suse-su-2019:2994-1
Vulnerability from csaf_suse
Published
2019-11-18 12:34
Modified
2019-11-18 12:34
Summary
Security update for ceph
Notes
Title of the patch
Security update for ceph
Description of the patch
This update for ceph fixes the following issues:
- A previous update introduced a regression with the potential to cause RocksDB
data corruption in Nautilus (bsc#1156282).
- Support for iSCSI target-level CHAP authentication was added (bsc#1145617).
- Implemented validation and rendering of iSCSI controls based 'type'
(bsc#1140491).
- Fixed an error while editing iSCSI image advanced settings (bsc#1146656).
- Fixed a ceph-volume regression. SES customers were never exposed to this
regression (bsc#1132767).
- Fixed a denial of service vulnerability where an unauthenticated client of
Ceph Object Gateway could trigger a crash from an uncaught exception
(bsc#1145093, CVE-2019-10222)
- Nautilus-based librbd clients could not open images on Jewel clusters
(bsc#1151994).
- The RGW num_rados_handles has been removed (bsc#1151995).
- 'osd_deep_scrub_large_omap_object_key_threshold' has been lowered in Nautilus
(bsc#1152002).
- The ceph dashboard now supports silencing Prometheus notifications
(bsc#1141174).
- The no{up,down,in,out} related commands have been revamped (bsc#1151990).
- Radosgw-admin got two new subcommands for managing expire-stale objects
(bsc#1151991)..
- Deploying a single new BlueStore OSD on a cluster upgraded to SES6 from SES5
used to break pool utilization stats reported by ceph df (bsc#1151992).
- Ceph clusters will issue a health warning if CRUSH tunables are older than
'hammer' (bsc#1151993).
- Ceph-volume prints errors to stdout with --format json (bsc#1132767).
- Changing rgw-api-host in the dashboard does not get effective without
disable/enable dashboard mgr module (bsc#1137503).
- Silenced Alertmanager alerts in the dashboard (bsc#1141174).
- Fixed e2e failures in the dashboard caused by webdriver version (bsc#1145759)
- librbd always tries to acquire exclusive lock when removing image an
(bsc#1149093).
Fixes in ses-manual_en:
- Added a new chapter with changelogs of Ceph releases. (bsc#1135584)
- Rewrote rolling updates and replaced running stage.0 with manual commands to prevent infinite loop. (bsc#1134444)
- Improved name of CaaSP to its fuller version. (bsc#1151439)
- Verify which OSD's are going to be removed before running stage.5. (bsc#1150406)
- Added two additional steps to recovering an OSD. (bsc#1147132)
Fixes in ceph-iscsi:
- Validate kernel LIO controls type and value (bsc#1140491)
- TPG lun_id persistence (bsc#1145618)
- Target level CHAP authentication (bsc#1145617)
ceph-iscsi was updated to the upstream 3.2 release:
- Always use host FQDN instead of shortname
- Validate min/max value for target controls and rbd:user/tcmu-runner image
controls (bsc#1140491)
Patchnames
SUSE-2019-2994,SUSE-Storage-6-2019-2994
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ceph",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThis update for ceph fixes the following issues:\n\n- A previous update introduced a regression with the potential to cause RocksDB\n data corruption in Nautilus (bsc#1156282).\n\n- Support for iSCSI target-level CHAP authentication was added (bsc#1145617).\n\n- Implemented validation and rendering of iSCSI controls based \u0027type\u0027\n (bsc#1140491).\n\n- Fixed an error while editing iSCSI image advanced settings (bsc#1146656).\n\n- Fixed a ceph-volume regression. SES customers were never exposed to this\n regression (bsc#1132767).\n\n- Fixed a denial of service vulnerability where an unauthenticated client of\n Ceph Object Gateway could trigger a crash from an uncaught exception\n (bsc#1145093, CVE-2019-10222)\n\n- Nautilus-based librbd clients could not open images on Jewel clusters\n (bsc#1151994).\n\n- The RGW num_rados_handles has been removed (bsc#1151995).\n\n- \u0027osd_deep_scrub_large_omap_object_key_threshold\u0027 has been lowered in Nautilus\n (bsc#1152002).\n\n- The ceph dashboard now supports silencing Prometheus notifications\n (bsc#1141174).\n\n- The no{up,down,in,out} related commands have been revamped (bsc#1151990).\n\n- Radosgw-admin got two new subcommands for managing expire-stale objects\n (bsc#1151991)..\n\n- Deploying a single new BlueStore OSD on a cluster upgraded to SES6 from SES5\n used to break pool utilization stats reported by ceph df (bsc#1151992).\n\n- Ceph clusters will issue a health warning if CRUSH tunables are older than\n \u0027hammer\u0027 (bsc#1151993).\n\n- Ceph-volume prints errors to stdout with --format json (bsc#1132767).\n\n- Changing rgw-api-host in the dashboard does not get effective without\n disable/enable dashboard mgr module (bsc#1137503).\n\n- Silenced Alertmanager alerts in the dashboard (bsc#1141174).\n\n- Fixed e2e failures in the dashboard caused by webdriver version (bsc#1145759)\n\n- librbd always tries to acquire exclusive lock when removing image an\n (bsc#1149093).\n\nFixes in ses-manual_en:\n\n- Added a new chapter with changelogs of Ceph releases. (bsc#1135584)\n- Rewrote rolling updates and replaced running stage.0 with manual commands to prevent infinite loop. (bsc#1134444)\n- Improved name of CaaSP to its fuller version. (bsc#1151439)\n- Verify which OSD\u0027s are going to be removed before running stage.5. (bsc#1150406)\n- Added two additional steps to recovering an OSD. (bsc#1147132)\n\nFixes in ceph-iscsi:\n\n- Validate kernel LIO controls type and value (bsc#1140491)\n- TPG lun_id persistence (bsc#1145618)\n- Target level CHAP authentication (bsc#1145617)\n\nceph-iscsi was updated to the upstream 3.2 release:\n\n- Always use host FQDN instead of shortname\n- Validate min/max value for target controls and rbd:user/tcmu-runner image\n controls (bsc#1140491)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2994,SUSE-Storage-6-2019-2994",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2994-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2994-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192994-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2994-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-November/006152.html"
