suse-su-2020:3257-1
Vulnerability from csaf_suse
Published
2020-11-20 11:14
Modified
2020-11-20 11:14
Summary
Security update for ceph, deepsea
Notes
Title of the patch
Security update for ceph, deepsea
Description of the patch
This update for ceph, deepsea fixes the following issues:
- Update to 14.2.13-398-gb6c514eec7:
+ Upstream 14.2.13 release
see https://ceph.io/releases/v14-2-13-nautilus-released/
* (bsc#1151612, bsc#1158257) ceph-volume: major batch refactor
- Update to 14.2.12-436-g6feab505b7:
+ Upstream 14.2.12 release
see https://ceph.io/releases/v14-2-12-nautilus-released/
* (bsc#1169134) mgr/dashboard: document Prometheus' security model
* (bsc#1170487) monclient: schedule first tick using mon_client_hunt_interval
* (bsc#1174591) mgr/dashboard: Unable to edit iSCSI logged-in client
* (bsc#1174591) mgr/dashboard: Allow editing iSCSI targets with initiators logged-in
* (bsc#1175061) os/bluestore: dump onode that has too many spanning blobs
* (bsc#1175240) pybind/mgr/restful: use dict.items() for py3 compatible
+ (bsc#1175781) ceph-volume: lvmcache: print help correctly
+ spec: move python-enum34 into rhel 7 conditional
- Update to 14.2.11-394-g9cbbc473c0:
+ Upstream 14.2.11 release
see https://ceph.io/releases/v14-2-11-nautilus-released/
* mgr/progress: Skip pg_summary update if _events dict is empty
(bsc#1167477) (bsc#1172142) (bsc#1171956)
* mgr/dashboard: Allow to edit iSCSI target with active session
(bsc#1173339)
- Update to 14.2.10-392-gb3a13b81cb:
+ Upstream 14.2.10 release
see https://ceph.io/releases/v14-2-10-nautilus-released/
* mgr: Improve internal python to c++ interface (bsc#1167477)
- Update to 14.2.9-970-ged84cae0c9:
+ rgw: sanitize newlines in s3 CORSConfiguration's ExposeHeader
(bsc#1171921, CVE-2020-10753)
- Update to 14.2.9-969-g9917342dc8d:
* rebase on top of upstream nautilus, SHA1 ccd9c04f88e53aef7e4f1068ce1221fa3b97450d
* cmake: Improve test for 16-byte atomic support on IBM Z
* (jsc#SES-680) monitoring: add details to Prometheus alerts
* (bsc#1155045) mgr/dashboard: add debug mode, and accept expected exception when SSL handshaking
* (bsc#1152100) monitoring: alert for prediction of disk and pool fill up broken
* (bsc#1155262) mgr/dashboard: iSCSI targets not available if any gateway is down
* (bsc#1159689) os/bluestore: more flexible DB volume space usage
* (bsc#1156087) ceph-volume: make get_devices fs location independent
* (bsc#1156409) monitoring: wait before firing osd full alert
* (bsc#1160626) mgr/dashboard: Unable to remove an iSCSI gateway that is already in use
* (bsc#1161718) mount.ceph: remove arbitrary limit on size of name= option
* (bsc#1162553) ceph-volume: strip _dmcrypt suffix in simple scan json output
* (bsc#1163119) mgr/dashboard: Not able to restrict bucket creation for new user
* (bsc#1164571) mgr/dashboard: Prevent iSCSI target recreation when editing controls
* (bsc#1165713) mgr/dashboard: Repair broken grafana panels
* (bsc#1165835) rgw: get barbican secret key request maybe return error code
* (bsc#1165840) rgw: making implicit_tenants backwards compatible
* (bsc#1166297) mgr/dashboard: Repair broken grafana panels
* (bsc#1166393) mgr/dashboard: KeyError on dashboard reload
* (bsc#1166624) mgr/dashboard: Fix iSCSI's username and password validation
* (bsc#1166670) monitoring: root volume full alert fires false positives
* (bsc#1166932) mgr: synchronize ClusterState's health and mon_status
* (bsc#1168403) mgr/dashboard: Add more debug information to Dashboard RGW backend
* (bsc#1169356) rgw: reshard: skip stale bucket id entries from reshard queue
* (bsc#1170938) mon/OSDMonitor: allow trimming maps even if osds are down
* (bsc#1171367) Set OSD's bluefs-buffered-io param to false by default
- Update to 14.2.13-398-gb6c514eec7:
+ Upstream 14.2.13 release
see https://ceph.io/releases/v14-2-13-nautilus-released/
* (bsc#1151612, bsc#1158257) ceph-volume: major batch refactor
- Update to 14.2.12-436-g6feab505b7:
+ Upstream 14.2.12 release
see https://ceph.io/releases/v14-2-12-nautilus-released/
* (bsc#1169134) mgr/dashboard: document Prometheus' security model
* (bsc#1170487) monclient: schedule first tick using mon_client_hunt_interval
* (bsc#1174591) mgr/dashboard: Unable to edit iSCSI logged-in client
* (bsc#1174591) mgr/dashboard: Allow editing iSCSI targets with initiators logged-in
* (bsc#1175061) os/bluestore: dump onode that has too many spanning blobs
* (bsc#1175240) pybind/mgr/restful: use dict.items() for py3 compatible
+ (bsc#1175781) ceph-volume: lvmcache: print help correctly
+ spec: move python-enum34 into rhel 7 conditional
- Update to 14.2.11-394-g9cbbc473c0:
+ Upstream 14.2.11 release
see https://ceph.io/releases/v14-2-11-nautilus-released/
* mgr/progress: Skip pg_summary update if _events dict is empty
