Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:2818-1

Опубликовано: 16 авг. 2022
Источник: suse-cvrf

Описание

Security update for ceph

This update for ceph fixes the following issues:

  • Update to 16.2.9-536-g41a9f9a5573:

    • (bsc#1195359, bsc#1200553) rgw: check bucket shard init status in RGWRadosBILogTrimCR
    • (bsc#1194131) ceph-volume: honour osd_dmcrypt_key_size option (CVE-2021-3979)
  • Update to 16.2.9-158-gd93952c7eea:

    • cmake: check for python(\d).(\d+) when building boost
    • make-dist: patch boost source to support python 3.10
  • Update to ceph-16.2.9-58-ge2e5cb80063:

    • (bsc#1200064, pr#480) Remove last vestiges of docker.io image paths
  • Update to 16.2.9.50-g7d9f12156fb:

    • (jsc#SES-2515) High-availability NFS export
    • (bsc#1196044) cephadm: prometheus: The generatorURL in alerts is only using hostname
    • (bsc#1196785) cephadm: avoid crashing on expected non-zero exit
  • Update to 16.2.7-969-g6195a460d89

    • (jsc#SES-2515) High-availability NFS export

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP4
ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs2-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados2-16.2.9.536+g41a9f9a5573-150400.3.3.1
libradospp-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd1-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw2-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-ceph-argparse-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-cephfs-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rados-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rbd-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rgw-16.2.9.536+g41a9f9a5573-150400.3.3.1
rados-objclass-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-nbd-16.2.9.536+g41a9f9a5573-150400.3.3.1
openSUSE Leap 15.4
ceph-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-base-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-fuse-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-grafana-dashboards-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-immutable-object-cache-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mds-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-cephadm-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-dashboard-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-diskprediction-local-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-k8sevents-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-modules-core-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-rook-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mon-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-osd-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-prometheus-alerts-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-radosgw-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-test-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephadm-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephfs-mirror-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephfs-shell-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephfs-top-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs2-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephsqlite-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephsqlite-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados2-16.2.9.536+g41a9f9a5573-150400.3.3.1
libradospp-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd1-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw2-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-ceph-argparse-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-cephfs-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rados-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rbd-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rgw-16.2.9.536+g41a9f9a5573-150400.3.3.1
rados-objclass-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-fuse-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-mirror-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-nbd-16.2.9.536+g41a9f9a5573-150400.3.3.1

Описание

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.


Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP4:ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:libcephfs-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:libcephfs2-16.2.9.536+g41a9f9a5573-150400.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:librados-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1

Ссылки
Уязвимость SUSE-SU-2022:2818-1