diff options
| author |   Yixun Lan <dlan@gentoo.org> | 2017-01-16 12:18:53 +0800 |
|---|---|---|
| committer | Yixun Lan <dlan@gentoo.org> | 2017-01-16 12:25:08 +0800 |
| commit | e994b8d5f66c45bc0af44dfc86c7c96580557cdb (patch) | |
| tree | 7ff05f1a89ed7577b042d309ca44056d1bdcaaec /profiles | |
| parent | media-video/vlc: Security cleanup (bug #584510) (diff) | |
| download | gentoo-e994b8d5f66c45bc0af44dfc86c7c96580557cdb.tar.gz gentoo-e994b8d5f66c45bc0af44dfc86c7c96580557cdb.tar.bz2 gentoo-e994b8d5f66c45bc0af44dfc86c7c96580557cdb.zip | |
sys-cluster/ceph: fix "RGW Denial of Service" security bug
reasons for why p.mask them instead of removing:
ceph has kind of picky upgrade path for new versions.
for example, users want an online upgrade to 10.x while they are still using
old version (<0.94.x), need to upgrade to 0.94.x/9.x first, then upgrade 10.x
http://docs.ceph.com/docs/master/release-notes/
search: Upgrading from Firefly
Closes: https://github.com/gentoo/gentoo/pull/3394
Gentoo-Bug: 598206
Signed-off-by: Yixun Lan <dlan@gentoo.org>
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/package.mask | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/profiles/package.mask b/profiles/package.mask index cb176eb7eef7..944e75c266ac 100644 --- a/profiles/package.mask +++ b/profiles/package.mask @@ -30,6 +30,12 @@ #--- END OF EXAMPLES --- +# Yixun Lan <dlan@gentoo.org> (16 Jan 2017) +# Masked, Vulnerable due to RGW Denial of Service (bug #598206) +# We mask it instead of removing them, due user may need them while +# upgrade from old versions (<0.94.x) +<sys-cluster/ceph-10.2.3-r1 + # Patrice Clement <monsieurp@gentoo.org> (15 Jan 2017) # Upstream dead a while ago. Sources are nowhere to be found. # Masked for removal in 30 days. |