SUSE Container Update Advisory: ses/7/ceph/ceph
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:717-1
Container Tags        : ses/7/ceph/ceph:15.2.5.667 , ses/7/ceph/ceph:15.2.5.667.4.21 , ses/7/ceph/ceph:latest , ses/7/ceph/ceph:sle15.2.octopus
Container Release     : 4.21
Severity              : important
Type                  : security
References            : 1168155 1170200 1171234 1172082 1174099 1174466 1177344 1177843
                        1178073 1178531 959556 CVE-2020-25660 
-----------------------------------------------------------------

The container ses/7/ceph/ceph was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3539-1
Released:    Thu Nov 26 15:52:34 2020
Summary:     Security update for ceph
Type:        security
Severity:    important
References:  1170200,1174466,1177344,1177843,1178073,1178531,CVE-2020-25660
This update for ceph fixes the following issues:

Security issue fixed:

- CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges (bsc#1177843).

- mgr/dashboard: Fix for CrushMap viewer items getting compressed vertically (bsc#1170200)
- mon: have 'mon stat' output json as well (bsc#1174466)
- mgr/dashboard: support Orchestrator and user-defined Ganesha cluster (bsc#1177344)
- mgr/dashboard: fix downstream NFS doc links (bsc#1178073)
- cephadm: set default container_image to registry.suse.com/ses/7/ceph/ceph (bsc#1178531)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3540-1
Released:    Thu Nov 26 15:57:16 2020
Summary:     Recommended update for wicked
Type:        recommended
Severity:    moderate
References:  1168155,1171234,1172082,1174099,959556
This update for wicked fixes the following issues:

- Fix to avoid incomplete ifdown/timeout on route deletion error. (bsc#1174099)
- Allow 'linuxrc' to send 'RFC2132' without providing the MAC address. (jsc#SLE-15770)
- Fixes to ifreload on port changes. (bsc#1168155, bsc#1172082)
- Fix schema to use correct 'hwaddr_policy' property. (bsc#1171234)
- Enable IPv6 on ports when 'nsna_ping' linkwatch is used. (bsc#959556)