Change logs for ceph source package in Xenial

  • ceph (10.2.11-0ubuntu0.16.04.3) xenial-security; urgency=medium
    
      * SECURITY UPDATE: XSS attacks
        - debian/patches/CVE-2020-1760-1.patch: reject unauthenticated
          response-header actions in src/rgw/rgw_rest_s3.cc.
        - debian/patches/CVE-2020-1760-2.patch: change EPERM to
          ERR_INVALID_REQUEST in src/rgw/rgw_rest_s3.cc.
        - debian/patches/CVE-2020-1760-3.patch: reject control characters in
          response-header actions in src/rgw/rgw_rest_s3.cc.
        - CVE-2020-1760
      * SECURITY UPDATE: HTTP header injection
        - debian/patches/CVE-2020-10753.patch: sanitize newlines in
          src/rgw/rgw_cors.cc.
        - CVE-2020-10753
    
     -- Marc Deslauriers <email address hidden>  Wed, 09 Sep 2020 08:57:28 -0400
  • ceph (10.2.11-0ubuntu0.16.04.2) xenial-security; urgency=medium
    
      * SECURITY UPDATE: incorrect permissions on dm-crypt keys
        - debian/patches/CVE-2018-14662.patch: limit caps allowed to access the
          store in qa/suites/rados/singleton/all/mon-config-key-caps.yaml,
          qa/workunits/mon/test_config_key_caps.sh, src/mon/MonCap.cc.
        - CVE-2018-14662
      * SECURITY UPDATE: DoS against OMAPs holding bucket indices
        - debian/patches/CVE-2018-16846-pre1.patch: enforce bounds on
          max-keys/max-uploads/max-parts in src/rgw/rgw_op.cc,
          src/rgw/rgw_op.h, src/rgw/rgw_rest.cc, src/rgw/rgw_rest_swift.cc,
          src/common/config_opts.h.
        - debian/patches/CVE-2018-16846.patch: fix issues with 'enforce bounds'
          patch in src/rgw/rgw_op.cc, src/rgw/rgw_op.h, src/rgw/rgw_rest.cc.
        - CVE-2018-16846
    
     -- Marc Deslauriers <email address hidden>  Wed, 29 May 2019 12:06:34 -0400
  • ceph (10.2.11-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * New upstream point release (LP: #1784401).
        - d/p/*: Refresh.
      * Resolve build hang with RocksDB under i386:
        - d/p/0001-CoreLocalArray-class.patch
          d/p/0002-core-local-array-type-conversions.patch
          d/p/0003-Core-local-statistics.patch: Selected cherry picks
          from later Ceph releases with same issue.
    
     -- James Page <email address hidden>  Tue, 09 Oct 2018 10:10:23 +0100
  • ceph (10.2.10-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * d/watch: Scope to 10.2.x series, use tarball download site.
      * New upstream point release (LP: #1780930).
    
     -- James Page <email address hidden>  Wed, 11 Jul 2018 11:10:52 +0100
  • ceph (10.2.9-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * New upstream point release (LP: #1706566):
        - d/p/sleep-recover.patch: Drop, superceeded by upstream fix.
    
     -- James Page <email address hidden>  Tue, 26 Sep 2017 07:39:00 +0100
  • ceph (10.2.7-0ubuntu0.16.04.1) xenial; urgency=medium
    
      [ Billy Olsen ]
      * Start ceph-all after static-network-up (LP: #1636322):
        - d/p/start-ceph-all-after-network.patch: add dependency on
          the static-network-up event before starting ceph-all.
    
      [ James Page ]
      * New upstream point release (LP: #1684527):
        - d/p/disable-openssl-linking.patch: Dropped, no longer required.
        - d/control: Add BD on libssl-dev to support optional runtime
          loading of openssl in the radosgw.
    
     -- James Page <email address hidden>  Fri, 21 Apr 2017 09:21:10 +0100
  • ceph (10.2.6-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * New upstream stable point release (LP: #1671117):
        - d/p/osd-limit-omap-data-in-push-op.patch,rgw_rados-creation_time.patch:
          Dropped, included upstream.
        - d/p/*: Refresh.
    
     -- James Page <email address hidden>  Thu, 09 Mar 2017 16:21:36 +0000
  • ceph (10.2.5-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * New upstream stable release (LP: #1649856):
        - d/p/32bit-ftbfs.patch: Drop, no longer required.
        - d/p/*: Refresh.
        - d/ceph-common.install: Switch to RSA keys for drop.ceph.com.
      * d/rules: Install upstream provided systemd targets and ensure they
        are enabled and started on install to ensure that integrations aligned
        to upstream packaging work with Ubuntu packages (LP: #1646583).
      * d/ceph.*,d/*.logrotate: Install logrotate configuration
        in ceph-common, ensuring that all daemons get log rotation on
        log files, deal with removal of logrotate configuration in
        ceph for upgrades (LP: #1609866).
    
     -- James Page <email address hidden>  Wed, 18 Jan 2017 13:59:57 +0000
  • ceph (10.2.3-0ubuntu0.16.04.2) xenial; urgency=medium
    
      * rgw: Fixes for creation times for buckets (LP: #1587261):
        - d/p/rgw_rados-creation_time.patch: Backport fix from upstream master.
          Fix logic error that leads to creation time being 0 instead of current
          time when creating buckets.
    
    ceph (10.2.3-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * New upstream stable release (LP: #1628809).
        - d/p/*: Refresh.
        - d/p/rocksdb-flags.patch: Dropped, accepted upstream.
        - d/p/32bit-ftbfs.patch: Cherry pick fix for 32bit arch compat.
        - d/ceph-{fs-common,fuse}.install: Fix install locations
          for mount{.fuse}.ceph.
      * Limit the amount of data per chunk in omap push operations to 64k,
        ensuring that OSD threads don't hit timeouts during recovery
        operations (LP: #1628750):
        - d/p/osd-limit-omap-data-in-push-op.patch: Cherry pick fix from
          upstream master branch.
    
     -- Frode Nordahl <email address hidden>  Fri, 28 Oct 2016 13:50:40 +0200
  • ceph (10.2.3-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * New upstream stable release (LP: #1628809).
        - d/p/*: Refresh.
        - d/p/rocksdb-flags.patch: Dropped, accepted upstream.
        - d/p/32bit-ftbfs.patch: Cherry pick fix for 32bit arch compat.
        - d/ceph-{fs-common,fuse}.install: Fix install locations
          for mount{.fuse}.ceph.
      * Limit the amount of data per chunk in omap push operations to 64k,
        ensuring that OSD threads don't hit timeouts during recovery
        operations (LP: #1628750):
        - d/p/osd-limit-omap-data-in-push-op.patch: Cherry pick fix from
          upstream master branch.
    
     -- James Page <email address hidden>  Fri, 30 Sep 2016 09:22:50 +0100
  • ceph (10.2.2-0ubuntu0.16.04.2) xenial; urgency=medium
    
      * d/ceph-common.{preinst,postinst,postrm}: Fix version checks in maintainer
        scripts to ensure that /etc/default/ceph actually gets installed on
        upgrade (LP: #1587516).
    
    ceph (10.2.2-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * New upstream stable release (LP: #1585660).
        - d/p/drop-user-group-osd-prestart.patch: Dropped, included upstream.
        - d/ceph.install: Drop install of 60-ceph-partuuid-workaround.rules, no
          longer needed and not shipped by upstream.
      * Rename /etc/default/ceph/ceph -> /etc/default/ceph (LP: #1587516):
        - d/rules,ceph-common.install: Ensure that /etc/default/ceph is a file
          and not a directory.
        - d/ceph-common.{preinst,postinst,postrm}: Ensure that rename of
          /etc/default/ceph/ceph -> /etc/default/ceph is handled correctly
          and that any end-user changes are preserved.
    
     -- James Page <email address hidden>  Tue, 19 Jul 2016 10:32:34 +0100
  • ceph (10.2.2-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * New upstream stable release (LP: #1585660).
        - d/p/drop-user-group-osd-prestart.patch: Dropped, included upstream.
        - d/ceph.install: Drop install of 60-ceph-partuuid-workaround.rules, no
          longer needed and not shipped by upstream.
      * Rename /etc/default/ceph/ceph -> /etc/default/ceph (LP: #1587516):
        - d/rules,ceph-common.install: Ensure that /etc/default/ceph is a file
          and not a directory.
        - d/ceph-common.{preinst,postinst,postrm}: Ensure that rename of
          /etc/default/ceph/ceph -> /etc/default/ceph is handled correctly
          and that any end-user changes are preserved.
    
