pycrypto is unused and the existing code is potentially insecure to use
Bug #1033178 reported by
Pádraig Brady
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Stanislaw Pitucha | ||
Essex |
Fix Released
|
Medium
|
Unassigned | ||
nova (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The actual use of pycrypto was removed in https:/
In addition the existing code doesn't set IV and so is potentially dangerous to use.
Related branches
lp://qastaging/~openstack-ubuntu-testing/nova/precise-essex-proposed
- Chuck Short: Pending requested
-
Diff: 56 lines (+14/-4)3 files modifieddebian/changelog (+8/-0)
debian/control (+6/-3)
debian/nova-console.install (+0/-1)
Changed in nova: | |
status: | In Progress → Fix Committed |
milestone: | 2012.1.2 → none |
Changed in nova: | |
milestone: | none → folsom-3 |
status: | Fix Committed → Fix Released |
Changed in nova (Ubuntu): | |
status: | New → Fix Released |
Changed in nova (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in nova: | |
milestone: | folsom-3 → 2012.2 |
To post a comment you must log in.
Fix proposed to branch: stable/essex /review. openstack. org/10848
Review: https:/