This bug was fixed in the package ceph - 16.2.4-0ubuntu0.21.04.1
---------------
ceph (16.2.4-0ubuntu0.21.04.1) hirsute; urgency=medium
[ Chris MacNaughton ]
* d/ceph-base.install: Remove ceph-deploy man page installation
(LP: #1892448).
[ James Page ]
* SECURITY UPDATE: New upstream release (LP: #1928645):
- CVE-2021-3509: Dashboard XSS via token cookie.
- CVE-2021-3531: Swift API denial of service.
- CVE-2021-3531: HTTP header injects via CORS in RGW.
- d/p/bug1925347.patch: Drop, included in release.
-- James Page <[email protected]> Thu, 27 May 2021 06:18:16 +0100
** Changed in: ceph (Ubuntu Hirsute)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3509
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3531
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1892448
Title:
ceph 15.2.3-0ubuntu0.20.04.2 collides with ceph-deploy 2.0.1-0ubuntu1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1892448/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
