SUSE-CU-2021:601-1: Security update of ses/7/ceph/grafana

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Sat Dec 25 07:37:47 UTC 2021


SUSE Container Update Advisory: ses/7/ceph/grafana
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:601-1
Container Tags        : ses/7/ceph/grafana:7.5.7 , ses/7/ceph/grafana:7.5.7.3.632 , ses/7/ceph/grafana:latest , ses/7/ceph/grafana:sle15.2.octopus
Container Release     : 3.632
Severity              : critical
Type                  : security
References            : 1027496 1029961 1113013 1122417 1125886 1134353 1161276 1162581
                        1164548 1171962 1172125 1172973 1172974 1174504 1177100 1177127
                        1178236 1179416 1180064 1183028 1183085 1183543 1183545 1183632
                        1183659 1184994 1185016 1185299 1185524 1186489 1186503 1186602
                        1186910 1187153 1187224 1187270 1187273 1187425 1187466 1187512
                        1187654 1187670 1187738 1187760 1187911 1187993 1188018 1188063
                        1188156 1188291 1188344 1188435 1188548 1188623 1188713 1188921
                        1189031 1189480 1189803 1189929 1189996 1190052 1190059 1190199
                        1190234 1190325 1190356 1190373 1190374 1190440 1190465 1190645
                        1190712 1190739 1190772 1190793 1190815 1190915 1190933 1190984
                        1191252 1191286 1191324 1191370 1191563 1191609 1191736 1191987
                        1192161 1192248 1192337 1192367 1192436 1192688 1192717 1192840
                        1193481 1193521 CVE-2016-10228 CVE-2019-20838 CVE-2020-13429
                        CVE-2020-14155 CVE-2020-29361 CVE-2021-20266 CVE-2021-20271 CVE-2021-22946
                        CVE-2021-22947 CVE-2021-33574 CVE-2021-33910 CVE-2021-3421 CVE-2021-35942
                        CVE-2021-37600 CVE-2021-37750 CVE-2021-39537 CVE-2021-43618 
-----------------------------------------------------------------

The container ses/7/ceph/grafana was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:3026-1
Released:    Fri Oct 23 15:35:49 2020
Summary:     Optional update for the Public Cloud Module
Type:        optional
Severity:    moderate
References:  

This update adds the Google Cloud Storage packages to the Public Cloud module (jsc#ECO-2398).
The following packages were included:

- python3-grpcio
- python3-protobuf
- python3-google-api-core
- python3-google-cloud-core
- python3-google-cloud-storage
- python3-google-resumable-media
- python3-googleapis-common-protos
- python3-grpcio-gcp
- python3-mock (updated to version 3.0.5)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:294-1
Released:    Wed Feb  3 12:54:28 2021
Summary:     Recommended update for libprotobuf
Type:        recommended
Severity:    moderate
References:  

libprotobuf was updated to fix:

- ship the libprotobuf-lite15 on the basesystem module and the INSTALLER channel. (jsc#ECO-2911)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:656-1
Released:    Mon Mar  1 09:34:21 2021
Summary:     Recommended update for protobuf
Type:        recommended
Severity:    moderate
References:  1177127
This update for protobuf fixes the following issues:

- Add missing dependency of python subpackages on python-six. (bsc#1177127)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3175-1
Released:    Tue Sep 21 16:27:50 2021
Summary:     Security update for grafana-piechart-panel
Type:        security
Severity:    moderate
References:  1172125,CVE-2020-13429
This update for grafana-piechart-panel fixes the following issues:
	  
- CVE-2020-13429: Fixed XSS via the Values Header option in the piechart-panel (bsc#1172125).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3182-1
Released:    Tue Sep 21 17:04:26 2021
Summary:     Recommended update for file
Type:        recommended
Severity:    moderate
References:  1189996
This update for file fixes the following issues:

- Fixes exception thrown by memory allocation problem (bsc#1189996)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3298-1
Released:    Wed Oct  6 16:54:52 2021
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1190373,1190374,CVE-2021-22946,CVE-2021-22947
This update for curl fixes the following issues:

- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374).
- CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3348-1
Released:    Tue Oct 12 13:08:06 2021
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1134353,1171962,1184994,1188018,1188063,1188291,1188713,1189480,1190234,CVE-2021-33910
This update for systemd fixes the following issues:

- CVE-2021-33910: Fixed use of strdupa() on a path (bsc#1188063).

- logind: terminate cleanly on SIGTERM/SIGINT (bsc#1188018).
- Adopting BFQ to control I/O (jsc#SLE-21032, bsc#1134353).
- Rules weren't applied to dm devices (multipath) (bsc#1188713).
- Ignore obsolete 'elevator' kernel parameter (bsc#1184994, bsc#1190234).
- Make sure the versions of both udev and systemd packages are always the same (bsc#1189480).
- Avoid error message when udev is updated due to udev being already active when the sockets are started again (bsc#1188291).
- Allow the systemd sysusers config files to be overriden during system installation (bsc#1171962).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3385-1
Released:    Tue Oct 12 15:54:31 2021
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1186489,1187911,CVE-2021-33574,CVE-2021-35942
This update for glibc fixes the following issues:

- CVE-2021-35942: wordexp: handle overflow in positional parameter number (bsc#1187911)
- CVE-2021-33574: Use __pthread_attr_copy in mq_notify (bsc#1186489)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3444-1
Released:    Fri Oct 15 09:03:07 2021
Summary:     Security update for rpm
Type:        security
Severity:    important
References:  1179416,1183543,1183545,1183632,1183659,1185299,1187670,1188548,CVE-2021-20266,CVE-2021-20271,CVE-2021-3421
This update for rpm fixes the following issues:

Security issues fixed:

- CVE-2021-3421, CVE-2021-20271, CVE-2021-20266: Multiple header check improvements (bsc#1183543, bsc#1183545, bsc#1183632)
- PGP hardening changes (bsc#1185299)
- Fixed potential access of freed mem in ndb's glue code (bsc#1179416)

Maintaince issues fixed:

- Fixed zstd detection (bsc#1187670)
- Added ndb rofs support (bsc#1188548)
- Fixed deadlock when multiple rpm processes try tp acquire the database lock (bsc#1183659)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3454-1
Released:    Mon Oct 18 09:29:26 2021
Summary:     Security update for krb5
Type:        security
Severity:    moderate
References:  1189929,CVE-2021-37750
This update for krb5 fixes the following issues:

- CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field (bsc#1189929).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3480-1
Released:    Wed Oct 20 11:24:08 2021
Summary:     Recommended update for yast2-network
Type:        recommended
Severity:    moderate
References:  1185016,1185524,1186910,1187270,1187512,1188344,1190645,1190739,1190915,1190933
This update for yast2-network fixes the following issues:

- Don't crash when the interfaces table contains a not configured one (bnc#1190645, bsc#1190915).
- Fix the shown description using the interface friendly name when it is empty (bsc#1190933).
- Consider aliases sections as case insensitive (bsc#1190739).
- Display user defined device name in the devices overview (bnc#1190645).
- Don't crash when defined aliases in AutoYaST profile are not defined as a map (bsc#1188344).
- Support 'boot' and 'on' as aliases for the 'auto' startmode (bsc#1186910).
- Fix desktop file so the control center tooltip is translated (bsc#1187270).
- Use the linuxrc proxy settings for the HTTPS and FTP proxies (bsc#1185016).
- Don't crash at the end of installation when storing wifi configuration for NetworkManager (bsc#1185524, bsc#1187512).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3490-1
Released:    Wed Oct 20 16:31:55 2021
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1190793,CVE-2021-39537
This update for ncurses fixes the following issues:

- CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3494-1
Released:    Wed Oct 20 16:48:46 2021
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1190052
This update for pam fixes the following issues:

- Added pam_faillock to the set of available PAM modules. (jsc#SLE-20638)
- Added new file macros.pam on request of systemd. (bsc#1190052)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3501-1
Released:    Fri Oct 22 10:42:46 2021
Summary:     Recommended update for libzypp, zypper, libsolv, protobuf
Type:        recommended
Severity:    moderate
References:  1186503,1186602,1187224,1187425,1187466,1187738,1187760,1188156,1188435,1189031,1190059,1190199,1190465,1190712,1190815
This update for libzypp, zypper, libsolv and protobuf fixes the following issues:

- Choice rules: treat orphaned packages as newest (bsc#1190465)
- Avoid calling 'su' to detect a too restrictive sudo user umask (bsc#1186602)
- Do not check of signatures and keys two times(redundant) (bsc#1190059)
- Rephrase vendor conflict message in case 2 packages are involved (bsc#1187760)
- Show key fpr from signature when signature check fails (bsc#1187224)
- Fix solver jobs for PTFs (bsc#1186503)
- Fix purge-kernels fails (bsc#1187738)
- Fix obs:// platform guessing for Leap (bsc#1187425)
- Make sure to keep states alives while transitioning. (bsc#1190199)
- Manpage: Improve description about patch updates(bsc#1187466)
- Manpage: Recommend the needs-rebooting command to test whether a system reboot is suggested.
- Fix kernel-*-livepatch removal in purge-kernels. (bsc#1190815)
- Fix crashes in logging code when shutting down (bsc#1189031)
- Do not download full files even if the checkExistsOnly flag is set. (bsc#1190712)
- Add need reboot/restart hint to XML install summary (bsc#1188435)
- Prompt: choose exact match if prompt options are not prefix free (bsc#1188156)
- Include libprotobuf-lite20 in products to enable parallel downloads. (jsc#ECO-2911, jsc#SLE-16862)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3510-1
Released:    Tue Oct 26 11:22:15 2021
Summary:     Recommended update for pam
Type:        recommended
Severity:    important
References:  1191987
This update for pam fixes the following issues:

