In ceph, HTTP request headers without a ":" character that are handled in rgw_civetweb.cc:RGW::init_env() can cause variables to be set to NULL, leading to a crash or other potentially unspecified behaviour. Upstream Pull Request: https://github.com/ceph/ceph/pull/20403
Created ceph tracking bugs for this issue: Affects: fedora-all [bug 1546611]
Upstream Pull Request: https://github.com/ceph/ceph/pull/20564
upstream fix: https://github.com/ceph/ceph/pull/20564/commits/b206912d753778b8d889a903f509a6f951cf41a4?diff=unified
This issue has been addressed in the following products: Red Hat Ceph Storage 3.0 for Ubuntu 16.04 Via RHSA-2018:0546 https://access.redhat.com/errata/RHSA-2018:0546
This issue has been addressed in the following products: Red Hat Ceph Storage 3 for Red Hat Enterprise Linux 7 Via RHSA-2018:0548 https://access.redhat.com/errata/RHSA-2018:0548
This was fixed upstream in 12.2.4, the latest rebase fixed it downstream, too.
I am sorry, I had too many tabs opened and I have accidentally closed the wrong bug.