openstack
/
openstack
Code Issues Proposed changes

Update git submodules 

* Update barbican-tempest-plugin from branch 'master'
  to 30e50ef9c85bf008c7c3e5aeb6b009629a2013c9
  - Merge "Introduce a new test for "cve_2022_3100""
  - Introduce a new test for "cve_2022_3100"
    
    The exploit is that a malicious user with a Keystone account is able to decrypt
    any secret as long as they know the secret's ID by using a specifically crafted
    query string:
    GET /v1/secrets/{secret-id}/payload?target.secret.read=read
    
    Change-Id: I5e00a188268ef1c25eed8bf3a37197918e529427
This commit is contained in:
Zuul 2022-12-08 14:32:44 +00:00 committed by Gerrit Code Review
parent e58489fc56
commit a2d61697b7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
barbican-tempest-plugin

@ -1 +1 @@
Subproject commit dc14cae0ebd620d30be0cd9784394f8d775a7557
Subproject commit 30e50ef9c85bf008c7c3e5aeb6b009629a2013c9