Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-18980

[Vulnerability report] Fix the request smuggling vulnerability and Release Eventlet 0.40.3

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • rhos-ops-platform-services-pidone
    • Sprint 4
    • 1
    • Important

      Goal: 

      The WSGI parser of Eventlet is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. A security researched reported this vulnerability and proposed a fix. Merge the fix and release a new version free from that vulnerability.

      Acceptance Criteria:

      • Having the security patch merged
      • Having a new version of Eventlet released with the patch included

              hberaud Hervé Beraud
              hberaud Hervé Beraud
              rhos-dfg-pidone
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: