[Bug 1929179] Please test proposed package

James Page 1929179 at bugs.launchpad.net
Mon Jun 28 08:36:39 UTC 2021 

Hello James, or anyone else affected,

Accepted ceph into ussuri-proposed. The package will build now and be
available in the Ubuntu Cloud Archive in a few hours, and then in the
-proposed repository.

Please help us by testing this new package. To enable the -proposed
repository:

  sudo add-apt-repository cloud-archive:ussuri-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-ussuri-needed to verification-ussuri-done. If it does
not fix the bug for you, please add a comment stating that, and change
the tag to verification-ussuri-failed. In either case, details of your
testing will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance!

** Changed in: cloud-archive/ussuri
       Status: Triaged => Fix Committed

** Tags added: verification-ussuri-needed

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1929179

Title:
  [SRU] ceph 15.2.12

Status in Ubuntu Cloud Archive:
  Invalid
Status in Ubuntu Cloud Archive ussuri series:
  Fix Committed
Status in ceph package in Ubuntu:
  Invalid
Status in ceph source package in Focal:
  Fix Released
Status in ceph source package in Groovy:
  Fix Released

Bug description:
  [Impact]
  This release fixes several bugs. We would like to make sure all of our users have access to these improvements.

  The update contains the following package updates:

     * ceph 15.2.12

  [Test Case]
  The following SRU process was followed:

  https://wiki.ubuntu.com/OpenStackUpdates

  In order to avoid regression of existing users, the OpenStack team
  will run their continuous integration test against the packages that
  are in -proposed. A successful run of all available tests will be
  required before the proposed packages can be let into -updates.

  The OpenStack team will be in charge of attaching the output summary
  of the executed tests. The OpenStack team members will not mark
  ‘verification-done’ until this has happened.

  [Regression Potential]
  In order to mitigate the regression potential, the results of the
  aforementioned tests are attached to this bug.

  [Upstream release announcement]

  V15.2.12 OCTOPUS

  This is a hotfix release addressing a number of security issues and
  regressions. We recommend all users update to this release.

  CHANGELOG
  mgr/dashboard: fix base-href: revert it to previous approach (issue#50684, Avan Thakkar)

  mgr/dashboard: fix cookie injection issue (CVE-2021-3509: Dashboard
  XSS via token cookie, Ernesto Puerta)

  rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name
  (CVE-2021-3531: Swift API denial of service, Felix Huettner)

  rgw: sanitize r in s3 CORSConfiguration’s ExposeHeader (CVE-2021-3524:
  HTTP header injects via CORS in RGW, Sergey Bobrov, Casey Bodley)

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list