An update for ceph is now available for openEuler-22.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-2373 Final 1.0 1.0 2024-11-08 Initial 2024-11-08 2024-11-08 openEuler SA Tool V1.0 2024-11-08 ceph security update An update for ceph is now available for openEuler-22.03-LTS-SP1 Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. Security Fix(es): IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. IBM X-Force ID: 268906.(CVE-2023-46159) An update for ceph is now available for openEuler-22.03-LTS-SP1. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium ceph https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2373 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-46159 https://nvd.nist.gov/vuln/detail/CVE-2023-46159 openEuler-22.03-LTS-SP1 ceph-16.2.7-21.oe2203sp1.src.rpm ceph-16.2.7-21.oe2203sp1.x86_64.rpm ceph-base-16.2.7-21.oe2203sp1.x86_64.rpm ceph-common-16.2.7-21.oe2203sp1.x86_64.rpm ceph-debuginfo-16.2.7-21.oe2203sp1.x86_64.rpm ceph-debugsource-16.2.7-21.oe2203sp1.x86_64.rpm ceph-fuse-16.2.7-21.oe2203sp1.x86_64.rpm ceph-immutable-object-cache-16.2.7-21.oe2203sp1.x86_64.rpm ceph-mds-16.2.7-21.oe2203sp1.x86_64.rpm ceph-mgr-16.2.7-21.oe2203sp1.x86_64.rpm ceph-mon-16.2.7-21.oe2203sp1.x86_64.rpm ceph-osd-16.2.7-21.oe2203sp1.x86_64.rpm ceph-radosgw-16.2.7-21.oe2203sp1.x86_64.rpm ceph-resource-agents-16.2.7-21.oe2203sp1.x86_64.rpm ceph-selinux-16.2.7-21.oe2203sp1.x86_64.rpm ceph-test-16.2.7-21.oe2203sp1.x86_64.rpm cephfs-mirror-16.2.7-21.oe2203sp1.x86_64.rpm libcephfs-devel-16.2.7-21.oe2203sp1.x86_64.rpm libcephfs2-16.2.7-21.oe2203sp1.x86_64.rpm libcephsqlite-16.2.7-21.oe2203sp1.x86_64.rpm libcephsqlite-devel-16.2.7-21.oe2203sp1.x86_64.rpm librados-devel-16.2.7-21.oe2203sp1.x86_64.rpm librados2-16.2.7-21.oe2203sp1.x86_64.rpm libradospp-devel-16.2.7-21.oe2203sp1.x86_64.rpm libradosstriper-devel-16.2.7-21.oe2203sp1.x86_64.rpm libradosstriper1-16.2.7-21.oe2203sp1.x86_64.rpm librbd-devel-16.2.7-21.oe2203sp1.x86_64.rpm librbd1-16.2.7-21.oe2203sp1.x86_64.rpm librgw-devel-16.2.7-21.oe2203sp1.x86_64.rpm librgw2-16.2.7-21.oe2203sp1.x86_64.rpm python3-ceph-argparse-16.2.7-21.oe2203sp1.x86_64.rpm python3-ceph-common-16.2.7-21.oe2203sp1.x86_64.rpm python3-cephfs-16.2.7-21.oe2203sp1.x86_64.rpm python3-rados-16.2.7-21.oe2203sp1.x86_64.rpm python3-rbd-16.2.7-21.oe2203sp1.x86_64.rpm python3-rgw-16.2.7-21.oe2203sp1.x86_64.rpm rados-objclass-devel-16.2.7-21.oe2203sp1.x86_64.rpm rbd-fuse-16.2.7-21.oe2203sp1.x86_64.rpm rbd-mirror-16.2.7-21.oe2203sp1.x86_64.rpm rbd-nbd-16.2.7-21.oe2203sp1.x86_64.rpm