Brian Rosmaita 63d7848a95 [stable-em-only] Add CVE-2023-2088 warning

The Cinder project team does not intend to backport a fix for
CVE-2023-2088 to stable/victoria, so add a warning to the README
so that consumers are aware of the vulnerability of this branch
of the cinder code.

Change-Id: I2866b0ca1511a53b096b73bbe51a74588cdd8947
Related-bug: #2004555

2023-06-08 03:36:32 +00:00

1.8 KiB

Raw Blame History

OpenStack Cinder

Warning

The stable/victoria branch of cinder does not contain a fix for CVE-2023-2088. Be aware that such a fix must span cinder, os-brick, nova, and, depending on your deployment configuration, glance_store and ironic. The Cinder project team advises against using the code in this branch unless a mitigation against CVE-2023-2088 is applied.

References:

OpenStack Cinder is a storage service for an open cloud computing service.

You can learn more about Cinder at:

Getting Started

If you'd like to run from the master branch, you can clone the git repo:

git clone https://opendev.org/openstack/cinder

If you'd like to contribute, please see the information in CONTRIBUTING.rst

You can raise bugs on Launchpad

Python client

Python Cinderclient

1.8 KiB Raw Blame History

OpenStack Cinder

Getting Started

Python client

1.8 KiB

Raw Blame History