Red Hat Security Advisory 2013-0671-01 - PackStack is a command line utility that uses Puppet modules to support rapid deployment of OpenStack on existing servers over an SSH connection. PackStack is suitable for deploying both single node proof of concept installations and more complex multi-node installations. It was found that PackStack did not handle the answer file securely. In some environments, such as those using a non-default umask, a local attacker could possibly modify the answer file if PackStack was run in an attacker controlled directory, or attempted to create the answer file in "/tmp/", allowing the attacker to modify systems being deployed using OpenStack. Note: After applying this update, PackStack will create the answer file in the user's home directory by default. It will no longer create it in the current working directory or the "/tmp/" directory by default.
85ac7dd9a04979cc15ea84e62d6594f4bb4612fd814eea5ea9893b169ddd1d78