OSDir


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Openstack-security] [Bug 1761054] Re: nova log expose password when swapvolume


Reviewed:  https://review.openstack.org/558694
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=1b61d6c08c7c86834acab45320230824b88d529c
Submitter: Zuul
Branch:    master

commit 1b61d6c08c7c86834acab45320230824b88d529c
Author: jichenjc <jichenjc at cn.ibm.com>
Date:   Wed Apr 4 13:26:01 2018 +0800

    Avoid showing password in log
    
    per bug indicated, the password is shown in the log.
    
    https://github.com/openstack/oslo.utils/blob/master/oslo_utils/strutils.py#L295
    indicated auth_password can be masked through mask_password method.
    
    Change-Id: I725eea1866642b40cc6b065ed0e8aefb91ca2889
    Closes-Bug: 1761054


** Changed in: nova
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of OpenStack
Security SIG, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1761054

Title:
  nova log expose password when swapvolume

Status in OpenStack Compute (nova):
  Fix Released

Bug description:
  http://logs.openstack.org/50/557150/6/check/tempest-
  full/1f9c9f2/controller/logs/screen-n-cpu.txt.gz#_Mar_30_08_37_13_371323

  u'auth_password': u'8KigD3KKykJkJixs', u'auth_username':
  u'6m4wAHCZVqFfTQaF4eZu',

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1761054/+subscriptions