[SRU] ceph 14.2.22
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Cloud Archive |
Invalid
|
Undecided
|
Unassigned | ||
Train |
Fix Released
|
High
|
James Page |
Bug Description
[Impact]
This release fixes several bugs. We would like to make sure all of our users have access to these improvements.
The update contains the following package updates:
* ceph 14.2.22
[Test Case]
The following SRU process was followed:
https:/
In order to avoid regression of existing users, the OpenStack team will run their continuous integration test against the packages that are in -proposed. A successful run of all available tests will be required before the proposed packages can be let into -updates.
The OpenStack team will be in charge of attaching the output summary of the executed tests. The OpenStack team members will not mark ‘verification-done’ until this has happened.
[Regression Potential]
In order to mitigate the regression potential, the results of the
aforementioned tests are attached to this bug.
The primary aim is to have a Nautilus release for fixing the
CVE 2021-20288 [0].
The fix for [0] went into 14.2.20. Since 142.22 has already been
released (upstream) and likely to be last point release in Nautlius,
it makes sense to target that.
[0] https:/ /docs.ceph. com/en/ latest/ security/ CVE-2021- 20288/# cve-2021- 20288-unauthori zed-global- id-reuse- in-cephx