},
{
"category": "self",
"summary": "SUSE Bug 1132767",
"url": "https://bugzilla.suse.com/1132767"
},
{
"category": "self",
"summary": "SUSE Bug 1134444",
"url": "https://bugzilla.suse.com/1134444"
},
{
"category": "self",
"summary": "SUSE Bug 1135584",
"url": "https://bugzilla.suse.com/1135584"
},
{
"category": "self",
"summary": "SUSE Bug 1137503",
"url": "https://bugzilla.suse.com/1137503"
},
{
"category": "self",
"summary": "SUSE Bug 1140491",
"url": "https://bugzilla.suse.com/1140491"
},
{
"category": "self",
"summary": "SUSE Bug 1141174",
"url": "https://bugzilla.suse.com/1141174"
},
{
"category": "self",
"summary": "SUSE Bug 1145093",
"url": "https://bugzilla.suse.com/1145093"
},
{
"category": "self",
"summary": "SUSE Bug 1145617",
"url": "https://bugzilla.suse.com/1145617"
},
{
"category": "self",
"summary": "SUSE Bug 1145618",
"url": "https://bugzilla.suse.com/1145618"
},
{
"category": "self",
"summary": "SUSE Bug 1145759",
"url": "https://bugzilla.suse.com/1145759"
},
{
"category": "self",
"summary": "SUSE Bug 1146656",
"url": "https://bugzilla.suse.com/1146656"
},
{
"category": "self",
"summary": "SUSE Bug 1147132",
"url": "https://bugzilla.suse.com/1147132"
},
{
"category": "self",
"summary": "SUSE Bug 1149093",
"url": "https://bugzilla.suse.com/1149093"
},
{
"category": "self",
"summary": "SUSE Bug 1150406",
"url": "https://bugzilla.suse.com/1150406"
},
{
"category": "self",
"summary": "SUSE Bug 1151439",
"url": "https://bugzilla.suse.com/1151439"
},
{
"category": "self",
"summary": "SUSE Bug 1151990",
"url": "https://bugzilla.suse.com/1151990"
},
{
"category": "self",
"summary": "SUSE Bug 1151991",
"url": "https://bugzilla.suse.com/1151991"
},
{
"category": "self",
"summary": "SUSE Bug 1151992",
"url": "https://bugzilla.suse.com/1151992"
},
{
"category": "self",
"summary": "SUSE Bug 1151993",
"url": "https://bugzilla.suse.com/1151993"
},
{
"category": "self",
"summary": "SUSE Bug 1151994",
"url": "https://bugzilla.suse.com/1151994"
},
{
"category": "self",
"summary": "SUSE Bug 1151995",
"url": "https://bugzilla.suse.com/1151995"
},
{
"category": "self",
"summary": "SUSE Bug 1152002",
"url": "https://bugzilla.suse.com/1152002"
},
{
"category": "self",
"summary": "SUSE Bug 1156282",
"url": "https://bugzilla.suse.com/1156282"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10222 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10222/"
}
],
"title": "Security update for ceph",
"tracking": {
"current_release_date": "2019-11-18T12:34:35Z",
"generator": {
"date": "2019-11-18T12:34:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2994-1",
"initial_release_date": "2019-11-18T12:34:35Z",
"revision_history": [
{
"date": "2019-11-18T12:34:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ceph-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-base-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-base-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-base-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-common-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-common-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-common-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-fuse-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-fuse-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-fuse-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-mds-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-mds-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-mds-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-mgr-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-mgr-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-mgr-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-mon-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-mon-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-mon-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-osd-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-osd-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-osd-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ceph-radosgw-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "ceph-radosgw-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "ceph-radosgw-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "cephfs-shell-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "cephfs-shell-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "cephfs-shell-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcephfs-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "libcephfs-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "libcephfs-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libcephfs2-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "libcephfs2-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "libcephfs2-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "librados-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "librados-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "librados-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "librados2-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "librados2-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "librados2-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libradospp-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "libradospp-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "libradospp-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "librbd-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "librbd-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "librbd-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "librbd1-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "librbd1-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "librbd1-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "librgw-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "librgw-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "librgw-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "librgw2-