ceph: security update to 13.2.7 #2055

l2dy · 2019-12-08T07:09:35Z

CVE IDs: CVE-2019-10222

Other security advisory IDs: RHSA-2019:2577-01, USN-4112-1

Descriptions:

ceph: Unauthenticated clients can crash ceph RGW configured with beast as
frontend (CVE-2019-10222)

PoC(s): N/A

Architectural progress:

The text was updated successfully, but these errors were encountered:

KexyBiscuit · 2019-12-09T09:21:51Z

As #1997, Ceph will be dropped this iteration. Closing.

MingcongBai · 2020-04-28T06:29:26Z

All done. @l2dy Please assign an AOSA.

l2dy · 2020-04-30T05:17:05Z

Use AOSA-2020-0087.

l2dy added security Topic/issue involves a security issue/fixed to-stable upgrade Topic/issue involves a package upgrade labels Dec 8, 2019

KexyBiscuit added this to the Fall 2019 milestone Dec 9, 2019

KexyBiscuit added the wontfix Issue cannot/will not be fixed label Dec 9, 2019

KexyBiscuit closed this as completed Dec 9, 2019

KexyBiscuit modified the milestones: Fall 2019, Soon™ Dec 26, 2019

KexyBiscuit reopened this Dec 26, 2019

KexyBiscuit removed the wontfix Issue cannot/will not be fixed label Dec 26, 2019

KexyBiscuit modified the milestones: Soon™, Winter 2020 Jan 10, 2020

MingcongBai added a commit that referenced this issue Apr 20, 2020

ceph: update to 13.2.7; #2055

b4fce77

MingcongBai closed this as completed Apr 28, 2020

MingcongBai added the aosa-pending Pending AOSA (AOSC OS Security Advisory) assignment label Apr 28, 2020

Provide feedback