Oval Definition:oval:org.opensuse.security:def:50533
Revision Date:2020-12-01Version:1
Title:Security update for ceph (Moderate)
Description:

This update for ceph version 13.2.4 fixes the following issues:

Security issues fixed:

- CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety (bsc#1111177) - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon (bsc#1099162) - CVE-2018-1128: Fixed signature check bypass in cephx (bsc#1096748) - CVE-2018-1129: Fixed replay attack in cephx protocol (bsc#1096748) - CVE-2018-16846: Enforced bounds on max-keys/max-uploads/max-parts in rgw

Non-security issues fixed:

- ceph-volume Python 3 fixes (bsc#1114567) - fix python3 module loading (bsc#1086613)
Family:unixClass:patch
Status:Reference(s):1013712
1058115
1065600
1065729
1071995
1082023
1083548
1084645
1085030
1086613
1094289
1096748
1099162
1101262
1111177
1111666
1112178
1113956
1114567
1120163
1124729
1124734
1126088
1126284
1128378
1130489
1132666
1133021
1136035
1136666
1141680
1144333
1145383
1149792
1152148
1155798
1158785
1158787
1158788
1158789
1158790
1158791
1158792
1158793
1158795
1159913
1163524
1163985
1164903
1165629
1165631
1165692
1166965
1168468
1169790
1170232
1171558
1171675
1171688
1171988
1172073
1172108
1172247
1172418
1172428
1172871
1172872
1172873
1172963
1173060
1173304
1173485
1173798
1173954
1174003
1174026
1174070
1174098
1174205
1174387
1174484
1174547
1174549
1174550
1174625
1174658
1174685
1174689
1174699
1174734
1174757
1174771
1174840
1174841
1174843
1174844
1174845
1174852
1174873
1174904
1174926
1174968
1175062
1175063
1175064
1175065
1175066
1175067
1175070
1175071
1175112
1175127
1175128
1175149
1175199
1175213
1175228
1175232
1175284
1175393
1175394
1175396
1175397
1175398
1175399
1175400
1175401
1175402
1175403
1175404
1175405
1175406
1175407
1175408
1175409
1175410
1175411
1175412
1175413
1175414
1175415
1175416
1175417
1175418
1175419
1175420
1175421
1175422
1175423
1175440
1175493
1175515
1175518
1175526
1175550
1175599
1175621
1175654
1175666
1175667
1175668
1175669
1175670
1175691
1175767
1175768
1175769
1175770
1175771
1175772
1175786
1175807
1175873
1176019
1176031
1176069
1176400
1176907
1176979
1177090
1177109
1177121
1177193
1177194
1177206
1177258
1177271
1177283
1177284
1177285
1177286
1177297
1177384
1177409
1177412
1177413
1177414
1177511
1177617
1177681
1177683
1177687
1177694
1177697
1177719
1177724
1177725
1177726
1178074
954532
CVE-2016-9798
CVE-2018-0739
CVE-2018-10861
CVE-2018-1128
CVE-2018-1129
CVE-2018-14662
CVE-2018-16846
CVE-2019-1010305
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387
CVE-2019-14806
CVE-2019-19604
CVE-2019-2614
CVE-2019-2627
CVE-2019-2628
CVE-2019-5108
CVE-2019-6974
CVE-2019-7221
CVE-2019-8912
CVE-2019-9213
CVE-2020-10135
CVE-2020-11993
CVE-2020-12351
CVE-2020-12352
CVE-2020-14059
CVE-2020-14314
CVE-2020-14331
CVE-2020-14356
CVE-2020-14386
CVE-2020-16166
CVE-2020-1720
CVE-2020-1749
CVE-2020-1749
CVE-2020-24394
CVE-2020-24490
CVE-2020-24553
CVE-2020-25641
CVE-2020-25643
CVE-2020-25645
CVE-2020-27670
CVE-2020-27671
CVE-2020-27672
CVE-2020-27673
CVE-2020-9490
SUSE-SU-2018:2072-1
SUSE-SU-2019:0586-1
SUSE-SU-2019:2020-1
SUSE-SU-2019:2365-1
SUSE-SU-2019:3046-1
SUSE-SU-2020:0045-1
SUSE-SU-2020:0589-1
SUSE-SU-2020:1769-1
SUSE-SU-2020:2980-1
SUSE-SU-2020:3051-1
SUSE-SU-2020:3067-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Legacy Software 15 SP2
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libgcrypt-1.5.0-0.19 is installed
  • OR libgcrypt11-1.5.0-0.19 is installed
  • OR libgcrypt11-32bit-1.5.0-0.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.85-0.11 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.85-0.11 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.85-0.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND bogofilter-1.2.4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • DirectFB-1.7.1-4 is installed
  • OR lib++dfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • dbus-1-1.8.16-19 is installed
  • OR dbus-1-x11-1.8.16-19 is installed
  • OR libdbus-1-3-1.8.16-19 is installed
  • OR libdbus-1-3-32bit-1.8.16-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gnome-settings-daemon-3.20.1-49 is installed
  • OR gnome-settings-daemon-lang-3.20.1-49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • accountsservice-0.6.42-16.3 is installed
  • OR accountsservice-lang-0.6.42-16.3 is installed
  • OR libaccountsservice0-0.6.42-16.3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 is installed
  • AND Package Information
  • ceph-13.2.4.125+gad802694f5-3.7 is installed
  • OR ceph-common-13.2.4.125+gad802694f5-3.7 is installed
  • OR libcephfs-devel-13.2.4.125+gad802694f5-3.7 is installed
  • OR libcephfs2-13.2.4.125+gad802694f5-3.7 is installed
  • OR librados-devel-13.2.4.125+gad802694f5-3.7 is installed
  • OR librados2-13.2.4.125+gad802694f5-3.7 is installed
  • OR libradosstriper-devel-13.2.4.125+gad802694f5-3.7 is installed
  • OR libradosstriper1-13.2.4.125+gad802694f5-3.7 is installed
  • OR librbd-devel-13.2.4.125+gad802694f5-3.7 is installed
