| 2014-12-10 02:10:05 |
Masahito Muroi |
bug |
|
|
added bug |
| 2014-12-10 02:15:15 |
Masahito Muroi |
bug |
|
|
added subscriber Tomoko Inoue |
| 2014-12-10 02:16:06 |
Masahito Muroi |
bug |
|
|
added subscriber Sampath Priyankara |
| 2014-12-10 03:41:30 |
Masahito Muroi |
summary |
Glance allows users to download any file in glance-api server |
Glance allows users to download and delete any file in glance-api server |
|
| 2014-12-10 03:50:48 |
Masahito Muroi |
description |
Updating image-location by update images API users can download any file for which glance-api has read permission.
For example:
When users specify '/etc/passwd' as locations value of an image user can get the file by image download.
How to recreate the bug:
- set show_multiple_locations True in glance-api.conf
- create a new image
- set locations of the image's property a path you want to get such as file:///etc/passwd.
- download the image
I found this bug in 2014.2 (742c898956d655affa7351505c8a3a5c72881eae). |
Updating image-location by update images API users can download any file for which glance-api has read permission.
And the file for which glance-api has write permission will be deleted when users delete the image.
For example:
When users specify '/etc/passwd' as locations value of an image user can get the file by image download.
When locations of an image is set with 'file:///path/to/glance-api.conf' the conf will be deleted when users delete the image.
How to recreate the bug:
download files:
- set show_multiple_locations True in glance-api.conf
- create a new image
- set locations of the image's property a path you want to get such as file:///etc/passwd.
- download the image
delete files:
- set show_multiple_locations True in glance-api.conf
- create a new image
- set locations of the image's property a path you want to delete such as file:///path/to/glance-api.conf
- delete the image
I found this bug in 2014.2 (742c898956d655affa7351505c8a3a5c72881eae).
What a big A RE RE!! |
|
| 2014-12-10 05:30:25 |
Grant Murphy |
bug task added |
|
ossa |
|
| 2014-12-10 05:30:35 |
Grant Murphy |
ossa: status |
New |
Incomplete |
|
| 2014-12-10 08:21:24 |
Masahito Muroi |
bug |
|
|
added subscriber Shintaro Mizuno |
| 2014-12-10 08:21:49 |
Masahito Muroi |
bug |
|
|
added subscriber Koji Iida |
| 2014-12-10 13:24:57 |
Jeremy Stanley |
bug |
|
|
added subscriber Glance Core security contacts |
| 2014-12-10 15:22:51 |
Nikhil Komawar |
bug |
|
|
added subscriber Stuart McLaren |
| 2014-12-10 15:22:57 |
Nikhil Komawar |
bug |
|
|
added subscriber Zhi Yan Liu |
| 2014-12-10 15:23:05 |
Nikhil Komawar |
bug |
|
|
added subscriber Erno Kuvaja |
| 2014-12-10 15:23:12 |
Nikhil Komawar |
bug |
|
|
added subscriber Hemanth Makkapati |
| 2014-12-10 16:56:14 |
Stuart McLaren |
glance: status |
New |
Confirmed |
|
| 2014-12-10 17:03:44 |
Stuart McLaren |
glance: importance |
Undecided |
High |
|
| 2014-12-10 18:05:32 |
Jeremy Stanley |
ossa: status |
Incomplete |
Confirmed |
|
| 2014-12-10 18:05:35 |
Jeremy Stanley |
ossa: importance |
Undecided |
High |
|
| 2014-12-11 05:14:13 |
Zhi Yan Liu |
glance: assignee |
|
Zhi Yan Liu (lzy-dev) |
|
| 2014-12-15 15:16:16 |
Tristan Cacqueray |
glance: importance |
High |
Critical |
|
| 2014-12-15 15:16:20 |
Tristan Cacqueray |
ossa: importance |
High |
Critical |
|
| 2014-12-15 15:17:47 |
Tristan Cacqueray |
information type |
Private Security |
Public Security |
|
| 2014-12-15 16:43:25 |
Thierry Carrez |
glance: milestone |
|
kilo-1 |
|
| 2014-12-15 16:47:56 |
Thierry Carrez |
glance: status |
Confirmed |
In Progress |
|
| 2014-12-15 16:53:02 |
Nikhil Komawar |
