Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE Enterprise Storage 6: 2019:2994-1 Important: Ceph DoS Issue

suse
Calendar Grey November 18, 2019
Dist Suse Esm H88
SUSE has issued a security update for Ceph, addressing vulnerabilities related to denial of service and various other critical concerns.
An update that solves one vulnerability and has 22 fixes is now available

Summary

This update for ceph fixes the following issues: - A previous update introduced a regression with the potential to cause RocksDB data corruption in Nautilus (bsc#1156282). - Support for iSCSI target-level CHAP authentication was added (bsc#1145617). - Implemented validation and rendering of iSCSI controls based "type" (bsc#1140491). - Fixed an error while editing iSCSI image advanced settings (bsc#1146656). - Fixed a ceph-volume regression. SES customers were never exposed to this regression (bsc#1132767). - Fixed a denial of service vulnerability where an unauthenticated client of Ceph Object Gateway could trigger a crash from an uncaught exception (bsc#1145093, CVE-2019-10222) - Nautilus-based librbd clients could not open images on Jewel clusters (bsc#1151994).

Topics%20covered

Topics Covered

security advisory denial of service update important fix ceph

References

#1132767 #1134444 #1135584 #1137503 #1140491

#1141174 #1145093 #1145617 #1145618 #1145759

#1146656 #1147132 #1149093 #1150406 #1151439

#1151990 #1151991 #1151992 #1151993 #1151994

#1151995 #1152002 #1156282

Cross- CVE-2019-10222

Affected Products:

SUSE Enterprise Storage 6

https://www.suse.com/security/cve/CVE-2019-10222.html

https://bugzilla.suse.com/1132767

https://bugzilla.suse.com/1134444

https://bugzilla.suse.com/1135584

https://bugzilla.suse.com/1137503

https://bugzilla.suse.com/1140491

https://bugzilla.suse.com/1141174

https://bugzilla.suse.com/1145093

https://bugzilla.suse.com/1145617

https://bugzilla.suse.com/1145618

https://bugzilla.suse.com/1145759

https://bugzilla.suse.com/1146656

https://bugzilla.suse.com/1147132

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:2994-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service update important fix ceph

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here