CVE has been requested with this affect line: <=5.0.3, >=6.0.0 <=6.1.0 and ==7.0.0
@Daniel, the bug is now public, feel free to submit patches to gerrit for master (Ocata), Newton, Mikata and Liberty. ** Description changed: - This issue is being treated as a potential security risk under embargo. - Please do not make any public mention of embargoed (private) security - vulnerabilities before their coordinated publication by the OpenStack - Vulnerability Management Team in the form of an official OpenStack - Security Advisory. This includes discussion of the bug or associated - fixes in public forums such as mailing lists, code review systems and - bug trackers. Please also avoid private disclosure to other individuals - not already approved for access to this information, and provide this - same reminder to those who are made aware of the issue prior to - publication. All discussion should remain confined to this private bug - report, and any proposed fixes should be added to the bug as - attachments. - Launching a new Heat stack and giving the template from an URL like http://localhost:22 Results in an error message like: ERROR: Could not retrieve template: Failed to retrieve template: ('Connection aborted.', BadStatusLine('SSH-2.0-OpenSSH_6.6.1\r\n',)) This is a security issue as it allows users to scan the network for listening ports. heat CLI does not allow that: heat stack-create -u http://localhost:22 test [Errno 104] Connection reset by peer ** Information type changed from Private Security to Public Security ** Changed in: ossa Status: Incomplete => In Progress ** Changed in: horizon Status: New => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1606500 Title: Heat: template source URL allows network port scan Status in heat: Triaged Status in OpenStack Dashboard (Horizon): Invalid Status in OpenStack Security Advisory: In Progress Bug description: Launching a new Heat stack and giving the template from an URL like http://localhost:22 Results in an error message like: ERROR: Could not retrieve template: Failed to retrieve template: ('Connection aborted.', BadStatusLine('SSH-2.0-OpenSSH_6.6.1\r\n',)) This is a security issue as it allows users to scan the network for listening ports. heat CLI does not allow that: heat stack-create -u http://localhost:22 test [Errno 104] Connection reset by peer To manage notifications about this bug go to: https://bugs.launchpad.net/heat/+bug/1606500/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
