Bug 2302697
| Summary: | [GSS] noobaa-operator logs expose aws secret | ||
|---|---|---|---|
| Product: | [Red Hat Storage] Red Hat OpenShift Data Foundation | Reporter: | Liran Mauda <lmauda> |
| Component: | Multi-Cloud Object Gateway | Assignee: | Liran Mauda <lmauda> |
| Status: | CLOSED ERRATA | QA Contact: | Mahesh Shetty <mashetty> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.12 | CC: | asriram, kbg, lmauda, mashetty, nbecker, odf-bz-bot, sarora |
| Target Milestone: | --- | ||
| Target Release: | ODF 4.15.7 | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | 4.15.7-1 | Doc Type: | If docs needed, set a value |
| Doc Text: |
Previously, the noobaa-operator logs exposed the AWS secret as plain text, which caused a potential risk that anyone with logs could access the buckets.
With this fix, noobaa-operator logs no longer expose AWS secrets.
|
Story Points: | --- |
| Clone Of: | 2277186 | Environment: | |
| Last Closed: | 2024-10-01 07:19:38 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2277186 | ||
| Bug Blocks: | |||
|
Description
Liran Mauda
2024-08-04 06:19:32 UTC
Please backport the fix to ODF-4.15 and update the RDT flag/text appropriately. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Red Hat OpenShift Data Foundation 4.15.7 security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2024:7440 |