openstack
/
security-doc
Code Issues Proposed changes
security-doc/security-notes
History
Jeremy Stanley 71399b98e1 OSSN-0093: Add CVE reference 
Mitre has assigned CVE-2024-29156 to the reported bug in Murano.

Change-Id: I8b87f4318949bff198ddacf37a6c8b3fc2125d34
 		2024-03-18 14:33:32 +00:00
..
OSSN-0001 Update the URL in doc 2018-09-24 20:38:04 +08:00
OSSN-0002 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0003 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0004 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0005 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0006 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0007 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0008 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0009 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0010 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0011 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0012 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0013 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0014 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0015 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0016 Replace chinese double quotes to English double quotes 2018-06-17 16:44:02 +08:00
OSSN-0017 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0018 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0019 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0020 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0021 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0022 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0023 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0024 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0025 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0026 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0027 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0028 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0029 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0030 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0031 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0032 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0033 Revise OSSN-033 to note fix for HTTPSConnection 2017-03-08 10:09:04 -08:00
OSSN-0034 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0035 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0036 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0037 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0038 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0039 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0042 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0043 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0044 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0045 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0046 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0047 Update the URL in doc 2018-09-24 20:38:04 +08:00
OSSN-0048 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0049 Update the URL in doc 2018-09-24 20:38:04 +08:00
OSSN-0052 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0053 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0054 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0055 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0056 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0057 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0058 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0059 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0060 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0061 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0062 Removing an extra space after fullstop 2016-12-05 01:32:42 +00:00
OSSN-0063 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0064 Added Authors to Security Notes 2016-07-11 10:51:07 +00:00
OSSN-0065 Add OSSN-0065 2022-05-10 15:59:16 -04:00
OSSN-0066 Fixing some trivial spelling mistakes 2016-11-30 20:35:37 +00:00
OSSN-0068 Fix typo 2018-05-31 04:53:37 +00:00
OSSN-0069 Updated OSSN-0069 2016-09-07 16:43:47 +00:00
OSSN-0070 OSSN-0070: bandit version < 1.1.0 have possible XSS 2016-08-30 02:39:37 +00:00
OSSN-0073 Update the URL in doc 2018-09-24 20:38:04 +08:00
OSSN-0077 Adding Security Note OSSN-0077 2016-11-11 19:52:25 +01:00
OSSN-0078 Adding OSSN-0078 2017-03-14 18:26:27 +00:00
OSSN-0079 Adding OSSN-0079 2017-07-20 15:56:20 +01:00
OSSN-0081 Adding OSSN-0081 2017-09-07 13:37:29 +01:00
OSSN-0082 Adding OSSN-0082 2017-10-04 15:42:26 +01:00
OSSN-0083 Publish OSSN-0083 2018-04-17 23:21:08 -06:00
OSSN-0084 Fix ambiguity around releases and workarounds 2018-07-05 16:02:03 +01:00
OSSN-0085 OSSN-0085: Add Ussuri as affected release 2020-05-08 09:16:24 -04:00
OSSN-0086 Update OSSN-0086 again 2020-06-30 08:43:51 -04:00
OSSN-0087 OSSN-0087: Add ceph releases with fix 2020-12-16 13:10:23 -08:00
OSSN-0089 OSSN-0089: Missing configuration option in Secure Live Migration guide 2021-04-12 09:46:12 +02:00
OSSN-0090 Correct the scope of OSSN-0090 2022-10-19 12:51:16 +01:00
OSSN-0091 Adding OSSN-0091 for VirtualBMC & Sushy-tools 2022-10-31 12:11:53 -07:00
OSSN-0092 Add OSSN-0092 2023-05-10 16:57:30 +00:00
OSSN-0093 OSSN-0093: Add CVE reference 2024-03-18 14:33:32 +00:00
README.md Migrate OSSNs to the security-doc repo 2014-08-11 12:59:28 -07:00
template.txt Update for openstack-dev move 2018-12-05 12:31:23 +01:00

README.md

OpenStack Security Notes (OSSN)

The OpenStack Security Group (OSSG) publishes Security Notes to advise users of security related issues. Security notes are similar to advisories; they address vulnerabilities in 3rd party tools typically used within OpenStack deployments and provide guidance on common configuration mistakes that can result in an insecure operating environment.

Repository Layout

This repository contains published Security Notes and templates that should be used when creating new Security Notes.

notes - contains Security Notes in e-mail format (see the templates)
templates - contains e-mail and wiki format templates

Useful Links

A list of published Security Notes is available here:

https://wiki.openstack.org/wiki/Security_Notes

The process used to create new Security Notes is available here:

https://wiki.openstack.org/wiki/Security/Security_Note_Process