Re: [ceph-users] Re: [Ceph-maintainers] v14.2.20 Nautilus released

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Apr 20, 2021 at 11:30 AM Dan van der Ster <dan@xxxxxxxxxxxxxx> wrote:
>
> On Tue, Apr 20, 2021 at 11:26 AM Ilya Dryomov <idryomov@xxxxxxxxx> wrote:
> >
> > On Tue, Apr 20, 2021 at 2:01 AM David Galloway <dgallowa@xxxxxxxxxx> wrote:
> > >
> > > This is the 20th bugfix release in the Nautilus stable series.  It
> > > addresses a security vulnerability in the Ceph authentication framework.
> > > We recommend users to update to this release. For a detailed release
> > > notes with links & changelog please refer to the official blog entry at
> > > https://ceph.io/releases/v14-2-20-nautilus-released
> > >
> > > Security Fixes
> > > --------------
> > >
> > > * This release includes a security fix that ensures the global_id value
> > > (a numeric value that should be unique for every authenticated client or
> > > daemon in the cluster) is reclaimed after a network disconnect or ticket
> > > renewal in a secure fashion.  Two new health alerts may appear during
> > > the upgrade indicating that there are clients or daemons that are not
> > > yet patched with the appropriate fix.
> >
> > The link in the blog entry should point at
> >
> > https://docs.ceph.com/en/latest/security/CVE-2021-20288/
> >
> > Please refer there for details and recommendations.
>
> Thanks Ilya.
>
> Is there any potential issue if clients upgrade before the cluster daemons?
> (Our clients will likely get 14.2.20 before all the clusters have been
> upgraded).

No issue.  Userspace clients would just start doing what is expected
by the protocol, same as kernel clients.

                Ilya
_______________________________________________
Dev mailing list -- dev@xxxxxxx
To unsubscribe send an email to dev-leave@xxxxxxx



[Index of Archives]     [CEPH Users]     [Ceph Devel]     [Ceph Large]     [Information on CEPH]     [Linux BTRFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux