Overview

File _patchinfo of Package patchinfo.12636

<patchinfo incident="12636">
  <issue tracker="bnc" id="1132767">ceph-volume prints errors to stdout with --format json</issue>
  <issue tracker="bnc" id="1134444">[doc] 1.10  Updating the Cluster Nodes can cause infinite loop</issue>
  <issue tracker="bnc" id="1135584">doc and processes -&gt; need pro-active information of major changes (patch info), release notes and documentation</issue>
  <issue tracker="bnc" id="1137503">Changing rgw-api-host does not get effective without disable/enable dashboard mgr module</issue>
  <issue tracker="bnc" id="1141174">Dashboard: Silence Alertmanager alerts missing  from Ceph 14.2.2</issue>
  <issue tracker="bnc" id="1145093">VUL-0: CVE-2019-10222: ceph: unauthenticated clients can crash RGW</issue>
  <issue tracker="bnc" id="1145759">ceph-dashboard-e2e test is failing due to outdated Chrome webdriver</issue>
  <issue tracker="bnc" id="1147132">[doc] 1.8  Recovering a Reinstalled OSD Node</issue>
  <issue tracker="bnc" id="1149093">too slow to delete a big empty volume</issue>
  <issue tracker="bnc" id="1150406">SES5.5: Documentation needs to include "salt-run rescinded.ids" command prior to running stage.5 as a validation tool.</issue>
  <issue tracker="bnc" id="1151439">[doc] 13  SUSE Enterprise Storage 6 on top of CaaSPv4 Kubernetes Cluster</issue>
  <issue tracker="bnc" id="1151990">The no{up,down,in,out} related commands have been revamped</issue>
  <issue tracker="bnc" id="1151991">radosgw-admin gets two new subcommands for managing expire-stale objects</issue>
  <issue tracker="bnc" id="1151992">Deploying a single new BlueStore OSD on a cluster upgraded to SES6 from SES5 breaks pool utilization stats reported by ceph df</issue>
  <issue tracker="bnc" id="1151993">As of 14.2.2, Ceph cluster will issue a health warning if CRUSH tunables are older than "hammer"</issue>
  <issue tracker="bnc" id="1151994">Nautilus-based librbd clients can not open images on Jewel clusters</issue>
  <issue tracker="bnc" id="1151995">The RGW num_rados_handles has been removed in Ceph 14.2.3</issue>
  <issue tracker="bnc" id="1152002">"osd_deep_scrub_large_omap_object_key_threshold" has been lowered in Nautilus 14.2.3</issue>
  <issue tracker="bnc" id="1145617">L3: iSCSI TPG auth configuration dropped during upgrade from SES 5.x to SES 6</issue>
  <issue tracker="bnc" id="1140491">Dashboard: Validate iSCSI controls</issue>
  <issue tracker="bnc" id="1146656">dashboard/iSCSI - Unable to change attributes on iscsi target image through Dashboard</issue>
  <issue tracker="bnc" id="1145618">L3: iSCSI explicit LUN# configuration dropped during upgrade from SES 5.x to SES 6</issue>
  <issue tracker="cve" id="2019-10222"/>
  <packager>smithfarm</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for ceph, ceph-iscsi, ses-manual_en</summary>
  <description>This update for ceph, ceph-iscsi and ses-manual_en fixes the following issues:

Security issues fixed:

- CVE-2019-10222: Fixed RGW crash caused by unauthenticated clients. (bsc#1145093)

Non-security issues-fixed:

- ceph-volume: prints errors to stdout with --format json (bsc#1132767)
- mgr/dashboard: Changing rgw-api-host does not get effective without disable/enable
  dashboard mgr module (bsc#1137503)
- mgr/dashboard: Silence Alertmanager alerts (bsc#1141174)
- mgr/dashboard: Fix e2e failures caused by webdriver version (bsc#1145759) 
- librbd: always try to acquire exclusive lock when removing image (bsc#1149093)
- The no{up,down,in,out} related commands have been revamped (bsc#1151990)
- radosgw-admin gets two new subcommands for managing expire-stale objects. (bsc#1151991)
- Deploying a single new BlueStore OSD on a cluster upgraded to SES6 from SES5 breaks pool utilization stats reported by ceph df (bsc#1151992)
- Ceph cluster will no longer issue a health warning if CRUSH tunables are older than "hammer" (bsc#1151993)
- Nautilus-based librbd clients can not open images on Jewel clusters (bsc#1151994)
- The RGW num_rados_handles has been removed in Ceph 14.2.3 (bsc#1151995)
- "osd_deep_scrub_large_omap_object_key_threshold" has been lowered in Nautilus 14.2.3 (bsc#1152002)
- Support iSCSI target-level CHAP authentication (bsc#1145617)
- Validation and render of iSCSI controls based "type" (bsc#1140491)
- Fix error editing iSCSI image advanced settings (bsc#1146656)
- Fix error during iSCSI target edit

Fixes in ses-manual_en:

- Added a new chapter with changelogs of Ceph releases. (bsc#1135584)
- Rewrote rolling updates and replaced running stage.0 with manual commands to prevent infinite loop. (bsc#1134444)
- Improved name of CaaSP to its fuller version. (bsc#1151439)
- Verify which OSD's are going to be removed before running stage.5. (bsc#1150406)
- Added two additional steps to recovering an OSD. (bsc#1147132)

Fixes in ceph-iscsi:

- Validate kernel LIO controls type and value (bsc#1140491)
- TPG lun_id persistence (bsc#1145618)
- Target level CHAP authentication (bsc#1145617)

ceph-iscsi was updated to the upstream 3.2 release:

- Always use host FQDN instead of shortname
- Validate min/max value for target controls and rbd:user/tcmu-runner image
  controls (bsc#1140491)

</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places