FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ceph14 -- multiple security issues

Affected packages
14.1.1 < ceph14 < 14.2.9

Details

VuXML ID 5b6bc863-89dc-11ea-af8b-00155d0a0200
Discovery 2020-04-07
Entry 2020-04-14

RedHat reports:

ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions.

[source]

ceph: header-splitting in RGW GetObject has a possible XSS.

[source]

References

CVE Name CVE-2020-1759
CVE Name CVE-2020-1760
URL https://www.openwall.com/lists/oss-security/2020/04/07/1
URL https://www.openwall.com/lists/oss-security/2020/04/07/2

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.