[Bug 1873193] [NEW] ceph 15.2.1

James Page james.page at ubuntu.com
Thu Apr 16 08:43:55 UTC 2020 

Public bug reported:

This is the first bugfix release of Ceph Octopus, we recommend all
Octopus users
upgrade. This release fixes an upgrade issue and also has 2 security
fixes

Notable Changes
~~~~~~~~~~~~~~~

* issue#44759: Fixed luminous->nautilus->octopus upgrade asserts
* CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode
* CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting

ChangeLog
~~~~~~~~~

build/ops: fix ceph_release type to ‘stable’ (pr#34194, Sage Weil)
build/ops: vstart_runner.py: fix OSError when checking if non-existent path is mounted (pr#34132, Alfonso Martínez)
cephadm: Add alertmanager adopt (pr#34157, Eric Jackson)
cephadm: Add alertmanager sample (pr#34158, Eric Jackson)
cephadm: Fix truncated output of “ceph mgr dump” (pr#34258, Sebastian Wagner)
mgr/cephadm: Add example to run when debugging ssh failures (pr#34153, Sebastian Wagner)
mgr/cephadm: DriveGroupSpec needs to support/ignore _unmanaged_ (pr#34185, Joshua Schmid)
mgr/cephadm: bind grafana to all interfaces (pr#34191, Sage Weil)
mgr/cephadm: fix ‘orch ps –refresh’ (pr#34190, Sage Weil)
mgr/cephadm: fix ‘upgrade start’ message when specifying a version (pr#34186, Sage Weil)
mgr/cephadm: include alerts in prometheus deployment (pr#34155, Sage Weil)
mgr/cephadm: point alertmanager at all mgr/dashboard URLs (pr#34154, Sage Weil)
mgr/cephadm: provision nfs-ganesha via orchestrator (pr#34192, Michael Fritch)
mgr/dashboard: Check for missing npm resolutions (pr#34202, Tiago Melo)
mgr/dashboard: NoRebalance flag is added to the Dashboard (pr#33939, Nizamudeen)
mgr/dashboard: correct Orchestrator documentation link (pr#34212, Tatjana Dehler)
mgr/dashboard: do not fail on user creation (CLI) (pr#34280, Tatjana Dehler)
mgr/orch: allow list daemons by service_name (pr#34160, Kiefer Chang)
mgr/prometheus: ceph_pg_* metrics contains last value instead of sum across all reported states (pr#34163, Jacek Suchenia)
mgr/rook: Blinking lights (pr#34199, Juan Miguel Olmo Martínez)
osd/PeeringState: drop mimic assert (pr#34204, Sage Weil)
osd/PeeringState: fix pending want_acting vs osd offline race (pr#34123, xie xingguo)
pybind/mgr: fix config_notify handling of default values (pr#34178, Nathan Cutler)
rbd: librbd: fix client backwards compatibility issues (issue#39450, issue#38834, pr#34323, Jason Dillaman)
tools: ceph-backport.sh: add deprecation warning (pr#34125, Nathan Cutler)

** Affects: ceph (Ubuntu)
     Importance: High
     Assignee: James Page (james-page)
         Status: In Progress

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1759

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1760

** Changed in: ceph (Ubuntu)
   Importance: Undecided => High

** Changed in: ceph (Ubuntu)
       Status: New => In Progress

** Changed in: ceph (Ubuntu)
     Assignee: (unassigned) => James Page (james-page)

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1873193

Title:
  ceph 15.2.1

Status in ceph package in Ubuntu:
  In Progress

Bug description:
  This is the first bugfix release of Ceph Octopus, we recommend all
  Octopus users
  upgrade. This release fixes an upgrade issue and also has 2 security
  fixes

  Notable Changes
  ~~~~~~~~~~~~~~~

  * issue#44759: Fixed luminous->nautilus->octopus upgrade asserts
  * CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode
  * CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting

  ChangeLog
  ~~~~~~~~~

  build/ops: fix ceph_release type to ‘stable’ (pr#34194, Sage Weil)
  build/ops: vstart_runner.py: fix OSError when checking if non-existent path is mounted (pr#34132, Alfonso Martínez)
  cephadm: Add alertmanager adopt (pr#34157, Eric Jackson)
  cephadm: Add alertmanager sample (pr#34158, Eric Jackson)
  cephadm: Fix truncated output of “ceph mgr dump” (pr#34258, Sebastian Wagner)
  mgr/cephadm: Add example to run when debugging ssh failures (pr#34153, Sebastian Wagner)
  mgr/cephadm: DriveGroupSpec needs to support/ignore _unmanaged_ (pr#34185, Joshua Schmid)
  mgr/cephadm: bind grafana to all interfaces (pr#34191, Sage Weil)
  mgr/cephadm: fix ‘orch ps –refresh’ (pr#34190, Sage Weil)
  mgr/cephadm: fix ‘upgrade start’ message when specifying a version (pr#34186, Sage Weil)
  mgr/cephadm: include alerts in prometheus deployment (pr#34155, Sage Weil)
  mgr/cephadm: point alertmanager at all mgr/dashboard URLs (pr#34154, Sage Weil)
  mgr/cephadm: provision nfs-ganesha via orchestrator (pr#34192, Michael Fritch)
  mgr/dashboard: Check for missing npm resolutions (pr#34202, Tiago Melo)
  mgr/dashboard: NoRebalance flag is added to the Dashboard (pr#33939, Nizamudeen)
  mgr/dashboard: correct Orchestrator documentation link (pr#34212, Tatjana Dehler)
  mgr/dashboard: do not fail on user creation (CLI) (pr#34280, Tatjana Dehler)
  mgr/orch: allow list daemons by service_name (pr#34160, Kiefer Chang)
  mgr/prometheus: ceph_pg_* metrics contains last value instead of sum across all reported states (pr#34163, Jacek Suchenia)
  mgr/rook: Blinking lights (pr#34199, Juan Miguel Olmo Martínez)
  osd/PeeringState: drop mimic assert (pr#34204, Sage Weil)
  osd/PeeringState: fix pending want_acting vs osd offline race (pr#34123, xie xingguo)
  pybind/mgr: fix config_notify handling of default values (pr#34178, Nathan Cutler)
  rbd: librbd: fix client backwards compatibility issues (issue#39450, issue#38834, pr#34323, Jason Dillaman)
  tools: ceph-backport.sh: add deprecation warning (pr#34125, Nathan Cutler)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1873193/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list