----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/56685/#review165714 -----------------------------------------------------------
Ship it! Ship It! - Sebastian Toader On Feb. 15, 2017, 4:02 p.m., Robert Levas wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/56685/ > ----------------------------------------------------------- > > (Updated Feb. 15, 2017, 4:02 p.m.) > > > Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene > Chekanskiy, Laszlo Puskas, and Sebastian Toader. > > > Bugs: AMBARI-20018 > https://issues.apache.org/jira/browse/AMBARI-20018 > > > Repository: ambari > > > Description > ------- > > Document security issue related to setting security.agent.hostname.validate > to "false". > > If set to "false", invalid hostnames may be used in OpenSSL commands used to > create the agent-side certificates when 2-way SSL is enabled. This could lead > to issues when executing OpenSSL as described in CVE-2014-3582. See > https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities. > > > Diffs > ----- > > ambari-server/docs/configuration/index.md 50864f2 > > ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java > 5020790 > > Diff: https://reviews.apache.org/r/56685/diff/ > > > Testing > ------- > > No testing necessary. Documentation change, only. > > > Thanks, > > Robert Levas > >
