** Changed in: nova
Status: Fix Committed => Fix Released
** Changed in: nova
Milestone: None => kilo-1
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1373992
Title:
EC2 keystone auth token is using unsafe SSL connection
Status in OpenStack Compute (Nova):
Fix Released
Bug description:
EC2KeystoneAuth uses httplib.HTTPSConnection objects. In Python 2.x
those do not perform CA checks so client connections are vulnerable to
MiM attacks.
This should use requests instead, and pick up the local cacert params
if needed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1373992/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
