{"affected":[{"ecosystem_specific":{"binaries":[{"calamari-clients":"1.2.2+git.1428648634.40dfe5b-3.1","ceph":"0.80.9-5.1","ceph-common":"0.80.9-5.1","ceph-deploy":"1.5.19+git.1431355031.6178cf3-9.1","ceph-fuse":"0.80.9-5.1","ceph-radosgw":"0.80.9-5.1","ceph-test":"0.80.9-5.1","libcephfs1":"0.80.9-5.1","librados2":"0.80.9-5.1","librbd1":"0.80.9-5.1","python-Pillow":"2.7.0-4.1","python-ceph":"0.80.9-5.1","python-djangorestframework":"2.3.12-4.2","rbd-fuse":"0.80.9-5.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 1.0","name":"calamari-clients","purl":"pkg:rpm/suse/calamari-clients&distro=SUSE%20Enterprise%20Storage%201.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.2+git.1428648634.40dfe5b-3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"calamari-clients":"1.2.2+git.1428648634.40dfe5b-3.1","ceph":"0.80.9-5.1","ceph-common":"0.80.9-5.1","ceph-deploy":"1.5.19+git.1431355031.6178cf3-9.1","ceph-fuse":"0.80.9-5.1","ceph-radosgw":"0.80.9-5.1","ceph-test":"0.80.9-5.1","libcephfs1":"0.80.9-5.1","librados2":"0.80.9-5.1","librbd1":"0.80.9-5.1","python-Pillow":"2.7.0-4.1","python-ceph":"0.80.9-5.1","python-djangorestframework":"2.3.12-4.2","rbd-fuse":"0.80.9-5.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 1.0","name":"ceph","purl":"pkg:rpm/suse/ceph&distro=SUSE%20Enterprise%20Storage%201.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.80.9-5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"calamari-clients":"1.2.2+git.1428648634.40dfe5b-3.1","ceph":"0.80.9-5.1","ceph-common":"0.80.9-5.1","ceph-deploy":"1.5.19+git.1431355031.6178cf3-9.1","ceph-fuse":"0.80.9-5.1","ceph-radosgw":"0.80.9-5.1","ceph-test":"0.80.9-5.1","libcephfs1":"0.80.9-5.1","librados2":"0.80.9-5.1","librbd1":"0.80.9-5.1","python-Pillow":"2.7.0-4.1","python-ceph":"0.80.9-5.1","python-djangorestframework":"2.3.12-4.2","rbd-fuse":"0.80.9-5.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 1.0","name":"ceph-deploy","purl":"pkg:rpm/suse/ceph-deploy&distro=SUSE%20Enterprise%20Storage%201.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.19+git.1431355031.6178cf3-9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"calamari-clients":"1.2.2+git.1428648634.40dfe5b-3.1","ceph":"0.80.9-5.1","ceph-common":"0.80.9-5.1","ceph-deploy":"1.5.19+git.1431355031.6178cf3-9.1","ceph-fuse":"0.80.9-5.1","ceph-radosgw":"0.80.9-5.1","ceph-test":"0.80.9-5.1","libcephfs1":"0.80.9-5.1","librados2":"0.80.9-5.1","librbd1":"0.80.9-5.1","python-Pillow":"2.7.0-4.1","python-ceph":"0.80.9-5.1","python-djangorestframework":"2.3.12-4.2","rbd-fuse":"0.80.9-5.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 1.0","name":"python-Pillow","purl":"pkg:rpm/suse/python-Pillow&distro=SUSE%20Enterprise%20Storage%201.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.7.0-4.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"calamari-clients":"1.2.2+git.1428648634.40dfe5b-3.1","ceph":"0.80.9-5.1","ceph-common":"0.80.9-5.1","ceph-deploy":"1.5.19+git.1431355031.6178cf3-9.1","ceph-fuse":"0.80.9-5.1","ceph-radosgw":"0.80.9-5.1","ceph-test":"0.80.9-5.1","libcephfs1":"0.80.9-5.1","librados2":"0.80.9-5.1","librbd1":"0.80.9-5.1","python-Pillow":"2.7.0-4.1","python-ceph":"0.80.9-5.1","python-djangorestframework":"2.3.12-4.2","rbd-fuse":"0.80.9-5.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 1.0","name":"python-djangorestframework","purl":"pkg:rpm/suse/python-djangorestframework&distro=SUSE%20Enterprise%20Storage%201.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.3.12-4.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This collective update for SUSE Enterprise Storage 1.0 provides fixes and enhancements.