bug |
|
|
added subscriber nikhil komawar |
| 2014-12-15 17:07:25 |
Zhi Yan Liu |
attachment added |
|
switch_policy.patch https://bugs.launchpad.net/ossa/+bug/1400966/+attachment/4281554/+files/switch_policy.patch |
|
| 2014-12-15 20:42:28 |
Bryan D. Payne |
bug |
|
|
added subscriber Bryan D. Payne |
| 2014-12-15 22:21:40 |
Garth Mollett |
bug |
|
|
added subscriber Garth Mollett |
| 2014-12-15 22:27:00 |
Mathieu Gagné |
bug |
|
|
added subscriber Mathieu Gagné |
| 2014-12-16 10:13:12 |
Matteo Panella |
bug |
|
|
added subscriber Matteo Panella |
| 2014-12-18 14:14:20 |
Zhi Yan Liu |
tags |
|
havana-backport-potential |
|
| 2014-12-18 16:25:10 |
Thierry Carrez |
nominated for series |
|
glance/icehouse |
|
| 2014-12-18 16:25:10 |
Thierry Carrez |
bug task added |
|
glance/icehouse |
|
| 2014-12-18 16:25:10 |
Thierry Carrez |
nominated for series |
|
glance/juno |
|
| 2014-12-18 16:25:10 |
Thierry Carrez |
bug task added |
|
glance/juno |
|
| 2014-12-18 16:25:18 |
Thierry Carrez |
glance: status |
In Progress |
Fix Committed |
|
| 2014-12-18 17:05:01 |
Zhi Yan Liu |
glance/juno: status |
New |
Fix Committed |
|
| 2014-12-18 17:05:13 |
Zhi Yan Liu |
glance/icehouse: status |
New |
In Progress |
|
| 2014-12-18 17:05:19 |
Zhi Yan Liu |
glance/icehouse: assignee |
|
Zhi Yan Liu (lzy-dev) |
|
| 2014-12-19 05:29:54 |
Zhi Yan Liu |
glance/icehouse: status |
In Progress |
Fix Committed |
|
| 2014-12-19 08:16:33 |
Thierry Carrez |
glance: status |
Fix Committed |
Fix Released |
|
| 2014-12-19 15:39:58 |
Nikhil Komawar |
glance/icehouse: importance |
Undecided |
Critical |
|
| 2014-12-19 15:40:00 |
Nikhil Komawar |
glance/juno: importance |
Undecided |
Critical |
|
| 2014-12-19 15:41:06 |
Nikhil Komawar |
tags |
havana-backport-potential |
|
|
| 2014-12-22 15:11:18 |
Thierry Carrez |
ossa: status |
Confirmed |
In Progress |
|
| 2014-12-23 16:56:41 |
Alan Pevec |
glance/juno: assignee |
|
Zhi Yan Liu (lzy-dev) |
|
| 2014-12-23 17:32:13 |
Thierry Carrez |
ossa: status |
In Progress |
Fix Committed |
|
| 2015-01-04 17:17:33 |
Jeremy Stanley |
summary |
Glance allows users to download and delete any file in glance-api server |
[OSSA-2014-041] Glance allows users to download and delete any file in glance-api server (CVE-2014-9493) |
|
| 2015-01-07 16:33:44 |
Ian Cordasco |
bug task added |
|
openstack-ansible |
|
| 2015-01-07 16:34:26 |
Ian Cordasco |
openstack-ansible: importance |
Undecided |
Critical |
|
| 2015-01-07 16:34:32 |
Ian Cordasco |
openstack-ansible: assignee |
|
Ian Cordasco (icordasc) |
|
| 2015-01-07 16:34:43 |
Ian Cordasco |
nominated for series |
|
openstack-ansible/next |
|
| 2015-01-07 16:34:43 |
Ian Cordasco |
bug task added |
|
openstack-ansible/next |
|
| 2015-01-07 16:34:43 |
Ian Cordasco |
nominated for series |
|
openstack-ansible/icehouse |
|
| 2015-01-07 16:34:43 |
Ian Cordasco |
bug task added |
|
openstack-ansible/icehouse |
|
| 2015-01-07 16:34:43 |
Ian Cordasco |
nominated for series |
|
openstack-ansible/juno |
|
| 2015-01-07 16:34:43 |
Ian Cordasco |
bug task added |
|
openstack-ansible/juno |
|
| 2015-01-07 16:34:56 |
Ian Cordasco |
openstack-ansible/icehouse: importance |
Undecided |
Critical |
|
| 2015-01-07 16:34:59 |
Ian Cordasco |
openstack-ansible/juno: importance |
Undecided |
Critical |
|
| 2015-01-07 16:35:03 |
Ian Cordasco |
openstack-ansible/icehouse: assignee |
|
Ian Cordasco (icordasc) |
|
| 2015-01-07 16:35:07 |
Ian Cordasco |
openstack-ansible/next: importance |
Undecided |
Critical |
|
| 2015-01-07 16:35:10 |
Ian Cordasco |
openstack-ansible/juno: assignee |
|
Ian Cordasco (icordasc) |
|
| 2015-01-07 16:35:14 |
