ceph: CVE-2020-10753: radosgw: HTTP header injection via CORS ExposeHeader tag

Debian Bug report logs - #975300
ceph: CVE-2020-10753: radosgw: HTTP header injection via CORS ExposeHeader tag

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: ceph: CVE-2020-10753: radosgw: HTTP header injection via CORS ExposeHeader tag

Date: Fri, 20 Nov 2020 09:38:49 +0100

Source: ceph
Version: 14.2.9-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

Hi,

The following vulnerability was published for ceph.

CVE-2020-10753[0]:
| A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object
| Gateway). The vulnerability is related to the injection of HTTP
| headers via a CORS ExposeHeader tag. The newline character in the
| ExposeHeader tag in the CORS configuration file generates a header
| injection in the response when the CORS request is made. Ceph versions
| 3.x and 4.x are vulnerable to this issue.

The fix schould be included in 14.2.10 as well upstream.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-10753
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10753
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1840744

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Send a report that this bug log contains spam.