| *** y_sawai has joined #openstack-security | 00:00 | |
| *** y_sawai has quit IRC | 00:00 | |
| *** y_sawai has joined #openstack-security | 00:01 | |
| *** y_sawai has quit IRC | 00:01 | |
| *** y_sawai has joined #openstack-security | 00:07 | |
| *** jhfeng has quit IRC | 00:09 | |
| openstackgerrit | Brant Knudson proposed openstack/bandit: Unit tests for bandit.core.config https://review.openstack.org/219444 | 00:10 |
|---|---|---|
| openstackgerrit | Brant Knudson proposed openstack/bandit: Remove unreachable code in config.py https://review.openstack.org/219483 | 00:11 |
| *** salv-orlando has quit IRC | 00:15 | |
| openstackgerrit | Travis McPeak proposed openstack/bandit: Adding test tool for check OpenStack projects' Bandit job https://review.openstack.org/219488 | 00:17 |
| openstackgerrit | Michael McCune proposed openstack/bandit: Adding unit tests for bandit.core.context.Context https://review.openstack.org/219519 | 00:21 |
| openstackgerrit | Michael McCune proposed openstack/bandit: Adding unit tests for bandit.core.context.Context https://review.openstack.org/219519 | 00:23 |
| openstackgerrit | Robert Clark proposed openstack/anchor: Adding some additional high level content. https://review.openstack.org/219512 | 00:28 |
| *** y_sawai has quit IRC | 00:28 | |
| openstackgerrit | Merged openstack/bandit: Remove unreachable code in config.py https://review.openstack.org/219483 | 00:33 |
| openstackgerrit | Robert Clark proposed openstack/anchor: Adding some additional high level content https://review.openstack.org/219512 | 00:44 |
| openstackgerrit | Robert Clark proposed openstack/anchor: Adding some additional high level content https://review.openstack.org/219512 | 00:48 |
| openstackgerrit | Michael Xin proposed openstack/anchor: Remove outdated hashing algorithms https://review.openstack.org/219443 | 00:53 |
| openstackgerrit | Robert Clark proposed openstack/anchor: Adding some additional high level content https://review.openstack.org/219512 | 00:58 |
| *** tmcpeak has quit IRC | 00:59 | |
| openstackgerrit | Eric Brown proposed openstack/bandit: WIP: Add unit tests for the formatters https://review.openstack.org/219472 | 01:00 |
| openstackgerrit | Michael McCune proposed openstack/bandit: Adding unit tests for bandit.core.context.Context https://review.openstack.org/219519 | 01:01 |
| openstackgerrit | Robert Clark proposed openstack/anchor: Adding some additional high level content https://review.openstack.org/219512 | 01:02 |
| *** jian5397 has quit IRC | 01:03 | |
| *** browne has quit IRC | 01:04 | |
| *** bknudson has quit IRC | 01:04 | |
| openstackgerrit | Merged openstack/anchor: Remove outdated hashing algorithms https://review.openstack.org/219443 | 01:12 |
| *** tkelsey has quit IRC | 01:21 | |
| *** hyakuhei has quit IRC | 01:23 | |
| *** jhfeng has joined #openstack-security | 02:07 | |
| *** jhfeng has quit IRC | 02:25 | |
| *** salv-orlando has joined #openstack-security | 02:27 | |
| *** salv-orlando has quit IRC | 02:32 | |
| *** tjt263 has quit IRC | 02:39 | |
| *** dave-mccowan has quit IRC | 03:08 | |
| *** salv-orlando has joined #openstack-security | 03:41 | |
| *** salv-orlando has quit IRC | 03:46 | |
| *** LelouchV has joined #openstack-security | 04:10 | |
| *** elo has joined #openstack-security | 04:16 | |
| *** LelouchV has quit IRC | 04:20 | |
| *** elo has quit IRC | 04:27 | |
