tripleo-heat-templates contains a world readable data vulnerability. The library does not set the proper permissions during the creation of the ceph.client.openstack.keyring
, allowing a local user to access the keyring to read or modify data. This vulnerability only affects setups with openstack deployed on ceph servers.
access.redhat.com/errata/RHSA-2018:0602
access.redhat.com/errata/RHSA-2018:1593
access.redhat.com/errata/RHSA-2018:1627
access.redhat.com/security/updates/classification/#moderate
bugs.launchpad.net/tripleo/+bug/1720787
bugzilla.redhat.com/show_bug.cgi?id=1301534
bugzilla.redhat.com/show_bug.cgi?id=1433534
bugzilla.redhat.com/show_bug.cgi?id=1489360
bugzilla.redhat.com/show_bug.cgi?id=1507888
bugzilla.redhat.com/show_bug.cgi?id=1508601
bugzilla.redhat.com/show_bug.cgi?id=1519765
bugzilla.redhat.com/show_bug.cgi?id=1523272
bugzilla.redhat.com/show_bug.cgi?id=1523707
bugzilla.redhat.com/show_bug.cgi?id=1528755
bugzilla.redhat.com/show_bug.cgi?id=1533097
bugzilla.redhat.com/show_bug.cgi?id=1533468
bugzilla.redhat.com/show_bug.cgi?id=1533875
bugzilla.redhat.com/show_bug.cgi?id=1537725
bugzilla.redhat.com/show_bug.cgi?id=1538828
bugzilla.redhat.com/show_bug.cgi?id=1538875
bugzilla.redhat.com/show_bug.cgi?id=1539090
bugzilla.redhat.com/show_bug.cgi?id=1542537
bugzilla.redhat.com/show_bug.cgi?id=1543641
bugzilla.redhat.com/show_bug.cgi?id=1546234
bugzilla.redhat.com/show_bug.cgi?id=1546807
bugzilla.redhat.com/show_bug.cgi?id=1547955
bugzilla.redhat.com/show_bug.cgi?id=1551137
bugzilla.redhat.com/show_bug.cgi?id=1551461
bugzilla.redhat.com/show_bug.cgi?id=1552466
bugzilla.redhat.com/show_bug.cgi?id=1558639