4 matches found
OESA-2021-1009 ceph security update
Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage.\r\n\r\n Security Fixes:\r\n\r\n An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW...
SUSE SLES12 Security Update : ceph (SUSE-SU-2020:1158-1)
This update for ceph fixes the following issues : CVE-2020-12059: Fixed a denial of service caused by a specially crafted XML payload on POST requests bsc1170170. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
SUSE-SU-2020:1158-1 Security update for ceph
This update for ceph fixes the following issues: - CVE-2020-12059: Fixed a denial of service caused by a specially crafted XML payload on POST requests bsc1170170...
CVE-2020-12059
CVE-2020-12059 affects Ceph RGW; up to Ceph 13.2.9, a POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception, causing a Denial of Service. Debian and Red Hat advisories confirm fixes: Debian 10 (buster) patched via ceph 12.2.11+dfsg1-2.1+deb10u1,...