Security update for ceph
This update for ceph fixes the following issues:
Security issues fixed:
- CVE-2018-10861: Ensure that ceph-mon does perform authorization on all OSD pool ops (bsc#1099162)
- CVE-2018-1129: cephx signature check bypass (bsc#1096748)
- CVE-2018-1128: cephx protocol was vulnerable to replay attack (bsc#1096748)
Bugs fixed in 12.2.7-420-gc0ef85b854:
- luminous: osd: eternal stuck PG in 'unfound_recovery' (bsc#1094932)
- bluestore: db.slow used when db is not full (bsc#1092874)
- Upstream fixes and improvements, see https://ceph.com/releases/12-2-7-luminous-released/
This update was imported from the SUSE:SLE-12-SP3:Update update project.
-
Submitted by
Holger Sickenberg (holgisms)
Fixed bugs
bnc#1094932
osd: force restart peering when osd is marked down
bnc#1092874
bluestore: db.slow used when db is not full
bnc#1099162
VUL-0: CVE-2018-10861: ceph: ceph-mon does not perform authorization on OSD pool ops
bnc#1096748
VUL-0: CVE-2018-1128 CVE-2018-1129: ceph: various issues with cephx
