This bug was fixed in the package ceph - 14.2.9-0ubuntu0.19.10.1~cloud0
---------------
ceph (14.2.9-0ubuntu0.19.10.1~cloud0) bionic-train; urgency=medium
.
* New upstream release for the Ubuntu Cloud Archive.
.
ceph (14.2.9-0ubuntu0.19.10.1) eoan; urgency=medium
.
[ Tiago Pasqualini da Silva ]
* d/p/bug1867386: Cherry pick change that adds new configuration
option in RGW Beast frontend to allow tuning of maximum backlog
of pending connections (LP: #1867386).
.
[ James Page ]
* New upstream point release (LP: #1878146) including fixes for:
- CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode
- CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting
This bug was fixed in the package ceph - 14.2.9- 0ubuntu0. 19.10.1~ cloud0
---------------
ceph (14.2.9- 0ubuntu0. 19.10.1~ cloud0) bionic-train; urgency=medium 0ubuntu0. 19.10.1) eoan; urgency=medium
.
* New upstream release for the Ubuntu Cloud Archive.
.
ceph (14.2.9-
.
[ Tiago Pasqualini da Silva ]
* d/p/bug1867386: Cherry pick change that adds new configuration
option in RGW Beast frontend to allow tuning of maximum backlog
of pending connections (LP: #1867386).
.
[ James Page ]
* New upstream point release (LP: #1878146) including fixes for:
- CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode
- CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting