{"affected":[{"ecosystem_specific":{"binaries":[{"ceph-common":"15.2.9.83+g4275378de0-3.17.1","libcephfs-devel":"15.2.9.83+g4275378de0-3.17.1","libcephfs2":"15.2.9.83+g4275378de0-3.17.1","librados-devel":"15.2.9.83+g4275378de0-3.17.1","librados2":"15.2.9.83+g4275378de0-3.17.1","libradospp-devel":"15.2.9.83+g4275378de0-3.17.1","librbd-devel":"15.2.9.83+g4275378de0-3.17.1","librbd1":"15.2.9.83+g4275378de0-3.17.1","librgw-devel":"15.2.9.83+g4275378de0-3.17.1","librgw2":"15.2.9.83+g4275378de0-3.17.1","python3-ceph-argparse":"15.2.9.83+g4275378de0-3.17.1","python3-ceph-common":"15.2.9.83+g4275378de0-3.17.1","python3-cephfs":"15.2.9.83+g4275378de0-3.17.1","python3-rados":"15.2.9.83+g4275378de0-3.17.1","python3-rbd":"15.2.9.83+g4275378de0-3.17.1","python3-rgw":"15.2.9.83+g4275378de0-3.17.1","rados-objclass-devel":"15.2.9.83+g4275378de0-3.17.1","rbd-nbd":"15.2.9.83+g4275378de0-3.17.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP2","name":"ceph","purl":"pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"15.2.9.83+g4275378de0-3.17.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ceph-base":"15.2.9.83+g4275378de0-3.17.1","ceph-common":"15.2.9.83+g4275378de0-3.17.1","cephadm":"15.2.9.83+g4275378de0-3.17.1","libcephfs2":"15.2.9.83+g4275378de0-3.17.1","librados2":"15.2.9.83+g4275378de0-3.17.1","librbd1":"15.2.9.83+g4275378de0-3.17.1","librgw2":"15.2.9.83+g4275378de0-3.17.1","python3-ceph-argparse":"15.2.9.83+g4275378de0-3.17.1","python3-ceph-common":"15.2.9.83+g4275378de0-3.17.1","python3-cephfs":"15.2.9.83+g4275378de0-3.17.1","python3-rados":"15.2.9.83+g4275378de0-3.17.1","python3-rbd":"15.2.9.83+g4275378de0-3.17.1","python3-rgw":"15.2.9.83+g4275378de0-3.17.1","rbd-nbd":"15.2.9.83+g4275378de0-3.17.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7","name":"ceph","purl":"pkg:rpm/suse/ceph&distro=SUSE%20Enterprise%20Storage%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"15.2.9.83+g4275378de0-3.17.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ceph fixes the following issues:\n\n- ceph was updated to to 15.2.9\n- cephadm: fix 'inspect' and 'pull' (bsc#1182766)\n- CVE-2020-27839: mgr/dashboard: Use secure cookies to store JWT Token (bsc#1179997)\n- CVE-2020-25678: Do not add sensitive information in Ceph log files (bsc#1178905)\n- mgr/orchestrator: Sort 'ceph orch device ls' by host (bsc#1172926)\n- mgr/dashboard: enable different URL for users of browser to Grafana (bsc#1176390, bsc#1176679)\n- mgr/cephadm: lock multithreaded access to OSDRemovalQueue (bsc#1176489)\n- cephadm: command_unit: call systemctl with verbose=True (bsc#1176828)\n- cephadm: silence 'Failed to evict container' log msg (bsc#1177360)\n- mgr/cephadm: upgrade: fail gracefully, if daemon redeploy fails (bsc#1177857)\n- rgw: cls/user: set from_index for reset stats calls (bsc#1178837)\n- mgr/dashboard: Disable TLS 1.0 and 1.1 (bsc#1178860)\n- cephadm: reference the last local image by digest (bsc#1178932, bsc#1179569)\n","id":"SUSE-SU-2021:1108-1","modified":"2021-04-08T09:48:59Z","published":"2021-04-08T09:48:59Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20211108-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1172926"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176390"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176489"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176679"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176828"},{"type":"REPORT","url":"https://bugzilla.suse.com/1177360"},{"type":"REPORT","url":"https://bugzilla.suse.com/1177857"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178837"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178860"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178905"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178932"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179569"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179997"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182766"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-25678"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-27839"}],"related":["CVE-2020-25678","CVE-2020-27839"],"summary":"Security update for ceph","upstream":["CVE-2020-25678","CVE-2020-27839"]}