Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-8761

In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures to anyone with read access to these logs. All Swift deployments using the tempurl middleware are affected.

Related bugs and status

CVE-2017-8761 (Candidate) is related to these bugs:

Bug #1685798: Swift tempurl middleware reveals signatures in the logfiles (CVE-2017-8761)

		In	Importance	Status
1685798	Swift tempurl middleware reveals signatures in the logfiles (CVE-2017-8761)	OpenStack Object Storage (swift)	Undecided	Fix Released
1685798	Swift tempurl middleware reveals signatures in the logfiles (CVE-2017-8761)	Swift3	Undecided	New
1685798	Swift tempurl middleware reveals signatures in the logfiles (CVE-2017-8761)	OpenStack Security Advisory	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: https://launchpad.net/...