The Ceph Blog

Ceph blog stories provide high-level spotlights on our customers all over the world

July 27, 2018

13.2.1 Mimic released

This is the first bugfix release of the Mimic v13.2.x long term stable release
series. This release contains many fixes across all components of Ceph,
including a few security fixes. We recommend that all users upgrade.

Notable Changes

  • CVE 2018-1128: auth: cephx authorizer subject to replay attack (issue#24836, Sage Weil)
  • CVE 2018-1129: auth: cephx signature check is weak (issue#24837, Sage Weil)
  • CVE 2018-10861: mon: auth checks not correct for pool ops (issue#24838, Jason Dillaman)