(bsc#1167477) (bsc#1172142) (bsc#1171956)
* mgr/dashboard: Allow to edit iSCSI target with active session
(bsc#1173339)
- Update to 14.2.10-392-gb3a13b81cb:
+ Upstream 14.2.10 release
see https://ceph.io/releases/v14-2-10-nautilus-released/
* mgr: Improve internal python to c++ interface (bsc#1167477)
- Update to 14.2.9-970-ged84cae0c9:
+ rgw: sanitize newlines in s3 CORSConfiguration's ExposeHeader
(bsc#1171921, CVE-2020-10753)
- Update to 14.2.9-969-g9917342dc8d:
* rebase on top of upstream nautilus, SHA1 ccd9c04f88e53aef7e4f1068ce1221fa3b97450d
* cmake: Improve test for 16-byte atomic support on IBM Z
* (jsc#SES-680) monitoring: add details to Prometheus alerts
* (bsc#1155045) mgr/dashboard: add debug mode, and accept expected exception when SSL handshaking
* (bsc#1152100) monitoring: alert for prediction of disk and pool fill up broken
* (bsc#1155262) mgr/dashboard: iSCSI targets not available if any gateway is down
* (bsc#1159689) os/bluestore: more flexible DB volume space usage
* (bsc#1156087) ceph-volume: make get_devices fs location independent
* (bsc#1156409) monitoring: wait before firing osd full alert
* (bsc#1160626) mgr/dashboard: Unable to remove an iSCSI gateway that is already in use
* (bsc#1161718) mount.ceph: remove arbitrary limit on size of name= option
* (bsc#1162553) ceph-volume: strip _dmcrypt suffix in simple scan json output
* (bsc#1163119) mgr/dashboard: Not able to restrict bucket creation for new user
* (bsc#1164571) mgr/dashboard: Prevent iSCSI target recreation when editing controls
* (bsc#1165713) mgr/dashboard: Repair broken grafana panels
* (bsc#1165835) rgw: get barbican secret key request maybe return error code
* (bsc#1165840) rgw: making implicit_tenants backwards compatible
* (bsc#1166297) mgr/dashboard: Repair broken grafana panels
* (bsc#1166393) mgr/dashboard: KeyError on dashboard reload
* (bsc#1166624) mgr/dashboard: Fix iSCSI's username and password validation
* (bsc#1166670) monitoring: root volume full alert fires false positives
* (bsc#1166932) mgr: synchronize ClusterState's health and mon_status
* (bsc#1168403) mgr/dashboard: Add more debug information to Dashboard RGW backend
* (bsc#1169356) rgw: reshard: skip stale bucket id entries from reshard queue
* (bsc#1170938) mon/OSDMonitor: allow trimming maps even if osds are down
* (bsc#1171367) Set OSD's bluefs-buffered-io param to false by default
- Version: 0.9.33
- drop workarounds for old ceph-volume lvm batch command
- runners/upgrade: Add SES6->7 pre-upgrade checks
Patchnames
SUSE-2020-3257,SUSE-Storage-6-2020-3257
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ceph, deepsea",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ceph, deepsea fixes the following issues:\n\n- Update to 14.2.13-398-gb6c514eec7:\n + Upstream 14.2.13 release\n see https://ceph.io/releases/v14-2-13-nautilus-released/\n * (bsc#1151612, bsc#1158257) ceph-volume: major batch refactor \n\n- Update to 14.2.12-436-g6feab505b7:\n + Upstream 14.2.12 release\n see https://ceph.io/releases/v14-2-12-nautilus-released/\n * (bsc#1169134) mgr/dashboard: document Prometheus\u0027 security model\n * (bsc#1170487) monclient: schedule first tick using mon_client_hunt_interval\n * (bsc#1174591) mgr/dashboard: Unable to edit iSCSI logged-in client\n * (bsc#1174591) mgr/dashboard: Allow editing iSCSI targets with initiators logged-in\n * (bsc#1175061) os/bluestore: dump onode that has too many spanning blobs\n * (bsc#1175240) pybind/mgr/restful: use dict.items() for py3 compatible\n + (bsc#1175781) ceph-volume: lvmcache: print help correctly\n + spec: move python-enum34 into rhel 7 conditional\n\n- Update to 14.2.11-394-g9cbbc473c0:\n + Upstream 14.2.11 release\n see https://ceph.io/releases/v14-2-11-nautilus-released/\n * mgr/progress: Skip pg_summary update if _events dict is empty\n (bsc#1167477) (bsc#1172142) (bsc#1171956)\n * mgr/dashboard: Allow to edit iSCSI target with active session\n (bsc#1173339)\n\n- Update to 14.2.10-392-gb3a13b81cb:\n + Upstream 14.2.10 release\n see https://ceph.io/releases/v14-2-10-nautilus-released/\n * mgr: Improve internal python to c++ interface (bsc#1167477)\n\n- Update to 14.2.9-970-ged84cae0c9: \n + rgw: sanitize newlines in s3 CORSConfiguration\u0027s ExposeHeader\n (bsc#1171921, CVE-2020-10753) \n\n- Update to 14.2.9-969-g9917342dc8d:\n * rebase on top of upstream nautilus, SHA1 ccd9c04f88e53aef7e4f1068ce1221fa3b97450d\n * cmake: Improve test for 16-byte atomic support on IBM Z\n * (jsc#SES-680) monitoring: add details to Prometheus alerts\n * (bsc#1155045) mgr/dashboard: add debug mode, and accept expected exception when SSL handshaking\n * (bsc#1152100) monitoring: alert for prediction of disk and pool fill up broken\n * (bsc#1155262) mgr/dashboard: