From 58320b2c69c7fde756faa594958c90db5e67ccec Mon Sep 17 00:00:00 2001 From: David Galloway Date: Thu, 21 Jul 2022 12:45:45 -0400 Subject: [PATCH] doc: 16.2.10 Release notes Signed-off-by: David Galloway --- doc/releases/index.rst | 1 + doc/releases/pacific.rst | 35 +++++++++++++++++++++++++++++++++++ doc/releases/releases.yml | 2 ++ 3 files changed, 38 insertions(+) diff --git a/doc/releases/index.rst b/doc/releases/index.rst index bd0db5818956b..2daad8c1a29fc 100644 --- a/doc/releases/index.rst +++ b/doc/releases/index.rst @@ -67,6 +67,7 @@ Release timeline .. _17.2.2: quincy#v17-2-2-quincy .. _Pacific: pacific +.. _16.2.10: pacific#v16-2-10-pacific .. _16.2.9: pacific#v16-2-9-pacific .. _16.2.8: pacific#v16-2-8-pacific .. _16.2.7: pacific#v16-2-7-pacific diff --git a/doc/releases/pacific.rst b/doc/releases/pacific.rst index 182f3a8ee6256..d78435016948a 100644 --- a/doc/releases/pacific.rst +++ b/doc/releases/pacific.rst @@ -2,6 +2,41 @@ Pacific ======= +v16.2.10 Pacific +================ + +This is a hotfix release that resolves two security flaws. + +Notable Changes +--------------- +* Users who were running OpenStack Manila to export native CephFS, who + upgraded their Ceph cluster from Nautilus (or earlier) to a later + major version, were vulnerable to an attack by malicious users. The + vulnerability allowed users to obtain access to arbitrary portions of + the CephFS filesystem hierarchy, instead of being properly restricted + to their own subvolumes. The vulnerability is due to a bug in the + "volumes" plugin in Ceph Manager. This plugin is responsible for + managing Ceph File System subvolumes which are used by OpenStack + Manila services as a way to provide shares to Manila users. + + With this hotfix, the vulnerability is fixed. Administrators who are + concerned they may have been impacted should audit the CephX keys in + their cluster for proper path restrictions. + + Again, this vulnerability only impacts OpenStack Manila clusters which + provided native CephFS access to their users. + +* A regression made it possible to dereference a null pointer for + for s3website requests that don't refer to a bucket resulting in an RGW + segfault. + +Changelog +--------- +* mgr/volumes: Fix subvolume discover during upgrade (:ref:`CVE-2022-0670`, Kotresh HR) +* mgr/volumes: V2 Fix for test_subvolume_retain_snapshot_invalid_recreate (:ref:`CVE-2022-0670`, Kotresh HR) +* qa: validate subvolume discover on upgrade (Kotresh HR) +* rgw: s3website check for bucket before retargeting (Seena Fallah) + v16.2.9 Pacific =============== diff --git a/doc/releases/releases.yml b/doc/releases/releases.yml index ed05b2d9a4d24..2eb0348c75ad3 100644 --- a/doc/releases/releases.yml +++ b/doc/releases/releases.yml @@ -25,6 +25,8 @@ releases: pacific: target_eol: 2023-06-01 releases: + - version: 16.2.10 + released: 2022-07-21 - version: 16.2.9 released: 2022-05-19 - version: 16.2.8 -- 2.39.5