Oval Definition:	oval:org.opensuse.security:def:63965
Revision Date: 2020-12-01 Version: 1 Title: Security update for ceph (Important) Description: This is a version update for ceph to version 12.2.13: Security issue fixed: - CVE-2020-10753: Fixed an HTTP header injection via CORS ExposeHeader tag (bsc#1171921). - Notable changes in this update for ceph: * mgr: telemetry: backported and now available on SES5.5. Please consider enabling via 'ceph telemetry on' (bsc#1171670) * OSD heartbeat ping time: new health warning, options and admin commands (bsc#1171960) * 'osd_calc_pg_upmaps_max_stddev' ceph.conf parameter has been removed; use 'upmap_max_deviation' instead (bsc#1171961) * Default maximum concurrent bluestore rocksdb compaction threads raised from 1 to 2 for improved ability to keep up with rgw bucket index workloads (bsc#1171963) - Bug fixes in this ceph update: * mon: Error message displayed when mon_osd_max_split_count would be exceeded is not as user-friendly as it could be (bsc#1126230) * ceph_volume_client: remove ceph mds calls in favor of ceph fs calls (bsc#1136082) * rgw: crypt: permit RGW-AUTO/default with SSE-S3 headers (bsc#1157607) * mon/AuthMonitor: don't validate fs caps on authorize (bsc#1161096) - Additional bug fixes: * ceph-volume: strip _dmcrypt suffix in simple scan json output (bsc#1162553) Family: unix Class: patch Status: Reference(s): 1065600 1065729 1077717 1088004 1088009 1126230 1130360 1130840 1136082 1138572 1141853 1148931 1149955 1153238 1155094 1155798 1157607 1160878 1160883 1160895 1160912 1161096 1162388 1162423 1162553 1162825 1165692 1168468 1171670 1171675 1171688 1171921 1171960 1171961 1171963 1172743 1173274 1174003 1174091 1174098 1174415 1174701 1175193 1175194 1175599 1175621 1175718 1175807 1176019 1176381 1176400 1176588 1176907 1176979 1177090 1177109 1177121 1177193 1177194 1177206 1177258 1177271 1177283 1177284 1177285 1177286 1177297 1177384 1177511 1177617 1177681 1177683 1177687 1177694 1177697 1177719 1177724 1177725 1177726 1178666 1178667 1178668 802154 954532 CVE-2018-14647 CVE-2018-20852 CVE-2019-12816 CVE-2019-16056 CVE-2019-16935 CVE-2019-18348 CVE-2019-18901 CVE-2019-20907 CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-9674 CVE-2019-9917 CVE-2019-9947 CVE-2020-10753 CVE-2020-12351 CVE-2020-12352 CVE-2020-13867 CVE-2020-14349 CVE-2020-14350 CVE-2020-14422 CVE-2020-15900 CVE-2020-24490 CVE-2020-25212 CVE-2020-25641 CVE-2020-25643 CVE-2020-25645 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-2574 openSUSE-SU-2019:1775-1 openSUSE-SU-2019:2208-1 openSUSE-SU-2020:0696-1 openSUSE-SU-2020:1141-1 openSUSE-SU-2020:1698-1 SUSE-SU-2020:0505-1 SUSE-SU-2020:1748-1 SUSE-SU-2020:2699-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information znc-1.7.4-lp151.2.3 is installed OR znc-devel-1.7.4-lp151.2.3 is installed OR znc-lang-1.7.4-lp151.2.3 is installed OR znc-perl-1.7.4-lp151.2.3 is installed OR znc-python3-1.7.4-lp151.2.3 is installed OR znc-tcl-1.7.4-lp151.2.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information kernel-debug-5.3.18-lp152.47 is installed OR kernel-debug-devel-5.3.18-lp152.47 is installed OR kernel-default-5.3.18-lp152.47 is installed OR kernel-default-devel-5.3.18-lp152.47 is installed OR kernel-devel-5.3.18-lp152.47 is installed OR kernel-docs-5.3.18-lp152.47 is installed OR kernel-docs-html-5.3.18-lp152.47 is installed OR kernel-kvmsmall-5.3.18-lp152.47 is installed OR kernel-kvmsmall-devel-5.3.18-lp152.47 is installed OR kernel-macros-5.3.18-lp152.47 is installed OR kernel-obs-build-5.3.18-lp152.47 is installed OR kernel-obs-qa-5.3.18-lp152.47 is installed OR kernel-preempt-5.3.18-lp152.47 is installed OR kernel-preempt-devel-5.3.18-lp152.47 is installed OR kernel-source-5.3.18-lp152.47 is installed OR kernel-source-vanilla-5.3.18-lp152.47 is installed OR kernel-syms-5.3.18-lp152.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information ceph-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librados2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librbd1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librgw2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rados-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information ghostscript-9.52-23.39 is installed OR ghostscript-x11-9.52-23.39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information libpython3_4m1_0-3.4.10-25.52 is installed OR python3-3.4.10-25.52 is installed OR python3-base-3.4.10-25.52 is installed OR python3-curses-3.4.10-25.52 is installed OR python3-devel-3.4.10-25.52 is installed
BACK