| *** aselius has quit IRC | 00:32 | |
| *** tecnik has quit IRC | 01:03 | |
| *** markvoelker has joined #openstack-security | 01:03 | |
| *** tecnik has joined #openstack-security | 01:11 | |
| *** gyee has quit IRC | 01:14 | |
| *** gyee has joined #openstack-security | 01:14 | |
| *** murphy_zhao has quit IRC | 01:24 | |
| *** liujiong has joined #openstack-security | 01:32 | |
| *** vinaypotluri has quit IRC | 02:20 | |
| *** purp has quit IRC | 02:21 | |
| *** chyka has joined #openstack-security | 02:24 | |
| *** purp has joined #openstack-security | 02:24 | |
| *** austin_laptop has joined #openstack-security | 02:27 | |
| *** austin987 has quit IRC | 02:28 | |
| *** chyka has quit IRC | 02:28 | |
| *** dave-mccowan has quit IRC | 03:06 | |
| *** austin_laptop has quit IRC | 03:31 | |
| *** austin_laptop has joined #openstack-security | 03:32 | |
| *** murphy_zhao has joined #openstack-security | 04:27 | |
| *** liujiong_lj has joined #openstack-security | 04:33 | |
| *** liujiong has quit IRC | 04:35 | |
| *** gyee has quit IRC | 04:50 | |
| *** sudhirag0987 has joined #openstack-security | 05:29 | |
| *** murphy_zhao has quit IRC | 06:10 | |
| *** tesseract has joined #openstack-security | 06:16 | |
| *** rcernin has joined #openstack-security | 06:23 | |
| *** murphy_zhao has joined #openstack-security | 06:26 | |
| *** sxc731 has joined #openstack-security | 06:35 | |
| *** liujiong_lj is now known as liujiong | 06:47 | |
| *** sxc731 has quit IRC | 07:19 | |
| *** sxc731 has joined #openstack-security | 07:20 | |
| *** daidv has joined #openstack-security | 07:57 | |
| *** sudhirag0987 has quit IRC | 08:58 | |
| *** sxc731 has quit IRC | 09:07 | |
| *** markvoelker has quit IRC | 09:17 | |
| tristanC | kencjohnston_: you can get fixed cve from the openstack/ossa repository, though this doesn't include severity | 09:18 |
|---|---|---|
| *** daidv has quit IRC | 10:00 | |
| *** aym3ric has joined #openstack-security | 10:06 | |
| *** markvoelker has joined #openstack-security | 10:18 | |
| *** markvoelker has quit IRC | 10:23 | |
| *** liujiong has quit IRC | 10:27 | |
| *** markvoelker has joined #openstack-security | 10:39 | |
| *** aym3ric has quit IRC | 10:42 | |
| *** markvoelker_ has joined #openstack-security | 10:44 | |
| *** markvoelker has quit IRC | 10:44 | |
| *** markvoelker_ has quit IRC | 10:44 | |
| *** markvoelker has joined #openstack-security | 10:45 | |
| *** chyka has joined #openstack-security | 11:12 | |
| *** chyka has quit IRC | 11:17 | |
| *** liverpooler has joined #openstack-security | 11:45 | |
| *** dikonoor has joined #openstack-security | 11:49 | |
| dikonoor | fungi:Hi | 11:50 |
| dikonoor | I am looking for information on enabling http compression and TLS compression with OpenStack services (running in Apache httpd which supports gzip encoding using the mod_deflate module) | 11:51 |
| dikonoor | Well.. Defense against CRIME and BREACH attacks recommend that compression be disabled but compression does help with performance improvement as the total traffic sent back from the server is considerably less | 11:52 |
| dikonoor | I am trying to understand if openstack security has any recommendations on this. | 11:53 |
| *** sxc731 has joined #openstack-security | 12:02 | |
| *** d0048 has quit IRC | 12:07 | |
| *** markvoelker_ has joined #openstack-security | 12:10 | |
| *** markvoelker has quit IRC | 12:13 | |
| *** dikonoor has quit IRC | 12:15 | |
| *** dikonoor has joined #openstack-security | 12:16 | |
| *** gouthamr has joined #openstack-security | 12:20 | |
| *** purp has quit IRC | 12:21 | |
| *** dave-mccowan has joined #openstack-security | 12:25 | |
| *** purp has joined #openstack-security | 12:26 | |
| *** catintheroof has joined #openstack-security | 12:30 | |
| *** sxc731 has quit IRC | 12:47 | |
| *** sxc731 has joined #openstack-security | 13:10 | |
