-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Ceph Storage security, bug fix, and enhancement update Advisory ID: RHSA-2016:2815-01 Product: Red Hat Ceph Storage Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2815.html Issue date: 2016-11-22 CVE Names: CVE-2016-8626 ===================================================================== 1. Summary: An update is now available for Red Hat Ceph Storage 2.1 that fix one security issue, multiple bugs, and add various enhancements. This erratum is applicable for Red Hat Ceph Storage that runs on RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Ceph Storage MON 2 - x86_64 Red Hat Ceph Storage OSD 2 - x86_64 Red Hat Ceph Storage Tools 2 - noarch, x86_64 3. Description: Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The following packages have been upgraded to a newer upstream version: ceph (10.2.3), ceph-deploy (1.5.36), calamari-server (1.4.9), nfs-ganesha (2.4.0), ceph-iscsi-config (1.5), libntirpc (1.4.1), ceph-iscsi-tools (1.1). (BZ#1340004, BZ#1349999) Security Fix(es): * A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests. (CVE-2016-8626) Bug Fix(es) and Enhancement(s): For detailed information on changes in this release, see the Red Hat Ceph Storage 2.1 Release Notes available at: https://access.redhat.com/documentation/en/red-hat-ceph-storage/2.1/single/ release-notes/ All users of Red Hat Ceph Storage are advised to upgrade to these updated packages. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1241725 - No or not correct input validation in "ceph" cli 1265792 - [RFE] Static website hosting 1300855 - [RFE] Support for PKIZ and other token formats with Keystone integration 1314582 - RGW: S3 request-payer 1314584 - RGW: indexless buckets 1318409 - RGW deletion is sequential and slow on large buckets of objects 1326740 - ceph-disk@dev-sd<>2.service is created on all OSD nodes, and its in failed state 1331770 - reweight-by-utilization accepts 0 and -ve values for 'max_change_osds' 1332513 - [RFE] rados bench : add cleanup message with time it has taken to delete the objects when cleanup start for written objects 1333398 - [RH Ceph 2] Do a proper SELinux relabel on rhel 7.3+ 1339256 - [RFE] rgw : support size suffixes for --max-size in radosgw-admin command 1340004 - Seeing lots of "heartbeat_map" messages when stopping an MDS Server 1340772 - Seeing Error Message "librbd::SnapshotRenameRequest: encountered error: (17) File exists" 1346946 - Seeing Error message in rbd_mirror status on Master Node 1347137 - Calamari cli endpoint api returns errors for rados df 1347174 - Object Map and Fast Diff Flag is getting invalid, while doing multiple times enable/disable of Journaling on an Image 1347205 - Even after disabling Journal, the image is showing up in Slave Node 1347664 - Seeing a continuous error messge "librbd::ObjectWatcher: rbd_mirroring: handle_rewatch: error encountered during re-watch: (108) Cannot send after transport endpoint shutdown" 1348928 - Seeing a Crash at "librbd/operation/Request.cc: 92: FAILED assert(m_op_tid != 0)", while creating snapshot on Slave Node 1348940 - Restart of RBD daemon is again initiating full Sync/Copy of an Image 1349116 - RBD