SUSE: 2021:246-1 ses/6/ceph/ceph Security Update
Summary
Advisory ID: SUSE-RU-2021:1846-1 Released: Fri Jun 4 08:46:37 2021 Summary: Recommended update for mozilla-nss Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:1859-1 Released: Fri Jun 4 09:02:38 2021 Summary: Security update for python-py Type: security Severity: moderate Advisory ID: SUSE-RU-2021:1861-1 Released: Fri Jun 4 09:59:40 2021 Summary: Recommended update for gcc10 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:1917-1 Released: Wed Jun 9 14:48:05 2021 Summary: Security update for libxml2 Type: security Severity: moderate Advisory ID: SUSE-RU-2021:1923-1 Released: Thu Jun 10 08:37:00 2021 Summary: Recommended update for nfs-utils Type: recommended Severity: important Advisory ID: SUSE-RU-2021:1953-1 Released: Thu Jun 10 16:18:50 2021 Summary: Recommended update for gpg2 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:1967-1 Released: Mon Jun 14 06:49:40 2021 Summary: Recommended update for ceph Type: recommended Severity: important
References
References : 1029961 1106014 1161268 1172308 1178577 1178624 1178675 1179805
1182016 1183194 1183760 1184505 1185049 1185910 1186015 CVE-2020-29651
CVE-2021-3541
1185910
This update for mozilla-nss fixes the following issue:
- Provide some missing binaries from `mozilla-nss` not added in `SLE-Module-Basesystem_15-SP3`. (bsc#1185910)
1179805,1184505,CVE-2020-29651
This update for python-py fixes the following issues:
- CVE-2020-29651: Fixed regular expression denial of service in svnwc.py (bsc#1179805, bsc#1184505).
1029961,1106014,1178577,1178624,1178675,1182016
This update for gcc10 fixes the following issues:
- Disable nvptx offloading for aarch64 again since it doesn't work
- Fixed a build failure issue. (bsc#1182016)
- Fix for memory miscompilation on 'aarch64'. (bsc#1178624, bsc#1178577)
- Fix 32bit 'libgnat.so' link. (bsc#1178675)
- prepare usrmerge: Install libgcc_s into %_libdir. ABI wise it stays /%lib. (bsc#1029961)
- Build complete set of multilibs for arm-none target. (bsc#1106014)
1186015,CVE-2021-3541
This update for libxml2 fixes the following issues:
- CVE-2021-3541: Fixed exponential entity expansion attack bypasses all existing protection mechanisms. (bsc#1186015)
1183194
This update for nfs-utils fixes the following issues:
- Ensured thread safety when opening files over NFS to prevent a
use-after-free issue (bsc#1183194)
1161268,1172308
This update for gpg2 fixes the following issues:
- Fixed an issue where the gpg-agent's ssh-agent does not handle flags
in signing requests properly (bsc#1161268 and bsc#1172308).
1183760,1185049
This update for ceph fixes the following issues:
- os/FileStore: don't propagate split/merge error to 'create'/'remove' (bsc#1183760)
- os/FileStore: fix to handle readdir error correctly (bsc#1185049)