The Ceph Blog

Ceph blog stories provide high-level spotlights on our customers all over the world

January 7, 2019

13.2.4 Mimic released

This is the fourth bugfix release of the Mimic v13.2.x long term stable release series. This release includes two security fixes atop of v13.2.3. We recommend that all mimic users upgrade. If you’ve already upgraded to v13.2.3, the same restrictions from v13.2.2 to v13.2.3 apply here as well.

Notable Changes

  • CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts (issue#35994)
    • A new param rgw max listing results controls the upper bound max-keys on Bucket listing operations (ListBucket, ListBucketVersions, ListBucketMultipartUploads(max-uploads), ListMultipartUploadParts(max-parts)
  • CVE-2018-14662: mon: limit caps allowed to access the config store

Notable Changes in v13.2.3 Mimic

  • The default memory utilization for the mons has been increased
    somewhat. Rocksdb now uses 512 MB of RAM by default, which should
    be sufficient for small to medium-sized clusters; large clusters
    should tune this up. Also, the mon_osd_cache_size has been
    increase from 10 OSDMaps to 500, which will translate to an
    additional 500 MB to 1 GB of RAM for large clusters, and much less
    for small clusters.
  • Ceph v13.2.2 includes a wrong backport, which may cause mds to go into
    ‘damaged’ state when upgrading Ceph cluster from previous version.
    The bug is fixed in v13.2.3. If you are already running v13.2.2,
    upgrading to v13.2.3 does not require special action.
  • The bluestore_cache_* options are no longer needed. They are replaced
    by osd_memory_target, defaulting to 4GB. BlueStore will expand
    and contract its cache to attempt to stay within this
    limit. Users upgrading should note this is a higher default
    than the previous bluestore_cache_size of 1GB, so OSDs using
    BlueStore will use more memory by default.
    For more details, see the BlueStore docs.
  • This version contains an upgrade bug, http://tracker.ceph.com/issues/36686,
    due to which upgrading during recovery/backfill can cause OSDs to fail. This
    bug can be worked around, either by restarting all the OSDs after the upgrade,
    or by upgrading when all PGs are in “active+clean” state. If you have already
    successfully upgraded to 13.2.2, this issue should not impact you. Going
    forward, we are working on a clean upgrade path for this feature.

Changelog

  • CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts (issue#35994)
  • CVE-2018-14662: mon: limit caps allowed to access the config store

For the rest of the changes in v13.2.3 please refer to the v13.2.3 release blog entry

abhishekl

Careers