Headline
RHSA-2022:1394: Red Hat Security Advisory: Red Hat Ceph Storage 3 Security and Bug Fix update
An update is now available for Red Hat Ceph Storage 3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-20288: ceph: Unauthorized global_id reuse in cephx
Synopsis
Important: Red Hat Ceph Storage 3 Security and Bug Fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update is now available for Red Hat Ceph Storage 3.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
Security Fix(es):
- ceph: Unauthorized global_id reuse in cephx (CVE-2021-20288)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Ceph Storage - Extended Life Cycle Support 3 x86_64
- Red Hat Ceph Storage MON - Extended Life Cycle Support 3 x86_64
- Red Hat Ceph Storage OSD - Extended Life Cycle Support 3 x86_64
- Red Hat Ceph Storage - Extended Life Cycle Support for IBM Power, little endian 3 ppc64le
- Red Hat Ceph Storage MON - Extended Life Cycle Support for IBM Power, little endian 3 ppc64le
- Red Hat Ceph Storage OSD - Extended Life Cycle Support for IBM Power, little endian 3 ppc64le
Fixes
- BZ - 1938031 - CVE-2021-20288 ceph: Unauthorized global_id reuse in cephx
- BZ - 2068353 - [Ceph-ansible]: Adding osd using add-osd.yml fails
- BZ - 2069491 - [Ceph-ansible]: RHCS deployment fails for non-devices osd scenario
- BZ - 2071676 - Adding rgw using site-container.yml with limit fails
Red Hat Ceph Storage - Extended Life Cycle Support 3
SRPM
ceph-12.2.12-141.el7cp.src.rpm
SHA-256: f770dfb89b9333962c6a25e870c1b1c4e9c7f7c7baee339b9001fe3316dce14d
ceph-ansible-3.2.59-1.el7cp.src.rpm
SHA-256: 01c06d6eb83b9167d28a70ad673a27fde1da658cbcd24f876df1c80817ed05e9
x86_64
ceph-ansible-3.2.59-1.el7cp.noarch.rpm
SHA-256: a33b41c7a9de13c7aeace679d00477e49a2b5d86c733d8c98647e56ad7161fb2
ceph-base-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5966185d78345baaa7c30cf2f5d764ec95811e6952c8af207d69d8c0bf797fae
ceph-common-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 471938ad3f3b1b9def2108512bd786798446b75cccf7fc615d0db7bba7d0caa4
ceph-debuginfo-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5d9f0e62ca00ab25bd81b3d405081874fbd35c354cab724835af0805fc2476e1
ceph-fuse-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 4150f18d720cd555b0cb921aafa2f71a04060b3c216910a35b04b090cfc96053
ceph-mds-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 4480a3b3730b4d789fba8a63fb91589730fb0d187331de8f3420dec88be97139
ceph-radosgw-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 4f916d77c104c5848a2df42692ea8cf10f3466a143121016d20be850d14c1101
ceph-selinux-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 210c2c73154f083f0cb41b3ca0c28745caaee6327f3ee8b3dcb329879fe9ab36
libcephfs-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 591213b6b11e9036c0fd1f3460f07a2756b2bfb0b3e31be76d6ffab98d155026
libcephfs2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: f68c2a02fb319e9956ba494f9e198a3183b376b1ba9fe0a2b0c7672a15403eb6
librados-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 51a01d1ab523808acbb00820c54ec5621d715242dc386ffa0979272447d1595b
librados2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: acb4fe8c39fd01e44ef131b0ba2387b3b66dbc41eeaca34c48874a0ea1bc7d46
libradosstriper1-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 9416eccffd47e350f4f029a0a2eb6cda93cfd7e10eb78de88258d893dcc8dbf5
librbd-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 0eb01e10cb5c160117f97808096efcd9a2477a20833a4c34ea9259fe2cb14bb0
librbd1-12.2.12-141.el7cp.x86_64.rpm
SHA-256: aa6375106fe6060f2e31fafbb89d17c5ced2fe30722258fb8db0ffb5a4d5a84b
librgw-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: aaf8c9d0c81e42a0c593f12e92a168acf21df8fbe7cdc32feb3e4993b29eafa9
librgw2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5972808f6f3a94ab3977d44f68972ce87b618a75bd4e48094cd37dbbb67449ab
python-cephfs-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 3d4d72e8111eb09fd9d8365bcdf33d03b59328960ca79a4475753ddbf7197c8d
python-rados-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 11fbec8b79bbdd9641594b19efe46a53e7a9e9861e31a2a956a1a4a72f169441
python-rbd-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 790d043ab75e92bbec4d5bf0c78ed495db51779a7a64a9fcf200ab8a3c7af13e
