openSUSE-SU-2016:3201-1: moderate: Security update for ceph

20 Dec 2016

      openSUSE Security Update: Security update for ceph
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:3201-1
Rating:             moderate
References:         #1005179 #1007216 #1008501 #1008894 #1014338 
                    #977940 #982141 #985232 #987144 #990438 #999688 

Cross-References:   CVE-2016-5009
Affected Products:
                    openSUSE Leap 42.2
______________________________________________________________________________

   An update that solves one vulnerability and has 10 fixes is
   now available.

Description:

   ceph was updated to version 10.2.4 and fixes the following issues:

   - A moncommand with empty prefix could crash the monitor (boo#987144,
     CVE-2016-5009)
   - Detect crc32 extension support from assembler on AArch64 (boo#999688)
   - Failing file operations on kernel based cephfs mount point could leave
     unaccessible file behind on hammer 0.94.7 (boo#985232)
   - Fixed boo#1008501
     + ceph_volume_client: fix _recover_auth_meta() method
     + ceph_volume_client: check if volume metadata is empty
     + ceph_volume_client: fix partial auth recovery
   - Avoid ~100% CPU load after OSD creation / first OSD start (boo#1014338)
   - Fixed boo#990438: civetweb HTTPS support not working
   - Avoid systemd limiting OSDs (boo#1007216)
   - Fix "make check" when building unit tests with --with-xio (boo#977940)
   - Fix build for ppc64le (boo#982141)
   - Including performance fix for linux dcache hash algorithm (boo#1005179)
   - Fix invalid command in SOC7 (boo#1008894)

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.2:

      zypper in -t patch openSUSE-2016-1500=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE Leap 42.2 (x86_64):

      ceph-10.2.4+git.1481215985.12b091b-4.1
      ceph-base-10.2.4+git.1481215985.12b091b-4.1
      ceph-base-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      ceph-common-10.2.4+git.1481215985.12b091b-4.1
      ceph-common-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      ceph-fuse-10.2.4+git.1481215985.12b091b-4.1
      ceph-fuse-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      ceph-mds-10.2.4+git.1481215985.12b091b-4.1
      ceph-mds-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      ceph-mon-10.2.4+git.1481215985.12b091b-4.1
      ceph-mon-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      ceph-osd-10.2.4+git.1481215985.12b091b-4.1
      ceph-osd-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      ceph-radosgw-10.2.4+git.1481215985.12b091b-4.1
      ceph-radosgw-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      ceph-resource-agents-10.2.4+git.1481215985.12b091b-4.1
      ceph-test-10.2.4+git.1481215985.12b091b-4.1
      ceph-test-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      libcephfs-devel-10.2.4+git.1481215985.12b091b-4.1
      libcephfs1-10.2.4+git.1481215985.12b091b-4.1
      libcephfs1-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      librados-devel-10.2.4+git.1481215985.12b091b-4.1
      librados-devel-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      librados2-10.2.4+git.1481215985.12b091b-4.1
      librados2-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      libradosstriper-devel-10.2.4+git.1481215985.12b091b-4.1
      libradosstriper1-10.2.4+git.1481215985.12b091b-4.1
      libradosstriper1-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      librbd-devel-10.2.4+git.1481215985.12b091b-4.1
      librbd1-10.2.4+git.1481215985.12b091b-4.1
      librbd1-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      librgw-devel-10.2.4+git.1481215985.12b091b-4.1
      librgw2-10.2.4+git.1481215985.12b091b-4.1
      librgw2-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      python-ceph-compat-10.2.4+git.1481215985.12b091b-4.1
      python-cephfs-10.2.4+git.1481215985.12b091b-4.1
      python-cephfs-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      python-rados-10.2.4+git.1481215985.12b091b-4.1
      python-rados-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      python-rbd-10.2.4+git.1481215985.12b091b-4.1
      python-rbd-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      rbd-fuse-10.2.4+git.1481215985.12b091b-4.1
      rbd-fuse-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      rbd-mirror-10.2.4+git.1481215985.12b091b-4.1
      rbd-mirror-debuginfo-10.2.4+git.1481215985.12b091b-4.1
      rbd-nbd-10.2.4+git.1481215985.12b091b-4.1
      rbd-nbd-debuginfo-10.2.4+git.1481215985.12b091b-4.1

References:

   https://www.suse.com/security/cve/CVE-2016-5009.html
   https://bugzilla.suse.com/1005179
   https://bugzilla.suse.com/1007216
   https://bugzilla.suse.com/1008501
   https://bugzilla.suse.com/1008894
   https://bugzilla.suse.com/1014338
   https://bugzilla.suse.com/977940
   https://bugzilla.suse.com/982141
   https://bugzilla.suse.com/985232
   https://bugzilla.suse.com/987144
   https://bugzilla.suse.com/990438
   https://bugzilla.suse.com/999688

openSUSE-SU-2016:3201-1: moderate: Security update for ceph

opensuse-security＠opensuse.org