[SECURITY] [DLA 4482-1] ceph security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4482-1] ceph security update
From: "Chris Lamb" <lamby@debian.org>
Date: Tue, 17 Feb 2026 19:00:06 -0800
Message-id: <[🔎] 177136703351.3111697.5257709627954928853@bigcat>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4482-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
February 17, 2026                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : ceph
Version        : 14.2.21-1+deb11u3
CVE ID         : CVE-2024-31884
Debian Bug     : 1126573

It was discovered that there was an issue in Ceph, the distributed
storage and file system, where the Python bindings did not correctly
implement SSL certificate checking.

For Debian 11 bullseye, this problem has been fixed in version
14.2.21-1+deb11u3.

We recommend that you upgrade your ceph packages.

For the detailed security status of ceph please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ceph

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmmU6nUACgkQHpU+J9Qx
HlgYRBAArjErUovekLd1v8GhMYqAXZZefpeXpElUlVvBOc1eCJccGEze1tKGxGCp
1H0sr9IJPU48jkdniiJQawb3k58e6ZP4O7fU4ASATt+Vl3u9RqjDUWZunCL+tF9y
/Q7dGialDLZ5SOJ6NhGgUPQg95DjznXMc/+xsK2+SB2Nv9szqJBkwa7wcmdYRRJZ
PGWjN/WUSty8WkiCafV0eQ2g0qD3GYlPAfdzOAkk/fwYKXqTKk3qf7uKA1xt5Hen
5mnNbiqnPrGmE9UdpFX2wE/q5cDMBb/Dyfih/6zvGy31xBURSNOAhKIataHcDaQ1
nplDP9AwSsQYBGANS2s1Z3CscXpU+Qe0d5gQEC/o2ZSFdwqtb08f1Dnuqhz6oV0+
xBTTt+S4Ggoor6ccFCdCc+SqWUW968sM26KYdJZ/H4ExdlLOETYtvJATSoz2R9vk
Ovxp0MiAZBE7k2zUM9aKxPqrq3ZCLinRgpBx+R1tytGuDMLmj+yfEXizPh3VRQ5a
FR7n5O7LP+iF2TjY3rvR5OH0cD3XDZxV7UhqYBO0f8JhRrY2sQBV5pkP73iRGXED
f25pRekmyKj9i2Cedavcizi9lXUVRqnv7NFu6xywWVHAsn+3mcvWUYby0JLC7c5c
ympyHEhU3lCi4ahil+HDDspFWVh5HH4kTZ+V6JqJkE+/lsbOP2Q=
=9RPI
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4481-1] libpng1.6 security update
Next by Date: [SECURITY] [DLA 4483-1] gimp security update
Previous by thread: [SECURITY] [DLA 4481-1] libpng1.6 security update
Next by thread: [SECURITY] [DLA 4483-1] gimp security update
Index(es):
- Date
- Thread