Skip to content

CLOUDSTACK-10423:Potential sensitive information disclosure #4536

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Dec 14, 2020
Merged

CLOUDSTACK-10423:Potential sensitive information disclosure #4536

merged 2 commits into from
Dec 14, 2020

Conversation

@lujiefsi
Copy link
Contributor

@lujiefsi lujiefsi commented Dec 13, 2020
edited
Loading

Description

This PR fixing a potential sensitive information disclosure case, seeCLOUDSTACK-10423

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • Major
  • Minor

Bug Severity

  • BLOCKER
  • Critical
  • Major
  • Minor
  • Trivial

Screenshots (if appropriate):

How Has This Been Tested?

@rohityadavcloud
Copy link
Member

rohityadavcloud commented Dec 13, 2020

@blueorangutan package

@blueorangutan
Copy link

blueorangutan commented Dec 13, 2020

@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.

@blueorangutan
Copy link

blueorangutan commented Dec 13, 2020

Packaging result: ✔centos7 ✔centos8 ✔debian. JID-2485

@rohityadavcloud
Copy link
Member

rohityadavcloud commented Dec 13, 2020

@blueorangutan test

@blueorangutan
Copy link

blueorangutan commented Dec 13, 2020

@rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

@blueorangutan
Copy link

blueorangutan commented Dec 13, 2020

Trillian test result (tid-3342)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 32382 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr4536-t3342-kvm-centos7.zip
Intermittent failure detected: /marvin/tests/smoke/test_privategw_acl.py
Intermittent failure detected: /marvin/tests/smoke/test_hostha_kvm.py
Smoke tests completed. 86 look OK, 0 have error(s)
Only failed tests results shown below:

Test Result Time (s) Test File

@rohityadavcloud rohityadavcloud added this to the 4.15.0.0 milestone Dec 14, 2020
@rohityadavcloud rohityadavcloud merged commit 2aa7fac into apache:master Dec 14, 2020
@lujiefsi lujiefsi deleted the CLOUDSTACK-10423 branch December 15, 2020 09:02
qrry added a commit to qrry/cloudstack that referenced this pull request Dec 23, 2020
@qrry
Merge branch 'master' into dev
7b74988 
* master:
  server: add conditions for custom offerings (apache#4540)
  vr: Ensuring dnsmasq.leases file is populated (apache#4529)
  template: Ensuring template is cross zone if type changed to system (apache#4522)
  storage: Fix hypervisor type cast to string (apache#4516)
  db upgrade: fix sql exception: Access denied; you need (at least one of) the SUPER privilege(s) for this operation (apache#4533)
  CLOUDSTACK-10423:Potential sensitive information disclosure (apache#4536)
  jobs: The patch remove the password from resultObject and make it be humanreadable (apache#4538)
  listphysicalnetworks: Honouring keyword parameter (apache#4511)
  Fix NPE when Volume exists on secondary store but doesn't have a download URL (apache#4530)
  apidoc issue (apache#4532)
  db: Fix description of volume.stats.interval which is in milliseconds not seconds (apache#4526)
  kvm: set cpu topology only if cpucore per socket is positive value (apache#4527)
  xenserver: check and eject patch vbd for systemvms (apache#4525)
  Fix warning when setup cloudstack-common (apache#4523)
  kvm: FIX cpucorespersocket is not working on KVM (apache#4497)
  change debug to warn for unknown exceptions (apache#4521)
  Fix failure in validating IP address in case of multiple Management Servers (apache#4507)
  Update log output for FirstFitPlanner (apache#4515)
  ui: deprecate old UI and move to legacy to be served at /client/legacy (apache#4518)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DaanHoogland DaanHoogland DaanHoogland approved these changes

@weizhouapache weizhouapache weizhouapache approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

4.15.0.0

Development

Successfully merging this pull request may close these issues.

5 participants

@lujiefsi @rohityadavcloud @blueorangutan @DaanHoogland @weizhouapache