doc: release notes for Nautilus 14.2.7

Signed-off-by: Nathan Cutler <ncutler@suse.com>

diff --git a/doc/releases/general.rst b/doc/releases/general.rst
index 3a81bf8179986c32f73fc17be4e42583c1e0c01d..fe6962f9e9d1619414337af67c8d896d28767161 100644 (file)
--- a/doc/releases/general.rst
+++ b/doc/releases/general.rst
@@ -122,6 +122,7 @@ Release timeline
 .. ceph_timeline:: releases.yml development nautilus mimic luminous kraken jewel infernalis hammer giant firefly emperor
 
 .. _Nautilus: ../nautilus
+.. _14.2.7: ../nautilus#v14-2-7-nautilus
 .. _14.2.6: ../nautilus#v14-2-6-nautilus
 .. _14.2.5: ../nautilus#v14-2-5-nautilus
 .. _14.2.4: ../nautilus#v14-2-4-nautilus

diff --git a/doc/releases/nautilus.rst b/doc/releases/nautilus.rst
index dd273c6bb1e4b2a9e5876ccbab60af8b7dcebee2..97245b56fc0b83de1515b9526542b918523f4a84 100644 (file)
--- a/doc/releases/nautilus.rst
+++ b/doc/releases/nautilus.rst
@@ -1,3 +1,19 @@
+v14.2.7 Nautilus
+================
+
+This is the seventh update to the Ceph Nautilus release series. This is
+a hotfix release primarily fixing a couple of security issues. We
+recommend that all users upgrade to this release.
+
+Notable Changes
+---------------
+
+* CVE-2020-1699: Fixed a path traversal flaw in Ceph dashboard that
+  could allow for potential information disclosure (Ernesto Puerta)
+* CVE-2020-1700: Fixed a flaw in RGW beast frontend that could lead to
+  denial of service from an unauthenticated client (Or Friedmann)
+
+
 v14.2.6 Nautilus
 ================
 

diff --git a/doc/releases/releases.yml b/doc/releases/releases.yml
index 266cfb14d50fb886e641765340fd54e3212bf24d..95c57831b6aa4ffd84fd44065fce9ac2431f0571 100644 (file)
--- a/doc/releases/releases.yml
+++ b/doc/releases/releases.yml
@@ -14,6 +14,8 @@
 releases:
   nautilus:
     releases:
+      - version: 14.2.7
+        released: 2020-01-31
       - version: 14.2.6
         released: 2020-01-09
       - version: 14.2.5