openstack/tripleo-common
Code Issues Proposed changes
5ab57a4dce
tripleo-common/releasenotes/notes/octavia-set-image-owner-id-adb197d5daae54f1.yaml
Carlos Goncalves e7c5eab712 [CVE-2019-3895] Set image owner id 
This patch ensures [controller_worker]/amp_image_owner_id is set. This
configuration option restricts Glance image selection to a specific
owner ID. This is a recommended security setting.

Closes-Bug: #1830607

Change-Id: I14b69b9fb5234cf79a4d7e85de5f16df5ef7f7a2
2019-05-27 15:39:27 +02:00

11 lines
354 B
YAML
Raw Blame History

---
security:
- |
Fixed a vulnerability where an attacker may cause new Octavia amphorae to
run based on any arbitrary image (CVE-2019-3895).
fixes:
- |
Ensure [controller_worker]/amp_image_owner_id is set. This configuration
option restricts Glance image selection to a specific owner ID. This is a
recommended security setting.
View Git Blame Copy Permalink