  • OR librbd1-13.2.4.125+gad802694f5-3.7 is installed
  • OR librgw-devel-13.2.4.125+gad802694f5-3.7 is installed
  • OR librgw2-13.2.4.125+gad802694f5-3.7 is installed
  • OR python3-cephfs-13.2.4.125+gad802694f5-3.7 is installed
  • OR python3-rados-13.2.4.125+gad802694f5-3.7 is installed
  • OR python3-rbd-13.2.4.125+gad802694f5-3.7 is installed
  • OR python3-rgw-13.2.4.125+gad802694f5-3.7 is installed
  • OR rados-objclass-devel-13.2.4.125+gad802694f5-3.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.29 is installed
  • OR reiserfs-kmp-default-5.3.18-24.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_16-default-5-2 is installed
  • OR kernel-livepatch-SLE15_Update_4-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_10-default-6-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_3-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • libpq5-32bit-10.12-4.19 is installed
  • OR postgresql10-10.12-4.19 is installed
  • OR postgresql10-test-10.12-4.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libmariadb3-32bit-3.1.2-3.9 is installed
  • OR mariadb-10.2.25-3.17 is installed
  • OR mariadb-bench-10.2.25-3.17 is installed
  • OR mariadb-connector-c-3.1.2-3.9 is installed
  • OR mariadb-galera-10.2.25-3.17 is installed
  • OR mariadb-test-10.2.25-3.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • go1.14-1.14.9-1.18 is installed
  • OR go1.14-race-1.14.9-1.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • ovmf-2017+git1510945757.b2662641d5-5.3 is installed
  • OR ovmf-tools-2017+git1510945757.b2662641d5-5.3 is installed
  • OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.3 is installed
  • OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND squid-4.12-5.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND squid-4.12-5.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • automake-1.13.4-4 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • qemu-2.3.1-33.3 is installed
  • OR qemu-block-curl-2.3.1-33.3 is installed
  • OR qemu-block-rbd-2.3.1-33.3 is installed
  • OR qemu-guest-agent-2.3.1-33.3 is installed
  • OR qemu-ipxe-1.0.0-33.3 is installed
  • OR qemu-kvm-2.3.1-33.3 is installed
  • OR qemu-lang-2.3.1-33.3 is installed
  • OR qemu-ppc-2.3.1-33.3 is installed
  • OR qemu-s390-2.3.1-33.3 is installed
  • OR qemu-seabios-1.8.1-33.3 is installed
  • OR qemu-sgabios-8-33.3 is installed
  • OR qemu-tools-2.3.1-33.3 is installed
  • OR qemu-vgabios-1.8.1-33.3 is installed
  • OR qemu-x86-2.3.1-33.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-devel-52.9.0esr-109.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_32-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_11-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR avahi-utils-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND ucode-intel-20191112-13.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.103 is installed
  • OR kernel-default-base-4.4.180-94.103 is installed
  • OR kernel-default-devel-4.4.180-94.103 is installed
  • OR kernel-default-man-4.4.180-94.103 is installed
  • OR kernel-devel-4.4.180-94.103 is installed
  • OR kernel-macros-4.4.180-94.103 is installed
  • OR kernel-source-4.4.180-94.103 is installed
  • OR kernel-syms-4.4.180-94.103 is installed
  • OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ovmf-2017+git1492060560.b6d11d7c46-4.20 is installed
  • OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.20 is installed
  • OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • curl-7.60.0-3.29 is installed
  • OR libcurl-devel-7.60.0-3.29 is installed
  • OR libcurl4-7.60.0-3.29 is installed
  • OR libcurl4-32bit-7.60.0-3.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • libldap-2_4-2-2.4.46-9.31 is installed
  • OR libldap-2_4-2-32bit-2.4.46-9.31 is installed
  • OR libldap-data-2.4.46-9.31 is installed
  • OR openldap2-2.4.46-9.31 is installed
  • OR openldap2-back-meta-2.4.46-9.31 is installed
  • OR openldap2-back-perl-2.4.46-9.31 is installed
  • OR openldap2-client-2.4.46-9.31 is installed
  • OR openldap2-devel-2.4.46-9.31 is installed
  • OR openldap2-devel-32bit-2.4.46-9.31 is installed
  • OR openldap2-devel-static-2.4.46-9.31 is installed
  • OR openldap2-ppolicy-check-password-1.2-9.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • openconnect-7.08-6.3 is installed
  • OR openconnect-devel-7.08-6.3 is installed
  • OR openconnect-lang-7.08-6.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-cinder-7.0.2~a0~dev1-1 is installed
  • OR openstack-cinder-api-7.0.2~a0~dev1-1 is installed
  • OR openstack-cinder-backup-7.0.2~a0~dev1-1 is installed
  • OR openstack-cinder-scheduler-7.0.2~a0~dev1-1 is installed
  • OR openstack-cinder-volume-7.0.2~a0~dev1-1 is installed
  • OR python-cinder-7.0.2~a0~dev1-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • ruby2.1-rubygem-sprockets-2_12-2.12.5-1.3 is installed
  • OR rubygem-sprockets-2_12-2.12.5-1.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND cobbler-2.6.6-49.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND slf4j-1.7.12-3.3 is installed
    • BACK