1446406
|
#1446406 |
Insecure signing_dir configuration in barbican-api-paste.ini
|
|
2
Critical
|
Charles Neill
|
10
Fix Released
|
1446826
|
#1446826 |
Get secret with ACL returns 500 Internal Server Error
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1448193
|
#1448193 |
Generate CSR Fails with PyOpenSSL Version 0.15.1
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1450849
|
#1450849 |
Only ceator of secret and container should be able to define and manage ACL.
|
|
2
Critical
|
Arun Kant
|
10
Fix Released
|
1455247
|
#1455247 |
Cannot create a secret when working on a unauthenticated context
|
|
2
Critical
|
John Vrbanac
|
10
Fix Released
|
1462681
|
#1462681 |
Secret GET /payload returns 500 when no Accept header
|
|
2
Critical
|
Steve Heyman
|
10
Fix Released
|
1497639
|
#1497639 |
Unauth context doesn't provide all X-xxxx fields to context
|
|
2
Critical
|
John Wood
|
10
Fix Released
|
1498269
|
#1498269 |
Return global or project preferred CA on GET /cas/preferred
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1498289
|
#1498289 |
Restrict Use of SubCAs to the owning project
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1498524
|
#1498524 |
GET /v1/cas/{CA_ID}/projects returns internal project IDs
|
|
2
Critical
|
Douglas Mendizábal
|
10
Fix Released
|
1498542
|
#1498542 |
Traceback in barbican/model/repositories.py
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1499105
|
#1499105 |
Possible async issues with CA repo
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1499396
|
#1499396 |
Pare down the juno_initial Alembic version file
|
|
2
Critical
|
John Wood
|
10
Fix Released
|
1499874
|
#1499874 |
SnakeOil Can Sign Certificates with wrong CA
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1499876
|
#1499876 |
Attempt to delete project preferred CA should return 409
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1500448
|
#1500448 |
db_manage.py script doesn't return error code
|
|
2
Critical
|
John Wood
|
10
Fix Released
|
1500687
|
#1500687 |
db_manage breaking when using mysql
|
|
2
Critical
|
Christopher Solis
|
10
Fix Released
|
1501862
|
#1501862 |
Need to enforce project ownership of subCAs
|
|
2
Critical
|
Dave McCowan
|
10
Fix Released
|
1502320
|
#1502320 |
Need Secure Plugin for SubCA Feature
|
|
2
Critical
|
Ade Lee
|
10
Fix Released
|
1446266
|
#1446266 |
RBAC needs to be checked for stored-key orders
|
|
3
High
|
Arun Kant
|
10
Fix Released
|
1447868
|
#1447868 |
Post of valid ACL returns 400
|
|
3
High
|
Arun Kant
|
10
Fix Released
|
1449234
|
#1449234 |
KMIP secret store cannot store keys
|
|
3
High
|
Nathan Reller
|
10
Fix Released
|
1453636
|
#1453636 |
certificates incorrectly encoded for dogtag plugin
|
|
3
High
|
Ade Lee
|
10
Fix Released
|
1459454
|
#1459454 |
Stored key certificate order does not set PK on generated container
|
|
3
High
|
Juan Antonio Osorio Robles
|
10
Fix Released
|
1460873
|
#1460873 |
retries-task-retry-not-working
|
|
3
High
|
John Wood
|
10
Fix Released
|
1470563
|
#1470563 |
Can't initiate DogTag Secret Store and Certificate plugins at the same time
|
|
3
High
|
Juan Antonio Osorio Robles
|
10
Fix Released
|
1495576
|
#1495576 |
Get CAs returns empty list
|
|
3
High
|
Dave McCowan
|
10
Fix Released
|
1496819
|
#1496819 |
HTTP Code 500 Returned on bad CA resource in URL
|
|
3
High
|
Dave McCowan
|
10
Fix Released
|
1496821
|
#1496821 |
HTTP 403 Returned when trying to get preferred CA
|
|
3
High
|
Dave McCowan
|
10
Fix Released
|
1497009
|
#1497009 |
Barbican not returning correct effective quotas
|
|
3
High
|
Christopher Solis
|
10
Fix Released
|
1497774
|
#1497774 |
Intermittent Unit Test Failures in Quota Enforcer
|
|
3
High
|
Dave McCowan
|
10
Fix Released
|
1499103
|
#1499103 |
Certificate Authority Model misuses soft delete
|
|
3
High
|
Dave McCowan
|
10
Fix Released
|
1447872
|
#1447872 |
Post of unsupported parameters in ACL succeeds
|
|
4
Medium
|
Dave McCowan
|
10
Fix Released
|
1451456
|
#1451456 |
snakeoil_ca plugin doesn't work
