It was discovered that Glancestore incorrectly handled logging when the DEBUG log level is enabled. A local attacker could use this issue to obtain accesskey values.
{ "binaries": [ { "binary_name": "python-glance-store-doc", "binary_version": "2.0.0-0ubuntu4.3" }, { "binary_name": "python3-glance-store", "binary_version": "2.0.0-0ubuntu4.3" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "python-glance-store-doc", "binary_version": "3.0.0-0ubuntu1.4" }, { "binary_name": "python3-glance-store", "binary_version": "3.0.0-0ubuntu1.4" } ], "availability": "No subscription required" }