automation-and-virtualized-infrastructure-manager
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
automation-and-virtualized-infrastructure-manager [2015/11/04 12:57] Sona Sarmadi |
automation-and-virtualized-infrastructure-manager [2016/02/10 12:59] (current) Sona Sarmadi |
||
|---|---|---|---|
| Line 2: | Line 2: | ||
| * Main Wiki page: https://wiki.openstack.org/wiki/Main_Page | * Main Wiki page: https://wiki.openstack.org/wiki/Main_Page | ||
| + | * Security Notes: https://wiki.openstack.org/wiki/Security_Notes | ||
| * Security wiki: https://wiki.openstack.org/wiki/Security | * Security wiki: https://wiki.openstack.org/wiki/Security | ||
| * Security info:https://security.openstack.org/ | * Security info:https://security.openstack.org/ | ||
| Line 10: | Line 11: | ||
| * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22395/Openstack-Horizon.html | * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22395/Openstack-Horizon.html | ||
| * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22720/Openstack-Keystone.html | * https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22720/Openstack-Keystone.html | ||
| + | |||
| + | |||
| + | === CVEs fixed in Openstack=== | ||
| + | |||
| + | ^ CVE ^ Description ^ Fixed in Arno ^ Fixed in Brahmaputra| | ||
| + | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7546|CVE-2015-7546]] | | | | | ||
| + | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CCVE-2015-8234|CVE-2015-8234]] | | | | | ||
| + | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8466|CVE-2015-8466]] | | | | | ||
| + | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7713|CVE-2015-7713]] | | | | | ||
| + | | | | ||
| === Openstack Security Guide=== | === Openstack Security Guide=== | ||
| Line 28: | Line 39: | ||
| * Validation of uploaded signed images | * Validation of uploaded signed images | ||
| - | Deploying authentication will protect image integrity by verifying that an image has not been modified after the upload by the user. This feature improves the enterprise-ready posture of OpenStack. | + | Deploying authentication will protect image integrity by verifying that an image has not been modified after the upload by the user. This feature improves the enterprise-ready posture of OpenStack. For further info read [[http://specs.openstack.org/openstack/glance-specs/specs/liberty/image-signing-and-verification-support.html|here.]] |
| - | + | ||
| - | For further info read [[http://specs.openstack.org/openstack/glance-specs/specs/liberty/image-signing-and-verification-support.html|here.]] | + | |
automation-and-virtualized-infrastructure-manager.1446641865.txt.gz · Last modified: 2015/11/04 12:57 by Sona Sarmadi
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: Creative Commons Attribution 4.0 International License
