SUSE Container Update Advisory: ses/7/ceph/ceph ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2020:717-1 Container Tags : ses/7/ceph/ceph:15.2.5.667 , ses/7/ceph/ceph:15.2.5.667.4.21 , ses/7/ceph/ceph:latest , ses/7/ceph/ceph:sle15.2.octopus Container Release : 4.21 Severity : important Type : security References : 1168155 1170200 1171234 1172082 1174099 1174466 1177344 1177843 1178073 1178531 959556 CVE-2020-25660 ----------------------------------------------------------------- The container ses/7/ceph/ceph was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2020:3539-1 Released: Thu Nov 26 15:52:34 2020 Summary: Security update for ceph Type: security Severity: important References: 1170200,1174466,1177344,1177843,1178073,1178531,CVE-2020-25660 This update for ceph fixes the following issues: Security issue fixed: - CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges (bsc#1177843). - mgr/dashboard: Fix for CrushMap viewer items getting compressed vertically (bsc#1170200) - mon: have 'mon stat' output json as well (bsc#1174466) - mgr/dashboard: support Orchestrator and user-defined Ganesha cluster (bsc#1177344) - mgr/dashboard: fix downstream NFS doc links (bsc#1178073) - cephadm: set default container_image to registry.suse.com/ses/7/ceph/ceph (bsc#1178531) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2020:3540-1 Released: Thu Nov 26 15:57:16 2020 Summary: Recommended update for wicked Type: recommended Severity: moderate References: 1168155,1171234,1172082,1174099,959556 This update for wicked fixes the following issues: - Fix to avoid incomplete ifdown/timeout on route deletion error. (bsc#1174099) - Allow 'linuxrc' to send 'RFC2132' without providing the MAC address. (jsc#SLE-15770) - Fixes to ifreload on port changes. (bsc#1168155, bsc#1172082) - Fix schema to use correct 'hwaddr_policy' property. (bsc#1171234) - Enable IPv6 on ports when 'nsna_ping' linkwatch is used. (bsc#959556) The following package changes have been done: - ceph-base-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-common-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-grafana-dashboards-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-mds-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-mgr-cephadm-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-mgr-dashboard-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-mgr-modules-core-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-mgr-rook-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-mgr-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-mon-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-osd-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-prometheus-alerts-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-radosgw-15.2.5.667+g1a579d5bf2-3.3.1 updated - cephadm-15.2.5.667+g1a579d5bf2-3.3.1 updated - ceph-15.2.5.667+g1a579d5bf2-3.3.1 updated - libcephfs2-15.2.5.667+g1a579d5bf2-3.3.1 updated - librados2-15.2.5.667+g1a579d5bf2-3.3.1 updated - librbd1-15.2.5.667+g1a579d5bf2-3.3.1 updated - librgw2-15.2.5.667+g1a579d5bf2-3.3.1 updated - python3-ceph-argparse-15.2.5.667+g1a579d5bf2-3.3.1 updated - python3-ceph-common-15.2.5.667+g1a579d5bf2-3.3.1 updated - python3-cephfs-15.2.5.667+g1a579d5bf2-3.3.1 updated - python3-rados-15.2.5.667+g1a579d5bf2-3.3.1 updated - python3-rbd-15.2.5.667+g1a579d5bf2-3.3.1 updated - python3-rgw-15.2.5.667+g1a579d5bf2-3.3.1 updated - rbd-mirror-15.2.5.667+g1a579d5bf2-3.3.1 updated - wicked-service-0.6.64-3.3.4 updated - wicked-0.6.64-3.3.4 updated - container:sles15-image-15.0.0-8.2.796 updated