2014-02-12 19:41:01 -08:00
|
|
|
OpenStack Security Notes (OSSN)
|
2014-02-12 21:35:18 -08:00
|
|
|
===============================
|
|
|
|
|
|
|
|
The OpenStack Security Group (OSSG) publishes Security Notes to advise users
|
|
|
|
of security related issues. Security notes are similar to advisories; they
|
|
|
|
address vulnerabilities in 3rd party tools typically used within OpenStack
|
|
|
|
deployments and provide guidance on common configuration mistakes that can
|
|
|
|
result in an insecure operating environment.
|
|
|
|
|
|
|
|
Repository Layout
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
This repository contains published Security Notes and templates that should
|
|
|
|
be used when creating new Security Notes.
|
|
|
|
|
|
|
|
notes - contains Security Notes in e-mail format (see the templates)
|
|
|
|
templates - contains e-mail and wiki format templates
|
|
|
|
|
|
|
|
Useful Links
|
|
|
|
------------
|
|
|
|
|
|
|
|
A list of published Security Notes is available here:
|
|
|
|
|
|
|
|
https://wiki.openstack.org/wiki/Security_Notes
|
|
|
|
|
|
|
|
The process used to create new Security Notes is available here:
|
|
|
|
|
|
|
|
https://wiki.openstack.org/wiki/Security/Security_Note_Process
|