An update for ceph is now available for openEuler-20.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-2372 Final 1.0 1.0 2024-11-08 Initial 2024-11-08 2024-11-08 openEuler SA Tool V1.0 2024-11-08 ceph security update An update for ceph is now available for openEuler-20.03-LTS-SP4 Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. Security Fix(es): IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. IBM X-Force ID: 268906.(CVE-2023-46159) An update for ceph is now available for openEuler-20.03-LTS-SP4. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium ceph https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2372 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-46159 https://nvd.nist.gov/vuln/detail/CVE-2023-46159 openEuler-20.03-LTS-SP4 ceph-12.2.8-25.oe2003sp4.src.rpm ceph-12.2.8-25.oe2003sp4.x86_64.rpm ceph-base-12.2.8-25.oe2003sp4.x86_64.rpm ceph-common-12.2.8-25.oe2003sp4.x86_64.rpm ceph-debuginfo-12.2.8-25.oe2003sp4.x86_64.rpm ceph-debugsource-12.2.8-25.oe2003sp4.x86_64.rpm ceph-fuse-12.2.8-25.oe2003sp4.x86_64.rpm ceph-mds-12.2.8-25.oe2003sp4.x86_64.rpm ceph-mgr-12.2.8-25.oe2003sp4.x86_64.rpm ceph-mon-12.2.8-25.oe2003sp4.x86_64.rpm ceph-osd-12.2.8-25.oe2003sp4.x86_64.rpm ceph-radosgw-12.2.8-25.oe2003sp4.x86_64.rpm ceph-resource-agents-12.2.8-25.oe2003sp4.x86_64.rpm ceph-selinux-12.2.8-25.oe2003sp4.x86_64.rpm ceph-test-12.2.8-25.oe2003sp4.x86_64.rpm libcephfs-devel-12.2.8-25.oe2003sp4.x86_64.rpm libcephfs2-12.2.8-25.oe2003sp4.x86_64.rpm librados-devel-12.2.8-25.oe2003sp4.x86_64.rpm librados2-12.2.8-25.oe2003sp4.x86_64.rpm libradosstriper-devel-12.2.8-25.oe2003sp4.x86_64.rpm libradosstriper1-12.2.8-25.oe2003sp4.x86_64.rpm librbd-devel-12.2.8-25.oe2003sp4.x86_64.rpm librbd1-12.2.8-25.oe2003sp4.x86_64.rpm librgw-devel-12.2.8-25.oe2003sp4.x86_64.rpm librgw2-12.2.8-25.oe2003sp4.x86_64.rpm python-ceph-compat-12.2.8-25.oe2003sp4.x86_64.rpm python-cephfs-12.2.8-25.oe2003sp4.x86_64.rpm python-rados-12.2.8-25.oe2003sp4.x86_64.rpm python-rbd-12.2.8-25.oe2003sp4.x86_64.rpm python-rgw-12.2.8-25.oe2003sp4.x86_64.rpm python3-ceph-argparse-12.2.8-25.oe2003sp4.x86_64.rpm python3-cephfs-12.2.8-25.oe2003sp4.x86_64.rpm python3-rados-12.2.8-25.oe2003sp4.x86_64.rpm python3-rbd-12.2.8-25.oe2003sp4.x86_64.rpm python3-rgw-12.2.8-25.oe2003sp4.x86_64.rpm rados-objclass-devel-12.2.8-25.oe2003sp4.x86_64.rpm rbd-fuse-12.2.8-25.oe2003sp4.x86_64.rpm rbd-mirror-12.2.8-25.oe2003sp4.x86_64.rpm rbd-nbd-12.2.8-25.oe2003sp4.x86_64.rpm ceph-12.2.8-25.oe2003sp4.aarch64.rpm ceph-base-12.2.8-25.oe2003sp4.aarch64.rpm ceph-common-12.2.8-25.oe2003sp4.aarch64.rpm ceph-debuginfo-12.2.8-25.oe2003sp4.aarch64.rpm ceph-debugsource-12.2.8-25.oe2003sp4.aarch64.rpm ceph-fuse-12.2.8-25.oe2003sp4.aarch64.rpm ceph-mds-12.2.8-25.oe2003sp4.aarch64.rpm ceph-mgr-12.2.8-25.oe2003sp4.aarch64.rpm ceph-mon-12.2.8-25.oe2003sp4.aarch64.rpm ceph-osd-12.2.8-25.oe2003sp4.aarch64.rpm ceph-radosgw-12.2.8-25.oe2003sp4.aarch64.rpm ceph-resource-agents-12.2.8-25.oe2003sp4.aarch64.rpm ceph-selinux-12.2.8-25.oe2003sp4.aarch64.rpm ceph-test-12.2.8-25.oe2003sp4.aarch64.rpm libcephfs-devel-12.2.8-25.oe2003sp4.aarch64.rpm libcephfs2-12.2.8-25.oe2003sp4.aarch64.rpm librados-devel-12.2.8-25.oe2003sp4.aarch64.rpm librados2-12.2.8-25.oe2003sp4.aarch64.rpm libradosstriper-devel-12.2.8-25.oe2003sp4.aarch64.rpm libradosstriper1-12.2.8-25.oe2003sp4.aarch64.rpm librbd-devel-12.2.8-25.oe2003sp4.aarch64.rpm librbd1-12.2.8-25.oe2003sp4.aarch64.rpm librgw-devel-12.2.8-25.oe2003sp4.aarch64.rpm librgw2-12.2.8-25.oe2003sp4.aarch64.rpm python-ceph-compat-12.2.8-25.oe2003sp4.aarch64.rpm python-cephfs-12.2.8-25.oe2003sp4.aarch64.rpm python-rados-12.2.8-25.oe2003sp4.aarch64.rpm python-rbd-12.2.8-25.oe2003sp4.aarch64.rpm python-rgw-12.2.8-25.oe2003sp4.aarch64.rpm python3-ceph-argparse-12.2.8-25.oe2003sp4.aarch64.rpm python3-cephfs-12.2.8-25.oe2003sp4.aarch64.rpm python3-rados-12.2.8-25.oe2003sp4.aarch64.rpm python3-rbd-12.2.8-25.oe2003sp4.aarch64.rpm python3-rgw-12.2.8-25.oe2003sp4.aarch64.rpm rados-objclass-devel-12.2.8-25.oe2003sp4.aarch64.rpm rbd-fuse-12.2.8-25.oe2003sp4.aarch64.rpm rbd-mirror-12.2.8-25.oe2003sp4.aarch64.rpm rbd-nbd-12.2.8-25.oe2003sp4.aarch64.rpm IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. IBM X-Force ID: 268906. 2024-11-08 CVE-2023-46159 openEuler-20.03-LTS-SP4 Medium 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ceph security update 2024-11-08 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2372