[Git][security-tracker-team/security-tracker][master] Reserve DLA-4460-1 for ceph

Utkarsh Gupta (@utkarsh) utkarsh at debian.org
Sat Jan 31 22:33:17 GMT 2026 


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a50069e by Utkarsh Gupta at 2026-02-01T04:03:00+05:30
Reserve DLA-4460-1 for ceph

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -371433,7 +371433,6 @@ CVE-2022-0671 (A flaw was found in vscode-xml in versions prior to 0.19.0. Schem
 	NOT-FOR-US: vscode-xml
 CVE-2022-0670 (A flaw was found in Openstack manilla owning a Ceph File system "share ...)
 	- ceph 16.2.10+ds-1 (bug #1016069)
-	[bullseye] - ceph <no-dsa> (Minor issue)
 	[buster] - ceph <not-affected> (The volumes manager module was added in Ceph 14)
 	NOTE: https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/
 	NOTE: https://docs.ceph.com/en/latest/security/CVE-2022-0670/


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[01 Feb 2026] DLA-4460-1 ceph - security update
+	{CVE-2022-0670 CVE-2024-47866}
+	[bullseye] - ceph 14.2.21-1+deb11u2
 [29 Jan 2026] DLA-4459-1 libmatio - security update
 	{CVE-2022-1515 CVE-2025-2338 CVE-2025-50343}
 	[bullseye] - libmatio 1.5.19-2+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -62,14 +62,6 @@ ca-certificates
   NOTE: 20250811: upload ca-certificates-java (rouca)
   NOTE: 20250811: wait for direction from security team about bookworm update first (rouca)
 --
-ceph
-  NOTE: 20251116: Added by Front-Desk (ta)
-  NOTE: 20251202: update prepared; will ping zigo to review. (utkarsh)
-  NOTE: 20251221: still awaiting zigo's feedback. (utkarsh)
-  NOTE: 20250104: zigo says he can test it this week hopefully. (utkarsh)
-  NOTE: 20250104: package is already uploaded to debusine, just sign+dcut is left. (utkarsh)
-  NOTE: 20250119: zigo got back, set up is ready, asked for a repository with the fix. (utkarsh)
---
 ckeditor
   NOTE: 20241002: Added by Front-Desk (Beuc)
   NOTE: 20241002: Multiple CVEs have been piling up (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a50069ee29ca6a4e9440628ca699753431e452e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a50069ee29ca6a4e9440628ca699753431e452e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260131/9f20e4c4/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list