ceph-16.2.6.463+g22e7612f9ad-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11652 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ceph-16.2.6.463+g22e7612f9ad-1.1 on GA media These are all security issues fixed in the ceph-16.2.6.463+g22e7612f9ad-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11652 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11652 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2020-25660/ SUSE CVE CVE-2020-25660 page https://www.suse.com/security/cve/CVE-2020-25678/ SUSE CVE CVE-2020-25678 page https://www.suse.com/security/cve/CVE-2020-27781/ SUSE CVE CVE-2020-27781 page https://www.suse.com/security/cve/CVE-2020-27839/ SUSE CVE CVE-2020-27839 page openSUSE Tumbleweed ceph-16.2.6.463+g22e7612f9ad-1.1 ceph-base-16.2.6.463+g22e7612f9ad-1.1 ceph-common-16.2.6.463+g22e7612f9ad-1.1 ceph-fuse-16.2.6.463+g22e7612f9ad-1.1 ceph-grafana-dashboards-16.2.6.463+g22e7612f9ad-1.1 ceph-immutable-object-cache-16.2.6.463+g22e7612f9ad-1.1 ceph-mds-16.2.6.463+g22e7612f9ad-1.1 ceph-mgr-16.2.6.463+g22e7612f9ad-1.1 ceph-mgr-cephadm-16.2.6.463+g22e7612f9ad-1.1 ceph-mgr-dashboard-16.2.6.463+g22e7612f9ad-1.1 ceph-mgr-diskprediction-local-16.2.6.463+g22e7612f9ad-1.1 ceph-mgr-k8sevents-16.2.6.463+g22e7612f9ad-1.1 ceph-mgr-modules-core-16.2.6.463+g22e7612f9ad-1.1 ceph-mgr-rook-16.2.6.463+g22e7612f9ad-1.1 ceph-mon-16.2.6.463+g22e7612f9ad-1.1 ceph-osd-16.2.6.463+g22e7612f9ad-1.1 ceph-prometheus-alerts-16.2.6.463+g22e7612f9ad-1.1 ceph-radosgw-16.2.6.463+g22e7612f9ad-1.1 cephadm-16.2.6.463+g22e7612f9ad-1.1 cephfs-mirror-16.2.6.463+g22e7612f9ad-1.1 cephfs-shell-16.2.6.463+g22e7612f9ad-1.1 cephfs-top-16.2.6.463+g22e7612f9ad-1.1 libcephfs-devel-16.2.6.463+g22e7612f9ad-1.1 libcephfs2-16.2.6.463+g22e7612f9ad-1.1 libcephsqlite-16.2.6.463+g22e7612f9ad-1.1 libcephsqlite-devel-16.2.6.463+g22e7612f9ad-1.1 librados-devel-16.2.6.463+g22e7612f9ad-1.1 librados2-16.2.6.463+g22e7612f9ad-1.1 libradospp-devel-16.2.6.463+g22e7612f9ad-1.1 librbd-devel-16.2.6.463+g22e7612f9ad-1.1 librbd1-16.2.6.463+g22e7612f9ad-1.1 librgw-devel-16.2.6.463+g22e7612f9ad-1.1 librgw2-16.2.6.463+g22e7612f9ad-1.1 python3-ceph-argparse-16.2.6.463+g22e7612f9ad-1.1 python3-ceph-common-16.2.6.463+g22e7612f9ad-1.1 python3-cephfs-16.2.6.463+g22e7612f9ad-1.1 python3-rados-16.2.6.463+g22e7612f9ad-1.1 python3-rbd-16.2.6.463+g22e7612f9ad-1.1 python3-rgw-16.2.6.463+g22e7612f9ad-1.1 rados-objclass-devel-16.2.6.463+g22e7612f9ad-1.1 rbd-fuse-16.2.6.463+g22e7612f9ad-1.1 rbd-mirror-16.2.6.463+g22e7612f9ad-1.1 rbd-nbd-16.2.6.463+g22e7612f9ad-1.1 ceph-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-base-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-common-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-fuse-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-grafana-dashboards-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-immutable-object-cache-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mds-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mgr-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mgr-cephadm-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mgr-dashboard-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mgr-diskprediction-local-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mgr-k8sevents-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mgr-modules-core-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mgr-rook-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-mon-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-osd-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-prometheus-alerts-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed ceph-radosgw-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed cephadm-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed cephfs-mirror-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed cephfs-shell-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed cephfs-top-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed libcephfs-devel-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed libcephfs2-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed libcephsqlite-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed libcephsqlite-devel-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed librados-devel-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed librados2-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed libradospp-devel-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed librbd-devel-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed librbd1-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed librgw-devel-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed librgw2-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed python3-ceph-argparse-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed python3-ceph-common-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed python3-cephfs-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed python3-rados-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed python3-rbd-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed python3-rgw-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed rados-objclass-devel-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed rbd-fuse-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed rbd-mirror-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed rbd-nbd-16.2.6.463+g22e7612f9ad-1.1 as a component of openSUSE Tumbleweed A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the Ceph service via a packet sniffer and perform actions allowed by the Ceph service. This issue is a reintroduction of CVE-2018-1128, affecting the msgr2 protocol. The msgr 2 protocol is used for all communication except older clients that do not support the msgr2 protocol. The msgr1 protocol is not affected. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. CVE-2020-25660 openSUSE Tumbleweed:ceph-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-base-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-common-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-fuse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-grafana-dashboards-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-immutable-object-cache-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mds-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-cephadm-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-dashboard-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-diskprediction-local-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-k8sevents-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-modules-core-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-rook-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mon-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-osd-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-prometheus-alerts-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-radosgw-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephadm-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-mirror-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-shell-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-top-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephfs-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephfs2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephsqlite-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephsqlite-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librados-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librados2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libradospp-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librbd-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librbd1-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librgw-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librgw2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-ceph-argparse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-ceph-common-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-cephfs-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rados-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rbd-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rgw-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rados-objclass-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-fuse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-mirror-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-nbd-16.2.6.463+g22e7612f9ad-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-25660.html CVE-2020-25660 https://bugzilla.suse.com/1177843 SUSE Bug 1177843 A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible. CVE-2020-25678 