[Bug 1878146] Re: [SRU] ceph 14.2.9
James Page
1878146 at bugs.launchpad.net
Mon Jun 8 13:47:13 UTC 2020
This bug was fixed in the package ceph - 14.2.9-0ubuntu0.19.10.1~cloud0
---------------
ceph (14.2.9-0ubuntu0.19.10.1~cloud0) bionic-train; urgency=medium
.
* New upstream release for the Ubuntu Cloud Archive.
.
ceph (14.2.9-0ubuntu0.19.10.1) eoan; urgency=medium
.
[ Tiago Pasqualini da Silva ]
* d/p/bug1867386: Cherry pick change that adds new configuration
option in RGW Beast frontend to allow tuning of maximum backlog
of pending connections (LP: #1867386).
.
[ James Page ]
* New upstream point release (LP: #1878146) including fixes for:
- CVE-2020-1759: Fixed nonce reuse in msgr V2 secure mode
- CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting
** Changed in: cloud-archive/train
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1878146
Title:
[SRU] ceph 14.2.9
Status in Ubuntu Cloud Archive:
Invalid
Status in Ubuntu Cloud Archive train series:
Fix Released
Status in ceph package in Ubuntu:
Invalid
Status in ceph source package in Eoan:
Fix Released
Bug description:
[Impact]
This release sports mostly bug-fixes but also two security fixes and we would like to make sure all of our supported customers have access to these improvements.
The update contains the following package updates:
* ceph 14.2.9
[Test Case]
The following SRU process was followed:
https://wiki.ubuntu.com/OpenStack/StableReleaseUpdates
In order to avoid regression of existing consumers, the OpenStack team
will run their continuous integration test against the packages that
are in -proposed. A successful run of all available tests will be
required before the proposed packages can be let into -updates.
The OpenStack team will be in charge of attaching the output summary
of the executed tests. The OpenStack team members will not mark
‘verification-done’ until this has happened.
[Regression Potential]
In order to mitigate the regression potential, the results of the aforementioned tests are attached to this bug.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1878146/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list