Oval Definition:oval:org.opensuse.security:def:65476
Revision Date:2020-12-01Version:1
Title:Security update for ceph, ceph-iscsi, ses-manual_en (Moderate)
Description:

This update for ceph, ceph-iscsi and ses-manual_en fixes the following issues:

Security issues fixed:

- CVE-2019-10222: Fixed RGW crash caused by unauthenticated clients. (bsc#1145093)

Non-security issues-fixed:

- ceph-volume: prints errors to stdout with --format json (bsc#1132767) - mgr/dashboard: Changing rgw-api-host does not get effective without disable/enable dashboard mgr module (bsc#1137503) - mgr/dashboard: Silence Alertmanager alerts (bsc#1141174) - mgr/dashboard: Fix e2e failures caused by webdriver version (bsc#1145759) - librbd: always try to acquire exclusive lock when removing image (bsc#1149093) - The no{up,down,in,out} related commands have been revamped (bsc#1151990) - radosgw-admin gets two new subcommands for managing expire-stale objects. (bsc#1151991) - Deploying a single new BlueStore OSD on a cluster upgraded to SES6 from SES5 breaks pool utilization stats reported by ceph df (bsc#1151992) - Ceph cluster will no longer issue a health warning if CRUSH tunables are older than 'hammer' (bsc#1151993) - Nautilus-based librbd clients can not open images on Jewel clusters (bsc#1151994) - The RGW num_rados_handles has been removed in Ceph 14.2.3 (bsc#1151995) - 'osd_deep_scrub_large_omap_object_key_threshold' has been lowered in Nautilus 14.2.3 (bsc#1152002) - Support iSCSI target-level CHAP authentication (bsc#1145617) - Validation and render of iSCSI controls based 'type' (bsc#1140491) - Fix error editing iSCSI image advanced settings (bsc#1146656) - Fix error during iSCSI target edit

Fixes in ses-manual_en:

- Added a new chapter with changelogs of Ceph releases. (bsc#1135584) - Rewrote rolling updates and replaced running stage.0 with manual commands to prevent infinite loop. (bsc#1134444) - Improved name of CaaSP to its fuller version. (bsc#1151439) - Verify which OSD's are going to be removed before running stage.5. (bsc#1150406) - Added two additional steps to recovering an OSD. (bsc#1147132)

Fixes in ceph-iscsi:

- Validate kernel LIO controls type and value (bsc#1140491) - TPG lun_id persistence (bsc#1145618) - Target level CHAP authentication (bsc#1145617)

ceph-iscsi was updated to the upstream 3.2 release:

- Always use host FQDN instead of shortname - Validate min/max value for target controls and rbd:user/tcmu-runner image controls (bsc#1140491)

Family:unixClass:patch
Status:Reference(s):1132767
1134444
1135584
1137503
1140491
1141174
1145093
1145617
1145618
1145759
1146656
1147132
1149093
1150406
1151439
1151990
1151991
1151992
1151993
1151994
1151995
1152002
1170452
CVE-2019-10222
CVE-2020-12105
SUSE-SU-2019:2736-1
SUSE-SU-2020:1337-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • ceph-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-base-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-fuse-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-grafana-dashboards-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-mds-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-mgr-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-mgr-dashboard-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-mgr-diskprediction-cloud-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-mgr-diskprediction-local-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-mgr-rook-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-mgr-ssh-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-mon-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-osd-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-radosgw-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR ceph-test-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR cephfs-shell-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR rbd-fuse-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR rbd-mirror-14.2.4.373+gc3e67ed133-3.19 is installed
  • OR rbd-nbd-14.2.4.373+gc3e67ed133-3.19 is installed
  • BACK