python-rgw-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 32ca13a3031ae5ab48252246d52df5978bb6ee578b364a4cd2007407e2aa678d
rbd-mirror-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 30c5db300877556634626e0c24f1ebe8677f5ab629a5a925397d1816a7002bd9
Red Hat Ceph Storage MON - Extended Life Cycle Support 3
SRPM
ceph-12.2.12-141.el7cp.src.rpm
SHA-256: f770dfb89b9333962c6a25e870c1b1c4e9c7f7c7baee339b9001fe3316dce14d
x86_64
ceph-base-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5966185d78345baaa7c30cf2f5d764ec95811e6952c8af207d69d8c0bf797fae
ceph-common-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 471938ad3f3b1b9def2108512bd786798446b75cccf7fc615d0db7bba7d0caa4
ceph-debuginfo-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5d9f0e62ca00ab25bd81b3d405081874fbd35c354cab724835af0805fc2476e1
ceph-mgr-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 2c19f7db5a990bb5d079d0186ba233283796f7b0b97c20ce44ccaae9a364de71
ceph-mon-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 8ad5848b2e5731f3f15a4e27b47b4d94d4b5b62c82608b07652a22b9d7df6969
ceph-selinux-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 210c2c73154f083f0cb41b3ca0c28745caaee6327f3ee8b3dcb329879fe9ab36
ceph-test-12.2.12-141.el7cp.x86_64.rpm
SHA-256: bb8734059b41f6dc4c46fe19aabd83796d4e997a0a771c86d8af96e186cc9680
libcephfs-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 591213b6b11e9036c0fd1f3460f07a2756b2bfb0b3e31be76d6ffab98d155026
libcephfs2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: f68c2a02fb319e9956ba494f9e198a3183b376b1ba9fe0a2b0c7672a15403eb6
librados-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 51a01d1ab523808acbb00820c54ec5621d715242dc386ffa0979272447d1595b
librados2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: acb4fe8c39fd01e44ef131b0ba2387b3b66dbc41eeaca34c48874a0ea1bc7d46
libradosstriper1-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 9416eccffd47e350f4f029a0a2eb6cda93cfd7e10eb78de88258d893dcc8dbf5
librbd-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 0eb01e10cb5c160117f97808096efcd9a2477a20833a4c34ea9259fe2cb14bb0
librbd1-12.2.12-141.el7cp.x86_64.rpm
SHA-256: aa6375106fe6060f2e31fafbb89d17c5ced2fe30722258fb8db0ffb5a4d5a84b
librgw-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: aaf8c9d0c81e42a0c593f12e92a168acf21df8fbe7cdc32feb3e4993b29eafa9
librgw2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5972808f6f3a94ab3977d44f68972ce87b618a75bd4e48094cd37dbbb67449ab
python-cephfs-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 3d4d72e8111eb09fd9d8365bcdf33d03b59328960ca79a4475753ddbf7197c8d
python-rados-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 11fbec8b79bbdd9641594b19efe46a53e7a9e9861e31a2a956a1a4a72f169441
python-rbd-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 790d043ab75e92bbec4d5bf0c78ed495db51779a7a64a9fcf200ab8a3c7af13e
python-rgw-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 32ca13a3031ae5ab48252246d52df5978bb6ee578b364a4cd2007407e2aa678d
Red Hat Ceph Storage OSD - Extended Life Cycle Support 3
SRPM
ceph-12.2.12-141.el7cp.src.rpm
SHA-256: f770dfb89b9333962c6a25e870c1b1c4e9c7f7c7baee339b9001fe3316dce14d
x86_64
ceph-base-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5966185d78345baaa7c30cf2f5d764ec95811e6952c8af207d69d8c0bf797fae
ceph-common-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 471938ad3f3b1b9def2108512bd786798446b75cccf7fc615d0db7bba7d0caa4
ceph-debuginfo-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5d9f0e62ca00ab25bd81b3d405081874fbd35c354cab724835af0805fc2476e1
ceph-osd-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 74b09bfa1e2bd8a5585bb54c6b6c11d8353d734774d5d983c7e1edfbd02835e7
ceph-selinux-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 210c2c73154f083f0cb41b3ca0c28745caaee6327f3ee8b3dcb329879fe9ab36
ceph-test-12.2.12-141.el7cp.x86_64.rpm
SHA-256: bb8734059b41f6dc4c46fe19aabd83796d4e997a0a771c86d8af96e186cc9680
libcephfs-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 591213b6b11e9036c0fd1f3460f07a2756b2bfb0b3e31be76d6ffab98d155026
libcephfs2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: f68c2a02fb319e9956ba494f9e198a3183b376b1ba9fe0a2b0c7672a15403eb6
librados-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 51a01d1ab523808acbb00820c54ec5621d715242dc386ffa0979272447d1595b
