[gpfsug-discuss] Question about Security Bulletin: Openstack Keystone vulnerabilities affects IBM Spectrum Scale (CVE-2020-12689)
Hannappel, Juergen
juergen.hannappel at desy.de
Thu Aug 27 08:20:10 BST 2020
Hin
no, we don't use object services. Maybe the object services condition should be mentioned in the bulletin.
Thanks,
Juergen
> From: "John T Olson" <jtolson at us.ibm.com>
> To: "gpfsug main discussion list" <gpfsug-discuss at spectrumscale.org>
> Sent: Wednesday, 26 August, 2020 17:52:56
> Subject: Re: [gpfsug-discuss] Question about Security Bulletin: Openstack
> Keystone vulnerabilities affects IBM Spectrum Scale (CVE-2020-12689)
> Hi, openstack Keystone is only used if you have configured and are using the
> object services. If you are not using object services, then the local Keystone
> server will not be configured and this vulnerability should not affect you. Do
> you have object services enabled?
> Thanks,
> John
> John T. Olson, Ph.D.
> Spectrum Scale Security
> Master Inventor
> 957/9032-1 Tucson, AZ, 85744
> (520) 799-5185, tie 321-5185 (FAX: 520-799-4237)
> Email: jtolson at us.ibm.com
> LinkedIn: www.linkedin.com/in/john-t-olson
> Follow me on twitter: @John_T_Olson
> "Hannappel, Juergen" ---08/26/2020 07:25:12 AM---Hello, in the bulletin [
> https://www.ibm.com/support/pages/node/6323241 |
> https://www.ibm.com/support/pages/node/6323241 ] it's mentioned
> From: "Hannappel, Juergen" <juergen.hannappel at desy.de>
> To: gpfsug main discussion list <gpfsug-discuss at spectrumscale.org>
> Date: 08/26/2020 07:25 AM
> Subject: [EXTERNAL] [gpfsug-discuss] Question about Security Bulletin: Openstack
> Keystone vulnerabilities affects IBM Spectrum Scale (CVE-2020-12689)
> Sent by: gpfsug-discuss-bounces at spectrumscale.org
> Hello,
> in the bulletin [ https://www.ibm.com/support/pages/node/6323241 |
> https://www.ibm.com/support/pages/node/6323241 ] it's mentioned
> "IBM Spectrum Scale, shipped with Openstack keystone, is exposed to
> vulnerabilities as detailed below."
> I am not aware of any openstack components in our standard Scale deployments,
> so how am I to read this sentence? Is there some Openstack stuff bundled into a
> standard gpfs installation?
> --
> Dr. Jürgen Hannappel DESY/IT Tel. : +49 40 8998-4616
> _______________________________________________
> gpfsug-discuss mailing list
> gpfsug-discuss at spectrumscale.org
> [ http://gpfsug.org/mailman/listinfo/gpfsug-discuss |
> http://gpfsug.org/mailman/listinfo/gpfsug-discuss ]
> _______________________________________________
> gpfsug-discuss mailing list
> gpfsug-discuss at spectrumscale.org
> http://gpfsug.org/mailman/listinfo/gpfsug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20200827/eb0c0040/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20200827/eb0c0040/attachment-0006.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20200827/eb0c0040/attachment-0007.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20200827/eb0c0040/attachment-0008.gif>
More information about the gpfsug-discuss
mailing list