Your message dated Tue, 22 Jul 2025 18:11:28 +0000
with message-id <[email protected]>
and subject line Bug#1109470: fixed in ceph 18.2.7+ds-1
has caused the Debian Bug report #1109470,
regarding ceph: CVE-2025-52555 regression
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1109470: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109470
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: ceph
Version: 18.2.6-1
Severity: serious
Tags: security
Forwarded: https://github.com/ceph/ceph/pull/64356
X-Debbugs-Cc: Debian Security Team <[email protected]>
Prior to fb1b72d, unprivileged users could add mode bits as long as S_ISUID
and S_ISGID were not included in the change.
After fb1b72d, unprivileged users were allowed to modify S_ISUID and S_ISGID
bits only when no other mode bits were changed in the same operation. This
inadvertently permitted unprivileged users to set S_ISUID and/or S_ISGID bits
when they were the sole bits being modified.
This behavior should not be allowed. Unprivileged users should be prohibited
from setting S_ISUID and/or S_ISGID bits under any circumstances.
--- End Message ---
--- Begin Message ---
Source: ceph
Source-Version: 18.2.7+ds-1
Done: Daniel Baumann <[email protected]>
We believe that the bug you reported is fixed in the latest version of
ceph, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Baumann <[email protected]> (supplier of updated ceph package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 22 Jul 2025 19:06:06 +0200
Source: ceph
Architecture: source
Version: 18.2.7+ds-1
Distribution: unstable
Urgency: high
Maintainer: Ceph Packaging Team <[email protected]>
Changed-By: Daniel Baumann <[email protected]>
Closes: 1109470
Changes:
ceph (18.2.7+ds-1) unstable; urgency=high
.
* Adding patch from upstream to fix regression with CVE-2025-52555: -
unprivileged users can set S_ISUID and/or S_ISGID bits when changed
seperatly from each other (Closes: #1109470).
* Merging upstream version 18.2.7+ds: - rebuilding upstream tarball
without lintian-offending files to fix autoreject (#1109654)
* Updating Files-Excluded in copyright with newly removed files.
Checksums-Sha1:
18013b10fc1de34d112c06f35063c36b98265641 8080 ceph_18.2.7+ds-1.dsc
452fe1267ab61f81bf3d4111767964dd8a44a57a 148306992 ceph_18.2.7+ds.orig.tar.xz
59e8b7a09ff5a3c4a6f64c89d6f850b298d7ef88 140916 ceph_18.2.7+ds-1.debian.tar.xz
b632d1aa37fd1f4d30ea4a80394f133fcb1b101c 44518 ceph_18.2.7+ds-1_amd64.buildinfo
Checksums-Sha256:
38eea9e45a55e718dcc39ab6bfc4eedd58a545c8d025e95d1a9e20970d16ea90 8080
ceph_18.2.7+ds-1.dsc
71c0795fa0d6312ec7b57dee4031559b7e62e086a78e6ae1ad8549e0b351e28f 148306992
ceph_18.2.7+ds.orig.tar.xz
ec8ed0b2f6403ea13cfd1c48ff43e3b967bd3e85f13fe9da0915b3752c94f774 140916
ceph_18.2.7+ds-1.debian.tar.xz
d1f336d3aba5c109953346ed149d4d244a60d69eb5c9a5e8cf94ed06c5da0a83 44518
ceph_18.2.7+ds-1_amd64.buildinfo
Files:
1019c532ec0907dd5461681b8ad0d952 8080 admin optional ceph_18.2.7+ds-1.dsc
2788cb630bf061763d893e4fea8c23a0 148306992 admin optional
ceph_18.2.7+ds.orig.tar.xz
5f490b07b4fb091e2edc024ff0239b67 140916 admin optional
ceph_18.2.7+ds-1.debian.tar.xz
c568d05667c3d8c8be6b51a8828ca16a 44518 admin optional
ceph_18.2.7+ds-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYKAB0WIQQmmGg4gLaoSj0ERgL7tPDoCoAiLwUCaH/PQAAKCRD7tPDoCoAi
L7fcAP4n3AIi5rXYQ7JklHE1RILhHXnkSN+uBjh7UzcztiX2/wEA6IMB932bSaPs
B+5smdj8fnYW/1cXVcOvqxLnjdqPSgs=
=FjEC
-----END PGP SIGNATURE-----
pgpabUAFIDpRC.pgp
Description: PGP signature
--- End Message ---
