From 86068a9cbdd243488055dd3685c76cc498746966 Mon Sep 17 00:00:00 2001
From: Zac Dover <zac.dover@proton.me>
Date: Tue, 16 Apr 2024 01:41:51 +1000
Subject: [PATCH] doc/security: update CVE list

Update the list of CVEs in doc/security/cves.rst.

Co-authored-by: Ilya Dryomov <idryomov@redhat.com>
Signed-off-by: Zac Dover <zac.dover@proton.me>
(cherry picked from commit 8381259a46fbd04218946b67e73e140cb054e3d8)
---
 doc/security/cves.rst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/doc/security/cves.rst b/doc/security/cves.rst
index 8bbccbf64d6ea..fcb3440c70c6a 100644
--- a/doc/security/cves.rst
+++ b/doc/security/cves.rst
@@ -5,6 +5,10 @@ Past vulnerabilities
 +------------+-------------------+-------------+---------------------------------------------+
 | Published  | CVE               | Severity    | Summary                                     |
 +------------+-------------------+-------------+---------------------------------------------+
+| 2023-02-02 | `CVE-2023-46159`_ | Medium      | DoS from RGW                                |
++------------+-------------------+-------------+---------------------------------------------+
+| 2023-01-17 | `CVE-2022-3650`_  | High        | ceph-crash run as user, not root            |
++------------+-------------------+-------------+---------------------------------------------+
 | 2022-07-21 | `CVE-2022-0670`_  | Medium      | Native-CephFS Manila Path-restriction bypass|
 +------------+-------------------+-------------+---------------------------------------------+
 | 2021-05-13 | `CVE-2021-3531`_  | Medium      | Swift API denial of service                 |
@@ -80,6 +84,8 @@ Past vulnerabilities
     CVE-2021-3509 <CVE-2021-3509.rst>
     CVE-2021-20288 <CVE-2021-20288.rst>
 
+.. _CVE-2023-46159: https://nvd.nist.gov/vuln/detail/cve-2023-46159
+.. _CVE-2022-3650: https://nvd.nist.gov/vuln/detail/cve-2022-3650
 .. _CVE-2022-0670: ../CVE-2022-0670
 .. _CVE-2021-3531: ../CVE-2021-3531
 .. _CVE-2021-3524: ../CVE-2021-3524
-- 
2.39.5