* [PATCH] ceph: update to 15.2.12 to address CVEs - IGNORE
@ 2021-05-21 17:01 Saul Wold
2021-05-21 17:30 ` [meta-virtualization] " Randy MacLeod
0 siblings, 1 reply; 2+ messages in thread
From: Saul Wold @ 2021-05-21 17:01 UTC (permalink / raw)
To: meta-virtualization
Updated sha*
Fixes: CVE-2021-3509
Fixes: CVE-2021-3524
Fixes: CVE-2021-3531
Signed-off-by: Saul Wold <saul.wold@windriver.com>
---
.../ceph/{ceph_15.2.9.bb => ceph_15.2.12.bb} | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
rename recipes-extended/ceph/{ceph_15.2.9.bb => ceph_15.2.12.bb} (91%)
diff --git a/recipes-extended/ceph/ceph_15.2.9.bb b/recipes-extended/ceph/ceph_15.2.12.bb
similarity index 91%
rename from recipes-extended/ceph/ceph_15.2.9.bb
rename to recipes-extended/ceph/ceph_15.2.12.bb
index 0d821f0b..9ba72b40 100644
--- a/recipes-extended/ceph/ceph_15.2.9.bb
+++ b/recipes-extended/ceph/ceph_15.2.12.bb
@@ -16,11 +16,10 @@ SRC_URI = "http://download.ceph.com/tarballs/ceph-${PV}.tar.gz \
file://0001-cmake-add-support-for-python3.9.patch \
"
-SRC_URI[md5sum] = "5a949b91199efe130bfe2e57f200eacd"
-SRC_URI[sha256sum] = "ea7fa2be68b3570c5c3aa02774dca27de20b6f20a8498f65e5c4ef375a209ace"
-SRC_URI[sha1sum] = "0503649d7c7d9268cb61b03bbe839106988f87d7"
-SRC_URI[sha384sum] = "57208c126ea8e640c3979073fd64ce58606f17b4b7ed2e005b0792bdfd51b13391af325658d0f68f961f94175d93e891"
-SRC_URI[sha512sum] = "1f55b0a13bf06df782831d0c9d5f8617c22442ab97fb186e6ccb08183e02bf1756caf8633fa6b1cf156c3fb7b1bdff90a60a1249adfad0b9450036e2329bf8ff"
+SRC_URI[sha1sum] = "9c76b298e1e659b9c5501003ac77fb28aab7823d"
+SRC_URI[sha256sum] = "8710f6700de83765138df8eb4fc7a5e7c66104dd838033e0827a1850f250ac85"
+SRC_URI[sha384sum] = "2a2f177e5b68f6f5d13b253a8d4daba9e956b4a79a40a4775aee288b60c612fe13b417d6baf77944c32b1181b2136f68"
+SRC_URI[sha512sum] = "08266a2e9a7ca5a37e03f340873571fd012c630dd898a87241cd97c29760b2bf41fe64c8883e7b08e0f83c26245072cd26e69ecb1db02378d1ec38335ba1cd0f"
DEPENDS = "boost bzip2 curl expat gperf-native \
keyutils libaio libibverbs lz4 \
--
2.17.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [meta-virtualization] [PATCH] ceph: update to 15.2.12 to address CVEs - IGNORE
2021-05-21 17:01 [PATCH] ceph: update to 15.2.12 to address CVEs - IGNORE Saul Wold
@ 2021-05-21 17:30 ` Randy MacLeod
0 siblings, 0 replies; 2+ messages in thread
From: Randy MacLeod @ 2021-05-21 17:30 UTC (permalink / raw)
To: meta-virtualization
On 2021-05-21 1:01 p.m., Saul Wold wrote:
> Updated sha*
>
> Fixes: CVE-2021-3509
> Fixes: CVE-2021-3524
> Fixes: CVE-2021-3531
Thanks for the test email Saul.
