Oval Definition:oval:org.opensuse.security:def:60982
Revision Date:2020-12-01Version:1
Title:Security update for ceph (Important)
Description:

This is a version update for ceph to version 12.2.13:

Security issue fixed:

- CVE-2020-10753: Fixed an HTTP header injection via CORS ExposeHeader tag (bsc#1171921).

- Notable changes in this update for ceph: * mgr: telemetry: backported and now available on SES5.5. Please consider enabling via 'ceph telemetry on' (bsc#1171670) * OSD heartbeat ping time: new health warning, options and admin commands (bsc#1171960) * 'osd_calc_pg_upmaps_max_stddev' ceph.conf parameter has been removed; use 'upmap_max_deviation' instead (bsc#1171961) * Default maximum concurrent bluestore rocksdb compaction threads raised from 1 to 2 for improved ability to keep up with rgw bucket index workloads (bsc#1171963)

- Bug fixes in this ceph update: * mon: Error message displayed when mon_osd_max_split_count would be exceeded is not as user-friendly as it could be (bsc#1126230) * ceph_volume_client: remove ceph mds calls in favor of ceph fs calls (bsc#1136082) * rgw: crypt: permit RGW-AUTO/default with SSE-S3 headers (bsc#1157607) * mon/AuthMonitor: don't validate fs caps on authorize (bsc#1161096)