| *** hyakuhei has joined #openstack-security | 04:43 | |
| *** elo has joined #openstack-security | 04:43 | |
| *** salv-orlando has joined #openstack-security | 04:56 | |
| *** hyakuhei has quit IRC | 04:56 | |
| *** salv-orlando has quit IRC | 05:01 | |
| *** brucey has joined #openstack-security | 05:06 | |
| *** markvoelker has joined #openstack-security | 05:06 | |
| brucey | msg NickServ REGISTER brucey yangbo1986 1123892559@qq.com | 05:07 |
| *** brucey has quit IRC | 05:10 | |
| *** markvoelker has quit IRC | 05:11 | |
| *** markvoelker has joined #openstack-security | 05:12 | |
| openstackgerrit | Stanislaw Pitucha proposed openstack/anchor: Load extensions for tests https://review.openstack.org/219563 | 05:30 |
| *** LelouchV has joined #openstack-security | 05:50 | |
| *** salv-orlando has joined #openstack-security | 05:52 | |
| openstackgerrit | Stanislaw Pitucha proposed openstack/bandit: Variable file not defined in error path https://review.openstack.org/214429 | 06:20 |
| *** browne has joined #openstack-security | 06:23 | |
| *** markvoelker has quit IRC | 06:23 | |
| *** sdake has joined #openstack-security | 06:24 | |
| *** browne has quit IRC | 06:34 | |
| *** elo has quit IRC | 06:50 | |
| *** shohel has joined #openstack-security | 07:26 | |
| *** alex_klimov has joined #openstack-security | 07:36 | |
| *** LelouchV has quit IRC | 07:38 | |
| *** b10n1k_ has quit IRC | 07:57 | |
| openstackgerrit | Yin Xujun proposed openstack/security-doc: Correct the keyword defences to defenses https://review.openstack.org/219594 | 08:22 |
| *** markvoelker has joined #openstack-security | 08:57 | |
| *** markvoelker has quit IRC | 09:02 | |
| *** salv-orlando has quit IRC | 09:07 | |
| *** shohel has quit IRC | 09:11 | |
| *** shohel has joined #openstack-security | 09:17 | |
| openstackgerrit | Stanislaw Pitucha proposed openstack/bandit: Add Bytes AST support https://review.openstack.org/214414 | 09:49 |
| openstackgerrit | Stanislaw Pitucha proposed openstack/bandit: Replace incorrect safe_str https://review.openstack.org/219626 | 09:49 |
| *** salv-orlando has joined #openstack-security | 09:50 | |
| *** alex_klimov has quit IRC | 09:54 | |
| *** alex_klimov has joined #openstack-security | 09:54 | |
| *** alex_klimov has quit IRC | 09:54 | |
| *** alex_klimov has joined #openstack-security | 09:55 | |
| *** webhat has quit IRC | 10:30 | |
| *** alex_klimov has quit IRC | 10:31 | |
| *** webhat has joined #openstack-security | 10:31 | |
| openstackgerrit | Stanislaw Pitucha proposed openstack/anchor: Abstract / unify CN getter https://review.openstack.org/202107 | 10:37 |
| openstackgerrit | Stanislaw Pitucha proposed openstack/anchor: Add fixups configuration / processing https://review.openstack.org/202134 | 10:37 |
| *** daemontool_ has joined #openstack-security | 10:50 | |
| *** dave-mccowan has joined #openstack-security | 10:51 | |
| *** alex_klimov has joined #openstack-security | 10:56 | |
| *** shohel has quit IRC | 11:00 | |
| openstackgerrit | Stanislaw Pitucha proposed openstack/anchor: Return CA for a given instance https://review.openstack.org/198222 | 11:11 |
| *** tjt263 has joined #openstack-security | 11:28 | |
| *** lexholden has joined #openstack-security | 12:00 | |
| *** sigmavirus24_awa is now known as sigmavirus24 | 12:08 | |
| *** lexholden has quit IRC | 12:18 | |
