meta-virtualization

mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 12:50:22 +02:00

History

jason.lau 3bfea241d0 ceph: fix CVE-2020-10736 An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the configuration and possibly conduct further attacks. Upstream patches: [master] `c7e7009a69` [v15.2.2] `f2cf2ce1bd` CVE: CVE-2020-10736 Signed-off-by: Liu Haitao <haitao.liu@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>	2020-07-06 16:28:54 -04:00
..
ceph	ceph: fix CVE-2020-10736	2020-07-06 16:28:54 -04:00
ceph_15.2.0.bb	ceph: fix CVE-2020-10736	2020-07-06 16:28:54 -04:00

jason.lau 3bfea241d0 ceph: fix CVE-2020-10736

An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2,
where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in
gaining access to unauthorized resources. This flaw allows an authenticated client to
modify the configuration and possibly conduct further attacks.

Upstream patches:

[master] c7e7009a69
[v15.2.2] f2cf2ce1bd

CVE: CVE-2020-10736

Signed-off-by: Liu Haitao <haitao.liu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

2020-07-06 16:28:54 -04:00

ceph ceph: fix CVE-2020-10736 2020-07-06 16:28:54 -04:00

ceph_15.2.0.bb ceph: fix CVE-2020-10736 2020-07-06 16:28:54 -04:00