"An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception."
@maintainer(s), can you clarify if versions in tree are affected?
Upstream issue says Nautilus+ (>=14.x?) is unaffected.
If 12.x was affected, then cleanup was done here:
Author: Patrick McLean <email@example.com>
Date: Wed Nov 18 23:29:05 2020 -0800
sys-cluster/ceph: remove old
Copyright: Sony Interactive Entertainment Inc.
Package-Manager: Portage-3.0.9, Repoman-3.0.2
Signed-off-by: Patrick McLean <firstname.lastname@example.org>
delete mode 100644 sys-cluster/ceph/ceph-12.2.12-r3.ebuild
Since 14.x is unaffected, the earliest 14.x version we had looks to be 14.2.0 so that will go in summary. Needs GLSA vote.
GLSA Vote: No
Repository is clean, all done!