Download
| Alert*
|
oval:org.secpod.oval:def:57443
ceph: distributed storage and file system Several security issues were fixed in Ceph. oval:org.secpod.oval:def:89003088 This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-14662: mon: limit caps allowed to access the config store - CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts - CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth ... oval:org.secpod.oval:def:116004 Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. oval:org.secpod.oval:def:89050759 This update for ceph version 13.2.4 fixes the following issues: Security issues fixed: - CVE-2018-14662: Fixed an issue with LUKS "config-key" safety - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon - CVE-2018-1128: Fixed signature check bypass in cephx - CVE-2018-1129: ... oval:org.secpod.oval:def:2001565 It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. oval:org.secpod.oval:def:705037 ceph: distributed storage and file system Several security issues were fixed in Ceph. oval:org.secpod.oval:def:50979 Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. |