     -- James Page <email address hidden>  Thu, 16 Jun 2016 11:53:36 +0100
  • ceph (10.2.0-0ubuntu0.16.04.2) xenial; urgency=medium
    
      * Recompile to resolve miscompilation on s390x architecture. LP:
        #1572613
    
     -- Dimitri John Ledkov <email address hidden>  Fri, 20 May 2016 04:27:37 +0100
  • ceph (10.2.0-0ubuntu0.16.04.1) xenial; urgency=medium
    
      * Ceph Jewel stable release (LP: #1563714).
    
     -- James Page <email address hidden>  Thu, 21 Apr 2016 19:54:54 +0100
  • ceph (10.1.2-0ubuntu1) xenial; urgency=medium
    
      * New upstream release candidate for Ceph Jewel:
        - FFe: http://pad.lv/1563714.
        - d/p/32bit-compat.patch,tasksmax-infinity.patch: Dropped,
          included upstream.
      * d/ceph-common.postinst: Silence output of usermod call (LP: #1569249).
    
     -- James Page <email address hidden>  Thu, 14 Apr 2016 14:46:58 +0100
  • ceph (10.1.1-0ubuntu1) xenial; urgency=medium
    
      * New upstream release candidate for Ceph Jewel:
        - FFe: http://pad.lv/1563714.
        - d/p/*: Refresh.
    
     -- James Page <email address hidden>  Fri, 08 Apr 2016 16:30:43 +0100
  • ceph (10.1.0-0ubuntu1) xenial; urgency=medium
    
      * New upstream release candidate for Ceph Jewel
        (see http://pad.lv/1563714 for FFe):
        - d/control,rules,librgw*: Add new binary packages for librgw2.
        - d/p/fix-systemd-escaping.patch,pybind-flags.patch: Dropped,
          included upstream.
        - d/p/*: Refresh remaining patches.
        - d/control: Add BD on libldap2-dev for rados gateway.
        - d/p/disable-openssl-linking.patch: Disable build time linking
          with OpenSSL due to licensing incompatibilities.
        - d/*.symbols: Add new symbols for RC.
        - d/python-*.install: Correct wildcards for python module install.
        - d/p/32bit-compat.patch: Cherry pick upstream fix for 32 bit
          compatibility, resolving FTBFS on armhf/i386.
      * d/rules: Strip rbd-mirror package correctly.
      * d/rules: Install upstart and systemd configurations for rbd-mirror.
      * d/copyright: Ensure that jerasure and gf-complete are not stripped
        from the upstream release tarball.
      * d/p/drop-user-group-osd-prestart.patch: Drop --setuser/--setgroup
        arguments from call to ceph-osd-prestart.sh; they are not supported
        and generate spurious non-fatal warning messages (LP: #1557461).
      * d/p/tasksmax-infinity.patch: Drop systemd limitation of number of
        processes and threads to long running ceph processes; the default
        of 512 tasks is way to low for even a modest Ceph cluster
        (LP: #1564917).
      * d/rules: Ensure that dh_systemd_start does not insert maintainer
        script snippets for ceph-mon and ceph-create-keys - service restart
        should be handled outside of the packaging as it is under upstart
        and for all other systemd unit files installed (LP: #1563330).
    
     -- James Page <email address hidden>  Wed, 06 Apr 2016 09:17:59 +0100
  • ceph (10.0.5-0ubuntu1) xenial; urgency=medium
    
      * New upstream point release, in preparation for Ceph Jewel.
        - d/p/*: Refresh patches
        - d/control: Enable rbd-mirror(-dbg) packages.
        - d/control: Add BD on libboost-iostreams-dev.
        - d/p/skip-setup.py-makefiles.patch,rules: Avoid use of virtualenv
          to install ceph-disk and ceph-detect-init python modules.
    
     -- James Page <email address hidden>  Wed, 23 Mar 2016 14:07:58 +0000
  • ceph (10.0.3-0ubuntu1) xenial; urgency=medium
    
      * New upstream point release, in preparation for Ceph Jewel.
        - d/p/*: Refresh patches
        - d/rules,d/p/rocksdb-flags.patch: Enable rocksdb build for
          experimental bluestore support, add patch to set g++ flags
          correctly across all Ubuntu archs.
        - d/rules: Enable gperftools use on arm64 architecture.
        - d/ceph.install: Add ceph-bluefs-tool to install.
      * d/*: wrap-and-sort.
    
