From $URL :
A security issue has been reported in OpenStack Glance, which can be exploited by malicious users
to disclose certain sensitive information.
The security issue is caused due to an error within the error reporting mechanism, which logs the
operator's Swift credentials when accessing a non-existing or mis-configured endpoint. This can
lead to the operator's Swift credentials being disclosed via error messages.
The security issue is reported in versions Folsom (2012.2) and Essex (2012.1).
Fixed in the GIT repository.
Further details available to Secunia VIM customers
Provided and/or discovered by
Dan Prince, Red Hat in a bug report.
Will be fixed once this is released. It is fixed in git head, so 9999 works.
bug glance side https://bugs.launchpad.net/glance/+bug/1098962
2012.2.1 out of tree and 2012.2.3 in tree (along with 9999). you should be good to close methinks
Closing noglsa for ~arch only.
store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before
2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift
endpoint's user name and password in cleartext when the endpoint is
misconfigured or unusable, allows remote authenticated users to obtain
sensitive information by reading the error messages.