Security update for ceph

Announcement ID:	SUSE-SU-2017:1479-1
Rating:	moderate
References:	bsc#1003891 bsc#1008435 bsc#1008501 bsc#1012100 bsc#1014986 bsc#1015748 bsc#1029482 bsc#970642
Cross-References:	CVE-2016-9579
CVSS scores:	CVE-2016-9579 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SUSE Enterprise Storage 4 SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2

An update that solves one vulnerability and has seven security fixes can now be installed.

Description:

This update provides Ceph 10.2.6, which brings fixes and enhancements:

This security issue was fixed:

CVE-2016-9579: Do not abort RGW server when accepting a CORS request with short origin. (bsc#1014986)

These non-security issues were fixed:

common: Add rdbmap to ceph-common. (bsc#1029482)
tools/rados: Default to include clone objects when executing "cache-flush-evict-all". (bsc#1003891)
mon, ceph-disk: Add lockbox permissions to bootstrap-osd. (bsc#1008435)
ceph_volume_client: Fix _recover_auth_meta() method. (bsc#1008501)
systemd/ceph-disk: Reduce ceph-disk flock contention. (bsc#1012100)
doc: Add verbiage to rbdmap manpage. (bsc#1015748)
doc: Add Install section to systemd rbdmap.service file. (bsc#1015748)
doc: Remove references to mds destroy from ceph-deploy man page. (bsc#970642)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

SUSE Enterprise Storage 4
zypper in -t patch SUSE-Storage-4-2017-911=1

Package List:

SUSE Enterprise Storage 4 (aarch64 x86_64)
- ceph-base-10.2.6+git.1490339825.57146d8-11.7
- rbd-fuse-10.2.6+git.1490339825.57146d8-11.7
- libcephfs1-10.2.6+git.1490339825.57146d8-11.7
- python-rados-10.2.6+git.1490339825.57146d8-11.7
- librgw2-10.2.6+git.1490339825.57146d8-11.7
- ceph-test-10.2.6+git.1490339825.57146d8-11.7
- rbd-mirror-10.2.6+git.1490339825.57146d8-11.7
- ceph-base-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- ceph-osd-10.2.6+git.1490339825.57146d8-11.7
- ceph-fuse-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- ceph-mds-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- ceph-mon-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- libradosstriper1-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- python-rbd-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- rbd-nbd-10.2.6+git.1490339825.57146d8-11.7
- librbd1-10.2.6+git.1490339825.57146d8-11.7
- python-ceph-compat-10.2.6+git.1490339825.57146d8-11.7
- librados2-10.2.6+git.1490339825.57146d8-11.7
- ceph-radosgw-10.2.6+git.1490339825.57146d8-11.7
- python-rbd-10.2.6+git.1490339825.57146d8-11.7
- ceph-common-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- rbd-mirror-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- python-cephfs-10.2.6+git.1490339825.57146d8-11.7
- ceph-mon-10.2.6+git.1490339825.57146d8-11.7
- ceph-10.2.6+git.1490339825.57146d8-11.7
- ceph-mds-10.2.6+git.1490339825.57146d8-11.7
- ceph-test-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- ceph-radosgw-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- librados2-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- ceph-test-debugsource-10.2.6+git.1490339825.57146d8-11.7
- rbd-fuse-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- librgw2-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- ceph-osd-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- ceph-common-10.2.6+git.1490339825.57146d8-11.7
- ceph-debugsource-10.2.6+git.1490339825.57146d8-11.7
- python-cephfs-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- rbd-nbd-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- python-rados-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- libcephfs1-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- librbd1-debuginfo-10.2.6+git.1490339825.57146d8-11.7
- libradosstriper1-10.2.6+git.1490339825.57146d8-11.7
- ceph-fuse-10.2.6+git.1490339825.57146d8-11.7

Security update for ceph

Description:

Patch Instructions:

Package List:

References: