27 Sep
2023
27 Sep
'23
11:36 a.m.
Hey Ceph-users,
i just noticed there is a post to oss-security
(https://www.openwall.com/lists/oss-security/2023/09/26/10) about a
security issue with Ceph RGW.
Signed by IBM / Redhat and including a patch by DO.
I also raised an issue on the tracker
(https://tracker.ceph.com/issues/63004) about this, as I could not find
one yet.
It seems a weird way of disclosing such a thing and am wondering if
anybody knew any more about this?
Regards
Christian
27 Sep
27 Sep
5:46 p.m.
We discussed this in the CLT today and Casey can talk more about the impact
and technical state of affairs.
This was disclosed on the security list and it’s rated as a bug that did
not require hotfix releases due to the limited escalation scope.
-Greg
On Wed, Sep 27, 2023 at 1:37 AM Christian Rohmann <
christian.rohmann(a)inovex.de> wrote:
Hey Ceph-users,
i just noticed there is a post to oss-security
(https://www.openwall.com/lists/oss-security/2023/09/26/10) about a
security issue with Ceph RGW.
Signed by IBM / Redhat and including a patch by DO.
I also raised an issue on the tracker
(https://tracker.ceph.com/issues/63004) about this, as I could not find
one yet.
It seems a weird way of disclosing such a thing and am wondering if
anybody knew any more about this?
Regards
Christian
_______________________________________________
ceph-users mailing list -- ceph-users(a)ceph.io
To unsubscribe send an email to ceph-users-leave(a)ceph.io
235
days inactive
235
days old
1 comments
2 participants
participants (2)
-
Christian Rohmann -
Gregory Farnum