Created attachment 213901 [details] net/ceph14: security update to 14.2.9 Notable Changes CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting vuxml: 5b6bc863-89dc-11ea-af8b-00155d0a0200
Comment on attachment 213901 [details] net/ceph14: security update to 14.2.9 corry. copy/paste error with numbers
(In reply to Dima Panov from comment #0) Thanx for adding those. --WjW
A commit references this bug: Author: fluffy Date: Wed May 6 14:37:38 UTC 2020 New revision: 534177 URL: https://svnweb.freebsd.org/changeset/ports/534177 Log: net/ceph14: security update to 14.2.9 CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting PR: 246019 Submitted by: fluffy Approved by: maintainer Relnotes: https://ceph.io/releases/v14-2-9-nautilus-released/ Security: 5b6bc863-89dc-11ea-af8b-00155d0a0200 Security: CVE-2020-1759, CVE-2020-1760 Changes: head/net/ceph14/Makefile head/net/ceph14/distinfo head/net/ceph14/files/file-git_version