Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Red Hat: RHSA-2019:4353-01 Moderate: Ceph Security Issue—DoS

red hat
Calendar Grey December 19, 2019
Dist Redhat Esm H88
Critical Security Patch: Red Hat Ceph Storage 3.3 resolved vulnerabilities and a denial of service concern, consult advisory for further information.
An update is now available for Red Hat Ceph Storage 3.3 that runs on Red Hat Enterprise Linux 7

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
Security Fix(es):
* ceph: denial of service in RGW daemon (CVE-2019-19337)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es) and Enhancement(s):
For detailed information on changes in this release, see the Red Hat Ceph Storage 3.3 Release Notes available at:
- -single/release_notes/index

Topics%20covered

Topics Covered

security advisory denial of service bug fix moderate severity Red Hat Ceph Storage

References

https://access.redhat.com/security/cve/CVE-2019-19337 https://access.redhat.com/security/updates/classification/#moderate

Package List

Red Hat Ceph Storage 3.3 MON:
Source: ceph-12.2.12-84.el7cp.src.rpm
ppc64le: ceph-base-12.2.12-84.el7cp.ppc64le.rpm ceph-common-12.2.12-84.el7cp.ppc64le.rpm ceph-debuginfo-12.2.12-84.el7cp.ppc64le.rpm ceph-mgr-12.2.12-84.el7cp.ppc64le.rpm ceph-mon-12.2.12-84.el7cp.ppc64le.rpm ceph-selinux-12.2.12-84.el7cp.ppc64le.rpm libcephfs-devel-12.2.12-84.el7cp.ppc64le.rpm libcephfs2-12.2.12-84.el7cp.ppc64le.rpm librados-devel-12.2.12-84.el7cp.ppc64le.rpm librados2-12.2.12-84.el7cp.ppc64le.rpm libradosstriper1-12.2.12-84.el7cp.ppc64le.rpm librbd-devel-12.2.12-84.el7cp.ppc64le.rpm librbd1-12.2.12-84.el7cp.ppc64le.rpm librgw-devel-12.2.12-84.el7cp.ppc64le.rpm librgw2-12.2.12-84.el7cp.ppc64le.rpm python-cephfs-12.2.12-84.el7cp.ppc64le.rpm python-rados-12.2.12-84.el7cp.ppc64le.rpm python-rbd-12.2.12-84.el7cp.ppc64le.rpm python-rgw-12.2.12-84.el7cp.ppc64le.rpm
x86_64: ceph-base-12.2.12-84.el7cp.x86_64.rpm ceph-common-12.2.12-84.el7cp.x86_64.rpm ceph-debuginfo-12.2.12-84.el7cp.x86_64.rpm ceph-mgr-12.2.12-84.el7cp.x86_64.rpm ceph-mon-12.2.12-84.el7cp.x86_64.rpm ceph-selinux-12.2.12-84.el7cp.x86_64.rpm ceph-test-12.2.12-84.el7cp.x86_64.rpm libcephfs-devel-12.2.12-84.el7cp.x86_64.rpm libcephfs2-12.2.12-84.el7cp.x86_64.rpm librados-devel-12.2.12-84.el7cp.x86_64.rpm

Read the Full Advisory


Advisory ID: RHSA-2019:4353-01
Product: Red Hat Ceph Storage
Advisory URL: https://access.redhat.com/errata/RHSA-2019:4353
Issue date: 2019-12-19

Topic

An update is now available for Red Hat Ceph Storage 3.3 that runs on RedHat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory denial of service bug fix moderate severity Red Hat Ceph Storage

Relevant Releases Architectures

Red Hat Ceph Storage 3.3 MON - ppc64le, x86_64

Red Hat Ceph Storage 3.3 OSD - ppc64le, x86_64

Red Hat Ceph Storage 3.3 Tools - noarch, ppc64le, x86_64

Bugs Fixed

1552210 - [ceph-ansible] [ceph-container] : failed to add new mgr with '--limit' option - trying to copy mgr keyring without generating

1569689 - MDS rolling-upgrade process needs to be changed to follow new recommendations

1603551 - OSP13 deploy fails pg count exceeds max

1616159 - [ceph-ansible] [ceph-container] : switch from rpm to containerized - OSDs not coming up after the switch saying encrypted device still in use

1622729 - remove warnings for unsupported variables

1623580 - [RFE] Prevent customers from installing an OSD device on the same disk as the OS

1638904 - lv-create.yml/lv-teardown.yml should fail if lv_vars.yaml has not been edited

1640525 - [Ceph-Ansible] Missing fourth and fifth scenarios in osds.yml.sample

1644611 - [RFE] Listing ceph-disk’s OSDs

1646456 - [ceph-ansible] - ubuntu - playbook must fail if debian rhcs packages are not installed

1654790 - ceph-validate : No clear error when osd_scenario is not set

1664112 - Cache size is not created correctly in a hyperconverged installation when using the is_hci flag

1665877 - RBD mirroring configuration issue with ceph-ansible

1734513 - all users has access to read ceph manager client keyring files

1744529 - fetching config overrides can result in crash due to unsafe observer calls

1749097 - ceph-ansible filestore fails to start containerized OSD when using block device like /dev/loop3

1749124 - Invalid bucket added to reshard list cannot be removed

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here