This bug was fixed in the package ceph - 16.2.4-0ubuntu0.21.04.1 --------------- ceph (16.2.4-0ubuntu0.21.04.1) hirsute; urgency=medium
[ Chris MacNaughton ] * d/ceph-base.install: Remove ceph-deploy man page installation (LP: #1892448). [ James Page ] * SECURITY UPDATE: New upstream release (LP: #1928645): - CVE-2021-3509: Dashboard XSS via token cookie. - CVE-2021-3531: Swift API denial of service. - CVE-2021-3531: HTTP header injects via CORS in RGW. - d/p/bug1925347.patch: Drop, included in release. -- James Page <james.p...@ubuntu.com> Thu, 27 May 2021 06:18:16 +0100 ** Changed in: ceph (Ubuntu Hirsute) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1928645 Title: [SRU] ceph 16.2.4 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1928645/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs