SUSE Container Update Advisory: ses/6/ceph/ceph ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:246-1 Container Tags : ses/6/ceph/ceph:14.2.21.410 , ses/6/ceph/ceph:14.2.21.410.1.5.432 , ses/6/ceph/ceph:latest Container Release : 1.5.432 Severity : important Type : security References : 1029961 1106014 1161268 1172308 1178577 1178624 1178675 1179805 1182016 1183194 1183760 1184505 1185049 1185910 1186015 CVE-2020-29651 CVE-2021-3541 ----------------------------------------------------------------- The container ses/6/ceph/ceph was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:1846-1 Released: Fri Jun 4 08:46:37 2021 Summary: Recommended update for mozilla-nss Type: recommended Severity: moderate References: 1185910 This update for mozilla-nss fixes the following issue: - Provide some missing binaries from `mozilla-nss` not added in `SLE-Module-Basesystem_15-SP3`. (bsc#1185910) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:1859-1 Released: Fri Jun 4 09:02:38 2021 Summary: Security update for python-py Type: security Severity: moderate References: 1179805,1184505,CVE-2020-29651 This update for python-py fixes the following issues: - CVE-2020-29651: Fixed regular expression denial of service in svnwc.py (bsc#1179805, bsc#1184505). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:1861-1 Released: Fri Jun 4 09:59:40 2021 Summary: Recommended update for gcc10 Type: recommended Severity: moderate References: 1029961,1106014,1178577,1178624,1178675,1182016 This update for gcc10 fixes the following issues: - Disable nvptx offloading for aarch64 again since it doesn't work - Fixed a build failure issue. (bsc#1182016) - Fix for memory miscompilation on 'aarch64'. (bsc#1178624, bsc#1178577) - Fix 32bit 'libgnat.so' link. (bsc#1178675) - prepare usrmerge: Install libgcc_s into %_libdir. ABI wise it stays /%lib. (bsc#1029961) - Build complete set of multilibs for arm-none target. (bsc#1106014) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:1917-1 Released: Wed Jun 9 14:48:05 2021 Summary: Security update for libxml2 Type: security Severity: moderate References: 1186015,CVE-2021-3541 This update for libxml2 fixes the following issues: - CVE-2021-3541: Fixed exponential entity expansion attack bypasses all existing protection mechanisms. (bsc#1186015) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:1923-1 Released: Thu Jun 10 08:37:00 2021 Summary: Recommended update for nfs-utils Type: recommended Severity: important References: 1183194 This update for nfs-utils fixes the following issues: - Ensured thread safety when opening files over NFS to prevent a use-after-free issue (bsc#1183194) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:1953-1 Released: Thu Jun 10 16:18:50 2021 Summary: Recommended update for gpg2 Type: recommended Severity: moderate References: 1161268,1172308 This update for gpg2 fixes the following issues: - Fixed an issue where the gpg-agent's ssh-agent does not handle flags in signing requests properly (bsc#1161268 and bsc#1172308). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:1967-1 Released: Mon Jun 14 06:49:40 2021 Summary: Recommended update for ceph Type: recommended Severity: important References: 1183760,1185049 This update for ceph fixes the following issues: - os/FileStore: don't propagate split/merge error to 'create'/'remove' (bsc#1183760) - os/FileStore: fix to handle readdir error correctly (bsc#1185049) The following package changes have been done: - ceph-base-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-common-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-fuse-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-grafana-dashboards-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-mds-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-mgr-dashboard-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-mgr-diskprediction-local-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-mgr-rook-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-mgr-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-mon-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-osd-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-radosgw-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - ceph-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - gpg2-2.2.5-4.19.8 updated - libcephfs2-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - libfreebl3-3.53.1-3.53.1 updated - libgcc_s1-10.3.0+git1587-1.6.4 updated - libquadmath0-10.3.0+git1587-1.6.4 updated - librados2-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - librbd1-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - librgw2-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - libsoftokn3-3.53.1-3.53.1 updated - libstdc++6-10.3.0+git1587-1.6.4 updated - libxml2-2-2.9.7-3.37.1 updated - mozilla-nss-certs-3.53.1-3.53.1 updated - mozilla-nss-3.53.1-3.53.1 updated - nfs-client-2.1.1-10.18.1 updated - nfs-kernel-server-2.1.1-10.18.1 updated - python3-ceph-argparse-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - python3-cephfs-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - python3-py-1.8.1-5.6.1 updated - python3-rados-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - python3-rbd-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - python3-rgw-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - rbd-mirror-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - rbd-nbd-14.2.21.410+gdf7b47d7dfd-3.34.1 updated - container:sles15-image-15.0.0-6.2.467 updated