[Openstack-security] [openstack/keystone] SecurityImpact review request change I82d00898ee2b28aad1ace7554a436cf7125d631c
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Sep 22 00:47:08 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/226110
Log:
commit df2bd8cb3e9b69aa3bbf32a4ccca62abc41d2e11
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Mon Sep 21 18:00:28 2015 -0500
Log message when debug is enabled
Operators may not realize that when debug is enabled that keystone
will return extra, potentially sensitive, data in error responses.
Operators should at least be warned that this will happen.
SecurityImpact
Change-Id: I82d00898ee2b28aad1ace7554a436cf7125d631c
More information about the Openstack-security
mailing list