Description: libceph: add authorizer challenge References: http://tracker.ceph.com/issues/24836 Notes: bwh> If I understand this rightly, this is a vulnerability in the Ceph bwh> server, not the in-kernel client. But the fix is an incompatible bwh> protocol change, and that's why the client needs to be updated too. bwh> I don't think this is practical for 3.16 as the protocol change bwh> seems to depend on message signatures which were added in 3.19. Bugs: upstream: released (4.19-rc1) [6daca13d2e72bedaaacfc08f873114c9307d5aea] 4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [06e925920d4de3da2114876bc607447e929604af] 3.16-upstream-stable: ignored "Protocol change is too difficult" sid: released (4.19.9-1) 4.9-stretch-security: released (4.9.144-1) 3.16-jessie-security: ignored "Protocol change is too difficult"