Lucene search

K
suseSuseOPENSUSE-SU-2020:2057-1
HistoryNov 27, 2020 - 12:00 a.m.

Security update for ceph (moderate)

2020-11-2700:00:00
lists.opensuse.org
21
ceph update
vulnerability fixed
batch refactor
prometheus security
monclient fix
iscsi client fix
osd fix
restful module fix
grafana dashboard fix
bluestore fix
lvmcache fix

EPSS

0.001

Percentile

48.3%

An update that solves one vulnerability and has 8 fixes is
now available.

Description:

This update for ceph fixes the following issues:

  • CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges (bsc#1177843).
  • Major batch refactor of ceph-volume that addresses a couple of issues
    (bsc#1151612, bsc#1158257)
  • Documented Prometheus’ security model (bsc#1169134)
  • monclient: Fixed an issue where executing several ceph commands in a
    short amount of time led to a segmentation fault (bsc#1170487)
  • Fixed an issue, where it was not possible to edit an iSCSI logged-in
    client (bsc#1174591)
  • Fixed an issue, where OSDs could not get started after they failed
    (bsc#1175061)
  • Fixed an issue with the restful module, where it aborted on execution
    for POST calls (bsc#1175240)
  • Fixed a many-to-many issue in host-details Grafana dashboard
    (bsc#1175585)
  • Fixed collection_list ordering in os/bluestore (bsc#1172546)
  • Fixed help output of lvmcache (bsc#1175781)

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:

    zypper in -t patch openSUSE-2020-2057=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1noarch< - openSUSE Leap 15.1 (noarch):- openSUSE Leap 15.1 (noarch):.noarch.rpm
openSUSE Leap15.1x86_64< - openSUSE Leap 15.1 (x86_64):- openSUSE Leap 15.1 (x86_64):.x86_64.rpm