Recommended update for ceph

Announcement ID:	SUSE-SU-2016:2809-1
Rating:	moderate
References:	bsc#1005954 bsc#982141 bsc#985232 bsc#987144 bsc#987594 bsc#989512 bsc#990438 bsc#999688
Cross-References:	CVE-2016-5009
CVSS scores:	CVE-2016-5009 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SUSE Enterprise Storage 3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1

An update that solves one vulnerability and has seven security fixes can now be installed.

Description:

This update provides Ceph 10.2.3, which includes important bug fixes in RBD mirroring, RGW multi-site, CephFS, and RADOS.

Build/OPS:

• AArch64: Detect crc32 extension support from assembler. (bsc#999688)
• Drop legacy ceph RA which doesn't work with systemd unit files.
• The mount.ceph binary, which is used to mount CephFS pools, was moved to the ceph-common package so it can be run from any client.
• Accept bcache devices as data disks and fix partprobe intermittent issues during ceph-disk prepare.

CephFS:

• Several bug fixes for improved stability.

RBD:

• A number of fixes for RBD mirroring.
• Several bug fixes for improved stability.

RADOS:

• CVE-2016-5009: moncommand with empty prefix crashes monitor. (bsc#987144)
• Backports of many asyncmsgr fixes to jewel.
• Several bug fixes for improved OSD stability.
• Fix for a C++ symbol visibility issue in librados.

RGW:

• Fixes for number of issues related to syncing between remote sites.
• A number of other bug fixes, including fixes for:
• IPv6
• HTTPS/port 443 (bsc#990438)
• radosgw-admin
• Swift API
• AWS4 API

For a full list of issues fixed in this release, see:

http://docs.ceph.com/docs/master/release-notes/#v10-2-3-jewel

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Enterprise Storage 3
  zypper in -t patch SUSE-Storage-3-2016-1653=1

Package List:

• SUSE Enterprise Storage 3 (x86_64)
  • ceph-osd-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-debugsource-10.2.3+git.1475228057.755cf99-7.3
  • ceph-osd-10.2.3+git.1475228057.755cf99-7.3
  • rbd-fuse-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • python-rados-10.2.3+git.1475228057.755cf99-7.3
  • ceph-common-10.2.3+git.1475228057.755cf99-7.3
  • rbd-nbd-10.2.3+git.1475228057.755cf99-7.3
  • python-cephfs-10.2.3+git.1475228057.755cf99-7.3
  • rbd-nbd-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • rbd-fuse-10.2.3+git.1475228057.755cf99-7.3
  • librgw2-10.2.3+git.1475228057.755cf99-7.3
  • ceph-mds-10.2.3+git.1475228057.755cf99-7.3
  • python-rbd-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-common-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • libradosstriper1-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • librados2-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • rbd-mirror-10.2.3+git.1475228057.755cf99-7.3
  • libcephfs1-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-fuse-10.2.3+git.1475228057.755cf99-7.3
  • ceph-mon-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-radosgw-10.2.3+git.1475228057.755cf99-7.3
  • libradosstriper1-10.2.3+git.1475228057.755cf99-7.3
  • librgw2-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-10.2.3+git.1475228057.755cf99-7.3
  • ceph-base-10.2.3+git.1475228057.755cf99-7.3
  • python-rados-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-radosgw-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • librbd1-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-mon-10.2.3+git.1475228057.755cf99-7.3
  • python-ceph-compat-10.2.3+git.1475228057.755cf99-7.3
  • libcephfs1-10.2.3+git.1475228057.755cf99-7.3
  • librados2-10.2.3+git.1475228057.755cf99-7.3
  • python-rbd-10.2.3+git.1475228057.755cf99-7.3
  • rbd-mirror-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-base-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • librbd1-10.2.3+git.1475228057.755cf99-7.3
  • python-cephfs-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-fuse-debuginfo-10.2.3+git.1475228057.755cf99-7.3
  • ceph-mds-debuginfo-10.2.3+git.1475228057.755cf99-7.3

References:

• https://www.suse.com/security/cve/CVE-2016-5009.html
• https://bugzilla.suse.com/show_bug.cgi?id=1005954
• https://bugzilla.suse.com/show_bug.cgi?id=982141
• https://bugzilla.suse.com/show_bug.cgi?id=985232
• https://bugzilla.suse.com/show_bug.cgi?id=987144
• https://bugzilla.suse.com/show_bug.cgi?id=987594
• https://bugzilla.suse.com/show_bug.cgi?id=989512
• https://bugzilla.suse.com/show_bug.cgi?id=990438
• https://bugzilla.suse.com/show_bug.cgi?id=999688