Dan van der Ster from CERN presents on what has been coined “the bug of the year” in Ceph.
Ceph is a unified, distributed storage system designed for excellent performance, reliability and scalability.
Ceph provides seamless access to objects using native language bindings or radosgw (RGW), a REST interface that’s compatible with applications written for S3 and Swift.
Ceph’s RADOS Block Device (RBD) provides access to block device images that are striped and replicated across the entire storage cluster.
This is the fourth release of the Ceph Octopus stable release series. In addition to a security fix in RGW, this release brings a range of fixes across all components. We recommend that all Octopus users upgrade to this release. Notable Changes¶ CVE-2020-10753: rgw: sanitize newlines in s3 CORSConfiguration’s ExposeHeader...