Security update for ceph (moderate)

2020-11-2700:00:00

lists.opensuse.org

0.001 Low

EPSS

Percentile

43.7%

JSON

An update that solves one vulnerability and has 8 fixes is
now available.

Description:

This update for ceph fixes the following issues:

CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges (bsc#1177843).
Major batch refactor of ceph-volume that addresses a couple of issues
(bsc#1151612, bsc#1158257)
Documented Prometheus’ security model (bsc#1169134)
monclient: Fixed an issue where executing several ceph commands in a
short amount of time led to a segmentation fault (bsc#1170487)
Fixed an issue, where it was not possible to edit an iSCSI logged-in
client (bsc#1174591)
Fixed an issue, where OSDs could not get started after they failed
(bsc#1175061)
Fixed an issue with the restful module, where it aborted on execution
for POST calls (bsc#1175240)
Fixed a many-to-many issue in host-details Grafana dashboard
(bsc#1175585)
Fixed collection_list ordering in os/bluestore (bsc#1172546)
Fixed help output of lvmcache (bsc#1175781)

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-2057=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1noarch< - openSUSE Leap 15.1 (noarch):- openSUSE Leap 15.1 (noarch):.noarch.rpm
openSUSE Leap15.1x86_64< - openSUSE Leap 15.1 (x86_64):- openSUSE Leap 15.1 (x86_64):.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	15.1	noarch		< - openSUSE Leap 15.1 (noarch):	- openSUSE Leap 15.1 (noarch):.noarch.rpm
openSUSE Leap	15.1	x86_64		< - openSUSE Leap 15.1 (x86_64):	- openSUSE Leap 15.1 (x86_64):.x86_64.rpm