packstack: puppetlabs-cinder / manifests / base.pp weak file permissions

manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the 1 cinder.conf and 2 api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files...

Moderate: Red Hat Security Advisory: openstack-packstack security and bug fix update

An updated openstack-packstack package that fixes two security issues and several bugs is now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...