openSUSE Tumbleweed:ceph-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-base-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-common-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-fuse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-grafana-dashboards-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-immutable-object-cache-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mds-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-cephadm-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-dashboard-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-diskprediction-local-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-k8sevents-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-modules-core-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-rook-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mon-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-osd-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-prometheus-alerts-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-radosgw-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephadm-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-mirror-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-shell-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-top-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephfs-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephfs2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephsqlite-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephsqlite-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librados-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librados2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libradospp-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librbd-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librbd1-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librgw-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librgw2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-ceph-argparse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-ceph-common-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-cephfs-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rados-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rbd-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rgw-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rados-objclass-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-fuse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-mirror-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-nbd-16.2.6.463+g22e7612f9ad-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-25678.html CVE-2020-25678 https://bugzilla.suse.com/1178905 SUSE Bug 1178905 User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. This can be done to even "admin" users, compromising the ceph administrator. This flaw affects Ceph versions prior to 14.2.16, 15.x prior to 15.2.8, and 16.x prior to 16.2.0. CVE-2020-27781 openSUSE Tumbleweed:ceph-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-base-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-common-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-fuse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-grafana-dashboards-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-immutable-object-cache-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mds-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-cephadm-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-dashboard-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-diskprediction-local-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-k8sevents-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-modules-core-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-rook-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mon-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-osd-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-prometheus-alerts-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-radosgw-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephadm-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-mirror-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-shell-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-top-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephfs-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephfs2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephsqlite-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephsqlite-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librados-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librados2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libradospp-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librbd-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librbd1-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librgw-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librgw2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-ceph-argparse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-ceph-common-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-cephfs-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rados-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rbd-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rgw-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rados-objclass-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-fuse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-mirror-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-nbd-16.2.6.463+g22e7612f9ad-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-27781.html CVE-2020-27781 https://bugzilla.suse.com/1179802 SUSE Bug 1179802 https://bugzilla.suse.com/1180155 SUSE Bug 1180155 A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser's localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity. CVE-2020-27839 openSUSE Tumbleweed:ceph-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-base-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-common-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-fuse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-grafana-dashboards-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-immutable-object-cache-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mds-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-cephadm-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-dashboard-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-diskprediction-local-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-k8sevents-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-modules-core-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mgr-rook-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-mon-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-osd-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-prometheus-alerts-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:ceph-radosgw-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephadm-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-mirror-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-shell-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:cephfs-top-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephfs-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephfs2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephsqlite-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libcephsqlite-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librados-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librados2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:libradospp-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librbd-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librbd1-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librgw-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:librgw2-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-ceph-argparse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-ceph-common-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-cephfs-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rados-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rbd-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:python3-rgw-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rados-objclass-devel-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-fuse-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-mirror-16.2.6.463+g22e7612f9ad-1.1 openSUSE Tumbleweed:rbd-nbd-16.2.6.463+g22e7612f9ad-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-27839.html CVE-2020-27839 https://bugzilla.suse.com/1179997 SUSE Bug 1179997