SuseSUSE-SU-2022:2818-1Security update for ceph (important)
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
An update that solves one vulnerability, contains one
feature and has 5 fixes is now available.
Description:
This update for ceph fixes the following issues:
-
Update to 16.2.9-536-g41a9f9a5573:
- (bsc#1195359, bsc#1200553) rgw: check bucket shard init status in
RGWRadosBILogTrimCR - (bsc#1194131) ceph-volume: honour osd_dmcrypt_key_size option
(CVE-2021-3979)
- (bsc#1195359, bsc#1200553) rgw: check bucket shard init status in
-
Update to 16.2.9-158-gd93952c7eea:
- cmake: check for python(\d).(\d+) when building boost
- make-dist: patch boost source to support python 3.10
-
Update to ceph-16.2.9-58-ge2e5cb80063:
- (bsc#1200064, pr#480) Remove last vestiges of docker.io image paths
-
Update to 16.2.9.50-g7d9f12156fb:
- (jsc#SES-2515) High-availability NFS export
- (bsc#1196044) cephadm: prometheus: The generatorURL in alerts is only
using hostname - (bsc#1196785) cephadm: avoid crashing on expected non-zero exit
-
Update to 16.2.7-969-g6195a460d89
- (jsc#SES-2515) High-availability NFS export
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2818=1
-
SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2818=1
Related
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N