librados2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: acb4fe8c39fd01e44ef131b0ba2387b3b66dbc41eeaca34c48874a0ea1bc7d46
libradosstriper1-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 9416eccffd47e350f4f029a0a2eb6cda93cfd7e10eb78de88258d893dcc8dbf5
librbd-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 0eb01e10cb5c160117f97808096efcd9a2477a20833a4c34ea9259fe2cb14bb0
librbd1-12.2.12-141.el7cp.x86_64.rpm
SHA-256: aa6375106fe6060f2e31fafbb89d17c5ced2fe30722258fb8db0ffb5a4d5a84b
librgw-devel-12.2.12-141.el7cp.x86_64.rpm
SHA-256: aaf8c9d0c81e42a0c593f12e92a168acf21df8fbe7cdc32feb3e4993b29eafa9
librgw2-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 5972808f6f3a94ab3977d44f68972ce87b618a75bd4e48094cd37dbbb67449ab
python-cephfs-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 3d4d72e8111eb09fd9d8365bcdf33d03b59328960ca79a4475753ddbf7197c8d
python-rados-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 11fbec8b79bbdd9641594b19efe46a53e7a9e9861e31a2a956a1a4a72f169441
python-rbd-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 790d043ab75e92bbec4d5bf0c78ed495db51779a7a64a9fcf200ab8a3c7af13e
python-rgw-12.2.12-141.el7cp.x86_64.rpm
SHA-256: 32ca13a3031ae5ab48252246d52df5978bb6ee578b364a4cd2007407e2aa678d
Red Hat Ceph Storage - Extended Life Cycle Support for IBM Power, little endian 3
SRPM
ceph-12.2.12-141.el7cp.src.rpm
SHA-256: f770dfb89b9333962c6a25e870c1b1c4e9c7f7c7baee339b9001fe3316dce14d
ppc64le
ceph-base-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: fa5574419426d94290821de8a889ffb72b436d584e92b24aa721491fc9ae56f0
ceph-common-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: dc7d11e4d3ac625da293b770cfdbd55d3c4ce510362fb0dbae3903404594efdb
ceph-debuginfo-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: d89764dc5716061e84514371e5335545a8495995ddb17ea9c4fe10649aa52a49
ceph-fuse-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: a6ad11c38eab48622c963d52478504509e382e5b0c96ced387987be9cf2757ec
ceph-mds-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: f0832d140111dbdcb4282c36888c55a2d142fd2a991852719d3f68f67e113144
ceph-radosgw-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 87277d972643dde86ec29292e9589359298eadc579e85d3aa9eb74bfe407cd23
ceph-selinux-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b09311b985025898c6c146e92fdea3af74f2e5653b84171c6842a71215617c7a
libcephfs-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 2264348c23372d2bbad68934643e50e680cdd5d81b87dbc9018f24cd521e4942
libcephfs2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b34e2ff1b4cacb4f379a275629208c908fb4318ef6f1609dc1833d8003be9196
librados-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: c811d18387f0b82266520057a30587f942224f9131499086c415e676674adb2d
librados2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 4c1ee14ea88c64166dfa5149bf6ade8aade1d91654ac70a82a864e48265b8b1c
libradosstriper1-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: ff1eada849ac36b1f2c87cc7de18a4a9bcd1299d9e34fe0164479449678f13ef
librbd-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: a4059f82ab04a748dc3e8bf0b619cee104dd6b7472366f8136c42eb54136e136
librbd1-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b1b44674221f219b10feb84c1ecaa28a70de6f093605572a682075457d48bcc0
librgw-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 03ff38bf36d1ec156d1e2c6eb478129738be67915ffd5e77709fc51259f54303
librgw2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: ab6b20b95d56b906330babec82c1b199771bb1b5eead8fa9030076c6580c0c5f
python-cephfs-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 1d6378caae26a7d0728201d46ec5a999e4416dec9922eb98714909fdddf7c957
python-rados-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 804dfaed9515d74aa76e5c6d5d475e6bfe252ddb5bf978377a2d2b7cc129442c
python-rbd-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: bf6321778d112e5751852655d808d1a513659872a19630f44fb768bcf5a8321b
python-rgw-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 507dbd190ba7afa4acece81c33a21a6560158f90854003545d19f6193a50e914
rbd-mirror-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: d8cbab1d5eedc21441fb24c8b510660c2d1c6b671d19178b7f975b79dbf9a3c0
