Updated ceph packages fix security vulnerability

Updated ceph packages fix a security issue allowing an attacker to make Ceph accept any certificate...

SUSE-SU-2021:1474-1 Security update for ceph

This update for ceph fixes the following issues: - ceph was updated to 15.2.11-83-g8a15f484c2: CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. disk gets replaced with no rocksdb/wal bsc1184231. BlueStore handles huge4GB writes from RocksDB to BlueFS poorly, potentially causing data...

SUSE-SU-2021:1473-1 Security update for ceph

This update for ceph fixes the following issues: - ceph was updated to 14.2.20-402-g6aa76c6815: CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905. CVE-2020-27839: Use secure cookies to store JWT Token...

SUSE-SU-2021:1472-1 Security update for ceph, deepsea

This update for ceph, deepsea fixes the following issues: - ceph was updated to 14.2.20-402-g6aa76c6815: CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905. CVE-2020-27839: Use secure cookies to store JWT Tok...

OPENSUSE-SU-2021:0544-1 Security update for ceph

This update for ceph fixes the following issues: - ceph was updated to to 15.2.9 - cephadm: fix 'inspect' and 'pull' bsc1182766 - CVE-2020-27839: mgr/dashboard: Use secure cookies to store JWT Token bsc1179997 - CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905 -...

SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2021:1108-1)

This update for ceph fixes the following issues : ceph was updated to to 15.2.9 cephadm: fix 'inspect' and 'pull' bsc1182766 CVE-2020-27839: mgr/dashboard: Use secure cookies to store JWT Token bsc1179997 CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905...

SUSE-SU-2021:1108-1 Security update for ceph

This update for ceph fixes the following issues: - ceph was updated to to 15.2.9 - cephadm: fix 'inspect' and 'pull' bsc1182766 - CVE-2020-27839: mgr/dashboard: Use secure cookies to store JWT Token bsc1179997 - CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905 -...

OPENSUSE-SU-2021:0079-1 Security update for ceph

This update for ceph fixes the following issues: Security issues fixed: - CVE-2020-27781: Fixed a privilege escalation via the cephvolumeclient Python interface bsc1179802 bsc1180155. Non-security issues fixed: - Fixes an issue when check in legacy collection reaches end. bsc1179139 - Fixes an...

Security update for ceph (moderate)

openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2020:2057-1 Rating: moderate References: 1151612 1158257 1169134 1170487 1174591 1175061 1175240 1175781 1177843 Cross-References: CVE-2020-25660 Affected Products: openSUSE Leap 15.1 An update that solves one...

OPENSUSE-SU-2020:2057-1 Security update for ceph

This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Major batch refactor of ceph-volume that addresses a couple of issues bsc1151612, bsc1158257 - Documented Prometheus' security model bsc1169134 - monclient: Fixed an issue whe...

SUSE-SU-2019:2994-1 Security update for ceph

This update for ceph fixes the following issues: - A previous update introduced a regression with the potential to cause RocksDB data corruption in Nautilus bsc1156282. - Support for iSCSI target-level CHAP authentication was added bsc1145617. - Implemented validation and rendering of iSCSI...

Debian: Security Advisory (DLA-1696-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2017:3171-1 Security update for ceph

This update provides Ceph 10.2.10, which brings fixes and enhancements: This security issue was fixed: - CVE-2017-7519: libradosstriper processes arbitrary printf placeholders in user input. bsc1043767 - CVE-2016-9579: Do not abort RGW server when accepting a CORS request with short origin...

SUSE-SU-2017:2922-1 Security update for ceph

CEPH was updated to version 10.2.10, which brings several fixes and enhancements. Upstream 10.2.10 release summary can be found at: https://ceph.com/releases/v10-2-10-jewel-released/ Security issues fixed: - CVE-2017-7519: libradosstriper processed arbitrary printf placeholders in user input...

SUSE-SU-2016:2809-1 Recommended update for ceph

This update provides Ceph 10.2.3, which includes important bug fixes in RBD mirroring, RGW multi-site, CephFS, and RADOS. Build/OPS: - AArch64: Detect crc32 extension support from assembler. bsc999688 - Drop legacy ceph RA which doesn't work with systemd unit files. - The mount.ceph binary, which...

SUSE-SU-2016:0806-1 Security update for ceph

This update provides Ceph 0.8.11, which fixes the following security issue: - CVE-2015-5245: A CRLF injection vulnerability in the Ceph Object Gateway aka radosgw or RGW could allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket...

SUSE-SU-2015:1102-1 Security update for SES 1.0

This collective update for SUSE Enterprise Storage 1.0 provides fixes and enhancements. ceph update to version 0.80.9: - Support non-ASCII characters. bnc907510 - Fixes issue with more than one OSD / MON on same node. bnc927862 - Reinstates Environment=CLUSTER=ceph lines removed by last patch...