| Summary: | <sys-cluster/ceph-10.2.3-r1: RGW Denial of Service by sending POST object with null conditions | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | chutzpah, cluster, dlan |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1389193 | ||
| Whiteboard: | B3 [noglsa cve] | ||
| Package list: | Runtime testing required: | --- | |
ceph-10.2.3-r1 added with upstream patch for this. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6a0cecccd4cde2ac81dd8a2409467dcc291133b5 It is unclear to me if this affects hammer (ceph-0.9*) or not. I am fine with stabilizing ceph-10.2.3-r1, ceph-9* is no longer supported upstream @ Arches, please stabilize =sys-cluster/ceph-10.2.3-r2 amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. Please clean vulnerable versions from tree. GLSA Vote: No @maintainer(s), please clean the vulnerable versions or place a security mask on them. Once done we can close this. Cleanup PR: https://github.com/gentoo/gentoo/pull/3394 @maintainer(s), may we merge this PR or can you? commit e994b8d5f66c45bc0af44dfc86c7c96580557cdb Author: Yixun Lan <dlan@gentoo.org> Date: Mon Jan 16 12:18:53 2017 +0800 sys-cluster/ceph: fix "RGW Denial of Service" security bug reasons for why p.mask them instead of removing: ceph has kind of picky upgrade path for new versions. for example, users want an online upgrade to 10.x while they are still using old version (<0.94.x), need to upgrade to 0.94.x/9.x first, then upgrade 10.x http://docs.ceph.com/docs/master/release-notes/ search: Upgrading from Firefly Closes: https://github.com/gentoo/gentoo/pull/3394 Gentoo-Bug: 598206 Signed-off-by: Yixun Lan <dlan@gentoo.org> :100644 100644 cb176eb7ee... 944e75c266... M profiles/package.mask https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e994b8d5f66c45bc0af44dfc86c7c96580557cdb (In reply to Yixun Lan from comment #10) > commit e994b8d5f66c45bc0af44dfc86c7c96580557cdb > Author: Yixun Lan <dlan@gentoo.org> > Date: Mon Jan 16 12:18:53 2017 +0800 > > sys-cluster/ceph: fix "RGW Denial of Service" security bug > > reasons for why p.mask them instead of removing: > > ceph has kind of picky upgrade path for new versions. > for example, users want an online upgrade to 10.x while they are still > using > old version (<0.94.x), need to upgrade to 0.94.x/9.x first, then upgrade > 10.x > > http://docs.ceph.com/docs/master/release-notes/ > search: Upgrading from Firefly > > Closes: https://github.com/gentoo/gentoo/pull/3394 > > Gentoo-Bug: 598206 > > Signed-off-by: Yixun Lan <dlan@gentoo.org> > > :100644 100644 cb176eb7ee... 944e75c266... M profiles/package.mask > > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=e994b8d5f66c45bc0af44dfc86c7c96580557cdb Do you think cleanup can proceed at this point? Tree is clean. |
From ${URL} : Flaw was found using which attacker can send post object with null conditions to ceph rados gateway which would lead to crash of ceph-radosgw service resulting Denial of Service. http://tracker.ceph.com/issues/17635 https://bugzilla.redhat.com/show_bug.cgi?id=1387332 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.