This bug was fixed in the package ceph - 16.2.4-0ubuntu1
---------------
ceph (16.2.4-0ubuntu1) impish; urgency=medium
* d/rules,control: Enable new crimson-osd package and provide
seastar based crimson-osd binary.
* SECURITY UPDATE: New upstream release (LP: #1928645):
- CVE-2021-3509: Dashboard XSS via token cookie.
- CVE-2021-3531: Swift API denial of service.
- CVE-2021-3531: HTTP header injects via CORS in RGW.
- d/p/bug1925347.patch: Drop, included in release.
-- James Page <james.p...@ubuntu.com> Tue, 25 May 2021 09:14:52 +0100
** Changed in: ceph (Ubuntu Impish)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1928645
Title:
[SRU] ceph 16.2.4
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1928645/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
