[ Chris MacNaughton ]
* d/ceph-base.install: Remove ceph-deploy man page installation
(LP: #1892448).
[ James Page ]
* SECURITY UPDATE: New upstream release (LP: #1928645):
- CVE-2021-3509: Dashboard XSS via token cookie.
- CVE-2021-3531: Swift API denial of service.
- CVE-2021-3531: HTTP header injects via CORS in RGW.
- d/p/bug1925347.patch: Drop, included in release.
-- James Page <email address hidden> Thu, 27 May 2021 06:18:16 +0100
This bug was fixed in the package ceph - 16.2.4- 0ubuntu0. 21.04.1
--------------- 0ubuntu0. 21.04.1) hirsute; urgency=medium
ceph (16.2.4-
[ Chris MacNaughton ] base.install: Remove ceph-deploy man page installation
* d/ceph-
(LP: #1892448).
[ James Page ]
* SECURITY UPDATE: New upstream release (LP: #1928645):
- CVE-2021-3509: Dashboard XSS via token cookie.
- CVE-2021-3531: Swift API denial of service.
- CVE-2021-3531: HTTP header injects via CORS in RGW.
- d/p/bug1925347.patch: Drop, included in release.
-- James Page <email address hidden> Thu, 27 May 2021 06:18:16 +0100