\n\nceph (update to version 0.80.9):\n\n- Support non-ASCII characters. (bnc#907510)\n- Fixes issue with more than one OSD / MON on same node. (bnc#927862)\n- Reinstates Environment=CLUSTER=ceph lines removed by last patch. (bnc#915567)\n- Use same systemd service files for all cluster names. (bnc#915567)\n- In OSDMonitor fallback to json-pretty in case of invalid formatter. (bnc#919313)\n- Increase max files to 131072 for ceph-osd daemon. (bnc#924894)\n- Fix 'OSDs shutdown during rados benchmark tests'. (bnc#924269)\n- Add SuSEfirewall2 service files for Ceph MON, OSD and MDS. (bnc#919091)\n- Added support for multiple cluster names with systemd to ceph-disk. (bnc#915567)\n- Move udev rules for rbd devices to the client package ceph-common.\n- Several issues reported upstream have been fixed: #9973 #9918 #9907\n  #9877 #9854 #9587 #9479 #9478 #9254 #5595 #10978 #10965 #10907 #10553\n  #10471 #10421 #10307 #10299 #10271 #10271 #10270 #10262 #10103 #10095.\n\nceph-deploy:\n\n- Drop support for multiple customer names on the same hardware. (bsc#915567)\n- Check for errors when generating rgw keys. (bsc#915783)\n- Do not import new repository keys automatically when installing packages with Zypper. (bsc#919965)\n- Improved detection of disk vs. OSD block devices with a simple set of tests. (bsc#889053)\n- Do not create keyring files as world-readable. (bsc#920926, CVE-2015-3010)\n- Added support for multiple cluster names with systemd to ceph-disk. (bnc#915567)\n\ncalamari-clients:\n\n- Reduce krakenFailThreshold to 5 minutes. (bsc#903007)\n\npython-Pillow (update to version 2.7.0):\n\n- Fix issues in Jpeg2KImagePlugin and IcnsImagePlugin which could have allowed\n  denial of service attacks. (CVE-2014-3598, CVE-2014-3589)\n\npython-djangorestframework:\n\n- Escape URLs when replacing format= query parameter, as used in dropdown\n  on GET button in browsable API to allow explicit selection of JSON vs\n  HTML output. (bsc#929914)\n- Escape request path when it is include as part of the login and logout\n  links in the browsable API. (bsc#929886)\n\nFor a comprehensive list of changes please refer to each package's change log.\n\n","id":"SUSE-SU-2015:1102-1","modified":"2015-05-31T20:53:33Z","published":"2015-05-31T20:53:33Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20151102-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/889053"},{"type":"REPORT","url":"https://bugzilla.suse.com/903007"},{"type":"REPORT","url":"https://bugzilla.suse.com/907510"},{"type":"REPORT","url":"https://bugzilla.suse.com/915567"},{"type":"REPORT","url":"https://bugzilla.suse.com/915783"},{"type":"REPORT","url":"https://bugzilla.suse.com/919091"},{"type":"REPORT","url":"https://bugzilla.suse.com/919313"},{"type":"REPORT","url":"https://bugzilla.suse.com/919965"},{"type":"REPORT","url":"https://bugzilla.suse.com/920926"},{"type":"REPORT","url":"https://bugzilla.suse.com/924269"},{"type":"REPORT","url":"https://bugzilla.suse.com/924894"},{"type":"REPORT","url":"https://bugzilla.suse.com/927862"},{"type":"REPORT","url":"https://bugzilla.suse.com/929553"},{"type":"REPORT","url":"https://bugzilla.suse.com/929886"},{"type":"REPORT","url":"https://bugzilla.suse.com/929914"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3589"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3598"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3010"}],"related":["CVE-2014-3589","CVE-2014-3598","CVE-2015-3010"],"summary":"Security update for SES 1.0","upstream":["CVE-2014-3589","CVE-2014-3598","CVE-2015-3010"]}