[Bug 1929179] Re: [SRU] ceph 15.2.12
Hi, I've created the related issue https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1946653 because I _think_ that the ceph source used to build the package is 15.2.13 instead of 15.2.12 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929179] Re: [SRU] ceph 15.2.12
This bug was fixed in the package ceph - 15.2.12-0ubuntu0.20.04.1~cloud0 --- ceph (15.2.12-0ubuntu0.20.04.1~cloud0) bionic-ussuri; urgency=medium . * New upstream release for the Ubuntu Cloud Archive. . ceph (15.2.12-0ubuntu0.20.04.1) focal-security; urgency=medium . * SECURITY UPDATE: New upstream release (LP: #1929179): - CVE-2021-3509: Dashboard XSS via token cookie. - CVE-2021-3531: Swift API denial of service. - CVE-2021-3531: HTTP header injects via CORS in RGW. ** Changed in: cloud-archive/ussuri Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929179] Re: [SRU] ceph 15.2.12
bionic/ussuri-proposed == Totals == Ran: 99 tests in 1592.9320 sec. - Passed: 90 - Skipped: 9 - Expected Fail: 0 - Unexpected Success: 0 - Failed: 0 Sum of execute time for each test: 604.7059 sec. ** Tags removed: verification-ussuri-needed ** Tags added: verification-ussuri-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929179] Re: [SRU] ceph 15.2.12
This bug was fixed in the package ceph - 15.2.12-0ubuntu0.20.04.1 --- ceph (15.2.12-0ubuntu0.20.04.1) focal-security; urgency=medium * SECURITY UPDATE: New upstream release (LP: #1929179): - CVE-2021-3509: Dashboard XSS via token cookie. - CVE-2021-3531: Swift API denial of service. - CVE-2021-3531: HTTP header injects via CORS in RGW. -- James Page Mon, 24 May 2021 16:07:20 +0100 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929179] Re: [SRU] ceph 15.2.12
This bug was fixed in the package ceph - 15.2.12-0ubuntu0.20.10.1 --- ceph (15.2.12-0ubuntu0.20.10.1) groovy-security; urgency=medium * SECURITY UPDATE: New upstream release (LP: #1929179): - CVE-2021-3509: Dashboard XSS via token cookie. - CVE-2021-3531: Swift API denial of service. - CVE-2021-3531: HTTP header injects via CORS in RGW. -- James Page Mon, 24 May 2021 16:05:29 +0100 ** Changed in: ceph (Ubuntu Groovy) Status: Triaged => Fix Released ** Changed in: ceph (Ubuntu Focal) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929179] Re: [SRU] ceph 15.2.12
** Changed in: ceph (Ubuntu Focal) Assignee: (unassigned) => Steve Beattie (sbeattie) ** Changed in: ceph (Ubuntu Groovy) Assignee: (unassigned) => Steve Beattie (sbeattie) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929179] Re: [SRU] ceph 15.2.12
focal proposed == focal security proposed Totals == Ran: 99 tests in 2801.2498 sec. - Passed: 89 - Skipped: 9 - Expected Fail: 0 - Unexpected Success: 0 - Failed: 1 Sum of execute time for each test: 794.2676 sec. Failing test is an expected test failure: octavia_tempest_plugin.tests.scenario.v2.test_traffic_ops.TrafficOperationsScenarioTest Octavia is still be enabled fully in our SRU testing. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929179] Re: [SRU] ceph 15.2.12
This is being delivered as a security update but for the record: groovy proposed == Totals == Ran: 99 tests in 2821.2720 sec. - Passed: 89 - Skipped: 9 - Expected Fail: 0 - Unexpected Success: 0 - Failed: 1 Sum of execute time for each test: 721.1389 sec. Failing test is an expected test failure: octavia_tempest_plugin.tests.scenario.v2.test_traffic_ops.TrafficOperationsScenarioTest Octavia is still be enabled fully in our SRU testing. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929179] Re: [SRU] ceph 15.2.12
Hey James! Since this feels like a security update, should we aim for getting it released into -security as well? In that case we'd have to inform the ubuntu-security team, build the packages in a security- enabled PPA and only the binary-copy the packages into -proposed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929179 Title: [SRU] ceph 15.2.12 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1929179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
