This shows you the differences between two versions of the page.
Next revision | Previous revision Last revision Both sides next revision | ||
automation-and-virtualized-infrastructure-manager [2015/10/21 10:21] Sona Sarmadi created |
automation-and-virtualized-infrastructure-manager [2015/11/04 13:04] Sona Sarmadi |
||
---|---|---|---|
Line 1: | Line 1: | ||
==== OpenStack ==== | ==== OpenStack ==== | ||
- | * OpenStack security guide: http://docs.openstack.org/security-guide/ | + | * Main Wiki page: https://wiki.openstack.org/wiki/Main_Page |
- | * http://docs.openstack.org/sec/ OpenStack Security wiki: https://wiki.openstack.org/wiki/Security | + | * Security Notes: https://wiki.openstack.org/wiki/Security_Notes |
- | * OpenStack Security info:https://security.openstack.org/ | + | * Security wiki: https://wiki.openstack.org/wiki/Security |
+ | * Security info:https://security.openstack.org/ | ||
=== OpenStack CVE list === | === OpenStack CVE list === | ||
Line 10: | Line 11: | ||
* https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22395/Openstack-Horizon.html | * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22395/Openstack-Horizon.html | ||
* https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22720/Openstack-Keystone.html | * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22720/Openstack-Keystone.html | ||
+ | |||
+ | === Openstack Security Guide=== | ||
+ | |||
+ | * http://docs.openstack.org/security-guide | ||
=== Glance === | === Glance === | ||
* List of bugs: https://bugs.launchpad.net/glance/+bugs | * List of bugs: https://bugs.launchpad.net/glance/+bugs | ||
+ | |||
+ | == Glance Image Signing and Verification == | ||
+ | |||
+ | https://blueprints.launchpad.net/glance/+spec/image-signing-and-verification-support | ||
+ | |||
+ | OpenStack currently does not support the following feature: | ||
+ | |||
+ | * Signing and signature validation of bootable images | ||
+ | * Validation of uploaded signed images | ||
+ | |||
+ | Deploying authentication will protect image integrity by verifying that an image has not been modified after the upload by the user. This feature improves the enterprise-ready posture of OpenStack. For further info read [[http://specs.openstack.org/openstack/glance-specs/specs/liberty/image-signing-and-verification-support.html|here.]] | ||