Bug#1026078: bullseye-pu: package ceph/14.2.21-1 CVE-2022-3650
- To: Thomas Goirand <zigo@debian.org>, 1026078@bugs.debian.org
- Subject: Bug#1026078: bullseye-pu: package ceph/14.2.21-1 CVE-2022-3650
- From: Jonathan Wiltshire <jmw@debian.org>
- Date: Fri, 17 Mar 2023 17:37:54 +0000
- Message-id: <ZBSlcv2P/eBdvH0B@powdarrmonkey.net>
- Reply-to: Jonathan Wiltshire <jmw@debian.org>, 1026078@bugs.debian.org
- In-reply-to: <167101513647.15579.13354900723638094831.reportbug@zbuz.infomaniak.ch>
- References: <167101513647.15579.13354900723638094831.reportbug@zbuz.infomaniak.ch> <167101513647.15579.13354900723638094831.reportbug@zbuz.infomaniak.ch>
Control: tag -1 moreinfo
On Wed, Dec 14, 2022 at 11:52:16AM +0100, Thomas Goirand wrote:
> I have prepared an update for Ceph in Bullseye to address
> CVE-2022-3650 (ie: ceph to root privilege escalation).
> The security team already told me that there will be no DSA.
Your upload doesn't match the debdiff on this bug (see
https://release.debian.org/proposed-updates/bullseye_diffs/ceph_14.2.21-1+deb11u1.debdiff).
Is that intentional or did something go wrong?
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Reply to: