01 UTC 2015
In the past, the VMT has not considered info leaks in debug logs to
warrant an advisory. Reclassifying as security hardening.
** Information type changed from Public Security to Public
** Tags added: security
** Also affects: ossa
Importance: Undecided
Status: New
** Changed in: ossa
Status: New => Won't Fix
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1451931
Title:
ironic password config not marked as secret
Status in OpenStack Compute (Nova):
Triaged
Status in OpenStack Security Advisories:
Won't Fix
Bug description:
The ironic config option for the password and auth token are not
marked as secret so the values will get logged during startup in debug
mode.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1451931/+subscriptions
More information about the Openstack-security
mailing list