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "librgw2-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "librgw2-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-ceph-argparse-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "python3-ceph-argparse-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "python3-ceph-argparse-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-cephfs-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "python3-cephfs-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "python3-cephfs-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-rados-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "python3-rados-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "python3-rados-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-rbd-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "python3-rbd-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "python3-rbd-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-rgw-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "python3-rgw-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "python3-rgw-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "rados-objclass-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "rados-objclass-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "rados-objclass-devel-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "rbd-fuse-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "rbd-fuse-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "rbd-fuse-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "rbd-mirror-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "rbd-mirror-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "rbd-mirror-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "rbd-nbd-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product": {
"name": "rbd-nbd-14.2.4.386+g73475e3ee1-3.6.1.aarch64",
"product_id": "rbd-nbd-14.2.4.386+g73475e3ee1-3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ceph-dashboard-e2e-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product": {
"name": "ceph-dashboard-e2e-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product_id": "ceph-dashboard-e2e-14.2.4.386+g73475e3ee1-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-grafana-dashboards-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product": {
"name": "ceph-grafana-dashboards-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product_id": "ceph-grafana-dashboards-14.2.4.386+g73475e3ee1-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch",
"product": {
"name": "ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch",
"product_id": "ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-dashboard-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product": {
"name": "ceph-mgr-dashboard-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product_id": "ceph-mgr-dashboard-14.2.4.386+g73475e3ee1-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-diskprediction-cloud-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product": {
"name": "ceph-mgr-diskprediction-cloud-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product_id": "ceph-mgr-diskprediction-cloud-14.2.4.386+g73475e3ee1-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-diskprediction-local-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product": {
"name": "ceph-mgr-diskprediction-local-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product_id": "ceph-mgr-diskprediction-local-14.2.4.386+g73475e3ee1-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-rook-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product": {
"name": "ceph-mgr-rook-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product_id": "ceph-mgr-rook-14.2.4.386+g73475e3ee1-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-mgr-ssh-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product": {
"name": "ceph-mgr-ssh-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product_id": "ceph-mgr-ssh-14.2.4.386+g73475e3ee1-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "ceph-prometheus-alerts-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product": {
"name": "ceph-prometheus-alerts-14.2.4.386+g73475e3ee1-3.6.1.noarch",
"product_id": "ceph-prometheus-alerts-14.2.4.386+g73475e3ee1-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch",
"product": {
"name": "ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch",
"product_id": "ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch"
}
},
{
"category": "product_version",
"name": "ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch",
"product": {
"name": "ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch",
"product_id": "ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch"
}
},
{
"category": "product_version",
"name": "ses-manual_en-6+git145.1558531-3.17.1.noarch",
"product": {
"name": "ses-manual_en-6+git145.1558531-3.17.1.noarch",
"product_id": "ses-manual_en-6+git145.1558531-3.17.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ceph-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-base-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-base-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-base-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-common-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-common-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-common-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-fuse-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-fuse-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-fuse-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mds-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-mds-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-mds-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mgr-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-mgr-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-mgr-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-mon-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-mon-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