Red Hat Ceph Storage MON - Extended Life Cycle Support for IBM Power, little endian 3
SRPM
ceph-12.2.12-141.el7cp.src.rpm
SHA-256: f770dfb89b9333962c6a25e870c1b1c4e9c7f7c7baee339b9001fe3316dce14d
ppc64le
ceph-base-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: fa5574419426d94290821de8a889ffb72b436d584e92b24aa721491fc9ae56f0
ceph-common-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: dc7d11e4d3ac625da293b770cfdbd55d3c4ce510362fb0dbae3903404594efdb
ceph-debuginfo-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: d89764dc5716061e84514371e5335545a8495995ddb17ea9c4fe10649aa52a49
ceph-mgr-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: d42ff71a30fd1c91d8a5aa07099ae11db0e92536427da64d5a12b4b93a6033f1
ceph-mon-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 030f79c23d283ae64d47fcd3a55422e4cb2923daa297be52ee306272ad68f957
ceph-selinux-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b09311b985025898c6c146e92fdea3af74f2e5653b84171c6842a71215617c7a
libcephfs-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 2264348c23372d2bbad68934643e50e680cdd5d81b87dbc9018f24cd521e4942
libcephfs2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b34e2ff1b4cacb4f379a275629208c908fb4318ef6f1609dc1833d8003be9196
librados-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: c811d18387f0b82266520057a30587f942224f9131499086c415e676674adb2d
librados2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 4c1ee14ea88c64166dfa5149bf6ade8aade1d91654ac70a82a864e48265b8b1c
libradosstriper1-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: ff1eada849ac36b1f2c87cc7de18a4a9bcd1299d9e34fe0164479449678f13ef
librbd-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: a4059f82ab04a748dc3e8bf0b619cee104dd6b7472366f8136c42eb54136e136
librbd1-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b1b44674221f219b10feb84c1ecaa28a70de6f093605572a682075457d48bcc0
librgw-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 03ff38bf36d1ec156d1e2c6eb478129738be67915ffd5e77709fc51259f54303
librgw2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: ab6b20b95d56b906330babec82c1b199771bb1b5eead8fa9030076c6580c0c5f
python-cephfs-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 1d6378caae26a7d0728201d46ec5a999e4416dec9922eb98714909fdddf7c957
python-rados-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 804dfaed9515d74aa76e5c6d5d475e6bfe252ddb5bf978377a2d2b7cc129442c
python-rbd-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: bf6321778d112e5751852655d808d1a513659872a19630f44fb768bcf5a8321b
python-rgw-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 507dbd190ba7afa4acece81c33a21a6560158f90854003545d19f6193a50e914
Red Hat Ceph Storage OSD - Extended Life Cycle Support for IBM Power, little endian 3
SRPM
ceph-12.2.12-141.el7cp.src.rpm
SHA-256: f770dfb89b9333962c6a25e870c1b1c4e9c7f7c7baee339b9001fe3316dce14d
ppc64le
ceph-base-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: fa5574419426d94290821de8a889ffb72b436d584e92b24aa721491fc9ae56f0
ceph-common-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: dc7d11e4d3ac625da293b770cfdbd55d3c4ce510362fb0dbae3903404594efdb
ceph-debuginfo-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: d89764dc5716061e84514371e5335545a8495995ddb17ea9c4fe10649aa52a49
ceph-osd-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 80940a3201b0858409460db4b40b7f97399fec5a61cb4503c24780a9d8190869
ceph-selinux-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b09311b985025898c6c146e92fdea3af74f2e5653b84171c6842a71215617c7a
libcephfs-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 2264348c23372d2bbad68934643e50e680cdd5d81b87dbc9018f24cd521e4942
libcephfs2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b34e2ff1b4cacb4f379a275629208c908fb4318ef6f1609dc1833d8003be9196
librados-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: c811d18387f0b82266520057a30587f942224f9131499086c415e676674adb2d
librados2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 4c1ee14ea88c64166dfa5149bf6ade8aade1d91654ac70a82a864e48265b8b1c
libradosstriper1-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: ff1eada849ac36b1f2c87cc7de18a4a9bcd1299d9e34fe0164479449678f13ef
librbd-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: a4059f82ab04a748dc3e8bf0b619cee104dd6b7472366f8136c42eb54136e136