We have a new email filter so we're trying to confirm that the mangling
that we saw yesterday is fixed:
>
> Signed-off-by: Saul Wold <saul.wold@windriver.com>
> ---
Today I see:
> .../ceph/{ceph_15.2.9.bb => ceph_15.2.12.bb} | 9 ++++-----
Whereas yesterday in my mangled version, this would show up as:
.../ceph/{https://urldefense.com/v3/__http://ceph_15.2.9.bb__;!!AjveYdw8EvQ!J5oI8mC6n_4rfQGE-S3iJWnaD6zWYfXtrSqe-8pKP_UAUzOXalGOzU4j3gBdk-9fDL_8RA$
=>
https://urldefense.com/v3/__http://ceph_15.2.12.bb__;!!AjveYdw8EvQ!J5oI8mC6n_4rfQGE-S3iJWnaD6zWYfXtrSqe-8pKP_UAUzOXalGOzU4j3gBdk--szuRLtw$
} | 9 ++++-----
Ugh!!
Let's see if in a discussion thread that has URLs will get mangled
for Wind River readers:
Here's a free LWN link for those who are reading along! :)
The misc control group
[LWN subscriber-only content]
https://lwn.net/SubscriberLink/856438/7f39950073461e6d/
If your IT group inflicts this system on you, you may find this
repo useful:
https://github.com/cardi/proofpoint-url-decoder
and of course you need to get the IT group to add some exceptions to
the system to allow the mailer lists / text formatted emails to
be delivered without url rewrites.
Sorry for the noise...
../Randy
> 1 file changed, 4 insertions(+), 5 deletions(-)
> rename recipes-extended/ceph/{ceph_15.2.9.bb => ceph_15.2.12.bb} (91%)
>
> diff --git a/recipes-extended/ceph/ceph_15.2.9.bb b/recipes-extended/ceph/ceph_15.2.12.bb
> similarity index 91%
> rename from recipes-extended/ceph/ceph_15.2.9.bb
> rename to recipes-extended/ceph/ceph_15.2.12.bb
> index 0d821f0b..9ba72b40 100644
> --- a/recipes-extended/ceph/ceph_15.2.9.bb
> +++ b/recipes-extended/ceph/ceph_15.2.12.bb
> @@ -16,11 +16,10 @@ SRC_URI = "http://download.ceph.com/tarballs/ceph-${PV}.tar.gz \
> file://0001-cmake-add-support-for-python3.9.patch \
> "
>
> -SRC_URI[md5sum] = "5a949b91199efe130bfe2e57f200eacd"
> -SRC_URI[sha256sum] = "ea7fa2be68b3570c5c3aa02774dca27de20b6f20a8498f65e5c4ef375a209ace"
> -SRC_URI[sha1sum] = "0503649d7c7d9268cb61b03bbe839106988f87d7"
> -SRC_URI[sha384sum] = "57208c126ea8e640c3979073fd64ce58606f17b4b7ed2e005b0792bdfd51b13391af325658d0f68f961f94175d93e891"
> -SRC_URI[sha512sum] = "1f55b0a13bf06df782831d0c9d5f8617c22442ab97fb186e6ccb08183e02bf1756caf8633fa6b1cf156c3fb7b1bdff90a60a1249adfad0b9450036e2329bf8ff"
> +SRC_URI[sha1sum] = "9c76b298e1e659b9c5501003ac77fb28aab7823d"
> +SRC_URI[sha256sum] = "8710f6700de83765138df8eb4fc7a5e7c66104dd838033e0827a1850f250ac85"
> +SRC_URI[sha384sum] = "2a2f177e5b68f6f5d13b253a8d4daba9e956b4a79a40a4775aee288b60c612fe13b417d6baf77944c32b1181b2136f68"
> +SRC_URI[sha512sum] = "08266a2e9a7ca5a37e03f340873571fd012c630dd898a87241cd97c29760b2bf41fe64c8883e7b08e0f83c26245072cd26e69ecb1db02378d1ec38335ba1cd0f"
>
> DEPENDS = "boost bzip2 curl expat gperf-native \
> keyutils libaio libibverbs lz4 \
>
>
>
>
>
--
# Randy MacLeod
# Wind River Linux
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-05-21 17:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-21 17:01 [PATCH] ceph: update to 15.2.12 to address CVEs - IGNORE Saul Wold
2021-05-21 17:30 ` [meta-virtualization] " Randy MacLeod
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.