[Git][security-tracker-team/security-tracker][master] Reserve DSA number for ceph update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 3 21:57:22 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
df757d1d by Salvatore Bonaccorso at 2026-06-03T22:56:47+02:00
Reserve DSA number for ceph update
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -146377,7 +146377,7 @@ CVE-2025-5731 (A flaw was found in Infinispan CLI. A sensitive password, decoded
CVE-2025-52555 (Ceph is a distributed object, block, and file storage platform. In ver ...)
{DLA-4310-1}
- ceph 18.2.6-1 (bug #1108410)
- [bookworm] - ceph <no-dsa> (Minor issue)
+ [bookworm] - ceph 16.2.15+ds-0+deb12u2
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2374412
NOTE: https://www.openwall.com/lists/oss-security/2025/06/26/1
NOTE: https://github.com/ceph/ceph/pull/60314
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[03 Jun 2026] DSA-6321-1 ceph - security update
+ {CVE-2024-31884 CVE-2024-47866}
+ [bookworm] - ceph 16.2.15+ds-0+deb12u2
+ [trixie] - ceph 18.2.7+ds-1+deb13u1
[02 Jun 2026] DSA-6320-1 php-twig - security update
{CVE-2024-51754 CVE-2026-46628 CVE-2026-46629 CVE-2026-46633 CVE-2026-46637 CVE-2026-47730}
[bookworm] - php-twig 3.5.1-1+deb12u3
=====================================
data/dsa-needed.txt
=====================================
@@ -19,9 +19,6 @@ atril
--
botan3/stable
--
-ceph (carnil)
- for CVE-2024-47866, rest harmless
---
cups
--
dulwich
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df757d1df2ca3978698edc14a8afdd09d72c55db
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df757d1df2ca3978698edc14a8afdd09d72c55db
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260603/0626b76f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list