CVE-2014-2828 openstack-keystone: denial of service via V3 API authentication chaining - linux/meta-cloud-services.git - Mirror of git.yoctoproject.org/meta-cloud-services.git

diff options

author	Amy Fong <amy.fong@windriver.com>	2014-05-07 14:22:43 -0400
committer	Bruce Ashfield <bruce.ashfield@windriver.com>	2014-05-08 14:30:03 -0400
commit	d679e470b5c3a26eff41d1efb0b1c6500e3fc060 (patch)
tree	88285392ae8348b46d9fe2ce814850331ec1865d /meta-openstack/recipes-devtools/python/python-nova_git.bb
parent	fd1371e01ea808309b76a72cc9a161c72e148279 (diff)
download	meta-cloud-services-d679e470b5c3a26eff41d1efb0b1c6500e3fc060.tar.gz

CVE-2014-2828 openstack-keystone: denial of service via V3 API authentication chaining

The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the same authentication method in a request, aka "authentication chaining." Signed-off-by: Amy Fong <amy.fong@windriver.com>

Diffstat (limited to 'meta-openstack/recipes-devtools/python/python-nova_git.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: