| 2015-10-26 08:32:57 |
Adam Heczko |
bug |
|
|
added bug |
| 2015-10-26 08:33:21 |
Adam Heczko |
bug |
|
|
added subscriber Matthew Mosesohn |
| 2015-10-26 08:33:33 |
Adam Heczko |
bug |
|
|
added subscriber Alex Schultz |
| 2015-10-26 08:33:59 |
Adam Heczko |
bug |
|
|
added subscriber Dmitriy Kruglov |
| 2015-10-26 08:34:14 |
Adam Heczko |
bug |
|
|
added subscriber Sheena Gregson |
| 2015-10-26 08:34:37 |
Adam Heczko |
bug |
|
|
added subscriber Anton Matveev |
| 2015-10-26 08:34:48 |
Adam Heczko |
bug |
|
|
added subscriber Piotr Siwczak |
| 2015-10-26 08:38:02 |
Adam Heczko |
bug |
|
|
added subscriber Stephan Fabel |
| 2015-10-26 08:41:49 |
Adam Heczko |
bug |
|
|
added subscriber Vitaly Sedelnik |
| 2015-10-26 09:09:27 |
Adam Heczko |
description |
Affected versions: MOS 7.0
It was observed that OpenStack APIs and Horizon are prone to DOS attack. Flooding http endpoints with large amount of malicious requests could lead to services malfunction.
Proposed solution:
Apply haproxy http request limiting. Consult scale team to develop appropriate limit values for various APIs, e.g. Glance image operations probably needs much lower values of http requests than Horizon.
Example haproxy configuration: https://github.com/dschneller/haproxy-http-based-rate-limiting/blob/master/haproxy.cfg |
Affected versions: MOS 7.0
It was observed that OpenStack APIs and Horizon are prone to DOS attack. Flooding http endpoints with large amount of malicious requests could lead to services malfunction.
Proposed solution:
Apply haproxy http rate request limiting. Consult scale team to develop appropriate limit values for various APIs, e.g. Glance image operations probably needs much lower values of http requests than Horizon.
Example haproxy configuration: https://github.com/dschneller/haproxy-http-based-rate-limiting/blob/master/haproxy.cfg |
|
| 2015-10-26 10:04:19 |
Matthew Mosesohn |
bug |
|
|
added subscriber Maksim Malchuk |
| 2015-10-26 10:04:51 |
Matthew Mosesohn |
fuel: milestone |
|
8.0 |
|
| 2015-10-26 10:04:59 |
Matthew Mosesohn |
fuel: assignee |
|
Fuel Library Team (fuel-library) |
|
| 2015-10-26 10:05:21 |
Matthew Mosesohn |
fuel: importance |
Undecided |
Medium |
|
| 2015-10-27 11:41:56 |
Dmitry Pyzhov |
tags |
|
area-library |
|
| 2015-11-16 11:30:20 |
Matthew Mosesohn |
bug |
|
|
added subscriber Kyrylo Galanov |
| 2015-11-16 11:30:26 |
Matthew Mosesohn |
bug |
|
|
added subscriber Andrey Bubyr |
| 2015-11-17 10:18:14 |
Matthew Mosesohn |
tags |
area-library |
area-library feature-security |
|
| 2015-11-17 16:01:52 |
Andrey Bubyr |
description |
Affected versions: MOS 7.0
It was observed that OpenStack APIs and Horizon are prone to DOS attack. Flooding http endpoints with large amount of malicious requests could lead to services malfunction.
Proposed solution:
Apply haproxy http rate request limiting. Consult scale team to develop appropriate limit values for various APIs, e.g. Glance image operations probably needs much lower values of http requests than Horizon.
Example haproxy configuration: https://github.com/dschneller/haproxy-http-based-rate-limiting/blob/master/haproxy.cfg |
Affected versions: MOS 7.0
It was observed that OpenStack APIs and Horizon are prone to DOS attack. Flooding http endpoints with large amount of malicious requests could lead to services malfunction.
Proposed solution:
Apply haproxy http rate request limiting. Consult scale team to develop appropriate limit values for various APIs, e.g. Glance image operations probably needs much lower values of http requests than Horizon.
