openSUSE-SU-2016:3201-1: moderate: Security update for ceph
openSUSE Security Update: Security update for ceph ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3201-1 Rating: moderate References: #1005179 #1007216 #1008501 #1008894 #1014338 #977940 #982141 #985232 #987144 #990438 #999688 Cross-References: CVE-2016-5009 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves one vulnerability and has 10 fixes is now available. Description: ceph was updated to version 10.2.4 and fixes the following issues: - A moncommand with empty prefix could crash the monitor (boo#987144, CVE-2016-5009) - Detect crc32 extension support from assembler on AArch64 (boo#999688) - Failing file operations on kernel based cephfs mount point could leave unaccessible file behind on hammer 0.94.7 (boo#985232) - Fixed boo#1008501 + ceph_volume_client: fix _recover_auth_meta() method + ceph_volume_client: check if volume metadata is empty + ceph_volume_client: fix partial auth recovery - Avoid ~100% CPU load after OSD creation / first OSD start (boo#1014338) - Fixed boo#990438: civetweb HTTPS support not working - Avoid systemd limiting OSDs (boo#1007216) - Fix "make check" when building unit tests with --with-xio (boo#977940) - Fix build for ppc64le (boo#982141) - Including performance fix for linux dcache hash algorithm (boo#1005179) - Fix invalid command in SOC7 (boo#1008894) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2016-1500=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (x86_64): ceph-10.2.4+git.1481215985.12b091b-4.1 ceph-base-10.2.4+git.1481215985.12b091b-4.1 ceph-base-debuginfo-10.2.4+git.1481215985.12b091b-4.1 ceph-common-10.2.4+git.1481215985.12b091b-4.1 ceph-common-debuginfo-10.2.4+git.1481215985.12b091b-4.1 ceph-fuse-10.2.4+git.1481215985.12b091b-4.1 ceph-fuse-debuginfo-10.2.4+git.1481215985.12b091b-4.1 ceph-mds-10.2.4+git.1481215985.12b091b-4.1 ceph-mds-debuginfo-10.2.4+git.1481215985.12b091b-4.1 ceph-mon-10.2.4+git.1481215985.12b091b-4.1 ceph-mon-debuginfo-10.2.4+git.1481215985.12b091b-4.1 ceph-osd-10.2.4+git.1481215985.12b091b-4.1 ceph-osd-debuginfo-10.2.4+git.1481215985.12b091b-4.1 ceph-radosgw-10.2.4+git.1481215985.12b091b-4.1 ceph-radosgw-debuginfo-10.2.4+git.1481215985.12b091b-4.1 ceph-resource-agents-10.2.4+git.1481215985.12b091b-4.1 ceph-test-10.2.4+git.1481215985.12b091b-4.1 ceph-test-debuginfo-10.2.4+git.1481215985.12b091b-4.1 libcephfs-devel-10.2.4+git.1481215985.12b091b-4.1 libcephfs1-10.2.4+git.1481215985.12b091b-4.1 libcephfs1-debuginfo-10.2.4+git.1481215985.12b091b-4.1 librados-devel-10.2.4+git.1481215985.12b091b-4.1 librados-devel-debuginfo-10.2.4+git.1481215985.12b091b-4.1 librados2-10.2.4+git.1481215985.12b091b-4.1 librados2-debuginfo-10.2.4+git.1481215985.12b091b-4.1 libradosstriper-devel-10.2.4+git.1481215985.12b091b-4.1 libradosstriper1-10.2.4+git.1481215985.12b091b-4.1 libradosstriper1-debuginfo-10.2.4+git.1481215985.12b091b-4.1 librbd-devel-10.2.4+git.1481215985.12b091b-4.1 librbd1-10.2.4+git.1481215985.12b091b-4.1 librbd1-debuginfo-10.2.4+git.1481215985.12b091b-4.1 librgw-devel-10.2.4+git.1481215985.12b091b-4.1 librgw2-10.2.4+git.1481215985.12b091b-4.1 librgw2-debuginfo-10.2.4+git.1481215985.12b091b-4.1 python-ceph-compat-10.2.4+git.1481215985.12b091b-4.1 python-cephfs-10.2.4+git.1481215985.12b091b-4.1 python-cephfs-debuginfo-10.2.4+git.1481215985.12b091b-4.1 python-rados-10.2.4+git.1481215985.12b091b-4.1 python-rados-debuginfo-10.2.4+git.1481215985.12b091b-4.1 python-rbd-10.2.4+git.1481215985.12b091b-4.1 python-rbd-debuginfo-10.2.4+git.1481215985.12b091b-4.1 rbd-fuse-10.2.4+git.1481215985.12b091b-4.1 rbd-fuse-debuginfo-10.2.4+git.1481215985.12b091b-4.1 rbd-mirror-10.2.4+git.1481215985.12b091b-4.1 rbd-mirror-debuginfo-10.2.4+git.1481215985.12b091b-4.1 rbd-nbd-10.2.4+git.1481215985.12b091b-4.1 rbd-nbd-debuginfo-10.2.4+git.1481215985.12b091b-4.1 References: https://www.suse.com/security/cve/CVE-2016-5009.html https://bugzilla.suse.com/1005179 https://bugzilla.suse.com/1007216 https://bugzilla.suse.com/1008501 https://bugzilla.suse.com/1008894 https://bugzilla.suse.com/1014338 https://bugzilla.suse.com/977940 https://bugzilla.suse.com/982141 https://bugzilla.suse.com/985232 https://bugzilla.suse.com/987144 https://bugzilla.suse.com/990438 https://bugzilla.suse.com/999688
participants (1)
-
opensuse-security@opensuse.org