SUSE Container Update Advisory: ses/7.1/ceph/ceph
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:798-1
Container Tags        : ses/7.1/ceph/ceph:16.2.11.58 , ses/7.1/ceph/ceph:16.2.11.58.4.4.1 , ses/7.1/ceph/ceph:latest , ses/7.1/ceph/ceph:sle15.3.pacific
Container Release     : 4.4.1
Severity              : critical
Type                  : security
References            : 1176785 1178233 1187748 1188911 1192838 1192840 1196046 1199183
                        1199282 1199756 1200262 1200317 1200501 1200978 1201604 1201797
                        1201837 1201976 1202077 1202292 1203248 1203249 1203355 1203375
                        1203715 1204430 1204548 1204956 1205025 1205436 1205570 1205636
                        1206158 1206949 1207294 1208471 CVE-2022-0670 CVE-2022-29217
                        CVE-2022-3650 CVE-2022-3854 CVE-2023-24329 
-----------------------------------------------------------------

The container ses/7.1/ceph/ceph was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:714-1
Released:    Mon Mar 13 10:53:25 2023
Summary:     Recommended update for rpm
Type:        recommended
Severity:    important
References:  1207294
This update for rpm fixes the following issues:

- Fix missing python(abi) for 3.XX versions (bsc#1207294)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:776-1
Released:    Thu Mar 16 17:29:23 2023
Summary:     Recommended update for gcc12
Type:        recommended
Severity:    moderate
References:  
This update for gcc12 fixes the following issues:

This update ships gcc12 also to the SUSE Linux Enterprise 15 SP1 LTSS and 15 SP2 LTSS products.

SUSE Linux Enterprise 15 SP3 and SP4 get only refreshed builds without changes


This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided in the SUSE Linux
Enterprise Module for Development Tools.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.
- override your makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

	https://gcc.gnu.org/gcc-12/changes.html


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:786-1
Released:    Thu Mar 16 19:36:09 2023
Summary:     Recommended update for libsolv, libzypp, zypper
Type:        recommended
Severity:    important
References:  1178233,1203248,1203249,1203715,1204548,1204956,1205570,1205636,1206949
This update for libsolv, libzypp, zypper fixes the following issues:

libsolv:

- Do not autouninstall SUSE PTF packages
- Ensure 'duplinvolvedmap_all' is reset when a solver is reused
- Fix 'keep installed' jobs not disabling 'best update' rules
- New '-P' and '-W' options for `testsolv`
- New introspection interface for weak dependencies similar to ruleinfos
- Ensure special case file dependencies are written correctly in the testcase writer
- Support better info about alternatives
- Support decision reason queries
- Support merging of related decisions
- Support stringification of multiple solvables
- Support stringification of ruleinfo, decisioninfo and decision reasons

libzypp:

- Avoid calling getsockopt when we know the info already.
  This patch should fix logging on WSL, getsockopt seems to not be fully supported but the code required it when
  accepting new socket connections (bsc#1178233)
- Avoid redirecting 'history.logfile=/dev/null' into the target
- Create '.no_auto_prune' in the package cache dir to prevent auto cleanup of orphaned repositories (bsc#1204956)
- Enhance yaml-cpp detection
- Improve download of optional files
- MultiCurl: Make sure to reset the progress function when falling back.
- Properly reset range requests (bsc#1204548)
- Removing a PTF without enabled repos should always fail (bsc#1203248)
  Without enabled repos, the dependent PTF-packages would be removed (not replaced!) as well. 
  To remove a PTF `zypper install -- -PTF` or a dedicated `zypper removeptf PTF` should be used. This will update the
  installed PTF packages to theit latest version.
- Skip media.1/media download for http repo status calc.
  This patch allows zypp to skip a extra media.1/media download to calculate if a repository needs to be refreshed.
  This optimisation only takes place if the repo does specify only downloading base urls.
- Use a dynamic fallback for BLKSIZE in downloads.
  When not receiving a blocklist via metalink file from the server MediaMultiCurl used to fallback to a fixed,
  relatively small BLKSIZE. This patch changes the fallback into a dynamic value based on the filesize using a similar
  metric as the MirrorCache implementation on the server side.
- ProgressData: enforce reporting the INIT||END state (bsc#1206949)
- ps: fix service detection on newer Tumbleweed systems (bsc#1205636)

zypper:

