Backport #48638
nautilus: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client
Release:
nautilus
Crash signature (v1):
Crash signature (v2):
Description
commit 7e3e4e73783a98bb07ab399438eb3aab41a6fc8b upstream/heads/nautilus (upstream/heads/nautilus) gpg: Signature made Wed 16 Dec 2020 08:23:02 AM PST gpg: using RSA key 88AD60FFD3FC04B6DB87CBAC3A2A7E25BEA8AADB gpg: Good signature from "Patrick Joseph Donnelly (Hacker) <batrick@batbytes.com>" [ultimate] gpg: aka "Patrick Joseph Donnelly (Software Engineer) <pdonnell@redhat.com>" [ultimate] Merge: afdd217ae5f a18b92d39f5 Author: Patrick Donnelly <pdonnell@redhat.com> Date: Wed Dec 16 08:22:51 2020 -0800 Merge branch 'CVE-2020-27781-nautilus' into nautilus * CVE-2020-27781-nautilus: tasks/cephfs/test_volume_client: Add tests for authorize/deauthorize pybind/ceph_volume_client: Optionally authorize existing auth-ids pybind/ceph_volume_client: Preserve existing caps while authorize/deauthorize auth-id pybind/ceph_volume_client: Disallow authorize auth_id pybind/ceph_volume_client: Fix PEP-8 SyntaxWarning Reviewed-by: Ramana Raja <rraja@redhat.com> Reviewed-by: Kotresh Hiremath Ravishankar <khiremat@redhat.com>
Related issues
History
#1 Updated by Backport Bot over 3 years ago
- Copied from Bug #48555: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client added
#2 Updated by Patrick Donnelly over 3 years ago
- Description updated (diff)
- Status changed from New to Resolved
- Assignee set to Patrick Donnelly
- Target version set to v14.2.16
#3 Updated by Nathan Cutler over 3 years ago
- Status changed from Resolved to In Progress
#4 Updated by Nathan Cutler over 3 years ago
- Status changed from In Progress to Resolved