commit: e994b8d5f66c45bc0af44dfc86c7c96580557cdb Author: Yixun Lan <dlan <AT> gentoo <DOT> org> AuthorDate: Mon Jan 16 04:18:53 2017 +0000 Commit: Yixun Lan <dlan <AT> gentoo <DOT> org> CommitDate: Mon Jan 16 04:25:08 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e994b8d5
sys-cluster/ceph: fix "RGW Denial of Service" security bug reasons for why p.mask them instead of removing: ceph has kind of picky upgrade path for new versions. for example, users want an online upgrade to 10.x while they are still using old version (<0.94.x), need to upgrade to 0.94.x/9.x first, then upgrade 10.x http://docs.ceph.com/docs/master/release-notes/ search: Upgrading from Firefly Closes: https://github.com/gentoo/gentoo/pull/3394 Gentoo-Bug: 598206 Signed-off-by: Yixun Lan <dlan <AT> gentoo.org> profiles/package.mask | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/profiles/package.mask b/profiles/package.mask index cb176eb..944e75c 100644 --- a/profiles/package.mask +++ b/profiles/package.mask @@ -30,6 +30,12 @@ #--- END OF EXAMPLES --- +# Yixun Lan <[email protected]> (16 Jan 2017) +# Masked, Vulnerable due to RGW Denial of Service (bug #598206) +# We mask it instead of removing them, due user may need them while +# upgrade from old versions (<0.94.x) +<sys-cluster/ceph-10.2.3-r1 + # Patrice Clement <[email protected]> (15 Jan 2017) # Upstream dead a while ago. Sources are nowhere to be found. # Masked for removal in 30 days.
