Bug#1026078: bullseye-pu: package ceph/14.2.21-1 CVE-2022-3650

To: Thomas Goirand <zigo@debian.org>, 1026078@bugs.debian.org
Subject: Bug#1026078: bullseye-pu: package ceph/14.2.21-1 CVE-2022-3650
From: Jonathan Wiltshire <jmw@debian.org>
Date: Wed, 15 Mar 2023 21:06:36 +0000
Message-id: <[🔎] ZBIzXP17UNFW86U8@powdarrmonkey.net>
Reply-to: Jonathan Wiltshire <jmw@debian.org>, 1026078@bugs.debian.org
In-reply-to: <167101513647.15579.13354900723638094831.reportbug@zbuz.infomaniak.ch>
References: <167101513647.15579.13354900723638094831.reportbug@zbuz.infomaniak.ch> <167101513647.15579.13354900723638094831.reportbug@zbuz.infomaniak.ch>

Control: tag -1 confirmed

On Wed, Dec 14, 2022 at 11:52:16AM +0100, Thomas Goirand wrote:
> I have prepared an update for Ceph in Bullseye to address
> CVE-2022-3650 (ie: ceph to root privilege escalation).
> The security team already told me that there will be no DSA.

Please go ahead with the distribution label fixed.

Thanks,


-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Reply to:

Prev by Date: Processed: tagging 1002956
Next by Date: Processed: Re: Bug#1026078: bullseye-pu: package ceph/14.2.21-1 CVE-2022-3650
Previous by thread: Processed: tagging 1002956
Next by thread: Processed: Re: Bug#1026078: bullseye-pu: package ceph/14.2.21-1 CVE-2022-3650
Index(es):
- Date
- Thread