| *** lexholden has joined #openstack-security | 12:23 | |
| *** lexholden has quit IRC | 12:29 | |
| *** shohel has joined #openstack-security | 12:33 | |
| openstackgerrit | OpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals https://review.openstack.org/219674 | 12:37 |
| *** antoni1 has joined #openstack-security | 12:38 | |
| *** antoni1 has quit IRC | 12:40 | |
| *** sigmavirus24 is now known as sigmavirus24_awa | 12:45 | |
| *** antoni1 has joined #openstack-security | 12:57 | |
| *** antoni1 has quit IRC | 13:05 | |
| *** lexholden has joined #openstack-security | 13:10 | |
| *** lexholden has quit IRC | 13:15 | |
| *** zul has quit IRC | 13:29 | |
| *** zul has joined #openstack-security | 13:32 | |
| *** quie has joined #openstack-security | 13:35 | |
| *** edmondsw has joined #openstack-security | 13:41 | |
| *** markvoelker has joined #openstack-security | 14:01 | |
| *** markvoelker has quit IRC | 14:06 | |
| *** jhfeng has joined #openstack-security | 14:16 | |
| *** sdake has quit IRC | 14:28 | |
| *** sdake has joined #openstack-security | 14:32 | |
| *** voodookid has joined #openstack-security | 14:39 | |
| *** markvoelker has joined #openstack-security | 14:42 | |
| *** lexholden has joined #openstack-security | 14:42 | |
| *** markvoelker has quit IRC | 14:42 | |
| *** markvoelker has joined #openstack-security | 14:43 | |
| *** browne has joined #openstack-security | 14:43 | |
| *** tjt263 has quit IRC | 14:46 | |
| openstackgerrit | Jamie Finnigan proposed openstack/bandit: Additional unit test coverage for core/utils.py https://review.openstack.org/219487 | 14:54 |
| *** ducnc has joined #openstack-security | 14:55 | |
| *** lexholden has quit IRC | 14:58 | |
| *** lexholden has joined #openstack-security | 15:01 | |
| *** dave-mccowan has quit IRC | 15:03 | |
| *** ducnc has quit IRC | 15:06 | |
| *** tjt263 has joined #openstack-security | 15:07 | |
| *** ducnc has joined #openstack-security | 15:08 | |
| *** tjt263 has quit IRC | 15:10 | |
| *** hyakuhei has joined #openstack-security | 15:13 | |
| *** dave-mccowan has joined #openstack-security | 15:16 | |
| *** voodookid has quit IRC | 15:16 | |
| *** tmcpeak has joined #openstack-security | 15:19 | |
| *** tkelsey has joined #openstack-security | 15:20 | |
| *** dwyde has joined #openstack-security | 15:20 | |
| *** ducnc has quit IRC | 15:26 | |
| openstackgerrit | Merged openstack/bandit: Adding a check for key in get_call_arg_at_position https://review.openstack.org/219510 | 15:31 |
| *** elo has joined #openstack-security | 15:33 | |
| openstackgerrit | Merged openstack/bandit: Add Bytes AST support https://review.openstack.org/214414 | 15:41 |
| *** shohel has quit IRC | 15:43 | |
| openstackgerrit | Merged openstack/bandit: Variable file not defined in error path https://review.openstack.org/214429 | 15:47 |
| openstackgerrit | Merged openstack/anchor: Working config.json https://review.openstack.org/219513 | 15:49 |
| openstackgerrit | Merged openstack/bandit: Adding test tool for check OpenStack projects' Bandit job https://review.openstack.org/219488 | 15:49 |
| openstackgerrit | Merged openstack/anchor: Abstract / unify CN getter https://review.openstack.org/202107 | 15:49 |
| openstackgerrit | Merged openstack/anchor: Add OID support to extensions validator https://review.openstack.org/219158 | 15:52 |