iSCSI targets not available if any gateway is down\n * (bsc#1159689) os/bluestore: more flexible DB volume space usage\n * (bsc#1156087) ceph-volume: make get_devices fs location independent\n * (bsc#1156409) monitoring: wait before firing osd full alert\n * (bsc#1160626) mgr/dashboard: Unable to remove an iSCSI gateway that is already in use\n * (bsc#1161718) mount.ceph: remove arbitrary limit on size of name= option\n * (bsc#1162553) ceph-volume: strip _dmcrypt suffix in simple scan json output\n * (bsc#1163119) mgr/dashboard: Not able to restrict bucket creation for new user\n * (bsc#1164571) mgr/dashboard: Prevent iSCSI target recreation when editing controls\n * (bsc#1165713) mgr/dashboard: Repair broken grafana panels\n * (bsc#1165835) rgw: get barbican secret key request maybe return error code\n * (bsc#1165840) rgw: making implicit_tenants backwards compatible\n * (bsc#1166297) mgr/dashboard: Repair broken grafana panels\n * (bsc#1166393) mgr/dashboard: KeyError on dashboard reload\n * (bsc#1166624) mgr/dashboard: Fix iSCSI\u0027s username and password validation\n * (bsc#1166670) monitoring: root volume full alert fires false positives\n * (bsc#1166932) mgr: synchronize ClusterState\u0027s health and mon_status\n * (bsc#1168403) mgr/dashboard: Add more debug information to Dashboard RGW backend \n * (bsc#1169356) rgw: reshard: skip stale bucket id entries from reshard queue\n * (bsc#1170938) mon/OSDMonitor: allow trimming maps even if osds are down\n * (bsc#1171367) Set OSD\u0027s bluefs-buffered-io param to false by default\n\n- Update to 14.2.13-398-gb6c514eec7:\n + Upstream 14.2.13 release\n see https://ceph.io/releases/v14-2-13-nautilus-released/\n * (bsc#1151612, bsc#1158257) ceph-volume: major batch refactor\n \n\n- Update to 14.2.12-436-g6feab505b7:\n + Upstream 14.2.12 release\n see https://ceph.io/releases/v14-2-12-nautilus-released/\n * (bsc#1169134) mgr/dashboard: document Prometheus\u0027 security model\n * (bsc#1170487) monclient: schedule first tick using mon_client_hunt_interval\n * (bsc#1174591) mgr/dashboard: Unable to edit iSCSI logged-in client\n * (bsc#1174591) mgr/dashboard: Allow editing iSCSI targets with initiators logged-in\n * (bsc#1175061) os/bluestore: dump onode that has too many spanning blobs\n * (bsc#1175240) pybind/mgr/restful: use dict.items() for py3 compatible\n + (bsc#1175781) ceph-volume: lvmcache: print help correctly\n + spec: move python-enum34 into rhel 7 conditional\n\n- Update to 14.2.11-394-g9cbbc473c0:\n + Upstream 14.2.11 release\n see https://ceph.io/releases/v14-2-11-nautilus-released/\n * mgr/progress: Skip pg_summary update if _events dict is empty\n (bsc#1167477) (bsc#1172142) (bsc#1171956)\n * mgr/dashboard: Allow to edit iSCSI target with active session\n (bsc#1173339)\n\n- Update to 14.2.10-392-gb3a13b81cb:\n + Upstream 14.2.10 release\n see https://ceph.io/releases/v14-2-10-nautilus-released/\n * mgr: Improve internal python to c++ interface (bsc#1167477)\n\n- Update to 14.2.9-970-ged84cae0c9: \n + rgw: sanitize newlines in s3 CORSConfiguration\u0027s ExposeHeader\n (bsc#1171921, CVE-2020-10753) \n\n- Update to 14.2.9-969-g9917342dc8d:\n * rebase on top of upstream nautilus, SHA1 ccd9c04f88e53aef7e4f1068ce1221fa3b97450d\n * cmake: Improve test for 16-byte atomic support on IBM Z\n * (jsc#SES-680) monitoring: add details to Prometheus alerts\n * (bsc#1155045) mgr/dashboard: add debug mode, and accept expected exception when SSL handshaking\n * (bsc#1152100) monitoring: alert for prediction of disk and pool fill up broken\n * (bsc#1155262) mgr/dashboard: iSCSI targets not available if any gateway is down\n * (bsc#1159689) os/bluestore: more flexible DB volume space usage\n * (bsc#1156087) ceph-volume: make get_devices fs location independent\n * (bsc#1156409) monitoring: wait before firing osd full alert\n * (bsc#1160626) mgr/dashboard: Unable to remove an iSCSI gateway that is already in use\n * (bsc#1161718) mount.ceph: remove arbitrary limit on size of name= option\n * (bsc#1162553) ceph-volume: strip _dmcrypt suffix in simple scan json output\n * (bsc#1163119) mgr/dashboard: Not able to restrict bucket creation for new user\n * (bsc#1164571) mgr/dashboard: Prevent iSCSI target recreation when editing controls\n * (bsc#1165713) mgr/dashboard: Repair broken grafana panels\n * (bsc#1165835) rgw: get barbican secret key request maybe return error code\n * (bsc#1165840) rgw: making implicit_tenants backwards compatible\n * (bsc#1166297) mgr/dashboard: Repair broken grafana panels\n * (bsc#1166393) mgr/dashboard: KeyError on dashboard reload\n * (bsc#1166624) mgr/dashboard: Fix iSCSI\u0027s username and password validation\n * (bsc#1166670) monitoring: root volume full alert fires false