-mon-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-osd-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-osd-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-osd-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ceph-radosgw-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "ceph-radosgw-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "ceph-radosgw-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "cephfs-shell-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "cephfs-shell-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "cephfs-shell-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcephfs-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "libcephfs-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "libcephfs-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libcephfs2-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "libcephfs2-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "libcephfs2-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "librados-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "librados-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "librados-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "librados2-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "librados2-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "librados2-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libradospp-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "libradospp-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "libradospp-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "librbd-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "librbd-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "librbd-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "librbd1-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "librbd1-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "librbd1-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "librgw-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "librgw-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "librgw-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "librgw2-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "librgw2-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "librgw2-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-ceph-argparse-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "python3-ceph-argparse-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "python3-ceph-argparse-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-cephfs-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "python3-cephfs-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "python3-cephfs-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rados-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "python3-rados-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "python3-rados-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rbd-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "python3-rbd-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "python3-rbd-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-rgw-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "python3-rgw-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "python3-rgw-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "rados-objclass-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "rados-objclass-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "rados-objclass-devel-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-fuse-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "rbd-fuse-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "rbd-fuse-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-mirror-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "rbd-mirror-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "rbd-mirror-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "rbd-nbd-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product": {
"name": "rbd-nbd-14.2.4.386+g73475e3ee1-3.6.1.x86_64",
"product_id": "rbd-nbd-14.2.4.386+g73475e3ee1-3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch"
},
"product_reference": "ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch"
},
"product_reference": "ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch"
},
"product_reference": "ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ses-manual_en-6+git145.1558531-3.17.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:ses-manual_en-6+git145.1558531-3.17.1.noarch"
},
"product_reference": "ses-manual_en-6+git145.1558531-3.17.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10222"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch",
"SUSE Enterprise Storage 6:ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch",
"SUSE Enterprise Storage 6:ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch",
"SUSE Enterprise Storage 6:ses-manual_en-6+git145.1558531-3.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10222",
"url": "https://www.suse.com/security/cve/CVE-2019-10222"
},
{
"category": "external",
"summary": "SUSE Bug 1139399 for CVE-2019-10222",
"url": "https://bugzilla.suse.com/1139399"
},
{
"category": "external",
"summary": "SUSE Bug 1145093 for CVE-2019-10222",
"url": "https://bugzilla.suse.com/1145093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch",
"SUSE Enterprise Storage 6:ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch",
"SUSE Enterprise Storage 6:ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch",
"SUSE Enterprise Storage 6:ses-manual_en-6+git145.1558531-3.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 6:ceph-iscsi-3.3+1570532654.g93940a4-3.7.1.noarch",
"SUSE Enterprise Storage 6:ses-admin_en-pdf-6+git145.1558531-3.17.1.noarch",
"SUSE Enterprise Storage 6:ses-deployment_en-pdf-6+git145.1558531-3.17.1.noarch",
"SUSE Enterprise Storage 6:ses-manual_en-6+git145.1558531-3.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-18T12:34:35Z",
"details": "important"
}
],
"title": "CVE-2019-10222"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…