mirror of
https://github.com/ceph/ceph
synced 2024-12-18 17:37:38 +00:00
doc/releases: add 14.2.20, 15.2.11 and 16.2.1 releases and notes
Signed-off-by: Sage Weil <sage@newdream.net>
This commit is contained in:
Sage Weil
Ilya Dryomov
parent
cf12cc790b
commit
e65123b479
@ -6,6 +6,38 @@ Nautilus is the 14th stable release of Ceph. It is named after the
|
||||
nautilus, a family of cephalopods characterized by a whorled shell.
|
||||
|
||||
|
||||
v14.2.20 Nautilus
|
||||
=================
|
||||
|
||||
This is the 20th bugfix release in the Nautilus stable series. It addresses a
|
||||
security vulnerability in the Ceph authentication framework.
|
||||
|
||||
We recommend all Nautilus users upgrade.
|
||||
|
||||
Security fixes
|
||||
--------------
|
||||
|
||||
* This release includes a security fix that ensures the global_id
|
||||
value (a numeric value that should be unique for every authenticated
|
||||
client or daemon in the cluster) is reclaimed after a network
|
||||
disconnect or ticket renewal in a secure fashion. Two new health
|
||||
alerts may appear during the upgrade indicating that there are
|
||||
clients or daemons that are not yet patched with the appropriate
|
||||
fix.
|
||||
|
||||
It is possible to disable the health alerts around insecure clients::
|
||||
|
||||
ceph config set mon mon_warn_on_insecure_global_id_reclaim_allowed false
|
||||
ceph config set mon auth_expose_insecure_global_id_reclaim false
|
||||
|
||||
However, if you disable these alerts, we strongly recommend that you
|
||||
follow up by removing these settings after clients have been
|
||||
upgraded or after upgrading to Octopus. (Starting in Octopus, these
|
||||
health alerts can be muted for a specific period of time.)
|
||||
|
||||
For more information, see :ref:`CVE-2021-20288`.
|
||||
|
||||
|
||||
v14.2.19 Nautilus
|
||||
=================
|
||||
|
||||
|
||||
@ -6,6 +6,34 @@ Octopus is the 15th stable release of Ceph. It is named after an
|
||||
order of 8-limbed cephalopods.
|
||||
|
||||
|
||||
v15.2.11 Octopus
|
||||
================
|
||||
|
||||
This is the 11th bugfix release in the Octopus stable series. It addresses a
|
||||
security vulnerability in the Ceph authentication framework.
|
||||
|
||||
We recommend all Octopus users upgrade.
|
||||
|
||||
Security fixes
|
||||
--------------
|
||||
|
||||
* This release includes a security fix that ensures the global_id
|
||||
value (a numeric value that should be unique for every authenticated
|
||||
client or daemon in the cluster) is reclaimed after a network
|
||||
disconnect or ticket renewal in a secure fashion. Two new health
|
||||
alerts may appear during the upgrade indicating that there are
|
||||
clients or daemons that are not yet patched with the appropriate
|
||||
fix.
|
||||
|
||||
To temporarily mute the health alerts around insecure clients for the duration of the
|
||||
upgrade, you may want to::
|
||||
|
||||
ceph health mute AUTH_INSECURE_GLOBAL_ID_RECLAIM 1h
|
||||
ceph health mute AUTH_INSECURE_GLOBAL_ID_RECLAIM_ALLOWED 1h
|
||||
|
||||
For more information, see :ref:`CVE-2021-20288`.
|
||||
|
||||
|
||||
v15.2.10 Octopus
|
||||
================
|
||||
|
||||
|
||||
@ -6,6 +6,35 @@ Pacific is the 16th stable release of Ceph. It is named after the
|
||||
giant pacific octopus (Enteroctopus dofleini).
|
||||
|
||||
|
||||
v16.2.1 Pacific
|
||||
===============
|
||||
|
||||
This is the first bugfix release in the Pacific stable series. It addresses a
|
||||
security vulnerability in the Ceph authentication framework.
|
||||
|
||||
We recommend all Pacific users upgrade.
|
||||
|
||||
Security fixes
|
||||
--------------
|
||||
|
||||
* This release includes a security fix that ensures the global_id
|
||||
value (a numeric value that should be unique for every authenticated
|
||||
client or daemon in the cluster) is reclaimed after a network
|
||||
disconnect or ticket renewal in a secure fashion. Two new health
|
||||
alerts may appear during the upgrade indicating that there are
|
||||
clients or daemons that are not yet patched with the appropriate
|
||||
fix.
|
||||
|
||||
To temporarily mute the health alerts around insecure clients for the duration of the
|
||||
upgrade, you may want to::
|
||||
|
||||
ceph health mute AUTH_INSECURE_GLOBAL_ID_RECLAIM 1h
|
||||
ceph health mute AUTH_INSECURE_GLOBAL_ID_RECLAIM_ALLOWED 1h
|
||||
|
||||
For more information, see :ref:`CVE-2021-20288`.
|
||||
|
||||
|
||||
|
||||
v16.2.0 Pacific
|
||||
===============
|
||||
|
||||
|
||||
@ -15,12 +15,16 @@ releases:
|
||||
pacific:
|
||||
target_eol: 2023-06-01
|
||||
releases:
|
||||
- version: 16.2.1
|
||||
released: 2021-04-19
|
||||
- version: 16.2.0
|
||||
released: 2021-03-31
|
||||
|
||||
octopus:
|
||||
target_eol: 2022-06-01
|
||||
releases:
|
||||
- version: 15.2.11
|
||||
released: 2021-04-19
|
||||
- version: 15.2.10
|
||||
released: 2021-03-18
|
||||
- version: 15.2.9
|
||||
@ -47,6 +51,8 @@ releases:
|
||||
nautilus:
|
||||
target_eol: 2021-06-01
|
||||
releases:
|
||||
- version: 14.2.20
|
||||
released: 2021-04-19
|
||||
- version: 14.2.19
|
||||
released: 2021-03-30
|
||||
- version: 14.2.18
|
||||
|
||||
Loading…
Reference in New Issue
Block a user