oss-sec mailing list archives
Re: CVE request for vulnerability in OpenStack Nova
From: cve-assign () mitre org
Date: Thu, 7 Jan 2016 15:40:53 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Xen connection password leak in logs via StorageError If a StorageError occurs when attempting to connect a volume using the Xen API, the connection parameters will be logged. These parameters may include credentials that are not masked. https://launchpad.net/bugs/1516765
Use CVE-2015-8749 for the lack of strutils.mask_password use. There is no CVE ID for the https://bugs.launchpad.net/bugs/1321785 related discussion of a design issue. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWjszMAAoJEL54rhJi8gl5RMAP/RcP2koL8KmPcmnknO/jFAGp ZARI12CsqoS6u+lKUsr0ZnNLbOoJHzIyiinEtRSTrisyrZIF9pLjlCVQ3xwPDZUr IIVpW5clK3WWsl4838LgtIFfQwTHot8slglIIvWMyfPh/VVMqNA4rWU/i8+loscw 82WnO+rgaMnZDH68IKyEBFkrrvdvrP0ixB3Q0ImjxfnjXqy74PwNzeRWCi26D5+8 FEJEmmaXjkP0nWr1HoKkGuDb2A8TS8ZrNNDCFKJXbQccVv3EikPMAwCdp8yVROmo jFALhLJSsiyDqOFVFNYQKb6pCTOGQOXunba8AFnTK2XzGOVx/bSQOUVUQn84B7Fo CC7vneB6upaPNH2lYj8De0Iiw1asPQh1KJhhFR7/3qHZ/9H6WX13GHGfs4/tqDT4 PS5aYJvcW8klwOoy2x2w5bHS2n1fQkvbOzJ1u61xlAleyA0+LICyU/l3nrhz9R+7 V/s8M3sFMh5/eLfYIJEa24fITUnJxU5jt6DiPFgsz1f34msek8x2GitK1NsCMEkO 4Vz6Fp2D6sQlEiTkA/vkUbHMZRcgmbw13If+kWRFevDA1epXWn2h+ikHV687ENvD dnm6bCUrLYzV4o204hVnrN7G9IzuOYawgrZ3ZC76tkGBJoBDeWiM1UK2TB3b9qvY 3ixDLcVIthDIaJTmNEds =Zujb -----END PGP SIGNATURE-----
Current thread:
- CVE request for vulnerability in OpenStack Nova Grant Murphy (Jan 07)
- Re: CVE request for vulnerability in OpenStack Nova cve-assign (Jan 07)