Summary: | <sys-cluster/ceph-{14.2.21,15.2.12,16.2.4}: RGW unauthenticated denial of service (CVE-2021-3531) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | chutzpah, cluster, dlan, proth+gentoobugs |
Priority: | Normal | Keywords: | CC-ARCHES, STABLEREQ |
Version: | unspecified | Flags: | nattka:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.openwall.com/lists/oss-security/2021/05/14/5 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: |
sys-cluster/ceph-14.2.21
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 783486 |
Description
John Helmert III
2021-05-21 03:09:36 UTC
Fixed in v14.2.21, amd64 done all arches done Pleas cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8de8aea99fb92f1cf48d1cb803ada4d4aaa520f6 commit 8de8aea99fb92f1cf48d1cb803ada4d4aaa520f6 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2021-05-26 20:55:09 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2021-05-26 20:55:09 +0000 sys-cluster/ceph: security cleanup Bug: https://bugs.gentoo.org/791253 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> sys-cluster/ceph/Manifest | 5 - sys-cluster/ceph/ceph-14.2.19.ebuild | 394 ------------------------------ sys-cluster/ceph/ceph-14.2.20.ebuild | 394 ------------------------------ sys-cluster/ceph/ceph-15.2.11.ebuild | 405 ------------------------------- sys-cluster/ceph/ceph-16.2.1.ebuild | 448 ---------------------------------- sys-cluster/ceph/ceph-16.2.3.ebuild | 449 ----------------------------------- 6 files changed, 2095 deletions(-) This issue was resolved and addressed in GLSA 202105-39 at https://security.gentoo.org/glsa/202105-39 by GLSA coordinator Thomas Deutschmann (whissi). |