Описание
Security update for ceph
This update for ceph fixes the following issues:
- CVE-2020-12059: Fixed a denial of service caused by a specially crafted XML payload on POST requests (bsc#1170170).
Список пакетов
HPE Helion OpenStack 8
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Enterprise Storage 5
ceph-12.2.12+git.1587570958.35d78d0243-2.45.1
ceph-base-12.2.12+git.1587570958.35d78d0243-2.45.1
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
ceph-fuse-12.2.12+git.1587570958.35d78d0243-2.45.1
ceph-mds-12.2.12+git.1587570958.35d78d0243-2.45.1
ceph-mgr-12.2.12+git.1587570958.35d78d0243-2.45.1
ceph-mon-12.2.12+git.1587570958.35d78d0243-2.45.1
ceph-osd-12.2.12+git.1587570958.35d78d0243-2.45.1
ceph-radosgw-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-ceph-compat-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
python3-ceph-argparse-12.2.12+git.1587570958.35d78d0243-2.45.1
python3-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python3-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python3-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python3-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
rbd-fuse-12.2.12+git.1587570958.35d78d0243-2.45.1
rbd-mirror-12.2.12+git.1587570958.35d78d0243-2.45.1
rbd-nbd-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server 12 SP3-BCL
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server 12 SP3-LTSS
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server 12 SP4
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server 12 SP5
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Software Development Kit 12 SP4
libcephfs-devel-12.2.12+git.1587570958.35d78d0243-2.45.1
librados-devel-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd-devel-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libcephfs-devel-12.2.12+git.1587570958.35d78d0243-2.45.1
librados-devel-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd-devel-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE OpenStack Cloud 8
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
SUSE OpenStack Cloud Crowbar 8
ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
librbd1-12.2.12+git.1587570958.35d78d0243-2.45.1
librgw2-12.2.12+git.1587570958.35d78d0243-2.45.1
python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rados-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rbd-12.2.12+git.1587570958.35d78d0243-2.45.1
python-rgw-12.2.12+git.1587570958.35d78d0243-2.45.1
Ссылки
- Link for SUSE-SU-2020:1158-1
- E-Mail link for SUSE-SU-2020:1158-1
- SUSE Security Ratings
- SUSE Bug 1170170
- SUSE CVE CVE-2020-12059 page
Описание
An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception.
Затронутые продукты
HPE Helion OpenStack 8:ceph-common-12.2.12+git.1587570958.35d78d0243-2.45.1
HPE Helion OpenStack 8:libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45.1
HPE Helion OpenStack 8:librados2-12.2.12+git.1587570958.35d78d0243-2.45.1
HPE Helion OpenStack 8:libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45.1
Ссылки
- CVE-2020-12059
- SUSE Bug 1170170