- Allow to (re)add a service with the same URL (bsc#1203715)
- Bump dependency requirement to libzypp-devel 17.31.7 or greater
- Explain outdatedness of repositories
- patterns: Avoid dispylaing superfluous @System entries (bsc#1205570)
- Provide `removeptf` command (bsc#1203249)
  A remove command which prefers replacing dependant packages to removing them as well.
  A PTF is typically removed as soon as the fix it provides is applied to the latest official update of the dependant
  packages. However it is not desired for the dependant packages to be removed together with the PTF, which is what the
  remove command would do. The `removeptf` command however will aim to replace the dependant packages by their official
  update versions.
- Update man page and explain '.no_auto_prune' (bsc#1204956)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:794-1
Released:    Fri Mar 17 08:42:12 2023
Summary:     Security update for python-PyJWT
Type:        security
Severity:    critical
References:  1176785,1199282,1199756,CVE-2022-29217
This update for python-PyJWT fixes the following issues:

- CVE-2022-29217: Fixed Key confusion through non-blocklisted public key formats (bsc#1199756).

- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Update to 2.4.0 (bsc#1199756)
    - Explicit check the key for ECAlgorithm
    - Don't use implicit optionals
    - documentation fix: show correct scope 
    - fix: Update copyright information
    - Don't mutate options dictionary in .decode_complete()
    - Add support for Python 3.10
    - api_jwk: Add PyJWKSet.__getitem__
    - Update usage.rst
    - Docs: mention performance reasons for reusing RSAPrivateKey
      when encoding
    - Fixed typo in usage.rst
    - Add detached payload support for JWS encoding and decoding
    - Replace various string interpolations with f-strings by


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:868-1
Released:    Wed Mar 22 09:41:01 2023
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1203355,1208471,CVE-2023-24329
This update for python3 fixes the following issues:

- CVE-2023-24329: Fixed a blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters (bsc#1208471).

The following non-security bug was fixed:

- Eliminate unnecessary and dangerous calls to PyThread_exit_thread() (bsc#1203355).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1584-1
Released:    Mon Mar 27 10:32:31 2023
Summary:     Security update for ceph
Type:        security
Severity:    important
References:  1187748,1188911,1192838,1192840,1196046,1199183,1200262,1200317,1200501,1200978,1201604,1201797,1201837,1201976,1202077,1202292,1203375,1204430,1205025,1205436,1206158,CVE-2022-0670,CVE-2022-3650,CVE-2022-3854
This update for ceph fixes the following issues:

Security issues fixed:

- CVE-2022-0670: Fixed user/tenant read/write access to an entire file system (bsc#1201837).
- CVE-2022-3650: Fixed Python script that allowed privilege escalation from ceph to root (bsc#1204430).
- CVE-2022-3854: Fixed possible DoS issue in ceph URL processing on RGW backends (bsc#1205025).

Bug fixes:

- osd, tools, kv: non-aggressive, on-line trimming of accumulated dups (bsc#1199183).
- ceph-volume: fix fast device alloc size on mulitple device  (bsc#1200262).
- cephadm: update monitoring container images (bsc#1200501).
- mgr/dashboard: prevent alert redirect (bsc#1200978).
- mgr/volumes: Add subvolumegroup resize cmd (bsc#1201797).
- monitoring/ceph-mixin: add RGW host to label info (bsc#1201976).
- mgr/dashboard: enable addition of custom Prometheus alerts (bsc#1202077).
- python-common: Add 'KB' to supported suffixes in SizeMatcher (bsc#1203375).
- mgr/dashboard: fix rgw connect when using ssl (bsc#1205436).
- ceph.spec.in: Add -DFMT_DEPRECATED_OSTREAM to CXXFLAGS (bsc#1202292).
- cephfs-shell: move source to separate subdirectory (bsc#1201604).

