FS#70451 : [ceph] [Security] insufficient validation (CVE-2021-20288)

FS#70451 - [ceph] [Security] insufficient validation (CVE-2021-20288)

Attached to Project: Community Packages
Opened by Andrea Denisse Gómez-Martínez (denisse) - Wednesday, 14 April 2021, 20:28 GMT
Last edited by Antonio Rojas (arojas) - Wednesday, 14 April 2021, 20:45 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	No-one
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Summary
=======

The package ceph is vulnerable to insufficient validation via CVE-2021-20288.

Guidance
========

Apply the patches that were released in upstream.

References
==========

https://security.archlinux.org/AVG-1826
https://www.openwall.com/lists/oss-security/2021/04/14/2
https://github.com/ceph/ceph/commit/f3a4166379b12d4a7bba667fe761e5b660552db1
https://github.com/ceph/ceph/commit/1f57617d5edb45a8a696eac7c910e8fc44c934a3
https://github.com/ceph/ceph/commit/9f3efe7cd1a780b91e5c8cfee192a0c51d0151dc

This task depends upon

Closed by Antonio Rojas (arojas)
Wednesday, 14 April 2021, 20:45 GMT
Reason for closing: Duplicate
Additional comments about closing: ~~FS#70450~~

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#70451 - [ceph] [Security] insufficient validation (CVE-2021-20288)

Details

Loading...