Oval Definition:oval:org.opensuse.security:def:60593
Revision Date:2020-12-01Version:1
Title:Security update for ardana-monasca, ardana-spark, kafka, kafka-kit, openstack-monasca-api (Important)
Description:

This update for ardana-monasca, ardana-spark, kafka, kafka-kit, openstack-monasca-api fixes the following issues:

This update for ardana-monasca to version 8.0+git.1535031421.9262a47 fixes these issues:

- Requests Apache to reload on change (bsc#1102662) - Avoids managing non-Monasca users (bsc#1102662) - Line up perms on storm.conf to match rpm (bsc#1094971)

This update for ardana-spark to version 8.0+git.1532114050.04654a8 fixes this issue:

- Only set log dir perms on legacy install (bsc#1094851)

This update for kafka to version 0.10.2.2 fixes this security issue:

- CVE-2018-1288: Authenticated Kafka users may have performed action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss (bsc#1102920).

This update for kafka to version 0.10.2.2 fixes these non-security issues:

- set internal.leave.group.on.close to false in KafkaStreams - Improve message for Kafka failed startup with non-Kafka data in data.dirs - add max_number _of_retries to exponential backoff strategy - Mute logger for reflections.org at the warn level in system tests - Kafka connect: error with special characters in connector name - streams task gets stuck after re-balance due to LockException - CachingSessionStore doesn't use the default keySerde. - RocksDBSessionStore doesn't use default aggSerde. - Recommended values for Connect transformations contain the wrong class name - Kafka broker fails to start if a topic containing dot in its name is marked for delete but hasn't been deleted during previous uptime - GlobalKTable does not checkpoint offsets after restoring state - Log cleaning can increase message size and cause cleaner to crash with buffer overflow - Some socket connections not closed after restart of Kafka Streams - Distributed Herder Deadlocks on Shutdown - Log cleaner fails due to large offset in segment file - StreamsKafkaClient should not use StreamsConfig.POLL_MS_CONFIG - Refactor kafkatest docker support - ducktape kafka service: do not assume Service contains num_nodes - Using _DUCKTAPE_OPTIONS has no effect on executing tests - Connect WorkerSinkTask out of order offset commit can lead to inconsistent state - RocksDB segments not removed when store is closed causes re-initialization to fail - FetchMetadata creates unneeded Strings on instantiation - SourceTask#stop() not called after exception raised in poll() - Sink connectors that explicitly 'resume' topic partitions can resume a paused task - GlobalStateManagerImpl should not write offsets of in-memory stores in checkpoint file - Source KTable checkpoint is not correct - ConnectSchema#equals() broken for array-typed default values

This update for openstack-monasca-api to version 2.2.1~dev24 fixes these issues:

