SUSE-SU-2020:1748-1

Опубликовано: 25 июн. 2020

Источник: suse-cvrf

Описание

Security update for ceph

This is a version update for ceph to version 12.2.13:

Security issue fixed:

CVE-2020-10753: Fixed an HTTP header injection via CORS ExposeHeader tag (bsc#1171921).
Notable changes in this update for ceph:
- mgr: telemetry: backported and now available on SES5.5. Please consider enabling via 'ceph telemetry on' (bsc#1171670)
- OSD heartbeat ping time: new health warning, options and admin commands (bsc#1171960)
- 'osd_calc_pg_upmaps_max_stddev' ceph.conf parameter has been removed; use 'upmap_max_deviation' instead (bsc#1171961)
- Default maximum concurrent bluestore rocksdb compaction threads raised from 1 to 2 for improved ability to keep up with rgw bucket index workloads (bsc#1171963)
Bug fixes in this ceph update:
- mon: Error message displayed when mon_osd_max_split_count would be exceeded is not as user-friendly as it could be (bsc#1126230)
- ceph_volume_client: remove ceph mds calls in favor of ceph fs calls (bsc#1136082)
- rgw: crypt: permit RGW-AUTO/default with SSE-S3 headers (bsc#1157607)
- mon/AuthMonitor: don't validate fs caps on authorize (bsc#1161096)
Additional bug fixes:
- ceph-volume: strip _dmcrypt suffix in simple scan json output (bsc#1162553)

Список пакетов

HPE Helion OpenStack 8

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Enterprise Storage 5

ceph-12.2.13+git.1592168685.85110a3e9d-2.50.1

ceph-base-12.2.13+git.1592168685.85110a3e9d-2.50.1

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

ceph-fuse-12.2.13+git.1592168685.85110a3e9d-2.50.1

ceph-mds-12.2.13+git.1592168685.85110a3e9d-2.50.1

ceph-mgr-12.2.13+git.1592168685.85110a3e9d-2.50.1

ceph-mon-12.2.13+git.1592168685.85110a3e9d-2.50.1

ceph-osd-12.2.13+git.1592168685.85110a3e9d-2.50.1

ceph-radosgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-ceph-compat-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

python3-ceph-argparse-12.2.13+git.1592168685.85110a3e9d-2.50.1

python3-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python3-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python3-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python3-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

rbd-fuse-12.2.13+git.1592168685.85110a3e9d-2.50.1

rbd-mirror-12.2.13+git.1592168685.85110a3e9d-2.50.1

rbd-nbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Server 12 SP3-BCL

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Server 12 SP3-LTSS

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Server 12 SP4

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Server 12 SP5

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Software Development Kit 12 SP4

libcephfs-devel-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados-devel-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd-devel-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE Linux Enterprise Software Development Kit 12 SP5

libcephfs-devel-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados-devel-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd-devel-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE OpenStack Cloud 8

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

SUSE OpenStack Cloud Crowbar 8

ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librbd1-12.2.13+git.1592168685.85110a3e9d-2.50.1

librgw2-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rados-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50.1

python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20201748-1/
Link for SUSE-SU-2020:1748-1
https://lists.suse.com/pipermail/sle-security-updates/2020-June/007029.html
E-Mail link for SUSE-SU-2020:1748-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1126230
SUSE Bug 1126230
https://bugzilla.suse.com/1136082
SUSE Bug 1136082
https://bugzilla.suse.com/1157607
SUSE Bug 1157607
https://bugzilla.suse.com/1161096
SUSE Bug 1161096
https://bugzilla.suse.com/1162553
SUSE Bug 1162553
https://bugzilla.suse.com/1171670
SUSE Bug 1171670
https://bugzilla.suse.com/1171921
SUSE Bug 1171921
https://bugzilla.suse.com/1171960
SUSE Bug 1171960
https://bugzilla.suse.com/1171961
SUSE Bug 1171961
https://bugzilla.suse.com/1171963
SUSE Bug 1171963
https://www.suse.com/security/cve/CVE-2020-10753/
SUSE CVE CVE-2020-10753 page

Описание

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.

Затронутые продукты

HPE Helion OpenStack 8:ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50.1

HPE Helion OpenStack 8:libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50.1

HPE Helion OpenStack 8:librados2-12.2.13+git.1592168685.85110a3e9d-2.50.1

HPE Helion OpenStack 8:libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-10753.html
CVE-2020-10753
https://bugzilla.suse.com/1171921
SUSE Bug 1171921

SUSE-SU-2020:1748-1

Описание

Список пакетов

HPE Helion OpenStack 8

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Enterprise Storage 5

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server 12 SP4

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP4

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud Crowbar 8

Ссылки

Уязвимость: CVE-2020-10753

Описание

Затронутые продукты

Ссылки