This bug was fixed in the package python-oslo.middleware -
3.8.0-2ubuntu1
---------------
python-oslo.middleware (3.8.0-2ubuntu1) xenial-security; urgency=medium
* SECURITY UPDATE: Information disclosure in log file (LP: #1628031)
- d/p/filter-token-data-out-of-catch_errors-middleware.patch:
ensure sensitive token data is not written to log file.
- CVE-2017-2592
-- Corey Bryant <[email protected]> Thu, 10 May 2018 10:00:18
-0400
** Changed in: python-oslo.middleware (Ubuntu Xenial)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1628031
Title:
[OSSA-2017-001] CatchErrors leaks sensitive values in oslo.middleware
(CVE-2017-2592)
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystonemiddleware/+bug/1628031/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
