neutron/bug-1957175-764bc9c73b8d46e9.yaml at 8aa2da573cf26720bbb7a5378611635e54f22f23 - neutron - OpenDev: Free Software Needs Free Tools

openstack/neutron

yatinkarel 0c2af0f6e7 [Stable Only] Enforce policy for qos_policy_id attribute

Currently while updating 'qos_policy_id', authorization policies
are not enforced and as a result it can be set or unset over
port/network/fip by an unauthorized user.

This patch fixes it by setting 'enforce_policy' to True
for this attribute for Floating IP, for port and network
it's fixed in neutron-lib[1].

This patch is only for stable releases as for releases since
Yoga this is fixed in neutron-lib[2] itself.

[1] https://review.opendev.org/q/Ieee1ca092e572ad4696105962fbc6de675454657
[2] https://review.opendev.org/c/openstack/neutron-lib/+/825088

Closes-Bug: #1957175
Change-Id: Ie0660e5e89e45c00b79464368ba337d27a824714

2022-01-31 11:24:37 +00:00

7 lines

211 B

YAML

Raw Blame History

 ---
 fixes:
   - |
     Enforce policy for 'qos_policy_id' attribute of
     Floating IP so only authorized users can set/unset it.
     For more info see `bug LP#1957175 <https://bugs.launchpad.net/bugs/1957175>`_.