     -- James Page <email address hidden>  Fri, 18 Mar 2016 10:41:37 +0000
  • ceph (10.0.2-0ubuntu1) xenial; urgency=medium
    
      * New upstream release, in preparation for Ceph Jewel stable release:
        - d/control: Add python-dev to BD's.
        - d/p/pybind-flags.patch: Ensure that python flags are correct
          set for cython rbd build.
        - d/python-rbd.install: Switch rbd python binding to cython.
        - d/p/modules.patch: Dropped, no longer required as upstream.
        - d/control,rbd-nbd.*,rules: Add rbd-nbd package.
        - d/p/*: Tidy old redundant patches.
    
     -- James Page <email address hidden>  Thu, 18 Feb 2016 08:07:30 +0000
  • ceph (9.2.0-0ubuntu6) xenial; urgency=medium
    
      * d/ceph-mds.dirs: Actually create /var/lib/ceph/mds prior to changing
        permissions (LP: #1544647).
      * d/ceph.init: Restore link to init-ceph, resolving un-install failures
        due to missing init script (LP: #1546112).
    
     -- James Page <email address hidden>  Wed, 17 Feb 2016 10:33:24 +0000
  • ceph (9.2.0-0ubuntu5) xenial; urgency=medium
    
      [ guessi ]
      * d/ceph-mds.postinst: Fixup syntax error (LP: #1544647).
    
     -- James Page <email address hidden>  Tue, 16 Feb 2016 12:54:16 +0000
  • ceph (9.2.0-0ubuntu4) xenial; urgency=medium
    
      * d/p/fix-systemd-escaping.patch: Ensure that leading '/' is stripped
        from block device paths when escaping for use in systemd unit
        names.
    
     -- James Page <email address hidden>  Tue, 09 Feb 2016 11:03:03 +0000
  • ceph (9.2.0-0ubuntu3) xenial; urgency=medium
    
      * d/ceph{-common}.install: Move ceph_daemon module to common package
        as its required to use the ceph command.
      * d/rules: Disable parallel builds on arm64, resolving FTBFS due to
        memory constraints in builders.
    
     -- James Page <email address hidden>  Fri, 15 Jan 2016 10:00:47 +0200
  • ceph (9.2.0-0ubuntu2) xenial; urgency=medium
    
      * d/control: Fixup broken Breaks/Replaces for backports to 14.04.
    
     -- James Page <email address hidden>  Wed, 06 Jan 2016 10:46:19 +0000
  • ceph (9.2.0-0ubuntu1) xenial; urgency=medium
    
      * [754935] Imported Upstream version 9.2.0
        - [df85c3] Resync relevant packaging changes with upstream.
        - [be5f82] Refresh patches.
        - [d1f3fe] Add python-setuptools to BD's for ceph-detect-init.
        - [b2f926] Add lsb-release to BD's to ensure that python modules are
                   installed to correct locations.
        - [e4d702] Add python-sphinx to BD's to ensure man pages get generated
                   and installed.
        - [3ead6e] Correct install location for ceph-monstore-update tool.
        - [269754] [177b7a] Update symbols for new release.
      * [4c45629] Update NEWS file for infernalis changes.
      * [940491e] Limit number of parallel builds to 2 to reduce memory footprint
                  on builders.
    
     -- James Page <email address hidden>  Wed, 09 Dec 2015 18:02:30 +0000
  • ceph (0.94.5-0ubuntu1) xenial; urgency=medium
    
      * New upstream release (LP: #1512292):
        - d/p/*: Refresh.
        - d/p/ceph-radosgw-init.patch: Dropped, included upstream.
        - d/*.symbols: Refresh.
      * d/p/modules.patch: Add jerasure_neon and shec erasure coding plugins
        to generate unversioned so's for plugin loading (LP: #1507244).
      * d/rules: Ensure that any remaining versioned so's are dropped from
        the packaging - this is all test code (LP: #1507244).
    
     -- James Page <email address hidden>  Mon, 02 Nov 2015 14:47:31 +0000
  • ceph (0.94.3-0ubuntu2) wily; urgency=medium
    
      * d/ceph.install: Drop ceph-deploy manpage from packaging, provided
        by ceph-deploy itself (LP: #1475910).
    
     -- James Page <email address hidden>  Mon, 07 Sep 2015 14:42:03 +0100