tripleo-heat-templates/memcached_hardening-2529734099da27f4.yaml at 00cd4b0aea30f2975f58b2712047e8bd980f7004 - tripleo-heat-templates - OpenDev: Free Software Needs Free Tools

openstack/tripleo-heat-templates

Emilien Macchi eaf77cb09c [CVE-2018-1000115] memcached: restrict to TCP & internal_api network

https://access.redhat.com/security/cve/cve-2018-1000115

Restrict Memcached to only work on TCP and internal_api network.
The restriction is made at the application and firewall levels.
It will prevent DDoS amplification attacks using memcached.

Change-Id: I8fb81d7f3938b04ff7652e30de35a1ec23ae723d
Related-Bug: #1754607

2018-03-19 15:24:09 +00:00

5 lines

103 B

YAML

Raw Blame History

 ---
 security:
   - |
     Restrict memcached service to TCP and internal_api network (CVE-2018-1000115).