This bug was fixed in the package ceph - 15.2.12-0ubuntu0.20.10.1
---------------
ceph (15.2.12-0ubuntu0.20.10.1) groovy-security; urgency=medium
* SECURITY UPDATE: New upstream release (LP: #1929179):
- CVE-2021-3509: Dashboard XSS via token cookie.
- CVE-2021-3531: Swift API denial of service.
- CVE-2021-3531: HTTP header injects via CORS in RGW.
-- James Page <[email protected]> Mon, 24 May 2021 16:05:29 +0100
** Changed in: ceph (Ubuntu Groovy)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3509
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3531
** Changed in: ceph (Ubuntu Focal)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1914584
Title:
[SRU] radosgw-admin user create error message confusing if user with
email already exists
To manage notifications about this bug go to:
https://bugs.launchpad.net/ceph/+bug/1914584/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
