Hi, This is hotfix only release? No another patches was targeted to 16.2.10 landed here?
Thanks, k Sent from my iPhone > On 22 Jul 2022, at 03:38, David Galloway <dgall...@redhat.com> wrote: > > This is a hotfix release addressing two security vulnerabilities. We > recommend all users update to this release. > > Notable Changes > --------------- > > * Users who were running OpenStack Manila to export native CephFS, who > upgraded their Ceph cluster from Nautilus (or earlier) to a later major > version, were vulnerable to an attack by malicious users. The vulnerability > allowed users to obtain access to arbitrary portions of the CephFS filesystem > hierarchy, instead of being properly restricted to their own subvolumes. The > vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This > plugin is responsible for managing Ceph File System subvolumes which are used > by OpenStack Manila services as a way to provide shares to Manila users. > > With this hotfix, the vulnerability is fixed. Administrators who are > concerned they may have been impacted should audit the CephX keys in their > cluster for proper path restrictions. > > Again, this vulnerability only impacts OpenStack Manila clusters which > provided native CephFS access to their users. > > * A regression made it possible to dereference a null pointer for for > s3website requests that don't refer to a bucket resulting in an RGW segfault. > > > Getting Ceph > ------------ > * Git at git://github.com/ceph/ceph.git > * Tarball at https://download.ceph.com/tarballs/ceph-16.2.10.tar.gz > * Containers at https://quay.io/repository/ceph/ceph > * For packages, see https://docs.ceph.com/docs/master/install/get-packages/ > * Release git sha1: 45fa1a083152e41a408d15505f594ec5f1b4fe17 > > _______________________________________________ > ceph-users mailing list -- ceph-users@ceph.io > To unsubscribe send an email to ceph-users-le...@ceph.io _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
