Linux Security
    Linux Security
    Linux Security

    SUSE: 2020:698-1 ses/7/ceph/grafana Security Update

    Date 25 Nov 2020
    375
    Posted By LinuxSecurity Advisories
    SUSE Container Update Advisory: ses/7/ceph/grafana
    -----------------------------------------------------------------
    Container Advisory ID : SUSE-CU-2020:698-1
    Container Tags        : ses/7/ceph/grafana:7.1.5 , ses/7/ceph/grafana:7.1.5.3.287 , ses/7/ceph/grafana:latest , ses/7/ceph/grafana:sle15.2.octopus
    Container Release     : 3.287
    Severity              : important
    Type                  : security
    References            : 1174232 1174593 1177458 1177490 1177510 1177858 1178387 1178512
                            1178727 CVE-2020-25692 CVE-2020-28196 
    -----------------------------------------------------------------
    
    The container ses/7/ceph/grafana was updated. The following patches have been included in this update:
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3249-1
    Released:    Fri Nov  6 17:02:51 2020
    Summary:     Recommended update for grafana
    Type:        recommended
    Severity:    moderate
    References:  
    This update for grafana fixes the following issues:
    
    - Update to version 7.1.5:
      * Features / Enhancements
        - Stats: Stop counting the same user multiple times.
        - Field overrides: Filter by field name using regex.
        - AzureMonitor: map more units.
        - Explore: Don't run queries on datasource change.
        - Graph: Support setting field unit & override data source (automatic) unit.
        - Explore: Unification of logs/metrics/traces user interface
        - Table: JSON Cell should try to convert strings to JSON
        - Variables: enables cancel for slow query variables queries.
        - TimeZone: unify the time zone pickers to one that can rule them all.
        - Search: support URL query params.
        - Grafana-UI: Add FileUpload.
        - TablePanel: Sort numbers correctly.
      * Bug fixes
        - Alerting: remove LongToWide call in alerting.
        - AzureMonitor: fix panic introduced in 7.1.4 when unit was unspecified and alias was used.
        - Variables: Fixes issue with All variable not being resolved.
        - Templating: Fixes so texts show in picker not the values.
        - Templating: Templating: Fix undefined result when using raw interpolation format
        - TextPanel: Fix content overflowing panel boundaries.
        - StatPanel: Fix stat panel display name not showing when explicitly set.
        - Query history: Fix search filtering if null value.
        - Flux: Ensure connections to InfluxDB are closed.
        - Dashboard: Fix for viewer can enter panel edit mode by modifying url (but cannot not save anything).
        - Prometheus: Fix prom links in mixed mode.
        - Sign In Use correct url for the Sign In button.
        - StatPanel: Fixes issue with name showing for single series / field results
        - BarGauge: Fix space bug in single series mode.
        - Auth: Fix POST request failures with anonymous access
        - Templating: Fix recursive loop of template variable queries when changing ad-hoc-variable
        - Templating: Fixed recursive queries triggered when switching dashboard settings view
        - GraphPanel: Fix annotations overflowing panels.
        - Prometheus: Fix performance issue in processing of histogram labels.
        - Datasources: Handle URL parsing error.
        - Security: Use Header.Set and Header.Del for X-Grafana-User header.
      * Changes in spec file
        - Fix golang version = 1.14 to avoid dependency conflicts on some OBS projects
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3290-1
    Released:    Wed Nov 11 12:25:32 2020
    Summary:     Recommended update for findutils
    Type:        recommended
    Severity:    moderate
    References:  1174232
    This update for findutils fixes the following issues:
    
    - Do not unconditionally use leaf optimization for NFS. (bsc#1174232)
      NFS st_nlink are not accurate on all implementations, leading to aborts() if that assumption is made.
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-SU-2020:3313-1
    Released:    Thu Nov 12 16:07:37 2020
    Summary:     Security update for openldap2
    Type:        security
    Severity:    important
    References:  1178387,CVE-2020-25692
    This update for openldap2 fixes the following issues:
    
    - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387).
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-SU-2020:3377-1
    Released:    Thu Nov 19 09:29:32 2020
    Summary:     Security update for krb5
    Type:        security
    Severity:    moderate
    References:  1178512,CVE-2020-28196
    This update for krb5 fixes the following security issue:
    
    - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message (bsc#1178512).
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3381-1
    Released:    Thu Nov 19 10:53:38 2020
    Summary:     Recommended update for systemd
    Type:        recommended
    Severity:    moderate
    References:  1177458,1177490,1177510
    This update for systemd fixes the following issues:
    
    - build-sys: optionally disable support of journal over the network (bsc#1177458)
    - ask-password: prevent buffer overflow when reading from keyring (bsc#1177510)
    - mount: don't propagate errors from mount_setup_unit() further up
    - Rely on the new build option --disable-remote for journal_remote
      This allows to drop the workaround that consisted in cleaning journal-upload files and
      {sysusers.d,tmpfiles.d}/systemd-remote.conf manually when 'journal_remote' support was disabled.
    - Move journal-{remote,upload}.conf.5.gz man pages into systemd-journal_remote sub package 
    - Make sure {sysusers.d,tmpfiles.d}/systemd-remote.conf are not shipped with --without=journal_remote (bsc#1177458)
      These files were incorrectly packaged in the main package when systemd-journal_remote was disabled.
    - Make use of %{_unitdir} and %{_sysusersdir}
    - Remove mq-deadline selection from 60-io-scheduler.rules (bsc#1177490)
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3462-1
    Released:    Fri Nov 20 13:14:35 2020
    Summary:     Recommended update for pam and sudo
    Type:        recommended
    Severity:    moderate
    References:  1174593,1177858,1178727
    This update for pam and sudo fixes the following issue:
    
    pam:
    
    - pam_xauth: do not *free* a string which has been successfully passed to *putenv*. (bsc#1177858)
    - Initialize the local variable *daysleft* to avoid a misleading warning for password expire days. (bsc#1178727)
    - Run /usr/bin/xauth using the old user's and group's identifiers. (bsc#1174593)
    
    sudo:
    
    - Fix a problem with pam_xauth which checks effective and real uids to get the real identity of the user. (bsc#1174593)
    

    Advisories

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.