| openstackgerrit | Merged openstack/anchor: Load extensions for tests https://review.openstack.org/219563 | 15:54 |
| *** browne has quit IRC | 15:55 | |
| *** jian5397 has joined #openstack-security | 15:57 | |
| *** markvoelker has quit IRC | 16:03 | |
| *** browne has joined #openstack-security | 16:05 | |
| *** bknudson has joined #openstack-security | 16:06 | |
| *** alex_klimov has quit IRC | 16:09 | |
| openstackgerrit | Merged openstack/bandit: Unit tests for bandit.core.config https://review.openstack.org/219444 | 16:18 |
| *** dwyde has quit IRC | 16:37 | |
| openstackgerrit | Robert Clark proposed openstack/anchor: Added an installation step that allows Anchor to install https://review.openstack.org/219785 | 16:45 |
| *** pots has joined #openstack-security | 16:52 | |
| *** pots has left #openstack-security | 16:52 | |
| openstackgerrit | Merged openstack/bandit: Adding check for node key in Context https://review.openstack.org/219445 | 16:53 |
| browne | https://github.com/openstack/nova/blob/master/nova/crypto.py | 16:57 |
| *** salv-orlando has quit IRC | 16:57 | |
| chair6 | https://blog-nkinder.rhcloud.com/?p=51 | 17:00 |
| browne | https://review.openstack.org/#/c/210806/ | 17:03 |
| *** hyakuhei has quit IRC | 17:04 | |
| *** dwyde has joined #openstack-security | 17:18 | |
| elmiko | https://review.openstack.org/#/c/186617/19/specs/mitaka/approved/instance-users.rst,cm | 17:23 |
| *** markvoelker has joined #openstack-security | 17:35 | |
| *** markvoelker has quit IRC | 17:35 | |
| *** jian5397 has quit IRC | 17:36 | |
| *** markvoelker has joined #openstack-security | 17:36 | |
| *** lexholden has quit IRC | 17:45 | |
| *** elo has quit IRC | 17:55 | |
| *** markvoelker has quit IRC | 18:05 | |
| *** sdake_ has joined #openstack-security | 18:14 | |
| *** sdake has quit IRC | 18:17 | |
| openstackgerrit | Eric Brown proposed openstack/bandit: Trivial fix to beautify bandit.yaml https://review.openstack.org/219815 | 18:17 |
| *** sdake has joined #openstack-security | 18:21 | |
| *** sdake_ has quit IRC | 18:25 | |
| *** sdake_ has joined #openstack-security | 18:41 | |
| *** sdake has quit IRC | 18:45 | |
| *** tkelsey has quit IRC | 18:55 | |
| *** hyakuhei has joined #openstack-security | 18:56 | |
| *** hyakuhei has joined #openstack-security | 18:56 | |
| *** jian5397 has joined #openstack-security | 18:57 | |
| *** markvoelker has joined #openstack-security | 19:00 | |
| *** tkelsey has joined #openstack-security | 19:03 | |
| chair6 | @browne - https://review.openstack.org/#/c/184848/ | 19:16 |
| *** daniela2 has joined #openstack-security | 19:19 | |
| openstackgerrit | Merged openstack/anchor: Added an installation step that allows Anchor to install https://review.openstack.org/219785 | 19:19 |
| *** daniela2 has left #openstack-security | 19:20 | |
| *** shohel has joined #openstack-security | 19:36 | |
| hyakuhei | elmiko: https://en.wikipedia.org/wiki/Biba_Model | 19:37 |
| openstackgerrit | Eric Brown proposed openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472 | 19:51 |
| *** b10n1k_ has joined #openstack-security | 19:53 | |
| *** alex_klimov has joined #openstack-security | 19:53 | |
| *** jmckind has joined #openstack-security | 20:04 | |
| openstackgerrit | Eric Brown proposed openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472 | 20:08 |
| jian5397 | elmiko: Thanks for sharing. It is very interesting | 20:08 |