with object-map enabled results in poor performance with discard 1349332 - Clone creation is successful in Slave Node 1349955 - After demotion/promotion, the image is again syncing from the beginning 1349999 - [RH Ceph 2.0]: ceph-deploy handle package split for ceph-mon and ceph-osd 1350522 - S3 object versioning fails when applied on a non-master zone 1351484 - ceph-disk should timeout when a lock cannot be acquired 1352888 - [Upgrade]: on Ceph upgrade from 1.3.2 to 2.0 the RGW default zone setup is not working 1354459 - 2.0: rbd commands via API: few commands hang when used from browser 1356931 - Hitting a Crash while deleting the Mirrored Images from Master Node 1358024 - non-contiguous rgw_write/NFS WRITE operations no blocked 1359712 - A master zone switch requires radosgw to be restarted 1360849 - ceph-fuse fails to mount when entry exists in /etc/fstab 1364352 - Add zone rename to radosgw-admin(8) 1364353 - Increase log level for some of the messages that occur in rgw admin command. 1365648 - [rbd-mirror] - Unable to write data on the promoted image from secondary rbd host 1367182 - [RFE] Ansible iSCSI userland 1367442 - [RHCS-2.0] ceph-objectstore-tool: ability to perform filestore splits offline : new command apply-layout-settings 1372346 - RGW underscore issue redux 1374224 - [RFE] RHCS-2 add a tool to rebuild mon store from OSD 1377774 - Potential non-null terminated block name prefix string from API 1378675 - Assign LOG_INFO priority to syslog calls 1379835 - [RFE] [rbd-mirror] - optionally unregister "laggy" journal clients 1380601 - [RFE] [rhcs-2.y] RGW resharding tool 1381687 - RFE: rgw ldap does not support custom ldap search filters 1381692 - rgw_lookup can not exact match file name 1381694 - rgw ldap: unhandled exception on invalid token input 1382044 - Cannot disable journaling or remove non-mirrored, "non-primary" image 1383631 - Old radosgw-admin corrupt radosgw configuration for an upgrade radosgw 1383728 - [RHCS 2] RGW goes into loop causing 100% CPU utilization 1384002 - mon crash when MDSs run with standby_for_rank set 1384008 - ceph-fuse crashes intermittently when quotas are in use 1384230 - iSCSI performance is slow on secondary (non-optimised) paths during failover 1384748 - iSCSI failover time is too long when a gateway is shutdown 1385729 - nfs-ganesha 2.4.0 and libntirpc 1.4.1 1386910 - ceph-iscsi-config should make an ALUA group per iSCSI tpg created 1386939 - [ceph-iscsi-config] should allow lun definitions to be fqdn names as well as shortnames 1387332 - [rhcs-2.y] rgw: crash when client post object with null conditions 1389193 - CVE-2016-8626 Ceph: RGW Denial of Service by sending null or specially crafted POST object requests 1393665 - Multisite error handling leads to segfaults 6. Package List: Red Hat Ceph Storage Tools 2: Source: ceph-10.2.3-13.el7cp.src.rpm ceph-deploy-1.5.36-20.el7cp.src.rpm ceph-iscsi-config-1.5-1.el7cp.src.rpm ceph-iscsi-tools-1.1-1.el7cp.src.rpm libntirpc-1.4.1-1.el7.src.rpm nfs-ganesha-2.4.0-3.el7cp.src.rpm noarch: ceph-deploy-1.5.36-20.el7cp.noarch.rpm ceph-iscsi-config-1.5-1.el7cp.noarch.rpm ceph-iscsi-tools-1.1-1.el7cp.noarch.rpm x86_64: ceph-base-10.2.3-13.el7cp.x86_64.rpm