Fix in previous release:

- mgr/cephadm: try to get FQDN for configuration files (bsc#1196046).
- When an RBD is mapped, it is attempted to be deployed as an OSD. (bsc#1187748).
- OSD marked down causes wrong backfill_toofull (bsc#1188911).
- cephadm: Fix iscsi client caps (allow mgr  calls) (bsc#1192838).
- mgr/cephadm: fix and improve osd draining (bsc#1200317).
- add iscsi and nfs to upgrade process (bsc#1206158).
- mgr/mgr_module.py: CLICommand: Fix parsing of kwargs arguments (bsc#1192840).


The following package changes have been done:

- ceph-base-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-common-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-grafana-dashboards-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-mds-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-mgr-cephadm-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-mgr-dashboard-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-mgr-modules-core-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-mgr-rook-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-mgr-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-mon-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-osd-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-prometheus-alerts-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-radosgw-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- cephadm-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- ceph-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- libcephfs2-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- libcephsqlite-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- libgcc_s1-12.2.1+git416-150000.1.7.1 updated
- libpython3_6m1_0-3.6.15-150300.10.45.1 updated
- librados2-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- librbd1-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- librgw2-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- libsolv-tools-0.7.23-150200.15.1 updated
- libstdc++6-12.2.1+git416-150000.1.7.1 updated
- libzypp-17.31.8-150200.50.1 updated
- python3-PyJWT-2.4.0-150200.3.6.2 updated
- python3-base-3.6.15-150300.10.45.1 updated
- python3-ceph-argparse-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- python3-ceph-common-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- python3-cephfs-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- python3-curses-3.6.15-150300.10.45.1 updated
- python3-rados-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- python3-rbd-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- python3-rgw-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- python3-3.6.15-150300.10.45.1 updated
- rbd-mirror-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated
- rpm-ndb-4.14.3-150300.55.1 updated
- zypper-1.14.59-150200.42.2 updated
- container:sles15-image-15.0.0-17.20.115 updated
- python3-ecdsa-0.13.3-3.7.1 removed

SUSE: 2023:798-1 ses/7.1/ceph/ceph Security Update

March 27, 2023
The container ses/7.1/ceph/ceph was updated

Summary

Advisory ID: SUSE-RU-2023:714-1 Released: Mon Mar 13 10:53:25 2023 Summary: Recommended update for rpm Type: recommended Severity: important Advisory ID: SUSE-RU-2023:776-1 Released: Thu Mar 16 17:29:23 2023 Summary: Recommended update for gcc12 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:786-1 Released: Thu Mar 16 19:36:09 2023 Summary: Recommended update for libsolv, libzypp, zypper Type: recommended Severity: important Advisory ID: SUSE-SU-2023:794-1 Released: Fri Mar 17 08:42:12 2023 Summary: Security update for python-PyJWT Type: security Severity: critical Advisory ID: SUSE-SU-2023:868-1 Released: Wed Mar 22 09:41:01 2023 Summary: Security update for python3 Type: security Severity: important Advisory ID: SUSE-SU-2023:1584-1 Released: Mon Mar 27 10:32:31 2023 Summary: Security update for ceph Type: security Severity: important

References

References : 1176785 1178233 1187748 1188911 1192838 1192840 1196046 1199183

1199282 1199756 1200262 1200317 1200501 1200978 1201604 1201797

1201837 1201976 1202077 1202292 1203248 1203249 1203355 1203375

1203715 1204430 1204548 1204956 1205025 1205436 1205570 1205636

1206158 1206949 1207294 1208471 CVE-2022-0670 CVE-2022-29217

CVE-2022-3650 CVE-2022-3854 CVE-2023-24329

1207294

This update for rpm fixes the following issues:

- Fix missing python(abi) for 3.XX versions (bsc#1207294)

This update for gcc12 fixes the following issues:

This update ships gcc12 also to the SUSE Linux Enterprise 15 SP1 LTSS and 15 SP2 LTSS products.

SUSE Linux Enterprise 15 SP3 and SP4 get only refreshed builds without changes

This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15

versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided in the SUSE Linux

Enterprise Module for Development Tools.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.

