Описание
Security update for python-rtslib-fb
This update for python-rtslib-fb fixes the following issues:
- Update to version v2.1.73 (bsc#1173257 CVE-2020-14019):
- version 2.1.73
- save_to_file: fix fd open mode
- saveconfig: copy temp configfile with permissions
- saveconfig: open the temp configfile with modes set
- Fix 'is not' with a literal SyntaxWarning
- Fix an incorrect config path in two comments
- version 2.1.72
- Do not change dbroot after drivers have been registered
- Remove '_if_needed' from RTSRoot._set_dbroot()'s name Replacing old tarball with python-rtslib-fb-v2.1.73.tar.xz
Список пакетов
Container ses/7/ceph/ceph:latest
python3-rtslib-fb-2.1.73-3.3.1
Container ses/7/cephcsi/cephcsi:latest
python3-rtslib-fb-2.1.73-3.3.1
Container ses/7/rook/ceph:latest
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Azure-Basic
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Azure-Standard
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-BYOS-Azure
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-BYOS-EC2-HVM
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-BYOS-GCE
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-EC2-HVM
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-GCE
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-HPC-Azure
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-HPC-BYOS-Azure
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-HPC-BYOS-EC2-HVM
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-SAP-Azure
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-SAP-BYOS-Azure
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-SAP-BYOS-GCE
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-SAP-EC2-HVM
python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-SAP-GCE
python3-rtslib-fb-2.1.73-3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
python3-rtslib-fb-2.1.73-3.3.1
SUSE Linux Enterprise Module for Python 2 15 SP2
python2-rtslib-fb-2.1.73-3.3.1
Ссылки
- Link for SUSE-SU-2020:2109-1
- E-Mail link for SUSE-SU-2020:2109-1
- SUSE Security Ratings
- SUSE Bug 1173257
- SUSE CVE CVE-2020-14019 page
Описание
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.
Затронутые продукты
Container ses/7/ceph/ceph:latest:python3-rtslib-fb-2.1.73-3.3.1
Container ses/7/cephcsi/cephcsi:latest:python3-rtslib-fb-2.1.73-3.3.1
Container ses/7/rook/ceph:latest:python3-rtslib-fb-2.1.73-3.3.1
Image SLES15-SP2-Azure-Basic:python3-rtslib-fb-2.1.73-3.3.1
Ссылки
- CVE-2020-14019
- SUSE Bug 1173257