- Additional bug fixes: * ceph-volume: strip _dmcrypt suffix in simple scan json output (bsc#1162553)
Family:unixClass:patch
Status:Reference(s):1008325
1038984
1045735
1047785
1054088
1054671
1055920
1056334
1056386
1083302
1083303
1084604
1085449
1093311
1109673
1113231
1114957
1116717
1117001
1117260
1117275
1119493
1121600
1123156
1126230
1130721
1131233
1131237
1131239
1131241
1131245
1136082
1149294
1149295
1149296
1149297
1149298
1149299
1149303
1149304
1149324
1155094
1157607
1160467
1160468
1161096
1162224
1162367
1162553
1162825
1165439
1165894
1171670
1171921
1171960
1171961
1171963
1174157
1174628
1178588
CVE-2017-13672
CVE-2017-13673
CVE-2017-7436
CVE-2018-1417
CVE-2018-16872
CVE-2018-17407
CVE-2018-18954
CVE-2018-19364
CVE-2018-19416
CVE-2018-19489
CVE-2018-19517
CVE-2018-2783
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-2825
CVE-2018-2826
CVE-2018-5732
CVE-2018-5733
CVE-2018-7858
CVE-2019-0196
CVE-2019-0197
CVE-2019-0211
CVE-2019-0217
CVE-2019-0220
CVE-2019-11740
CVE-2019-11742
CVE-2019-11743
CVE-2019-11744
CVE-2019-11746
CVE-2019-11752
CVE-2019-11753
CVE-2019-14896
CVE-2019-14897
CVE-2019-1787
CVE-2019-1788
CVE-2019-1789
CVE-2019-18348
CVE-2019-6778
CVE-2019-9674
CVE-2019-9812
CVE-2020-10753
CVE-2020-14344
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-1747
CVE-2020-26950
CVE-2020-8492
SUSE-SU-2017:2344-1
SUSE-SU-2018:0812-1
SUSE-SU-2018:1738-1
SUSE-SU-2018:3033-1
SUSE-SU-2019:2436-1
SUSE-SU-2020:0854-1
SUSE-SU-2020:1285-1
SUSE-SU-2020:1748-1
SUSE-SU-2020:2196-1
SUSE-SU-2020:2861-1
SUSE-SU-2020:3331-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libmirage-3.2.2-lp151.3.3 is installed
  • OR libmirage-3_2-3.2.2-lp151.3.3 is installed
  • OR libmirage-data-3.2.2-lp151.3.3 is installed
  • OR libmirage-devel-3.2.2-lp151.3.3 is installed
  • OR libmirage-lang-3.2.2-lp151.3.3 is installed
  • OR libmirage11-3.2.2-lp151.3.3 is installed
  • OR typelib-1_0-libmirage-3_2-3.2.2-lp151.3.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • ant-1.10.7-lp152.2.3 is installed
  • OR ant-antlr-1.10.7-lp152.2.3 is installed
  • OR ant-apache-bcel-1.10.7-lp152.2.3 is installed
  • OR ant-apache-bsf-1.10.7-lp152.2.3 is installed
  • OR ant-apache-log4j-1.10.7-lp152.2.3 is installed
  • OR ant-apache-oro-1.10.7-lp152.2.3 is installed
  • OR ant-apache-regexp-1.10.7-lp152.2.3 is installed
  • OR ant-apache-resolver-1.10.7-lp152.2.3 is installed
  • OR ant-apache-xalan2-1.10.7-lp152.2.3 is installed
  • OR ant-commons-logging-1.10.7-lp152.2.3 is installed
  • OR ant-commons-net-1.10.7-lp152.2.3 is installed
  • OR ant-imageio-1.10.7-lp152.2.3 is installed
  • OR ant-javamail-1.10.7-lp152.2.3 is installed
  • OR ant-jdepend-1.10.7-lp152.2.3 is installed
  • OR ant-jmf-1.10.7-lp152.2.3 is installed
  • OR ant-jsch-1.10.7-lp152.2.3 is installed
  • OR ant-junit-1.10.7-lp152.2.3 is installed
  • OR ant-junit5-1.10.7-lp152.2.3 is installed
  • OR ant-manual-1.10.7-lp152.2.3 is installed
  • OR ant-scripts-1.10.7-lp152.2.3 is installed
  • OR ant-swing-1.10.7-lp152.2.3 is installed
  • OR ant-testutil-1.10.7-lp152.2.3 is installed
  • OR ant-xz-1.10.7-lp152.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libzypp-16.15.6-2.8 is installed
  • OR zypper-1.13.32-21.3 is installed
  • OR zypper-log-1.13.32-21.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-60.9.0-109.86 is installed
  • OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_178-94_91-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_25-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • python-PyYAML-5.1.2-26.12 is installed
  • OR python3-PyYAML-5.1.2-26.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • sysstat-12.0.2-10.18 is installed
  • OR sysstat-isag-12.0.2-10.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND cifs-utils-6.5-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • libX11-1.6.2-12.8 is installed
  • OR libX11-6-1.6.2-12.8 is installed
  • OR libX11-6-32bit-1.6.2-12.8 is installed
  • OR libX11-data-1.6.2-12.8 is installed
  • OR libX11-xcb1-1.6.2-12.8 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.8 is installed
  • OR libxcb-1.10-4.5 is installed
  • OR libxcb-dri2-0-1.10-4.5 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.5 is installed
  • OR libxcb-dri3-0-1.10-4.5 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.5 is installed
  • OR libxcb-glx0-1.10-4.5 is installed
  • OR libxcb-glx0-32bit-1.10-4.5 is installed
  • OR libxcb-present0-1.10-4.5 is installed
  • OR libxcb-present0-32bit-1.10-4.5 is installed
  • OR libxcb-randr0-1.10-4.5 is installed
  • OR libxcb-render0-1.10-4.5 is installed
  • OR libxcb-render0-32bit-1.10-4.5 is installed
  • OR libxcb-shape0-1.10-4.5 is installed
  • OR libxcb-shm0-1.10-4.5 is installed
  • OR libxcb-shm0-32bit-1.10-4.5 is installed
  • OR libxcb-sync1-1.10-4.5 is installed
  • OR libxcb-sync1-32bit-1.10-4.5 is installed
  • OR libxcb-xf86dri0-1.10-4.5 is installed
  • OR libxcb-xfixes0-1.10-4.5 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.5 is installed
  • OR libxcb-xinerama0-1.10-4.5 is installed
  • OR libxcb-xkb1-1.10-4.5 is installed
  • OR libxcb-xkb1-32bit-1.10-4.5 is installed
  • OR libxcb-xv0-1.10-4.5 is installed
  • OR libxcb1-1.10-4.5 is installed
  • OR libxcb1-32bit-1.10-4.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libX11-1.6.2-12.12 is installed
  • OR libX11-6-1.6.2-12.12 is installed
  • OR libX11-6-32bit-1.6.2-12.12 is installed
  • OR libX11-data-1.6.2-12.12 is installed
  • OR libX11-xcb1-1.6.2-12.12 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • xen-4.11.4_04-2.30 is installed
  • OR xen-doc-html-4.11.4_04-2.30 is installed
  • OR xen-libs-4.11.4_04-2.30 is installed
  • OR xen-libs-32bit-4.11.4_04-2.30 is installed
  • OR xen-tools-4.11.4_04-2.30 is installed
  • OR xen-tools-domU-4.11.4_04-2.30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ceph-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR librados2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR librbd1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR librgw2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR python-rados-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
    • BACK