Security update for ceph
This update for ceph fixes the following issues:
Security issues fixed:
- CVE-2020-27781: Fixed a privilege escalation via the ceph_volume_client Python interface (bsc#1179802 bsc#1180155).
Non-security issues fixed:
- Fixes an issue when check in legacy collection reaches end. (bsc#1179139)
- Fixes an issue when storage service stops. (bsc#1178837)
- Fix for failing test run due to missing module 'six'. (bsc#1179452)
- Provide a different name for the fallback allocator in bluestore. (bsc#1180118)
This update was imported from the SUSE:SLE-15-SP1:Update update project.
-
Submitted by
Nathan Cutler (smithfarm)
Fixed bugs
bnc#1179452
make check test run-tox-mgr-insights fails due to missing "six" module
bnc#1179139
collection_list_legacy: pg inconsistent
bnc#1178837
L3-Question: What is the root cause of storage service stop?
bnc#1179802
VUL-0: CVE-2020-27781: ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
bnc#1180118
L3: Running "ceph-bluestore-tool repair" after upgrade to SES 6 fails on one OSD
bnc#1180155
VUL-0: CVE-2020-27781: ceph: cephx privilege escalation possible via ceph_volume_client Python interface