ceph-common-10.2.3-13.el7cp.x86_64.rpm ceph-fuse-10.2.3-13.el7cp.x86_64.rpm ceph-mds-10.2.3-13.el7cp.x86_64.rpm ceph-radosgw-10.2.3-13.el7cp.x86_64.rpm ceph-selinux-10.2.3-13.el7cp.x86_64.rpm libcephfs1-10.2.3-13.el7cp.x86_64.rpm libcephfs1-devel-10.2.3-13.el7cp.x86_64.rpm libntirpc-1.4.1-1.el7.x86_64.rpm libntirpc-debuginfo-1.4.1-1.el7.x86_64.rpm librados2-10.2.3-13.el7cp.x86_64.rpm librados2-devel-10.2.3-13.el7cp.x86_64.rpm librbd1-10.2.3-13.el7cp.x86_64.rpm librbd1-devel-10.2.3-13.el7cp.x86_64.rpm librgw2-10.2.3-13.el7cp.x86_64.rpm librgw2-devel-10.2.3-13.el7cp.x86_64.rpm nfs-ganesha-2.4.0-3.el7cp.x86_64.rpm nfs-ganesha-debuginfo-2.4.0-3.el7cp.x86_64.rpm nfs-ganesha-rgw-2.4.0-3.el7cp.x86_64.rpm python-cephfs-10.2.3-13.el7cp.x86_64.rpm python-rados-10.2.3-13.el7cp.x86_64.rpm python-rbd-10.2.3-13.el7cp.x86_64.rpm rbd-mirror-10.2.3-13.el7cp.x86_64.rpm Red Hat Ceph Storage Tools 2: Source: ceph-10.2.3-13.el7cp.src.rpm ceph-deploy-1.5.36-20.el7cp.src.rpm ceph-iscsi-config-1.5-1.el7cp.src.rpm ceph-iscsi-tools-1.1-1.el7cp.src.rpm libntirpc-1.4.1-1.el7.src.rpm nfs-ganesha-2.4.0-3.el7cp.src.rpm noarch: ceph-deploy-1.5.36-20.el7cp.noarch.rpm ceph-iscsi-config-1.5-1.el7cp.noarch.rpm ceph-iscsi-tools-1.1-1.el7cp.noarch.rpm x86_64: ceph-base-10.2.3-13.el7cp.x86_64.rpm ceph-common-10.2.3-13.el7cp.x86_64.rpm ceph-fuse-10.2.3-13.el7cp.x86_64.rpm ceph-mds-10.2.3-13.el7cp.x86_64.rpm ceph-radosgw-10.2.3-13.el7cp.x86_64.rpm ceph-selinux-10.2.3-13.el7cp.x86_64.rpm libcephfs1-10.2.3-13.el7cp.x86_64.rpm libcephfs1-devel-10.2.3-13.el7cp.x86_64.rpm libntirpc-1.4.1-1.el7.x86_64.rpm libntirpc-debuginfo-1.4.1-1.el7.x86_64.rpm librados2-10.2.3-13.el7cp.x86_64.rpm librados2-devel-10.2.3-13.el7cp.x86_64.rpm librbd1-10.2.3-13.el7cp.x86_64.rpm librbd1-devel-10.2.3-13.el7cp.x86_64.rpm librgw2-10.2.3-13.el7cp.x86_64.rpm librgw2-devel-10.2.3-13.el7cp.x86_64.rpm nfs-ganesha-2.4.0-3.el7cp.x86_64.rpm nfs-ganesha-debuginfo-2.4.0-3.el7cp.x86_64.rpm nfs-ganesha-rgw-2.4.0-3.el7cp.x86_64.rpm python-cephfs-10.2.3-13.el7cp.x86_64.rpm python-rados-10.2.3-13.el7cp.x86_64.rpm python-rbd-10.2.3-13.el7cp.x86_64.rpm rbd-mirror-10.2.3-13.el7cp.x86_64.rpm Red Hat Ceph Storage MON 2: Source: calamari-server-1.4.9-1.el7cp.src.rpm ceph-10.2.3-13.el7cp.src.rpm x86_64: calamari-server-1.4.9-1.el7cp.x86_64.rpm ceph-base-10.2.3-13.el7cp.x86_64.rpm ceph-common-10.2.3-13.el7cp.x86_64.rpm ceph-mon-10.2.3-13.el7cp.x86_64.rpm ceph-selinux-10.2.3-13.el7cp.x86_64.rpm ceph-test-10.2.3-13.el7cp.x86_64.rpm libcephfs1-10.2.3-13.el7cp.x86_64.rpm libcephfs1-devel-10.2.3-13.el7cp.x86_64.rpm librados2-10.2.3-13.el7cp.x86_64.rpm librados2-devel-10.2.3-13.el7cp.x86_64.rpm librbd1-10.2.3-13.el7cp.x86_64.rpm librbd1-devel-10.2.3-13.el7cp.x86_64.rpm librgw2-10.2.3-13.el7cp.x86_64.rpm librgw2-devel-10.2.3-13.el7cp.x86_64.rpm python-cephfs-10.2.3-13.el7cp.x86_64.rpm python-rados-10.2.3-13.el7cp.x86_64.rpm python-rbd-10.2.3-13.el7cp.x86_64.rpm Red Hat Ceph Storage OSD 2: Source: ceph-10.2.3-13.el7cp.src.rpm x86_64: ceph-base-10.2.3-13.el7cp.x86_64.rpm ceph-common-10.2.3-13.el7cp.x86_64.rpm ceph-osd-10.2.3-13.el7cp.x86_64.rpm ceph-selinux-10.2.3-13.el7cp.x86_64.rpm ceph-test-10.2.3-13.el7cp.x86_64.rpm libcephfs1-10.2.3-13.el7cp.x86_64.rpm