[Bug 1940959] Re: [SRU] ceph 14.2.22
Ponnuvel Palaniyappan
1940959 at bugs.launchpad.net
Mon Sep 20 15:47:57 UTC 2021
The primary aim is to have a Nautilus release for fixing the
CVE 2021-20288 [0].
The fix for [0] went into 14.2.20. Since 142.22 has already been
released (upstream) and likely to be last point release in Nautlius,
it makes sense to target that.
[0]
https://docs.ceph.com/en/latest/security/CVE-2021-20288/#cve-2021-20288-unauthorized-
global-id-reuse-in-cephx
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20288
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1940959
Title:
[SRU] ceph 14.2.22
Status in Ubuntu Cloud Archive:
Invalid
Status in Ubuntu Cloud Archive train series:
Triaged
Bug description:
[Impact]
This release fixes several bugs. We would like to make sure all of our users have access to these improvements.
The update contains the following package updates:
* ceph 14.2.22
[Test Case]
The following SRU process was followed:
https://wiki.ubuntu.com/OpenStackUpdates
In order to avoid regression of existing users, the OpenStack team
will run their continuous integration test against the packages that
are in -proposed. A successful run of all available tests will be
required before the proposed packages can be let into -updates.
The OpenStack team will be in charge of attaching the output summary
of the executed tests. The OpenStack team members will not mark
‘verification-done’ until this has happened.
[Regression Potential]
In order to mitigate the regression potential, the results of the
aforementioned tests are attached to this bug.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1940959/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list