You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ceph

Sigurnosni nedostaci programskog paketa ceph

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2019-02-20 03:04:43.651777

Name : ceph
Product : Fedora 29
Version : 12.2.11
Release : 1.fc29
Summary : User space components of the Ceph file system
Description :
Ceph is a massively scalable, open-source, distributed storage system that runs
on commodity hardware and delivers object, block and file system storage.

Update Information:

New release (1:12.2.11-1) notes=Security fix for CVE-2018-14662, CVE-2018-16846,

* Fri Feb 1 2019 Kaleb S. KEITHLEY <kkeithle[at]> – 1:12.2.11-1
– New release (1:12.2.11-1)
* Fri Dec 7 2018 Kaleb S. KEITHLEY <kkeithle[at]> – 1:12.2.10-1
– New release (1:12.2.10-1)
* Mon Oct 29 2018 Kaleb S. KEITHLEY <kkeithle[at]> – 1:12.2.9-1
– New release (1:12.2.9-1)

[ 1 ] Bug #1665973 – CVE-2018-16846 ceph: ListBucket max-keys has no defined limit in the RGW codebase [fedora-all]
[ 2 ] Bug #1665972 – CVE-2018-14662 ceph: authenticated user with read only permissions can steal dm-crypt / LUKS key [fedora-all]
[ 3 ] Bug #1665335 – CVE-2018-16889 ceph: debug logging for v4 auth does not sanitize encryption keys [fedora-all]

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-6a2e72916a’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorToni Vugdelija
Cert idNCERT-REF-2019-02-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa Red Hat Single Sign-On

Otkriveni su sigurnosni nedostaci u programskom paketu Red Hat Single Sign-On za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju...