SUSE Container Update Advisory: ses/7/cephcsi/cephcsi
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:712-1
Container Tags : ses/7/cephcsi/cephcsi:3.1.1 , ses/7/cephcsi/cephcsi:3.1.1.0.3.66 , ses/7/cephcsi/cephcsi:latest , ses/7/cephcsi/cephcsi:sle15.2.octopus , ses/7/cephcsi/cephcsi:v3.1.1 , ses/7/cephcsi/cephcsi:v3.1.1.0
Container Release : 3.66
Severity : important
Type : security
References : 1170200 1174466 1177344 1177843 1178073 1178531 CVE-2020-25660
-----------------------------------------------------------------
The container ses/7/cephcsi/cephcsi was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3537-1
Released: Thu Nov 26 15:25:38 2020
Summary: Recommended update for ceph-csi
Type: recommended
Severity: moderate
References:
This update for ceph-csi fixes the following issues:
- Use csi-attacher sidecar version v2.1.0 in helm charts due to build challenges with v2.1.1.
- Use upstream default CSI and sidecar versions in the helm charts.
- Add examples directory into cephfs and rbd helm charts
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3539-1
Released: Thu Nov 26 15:52:34 2020
Summary: Security update for ceph
Type: security
Severity: important
References: 1170200,1174466,1177344,1177843,1178073,1178531,CVE-2020-25660
This update for ceph fixes the following issues:
Security issue fixed:
- CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges (bsc#1177843).
- mgr/dashboard: Fix for CrushMap viewer items getting compressed vertically (bsc#1170200)
- mon: have 'mon stat' output json as well (bsc#1174466)
- mgr/dashboard: support Orchestrator and user-defined Ganesha cluster (bsc#1177344)
- mgr/dashboard: fix downstream NFS doc links (bsc#1178073)
- cephadm: set default container_image to registry.suse.com/ses/7/ceph/ceph (bsc#1178531)
[{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"12","type":"x","order":"1","pct":36.36,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":18.18,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":45.45,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
