diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-03-28 01:50:09 +0000 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-03-28 01:50:09 +0000 |
commit | 27b3d6a80bd2f514d34d033cf2bd02f4e3145ad7 (patch) | |
tree | 3c74df6a121b9b0354a8cbd59ebdc1b5b54ad106 /retired/CVE-2018-1128 | |
parent | eb51c7725271bea941d40933c031ae86b716e971 (diff) |
Retire inactive issues
Diffstat (limited to 'retired/CVE-2018-1128')
-rw-r--r-- | retired/CVE-2018-1128 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2018-1128 b/retired/CVE-2018-1128 new file mode 100644 index 00000000..e6ccf295 --- /dev/null +++ b/retired/CVE-2018-1128 @@ -0,0 +1,17 @@ +Description: libceph: add authorizer challenge +References: + http://tracker.ceph.com/issues/24836 +Notes: + bwh> If I understand this rightly, this is a vulnerability in the Ceph + bwh> server, not the in-kernel client. But the fix is an incompatible + bwh> protocol change, and that's why the client needs to be updated too. + bwh> I don't think this is practical for 3.16 as the protocol change + bwh> seems to depend on message signatures which were added in 3.19. +Bugs: +upstream: released (4.19-rc1) [6daca13d2e72bedaaacfc08f873114c9307d5aea] +4.19-upstream-stable: N/A "Fixed before branch point" +4.9-upstream-stable: released (4.9.144) [06e925920d4de3da2114876bc607447e929604af] +3.16-upstream-stable: ignored "Protocol change is too difficult" +sid: released (4.19.9-1) +4.9-stretch-security: released (4.9.144-1) +3.16-jessie-security: ignored "Protocol change is too difficult" |