==== OpenStack ==== * Main Wiki page: https://wiki.openstack.org/wiki/Main_Page * Security Notes: https://wiki.openstack.org/wiki/Security_Notes * Security wiki: https://wiki.openstack.org/wiki/Security * Security info:https://security.openstack.org/ === OpenStack CVE list === * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/Openstack.html * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22395/Openstack-Horizon.html * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22720/Openstack-Keystone.html === CVEs fixed in Openstack=== ^ CVE ^ Description ^ Fixed in Arno ^ Fixed in Brahmaputra| | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7546|CVE-2015-7546]] | | | | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CCVE-2015-8234|CVE-2015-8234]] | | | | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8466|CVE-2015-8466]] | | | | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7713|CVE-2015-7713]] | | | | | | === Openstack Security Guide=== * http://docs.openstack.org/security-guide === Glance === * List of bugs: https://bugs.launchpad.net/glance/+bugs == Glance Image Signing and Verification == https://blueprints.launchpad.net/glance/+spec/image-signing-and-verification-support OpenStack currently does not support the following feature: * Signing and signature validation of bootable images * Validation of uploaded signed images Deploying authentication will protect image integrity by verifying that an image has not been modified after the upload by the user. This feature improves the enterprise-ready posture of OpenStack. For further info read [[http://specs.openstack.org/openstack/glance-specs/specs/liberty/image-signing-and-verification-support.html|here.]]