On Fri, May 5, 2017 at 1:51 PM, Yehuda Sadeh-Weinraub <yehuda@xxxxxxxxxx> wrote: > > TL;DR: Does anyone care if we remove support for fastcgi in rgw? Please remove it as soon as possible. The old libfcgi project's code is a security liability. When upstream died, there was a severe lack of coordination around distributing patches to fix CVE-2012-6687. I expect a similar level of chaos if another CVE surfaces in this library. There are also unanswered questions about libfcgi's continued use of poll vs select, see https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417/comments/5 . - Ken -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
