Accepting request 893088 from filesystems:ceph:pacific

16.2.4 OBS-URL: https://build.opensuse.org/request/show/893088 OBS-URL: https://build.opensuse.org/package/show/filesystems:ceph/ceph?expand=0&rev=298
2021-05-14 10:37:43 +00:00 · 2021-05-14 10:37:43 +00:00 · 9d312fc94f
commit 9d312fc94f
parent 20df9b2138
6 changed files with 35 additions and 9 deletions
--- a/ceph-16.2.3-26-g422932e923.tar.bz2
+++ b/ceph-16.2.3-26-g422932e923.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e32138b1504d468489062af2e22cb5ea70d60e380850028788dfd967c2b0b36c
-size 126604352
--- a/ceph-16.2.4-26-g555d38aa5a5.tar.bz2
+++ b/ceph-16.2.4-26-g555d38aa5a5.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d7ac1786be914d358b04c3bf47e90e36362983a7f4344806f2b4610df47550f9
+size 126794830
--- a/ceph-test.changes
+++ b/ceph-test.changes
@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Fri May 14 10:20:23 UTC 2021 - Nathan Cutler <ncutler@suse.com>
+
+- Update to 16.2.4-26-g555d38aa5a5:
+  + rebased on top of v16.2.4 tag
+    https://ceph.io/releases/v16-2-4-pacific-released/
+    * mgr/dashboard: fix base-href: revert it to previous approach
+    * mgr/dashboard: fix cookie injection issue (CVE-2021-3509)
+    * mgr/dashboard: fix set-ssl-certificate{,-key} commands
+    * rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name (CVE-2021-3531)
+    * rgw: sanitize \r in s3 CORSConfiguration’s ExposeHeader (CVE-2021-3524)
+    * systemd: remove ProtectClock=true for ceph-osd@.service
+
 -------------------------------------------------------------------
 Thu May  6 21:46:52 UTC 2021 - Nathan Cutler <ncutler@suse.com>

--- a/ceph-test.spec
+++ b/ceph-test.spec
@ -123,7 +123,7 @@
 # main package definition
 #################################################################################
 Name: ceph-test
-Version: 16.2.3.26+g422932e923
+Version: 16.2.4.26+g555d38aa5a5
 Release: 0%{?dist}
 %if 0%{?fedora} || 0%{?rhel}
 Epoch: 2
@ -139,7 +139,7 @@ License: LGPL-2.1 and LGPL-3.0 and CC-BY-SA-3.0 and GPL-2.0 and BSL-1.0 and BSD-
 Group: System/Filesystems
 %endif
 URL: http://ceph.com/
-Source0: %{?_remote_tarball_prefix}ceph-16.2.3-26-g422932e923.tar.bz2
+Source0: %{?_remote_tarball_prefix}ceph-16.2.4-26-g555d38aa5a5.tar.bz2
 %if 0%{?suse_version}
 Source94: ceph-rpmlintrc
 Source95: checkin.sh
@ -592,7 +592,7 @@ This package contains Ceph benchmarks and test tools.
 %if 0%{?suse_version}
 %endif
 %prep
-%autosetup -p1 -n ceph-16.2.3-26-g422932e923
+%autosetup -p1 -n ceph-16.2.4-26-g555d38aa5a5

 %build
 # LTO can be enabled as soon as the following GCC bug is fixed:
--- a/ceph.changes
+++ b/ceph.changes
@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Fri May 14 10:20:23 UTC 2021 - Nathan Cutler <ncutler@suse.com>
+
+- Update to 16.2.4-26-g555d38aa5a5:
+  + rebased on top of v16.2.4 tag
+    https://ceph.io/releases/v16-2-4-pacific-released/
+    * mgr/dashboard: fix base-href: revert it to previous approach
+    * mgr/dashboard: fix cookie injection issue (CVE-2021-3509)
+    * mgr/dashboard: fix set-ssl-certificate{,-key} commands
+    * rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name (CVE-2021-3531)
+    * rgw: sanitize \r in s3 CORSConfiguration’s ExposeHeader (CVE-2021-3524)
+    * systemd: remove ProtectClock=true for ceph-osd@.service
+
 -------------------------------------------------------------------
 Thu May  6 21:46:52 UTC 2021 - Nathan Cutler <ncutler@suse.com>

--- a/ceph.spec
+++ b/ceph.spec
@ -123,7 +123,7 @@
 # main package definition
 #################################################################################
 Name:		ceph
-Version:	16.2.3.26+g422932e923
+Version:	16.2.4.26+g555d38aa5a5
 Release:	0%{?dist}
 %if 0%{?fedora} || 0%{?rhel}
 Epoch:		2
@ -139,7 +139,7 @@ License:	LGPL-2.1 and LGPL-3.0 and CC-BY-SA-3.0 and GPL-2.0 and BSL-1.0 and BSD-
 Group:		System/Filesystems
 %endif
 URL:		http://ceph.com/
-Source0:	%{?_remote_tarball_prefix}ceph-16.2.3-26-g422932e923.tar.bz2
+Source0:	%{?_remote_tarball_prefix}ceph-16.2.4-26-g555d38aa5a5.tar.bz2
 %if 0%{?suse_version}
 # _insert_obs_source_lines_here
 ExclusiveArch:  x86_64 aarch64 ppc64le s390x
@ -1209,7 +1209,7 @@ This package provides Ceph default alerts for Prometheus.
 # common
 #################################################################################
 %prep
-%autosetup -p1 -n ceph-16.2.3-26-g422932e923
+%autosetup -p1 -n ceph-16.2.4-26-g555d38aa5a5

 %build
 # LTO can be enabled as soon as the following GCC bug is fixed: