The proxy server will log valid temporary urls, that might be used to gain access to data by anyone with access to the logfiles. This is especially important with tempurls that are valid for extended
periods and/or when using central logging servers, accessed by operators that have no access to the Swift servers.
Openstack Swift is no longer supported with the recent release of Red Hat Gluster Storage 3.5, hence openstack-swift will not be updated for this flaw.
This vulnerability is out of security support scope for the following products:
* Red Hat JBoss Fuse 6
Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.
Created openstack-swift tracking bugs for this issue:
Affects: openstack-rdo [bug 1860528]