| jian5397 | https://review.openstack.org/#/c/186617/19/specs/mitaka/approved/instance-users.rst | 20:08 |
| openstackgerrit | Merged openstack/bandit: Trivial fix to beautify bandit.yaml https://review.openstack.org/219815 | 20:09 |
| openstackgerrit | Eric Brown proposed openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472 | 20:12 |
| *** sdake_ is now known as sdake | 20:15 | |
| *** markvoelker has quit IRC | 20:21 | |
| openstackgerrit | Merged openstack/security-doc: Updated from openstack-manuals https://review.openstack.org/219674 | 20:32 |
| *** markvoelker has joined #openstack-security | 20:37 | |
| *** markvoelker has quit IRC | 20:48 | |
| *** LelouchV has joined #openstack-security | 20:50 | |
| *** dwyde has quit IRC | 21:00 | |
| gmurphy | https://bugs.launchpad.net/ossn/+bug/1436082 | 21:05 |
| openstack | Launchpad bug 1436082 in glance_store "VMWare and HTTP stores do not verify HTTPS Connections as they use httplib.HTTPSConnection" [High,In progress] - Assigned to Ian Cordasco (icordasc) | 21:05 |
| *** tmcpeak has quit IRC | 21:07 | |
| *** tmcpeak has joined #openstack-security | 21:07 | |
| *** dave-mccowan has quit IRC | 21:14 | |
| *** edmondsw has quit IRC | 21:21 | |
| jian5397 | Run 'for i in {1..100}; do curl -b "sessionid=aaaaa;" http://HORIZON__IP/auth/login/ &> /dev/null; done' from your terminal. | 21:22 |
| jian5397 | I've got 100 rows in django_session after this. | 21:22 |
| *** mariangel has joined #openstack-security | 21:31 | |
| jian5397 | https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ | 21:31 |
| openstackgerrit | Grant Murphy proposed openstack/security-doc: Update OSSN-0033 to include lp 1436082 https://review.openstack.org/219882 | 21:31 |
| openstack | Launchpad bug 1436082 in glance_store "VMWare and HTTP stores do not verify HTTPS Connections as they use httplib.HTTPSConnection" [High,In progress] https://launchpad.net/bugs/1436082 - Assigned to Ian Cordasco (icordasc) | 21:31 |
| mariangel | aqui al guien abla | 21:32 |
| *** mariangel has left #openstack-security | 21:34 | |
| *** shohel has quit IRC | 21:34 | |
| openstackgerrit | Robert Clark proposed openstack/security-doc: Adding an OSSN for bug 1457551 - django session store DoS https://review.openstack.org/219885 | 21:36 |
| openstack | bug 1457551 in OpenStack Security Notes "Another Horizon login page vulnerability to a DoS attack" [Undecided,New] https://launchpad.net/bugs/1457551 - Assigned to Robert Clark (robert-clark) | 21:36 |
| openstackgerrit | Robert Clark proposed openstack/security-doc: Adding an OSSN for bug 1457551 - django session store DoS https://review.openstack.org/219885 | 21:37 |
| openstack | bug 1457551 in OpenStack Security Notes "Another Horizon login page vulnerability to a DoS attack" [Undecided,New] https://launchpad.net/bugs/1457551 - Assigned to Robert Clark (robert-clark) | 21:37 |
| openstackgerrit | Grant Murphy proposed openstack/security-doc: Update OSSN-0033 to include lp 1436082 https://review.openstack.org/219882 | 21:42 |
| openstack | Launchpad bug 1436082 in glance_store "VMWare and HTTP stores do not verify HTTPS Connections as they use httplib.HTTPSConnection" [High,In progress] https://launchpad.net/bugs/1436082 - Assigned to Ian Cordasco (icordasc) | 21:42 |
| openstackgerrit | Robert Clark proposed openstack/security-doc: Adding an OSSN for bug 1457551 - django session store DoS https://review.openstack.org/219885 | 21:44 |
