UbuntuUpdates.org

Package "ceph-common"

Name: ceph-common

Description:

common utilities to mount and interact with a ceph storage cluster

Latest version: 13.2.6-0ubuntu0.19.04.4
Release: disco (19.04)
Level: updates
Repository: main
Head package: ceph
Homepage: http://ceph.com/

Links

Save this URL for the latest version of "ceph-common": https://www.ubuntuupdates.org/ceph-common


Download "ceph-common"


Other versions of "ceph-common" in Disco

Repository Area Version
base main 13.2.4+dfsg1-0ubuntu2
security main 13.2.6-0ubuntu0.19.04.3

Changelog

Version: 13.2.6-0ubuntu0.19.04.4 2019-09-23 11:06:41 UTC

  ceph (13.2.6-0ubuntu0.19.04.4) disco; urgency=medium

  [ Eric Desrochers ]
  * Ensure that daemons are not automatically restarted during package
    upgrades (LP: #1840347):
    - d/rules: Use "--no-restart-after-upgrade" and "--no-stop-on-upgrade"
      instead of "--no-restart-on-upgrade".
    - d/rules: Drop exclusion for ceph-[osd,mon,mds] for restarts.

  [ James Page ]
  * d/p/ceph-volume-wait-for-lvs.patch: Cherry pick inflight fix to
    ensure that required wal and db devices are present before
    activating OSD's (LP: #1828617).

  [ Jesse Williamson ]
  * d/p/civetweb-755-1.8-somaxconn-configurable*.patch: Backport changes
    to civetweb to allow tuning of SOMAXCONN in Ceph RADOS Gateway
    deployments (LP: #1838109).

 -- James Page <email address hidden> Fri, 30 Aug 2019 10:10:04 +0100

Source diff to previous version
1840347 Ceph 12.2.12 restarts services during upgrade
1828617 Hosts randomly 'losing' disks, breaking ceph-osd service enumeration

Version: 13.2.6-0ubuntu0.19.04.3 2019-08-29 03:07:19 UTC

  ceph (13.2.6-0ubuntu0.19.04.3) disco-security; urgency=medium

  * SECURITY UPDATE: RADOS gateway remote denial of service
    - d/p/CVE-2019-10222.patch: rgw: asio: check the remote endpoint
      before processing requests.
    - CVE-2019-10222

 -- Steve Beattie <email address hidden> Tue, 27 Aug 2019 23:02:16 -0700

Source diff to previous version
CVE-2019-10222 RESERVED

Version: 13.2.6-0ubuntu0.19.04.2 2019-07-22 09:06:19 UTC

  ceph (13.2.6-0ubuntu0.19.04.2) disco; urgency=medium

  * d/p/bug1832105.patch: Cherry pick fix to avoid cython interpreter
    check raising import error when loading ceph mgr modules
    (LP: #1832105).
  * d/p/mgr-*.patch: Misc fixes to resolve Python 3 syntax issues
    (LP: #1835354).

 -- James Page <email address hidden> Fri, 12 Jul 2019 12:03:05 +0100

Source diff to previous version
1832105 ceph-mgr dashboard incompatible with cython \u003e= 0.29 (disco)
1835354 disco: ceph-mgr unable to load crash module under py3

Version: 13.2.6-0ubuntu0.19.04.1 2019-07-10 22:08:14 UTC

  ceph (13.2.6-0ubuntu0.19.04.1) disco; urgency=medium

  * New upstream release (LP: #1831732).
  * d/p/CVE-2018-16889.patch,CVE-2019-3821.patch: Drop, included
    in upstream release.
  * d/p/more-py3-compat.patch: Refresh inline with patches accepted
    upstream.
  * d/p/misc-32-bit-fixes.patch: Misc updates for 32bit type mismatches,
    refresh with accepted patches upstream.
  * d/{librados2,librbd1}.symbols: Misc updates for new point release.

 -- James Page <email address hidden> Fri, 21 Jun 2019 06:31:26 +0100

Source diff to previous version
1831732 [SRU] ceph 13.2.6
CVE-2018-16889 Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files
CVE-2019-3821 A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create mu

Version: 13.2.4+dfsg1-0ubuntu2.1 2019-06-25 13:08:01 UTC

  ceph (13.2.4+dfsg1-0ubuntu2.1) disco-security; urgency=medium

  * SECURITY UPDATE: encryption key leak in log
    - debian/patches/CVE-2018-16889.patch: sanitize customer encryption
      keys from log output in src/rgw/rgw_auth_s3.cc,
      src/rgw/rgw_rest_s3.cc.
    - CVE-2018-16889
  * SECURITY UPDATE: civetweb file descriptor leak
    - debian/patches/CVE-2019-3821.patch: properly close connection in
      src/civetweb/src/civetweb.c.
    - CVE-2019-3821

 -- Marc Deslauriers <email address hidden> Wed, 29 May 2019 11:09:08 -0400

CVE-2018-16889 Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files
CVE-2019-3821 A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create mu



About   -   Send Feedback to @ubuntu_updates