*** This bug is a security vulnerability ***
Public security bug reported:
The ironic config option for the password and auth token are not marked
as secret so the values will get logged during startup in debug mode.
** Affects: nova
Importance: Medium
Assignee: Joe Gordon (jogo)
Status: Triaged
** Tags: kilo-backport-potential
** Information type changed from Public to Public Security
** Tags added: kilo-backport-potential
** Changed in: nova
Status: New => Triaged
** Changed in: nova
Assignee: (unassigned) => Joe Gordon (jogo)
** Changed in: nova
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1451931
Title:
ironic password config not marked as secret
Status in OpenStack Compute (Nova):
Triaged
Bug description:
The ironic config option for the password and auth token are not
marked as secret so the values will get logged during startup in debug
mode.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1451931/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
