pponnuvel
commented
4 months ago Don't ignore Ceph ;-)
There's one more CVE-2021-20288: storage/ceph/ceph-mon/auth_insecure_global_id_reclaim_allowed.yaml
Closed dosaboy closed 4 months ago
pponnuvel
commented
4 months ago Don't ignore Ceph ;-)
There's one more CVE-2021-20288: storage/ceph/ceph-mon/auth_insecure_global_id_reclaim_allowed.yaml
sombrafam
commented
4 months ago Don't ignore Ceph ;-)
There's one more CVE-2021-20288: storage/ceph/ceph-mon/auth_insecure_global_id_reclaim_allowed.yaml
What would you change for the ceph-specific case?
pponnuvel
commented
4 months ago Don't ignore Ceph ;-) There's one more CVE-2021-20288: storage/ceph/ceph-mon/auth_insecure_global_id_reclaim_allowed.yaml
What would you change for the ceph-specific case?
I was thinking the same as others: replacing CephWarning with UbuntuCVE and linking https://ubuntu.com/security/CVE-2021-20288
dosaboy
commented
4 months ago Don't ignore Ceph ;-)
There's one more CVE-2021-20288: storage/ceph/ceph-mon/auth_insecure_global_id_reclaim_allowed.yaml
that scenario does not necessarily prove that the package installed contains the CVE iiuc? hence why i didnt change it
Adds a new UbuntuCVE issue type for raising issues with and link to a cve. This is particularly useful when there is no Launchpad url.