[Openstack-security] [Bug 938315] Re: [OSSA-2013-013] Updating password via keystoneclient CLI should be done securely
Jeremy Stanley
fungi at yuggoth.org
Tue Sep 22 14:28:19 UTC 2015
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3594
** Summary changed:
- [OSSA-2013-013] Updating password via keystoneclient CLI should be done securely
+ [OSSA-2013-013] Updating password via keystoneclient CLI should be done securely (CVE-2013-2013)
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/938315
Title:
[OSSA-2013-013] Updating password via keystoneclient CLI should be
done securely (CVE-2013-2013)
Status in OpenStack Security Advisory:
Fix Released
Status in python-keystoneclient:
Fix Released
Bug description:
Updating password via CLI should be done via a secure password prompt,
not text.
current: keystone user-password-update --user=jake --password=foo
expected: keystone user-password-update --user=jake
Password:
Repeat Password:
To manage notifications about this bug go to:
https://bugs.launchpad.net/ossa/+bug/938315/+subscriptions
More information about the Openstack-security
mailing list