Overview

File _patchinfo of Package patchinfo.17076

<patchinfo incident="17076">
  <issue tracker="cve" id="2020-25660"/>
  <issue tracker="bnc" id="1177843">VUL-0: EMBARGOED: CVE-2020-25660: ceph: CEPHX_V2 replay attack protection lost (problematic fix for CVE-2018-1128)</issue>
  <issue tracker="bnc" id="1169134">Any user can run any query on the Prometheus datasource</issue>
  <issue tracker="bnc" id="1158257">new OSD creation does not create DB on NVMe even tough c_v_commands shows that it would</issue>
  <issue tracker="bnc" id="1175240">Restful POST call not working due to python2 executed with pyhton3</issue>
  <issue tracker="bnc" id="1175781">ceph-volume lvmcache help is broken</issue>
  <issue tracker="bnc" id="1170487">ceph commands get stuck and is aborted by segmentation fault, supportconfig hangs several minutes in plugin ses</issue>
  <issue tracker="bnc" id="1151612">L3: ceph-volume sets DB device to unavailable, additional OSDs can not use the DB device</issue>
  <issue tracker="bnc" id="1174591">Unable to edit iSCSI target with ACL Authentication enabled.</issue>
  <issue tracker="bnc" id="1175061">L3: Two OSDs fail to start due to "ceph_abort_msg("no available blob id")"</issue>
  <packager>smithfarm</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for ceph</summary>
  <description>This update for ceph fixes the following issues:

- CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges (bsc#1177843).
- Major batch refactor of ceph-volume that addresses a couple of issues (bsc#1151612, bsc#1158257)
- Documented Prometheus' security model (bsc#1169134)
- monclient: Fixed an issue where executing several ceph commands in a short amount of time led to a segmentation fault (bsc#1170487)
- Fixed an issue, where it was not possible to edit an iSCSI logged-in client (bsc#1174591)
- Fixed an issue, where OSDs could not get started after they failed (bsc#1175061)
- Fixed an issue with the restful module, where it aborted on execution for POST calls (bsc#1175240)
- Fixed a many-to-many issue in host-details Grafana dashboard (bsc#1175585)
- Fixed collection_list ordering in os/bluestore (bsc#1172546)
- Fixed help output of lvmcache (bsc#1175781)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places