positives\n * (bsc#1166932) mgr: synchronize ClusterState\u0027s health and mon_status\n * (bsc#1168403) mgr/dashboard: Add more debug information to Dashboard RGW backend \n * (bsc#1169356) rgw: reshard: skip stale bucket id entries from reshard queue\n * (bsc#1170938) mon/OSDMonitor: allow trimming maps even if osds are down\n * (bsc#1171367) Set OSD\u0027s bluefs-buffered-io param to false by default\n\n- Version: 0.9.33\n- drop workarounds for old ceph-volume lvm batch command\n\n- runners/upgrade: Add SES6-\u003e7 pre-upgrade checks",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3257,SUSE-Storage-6-2020-3257",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3257-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3257-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203257-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3257-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007733.html"
},
{
"category": "self",
"summary": "SUSE Bug 1151612",
"url": "https://bugzilla.suse.com/1151612"
},
{
"category": "self",
"summary": "SUSE Bug 1152100",
"url": "https://bugzilla.suse.com/1152100"
},
{
"category": "self",
"summary": "SUSE Bug 1155045",
"url": "https://bugzilla.suse.com/1155045"
},
{
"category": "self",
"summary": "SUSE Bug 1155262",
"url": "https://bugzilla.suse.com/1155262"
},
{
"category": "self",
"summary": "SUSE Bug 1156087",
"url": "https://bugzilla.suse.com/1156087"
},
{
"category": "self",
"summary": "SUSE Bug 1156409",
"url": "https://bugzilla.suse.com/1156409"
},
{
"category": "self",
"summary": "SUSE Bug 1158257",
"url": "https://bugzilla.suse.com/1158257"
},
{
"category": "self",
"summary": "SUSE Bug 1159689",
"url": "https://bugzilla.suse.com/1159689"
},
{
"category": "self",
"summary": "SUSE Bug 1160626",
"url": "https://bugzilla.suse.com/1160626"
},
{
"category": "self",
"summary": "SUSE Bug 1161718",
"url": "https://bugzilla.suse.com/1161718"
},
{
"category": "self",
"summary": "SUSE Bug 1162553",
"url": "https://bugzilla.suse.com/1162553"
},
{
"category": "self",
"summary": "SUSE Bug 1163119",
"url": "https://bugzilla.suse.com/1163119"
},
{
"category": "self",
"summary": "SUSE Bug 1164571",
"url": "https://bugzilla.suse.com/1164571"
},
{
"category": "self",
"summary": "SUSE Bug 1165713",
"url": "https://bugzilla.suse.com/1165713"
},
{
"category": "self",
"summary": "SUSE Bug 1165835",
"url": "https://bugzilla.suse.com/1165835"
},
{
"category": "self",
"summary": "SUSE Bug 1165840",
"url": "https://bugzilla.suse.com/1165840"
},
{
"category": "self",
"summary": "SUSE Bug 1166297",
"url": "https://bugzilla.suse.com/1166297"
},
{
"category": "self",
"summary": "SUSE Bug 1166393",
"url": "https://bugzilla.suse.com/1166393"
},
{
"category": "self",
"summary": "SUSE Bug 1166624",
"url": "https://bugzilla.suse.com/1166624"
},
{
"category": "self",
"summary": "SUSE Bug 1166670",
"url": "https://bugzilla.suse.com/1166670"
},
{
"category": "self",
"summary": "SUSE Bug 1166932",
"url": "https://bugzilla.suse.com/1166932"
},
{
"category": "self",
"summary": "SUSE Bug 1167477",
"url": "https://bugzilla.suse.com/1167477"
},
{
"category": "self",
"summary": "SUSE Bug 1168403",
"url": "https://bugzilla.suse.com/1168403"
},
{
"category": "self",
"summary": "SUSE Bug 1169134",
"url": "https://bugzilla.suse.com/1169134"
},
{
"category": "self",
"summary": "SUSE Bug 1169356",
"url": "https://bugzilla.suse.com/1169356"
},
{
"category": "self",
"summary": "SUSE Bug 1170487",
"url": "https://bugzilla.suse.com/1170487"
},
{
"category": "self",
"summary": "SUSE Bug 1170938",
"url": "https://bugzilla.suse.com/1170938"
},
{
"category": "self",
"summary": "SUSE Bug 1171367",
"url": "https://bugzilla.suse.com/1171367"
},
{
"category": "self",
"summary": "SUSE Bug 1171921",
"url": "https://bugzilla.suse.com/1171921"
},
{
"category": "self",
"summary": "SUSE Bug 1171956",
"url": "https://bugzilla.suse.com/1171956"
},
{
"category": "self",
"summary": "SUSE Bug 1172142",
"url": "https://bugzilla.suse.com/1172142"
},
{
"category": "self",
"summary": "SUSE Bug 1173339",
"url": "https://bugzilla.suse.com/1173339"
},
{
"category": "self",
"summary": "SUSE Bug 1174591",
"url": "https://bugzilla.suse.com/1174591"
},
{
"category": "self",
"summary": "SUSE Bug 1175061",
"url": "https://bugzilla.suse.com/1175061"
},
{
"category": "self",
"summary": "SUSE Bug 1175240",
"url": "https://bugzilla.suse.com/1175240"
},
{
"category": "self",
"summary": "SUSE Bug 1175781",
"url": "https://bugzilla.suse.com/1175781"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10753 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10753/"
}
],
"title": "Security update for ceph, deepsea",
"tracking": {
"current_release_date": "2020-11-20T11:14:55Z",
"generator": {