| openstack | bug 1457551 in OpenStack Security Notes "Another Horizon login page vulnerability to a DoS attack" [Undecided,New] https://launchpad.net/bugs/1457551 - Assigned to Robert Clark (robert-clark) | 21:44 |
| *** dave-mccowan has joined #openstack-security | 21:45 | |
| *** jmckind has quit IRC | 21:54 | |
| openstackgerrit | Robert Clark proposed openstack/security-doc: Adding an OSSN for bug 1457551 - django session store DoS https://review.openstack.org/219885 | 21:58 |
| openstack | bug 1457551 in OpenStack Security Notes "Another Horizon login page vulnerability to a DoS attack" [Medium,Fix committed] https://launchpad.net/bugs/1457551 - Assigned to Robert Clark (robert-clark) | 21:58 |
| openstackgerrit | Travis McPeak proposed openstack/security-doc: Adding OSSN-0055 - service accounts may have admin privs https://review.openstack.org/219893 | 22:01 |
| tmcpeak | hyakuhei, nkinder: ^ | 22:02 |
| nkinder | tmcpeak: cool. I just reviewed the one hyakuhei wrote about Django sessions | 22:03 |
| elmiko | hyakuhei: Change-Id: Idae5af9b061d48e421b30bd72f100fddeb9fadf8 | 22:03 |
| tmcpeak | nkinder: awesome | 22:04 |
| gmurphy | browne: https://etherpad.hpcloud.net/p/K5c8hbSpQC | 22:04 |
| hyakuhei | nkinder: I can’t see your comments ? | 22:05 |
| gmurphy | lol | 22:07 |
| gmurphy | https://etherpad.openstack.org/p/ossn-0057 | 22:07 |
| gmurphy | try that. | 22:07 |
| nkinder | tmcpeak: just added some comments to your OSSN too | 22:15 |
| nkinder | hyakuhei: my comments were on revision 3 | 22:15 |
| nkinder | hyakuhei: ...so you'll have to look there | 22:16 |
| hyakuhei | nope: nkinder https://www.dropbox.com/s/f1g9q6jkco9g4xp/Screenshot%202015-09-02%2015.16.31.png?dl=0 no comments published there… | 22:16 |
| tmcpeak | nkinder: thank you | 22:16 |
| tmcpeak | checking now | 22:16 |
| nkinder | hyakuhei: ah, it left them as drafts since you published revision 4 at the same time | 22:17 |
| nkinder | just submitted them | 22:17 |
| hyakuhei | danke | 22:18 |
| openstackgerrit | Michael McCune proposed openstack/security-doc: Add OSSN-0053 https://review.openstack.org/219898 | 22:18 |
| nkinder | hyakuhei: looks like you already resolved one of them, but the other 2 still apply to revision 4 | 22:18 |
| hyakuhei | cheers | 22:19 |
| hyakuhei | nkinder: our tox checks are horribly broken. | 22:21 |
| nkinder | hyakuhei: how so? | 22:23 |
| *** sigmavirus24_awa is now known as sigmavirus24 | 22:23 | |
| hyakuhei | if you clone security-docs and run tox it explodes, missing targets, not installing stuff it needs, general brokenness. | 22:23 |
| hyakuhei | Looks like a change someone made over all of the security manuals | 22:24 |
| *** alex_klimov has quit IRC | 22:25 | |
| openstackgerrit | Robert Clark proposed openstack/security-doc: Adding an OSSN for bug 1457551 - django session store DoS https://review.openstack.org/219885 | 22:29 |
| openstack | bug 1457551 in OpenStack Security Notes "Another Horizon login page vulnerability to a DoS attack" [Medium,Fix committed] https://launchpad.net/bugs/1457551 - Assigned to Robert Clark (robert-clark) | 22:29 |
| hyakuhei | nkinder: there’s a new version there for your reading pleasure. | 22:31 |
| openstackgerrit | Travis McPeak proposed openstack/security-doc: Adding OSSN-0055 - service accounts may have admin privs https://review.openstack.org/219893 | 22:33 |
