It was discovered that Glancestore incorrectly handled logging when the DEBUG log level is enabled. A local attacker could use this issue to obtain accesskey values.
{ "binaries": [ { "binary_version": "2.0.0-0ubuntu4.3", "binary_name": "python-glance-store-doc" }, { "binary_version": "2.0.0-0ubuntu4.3", "binary_name": "python3-glance-store" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "3.0.0-0ubuntu1.4", "binary_name": "python-glance-store-doc" }, { "binary_version": "3.0.0-0ubuntu1.4", "binary_name": "python3-glance-store" } ], "availability": "No subscription required" }