Actions
Backport #48637
closedoctopus: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client
Release:
octopus
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
commit 1b8a634fdcd94dfb3ba650793fb1b6d09af65e05 upstream/heads/octopus (upstream/heads/octopus)
gpg: Signature made Wed 16 Dec 2020 08:21:46 AM PST
gpg: using RSA key 88AD60FFD3FC04B6DB87CBAC3A2A7E25BEA8AADB
gpg: Good signature from "Patrick Joseph Donnelly (Hacker) <batrick@batbytes.com>" [ultimate]
gpg: aka "Patrick Joseph Donnelly (Software Engineer) <pdonnell@redhat.com>" [ultimate]
Merge: e8cafbfec3e effb5942959
Author: Patrick Donnelly <pdonnell@redhat.com>
Date: Wed Dec 16 08:21:26 2020 -0800
Merge branch 'CVE-2020-27781-octopus' into octopus
* CVE-2020-27781-octopus:
tasks/cephfs/test_volume_client: Add tests for authorize/deauthorize
pybind/ceph_volume_client: Optionally authorize existing auth-ids
pybind/ceph_volume_client: Preserve existing caps while authorize/deauthorize auth-id
pybind/ceph_volume_client: Disallow authorize auth_id
Reviewed-by: Ramana Raja <rraja@redhat.com>
Reviewed-by: Kotresh Hiremath Ravishankar <khiremat@redhat.com>
Updated by Backport Bot over 3 years ago
- Copied from Bug #48555: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client added
Updated by Patrick Donnelly over 3 years ago
- Description updated (diff)
- Status changed from New to Resolved
- Assignee set to Patrick Donnelly
- Target version set to v15.2.8
Actions