| tmcpeak | bknudson: https://bugs.launchpad.net/ossn/+bug/1361360 | 22:34 |
| openstack | Launchpad bug 1361360 in Sahara "Eventlet green threads not released back to the pool leading to choking of new requests" [Medium,Confirmed] - Assigned to Xurong Yang (idopra) | 22:34 |
| openstackgerrit | bruce-benjamin proposed openstack/security-doc: [security-guide] Ephemeral encryption setup The Data Encryption section in the OpenStack security guide needs some info added to describe how to enable ephemeral disk encryption. Change-Id: I58766ee7481ee9cbba3cd2a960adcaf4809d8ee0 Closes-Bug: #1467551 https://review.openstack.org/218956 | 22:34 |
| openstack | bug 1467551 in openstack-manuals "Add info regarding recommended settings for ephemeral disk encryption in the Data Encryption section" [Wishlist,In progress] https://launchpad.net/bugs/1467551 - Assigned to Bruce Benjamin (bruce-benjamin) | 22:34 |
| *** kleiber has joined #openstack-security | 22:37 | |
| *** kleiber has quit IRC | 22:38 | |
| *** jhfeng has quit IRC | 22:40 | |
| *** sicarie has joined #openstack-security | 22:41 | |
| openstackgerrit | Eric Brown proposed openstack/security-doc: OSSN-0057 - DoS style attack on Glance service https://review.openstack.org/219901 | 22:42 |
| openstackgerrit | Eric Brown proposed openstack/security-doc: OSSN-0057 - DoS style attack on Glance service https://review.openstack.org/219901 | 22:43 |
| tmcpeak | nkinder: one more on this please? https://review.openstack.org/219893 | 22:44 |
| *** quie has quit IRC | 22:47 | |
| openstackgerrit | Nathaniel Dillon proposed openstack/security-doc: Adding OSSN-0052 https://review.openstack.org/219903 | 22:48 |
| openstackgerrit | Travis McPeak proposed openstack/security-doc: Adding OSSN-0055 - service accounts may have admin privs https://review.openstack.org/219893 | 22:50 |
| tmcpeak | hyakuhei: please reaffirm your +2 on this: https://review.openstack.org/219893 | 22:50 |
| hyakuhei | NEVER! I only +2 once. | 22:51 |
| openstackgerrit | Eric Brown proposed openstack/security-doc: OSSN-0057 - DoS style attack on Glance service https://review.openstack.org/219901 | 22:51 |
| tmcpeak | hyakuhei: could you please check this too while you're at it? https://goo.gl/a7EmH7 | 22:53 |
| openstackgerrit | Stanislaw Pitucha proposed openstack/bandit: Replace incorrect safe_str https://review.openstack.org/219626 | 22:53 |
| openstackgerrit | Michael McCune proposed openstack/security-doc: Add OSSN-0053 https://review.openstack.org/219898 | 22:54 |
| openstackgerrit | Robert Clark proposed openstack/security-doc: Adding an OSSN for bug 1457551 - django session store DoS https://review.openstack.org/219885 | 22:57 |
| openstack | bug 1457551 in OpenStack Security Notes "Another Horizon login page vulnerability to a DoS attack" [Medium,Fix committed] https://launchpad.net/bugs/1457551 - Assigned to Robert Clark (robert-clark) | 22:57 |
| openstackgerrit | Stanislaw Pitucha proposed openstack/anchor: Return CA for a given instance https://review.openstack.org/198222 | 23:00 |
| openstackgerrit | Brant Knudson proposed openstack/bandit: Fix typos in bandit.yaml https://review.openstack.org/219908 | 23:07 |
| openstackgerrit | Merged openstack/bandit: Replace incorrect safe_str https://review.openstack.org/219626 | 23:10 |
| openstackgerrit | Michael McCune proposed openstack/security-doc: Add OSSN-0053 https://review.openstack.org/219898 | 23:11 |
| openstackgerrit | Merged openstack/bandit: Adding a check for call in call_args_count https://review.openstack.org/219395 | 23:13 |
| openstackgerrit | Merged openstack/bandit: Adding the key lookup to Context.call_args_string https://review.openstack.org/219410 | 23:13 |
| openstackgerrit | Eric Brown proposed openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472 | 23:13 |
| *** elo has joined #openstack-security | 23:14 | |
| *** sdake has quit IRC | 23:15 | |
| openstackgerrit | Merged openstack/security-doc: Adding OSSN-0055 - service accounts may have admin privs https://review.openstack.org/219893 | 23:16 |
| tkelsey | chair6: you got a moment ? | 23:18 |
| *** b10n1k_ has quit IRC | 23:19 | |
| *** b10n1k_ has joined #openstack-security | 23:19 | |
| *** bknudson has left #openstack-security | 23:20 | |
| *** bknudson has joined #openstack-security | 23:20 | |
| openstackgerrit | Jamie Finnigan proposed openstack/bandit: Additional unit test coverage for core/utils.py https://review.openstack.org/219487 | 23:21 |
| *** sdake has joined #openstack-security | 23:27 | |
| openstackgerrit | Nathaniel Dillon proposed openstack/security-doc: Adding OSSN-0052 https://review.openstack.org/219903 | 23:28 |
| chair6 | tkelsey: https://review.openstack.org/#/c/205501/8 | 23:29 |
| openstackgerrit | Tim Kelsey proposed openstack/bandit: Adding documentation for configuration https://review.openstack.org/205501 | 23:32 |
| openstackgerrit | Robert Clark proposed openstack/anchor: Adding some additional high level content https://review.openstack.org/219512 | 23:32 |
| chair6 | browne, tmcpeak: https://review.openstack.org/#/c/205501/ is ready for a +2/+A to unlock all the other dependent bandit docs commits/merges.. | 23:34 |
| tmcpeak | chair6: cool, will look now | 23:34 |
| browne | +2 | 23:35 |
| *** elo has quit IRC | 23:37 | |
| openstackgerrit | Nathaniel Dillon proposed openstack/security-doc: Adding OSSN-0052 https://review.openstack.org/219903 | 23:42 |
| browne | https://review.openstack.org/#/c/219472/ | 23:43 |
| openstackgerrit | Eric Brown proposed openstack/bandit: Add a new check for weak RSA and DSA key sizes https://review.openstack.org/210806 | 23:46 |
| *** markvoelker has joined #openstack-security | 23:46 | |
| openstackgerrit | Brant Knudson proposed openstack/bandit: Raise exceptions from BanditConfig rather than exit https://review.openstack.org/219917 | 23:49 |
| *** sicarie has quit IRC | 23:49 | |
| openstackgerrit | Merged openstack/bandit: Adding documentation for configuration https://review.openstack.org/205501 | 23:51 |
| openstackgerrit | Merged openstack/bandit: Fix typos in bandit.yaml https://review.openstack.org/219908 | 23:52 |
| openstackgerrit | Eric Brown proposed openstack/bandit: Add a new check for weak RSA and DSA key sizes https://review.openstack.org/210806 | 23:54 |
| openstackgerrit | Robert Clark proposed openstack/anchor: Changed readme so that example retrieves certificate. https://review.openstack.org/219919 | 23:56 |
| *** markvoelker has quit IRC | 23:58 | |
| openstackgerrit | Jamie Finnigan proposed openstack/bandit: Adding documentation for test plugins https://review.openstack.org/205505 | 23:58 |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!