- override your makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

https://gcc.gnu.org/gcc-12/changes.html

1178233,1203248,1203249,1203715,1204548,1204956,1205570,1205636,1206949

This update for libsolv, libzypp, zypper fixes the following issues:

libsolv:

- Do not autouninstall SUSE PTF packages

- Ensure 'duplinvolvedmap_all' is reset when a solver is reused

- Fix 'keep installed' jobs not disabling 'best update' rules

- New '-P' and '-W' options for `testsolv`

- New introspection interface for weak dependencies similar to ruleinfos

- Ensure special case file dependencies are written correctly in the testcase writer

- Support better info about alternatives

- Support decision reason queries

- Support merging of related decisions

- Support stringification of multiple solvables

- Support stringification of ruleinfo, decisioninfo and decision reasons

libzypp:

- Avoid calling getsockopt when we know the info already.

This patch should fix logging on WSL, getsockopt seems to not be fully supported but the code required it when

accepting new socket connections (bsc#1178233)

- Avoid redirecting 'history.logfile=/dev/null' into the target

- Create '.no_auto_prune' in the package cache dir to prevent auto cleanup of orphaned repositories (bsc#1204956)

- Enhance yaml-cpp detection

- Improve download of optional files

- MultiCurl: Make sure to reset the progress function when falling back.

- Properly reset range requests (bsc#1204548)

- Removing a PTF without enabled repos should always fail (bsc#1203248)

Without enabled repos, the dependent PTF-packages would be removed (not replaced!) as well.

To remove a PTF `zypper install -- -PTF` or a dedicated `zypper removeptf PTF` should be used. This will update the

installed PTF packages to theit latest version.

- Skip media.1/media download for http repo status calc.

This patch allows zypp to skip a extra media.1/media download to calculate if a repository needs to be refreshed.

This optimisation only takes place if the repo does specify only downloading base urls.

- Use a dynamic fallback for BLKSIZE in downloads.

When not receiving a blocklist via metalink file from the server MediaMultiCurl used to fallback to a fixed,

relatively small BLKSIZE. This patch changes the fallback into a dynamic value based on the filesize using a similar

metric as the MirrorCache implementation on the server side.

- ProgressData: enforce reporting the INIT||END state (bsc#1206949)

- ps: fix service detection on newer Tumbleweed systems (bsc#1205636)

zypper:

- Allow to (re)add a service with the same URL (bsc#1203715)

- Bump dependency requirement to libzypp-devel 17.31.7 or greater

- Explain outdatedness of repositories

- patterns: Avoid dispylaing superfluous @System entries (bsc#1205570)

- Provide `removeptf` command (bsc#1203249)

A remove command which prefers replacing dependant packages to removing them as well.

A PTF is typically removed as soon as the fix it provides is applied to the latest official update of the dependant

packages. However it is not desired for the dependant packages to be removed together with the PTF, which is what the

remove command would do. The `removeptf` command however will aim to replace the dependant packages by their official

update versions.

- Update man page and explain '.no_auto_prune' (bsc#1204956)

1176785,1199282,1199756,CVE-2022-29217

This update for python-PyJWT fixes the following issues:

- CVE-2022-29217: Fixed Key confusion through non-blocklisted public key formats (bsc#1199756).

- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Update to 2.4.0 (bsc#1199756)

- Explicit check the key for ECAlgorithm

- Don't use implicit optionals

- documentation fix: show correct scope

- fix: Update copyright information

- Don't mutate options dictionary in .decode_complete()

- Add support for Python 3.10

- api_jwk: Add PyJWKSet.__getitem__

- Update usage.rst

- Docs: mention performance reasons for reusing RSAPrivateKey

when encoding

- Fixed typo in usage.rst

- Add detached payload support for JWS encoding and decoding

- Replace various string interpolations with f-strings by

1203355,1208471,CVE-2023-24329

This update for python3 fixes the following issues:

- CVE-2023-24329: Fixed a blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters (bsc#1208471).

The following non-security bug was fixed:

- Eliminate unnecessary and dangerous calls to PyThread_exit_thread() (bsc#1203355).

