FS#67047 - [security][ceph] CVE-2020-1759 CVE-2020-1760
Attached to Project:
Community Packages
Opened by loqs (loqs) - Friday, 19 June 2020, 17:29 GMT
Last edited by Thore Bödecker (foxxx0) - Sunday, 22 November 2020, 16:30 GMT
Opened by loqs (loqs) - Friday, 19 June 2020, 17:29 GMT
Last edited by Thore Bödecker (foxxx0) - Sunday, 22 November 2020, 16:30 GMT
|
Details
Description:
Ceph 14.2.9 [1] / 15.2.1 [2] releases notes mention 14.2.8 was vulnerable to the CVEs in the title. Additional info: * ceph 14.2.8-1 [1] https://ceph.readthedocs.io/en/latest/releases/nautilus/#v14-2-9-nautilus [2] https://ceph.readthedocs.io/en/latest/releases/octopus/#v15-2-1-octopus |
This task depends upon
Closed by Thore Bödecker (foxxx0)
Sunday, 22 November 2020, 16:30 GMT
Reason for closing: Fixed
Additional comments about closing: fixed as of ceph-15.2.6-1
Sunday, 22 November 2020, 16:30 GMT
Reason for closing: Fixed
Additional comments about closing: fixed as of ceph-15.2.6-1
FS#68387updated to 14.2.11Additionally update fix-mgr-dashboard-frontend-unittests-dist-stuff.patch
Add -DWITH_RADOSGW_KAFKA_ENDPOINT=OFF otherwise a test will fail even though autodetection correctly detects the packages is not present.
PKGBUILD (14 KiB)
598c37296c944a056e4cd90e9f73c9e2fa6552fc.patch and 84f629e1b1c8b336b9ce6bcc2466010045e68e7e.patch were no longer needed as applied upstream.
Still working on 15.2.5 see [1].
[1] https://bbs.archlinux.org/viewtopic.php?id=259163
PKGBUILD.diff (8 KiB)