librbd1-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: b1b44674221f219b10feb84c1ecaa28a70de6f093605572a682075457d48bcc0
librgw-devel-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 03ff38bf36d1ec156d1e2c6eb478129738be67915ffd5e77709fc51259f54303
librgw2-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: ab6b20b95d56b906330babec82c1b199771bb1b5eead8fa9030076c6580c0c5f
python-cephfs-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 1d6378caae26a7d0728201d46ec5a999e4416dec9922eb98714909fdddf7c957
python-rados-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 804dfaed9515d74aa76e5c6d5d475e6bfe252ddb5bf978377a2d2b7cc129442c
python-rbd-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: bf6321778d112e5751852655d808d1a513659872a19630f44fb768bcf5a8321b
python-rgw-12.2.12-141.el7cp.ppc64le.rpm
SHA-256: 507dbd190ba7afa4acece81c33a21a6560158f90854003545d19f6193a50e914
Related news
An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-0466: kernel: use after free in eventpoll.c may lead to escalation of privilege * CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation * CVE-2021-4155: kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL * CVE-2022-0492: kernel: cgroups v1 release_agent feature may ...
An update for the container-tools:2.0 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27651: buildah: Default inheritable capabilities for linux container should be empty
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4091: 389-ds-base: double free of the virtual attribute context in persistent search
Invicti Acunetix before 14 allows CSV injection via the Description field on the Add Targets page, if the Export CSV feature is used.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
Red Hat OpenShift Virtualization release 2.6.10 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33195: golang: net: lookup functions may return invalid host names * CVE-2021-33197: golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty * CVE-2021-33198: golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs...
An Access Control vulnerability exists in Desire2Learn/D2L Learning Management System (LMS) 20.21.7 via the quizzing feature, which allows a remote malicious user to disable the Disable right click control.
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.
The Migration Toolkit for Containers (MTC) 1.5.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-36221: golang: net/http/httputil: panic due to racy read of persistConn after handler panic
Swimlane’s Asia-Pacific presence grows 173%, highlighting rising demand for low-code security automation.
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.
Google and other firms are adding security configuration to software so cloud applications and services have well-defined security settings — a key component of DevSecOps.
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
IT departments must account for the business impact and security risks such applications introduce.
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided file.
An exploitable code execution vulnerability exists in the file format parsing functionality of Graphisoft BIMx Desktop Viewer 2019.2.2328. A specially crafted file can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in the repository directory that are not explicitly excluded via the ``build_ignore`` list in "galaxy.yml" include files in the ``.tar.gz`` file. This contains sensitive info, such as the user's Ansible Galaxy API key and any secrets in ``ansible`` or ``ansible-playbook`` verbose output without the``no_log`` redaction. Currently, there is no way to deprecate a Collection Or delete a Collection Version. Once published, anyone who downloads or installs the collection can view the secrets.
A flaw was found in WildFly Elytron. A variation to the use of a session fixation exploit when using Undertow was found despite Undertow switching the session ID after authentication.
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system.
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
The ongoing war in Ukraine means that defenses are only as good and as strong as those with whom we partner.