| *** dikonoo has joined #openstack-security | 13:11 | |
| *** dikonoor has quit IRC | 13:15 | |
| *** d0048 has joined #openstack-security | 13:17 | |
| *** sxc731 has quit IRC | 13:31 | |
| fungi | dikonoo: unless it's mentioned in https://docs.openstack.org/security-guide/ i don't really know. it's not a direct vulnerability in the software we produce so won't have any advisories at https://security.openstack.org/ossalist.html and the only ossn i can find of relevance is https://wiki.openstack.org/wiki/OSSN/OSSN-0037 | 13:34 |
| fungi | which is pretty brief and just about disabling compression | 13:35 |
| fungi | (and horizon-specific) | 13:35 |
| *** markvoelker_ has quit IRC | 13:52 | |
| *** sxc731 has joined #openstack-security | 14:00 | |
| dikonoo | fungi : Thanks for getting back. There are public vulnerabilities available around this.. | 14:13 |
| fungi | dikonoo: i'm sure there are, but the vulnerability is in how the software is deployed, and not inherent to the software itself | 14:22 |
| fungi | perhaps that distinction is subtle to some | 14:22 |
| fungi | so in the case of OSSN-0037 the community has provided some example suggestions for how to configure django and apache or nginx to avoid crime/breach related issues with horizon, but we don't produce or distribute django, apache or nginx and are therefore not as well-placed to provide security recommendations around them as their own communities or collective distributions are | 14:25 |
| *** mdavidson has quit IRC | 14:26 | |
| *** mdavidson has joined #openstack-security | 14:35 | |
| *** craigs__ has joined #openstack-security | 14:53 | |
| *** rcernin has quit IRC | 14:57 | |
| *** dikonoo has quit IRC | 15:02 | |
| *** sxc731 has quit IRC | 15:12 | |
| *** vds has quit IRC | 15:20 | |
| *** dikonoo has joined #openstack-security | 15:29 | |
| *** gyee has joined #openstack-security | 15:30 | |
| *** dikonoo has quit IRC | 15:33 | |
| *** sxc731 has joined #openstack-security | 15:34 | |
| *** chyka has joined #openstack-security | 15:37 | |
| *** chyka_ has joined #openstack-security | 15:41 | |
| *** dikonoo has joined #openstack-security | 15:42 | |
| *** chyka has quit IRC | 15:43 | |
| *** chyka has joined #openstack-security | 15:45 | |
| *** chyka_ has quit IRC | 15:46 | |
| *** aselius has joined #openstack-security | 15:51 | |
| *** dikonoo has quit IRC | 15:59 | |
| *** craigs__ has quit IRC | 16:14 | |
| *** dikonoo has joined #openstack-security | 16:17 | |
| *** aselius has quit IRC | 16:21 | |
| *** aselius has joined #openstack-security | 16:21 | |
| *** markvoelker has joined #openstack-security | 16:25 | |
| *** tesseract has quit IRC | 16:41 | |
| *** markvoelker has quit IRC | 16:59 | |
| *** dikonoor has joined #openstack-security | 17:21 | |
| *** dikonoo has quit IRC | 17:24 | |
| *** sxc731 has quit IRC | 17:47 | |
| *** markvoelker has joined #openstack-security | 17:55 | |
| *** robellison has joined #openstack-security | 17:57 | |
| *** markvoelker has quit IRC | 18:29 | |
| *** sxc731 has joined #openstack-security | 18:46 | |
| *** sxc731 has quit IRC | 18:47 | |
| *** aselius has quit IRC | 19:21 | |
| *** markvoelker has joined #openstack-security | 19:27 | |
| *** markvoelker has quit IRC | 19:59 | |
| *** gouthamr has quit IRC | 20:14 | |
| *** catintheroof has quit IRC | 20:15 | |
| *** gouthamr has joined #openstack-security | 20:33 | |
| *** dikonoor has quit IRC | 20:51 | |
| *** markvoelker has joined #openstack-security | 20:56 | |
| *** gyee has quit IRC | 21:02 | |
| *** dave-mccowan has quit IRC | 21:12 | |
| *** gyee has joined #openstack-security | 21:29 | |
| *** markvoelker has quit IRC | 21:30 | |
| *** markvoelker has joined #openstack-security | 22:10 | |
| *** lbragstad has quit IRC | 22:17 | |
| *** markvoelker has quit IRC | 22:33 | |
| *** chyka has quit IRC | 23:57 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!