- Fixed a bad directive file which resulted in
  the 'securetty' file to be installed as 'macros.pam'.
  (bsc#1191987)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3523-1
Released:    Tue Oct 26 15:40:13 2021
Summary:     Security update for util-linux
Type:        security
Severity:    moderate
References:  1122417,1125886,1178236,1188921,CVE-2021-37600
This update for util-linux fixes the following issues:

Update to version 2.33.2 to provide seamless update from SLE12 SP5 to SLE15 SP2:

- CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c (bsc#1188921).
- agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
- mount: Fix 'mount' output for net file systems (bsc#1122417).
- ipcs: Avoid overflows (bsc#1178236)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3529-1
Released:    Wed Oct 27 09:23:32 2021
Summary:     Security update for pcre
Type:        security
Severity:    moderate
References:  1172973,1172974,CVE-2019-20838,CVE-2020-14155
This update for pcre fixes the following issues:

Update pcre to version 8.45:

- CVE-2020-14155: Fixed integer overflow via a large number after a '(?C' substring (bsc#1172974).
- CVE-2019-20838: Fixed buffer over-read in JIT compiler (bsc#1172973)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3799-1
Released:    Wed Nov 24 18:07:54 2021
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1187153,1187273,1188623
This update for gcc11 fixes the following issues:

The additional GNU compiler collection GCC 11 is provided:

To select these compilers install the packages:

- gcc11
- gcc-c++11
- and others with 11 prefix.

to select them for building:

- CC='gcc-11'
- CXX='g++-11'

The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3809-1
Released:    Fri Nov 26 00:31:59 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1189803,1190325,1190440,1190984,1191252,1192161
This update for systemd fixes the following issues:

- Add timestamp to D-Bus events to improve traceability (jsc#SLE-21862, jsc#SLE-18102, jsc#SLE-18103)
- Fix IO scheduler udev rules to address performance issues (jsc#SLE-21032, bsc#1192161)
- shutdown: Reduce log level of unmounts (bsc#1191252)
- pid1: make use of new 'prohibit_ipc' logging flag in PID 1 (bsc#1189803)
- core: rework how we connect to the bus (bsc#1190325)
- mount-util: fix fd_is_mount_point() when both the parent and directory are network fs (bsc#1190984)
- virt: detect Amazon EC2 Nitro instance (bsc#1190440)
- Several fixes for umount
- busctl: use usec granularity for the timestamp printed by the busctl monitor command
- fix unitialized fields in MountPoint in dm_list_get()
- shutdown: explicitly set a log target
- mount-util: add mount_option_mangle()
- dissect: automatically mark partitions read-only that have a read-only file system
- build-sys: require proper libmount version
- systemd-shutdown: use log_set_prohibit_ipc(true)
- rationalize interface for opening/closing logging
- pid1: when we can't log to journal, remember our fallback log target
- log: remove LOG_TARGET_SAFE pseudo log target
- log: add brief comment for log_set_open_when_needed() and log_set_always_reopen_console()
- log: add new 'prohibit_ipc' flag to logging system
- log: make log_set_upgrade_syslog_to_journal() take effect immediately
- dbus: split up bus_done() into seperate functions
- machine-id-setup: generate machine-id from DMI product ID on Amazon EC2
- virt: if we detect Xen by DMI, trust that over CPUID

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3830-1
Released:    Wed Dec  1 13:45:46 2021
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1027496,1183085,CVE-2016-10228

This update for glibc fixes the following issues:


- libio: do not attempt to free wide buffers of legacy streams (bsc#1183085) 
- CVE-2016-10228: Rewrite iconv option parsing to fix security issue (bsc#1027496)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3870-1
Released:    Thu Dec  2 07:11:50 2021
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1190356,1191286,1191324,1191370,1191609,1192337,1192436
This update for libzypp, zypper fixes the following issues:

libzypp:

- Check log writer before accessing it (bsc#1192337)
- Zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of 
  open file descriptors (bsc#1191324)
- Fixed zypper incomplete messages when using non English localization (bsc#1191370)
- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)
- Disable logger in the child process after fork (bsc#1192436)

zypper:

- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3872-1
Released:    Thu Dec  2 07:25:55 2021
Summary:     Recommended update for cracklib
Type:        recommended
Severity:    moderate
References:  1191736
This update for cracklib fixes the following issues:

- Enable build time tests (bsc#1191736)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3891-1
Released:    Fri Dec  3 10:21:49 2021
Summary:     Recommended update for keyutils
Type:        recommended
Severity:    moderate
References:  1029961,1113013,1187654
This update for keyutils fixes the following issues:

- Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)

keyutils was updated to 1.6.3 (jsc#SLE-20016):

* Revert the change notifications that were using /dev/watch_queue.
* Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
* Allow 'keyctl supports' to retrieve raw capability data.
* Allow 'keyctl id' to turn a symbolic key ID into a numeric ID.
* Allow 'keyctl new_session' to name the keyring.
* Allow 'keyctl add/padd/etc.' to take hex-encoded data.
* Add 'keyctl watch*' to expose kernel change notifications on keys.
* Add caps for namespacing and notifications.
* Set a default TTL on keys that upcall for name resolution.
* Explicitly clear memory after it's held sensitive information.
* Various manual page fixes.
* Fix C++-related errors.
* Add support for keyctl_move().
* Add support for keyctl_capabilities().
* Make key=val list optional for various public-key ops.
* Fix system call signature for KEYCTL_PKEY_QUERY.
* Fix 'keyctl pkey_query' argument passing.
* Use keyctl_read_alloc() in dump_key_tree_aux().
* Various manual page fixes. 

Updated to 1.6:

* Apply various specfile cleanups from Fedora.
* request-key: Provide a command line option to suppress helper execution.
* request-key: Find least-wildcard match rather than first match.
* Remove the dependency on MIT Kerberos.
* Fix some error messages
* keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.
* Fix doc and comment typos.
* Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).
* Add pkg-config support for finding libkeyutils.
* upstream isn't offering PGP signatures for the source tarballs anymore

Updated to 1.5.11 (bsc#1113013)

* Add keyring restriction support.
* Add KDF support to the Diffie-Helman function.
* DNS: Add support for AFS config files and SRV records
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3899-1
Released:    Fri Dec  3 11:27:41 2021
Summary:     Security update for aaa_base
Type:        security
Severity:    moderate
References:  1162581,1174504,1191563,1192248
This update for aaa_base fixes the following issues:

- Allowed ping and ICMP commands without CAP_NET_RAW (bsc#1174504).
- Add $HOME/.local/bin to PATH, if it exists (bsc#1192248).
- Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform (bsc#1191563).
- Support xz compressed kernel (bsc#1162581)   

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3917-1
Released:    Fri Dec  3 14:18:08 2021
Summary:     Recommended update for grafana
Type:        recommended
Severity:    low
References:  
This update for grafana fixes the following issue:

- Add URL to package source code in the login page footer.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3946-1
Released:    Mon Dec  6 14:57:42 2021
Summary:     Security update for gmp
Type:        security
Severity:    moderate
References:  1192717,CVE-2021-43618
This update for gmp fixes the following issues:
    
- CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c (bsc#1192717).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4139-1
Released:    Tue Dec 21 17:02:44 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    critical
References:  1193481,1193521
This update for systemd fixes the following issues:

- Revert 'core: rework how we connect to the bus' (bsc#1193521 bsc#1193481)
  sleep-config: partitions can't be deleted, only files can
  shared/sleep-config: exclude zram devices from hibernation candidates

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4145-1
Released:    Wed Dec 22 05:27:48 2021
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1161276
This update for openssl-1_1 fixes the following issues:

- Remove previously applied patch because it interferes with FIPS validation (bsc#1161276)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4154-1
Released:    Wed Dec 22 11:02:38 2021
Summary:     Security update for p11-kit
Type:        security
Severity:    important
References:  1180064,1187993,CVE-2020-29361
This update for p11-kit fixes the following issues:

- CVE-2020-29361: Fixed multiple integer overflows in rpc code (bsc#1180064)
- Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER (bsc#1187993).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4182-1
Released:    Thu Dec 23 11:51:51 2021
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1192688
This update for zlib fixes the following issues:

- Fix hardware compression incorrect result on z15 hardware (bsc#1192688)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4187-1
Released:    Thu Dec 23 15:31:00 2021
Summary:     Recommended update for ceph, ceph-iscsi, nfs-ganesha
Type:        recommended
Severity:    moderate
References:  1164548,1177100,1183028,1190772,1192367,1192840
This update for ceph, ceph-iscsi, nfs-ganesha fixes the following issues:

