Mailinglist Archive: opensuse-updates (113 mails)

< Previous Next >
openSUSE-SU-2017:0910-1: moderate: Recommended update for ceph
openSUSE Security Update: Recommended update for ceph
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:0910-1
Rating: moderate
References: #1003891 #1008435 #1008501 #1012100 #1014986
#1015748 #1019616 #970642
Cross-References: CVE-2016-9579
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________

An update that solves one vulnerability and has 7 fixes is
now available.

Description:


This ceph version update to 10.2.6+git fixes the following issues:

Security issues fixed:
- CVE-2016-9579: RGW server DoS via request with invalid HTTP Origin
header (boo#1014986).

Bugfixes:
- Update to version 10.2.6+git.1489493035.3ad7a68
- "tools/rados: default to include clone objects when excuting
"cache-flush-evict-all" (boo#1003891)
- mon,ceph-disk: add lockbox permissions to bootstrap-osd (boo#1008435)
- "ceph_volume_client: fix _recover_auth_meta() method" (boo#1008501)
- "systemd/ceph-disk: reduce ceph-disk flock contention" (boo#1012100)
- "doc: add verbiage to rbdmap manpage" and "Add Install section to
systemd rbdmap.service file" (boo#1015748)
- ceph-disk: systemd unit must run after local-fs.target (boo#1012100)
- build/ops: restart ceph-osd@.service after 20s instead of 100ms
(boo#1019616)
- doc: add verbiage to rbdmap manpage and mention rbdmap in RBD quick
start (boo#1015748)
- doc: ceph-deploy man: remove references to mds destroy. Not implemented
(boo#970642)

Feature enhancements:
- FATE#321098:
* rpm: deobfuscate SUSE-specific bconds
* rpm: consider xio bcond on x86_64 and aarch64 only
* rpm: remove s390 from SES ExclusiveArch
* rpm: limit lttng/babeltrace to architectures
* rpm: limit xio build
* rpm: enable build for s390(x) in SLE
* rpm: add "without valgrind_devel" configure option


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-421=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.2 (x86_64):

ceph-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-base-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-base-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-common-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-common-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-fuse-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-fuse-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-mds-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-mds-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-mon-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-mon-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-osd-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-osd-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-radosgw-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-radosgw-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-resource-agents-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-test-10.2.6+git.1489493035.3ad7a68-6.4.1
ceph-test-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
libcephfs-devel-10.2.6+git.1489493035.3ad7a68-6.4.1
libcephfs1-10.2.6+git.1489493035.3ad7a68-6.4.1
libcephfs1-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
librados-devel-10.2.6+git.1489493035.3ad7a68-6.4.1
librados-devel-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
librados2-10.2.6+git.1489493035.3ad7a68-6.4.1
librados2-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
libradosstriper-devel-10.2.6+git.1489493035.3ad7a68-6.4.1
libradosstriper1-10.2.6+git.1489493035.3ad7a68-6.4.1
libradosstriper1-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
librbd-devel-10.2.6+git.1489493035.3ad7a68-6.4.1
librbd1-10.2.6+git.1489493035.3ad7a68-6.4.1
librbd1-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
librgw-devel-10.2.6+git.1489493035.3ad7a68-6.4.1
librgw2-10.2.6+git.1489493035.3ad7a68-6.4.1
librgw2-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
python-ceph-compat-10.2.6+git.1489493035.3ad7a68-6.4.1
python-cephfs-10.2.6+git.1489493035.3ad7a68-6.4.1
python-cephfs-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
python-rados-10.2.6+git.1489493035.3ad7a68-6.4.1
python-rados-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
python-rbd-10.2.6+git.1489493035.3ad7a68-6.4.1
python-rbd-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
rbd-fuse-10.2.6+git.1489493035.3ad7a68-6.4.1
rbd-fuse-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
rbd-mirror-10.2.6+git.1489493035.3ad7a68-6.4.1
rbd-mirror-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1
rbd-nbd-10.2.6+git.1489493035.3ad7a68-6.4.1
rbd-nbd-debuginfo-10.2.6+git.1489493035.3ad7a68-6.4.1


References:

https://www.suse.com/security/cve/CVE-2016-9579.html
https://bugzilla.suse.com/1003891
https://bugzilla.suse.com/1008435
https://bugzilla.suse.com/1008501
https://bugzilla.suse.com/1012100
https://bugzilla.suse.com/1014986
https://bugzilla.suse.com/1015748
https://bugzilla.suse.com/1019616
https://bugzilla.suse.com/970642


< Previous Next >
This Thread
  • No further messages