Ian Cordasco |
openstack-ansible/next: assignee |
|
Ian Cordasco (icordasc) |
|
| 2015-01-07 16:40:06 |
OpenStack Infra |
openstack-ansible: status |
New |
In Progress |
|
| 2015-01-07 17:35:50 |
OpenStack Infra |
openstack-ansible: status |
In Progress |
Fix Committed |
|
| 2015-01-07 17:35:52 |
OpenStack Infra |
cve linked |
|
2014-9493 |
|
| 2015-01-07 18:38:02 |
Grant Murphy |
ossa: status |
Fix Committed |
Fix Released |
|
| 2015-01-07 20:12:47 |
Jason Cannavale |
openstack-ansible: milestone |
|
9.0.6 |
|
| 2015-01-07 20:12:49 |
Jason Cannavale |
openstack-ansible: milestone |
9.0.6 |
10.1.2 |
|
| 2015-01-07 20:20:15 |
Jason Cannavale |
openstack-ansible: milestone |
10.1.2 |
9.0.6 |
|
| 2015-01-07 20:20:18 |
Jason Cannavale |
openstack-ansible: milestone |
9.0.6 |
|
|
| 2015-01-07 20:20:23 |
Jason Cannavale |
openstack-ansible/icehouse: milestone |
|
9.0.6 |
|
| 2015-01-07 20:20:27 |
Jason Cannavale |
openstack-ansible/juno: milestone |
|
10.1.2 |
|
| 2015-01-07 20:28:41 |
OpenStack Infra |
openstack-ansible/icehouse: status |
New |
In Progress |
|
| 2015-01-07 20:29:22 |
OpenStack Infra |
openstack-ansible/juno: status |
New |
In Progress |
|
| 2015-01-07 20:37:27 |
Ian Cordasco |
bug task deleted |
openstack-ansible/next |
|
|
| 2015-01-08 00:07:34 |
Grant Murphy |
glance: status |
Fix Released |
In Progress |
|
| 2015-01-08 00:07:40 |
Grant Murphy |
glance: assignee |
Zhi Yan Liu (lzy-dev) |
Grant Murphy (gmurphy) |
|
| 2015-01-08 00:07:45 |
Grant Murphy |
ossa: assignee |
|
Grant Murphy (gmurphy) |
|
| 2015-01-08 00:07:48 |
Grant Murphy |
ossa: status |
Fix Released |
In Progress |
|
| 2015-01-08 14:51:15 |
Thierry Carrez |
ossa: status |
In Progress |
Fix Released |
|
| 2015-01-08 14:51:18 |
Thierry Carrez |
glance: status |
In Progress |
Fix Released |
|
| 2015-01-19 17:12:50 |
Kevin Carter |
openstack-ansible/icehouse: milestone |
9.0.6 |
next |
|
| 2015-01-19 17:12:54 |
Kevin Carter |
openstack-ansible/juno: milestone |
10.1.2 |
next |
|
| 2015-01-29 11:06:49 |
Jesse Pretorius |
openstack-ansible/juno: milestone |
next |
10.1.2 |
|
| 2015-01-29 11:06:52 |
Jesse Pretorius |
openstack-ansible/icehouse: status |
In Progress |
Fix Committed |
|
| 2015-01-29 11:06:55 |
Jesse Pretorius |
openstack-ansible/juno: status |
In Progress |
Fix Committed |
|
| 2015-01-29 11:07:00 |
Jesse Pretorius |
openstack-ansible/icehouse: milestone |
next |
9.0.6 |
|
| 2015-01-29 14:17:15 |
Chuck Short |
glance/juno: milestone |
|
2014.2.2 |
|
| 2015-02-05 15:40:49 |
Chuck Short |
glance/juno: status |
Fix Committed |
Fix Released |
|
| 2015-02-27 10:51:25 |
Darren Birkett |
openstack-ansible/juno: status |
Fix Committed |
Fix Released |
|
| 2015-03-02 13:11:09 |
Darren Birkett |
openstack-ansible/icehouse: status |
Fix Committed |
Fix Released |
|
| 2015-03-13 00:03:52 |
Alan Pevec |
glance/icehouse: milestone |
|
2014.1.4 |
|
| 2015-03-13 00:58:53 |
Alan Pevec |
glance/icehouse: status |
Fix Committed |
Fix Released |
|
| 2015-04-30 08:13:34 |
Thierry Carrez |
glance: milestone |
kilo-1 |
2015.1.0 |
|
| 2015-05-08 19:08:20 |
Kevin Carter |
openstack-ansible: status |
Fix Committed |
Fix Released |
|
| 2016-11-12 17:03:46 |
OpenContrail Admin |
nominated for series |
|
juniperopenstack/trunk |
|
| 2016-11-12 17:03:46 |
OpenContrail Admin |
bug task added |
|
juniperopenstack/trunk |
|
| 2016-11-12 17:03:46 |
OpenContrail Admin |
bug task added |
|
juniperopenstack/trunk |
|
| 2016-11-13 14:44:21 |
Ganesha HV |
juniperopenstack/trunk: status |
In Progress |
Invalid |
|
| 2016-11-13 14:44:21 |
Ganesha HV |
juniperopenstack/trunk: assignee |
Grant Murphy (gmurphy) |
|
|
