Debian Patches

Status for ceph/16.2.11+ds-5

Patch Description Author Forwarded Bugs Origin Last update
enable-strsignal.patch This defines HAVE_REENTRANT_STRSIGNAL as sys_siglist no longer exists with glibc 2.32 and all programs should use strsignal instead.

===================================================================
no 2020-09-21
update-java-source-target-flags.patch use --release 7 instead of -source/-target Instead of -source/-target ceph should be build with --release for OpenJDK 9
or later so that the bootclasspath is also set, as per JEP-247, otherwise it
risks incurring into binary incompatibility when run with an earlier OpenJDK.
OpenJDK 11 minimum compatibility release has been updated to 7.
Tiago Strmer Daitx <tiago.daitx@ubuntu.com> no 2018-04-24
disable-crypto.patch =================================================================== no
civetweb-755-1.8-somaxconn-configurable_conf.patch Adds max_connections to reference configuration. Jesse Williamson <jesse.williamson@canonical.com> yes upstream upstream, https://github.com/civetweb/civetweb/pull/776/commits/3b8eb36676f70d06f8918ccf62029207c49cdda0
civetweb-755-1.8-somaxconn-configurable.patch Makes SOMAXCONN user-configurable. Jesse Williamson <jesse.williamson@canonical.com> yes upstream upstream, https://github.com/civetweb/civetweb/pull/776/commits/febab7dc38c9671577603425c54c20f841e27f97
civetweb-755-1.8-somaxconn-configurable_test.patch Adds max_connections to test display. Jesse Williamson <jesse.williamson@canonical.com> yes upstream upstream, https://github.com/civetweb/civetweb/pull/776/commits/3b8eb36676f70d06f8918ccf62029207c49cdda0
debian-armel-armhf-buildflags.patch no
fix-bash-completion-location no
32bit-fixes.patch Misc fixes for 32 bit architecture builds.
===================================================================
James Page <james.page@ubuntu.com> no
add-option-to-disable-ceph-dencoder.patch =================================================================== no
riscv64-link-pthread.patch Link with -pthread instead of -lpthread to fix FTBFS on riscv64
===================================================================
no 2020-03-01
fix-ceph-osd-systemd-target.patch Fix systemd ceph-osd.target This helps when rebooting. Thomas Goirand <zigo@debian.org> no 2021-01-28
compile-ppc.c-on-all-powerpc-machines.patch [PATCH] arch,cmake: compile ppc.c on all powerpc machines
* cmake/modules/SIMDExt.cmake: define HAVE_PPC for 32-bit PowerPC.
* src/arch/CMakeLists.txt: compile ppc.c for all PowerPC architectures,
including powerpc (32-bit PowerPC), ppc64el (64-bit Little Endian
PowerPC) and ppc64 (64-bit Big Endian PowerPC).

before this change, ppc.c is only compiled if HAVE_POWER8 is defined.
but Power8 is a 64-bit PowerPC architecture. while in src/arch/probe.cc,
we check for `defined(__powerpc__) || defined(__ppc__)`, if this is
true, ceph_arch_ppc_probe() is used to check for the support of
Altivec. but on non-power8 PowerPC machines, the linker fails to find the
symbols like ceph_arch_ppc_probe(), as ppc.c is not compiled on them.

in this change, ppc.c is compiled on all PowerPC architectures, so that
ceph_arch_ppc_probe() is also available on non-power8 machines. this
change does not impact the behavior of non-power8 machines. because
on them, the runtime check would fail to detect the existence of
PPC_FEATURE2_VEC_CRYPTO instructions.
Kefu Chai <tchaikov@gmail.com> no 2021-08-29
bug1914584.patch [PATCH] rgw/radosgw-admin clarify error when email address already in use

The error message if you try and create an S3 user with an email
address that is already associated with another S3 account is very
confusing; this patch makes it much clearer

To reproduce:

radosgw-admin user create --uid=foo --display-name="Foo test" --email=bar@domain.invalid
radosgw-admin user create --uid=test --display-name="AN test" --email=bar@domain.invalid
could not create user: unable to parse parameters, user id mismatch, operation id: foo does not match: test

With this patch:

radosgw-admin user create --uid=test --display-name="AN test" --email=bar@domain.invalid
could not create user: unable to create user test because user id foo already exists with email bar@domain.invalid

