| *** mhen_ is now known as mhen | 02:31 | |
| *** prometheanfire is now known as Guest0 | 06:40 | |
| *** osmanlicilegi is now known as Guest3 | 06:40 | |
| opendevreview | Milana Levy proposed openstack/barbican-tempest-plugin master: DNM:Added a test for automate an exploit that was introduced in "cve_2022_3100" The exploit is that a malicious user with a Keystone account is able to decrypt any secret as long as they know the secret's ID by using a specifically crafted query string: GET /v1/secrets/{secret-id}/payload?target.secret.read=read https://review.opendev.org/c/openstack/barbican-tempe | 07:30 |
|---|---|---|
| opendevreview | Milana Levy proposed openstack/barbican-tempest-plugin master: Added a test for automate an exploit that was introduced in "cve_2022_3100" The exploit is that a malicious user with a Keystone account is able to decrypt any secret as long as they know the secret's ID by using a specifically crafted query string: GET /v1/secrets/{secret-id}/payload?target.secret.read=read https://review.opendev.org/c/openstack/barbican-tempest-p | 07:32 |
| opendevreview | Milana Levy proposed openstack/barbican-tempest-plugin master: Intreduce a new test for "cve_2022_3100" https://review.opendev.org/c/openstack/barbican-tempest-plugin/+/862796 | 10:12 |
| *** jamesdenton_ is now known as jamesdenton | 12:24 | |
| *** Guest0 is now known as prometheanfire | 14:18 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!