- Update to 15.2.15-83-gf72054fa653: 
  - rebase on top of Ceph v15.2.15 tag
  - mgr/mgr_module.py: CLICommand: Fix parsing of kwargs arguments. (bsc#1192840)
  - re-do some downstream patches
    - patches dropped:
      'cephadm: use full qualified image names for cephadm'
      'Switch to CaaSP v4.5 container images'
      'cephadm: Update Grafana container image from 7.0.3'
    * replaced by:
      'cephadm: downstream-ify default container image paths'

- Update to 15.2.14-86-g25f8e6a7abf:
  - (jsc#SES-704) mgr/mgr_module.py: CLICommand: Fix parsing of kwargs arguments
    (fixes an issue caused by downstream commit 'pybing/mgr/mgr_module: allow
    keyword arguments')(jsc#SES-704)

- Update to 3.5+1638408991.g5341b5d
  + rbd unmap image when deleting target (bsc#1190772)
  + gwcli: add error handling path for config api request (#231)
  + rbd-target-api: misc fixing for disk API (#229)
  + iscsi: raise if the 'gateway.conf' config file doesn't exist (#228)
  + iscsi: write cert/key to temp files in mode 'w' to handle strings (#227)
  + Fix the default value for gateway_conf (#226)
  + Add a strip to ListSetting.Normalize (#220, bsc#1177100)
  + Make settings mon config key store aware (#217)
  + Rename blacklist to blocklist (#216)
  + Fix gateway creation crash in python3 (#196)
  + Report tcmu-runner device status (#210)
  + Fix list access violiation when load config (#200, bsc#1183028)
  + fix delete disk error when disk owner is not specified (#206)
  + Support specified gateway config name (#207)
  + spec: added dependency on ceph-common package (#201)

- Add patch to fix getopt return value on aarch64 (bsc#1192367)
- Disable build of the XFS FSAL
- Enable FSAL_RGW again, as it turned out to be compatible with Ceph 16.x, but
  needs patching from upstream. Backport upstream patch to fix version
  comparison.
- Disable FSAL_RGW which is incompatible with Ceph 16.1.0

- Remove -fcommon from spec file
  - Reverting changes made to fix (bsc#1164548)


The following package changes have been done:

- aaa_base-84.87+git20180409.04c9dae-3.52.1 updated
- ceph-grafana-dashboards-15.2.15.83+gf72054fa653-3.28.1 updated
- cracklib-dict-small-2.9.7-11.6.1 updated
- cracklib-2.9.7-11.6.1 updated
- file-magic-5.32-7.14.1 updated
- glibc-2.26-13.62.1 updated
- grafana-piechart-panel-1.6.1-3.6.1 updated
- grafana-7.5.7-3.15.1 updated
- krb5-1.16.3-3.24.1 updated
- libaugeas0-1.10.1-3.3.1 updated
- libblkid1-2.33.2-4.16.1 updated
- libcrack2-2.9.7-11.6.1 updated
- libcurl4-7.66.0-4.27.1 updated
- libfdisk1-2.33.2-4.16.1 updated
- libgcc_s1-11.2.1+git610-1.3.9 updated
- libgmp10-6.1.2-4.9.1 updated
- libkeyutils1-1.6.3-5.6.1 updated
- libmagic1-5.32-7.14.1 updated
- libmount1-2.33.2-4.16.1 updated
- libncurses6-6.1-5.9.1 updated
- libopenssl1_1-hmac-1.1.1d-11.33.2 updated
- libopenssl1_1-1.1.1d-11.33.2 updated
- libp11-kit0-0.23.2-4.13.1 updated
- libpcre1-8.45-20.10.1 updated
- libprotobuf-lite20-3.9.2-4.9.1 added
- libsmartcols1-2.33.2-4.16.1 updated
- libsolv-tools-0.7.20-9.2 updated
- libstdc++6-11.2.1+git610-1.3.9 updated
- libsystemd0-234-24.102.1 updated
- libudev1-234-24.102.1 updated
- libuuid1-2.33.2-4.16.1 updated
- libz1-1.2.11-3.24.1 updated
- libzypp-17.28.8-20.1 updated
- ncurses-utils-6.1-5.9.1 updated
- pam-1.3.0-6.50.1 updated
- rpm-4.14.1-22.4.2 updated
- terminfo-base-6.1-5.9.1 updated
- util-linux-2.33.2-4.16.1 updated
- zypper-1.14.50-21.1 updated
- container:sles15-image-15.0.0-9.5.67 updated


More information about the sle-security-updates mailing list