Back to bug 1676473
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Carlos Goncalves | 2019-02-13 15:03:45 UTC | Priority | unspecified | low |
| CC | astafeye, cgoncalves | |||
| Flags | needinfo?(astafeye) | |||
| Severity | unspecified | medium | ||
| PnT Account Manager | 2019-02-14 15:06:57 UTC | CC | nyechiel | |
| Alexander Stafeyev | 2019-03-04 10:28:05 UTC | Flags | needinfo?(astafeye) | |
| Alexander Stafeyev | 2019-03-04 10:29:42 UTC | Link ID | Storyboard 2005128 | |
| Alexander Stafeyev | 2019-03-04 10:34:23 UTC | Link ID | Storyboard 2005128 | OpenStack Storyboard 2005128 |
| Carlos Goncalves | 2019-03-06 15:06:45 UTC | Status | NEW | ON_DEV |
| Target Release | --- | 14.0 (Rocky) | ||
| Keywords | Triaged | |||
| Link ID | OpenStack gerrit 627064 OpenStack gerrit 641268 | |||
| Assignee | amuller | nmagnezi | ||
| Target Milestone | --- | z2 | ||
| RHEL Program Management | 2019-03-06 15:06:47 UTC | Keywords | ZStream | |
| Target Release | 14.0 (Rocky) --- | --- 14.0 (Rocky) | ||
| Nir Magnezi | 2019-03-07 15:51:05 UTC | Blocks | 1686517 | |
| Nir Magnezi | 2019-03-07 15:57:48 UTC | Doc Text | As a followup to the fix that resolved CVE-2018-16856, Octavia will now encrypt certificates and keys used for secure communication with amphorae, in its internal workflows. Octavia used to exclude debug-level log prints for specific tasks and flows that were explicitly specified by name, a method that is susceptive to code changes. Added a new option named server_certs_key_passphrase under the certificates section. The default value gets copied from an environment variable named TLS_PASS_AMPS_DEFAULT. In a case where TLS_PASS_AMPS_DEFAULT is not set, and the operator did not fill any other value directly, 'insecure-key-do-not-use-this-key' will be used. | |
| Doc Type | If docs needed, set a value | Bug Fix | ||
| Carlos Goncalves | 2019-04-10 16:35:44 UTC | Blocks | 1698576 | |
| Nir Magnezi | 2019-05-08 11:03:29 UTC | Status | ON_DEV | MODIFIED |
| Fixed In Version | openstack-octavia-3.0.2-0.20181219195056.ec4c88e.el7ost | |||
| Nir Magnezi | 2019-05-08 11:04:11 UTC | Target Milestone | z2 | z3 |
| errata-xmlrpc | 2019-05-29 21:36:26 UTC | Status | MODIFIED | ON_QA |
| Jon Schlueter | 2019-05-30 11:31:44 UTC | Status | ON_QA | MODIFIED |
| errata-xmlrpc | 2019-05-30 18:46:08 UTC | Status | MODIFIED | ON_QA |
| Steve Linabery | 2019-05-31 20:00:36 UTC | Status | ON_QA | MODIFIED |
| Steve Linabery | 2019-06-01 20:00:24 UTC | Status | MODIFIED | ON_QA |
| Roger Heslop | 2019-06-17 15:00:15 UTC | CC | rheslop | |
| Doc Text | As a followup to the fix that resolved CVE-2018-16856, Octavia will now encrypt certificates and keys used for secure communication with amphorae, in its internal workflows. Octavia used to exclude debug-level log prints for specific tasks and flows that were explicitly specified by name, a method that is susceptive to code changes. Added a new option named server_certs_key_passphrase under the certificates section. The default value gets copied from an environment variable named TLS_PASS_AMPS_DEFAULT. In a case where TLS_PASS_AMPS_DEFAULT is not set, and the operator did not fill any other value directly, 'insecure-key-do-not-use-this-key' will be used. | Octavia will now encrypt certificates and keys used for secure communication with amphorae in its internal workflows. Additionally, a new option, `server_certs_key_passphrase` is available under the certificates section with a default value, `insecure-key-do-not-use-this-key`. | ||
| errata-xmlrpc | 2019-07-02 15:48:06 UTC | Status | ON_QA | RELEASE_PENDING |
| errata-xmlrpc | 2019-07-02 19:47:40 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-07-02 19:47:40 UTC | |||
| errata-xmlrpc | 2019-07-02 19:47:55 UTC | Link ID | Red Hat Product Errata RHBA-2019:1680 | |
| Nir Magnezi | 2019-09-10 14:11:51 UTC | CC | nmagnezi |
Back to bug 1676473