Chris, similar to Bug 26362 for slurm, you've imported ceph late in the release cycle and we haven't been tracking security bugs since it has been dropped. Just looking back through this year's advisories, I find the following issues. Please keep up with this package's security issues in the future. CVE-2020-10753 https://www.openwall.com/lists/oss-security/2020/06/25/5 https://lists.opensuse.org/opensuse-security-announce/2020-06/msg00062.html https://access.redhat.com/errata/RHSA-2020:3505 https://access.redhat.com/errata/RHSA-2020:3504 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FFU7LXEL2UZE565FJBTY7UGH2O7ZUBVS/ CVE-2020-10736 https://www.openwall.com/lists/oss-security/2020/05/19/1 CVE-2020-12059 https://lists.suse.com/pipermail/sle-security-updates/2020-April/006768.html CVE-2020-1760 https://www.openwall.com/lists/oss-security/2020/04/07/1 https://www.debian.org/lts/security/2020/dla-2171 https://access.redhat.com/errata/RHSA-2020:3003 CVE-2020-1759 https://www.openwall.com/lists/oss-security/2020/04/07/2 https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/ CVE-2020-1716 https://access.redhat.com/errata/RHSA-2020:2231 CVE-2020-1700 https://www.openwall.com/lists/oss-security/2020/01/31/2 https://ubuntu.com/security/notices/USN-4304-1 CVE-2020-1699 https://lists.opensuse.org/opensuse-security-announce/2020-02/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/
Going through the list, I see that the fixes have been all pushed to our version 15.2.4, but others will come for sure. I am closing for the time being then.
Resolution: (none) => FIXEDStatus: NEW => RESOLVED