UbuntuUpdates.org

Package "librados-dev"

Name: librados-dev

Description:

RADOS distributed object store client library (development files)

Latest version: 0.80.11-0ubuntu1.14.04.4
Release: trusty (14.04)
Level: updates
Repository: main
Head package: ceph
Homepage: http://ceph.com/

Links


Download "librados-dev"


Other versions of "librados-dev" in Trusty

Repository Area Version
base main 0.79-0ubuntu1
security main 0.80.11-0ubuntu1.14.04.3

Changelog

Version: 0.80.11-0ubuntu1.14.04.4 2018-12-05 22:06:49 UTC

  ceph (0.80.11-0ubuntu1.14.04.4) trusty; urgency=medium

  * Don't truncate message sequence to 32-bit (LP: #1798081).
    - d/p/msg-don-t-truncate-message-sequence-to-32-bits.patch:
      use uint64_t for message seq instead of 32 bits.

 -- dongdong tao <email address hidden> Mon, 12 Nov 2018 15:01:00 +0800

Source diff to previous version
1798081 ceph got slow request because of primary osd drop messages

Version: 0.80.11-0ubuntu1.14.04.3 2017-10-11 16:06:55 UTC

  ceph (0.80.11-0ubuntu1.14.04.3) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS in handle_command function
    - debian/patches/CVE-2016-5009.patch: validate prefix in
      src/mon/Monitor.cc, add test to src/test/librados/cmd.cc.
    - CVE-2016-5009
  * SECURITY UPDATE: anonymouse user bucket contents list via a URL
    - debian/patches/CVE-2016-7031.patch: check ACLs in
      src/rgw/rgw_acl_s3.cc, src/rgw/rgw_op.cc.
    - CVE-2016-7031
  * SECURITY UPDATE: DoS via POST object with null conditions
    - debian/patches/CVE-2016-8626.patch: handle empty POST condition in
      src/rgw/rgw_policy_s3.cc.
    - CVE-2016-8626
  * SECURITY UPDATE: DoS via request with invalid HTTP Origin header
    - debian/patches/CVE-2016-9579.patch: do not abort on short origin in
      src/rgw/rgw_cors.cc.
    - CVE-2016-9579

 -- Marc Deslauriers <email address hidden> Mon, 25 Sep 2017 16:44:20 -0400

Source diff to previous version
CVE-2016-5009 The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph mon
CVE-2016-7031 The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL
CVE-2016-8626 RGW Denial of Service by sending POST object with null conditions
CVE-2016-9579 RGW server DoS via request with invalid HTTP Origin header

Version: 0.80.11-0ubuntu1.14.04.2 2017-05-25 17:06:43 UTC

  ceph (0.80.11-0ubuntu1.14.04.2) trusty; urgency=medium

  * Start ceph-all after static-network-up (LP: #1636322).
    - d/p/start-ceph-all-after-network.patch: add dependency on
      the static-network-up event before starting ceph-all.

 -- Billy Olsen <email address hidden> Thu, 20 Apr 2017 09:53:08 +0100

Source diff to previous version

Version: 0.80.11-0ubuntu1.14.04.1 2016-02-24 20:07:06 UTC

  ceph (0.80.11-0ubuntu1.14.04.1) trusty; urgency=medium

  * New upstream stable point release (LP: #1535278):
    - d/p/ceph-radosgw-init.patch
      d/p/zap-in-two-phases.patch: Dropped, included upstream.
    - d/p/increaseFileLimit.patch: Refresh.

 -- James Page <email address hidden> Mon, 18 Jan 2016 14:25:14 +0000

Source diff to previous version
1535278 0.80.11 stable point release

Version: 0.80.10-0ubuntu1.14.04.3 2015-11-04 18:07:44 UTC

  ceph (0.80.10-0ubuntu1.14.04.3) trusty; urgency=medium

  * d/p/ceph-radosgw-init.patch: Cherry pick patch from upstream VCS to
    ensure that restarts of the radosgw wait an appropriate amount of time
    for the existing daemon to shutdown (LP: #1477225).

1477225 ceph-radosgw restart fails



About   -   Send Feedback to @ubuntu_updates