[Bug 1958926] Re: CVE escalation request
Chris Newcomer
1958926 at bugs.launchpad.net
Mon Jan 31 17:44:25 UTC 2022
I've seen the issues with backporting the upstream fix into 2.2 and it
does not look like something that is recommended. I'm working with the
customer to see if the workaround of using `--disable-
luks2-reencryption` to mitigate their security concerns is a good
solution.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1958926
Title:
CVE escalation request
Status in cryptsetup package in Ubuntu:
New
Bug description:
This bug is to request the Security team address a CVE. The information required is located in the following document:
https://docs.google.com/document/d/1pnH9UIQwgTYMKOB__xTEOyPy4K3BGK8OAbMpPwtjUqc/
I don't have the option to select the checkbox for "This bug is a
security vulnerability". I added the flag to the URL when I created
the bug, so I'm hoping it will be tagged correctly. If it is not,
please forward this to the Security team.
Thanks,
Chris
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1958926/+subscriptions
More information about the foundations-bugs
mailing list