UbuntuUpdates.org

Package "ceph"

Name: ceph

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • FUSE-based client for the Ceph distributed file system
  • Ceph daemon for immutable object cache
  • cephadm orchestrator module for ceph-mgr
  • dashboard module for ceph-mgr

Latest version: 16.2.4-0ubuntu0.21.04.1
Release: hirsute (21.04)
Level: updates
Repository: universe

Links



Other versions of "ceph" in Hirsute

Repository Area Version
base main 16.2.0-0ubuntu1
base universe 16.2.0-0ubuntu1
updates main 16.2.4-0ubuntu0.21.04.1
proposed main 16.2.6-0ubuntu0.21.04.1
proposed universe 16.2.6-0ubuntu0.21.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 16.2.4-0ubuntu0.21.04.1 2021-07-13 18:06:23 UTC

  ceph (16.2.4-0ubuntu0.21.04.1) hirsute; urgency=medium

  [ Chris MacNaughton ]
  * d/ceph-base.install: Remove ceph-deploy man page installation
    (LP: #1892448).

  [ James Page ]
  * SECURITY UPDATE: New upstream release (LP: #1928645):
    - CVE-2021-3509: Dashboard XSS via token cookie.
    - CVE-2021-3531: Swift API denial of service.
    - CVE-2021-3531: HTTP header injects via CORS in RGW.
    - d/p/bug1925347.patch: Drop, included in release.

 -- James Page <email address hidden> Thu, 27 May 2021 06:18:16 +0100

Source diff to previous version
1892448 ceph 15.2.3-0ubuntu0.20.04.2 collides with ceph-deploy 2.0.1-0ubuntu1
1928645 [SRU] ceph 16.2.4
CVE-2021-3509 A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to a
CVE-2021-3531 A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes

Version: 16.2.1-0ubuntu0.21.04.1 2021-05-27 11:06:29 UTC

  ceph (16.2.1-0ubuntu0.21.04.1) hirsute-proposed; urgency=medium

  * SECURITY UPDATE: New upstream point release (LP: #1925322):
    - CVE-2021-20288
  * d/rules: remove temporary build objects after install to avoid
    running out of disk space during package builds.
  * d/p/bug1925347.patch: Cherry pick fix to revert ProtectClock
    permissions change in systemd configurations which prevents the
    ceph-osd process from starting (LP: #1925347).

 -- James Page <email address hidden> Thu, 22 Apr 2021 10:21:35 +0100

1925322 [SRU] ceph 16.2.1
1925347 ceph-osd fails to start with ProtectClock=true
CVE-2021-20288 An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitiz



About   -   Send Feedback to @ubuntu_updates