[Openstack-security] [openstack/nova-specs] SecurityImpact review request change Id2304adeb9490a630e1979bb70037ad8a2656d73

gerrit2 at review.openstack.org gerrit2 at review.openstack.org
Wed Apr 12 20:56:47 UTC 2017


Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/357151

Log:
commit 0f1f9d690c316d8a48cea81655732d2911906c44
Author: Peter Hamilton <peter.hamilton at jhuapl.edu>
Date:   Wed Mar 22 17:16:26 2017 -0400

    Add support for certificate validation
    
    This spec describes changes that would allow Nova to perform
    certificate validation when verifying Glance image signatures.
    While image signing ensures that image data is obtained
    unmodified from Glance, it does not prevent an attacker from
    uploading and signing a malicious image. The addition of
    Nova API changes allows Nova users to control the certificates
    which are allowed to sign images.
    
    This spec describes work related to image verification. For
    more information, see: https://review.openstack.org/#/c/343654
    
    APIImpact
    DocImpact
    SecurityImpact
    
    Change-Id: Id2304adeb9490a630e1979bb70037ad8a2656d73





More information about the Openstack-security mailing list