Описание
Security update for ceph
This update for ceph fixes the following issues:
ceph was updated to the Pacific release (16.2.9-536-g41a9f9a5573):
- (bsc#1195359, bsc#1200553) rgw: check bucket shard init status in RGWRadosBILogTrimCR
- (bsc#1194131) ceph-volume: honour osd_dmcrypt_key_size option (CVE-2021-3979)
- (bsc#1200064,) Remove last vestiges of docker.io image paths
- (bsc#1196044) cephadm: prometheus: The generatorURL in alerts is only using hostname
- (bsc#1196785) cephadm: avoid crashing on expected non-zero exit
- (jsc#SES-2515) High-availability NFS export
- (bsc#1194875) [SES7P] include/buffer: include
- cephadm: update image paths to registry.suse.com
- cephadm: use snmp-notifier image from registry.suse.de
- cephadm: infer the default container image during pull
- mgr/cephadm: try to get FQDN for inventory address
- (bsc#1194875) common: fix FTBFS due to dout & need_dynamic on GCC-12
- (bsc#1196938) cephadm: preserve authorized_keys file during upgrade
- Update Prometheus Container image paths (pr #459)
- mgr/dashboard: Fix documentation URL (pr #456)
- mgr/dashboard: Adapt downstream branded navigation page (pr #454)
- Update prometheus-server version
- (bsc#1194353) Downstream branding breaks dashboard npm build
- (bsc#1178073) mgr/dashboard: fix downstream NFS doc links
Список пакетов
SUSE Linux Enterprise Micro 5.1
libfmt8-8.0.1-150300.7.5.1
librados2-16.2.9.536+g41a9f9a5573-150300.6.3.1
librbd1-16.2.9.536+g41a9f9a5573-150300.6.3.1
SUSE Linux Enterprise Micro 5.2
libfmt8-8.0.1-150300.7.5.1
librados2-16.2.9.536+g41a9f9a5573-150300.6.3.1
librbd1-16.2.9.536+g41a9f9a5573-150300.6.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
ceph-common-16.2.9.536+g41a9f9a5573-150300.6.3.1
libcephfs-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
libcephfs2-16.2.9.536+g41a9f9a5573-150300.6.3.1
libfmt8-8.0.1-150300.7.5.1
librados-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
librados2-16.2.9.536+g41a9f9a5573-150300.6.3.1
libradospp-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
librbd-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
librbd1-16.2.9.536+g41a9f9a5573-150300.6.3.1
librgw-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
librgw2-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-ceph-argparse-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-ceph-common-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-cephfs-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-rados-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-rbd-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-rgw-16.2.9.536+g41a9f9a5573-150300.6.3.1
rados-objclass-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
rbd-nbd-16.2.9.536+g41a9f9a5573-150300.6.3.1
openSUSE Leap 15.3
ceph-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-base-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-common-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-fuse-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-grafana-dashboards-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-immutable-object-cache-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mds-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mgr-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mgr-cephadm-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mgr-dashboard-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mgr-diskprediction-local-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mgr-k8sevents-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mgr-modules-core-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mgr-rook-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-mon-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-osd-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-prometheus-alerts-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-radosgw-16.2.9.536+g41a9f9a5573-150300.6.3.1
ceph-test-16.2.9.536+g41a9f9a5573-150300.6.3.1
cephadm-16.2.9.536+g41a9f9a5573-150300.6.3.1
cephfs-shell-16.2.9.536+g41a9f9a5573-150300.6.3.1
libcephfs-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
libcephfs2-16.2.9.536+g41a9f9a5573-150300.6.3.1
libfmt8-8.0.1-150300.7.5.1
librados-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
librados2-16.2.9.536+g41a9f9a5573-150300.6.3.1
libradospp-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
librbd-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
librbd1-16.2.9.536+g41a9f9a5573-150300.6.3.1
librgw-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
librgw2-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-ceph-argparse-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-ceph-common-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-cephfs-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-rados-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-rbd-16.2.9.536+g41a9f9a5573-150300.6.3.1
python3-rgw-16.2.9.536+g41a9f9a5573-150300.6.3.1
rados-objclass-devel-16.2.9.536+g41a9f9a5573-150300.6.3.1
rbd-fuse-16.2.9.536+g41a9f9a5573-150300.6.3.1
rbd-mirror-16.2.9.536+g41a9f9a5573-150300.6.3.1
rbd-nbd-16.2.9.536+g41a9f9a5573-150300.6.3.1
openSUSE Leap Micro 5.2
libfmt8-8.0.1-150300.7.5.1
librados2-16.2.9.536+g41a9f9a5573-150300.6.3.1
librbd1-16.2.9.536+g41a9f9a5573-150300.6.3.1
Ссылки
- Link for SUSE-SU-2022:4501-1
- E-Mail link for SUSE-SU-2022:4501-1
- SUSE Security Ratings
- SUSE Bug 1178073
- SUSE Bug 1194131
- SUSE Bug 1194353
- SUSE Bug 1194875
- SUSE Bug 1195359
- SUSE Bug 1196044
- SUSE Bug 1196785
- SUSE Bug 1196938
- SUSE Bug 1200064
- SUSE Bug 1200553
- SUSE CVE CVE-2021-3979 page
Описание
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.
Затронутые продукты
SUSE Linux Enterprise Micro 5.1:libfmt8-8.0.1-150300.7.5.1
SUSE Linux Enterprise Micro 5.1:librados2-16.2.9.536+g41a9f9a5573-150300.6.3.1
SUSE Linux Enterprise Micro 5.1:librbd1-16.2.9.536+g41a9f9a5573-150300.6.3.1
SUSE Linux Enterprise Micro 5.2:libfmt8-8.0.1-150300.7.5.1
Ссылки
- CVE-2021-3979
- SUSE Bug 1194131