Example haproxy configuration: https://github.com/dschneller/haproxy-http-based-rate-limiting/blob/master/haproxy.cfg
Explanation of that configuration:
https://blog.codecentric.de/en/2014/12/haproxy-http-header-rate-limiting/ |
|
| 2015-11-24 12:49:36 |
Matthew Mosesohn |
fuel: status |
New |
Confirmed |
|
| 2015-11-24 12:53:58 |
Matthew Mosesohn |
bug |
|
|
added subscriber Michael Semenov |
| 2015-11-24 13:01:35 |
Matthew Mosesohn |
fuel: assignee |
Fuel Library Team (fuel-library) |
Georgy Okrokvertskhov (gokrokvertskhov) |
|
| 2015-11-24 14:48:42 |
Adam Heczko |
information type |
Private Security |
Public Security |
|
| 2015-12-14 13:50:55 |
Stanislaw Bogatkin |
tags |
area-library feature-security |
area-library feature-security team-bugfix |
|
| 2015-12-29 10:27:12 |
Dmitry Pyzhov |
fuel: milestone |
8.0 |
9.0 |
|
| 2016-03-10 20:39:05 |
Mike Scherbakov |
fuel: assignee |
Georgy Okrokvertskhov (gokrokvertskhov) |
MOS Puppet Team (mos-puppet) |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
nominated for series |
|
fuel/6.1.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
bug task added |
|
fuel/6.1.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
nominated for series |
|
fuel/6.0.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
bug task added |
|
fuel/6.0.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
nominated for series |
|
fuel/7.0.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
bug task added |
|
fuel/7.0.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
nominated for series |
|
fuel/5.1.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
bug task added |
|
fuel/5.1.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
nominated for series |
|
fuel/newton |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
nominated for series |
|
fuel/8.0.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
bug task added |
|
fuel/8.0.x |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
nominated for series |
|
fuel/mitaka |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
bug task added |
|
fuel/mitaka |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
nominated for series |
|
fuel/future |
|
| 2016-03-10 21:39:21 |
Boris Bobrov |
bug task added |
|
fuel/future |
|
| 2016-03-10 21:39:55 |
Boris Bobrov |
fuel/5.1.x: milestone |
|
5.1.1-updates |
|
| 2016-03-10 21:40:00 |
Boris Bobrov |
fuel/6.0.x: milestone |
|
6.0-updates |
|
| 2016-03-10 21:40:02 |
Boris Bobrov |
fuel/6.1.x: milestone |
|
6.1-updates |
|
| 2016-03-10 21:40:13 |
Boris Bobrov |
fuel/7.0.x: milestone |
|
8.0-updates |
|
| 2016-03-10 21:40:25 |
Boris Bobrov |
fuel/7.0.x: milestone |
8.0-updates |
7.0-updates |
|
| 2016-03-10 21:40:31 |
Boris Bobrov |
fuel/8.0.x: milestone |
|
8.0-updates |
|
| 2016-03-10 21:40:49 |
Boris Bobrov |
fuel/5.1.x: importance |
Undecided |
Medium |
|
| 2016-03-10 21:41:00 |
Boris Bobrov |
fuel/6.0.x: importance |
Undecided |
Critical |
|
| 2016-03-10 21:41:02 |
Boris Bobrov |
fuel/6.1.x: importance |
Undecided |
Critical |
|
| 2016-03-10 21:41:04 |
Boris Bobrov |
fuel/7.0.x: importance |
Undecided |
Critical |
|
| 2016-03-10 21:41:06 |
Boris Bobrov |
fuel/8.0.x: importance |
Undecided |
Critical |
|
| 2016-03-10 21:41:12 |
Boris Bobrov |
fuel/future: importance |
Undecided |
High |
|
| 2016-03-11 10:00:53 |
Vitaly Sedelnik |
bug task added |
|
fuel/newton |
|
| 2016-03-11 10:06:35 |
Vitaly Sedelnik |
fuel/5.1.x: assignee |
|
MOS Maintenance (mos-maintenance) |
|
| 2016-03-11 10:08:26 |
Vitaly Sedelnik |
fuel/6.0.x: assignee |
|
MOS Maintenance (mos-maintenance) |
|
| 2016-03-11 10:08:34 |
Vitaly Sedelnik |
fuel/6.1.x: assignee |
|
MOS Maintenance (mos-maintenance) |
|
| 2016-03-11 10:08:42 |
Vitaly Sedelnik |
fuel/7.0.x: assignee |
|
MOS Maintenance (mos-maintenance) |
|
| 2016-03-11 10:08:50 |
Vitaly Sedelnik |
fuel/8.0.x: assignee |
|
MOS Maintenance (mos-maintenance) |
|
| 2016-03-11 10:13:54 |
Matthew Mosesohn |
bug task deleted |
fuel/future |
|
|
| 2016-03-11 10:17:31 |
Oleksiy Molchanov |
fuel/newton: milestone |
|
10.0 |
|
| 2016-03-11 10:17:44 |
Oleksiy Molchanov |
fuel/newton: assignee |
|
MOS Puppet Team (mos-puppet) |
|
| 2016-03-11 12:32:52 |
Denis Klepikov |
tags |
area-library feature-security team-bugfix |
area-library customer-found feature-security team-bugfix |
|
| 2016-03-11 12:53:03 |
Vitaly Sedelnik |
fuel/5.1.x: status |
New |
Confirmed |
|
| 2016-03-11 12:53:06 |
Vitaly Sedelnik |
fuel/6.0.x: status |
New |
Confirmed |
|
| 2016-03-11 12:53:09 |
Vitaly Sedelnik |
fuel/6.1.x: status |
New |
Confirmed |
|
| 2016-03-11 12:53:13 |
Vitaly Sedelnik |
fuel/8.0.x: status |
New |
Confirmed |
|
| 2016-03-11 12:53:15 |
Vitaly Sedelnik |
fuel/7.0.x: status |
New |
Confirmed |
|
| 2016-03-11 13:06:39 |
Dina Belova |
bug task deleted |
fuel/mitaka |
|
|
| 2016-03-11 13:06:44 |
Dina Belova |
bug task deleted |
fuel/newton |
|
|
| 2016-03-11 13:07:14 |
Dina Belova |
nominated for series |
|
fuel/mitaka |
|
| 2016-03-11 13:07:14 |
Dina Belova |
bug task added |
|
fuel/mitaka |
|
| 2016-03-11 13:07:14 |
Dina Belova |
nominated for series |
|
fuel/newton |
|
| 2016-03-11 13:14:16 |
Vitaly Sedelnik |
fuel/6.0.x: importance |
Critical |
Medium |
|
| 2016-03-11 13:14:21 |
Vitaly Sedelnik |
fuel/7.0.x: importance |
Critical |
Medium |
|
| 2016-03-11 13:14:24 |
Vitaly Sedelnik |
fuel/6.1.x: importance |
Critical |
Medium |
|
| 2016-03-11 13:14:27 |
Vitaly Sedelnik |
fuel/8.0.x: importance |
Critical |
Medium |
|
| 2016-03-11 13:16:54 |
Vitaly Sedelnik |
bug task added |
|
fuel/newton |
|
| 2016-03-11 15:00:12 |
Oleksiy Molchanov |
fuel/newton: milestone |
|
10.0 |
|
| 2016-03-11 15:00:25 |
Oleksiy Molchanov |
fuel/newton: assignee |
|
MOS Puppet Team (mos-puppet) |
|
| 2016-03-14 10:27:17 |
Ivan Berezovskiy |
fuel/mitaka: assignee |
MOS Puppet Team (mos-puppet) |
Max Yatsenko (myatsenko) |
|
| 2016-03-14 10:27:24 |
Ivan Berezovskiy |
fuel/newton: assignee |
MOS Puppet Team (mos-puppet) |
Max Yatsenko (myatsenko) |
|
| 2016-03-14 13:11:29 |
Dina Belova |
fuel/newton: importance |
Undecided |
Medium |
|
| 2016-03-14 13:11:31 |
Dina Belova |
fuel/newton: status |
New |
Confirmed |
|
| 2016-03-18 11:34:01 |
Alexey Stupnikov |
tags |
area-library customer-found feature-security team-bugfix |
area-library customer-found feature-security team-bugfix wontfix-munotapplic |
|
| 2016-03-18 11:34:04 |
Alexey Stupnikov |
fuel/5.1.x: status |
Confirmed |
Won't Fix |
|
| 2016-03-18 11:34:07 |
Alexey Stupnikov |
fuel/6.0.x: status |
Confirmed |
Won't Fix |
|
| 2016-03-28 11:38:21 |
Bug Checker Bot |
tags |
area-library customer-found feature-security team-bugfix wontfix-munotapplic |
area-library customer-found feature-security need-info team-bugfix wontfix-munotapplic |
|
| 2016-04-06 15:01:53 |
Ivan Berezovskiy |
fuel/mitaka: status |
Confirmed |
Won't Fix |
|
| 2016-04-13 12:28:17 |
Dmitry Pyzhov |
bug task deleted |
fuel/newton |
|
|
| 2016-04-13 12:28:23 |
Dmitry Pyzhov |
fuel: milestone |
9.0 |
10.0 |
|
| 2016-06-29 14:37:06 |
Maksim Malchuk |
tags |
area-library customer-found feature-security need-info team-bugfix wontfix-munotapplic |
customer-found feature-security need-info team-bugfix wontfix-munotapplic |
|
| 2016-07-11 16:35:36 |
Denis Egorenko |
fuel/mitaka: status |
Won't Fix |
Confirmed |
|
| 2016-07-11 16:35:41 |
Denis Egorenko |
fuel/mitaka: milestone |
9.0 |
9.1 |
|
| 2016-07-11 16:35:57 |
Denis Egorenko |
tags |
customer-found feature-security need-info team-bugfix wontfix-munotapplic |
10.0-reviewed customer-found feature-security need-info team-bugfix wontfix-munotapplic |
|
| 2016-07-25 09:52:25 |
Ivan Berezovskiy |
fuel/mitaka: assignee |
Max Yatsenko (myatsenko) |
Fuel Sustaining (fuel-sustaining-team) |
|
| 2016-07-25 09:52:34 |
Ivan Berezovskiy |
fuel: assignee |
Max Yatsenko (myatsenko) |
Fuel Sustaining (fuel-sustaining-team) |
|
| 2016-08-08 11:32:24 |
Igor Milovanović |
bug |
|
|
added subscriber Igor Milovanović |
| 2016-08-18 08:20:04 |
Rodion Tikunov |
fuel/6.1.x: status |
Confirmed |
Won't Fix |
|
| 2016-09-02 14:11:07 |
Denis Meltsaykin |
fuel/8.0.x: status |
Confirmed |
Won't Fix |
|
| 2016-09-02 14:11:15 |
Denis Meltsaykin |
fuel/7.0.x: status |
Confirmed |
Won't Fix |
|
| 2016-09-07 11:14:12 |
Dmitry Pyzhov |
fuel/mitaka: milestone |
9.1 |
9.2 |
|
| 2016-10-06 12:23:51 |
Oleksiy Molchanov |
fuel: assignee |
Fuel Sustaining (fuel-sustaining-team) |
Oleksiy Molchanov (omolchanov) |
|
| 2016-10-06 12:23:56 |
Oleksiy Molchanov |
fuel: status |
Confirmed |
In Progress |
|
| 2016-10-26 12:04:39 |
Dmitry Pyzhov |
fuel/mitaka: assignee |
Fuel Sustaining (fuel-sustaining-team) |
Oleksiy Molchanov (omolchanov) |
|
| 2016-11-03 11:36:18 |
Andrey Bubyr |
removed subscriber Andrey Bubyr |
|
|
|
| 2016-11-18 10:22:30 |
OpenStack Infra |
fuel/mitaka: status |
Confirmed |
In Progress |
|
| 2016-11-23 08:49:04 |
OpenStack Infra |
tags |
10.0-reviewed customer-found feature-security need-info team-bugfix wontfix-munotapplic |
10.0-reviewed customer-found feature-security in-stable-newton need-info team-bugfix wontfix-munotapplic |
|
| 2016-11-23 08:50:51 |
OpenStack Infra |
tags |
10.0-reviewed customer-found feature-security in-stable-newton need-info team-bugfix wontfix-munotapplic |
10.0-reviewed customer-found feature-security in-stable-mitaka in-stable-newton need-info team-bugfix wontfix-munotapplic |
|
| 2016-12-13 11:27:08 |
Dmitry Pyzhov |
fuel: status |
In Progress |
Fix Committed |
|
| 2016-12-13 11:27:12 |
Dmitry Pyzhov |
fuel/mitaka: status |
In Progress |
Fix Committed |
|
| 2016-12-13 11:27:29 |
Dmitry Pyzhov |
fuel: milestone |
10.0 |
10.1 |
|
| 2017-01-30 14:03:03 |
Ilya Bumarskov |
fuel/mitaka: status |
Fix Committed |
Fix Released |
|
