This bug was fixed in the package ceph - 16.2.4-0ubuntu2~cloud0
---------------
ceph (16.2.4-0ubuntu2~cloud0) focal-xena; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
ceph (16.2.4-0ubuntu2) impish; urgency=medium
.
* No-change rebuild due to OpenLDAP soname bump.
.
ceph (16.2.4-0ubuntu1) impish; urgency=medium
.
* d/rules,control: Enable new crimson-osd package and provide
seastar based crimson-osd binary.
* SECURITY UPDATE: New upstream release (LP: #1928645):
- CVE-2021-3509: Dashboard XSS via token cookie.
- CVE-2021-3531: Swift API denial of service.
- CVE-2021-3531: HTTP header injects via CORS in RGW.
- d/p/bug1925347.patch: Drop, included in release.
This bug was fixed in the package ceph - 16.2.4- 0ubuntu2~ cloud0
---------------
ceph (16.2.4- 0ubuntu2~ cloud0) focal-xena; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
ceph (16.2.4-0ubuntu2) impish; urgency=medium
.
* No-change rebuild due to OpenLDAP soname bump.
.
ceph (16.2.4-0ubuntu1) impish; urgency=medium
.
* d/rules,control: Enable new crimson-osd package and provide
seastar based crimson-osd binary.
* SECURITY UPDATE: New upstream release (LP: #1928645):
- CVE-2021-3509: Dashboard XSS via token cookie.
- CVE-2021-3531: Swift API denial of service.
- CVE-2021-3531: HTTP header injects via CORS in RGW.
- d/p/bug1925347.patch: Drop, included in release.