[Openstack-devel] Bug#700240: keystone: CVE-2013-0270: Large HTTP request DoS
Thomas Goirand
thomas at goirand.fr
Thu Feb 14 04:55:02 UTC 2013
On 02/14/2013 05:36 AM, Salvatore Bonaccorso wrote:
> Hi Thomas
>
> Cc'in the Security Team as they might give better input on this.
>
> I have done this as best to my knowledge. I was reporting
> found/assigned CVE's, but mistakes can happen. E.g. in keystone
> changelog it's refering to CVE-2013-0247.
>
> There are two CVE's so far.
Yes, and I feel sorry for what I wrote. What confused me a lot is that
both patches are addressing the same problem, so I don't really
understand. I've asked upstream, I will know soon.
Thomas
More information about the Openstack-devel
mailing list