ceph-grafana-dashboards-16.2.7-21.oe2203sp1.noarch.rpm ceph-mgr-cephadm-16.2.7-21.oe2203sp1.noarch.rpm ceph-mgr-dashboard-16.2.7-21.oe2203sp1.noarch.rpm ceph-mgr-diskprediction-local-16.2.7-21.oe2203sp1.noarch.rpm ceph-mgr-k8sevents-16.2.7-21.oe2203sp1.noarch.rpm ceph-mgr-modules-core-16.2.7-21.oe2203sp1.noarch.rpm ceph-mgr-rook-16.2.7-21.oe2203sp1.noarch.rpm ceph-prometheus-alerts-16.2.7-21.oe2203sp1.noarch.rpm cephadm-16.2.7-21.oe2203sp1.noarch.rpm cephfs-top-16.2.7-21.oe2203sp1.noarch.rpm ceph-16.2.7-21.oe2203sp1.aarch64.rpm ceph-base-16.2.7-21.oe2203sp1.aarch64.rpm ceph-common-16.2.7-21.oe2203sp1.aarch64.rpm ceph-debuginfo-16.2.7-21.oe2203sp1.aarch64.rpm ceph-debugsource-16.2.7-21.oe2203sp1.aarch64.rpm ceph-fuse-16.2.7-21.oe2203sp1.aarch64.rpm ceph-immutable-object-cache-16.2.7-21.oe2203sp1.aarch64.rpm ceph-mds-16.2.7-21.oe2203sp1.aarch64.rpm ceph-mgr-16.2.7-21.oe2203sp1.aarch64.rpm ceph-mon-16.2.7-21.oe2203sp1.aarch64.rpm ceph-osd-16.2.7-21.oe2203sp1.aarch64.rpm ceph-radosgw-16.2.7-21.oe2203sp1.aarch64.rpm ceph-resource-agents-16.2.7-21.oe2203sp1.aarch64.rpm ceph-selinux-16.2.7-21.oe2203sp1.aarch64.rpm ceph-test-16.2.7-21.oe2203sp1.aarch64.rpm cephfs-mirror-16.2.7-21.oe2203sp1.aarch64.rpm libcephfs-devel-16.2.7-21.oe2203sp1.aarch64.rpm libcephfs2-16.2.7-21.oe2203sp1.aarch64.rpm libcephsqlite-16.2.7-21.oe2203sp1.aarch64.rpm libcephsqlite-devel-16.2.7-21.oe2203sp1.aarch64.rpm librados-devel-16.2.7-21.oe2203sp1.aarch64.rpm librados2-16.2.7-21.oe2203sp1.aarch64.rpm libradospp-devel-16.2.7-21.oe2203sp1.aarch64.rpm libradosstriper-devel-16.2.7-21.oe2203sp1.aarch64.rpm libradosstriper1-16.2.7-21.oe2203sp1.aarch64.rpm librbd-devel-16.2.7-21.oe2203sp1.aarch64.rpm librbd1-16.2.7-21.oe2203sp1.aarch64.rpm librgw-devel-16.2.7-21.oe2203sp1.aarch64.rpm librgw2-16.2.7-21.oe2203sp1.aarch64.rpm python3-ceph-argparse-16.2.7-21.oe2203sp1.aarch64.rpm python3-ceph-common-16.2.7-21.oe2203sp1.aarch64.rpm python3-cephfs-16.2.7-21.oe2203sp1.aarch64.rpm python3-rados-16.2.7-21.oe2203sp1.aarch64.rpm python3-rbd-16.2.7-21.oe2203sp1.aarch64.rpm python3-rgw-16.2.7-21.oe2203sp1.aarch64.rpm rados-objclass-devel-16.2.7-21.oe2203sp1.aarch64.rpm rbd-fuse-16.2.7-21.oe2203sp1.aarch64.rpm rbd-mirror-16.2.7-21.oe2203sp1.aarch64.rpm rbd-nbd-16.2.7-21.oe2203sp1.aarch64.rpm IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. IBM X-Force ID: 268906. 2024-11-08 CVE-2023-46159 openEuler-22.03-LTS-SP1 Medium 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ceph security update 2024-11-08 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2373