{"affected":[{"ecosystem_specific":{"binaries":[{"ceph":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-base":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-common":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-fuse":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-grafana-dashboards":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-immutable-object-cache":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mds":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-cephadm":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-dashboard":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-diskprediction-cloud":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-diskprediction-local":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-k8sevents":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-modules-core":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-rook":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mon":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-osd":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-prometheus-alerts":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-radosgw":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-test":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","cephadm":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","cephfs-shell":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","libcephfs-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","libcephfs2":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librados-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librados2":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","libradospp-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librbd-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librbd1":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librgw-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librgw2":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-ceph-argparse":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-ceph-common":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-cephfs":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-rados":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-rbd":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-rgw":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","rados-objclass-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","rbd-fuse":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","rbd-mirror":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","rbd-nbd":"15.2.8.80+g1f4b6229ca-lp152.2.9.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"ceph","purl":"pkg:rpm/opensuse/ceph&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"15.2.8.80+g1f4b6229ca-lp152.2.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ceph":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-base":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-common":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-fuse":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-grafana-dashboards":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-immutable-object-cache":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mds":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-cephadm":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-dashboard":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-diskprediction-cloud":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-diskprediction-local":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-k8sevents":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-modules-core":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mgr-rook":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-mon":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-osd":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-prometheus-alerts":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-radosgw":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","ceph-test":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","cephadm":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","cephfs-shell":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","libcephfs-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","libcephfs2":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librados-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librados2":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","libradospp-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librbd-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librbd1":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librgw-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","librgw2":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-ceph-argparse":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-ceph-common":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-cephfs":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-rados":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-rbd":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","python3-rgw":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","rados-objclass-devel":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","rbd-fuse":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","rbd-mirror":"15.2.8.80+g1f4b6229ca-lp152.2.9.1","rbd-nbd":"15.2.8.80+g1f4b6229ca-lp152.2.9.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"ceph-test","purl":"pkg:rpm/opensuse/ceph-test&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"15.2.8.80+g1f4b6229ca-lp152.2.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ceph fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2020-27781: Fixed a privilege escalation via the ceph_volume_client Python interface (bsc#1180155, bsc#1179802).\n\nNon-security issues fixed:\n\n- Update to 15.2.8-80-g1f4b6229ca:\n  + Rebase on tip of upstream 'octopus' branch, SHA1 bdf3eebcd22d7d0b3dd4d5501bee5bac354d5b55\n    * upstream Octopus v15.2.8 release, see https://ceph.io/releases/v15-2-8-octopus-released/\n\n- Update to 15.2.7-776-g343cd10fe5:\n  + Rebase on tip of upstream 'octopus' branch, SHA1 1b8a634fdcd94dfb3ba650793fb1b6d09af65e05\n    * (bsc#1178860) mgr/dashboard: Disable TLS 1.0 and 1.1\n  + (bsc#1179016) rpm: require smartmontools on SUSE\n  + (bsc#1180107) ceph-volume: pass --filter-for-batch from drive-group subcommand\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.","id":"openSUSE-SU-2020:2327-1","modified":"2020-12-25T13:23:13Z","published":"2020-12-25T13:23:13Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VIGY47XAX5FSNNMOBHOKUCFSJHIH4RII/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178860"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179016"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179802"},{"type":"REPORT","url":"https://bugzilla.suse.com/1180107"},{"type":"REPORT","url":"https://bugzilla.suse.com/1180155"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-27781"}],"related":["CVE-2020-27781"],"summary":"Security update for ceph","upstream":["CVE-2020-27781"]}