OpenStack
- Main Wiki page: https://wiki.openstack.org/wiki/Main_Page
- Security Notes: https://wiki.openstack.org/wiki/Security_Notes
- Security wiki: https://wiki.openstack.org/wiki/Security
- Security info:https://security.openstack.org/
OpenStack CVE list
- https://www.cvedetails.com/vulnerability-list/vendor_id-11727/Openstack.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22395/Openstack-Horizon.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-11727/product_id-22720/Openstack-Keystone.html
Openstack Security Guide
Glance
- List of bugs: https://bugs.launchpad.net/glance/+bugs
Glance Image Signing and Verification
https://blueprints.launchpad.net/glance/+spec/image-signing-and-verification-support
OpenStack currently does not support the following feature:
- Signing and signature validation of bootable images
- Validation of uploaded signed images
Deploying authentication will protect image integrity by verifying that an image has not been modified after the upload by the user. This feature improves the enterprise-ready posture of OpenStack. For further info read here.