Merge version 14.2.20-2+rpi1 and 14.2.21-1 to produce 14.2.21-1+rpi1

diff --cc debian/changelog
index 9ade694febc3bb3505f5d443b0db32393249b865,9a9cea604b8d7d837c6ce3a9d7c76ec60e53ab15..172276856e0a83ee1b53a7f900f586f2ae6e2b64
--- 1/debian/changelog
--- 2/debian/changelog
+++ b/debian/changelog
@@@ -1,15 -1,12 +1,25 @@@
- ceph (14.2.20-2+rpi1) bullseye-staging; urgency=medium
++ceph (14.2.21-1+rpi1) bullseye-staging; urgency=medium
 +
 +  [changes brought forward from 10.2.5-7.2+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 30 Jul 2017 09:48:17 +0000]
 +  * Add Raspbian to lists of "debian-like" distros.
 +    + Hopefully this will fix site-packages vs dist-packages
 +      build failure in Raspbian.
 + 
 +  [changes introduced in 14.2.5-3+rpi1 by Peter Michael Green]
 +  * Remove problematic gitattributes files.
 +  * Disable neon on armhf too.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Tue, 11 May 2021 15:04:10 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Fri, 04 Jun 2021 01:22:25 +0000
++
+ ceph (14.2.21-1) unstable; urgency=high
+ 
+   * New upstream release, resolving these:
+     - CVE-2021-3509: Cross Site Scripting via token Cookie (Closes: #988888).
+     - CVE-2021-3524: injection of HTTP headers via a CORS ExposeHeader tag in
+       the Ceph Storage RadosGW (Closes: #988889).
+     - CVE-2021-3531: RadosGW denial of service (crash) (Closes: #988890).
+ 
+  -- Thomas Goirand <zigo@debian.org>  Thu, 27 May 2021 12:04:21 +0200
  
  ceph (14.2.20-2) unstable; urgency=medium