- devstack: download storm from archive.apache.org - Backport tempest test robustness improvements - 1724543-fixed kafka partition creation error in devstack installation - Fix:No alarms created if metric name in alarm def. expr. is mix case - Zuul: Remove project name - Run against Pike requirements
Family:unixClass:patch
Status:Reference(s):1055478
1070737
1091041
1094851
1094971
1101820
1102662
1102840
1102920
1104076
1111056
1111657
1119461
1119465
1120767
1124493
1131107
1136468
1138190
1138748
1139945
1142880
1142882
1142883
1142885
1145092
1146544
1146612
1149332
1149792
1150466
1150483
1152631
1153108
1153811
1154905
1155689
1155897
1155898
1156187
1156317
1156321
1156331
1157038
1157042
1157070
1157143
1157158
1157191
1157324
1157333
1157464
1157770
1158132
1158394
1158398
1158410
1158413
1158417
1158445
1158823
1158824
1158827
1158834
1158900
1158903
1158904
1158954
1160039
1165784
1170601
1171863
1171864
1171866
1171878
1172085
1172745
1173100
1173659
1173661
1173663
1173867
1173869
1173902
1173942
1173963
1173994
1174247
1174421
1176013
1177158
1177613
1177914
981848
CVE-2018-1000872
CVE-2018-10903
CVE-2018-12472
CVE-2018-1288
CVE-2018-20856
CVE-2019-0155
CVE-2019-10208
CVE-2019-10220
CVE-2019-12308
CVE-2019-12781
CVE-2019-13272
CVE-2019-14232
CVE-2019-14233
CVE-2019-14234
CVE-2019-14235
CVE-2019-14895
CVE-2019-14895
CVE-2019-14901
CVE-2019-15213
CVE-2019-15239
CVE-2019-16231
CVE-2019-16746
CVE-2019-18660
CVE-2019-18680
CVE-2019-18680
CVE-2019-18683
CVE-2019-18805
CVE-2019-19052
CVE-2019-19062
CVE-2019-19065
CVE-2019-19073
CVE-2019-19074
CVE-2019-19332
CVE-2019-19338
CVE-2019-19447
CVE-2019-19523
CVE-2019-19524
CVE-2019-19525
CVE-2019-19527
CVE-2019-19530
CVE-2019-19531
CVE-2019-19532
CVE-2019-19533
CVE-2019-19534
CVE-2019-19535
CVE-2019-19536
CVE-2019-19537
CVE-2019-3820
CVE-2019-9458
CVE-2020-10029
CVE-2020-10543
CVE-2020-10878
CVE-2020-11668
CVE-2020-12723
CVE-2020-14318
CVE-2020-14323
CVE-2020-14331
CVE-2020-14355
CVE-2020-14383
CVE-2020-15705
CVE-2020-15999
SUSE-SU-2018:3467-1
SUSE-SU-2018:3563-1
SUSE-SU-2019:0391-1
SUSE-SU-2019:1390-1
SUSE-SU-2019:2257-1
SUSE-SU-2019:3228-1
SUSE-SU-2019:3379-1
SUSE-SU-2020:0792-1
SUSE-SU-2020:1662-1
SUSE-SU-2020:2304-1
SUSE-SU-2020:3085-1
SUSE-SU-2020:3093-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • xen-4.10.1_06-lp150.2.6 is installed
  • OR xen-devel-4.10.1_06-lp150.2.6 is installed
  • OR xen-doc-html-4.10.1_06-lp150.2.6 is installed
  • OR xen-libs-4.10.1_06-lp150.2.6 is installed
  • OR xen-libs-32bit-4.10.1_06-lp150.2.6 is installed
  • OR xen-tools-4.10.1_06-lp150.2.6 is installed
  • OR xen-tools-domU-4.10.1_06-lp150.2.6 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exempi-2.4.5-lp151.3.3 is installed
  • OR exempi-tools-2.4.5-lp151.3.3 is installed
  • OR libexempi-devel-2.4.5-lp151.3.3 is installed
  • OR libexempi3-2.4.5-lp151.3.3 is installed
  • OR libexempi3-32bit-2.4.5-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • res-signingkeys-3.0.38-52.26 is installed
  • OR smt-3.0.38-52.26 is installed
  • OR smt-support-3.0.38-52.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.6 is installed
  • OR libssh2-1-32bit-1.4.3-20.6 is installed
  • OR libssh2_org-1.4.3-20.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND shim-15+git47-25.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ardana-monasca-8.0+git.1535031421.9262a47-3.12 is installed
  • OR ardana-spark-8.0+git.1534267176.a5f3a22-3.6 is installed
  • OR kafka-0.10.2.2-5.6 is installed
  • OR openstack-monasca-api-2.2.1~dev24-3.6 is installed
  • OR python-monasca-api-2.2.1~dev24-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.4-2.59 is installed
  • OR libwebkit2gtk-4_0-37-2.28.4-2.59 is installed
  • OR libwebkit2gtk3-lang-2.28.4-2.59 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.4-2.59 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.4-2.59 is installed
  • OR webkit2gtk3-2.28.4-2.59 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-PyKMIP-0.6.0-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND squid-3.5.21-26.29 is installed
    • BACK