"date": "2020-11-20T11:14:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3257-1",
"initial_release_date": "2020-11-20T11:14:55Z",
"revision_history": [
{
"date": "2020-11-20T11:14:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ceph-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-base-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-base-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-base-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-common-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-common-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-common-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-fuse-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-fuse-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-fuse-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-mds-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-mds-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-mds-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-mgr-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-mgr-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-mgr-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-mon-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-mon-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-mon-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-osd-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-osd-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-osd-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-radosgw-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "ceph-radosgw-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "ceph-radosgw-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "cephfs-shell-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "cephfs-shell-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "cephfs-shell-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcephfs-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "libcephfs-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "libcephfs-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcephfs2-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "libcephfs2-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "libcephfs2-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "librados-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "librados-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "librados-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "librados2-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "librados2-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "librados2-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "libradospp-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "libradospp-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "libradospp-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "librbd-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "librbd-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "librbd-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "librbd1-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "librbd1-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "librbd1-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "librgw-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "librgw-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "librgw-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "librgw2-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "librgw2-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "librgw2-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-ceph-argparse-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "python3-ceph-argparse-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "python3-ceph-argparse-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-cephfs-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "python3-cephfs-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "python3-cephfs-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-rados-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "python3-rados-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "python3-rados-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-rbd-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "python3-rbd-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "python3-rbd-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-rgw-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "python3-rgw-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "python3-rgw-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "rados-objclass-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "rados-objclass-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "rados-objclass-devel-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "rbd-fuse-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "rbd-fuse-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "rbd-fuse-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "rbd-mirror-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "rbd-mirror-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "rbd-mirror-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "rbd-nbd-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product": {
