CVE escalation request
Bug #1958926 reported by
Chris Newcomer
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cryptsetup (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
This bug is to request the Security team address a CVE. The information required is located in the following document:
https:/
I don't have the option to select the checkbox for "This bug is a security vulnerability". I added the flag to the URL when I created the bug, so I'm hoping it will be tagged correctly. If it is not, please forward this to the Security team.
Thanks,
Chris
CVE References
information type: | Public → Public Security |
To post a comment you must log in.
I've seen the issues with backporting the upstream fix into 2.2 and it does not look like something that is recommended. I'm working with the customer to see if the workaround of using `--disable- luks2-reencrypt ion` to mitigate their security concerns is a good solution.