SUSE Container Update Advisory: ses/7/cephcsi/cephcsi
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:311-1
Container Tags        : ses/7/cephcsi/cephcsi:3.3.1 , ses/7/cephcsi/cephcsi:3.3.1.0.3.539 , ses/7/cephcsi/cephcsi:latest , ses/7/cephcsi/cephcsi:sle15.2.octopus , ses/7/cephcsi/cephcsi:v3.3.1 , ses/7/cephcsi/cephcsi:v3.3.1.0
Container Release     : 3.539
Severity              : moderate
Type                  : security
References            : 1177695 1184994 1187091 1188063 1188127 1188217 1188218 1188219
                        1188220 CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 CVE-2021-22925
                        CVE-2021-33910 
-----------------------------------------------------------------

The container ses/7/cephcsi/cephcsi was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2404-1
Released:    Tue Jul 20 14:21:30 2021
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1184994,1188063,CVE-2021-33910
This update for systemd fixes the following issues:

- CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063)
- Skip udev rules if 'elevator=' is used (bsc#1184994)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2439-1
Released:    Wed Jul 21 13:46:48 2021
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1188217,1188218,1188219,1188220,CVE-2021-22922,CVE-2021-22923,CVE-2021-22924,CVE-2021-22925
This update for curl fixes the following issues:

- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2456-1
Released:    Thu Jul 22 15:28:39 2021
Summary:     Recommended update for pam-config
Type:        recommended
Severity:    moderate
References:  1187091
This update for pam-config fixes the following issues:

- Add 'revoke' to the option list for 'pam_keyinit'.
- Fixed an issue when pam-config fails to create a new service config file. (bsc#1187091)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2573-1
Released:    Thu Jul 29 14:21:52 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1188127
This update for timezone fixes the following issue:
- From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by
the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are
now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2593-1
Released:    Mon Aug  2 15:40:22 2021
Summary:     Recommended update for suse-module-tools
Type:        recommended
Severity:    moderate
References:  1177695
This update for suse-module-tools provides the following fix:

- modprobe.d: Remove dma=none setting for parport_pc. (bsc#1177695)

SUSE: 2021:311-1 ses/7/cephcsi/cephcsi Security Update

September 15, 2021
The container ses/7/cephcsi/cephcsi was updated

Summary

Advisory ID: SUSE-SU-2021:2404-1 Released: Tue Jul 20 14:21:30 2021 Summary: Security update for systemd Type: security Severity: moderate Advisory ID: SUSE-SU-2021:2439-1 Released: Wed Jul 21 13:46:48 2021 Summary: Security update for curl Type: security Severity: moderate Advisory ID: SUSE-RU-2021:2456-1 Released: Thu Jul 22 15:28:39 2021 Summary: Recommended update for pam-config Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:2573-1 Released: Thu Jul 29 14:21:52 2021 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:2593-1 Released: Mon Aug 2 15:40:22 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate

References

References : 1177695 1184994 1187091 1188063 1188127 1188217 1188218 1188219

1188220 CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 CVE-2021-22925

CVE-2021-33910

1184994,1188063,CVE-2021-33910

This update for systemd fixes the following issues:

- CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063)

- Skip udev rules if 'elevator=' is used (bsc#1184994)

1188217,1188218,1188219,1188220,CVE-2021-22922,CVE-2021-22923,CVE-2021-22924,CVE-2021-22925

This update for curl fixes the following issues:

- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)

- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)

- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)

- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)

1187091

This update for pam-config fixes the following issues:

- Add 'revoke' to the option list for 'pam_keyinit'.

- Fixed an issue when pam-config fails to create a new service config file. (bsc#1187091)

1188127

This update for timezone fixes the following issue:

- From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by

the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are

now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127).

1177695

This update for suse-module-tools provides the following fix:

- modprobe.d: Remove dma=none setting for parport_pc. (bsc#1177695)

Severity
Container Advisory ID : SUSE-CU-2021:311-1
Container Tags : ses/7/cephcsi/cephcsi:3.3.1 , ses/7/cephcsi/cephcsi:3.3.1.0.3.539 , ses/7/cephcsi/cephcsi:latest , ses/7/cephcsi/cephcsi:sle15.2.octopus , ses/7/cephcsi/cephcsi:v3.3.1 , ses/7/cephcsi/cephcsi:v3.3.1.0
Container Release : 3.539
Severity : moderate
Type : security

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved