From: David Galloway Date: Thu, 13 May 2021 18:53:53 +0000 (-0400) Subject: doc: 16.2.4 Release Notes X-Git-Tag: v17.1.0~1973^2~3 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=59fc89a1a350c8f03b61432ede6719ae4a92b2d3;p=ceph.git doc: 16.2.4 Release Notes Signed-off-by: David Galloway --- diff --git a/doc/releases/index.rst b/doc/releases/index.rst index 8a251305aea2..56204a08f750 100644 --- a/doc/releases/index.rst +++ b/doc/releases/index.rst @@ -59,6 +59,7 @@ Release timeline .. _Pacific: pacific +.. _16.2.4: pacific#v16-2-4-pacific .. _16.2.3: pacific#v16-2-3-pacific .. _16.2.2: pacific#v16-2-2-pacific .. _16.2.1: pacific#v16-2-1-pacific diff --git a/doc/releases/pacific.rst b/doc/releases/pacific.rst index 54e2dd0f840a..6f8d5326e8d7 100644 --- a/doc/releases/pacific.rst +++ b/doc/releases/pacific.rst @@ -5,6 +5,21 @@ Pacific Pacific is the 16th stable release of Ceph. It is named after the giant pacific octopus (Enteroctopus dofleini). +v16.2.4 Pacific +=============== + +This is a hotfix release addressing a number of security issues and regressions. We recommend all users update to this release. + +Changelog +--------- + +* mgr/dashboard: fix base-href: revert it to previous approach (`issue#50684 `_, Avan Thakkar) +* mgr/dashboard: fix cookie injection issue (:ref:`CVE-2021-3509`, Ernesto Puerta) +* mgr/dashboard: fix set-ssl-certificate{,-key} commands (`issue#50519 `_, Alfonso Martínez) +* rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name (:ref:`CVE-2021-3531`, Felix Huettner) +* rgw: sanitize \r in s3 CORSConfiguration's ExposeHeader (:ref:`CVE-2021-3524`, Sergey Bobrov, Casey Bodley) +* systemd: remove ProtectClock=true for ceph-osd@.service (`issue#50347 `_, Wong Hoi Sing Edison) + v16.2.3 Pacific =============== diff --git a/doc/releases/releases.yml b/doc/releases/releases.yml index bf1e8f27aedf..12342f64d924 100644 --- a/doc/releases/releases.yml +++ b/doc/releases/releases.yml @@ -15,6 +15,8 @@ releases: pacific: target_eol: 2023-06-01 releases: + - version: 16.2.4 + released: 2021-05-13 - version: 16.2.3 released: 2021-05-06 - version: 16.2.2