Source: ceph Source-Version: 14.2.15-1 On Wed, Dec 29, 2021 at 09:21:07AM +0000, Debian Bug Tracking System wrote: > This is an automatic notification regarding your Bug report > which was filed against the src:ceph package: > > #975300: ceph: CVE-2020-10753: radosgw: HTTP header injection via CORS > ExposeHeader tag > > It has been closed by Thomas Goirand <z...@debian.org>. > > Their explanation is attached below along with your original report. > If this explanation is unsatisfactory and you have not received a > better one in a separate message then please contact Thomas Goirand > <z...@debian.org> by > replying to this email. > > > -- > 975300: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975300 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems
> From: Thomas Goirand <z...@debian.org> > User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 > Thunderbird/78.14.0 > Date: Wed, 29 Dec 2021 10:20:03 +0100 > To: 975300-d...@bugs.debian.org > Subject: Fixed > Message-ID: <aa892be9-7ee8-a88b-0389-bfb1de0a9...@debian.org> > > This was fixed in Bullseye, and in unstable. Right, TTBOMK, should be with the upload of 14.2.15-1 to unstable. So marking it as such. Regards, Salvatore