"name": "rbd-nbd-14.2.13.398+gb6c514eec7-3.20.1.aarch64",
"product_id": "rbd-nbd-14.2.13.398+gb6c514eec7-3.20.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ceph-dashboard-e2e-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-dashboard-e2e-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-dashboard-e2e-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-grafana-dashboards-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-grafana-dashboards-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-grafana-dashboards-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-dashboard-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-mgr-dashboard-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-mgr-dashboard-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-diskprediction-cloud-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-mgr-diskprediction-cloud-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-mgr-diskprediction-cloud-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-diskprediction-local-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-mgr-diskprediction-local-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-mgr-diskprediction-local-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-k8sevents-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-mgr-k8sevents-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-mgr-k8sevents-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-rook-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-mgr-rook-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-mgr-rook-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-ssh-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-mgr-ssh-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-mgr-ssh-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-prometheus-alerts-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product": {
"name": "ceph-prometheus-alerts-14.2.13.398+gb6c514eec7-3.20.1.noarch",
"product_id": "ceph-prometheus-alerts-14.2.13.398+gb6c514eec7-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"product": {
"name": "deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"product_id": "deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch"
}
},
{
"category": "product_version",
"name": "deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"product": {
"name": "deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"product_id": "deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch"
}
},
{
"category": "product_version",
"name": "deepsea-qa-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"product": {
"name": "deepsea-qa-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"product_id": "deepsea-qa-0.9.33+git.0.ed16d26e-3.27.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ceph-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-base-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-base-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-base-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-common-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-common-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-common-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-fuse-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-fuse-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-fuse-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mds-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-mds-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-mds-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mgr-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-mgr-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-mgr-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mon-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-mon-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-mon-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-osd-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-osd-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-osd-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-radosgw-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "ceph-radosgw-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "ceph-radosgw-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "cephfs-shell-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "cephfs-shell-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "cephfs-shell-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcephfs-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "libcephfs-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "libcephfs-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcephfs2-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "libcephfs2-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "libcephfs2-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "librados-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "librados-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "librados-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "librados2-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "librados2-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "librados2-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "libradospp-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "libradospp-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "libradospp-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "librbd-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "librbd-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "librbd-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "librbd1-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "librbd1-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "librbd1-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "librgw-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "librgw-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "librgw-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "librgw2-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "librgw2-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "librgw2-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-ceph-argparse-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "python3-ceph-argparse-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "python3-ceph-argparse-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-cephfs-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "python3-cephfs-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "python3-cephfs-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rados-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "python3-rados-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "python3-rados-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rbd-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "python3-rbd-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "python3-rbd-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rgw-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "python3-rgw-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "python3-rgw-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "rados-objclass-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "rados-objclass-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "rados-objclass-devel-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-fuse-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "rbd-fuse-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "rbd-fuse-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-mirror-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "rbd-mirror-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "rbd-mirror-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-nbd-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product": {
"name": "rbd-nbd-14.2.13.398+gb6c514eec7-3.20.1.x86_64",
"product_id": "rbd-nbd-14.2.13.398+gb6c514eec7-3.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch"
},
"product_reference": "deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch"
},
"product_reference": "deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-10753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10753"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"SUSE Enterprise Storage 6:deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10753",
"url": "https://www.suse.com/security/cve/CVE-2020-10753"
},
{
"category": "external",
"summary": "SUSE Bug 1171921 for CVE-2020-10753",
"url": "https://bugzilla.suse.com/1171921"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"SUSE Enterprise Storage 6:deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:deepsea-0.9.33+git.0.ed16d26e-3.27.1.noarch",
"SUSE Enterprise Storage 6:deepsea-cli-0.9.33+git.0.ed16d26e-3.27.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-20T11:14:55Z",
"details": "moderate"
}
],
"title": "CVE-2020-10753"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…