blob: e6ccf295ed1e3926a71a3f60510d1006115371ab (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: libceph: add authorizer challenge
References:
http://tracker.ceph.com/issues/24836
Notes:
bwh> If I understand this rightly, this is a vulnerability in the Ceph
bwh> server, not the in-kernel client. But the fix is an incompatible
bwh> protocol change, and that's why the client needs to be updated too.
bwh> I don't think this is practical for 3.16 as the protocol change
bwh> seems to depend on message signatures which were added in 3.19.
Bugs:
upstream: released (4.19-rc1) [6daca13d2e72bedaaacfc08f873114c9307d5aea]
4.19-upstream-stable: N/A "Fixed before branch point"
4.9-upstream-stable: released (4.9.144) [06e925920d4de3da2114876bc607447e929604af]
3.16-upstream-stable: ignored "Protocol change is too difficult"
sid: released (4.19.9-1)
4.9-stretch-security: released (4.9.144-1)
3.16-jessie-security: ignored "Protocol change is too difficult"
|