doc/releases/nautilus.rst: add release notes for 14.2.16

author Neha Ojha <nojha@redhat.com>

Wed, 16 Dec 2020 17:15:25 +0000 (17:15 +0000)

committer Neha Ojha <nojha@redhat.com>

Wed, 16 Dec 2020 17:33:40 +0000 (17:33 +0000)
author Neha Ojha <nojha@redhat.com>
Wed, 16 Dec 2020 17:15:25 +0000 (17:15 +0000)
committer Neha Ojha <nojha@redhat.com>
Wed, 16 Dec 2020 17:33:40 +0000 (17:33 +0000)
diff --git a/doc/releases/nautilus.rst b/doc/releases/nautilus.rst

index be096999089a0adebd1c6fee068d7c71078c88ab..e52285753fa6a81ee4bc03cc8c2a9f45ac54ff18 100644 (file)
--- a/doc/releases/nautilus.rst
+++ b/doc/releases/nautilus.rst
@@ -1,3 +1,24 @@
+v14.2.16 Nautilus
+=================
+
+This is the 16th backport release in the Nautilus series. This release fixes a
+security flaw in CephFS. We recommend users to update to this release.
+
+Notable Changes
+---------------
+
+* CVE-2020-27781 : OpenStack Manila use of ceph_volume_client.py library allowed
+  tenant access to any Ceph credential's secret. (Kotresh Hiremath Ravishankar,
+  Ramana Raja)
+
+
+Changelog
+---------
+
+* pybind/ceph_volume_client: disallow authorize on existing auth ids (Kotresh
+  Hiremath Ravishankar, Ramana Raja)
+
+
  v14.2.15 Nautilus
  =================
author	Neha Ojha <nojha@redhat.com>
	Wed, 16 Dec 2020 17:15:25 +0000 (17:15 +0000)
committer	Neha Ojha <nojha@redhat.com>
	Wed, 16 Dec 2020 17:33:40 +0000 (17:33 +0000)