libcephfs1-devel-10.2.3-13.el7cp.x86_64.rpm librados2-10.2.3-13.el7cp.x86_64.rpm librados2-devel-10.2.3-13.el7cp.x86_64.rpm librbd1-10.2.3-13.el7cp.x86_64.rpm librbd1-devel-10.2.3-13.el7cp.x86_64.rpm librgw2-10.2.3-13.el7cp.x86_64.rpm librgw2-devel-10.2.3-13.el7cp.x86_64.rpm python-cephfs-10.2.3-13.el7cp.x86_64.rpm python-rados-10.2.3-13.el7cp.x86_64.rpm python-rbd-10.2.3-13.el7cp.x86_64.rpm Red Hat Ceph Storage Tools 2: Source: ceph-10.2.3-13.el7cp.src.rpm ceph-deploy-1.5.36-20.el7cp.src.rpm ceph-iscsi-config-1.5-1.el7cp.src.rpm ceph-iscsi-tools-1.1-1.el7cp.src.rpm libntirpc-1.4.1-1.el7.src.rpm nfs-ganesha-2.4.0-3.el7cp.src.rpm noarch: ceph-deploy-1.5.36-20.el7cp.noarch.rpm ceph-iscsi-config-1.5-1.el7cp.noarch.rpm ceph-iscsi-tools-1.1-1.el7cp.noarch.rpm x86_64: ceph-base-10.2.3-13.el7cp.x86_64.rpm ceph-common-10.2.3-13.el7cp.x86_64.rpm ceph-fuse-10.2.3-13.el7cp.x86_64.rpm ceph-mds-10.2.3-13.el7cp.x86_64.rpm ceph-radosgw-10.2.3-13.el7cp.x86_64.rpm ceph-selinux-10.2.3-13.el7cp.x86_64.rpm libcephfs1-10.2.3-13.el7cp.x86_64.rpm libcephfs1-devel-10.2.3-13.el7cp.x86_64.rpm libntirpc-1.4.1-1.el7.x86_64.rpm libntirpc-debuginfo-1.4.1-1.el7.x86_64.rpm librados2-10.2.3-13.el7cp.x86_64.rpm librados2-devel-10.2.3-13.el7cp.x86_64.rpm librbd1-10.2.3-13.el7cp.x86_64.rpm librbd1-devel-10.2.3-13.el7cp.x86_64.rpm librgw2-10.2.3-13.el7cp.x86_64.rpm librgw2-devel-10.2.3-13.el7cp.x86_64.rpm nfs-ganesha-2.4.0-3.el7cp.x86_64.rpm nfs-ganesha-debuginfo-2.4.0-3.el7cp.x86_64.rpm nfs-ganesha-rgw-2.4.0-3.el7cp.x86_64.rpm python-cephfs-10.2.3-13.el7cp.x86_64.rpm python-rados-10.2.3-13.el7cp.x86_64.rpm python-rbd-10.2.3-13.el7cp.x86_64.rpm rbd-mirror-10.2.3-13.el7cp.x86_64.rpm Red Hat Ceph Storage Tools 2: Source: ceph-10.2.3-13.el7cp.src.rpm ceph-deploy-1.5.36-20.el7cp.src.rpm ceph-iscsi-config-1.5-1.el7cp.src.rpm ceph-iscsi-tools-1.1-1.el7cp.src.rpm libntirpc-1.4.1-1.el7.src.rpm nfs-ganesha-2.4.0-3.el7cp.src.rpm noarch: ceph-deploy-1.5.36-20.el7cp.noarch.rpm ceph-iscsi-config-1.5-1.el7cp.noarch.rpm ceph-iscsi-tools-1.1-1.el7cp.noarch.rpm x86_64: ceph-base-10.2.3-13.el7cp.x86_64.rpm ceph-common-10.2.3-13.el7cp.x86_64.rpm ceph-fuse-10.2.3-13.el7cp.x86_64.rpm ceph-mds-10.2.3-13.el7cp.x86_64.rpm ceph-radosgw-10.2.3-13.el7cp.x86_64.rpm ceph-selinux-10.2.3-13.el7cp.x86_64.rpm libcephfs1-10.2.3-13.el7cp.x86_64.rpm libcephfs1-devel-10.2.3-13.el7cp.x86_64.rpm libntirpc-1.4.1-1.el7.x86_64.rpm libntirpc-debuginfo-1.4.1-1.el7.x86_64.rpm librados2-10.2.3-13.el7cp.x86_64.rpm librados2-devel-10.2.3-13.el7cp.x86_64.rpm librbd1-10.2.3-13.el7cp.x86_64.rpm librbd1-devel-10.2.3-13.el7cp.x86_64.rpm librgw2-10.2.3-13.el7cp.x86_64.rpm librgw2-devel-10.2.3-13.el7cp.x86_64.rpm nfs-ganesha-2.4.0-3.el7cp.x86_64.rpm nfs-ganesha-debuginfo-2.4.0-3.el7cp.x86_64.rpm nfs-ganesha-rgw-2.4.0-3.el7cp.x86_64.rpm python-cephfs-10.2.3-13.el7cp.x86_64.rpm python-rados-10.2.3-13.el7cp.x86_64.rpm python-rbd-10.2.3-13.el7cp.x86_64.rpm rbd-mirror-10.2.3-13.el7cp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8626 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYNNK/XlSAg2UNWIIRAvdwAKCyxs2SmFa2hz/7ILaRnHoq3Q0DBQCdHkWG vxpg0iAc7yFDwRdnRrU+jT0= =M+Ab -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce