opendevreview | OpenStack Release Bot proposed openstack/designate-dashboard stable/2024.1: Update .gitreview for stable/2024.1 https://review.opendev.org/c/openstack/designate-dashboard/+/913306 | 09:54 |
---|---|---|
opendevreview | OpenStack Release Bot proposed openstack/designate-dashboard stable/2024.1: Update TOX_CONSTRAINTS_FILE for stable/2024.1 https://review.opendev.org/c/openstack/designate-dashboard/+/913307 | 09:54 |
opendevreview | OpenStack Release Bot proposed openstack/designate-dashboard master: Update master for stable/2024.1 https://review.opendev.org/c/openstack/designate-dashboard/+/913308 | 09:54 |
opendevreview | OpenStack Release Bot proposed openstack/designate stable/2024.1: Update .gitreview for stable/2024.1 https://review.opendev.org/c/openstack/designate/+/913309 | 09:55 |
opendevreview | OpenStack Release Bot proposed openstack/designate stable/2024.1: Update TOX_CONSTRAINTS_FILE for stable/2024.1 https://review.opendev.org/c/openstack/designate/+/913310 | 09:55 |
opendevreview | OpenStack Release Bot proposed openstack/designate master: Update master for stable/2024.1 https://review.opendev.org/c/openstack/designate/+/913311 | 09:56 |
opendevreview | Merged openstack/designate stable/2024.1: Update .gitreview for stable/2024.1 https://review.opendev.org/c/openstack/designate/+/913309 | 11:16 |
opendevreview | Merged openstack/designate-dashboard master: Update master for stable/2024.1 https://review.opendev.org/c/openstack/designate-dashboard/+/913308 | 11:17 |
opendevreview | Merged openstack/designate-dashboard stable/2024.1: Update .gitreview for stable/2024.1 https://review.opendev.org/c/openstack/designate-dashboard/+/913306 | 11:17 |
opendevreview | Merged openstack/designate-dashboard stable/2024.1: Update TOX_CONSTRAINTS_FILE for stable/2024.1 https://review.opendev.org/c/openstack/designate-dashboard/+/913307 | 11:17 |
opendevreview | Merged openstack/designate stable/2024.1: Update TOX_CONSTRAINTS_FILE for stable/2024.1 https://review.opendev.org/c/openstack/designate/+/913310 | 11:21 |
opendevreview | Merged openstack/designate master: Update master for stable/2024.1 https://review.opendev.org/c/openstack/designate/+/913311 | 11:21 |
fungi | johnsom: any idea if anyone from rh ever opened an upstream bug report about https://access.redhat.com/security/cve/CVE-2023-6725 ? i got e-mail from rh product security to let me know that they determined the same bug exists in the upstream designate project | 13:40 |
frickler | fungi: johnsom: to me that looks like an issue in the deployment tooling, not in designate. I don't think anyone expects our devstack deployment to be secured like that? | 13:57 |
fungi | yeah, i really don't know what the person in rh product security meant by "I heard back from the engineers that it is in fact present in the upstream repository." | 13:58 |
frickler | the /etc/designate/private directory doesn't exist in designate afaict. neither in kolla fwiw | 14:00 |
johnsom | fungi: it is a tripleo issue, not designate | 14:04 |
fungi | yes, that's what i thought and so when they first reached out to me to ask i said if it's just affecting tripleo then they didn't need to coordinate with us, but that if a suspected vulnerability also affects an upstream project then to please let us know | 14:05 |
fungi | maybe they don't understand the difference? | 14:05 |
fungi | i'm e-mailing back again to triple-check (pun intended) | 14:05 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!