1187748,1188911,1192838,1192840,1196046,1199183,1200262,1200317,1200501,1200978,1201604,1201797,1201837,1201976,1202077,1202292,1203375,1204430,1205025,1205436,1206158,CVE-2022-0670,CVE-2022-3650,CVE-2022-3854

This update for ceph fixes the following issues:

Security issues fixed:

- CVE-2022-0670: Fixed user/tenant read/write access to an entire file system (bsc#1201837).

- CVE-2022-3650: Fixed Python script that allowed privilege escalation from ceph to root (bsc#1204430).

- CVE-2022-3854: Fixed possible DoS issue in ceph URL processing on RGW backends (bsc#1205025).

Bug fixes:

- osd, tools, kv: non-aggressive, on-line trimming of accumulated dups (bsc#1199183).

- ceph-volume: fix fast device alloc size on mulitple device (bsc#1200262).

- cephadm: update monitoring container images (bsc#1200501).

- mgr/dashboard: prevent alert redirect (bsc#1200978).

- mgr/volumes: Add subvolumegroup resize cmd (bsc#1201797).

- monitoring/ceph-mixin: add RGW host to label info (bsc#1201976).

- mgr/dashboard: enable addition of custom Prometheus alerts (bsc#1202077).

- python-common: Add 'KB' to supported suffixes in SizeMatcher (bsc#1203375).

- mgr/dashboard: fix rgw connect when using ssl (bsc#1205436).

- ceph.spec.in: Add -DFMT_DEPRECATED_OSTREAM to CXXFLAGS (bsc#1202292).

- cephfs-shell: move source to separate subdirectory (bsc#1201604).

Fix in previous release:

- mgr/cephadm: try to get FQDN for configuration files (bsc#1196046).

- When an RBD is mapped, it is attempted to be deployed as an OSD. (bsc#1187748).

- OSD marked down causes wrong backfill_toofull (bsc#1188911).

- cephadm: Fix iscsi client caps (allow mgr calls) (bsc#1192838).

- mgr/cephadm: fix and improve osd draining (bsc#1200317).

- add iscsi and nfs to upgrade process (bsc#1206158).

- mgr/mgr_module.py: CLICommand: Fix parsing of kwargs arguments (bsc#1192840).

The following package changes have been done:

- ceph-base-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-common-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-grafana-dashboards-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-mds-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-mgr-cephadm-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-mgr-dashboard-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-mgr-modules-core-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-mgr-rook-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-mgr-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-mon-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-osd-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-prometheus-alerts-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-radosgw-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- cephadm-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- ceph-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- libcephfs2-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- libcephsqlite-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- libgcc_s1-12.2.1+git416-150000.1.7.1 updated

- libpython3_6m1_0-3.6.15-150300.10.45.1 updated

- librados2-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- librbd1-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- librgw2-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- libsolv-tools-0.7.23-150200.15.1 updated

- libstdc++6-12.2.1+git416-150000.1.7.1 updated

- libzypp-17.31.8-150200.50.1 updated

- python3-PyJWT-2.4.0-150200.3.6.2 updated

- python3-base-3.6.15-150300.10.45.1 updated

- python3-ceph-argparse-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- python3-ceph-common-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- python3-cephfs-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- python3-curses-3.6.15-150300.10.45.1 updated

- python3-rados-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- python3-rbd-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- python3-rgw-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- python3-3.6.15-150300.10.45.1 updated

- rbd-mirror-16.2.11.58+g38d6afd3b78-150300.3.6.1 updated

- rpm-ndb-4.14.3-150300.55.1 updated

- zypper-1.14.59-150200.42.2 updated

- container:sles15-image-15.0.0-17.20.115 updated

- python3-ecdsa-0.13.3-3.7.1 removed

Severity
Container Advisory ID : SUSE-CU-2023:798-1
Container Tags : ses/7.1/ceph/ceph:16.2.11.58 , ses/7.1/ceph/ceph:16.2.11.58.4.4.1 , ses/7.1/ceph/ceph:latest , ses/7.1/ceph/ceph:sle15.3.pacific
Container Release : 4.4.1
Severity : critical
Type : security

Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved