Bug 1409689

Summary: CVE-2016-9599 puppet-tripleo:if ssl is enabled, traffic is open on both undercloud and overcloud [openstack-rdo]
Product: [Community] RDO Reporter: Summer Long <slong>
Component: distributionAssignee: Alan Pevec <apevec>
Status: CLOSED ERRATA QA Contact: Shai Revivo <srevivo>
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: aortega, apevec, ayoung, chris.brown, chrisw, cvsbot-xmlrpc, jschluet, kbasil, lhh, lpeer, markmc, rbryant, sclewis, srevivo, tdecacqu
Target Milestone: ---Keywords: Security, SecurityTracking
Target Release: trunk   
Hardware: All   
OS: Linux   
Whiteboard: component:puppet-tripleo
Fixed In Version: puppet-tripleo-5.5.0-1.el7 Doc Type: Release Note
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-06-22 15:52:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1409687    

Description Summer Long 2017-01-03 02:12:48 UTC 
This as an RDO Project security tracking bug against puppet-tripleo. It was created
to ensure that one or more security vulnerabilities are fixed.

For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.

[bug automatically created by: add-tracking-bugs]