(cherry picked from commit 05318d6f71e45a42a46518a0ef17047dfab83990)
Matthew Vernon <mv3@sanger.ac.uk> no 2021-02-04
bug1917414.patch [PATCH] src/isa-l/erasure_code: Fix text relocation on aarch64
Here is the bug report on ceph. https://tracker.ceph.com/issues/48681
luo rixin <luorixin@huawei.com> no 2021-01-08
cmake-test-for-16-bytes-atomic-support-on-mips-also.patch cmake: test for 16-byte atomic support on mips also it's reported that a mips64el build host is able to pass the test of
CheckCxxAtomic without linking against libatomic, while librbd.so
fails to link due to failures like
.
/usr/bin/ld: ../../../lib/librbd.so.1.16.0: undefined reference to `__atomic_store_16'
/usr/bin/ld: ../../../lib/librbd.so.1.16.0: undefined reference to `__atomic_load_16'
/usr/bin/ld: ../../../lib/librbd.so.1.16.0: undefined reference to `__atomic_compare_exchange_16'
.
so we have to check the existence of __atomic_load_16 instruction on
mips architecture.

diff --git a/cmake/modules/CheckCxxAtomic.cmake b/cmake/modules/CheckCxxAtomic.cmake
index f2d89cf3e0beb..da2be5206d634 100644
Kefu Chai <tchaikov@gmail.com> no upstream, https://github.com/ceph/ceph/commit/709a77f22010f03aee4a4c0ab930588944cb4a58 2021-11-24
only-yied-under-armv7-and-above.patch Only yield under ARMv7 and above (#1176) Rosen Penev <rosenp@gmail.com> no upstream, https://github.com/facebook/folly/commit/62d8e6e0b91ebd6f878f3066cd9b6e5f3c18a97b.patch 2021-11-24
Fix-build-with-fmt-8-9.patch Fix build with fmt 8/9
+ changes in segment_manager.cc and segment_manager.h are backported from
part of the large changes in https://github.com/ceph/ceph/commit/d5b0cd13
+ change in node_extent_accessor.h is not forwarded to upstream since it's
a workaround. However it doesn't harm since it's just a error message
which shouldn't happen anyway.
+ changes in seastar is backported from
https://github.com/scylladb/seastar/commit/dfb62861
+ changes in crimson/osd/main.cc is backported from
https://github.com/ceph/ceph/commit/58cb9bac
Shengjing Zhu <zhushengjing@cambricon.com> no 2022-07-31
fix-CheckCxxAtomic-riscv64.patch Fix CheckCxxAtomic to detect more accurately Some platforms like riscv64 does not have full support for atomic primitives,
yet passes the test. Adding operator++ fixes this issue.

===================================================================
Eric Long <i@hack3r.moe> no 2023-09-29
CVE-2022-3650_1_ceph-crash_drop_privleges_to_run_as_ceph_user_rather_than_root.patch CVE-2022-3650: ceph-crash: drop privleges to run as "ceph" user, rather than root If privileges cannot be dropped, log an error and exit. This commit
also catches and logs exceptions when scraping the crash path, without
which ceph-crash would just exit if it encountered an error.

===================================================================
Tim Serong <tserong@suse.com> yes debian upstream upstream, https://github.com/ceph/ceph/commit/130c9626598bc3a75942161e6cce7c664c447382 2022-11-28
CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch CVE-2022-3650: ceph-crash: fix stderr handling Popen.communicate() returns a tuple (stdout, stderr), and stderr
will be of type bytes, hence the need to decode it before checking
if it's an empty string or not.

diff --git a/src/ceph-crash.in b/src/ceph-crash.in
index 0fffd59a96df5..e2a7be59da701 100755
Tim Serong <tserong@suse.com> no debian upstream upstream, https://github.com/ceph/ceph/commit/45915540559126a652f8d9d105723584cfc63439 2022-11-28
CVE-2022-3854_1_rgw_Guard_against_malformed_bucket_URLs.patch CVE-2022-3854: rgw: Guard against malformed bucket URLs Misplaced colons can result in radosgw thinking is has a bucket URL
but with no bucket name, leading to a crash later on.

===================================================================
"Adam C. Emerson" <aemerson@redhat.com> no debian upstream, https://github.com/ceph/ceph/pull/47194/commits/9746e8011ff1de6de7dba9c0041e28a16c8f6828.patch 2022-01-09
include-cstdint-in-subsys_types.h.patch include cstdint in subsys_types.h Thomas Goirand <zigo@debian.org> no debian 2023-07-21
fix-gcc-13-issue.patch no
CVE-2023-43040_rgw_Fix_bucket_validation_against_POST_policies.patch CVE-2023-43040 rgw: Fix bucket validation against POST policies It's possible that user could provide a form part as a part of a POST
object upload that uses 'bucket' as a key; in this case, it was
overriding what was being set in the validation env (which is the real
bucket being modified). The result of this is that a user could actually
upload to any bucket accessible by the specified access key by matching
the bucket in the POST policy in said POST form part.
.
Fix this simply by setting the bucket to the correct value after the
POST form parts are processed, ignoring the form part above if
specified.

===================================================================
Joshua Baergen <jbaergen@digitalocean.com> yes upstream https://github.com/ceph/ceph/commit/98bfb71cb38899333deb58dd2562037450fd7fa8.patch 2023-05-17

All known versions for source package 'ceph'

Links