Files

Nathan Kinder dc40698bcc Correct typo in OSSN-0049

This corrects a minor typo in the 'Discussion' section of
OSSN-0049.

Change-Id: I417d3448065f07fa03e968742e6d2929b95b9469

2015-07-07 06:48:33 -07:00

OSSN-0001

Check for syntax issues in the security notes with doc8

2014-09-29 09:11:31 +02:00

OSSN-0002

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0003

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0004

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0005

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0006

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0007

Check for syntax issues in the security notes with doc8

2014-09-29 09:11:31 +02:00

OSSN-0008

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0009

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0010

Check for syntax issues in the security notes with doc8

2014-09-29 09:11:31 +02:00

OSSN-0011

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0012

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0013

Check for syntax issues in the security notes with doc8

2014-09-29 09:11:31 +02:00

OSSN-0014

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0015

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0016

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0017

Check for syntax issues in the security notes with doc8

2014-09-29 09:11:31 +02:00

OSSN-0018

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0019

Fix checksyntax gate

2014-10-26 20:02:35 +01:00

OSSN-0020

Adding note for OSSN-0020

2014-09-11 07:40:54 -07:00

OSSN-0021

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0022

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

OSSN-0023

OSSN-0023 Keystone logs tokens at INFO levels

2014-09-02 18:17:11 +01:00

OSSN-0024

Add OSSN-0024 - Sensitive data exposure in logfiles

2014-09-24 08:16:13 -07:00

OSSN-0025

Re-submitting OSSN 25 concerning Swift/Glance public images

2014-10-20 11:02:41 -07:00

OSSN-0026

Fix checksyntax gate

2014-10-26 20:02:35 +01:00

OSSN-0027

Fix checksyntax gate

2014-10-26 20:02:35 +01:00

OSSN-0028

Add OSSN-0028 - Nova leaks hypervisor host SMBIOS serial number to guests

2014-10-02 09:53:04 -07:00

OSSN-0029

Clarify that Neutron FWaaS is experimental in OSSN-0029

2014-09-25 19:36:05 -07:00

OSSN-0030

Adding OSSN-0030: Bash 'shellshock' bug.

2014-09-26 16:03:17 +01:00

OSSN-0031

Add previously published OSSNs

2014-10-19 21:48:01 -07:00

OSSN-0032

Correct typo in OSSN-0032

2014-10-21 09:40:40 -07:00

OSSN-0033

Add previously published OSSNs

2014-10-19 21:48:01 -07:00

OSSN-0034

Add previously published OSSNs

2014-10-19 21:48:01 -07:00

OSSN-0035

Add previously published OSSNs

2014-10-19 21:48:01 -07:00

OSSN-0036

Add previously published OSSNs

2014-10-19 21:48:01 -07:00

OSSN-0037

Add previously published OSSNs

2014-10-19 21:48:01 -07:00

OSSN-0038

Adding OSSN-0038: Suds local cache poisoning.

2014-12-11 18:08:16 +00:00

OSSN-0039

Guidance on mitigating the POODLE attack in OpenStack clouds

2014-10-21 11:57:20 -07:00

OSSN-0042

Correct a typo in OSSN-0042

2014-12-16 17:35:45 -08:00

OSSN-0043

OSSN for gethostbyname glibc vuln.

2015-02-04 17:40:01 +00:00

OSSN-0044

Add text for OSSN-0044

2015-02-27 00:27:09 +00:00

OSSN-0045

Correct line-wrapping width for OSSN-0045

2015-03-11 10:55:12 -07:00

OSSN-0046

Correct line-wrapping for OSSN-0046

2015-04-30 19:10:04 -07:00

OSSN-0047

Add OSSN-0047

2015-04-14 07:03:30 -07:00

OSSN-0048

Add OSSN-0048

2015-04-28 14:04:59 -04:00

OSSN-0049

Correct typo in OSSN-0049

2015-07-07 06:48:33 -07:00

README.md

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

template.txt

Migrate OSSNs to the security-doc repo

2014-08-11 12:59:28 -07:00

README.md

OpenStack Security Notes (OSSN)

The OpenStack Security Group (OSSG) publishes Security Notes to advise users of security related issues. Security notes are similar to advisories; they address vulnerabilities in 3rd party tools typically used within OpenStack deployments and provide guidance on common configuration mistakes that can result in an insecure operating environment.

Repository Layout

This repository contains published Security Notes and templates that should be used when creating new Security Notes.

notes - contains Security Notes in e-mail format (see the templates)
templates - contains e-mail and wiki format templates

Useful Links

A list of published Security Notes is available here:

https://wiki.openstack.org/wiki/Security_Notes

The process used to create new Security Notes is available here:

https://wiki.openstack.org/wiki/Security/Security_Note_Process