SUSE Enterprise Storage Update 15-SP1: SUSE-SU-2020:3459-1 Moderate Threat
suse
November 20, 2020
An update that solves one vulnerability and has 8 fixes is now available
Summary
This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges (bsc#1177843). - Major batch refactor of ceph-volume that addresses a couple of issues (bsc#1151612, bsc#1158257) - Documented Prometheus' security model (bsc#1169134) - monclient: Fixed an issue where executing several ceph commands in a short amount of time led to a segmentation fault (bsc#1170487) - Fixed an issue, where it was not possible to edit an iSCSI logged-in client (bsc#1174591) - Fixed an issue, where OSDs could not get started after they failed (bsc#1175061) - Fixed an issue with the restful module, where it aborted on execution for POST calls (bsc#1175240) - Fixed a many-to-many issue in host-details Grafana dashboard (bsc#1175585)
References
#1151612 #1158257 #1169134 #1170487 #1174591
#1175061 #1175240 #1175781 #1177843
Cross- CVE-2020-25660
Affected Products:
SUSE Linux Enterprise Module for Basesystem 15-SP1
SUSE Enterprise Storage 6
https://www.suse.com/security/cve/CVE-2020-25660.html
https://bugzilla.suse.com/1151612
https://bugzilla.suse.com/1158257
https://bugzilla.suse.com/1169134
https://bugzilla.suse.com/1170487
https://bugzilla.suse.com/1174591
https://bugzilla.suse.com/1175061
https://bugzilla.suse.com/1175240
https://bugzilla.suse.com/1175781
https://bugzilla.suse.com/1177843
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2020:3459-1
Rating: moderate
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!