OpenStack Security Notes in Launchpad

OpenStack Security Notes

Registered 2013-01-11 by Robert Clark

OpenStack Security Advice, guiding users around common insecure configurations and vulnerabilities in 3rd party libraries and applications often used with OpenStack.

OpenStack Security Notes exist to guide users and implementers of OpenStack through various security 'pain-points'. Security Notes do not directly address vulnerabilities in OpenStack. OSNs provide guidance to ensure secure use of OpenStack and will often provide work arounds or advice for 3rd party libraries and services used in conjunction with OpenStack.

This project is maintained by the OpenStack Security Group: https://launchpad.net/~openstack-ossg

Home page

Project information

Maintainer:: OpenStack Security SIG

Also known as:: osn

Driver:: Luke Hinds

Licence:: Creative Commons - No Rights Reserved

View full history Series and milestones

trunk series is the current focus of development.

All bugs Latest bugs reported

Bug #1838473: non-IP ethertypes are permitted with iptables_hybrid firewall driver
Reported on 2023-06-01
Bug #2004555: [OSSA-2023-003] Unauthorized volume access through deleted volume attachments (CVE-2023-2088)
Reported on 2023-05-10
Bug #1990157: OSSN-0090: Malicious image data modification can happen when using COW
Reported on 2022-09-19
Bug #1919357: "Secure live migration with QEMU-native TLS in nova"-guide misses essential config option
Reported on 2021-03-16
Bug #1545702: [OSSN-0088] Images v2 api metadef vulnerability
Reported on 2021-03-09

More contributors Top contributors

Jeremy Stanley 18 points
Nick Tait 1 points

Get Involved

Downloads

OpenStack Security Notes does not have any download files registered with Launchpad.

Announcements

Project Page Up and Running on 2013-01-11
Soon we'll be working through our backlog to create security notes, cross tra...