SUSE-SU-2018:1576-1: important: Security update for ceph
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu Jun 7 10:20:01 MDT 2018
SUSE Security Update: Security update for ceph
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1576-1
Rating: important
References: #1070357 #1071386 #1074301 #1079076 #1080788
#1081379 #1081600 #1086340 #1087269 #1087493
Cross-References: CVE-2018-7262
Affected Products:
SUSE Enterprise Storage 5
______________________________________________________________________________
An update that solves one vulnerability and has 9 fixes is
now available.
Description:
This update for ceph to 12.2.5-407-g5e7ea8cf03 fixes the following issues:
Security issue fixed:
- CVE-2018-7262: The rgw_civetweb.cc RGWCivetWeb::init_env function in
radosgw doesn't handle malformed HTTP headers properly, allowing for
denial of service. rgw: make init env methods return an error
(bsc#1081379)
Other issues fixed:
- osd: do not crash on empty snapset (bsc#1074301)
- mon: add 'ceph osd pool get erasure allow_ec_overwrites' command
(bsc#1087269)
- journal: limit number of appends sent in one librados op (bsc#1086340)
- RGW user stats fixes (bsc#1087493)
- rgw openssl fixes (bsc#1079076, bsc#1081379)
- rocksdb: fixes early metadata spill over to slow device in bluefs
(bsc#1071386)
- mon: reenable timer to send digest when paxos is temporarily inactive
(bsc#1070357)
- fsid mismatch when creating additional OSDs (bsc#1080788)
- crash in civetweb/RGW (bsc#1081600)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Enterprise Storage 5:
zypper in -t patch SUSE-Storage-5-2018-1092=1
Package List:
- SUSE Enterprise Storage 5 (aarch64 x86_64):
ceph-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-base-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-base-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-common-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-common-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-debugsource-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-fuse-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-fuse-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-mds-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-mds-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-mgr-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-mgr-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-mon-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-mon-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-osd-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-osd-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-radosgw-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
ceph-radosgw-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
libcephfs2-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
libcephfs2-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
librados2-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
librados2-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
libradosstriper1-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
libradosstriper1-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
librbd1-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
librbd1-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
librgw2-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
librgw2-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-ceph-compat-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-cephfs-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-cephfs-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-rados-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-rados-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-rbd-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-rbd-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-rgw-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python-rgw-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-ceph-argparse-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-cephfs-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-cephfs-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-rados-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-rados-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-rbd-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-rbd-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-rgw-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
python3-rgw-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
rbd-fuse-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
rbd-fuse-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
rbd-mirror-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
rbd-mirror-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
rbd-nbd-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
rbd-nbd-debuginfo-12.2.5+git.1524775272.5e7ea8cf03-2.13.3
References:
https://www.suse.com/security/cve/CVE-2018-7262.html
https://bugzilla.suse.com/1070357
https://bugzilla.suse.com/1071386
https://bugzilla.suse.com/1074301
https://bugzilla.suse.com/1079076
https://bugzilla.suse.com/1080788
https://bugzilla.suse.com/1081379
https://bugzilla.suse.com/1081600
https://bugzilla.suse.com/1086340
https://bugzilla.suse.com/1087269
https://bugzilla.suse.com/1087493
More information about the sle-security-updates
mailing list