Overview
Security update for ceph

This update for ceph fixes the following issues:

Security issue fixed:

- CVE-2020-27781: Fixed a privilege escalation via the ceph_volume_client Python interface (bsc#1180155, bsc#1179802).

Non-security issues fixed:

- Update to 15.2.8-80-g1f4b6229ca:
+ Rebase on tip of upstream "octopus" branch, SHA1 bdf3eebcd22d7d0b3dd4d5501bee5bac354d5b55
* upstream Octopus v15.2.8 release, see https://ceph.io/releases/v15-2-8-octopus-released/

- Update to 15.2.7-776-g343cd10fe5:
+ Rebase on tip of upstream "octopus" branch, SHA1 1b8a634fdcd94dfb3ba650793fb1b6d09af65e05
* (bsc#1178860) mgr/dashboard: Disable TLS 1.0 and 1.1
+ (bsc#1179016) rpm: require smartmontools on SUSE
+ (bsc#1180107) ceph-volume: pass --filter-for-batch from drive-group subcommand

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Fixed bugs
bnc#1179802
VUL-0: CVE-2020-27781: ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
bnc#1180155
(CVE-2020-27781) cephx privilege escalation possible via ceph_volume_client Python interface
bnc#1180107
L3: ceph-volume drive-group trying to add nodes root disk to lvm [ref:_00D1igLOd._5001iX9vJP:ref]
bnc#1178860
L3: SES6: Disable TLS 1.0 to fix CEPH nodes vulnerabilities
bnc#1179016
L3: Dashboard shows "error code -22" under Cluster > OSDs > Device Health
CVE-2020-27781
Selected Binaries
openSUSE Build Service is sponsored by
Places