[SRU] ceph 16.2.4
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Cloud Archive |
Fix Released
|
High
|
Unassigned | ||
Wallaby |
Fix Released
|
High
|
Unassigned | ||
Xena |
Fix Released
|
High
|
Unassigned | ||
ceph (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Hirsute |
Fix Released
|
High
|
Unassigned | ||
Impish |
Fix Released
|
High
|
Unassigned |
Bug Description
[Impact]
This release fixes several bugs. We would like to make sure all of our users have access to these improvements.
The update contains the following package updates:
* ceph 16.2.4
[Test Case]
The following SRU process was followed:
https:/
In order to avoid regression of existing users, the OpenStack team will run their continuous integration test against the packages that are in -proposed. A successful run of all available tests will be required before the proposed packages can be let into -updates.
The OpenStack team will be in charge of attaching the output summary of the executed tests. The OpenStack team members will not mark ‘verification-done’ until this has happened.
[Regression Potential]
In order to mitigate the regression potential, the results of the
aforementioned tests are attached to this bug.
Changed in ceph (Ubuntu Impish): | |
importance: | Undecided → High |
Changed in ceph (Ubuntu Hirsute): | |
importance: | Undecided → High |
description: | updated |
Changed in cloud-archive: | |
status: | New → Fix Committed |
This bug was fixed in the package ceph - 16.2.4-0ubuntu1
---------------
ceph (16.2.4-0ubuntu1) impish; urgency=medium
* d/rules,control: Enable new crimson-osd package and provide
seastar based crimson-osd binary.
* SECURITY UPDATE: New upstream release (LP: #1928645):
- CVE-2021-3509: Dashboard XSS via token cookie.
- CVE-2021-3531: Swift API denial of service.
- CVE-2021-3531: HTTP header injects via CORS in RGW.
- d/p/bug1925347.patch: Drop, included in release.
-- James Page <email address hidden> Tue, 25 May 2021 09:14:52 +0100