SUSE: 2020:712-1 ses/7/cephcsi/cephcsi Security Update
Summary
Advisory ID: SUSE-RU-2020:3537-1 Released: Thu Nov 26 15:25:38 2020 Summary: Recommended update for ceph-csi Type: recommended Severity: moderate Advisory ID: SUSE-SU-2020:3539-1 Released: Thu Nov 26 15:52:34 2020 Summary: Security update for ceph Type: security Severity: important
References
References : 1170200 1174466 1177344 1177843 1178073 1178531 CVE-2020-25660
This update for ceph-csi fixes the following issues:
- Use csi-attacher sidecar version v2.1.0 in helm charts due to build challenges with v2.1.1.
- Use upstream default CSI and sidecar versions in the helm charts.
- Add examples directory into cephfs and rbd helm charts
1170200,1174466,1177344,1177843,1178073,1178531,CVE-2020-25660
This update for ceph fixes the following issues:
Security issue fixed:
- CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges (bsc#1177843).
- mgr/dashboard: Fix for CrushMap viewer items getting compressed vertically (bsc#1170200)
- mon: have 'mon stat' output json as well (bsc#1174466)
- mgr/dashboard: support Orchestrator and user-defined Ganesha cluster (bsc#1177344)
- mgr/dashboard: fix downstream NFS doc links (bsc#1178073)
- cephadm: set default container_image to registry.suse.com/ses/7/ceph/ceph (bsc#1178531)