openstack
/
openstack-ansible-memcached_server
Code Issues Proposed changes

Fix CVE-2018-1000115 for other distros 

We must restrict memcached to TCP.
Done for redhat but not SUSE/ubuntu

Change-Id: Ib4520b15fa660b77212dfc91bdb0f27590d30128
This commit is contained in:
Jean-Philippe Evrard 2018-03-28 14:05:58 +00:00
parent 163d9c15b4
commit e7ffc8c09f
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
templates/memcached.conf.debian.j2
View File

@ -7,6 +7,7 @@
-v -v
{% endif %} {% endif %}
logfile {{ memcached_log }} logfile {{ memcached_log }}
-U 0
-m {{ memcached_memory }} -m {{ memcached_memory }}
-p {{ memcached_port }} -p {{ memcached_port }}
-u {{ memcached_user }} -u {{ memcached_user }}

2
templates/memcached.suse.j2
View File

@ -6,7 +6,7 @@
{% set _verbosity = '-v' %} {% set _verbosity = '-v' %}
{% endif %} {% endif %}
MEMCACHED_PARAMS="-l {{ memcached_listen }} -p {{ memcached_port }} -c {{ memcached_connections }} -t {{ memcached_threads }} {{ _verbosity }}" MEMCACHED_PARAMS="-U 0 -l {{ memcached_listen }} -p {{ memcached_port }} -c {{ memcached_connections }} -t {{ memcached_threads }} {{ _verbosity }}"
## Path: Network/WWW/Memcached ## Path: Network/WWW/Memcached
## Description: username memcached should run as ## Description: username memcached should run as