ceph 15.2.1
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ceph (Ubuntu) |
Fix Released
|
High
|
James Page | ||
Bug Description
This is the first bugfix release of Ceph Octopus, we recommend all
Octopus users
upgrade. This release fixes an upgrade issue and also has 2 security
fixes
Notable Changes
~~~~~~~~~~~~~~~
* issue#44759: Fixed luminous-
* CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode
* CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting
ChangeLog
~~~~~~~~~
build/ops: fix ceph_release type to ‘stable’ (pr#34194, Sage Weil)
build/ops: vstart_runner.py: fix OSError when checking if non-existent path is mounted (pr#34132, Alfonso Martínez)
cephadm: Add alertmanager adopt (pr#34157, Eric Jackson)
cephadm: Add alertmanager sample (pr#34158, Eric Jackson)
cephadm: Fix truncated output of “ceph mgr dump” (pr#34258, Sebastian Wagner)
mgr/cephadm: Add example to run when debugging ssh failures (pr#34153, Sebastian Wagner)
mgr/cephadm: DriveGroupSpec needs to support/ignore _unmanaged_ (pr#34185, Joshua Schmid)
mgr/cephadm: bind grafana to all interfaces (pr#34191, Sage Weil)
mgr/cephadm: fix ‘orch ps –refresh’ (pr#34190, Sage Weil)
mgr/cephadm: fix ‘upgrade start’ message when specifying a version (pr#34186, Sage Weil)
mgr/cephadm: include alerts in prometheus deployment (pr#34155, Sage Weil)
mgr/cephadm: point alertmanager at all mgr/dashboard URLs (pr#34154, Sage Weil)
mgr/cephadm: provision nfs-ganesha via orchestrator (pr#34192, Michael Fritch)
mgr/dashboard: Check for missing npm resolutions (pr#34202, Tiago Melo)
mgr/dashboard: NoRebalance flag is added to the Dashboard (pr#33939, Nizamudeen)
mgr/dashboard: correct Orchestrator documentation link (pr#34212, Tatjana Dehler)
mgr/dashboard: do not fail on user creation (CLI) (pr#34280, Tatjana Dehler)
mgr/orch: allow list daemons by service_name (pr#34160, Kiefer Chang)
mgr/prometheus: ceph_pg_* metrics contains last value instead of sum across all reported states (pr#34163, Jacek Suchenia)
mgr/rook: Blinking lights (pr#34199, Juan Miguel Olmo Martínez)
osd/PeeringState: drop mimic assert (pr#34204, Sage Weil)
osd/PeeringState: fix pending want_acting vs osd offline race (pr#34123, xie xingguo)
pybind/mgr: fix config_notify handling of default values (pr#34178, Nathan Cutler)
rbd: librbd: fix client backwards compatibility issues (issue#39450, issue#38834, pr#34323, Jason Dillaman)
tools: ceph-backport.sh: add deprecation warning (pr#34125, Nathan Cutler)
| Changed in ceph (Ubuntu): | |
| importance: | Undecided → High |
| status: | New → In Progress |
| assignee: | nobody → James Page (james-page) |
| description: | updated |
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in ceph (Ubuntu): | |
| status: | In Progress → Fix Released |
This bug was fixed in the package ceph - 15.2.1-0ubuntu1
---------------
ceph (15.2.1-0ubuntu1) focal; urgency=high
* New upstream point release for Octopus (LP: #1873193):
- CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode.
- CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting.
* d/copyright: Restore excluded files.
-- James Page <email address hidden> Fri, 17 Apr 2020 20:08:37 +0100