<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36b8d8b81e5e6b4888aa0db1e0beb8809c5ccf49">36b8d8b8</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2020-04-24T14:54:47+02:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Track fixed version for CVE-2020-12059/ceph

In upstream dc808953f2f1 ("rgw: rework lifecycle parsing")[1] which is

contained in v14.1.0 the code was modified to use the new style xml

parsing, and the issue does not affect the 14.x series.

The CVE though affect all v13.2.x and fixed in v13.2.10 and as well the

v13.2.x (potentially as well the older series, but this is not yet

checked).

 [1]: <https://github.com/ceph/ceph/commit/dc808953f2f1d12a2bb587f388598ca3e8a0b440

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36b8d8b81e5e6b4888aa0db1e0beb8809c5ccf49#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36b8d8b81e5e6b4888aa0db1e0beb8809c5ccf49">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36b8d8b81e5e6b4888aa0db1e0beb8809c5ccf49"}}</script>

</p>

</div>

</body>

</html>