|
|
4
Medium
|
Thomas Herve
|
10
Fix Released
|
1454587
|
#1454587 |
Install scripts in /usr/bin with extensions
|
|
4
Medium
|
Dave Walker
|
10
Fix Released
|
1455493
|
#1455493 |
config-fix-sqlalchemy-pool-enable-logging
|
|
4
Medium
|
John Wood
|
10
Fix Released
|
1458945
|
#1458945 |
Use graduated oslo.policy instead of oslo-incubator code
|
|
4
Medium
|
Juan Antonio Osorio Robles
|
10
Fix Released
|
1459448
|
#1459448 |
Potential Race Condition with Barbican Config Options
|
|
4
Medium
|
Kevin Bishop
|
10
Fix Released
|
1462069
|
#1462069 |
Inconsistent Request Ids in Logs
|
|
4
Medium
|
Kevin Bishop
|
10
Fix Released
|
1463967
|
#1463967 |
Replace oslo-incubator modules with the official oslo packages
|
|
4
Medium
|
Kevin Bishop
|
10
Fix Released
|
1468904
|
#1468904 |
Admin Gets 403 when GETing secret payload for certain ACLs
|
|
4
Medium
|
Arun Kant
|
10
Fix Released
|
1472383
|
#1472383 |
Certificate Order API Should Do More Error Checking
|
|
4
Medium
|
Dave McCowan
|
10
Fix Released
|
1473593
|
#1473593 |
Make certificate_authority policy entries consistent
|
|
4
Medium
|
Jason Fritcher
|
10
Fix Released
|
1477118
|
#1477118 |
Dogtag installation fails due to wrong dnsdomainname
|
|
4
Medium
|
Juan Antonio Osorio Robles
|
10
Fix Released
|
1477240
|
#1477240 |
snakeoil plugin needs input CSR base64 decoded
|
|
4
Medium
|
Dave McCowan
|
10
Fix Released
|
1478116
|
#1478116 |
KeyError: 'user_id' in devstack logs
|
|
4
Medium
|
Kaitlin Farr
|
10
Fix Released
|
1481090
|
#1481090 |
500 on secret create/update with non-ASCII characters
|
|
4
Medium
|
Dave McCowan
|
10
Fix Released
|
1485157
|
#1485157 |
PUT /v1/containers/<id> returns http 406, should be http 405
|
|
4
Medium
|
Steve Heyman
|
10
Fix Released
|
1485762
|
#1485762 |
quotas test fails when admin username is not 'admin'
|
|
4
Medium
|
Steve Heyman
|
10
Fix Released
|
1488693
|
#1488693 |
run_tests.sh only returns results of last set of tests
|
|
4
Medium
|
Dave McCowan
|
10
Fix Released
|
1489900
|
#1489900 |
Test Attributes are Lost
|
|
4
Medium
|
Nathan Reller
|
10
Fix Released
|
1490566
|
#1490566 |
Functional tests do not fully clean up after orders
|
|
4
Medium
|
Fernando Diaz
|
10
Fix Released
|
1490747
|
#1490747 |
Be consistent on test tools and drivers
|
|
4
Medium
|
Fernando Diaz
|
10
Fix Released
|
1498525
|
#1498525 |
Quota test test_get_quotas_with_defaults() assumes -1 is default
|
|
4
Medium
|
John Wood
|
10
Fix Released
|
1499768
|
#1499768 |
Barbican can fail to start if certificate plugin has an error
|
|
4
Medium
|
Dave McCowan
|
10
Fix Released
|
1386251
|
#1386251 |
Error message for bad bit length is insufficient on secret create
|
|
5
Low
|
Juan Antonio Osorio Robles
|
10
Fix Released
|
1492010
|
#1492010 |
Complete localization for Barbican Api Directory
|
|
5
Low
|
Amy Marrich
|
10
Fix Released
|
1496826
|
#1496826 |
Traceback when attempting to run functional test directly
|
|
5
Low
|
Dave McCowan
|
10
Fix Released
|
1423962
|
#1423962 |
Add Alembic Modules to Enable Upgrades
|
|
6
Wishlist
|
Zhenyu Zheng
|
10
Fix Released
|
1445610
|
#1445610 |
Improve the Error Codes returned from pkcs11 plugin
|
|
6
Wishlist
|
Amy Marrich
|
10
Fix Released
|
1450277
|
#1450277 |
Remove admin endpoint
|
|
6
Wishlist
|
Amy Marrich
|
10
Fix Released
|
1451466
|
#1451466 |
remove-unneeded-config-dot-py-file
|
|
6
Wishlist
|
Igor Gueths
|
10
Fix Released
|
1459682
|
#1459682 |
Change config file name to barbican.conf
|
|
6
Wishlist
|
Amy Marrich
|
10
Fix Released
|
1459780
|
#1459780 |
Add filter to secret list for acl secrets
|
|
6
Wishlist
|
Elvin Tubillara
|
10
Fix Released
|
1459800
|
#1459800 |
Add request ID to worker-side logs
|
|
6
Wishlist
|
Elvin Tubillara
|
10
Fix Released
|
1468482
|
#1468482 |
Complete localization for Barbican Plugin Directory
|
|
6
Wishlist
|
Amy Marrich
|
10
Fix Released
|
1497646
|
#1497646 |
Current policy.json role assignments are error prone for deployment modifications
|
|
6
Wishlist
|
Dave McCowan
|
10
Fix Released
|