[jira] [Commented] (CLOUDSTACK-10175) Listing VPCs with a domain account and project id -1 returns all the VPCs in the syste

ASF subversion and git services (JIRA) Thu, 28 Dec 2017 01:18:24 -0800

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16305198#comment-16305198
 ]


ASF subversion and git services commented on CLOUDSTACK-10175:
--------------------------------------------------------------

Commit 2ab5ab1c90191307e2b8a9576aad91670e2ac09c in cloudstack's branch 
refs/heads/master from [~kmoossavi]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=2ab5ab1 ]

CLOUDSTACK-10175: Prevent VPC list leakage if project=-1 specified on API 
(#2352)

This PR fixes the issue in which there's a leak when doing API call for listing 
VPC with domain account and projectId=-1.
Note for reviewers: The code formatting changed so many lines in the commit but 
the actual change is in line 2467-2471.

> Listing VPCs with a domain account and project id -1 returns all the VPCs in 
> the syste
> --------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-10175
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10175
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>    Affects Versions: 4.10.0.0
>            Reporter: Khosrow Moossavi
>             Fix For: Future
>
>




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (CLOUDSTACK-10175) Listing VPCs with a domain account and project id -1 returns all the VPCs in the syste

Reply via email to