Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2018-14662

Related Vulnerabilities: CVE-2018-14662   CVE-2018-16889   CVE-2018-16846  

Source

Debian Bug report logs - #921948
CVE-2018-14662

version graph

Package: src:ceph; Maintainer for src:ceph is Ceph Maintainers <ceph-maintainers@lists.ceph.com>;

Reported by: Moritz Muehlenhoff <jmm@debian.org>

Date: Sun, 10 Feb 2019 13:18:02 UTC

Severity: important

Tags: security, upstream

Found in version ceph/12.2.10+dfsg1-1

Fixed in version ceph/12.2.11+dfsg1-1

Done: Gaudenz Steinlin <gaudenz@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, Ceph Maintainers <ceph-maintainers@lists.ceph.com>:
Bug#921948; Package src:ceph. (Sun, 10 Feb 2019 13:18:04 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Ceph Maintainers <ceph-maintainers@lists.ceph.com>. (Sun, 10 Feb 2019 13:18:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CVE-2018-14662
Date: Sun, 10 Feb 2019 14:15:44 +0100
Source: ceph
Severity: important
Tags: security

This was assigned CVE-2018-14662:
https://bugzilla.redhat.com/show_bug.cgi?id=1637327
https://github.com/ceph/ceph/commit/a2acedd2a7e12d58af6db35edbd8a9d29c557578

Cheers,
        Moritz

Added tag(s) upstream. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Sun, 10 Feb 2019 13:39:04 GMT) (full text, mbox, link).

Marked as found in versions ceph/12.2.10+dfsg1-1. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Sun, 10 Feb 2019 13:39:05 GMT) (full text, mbox, link).

Reply sent to Gaudenz Steinlin <gaudenz@debian.org>:
You have taken responsibility. (Tue, 12 Feb 2019 21:09:13 GMT) (full text, mbox, link).

Notification sent to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer. (Tue, 12 Feb 2019 21:09:13 GMT) (full text, mbox, link).

Message #14 received at 921948-close@bugs.debian.org (full text, mbox, reply):

From: Gaudenz Steinlin <gaudenz@debian.org>
To: 921948-close@bugs.debian.org
Subject: Bug#921948: fixed in ceph 12.2.11+dfsg1-1
Date: Tue, 12 Feb 2019 21:05:52 +0000
Source: ceph
Source-Version: 12.2.11+dfsg1-1

We believe that the bug you reported is fixed in the latest version of
ceph, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 921948@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gaudenz Steinlin <gaudenz@debian.org> (supplier of updated ceph package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 Feb 2019 10:55:02 +0100
Source: ceph
Binary: ceph ceph-base rbd-mirror rbd-nbd ceph-common ceph-mds ceph-mgr ceph-mon ceph-osd ceph-fuse rbd-fuse ceph-resource-agents librados2 librados-dev libradosstriper1 libradosstriper-dev librbd1 librbd-dev libcephfs2 libcephfs-dev librgw2 librgw-dev radosgw ceph-test python-ceph python3-ceph python-rados python3-rados python-rbd python3-rbd python-rgw python3-rgw python-cephfs python3-cephfs libcephfs-java libcephfs-jni rados-objclass-dev
Architecture: source
Version: 12.2.11+dfsg1-1
Distribution: unstable
Urgency: medium
Maintainer: Ceph Maintainers <ceph-maintainers@lists.ceph.com>
Changed-By: Gaudenz Steinlin <gaudenz@debian.org>
Description:
 ceph       - distributed storage and file system
 ceph-base  - common ceph daemon libraries and management tools
 ceph-common - common utilities to mount and interact with a ceph storage cluste
 ceph-fuse  - FUSE-based client for the Ceph distributed file system
 ceph-mds   - metadata server for the ceph distributed file system
 ceph-mgr   - Manager for the ceph distributed file system
 ceph-mon   - monitor server for the ceph storage system
 ceph-osd   - OSD server for the ceph storage system
 ceph-resource-agents - OCF-compliant resource agents for Ceph
 ceph-test  - Ceph test and benchmarking tools
 libcephfs-dev - Ceph distributed file system client library (development files)
 libcephfs-java - Java library for the Ceph File System
 libcephfs-jni - Java Native Interface library for CephFS Java bindings
 libcephfs2 - Ceph distributed file system client library
 librados-dev - RADOS distributed object store client library (development files)
 librados2  - RADOS distributed object store client library
 libradosstriper-dev - RADOS striping interface (development files)
 libradosstriper1 - RADOS striping interface
 librbd-dev - RADOS block device client library (development files)
 librbd1    - RADOS block device client library
 librgw-dev - RADOS client library (development files)
 librgw2    - RADOS Gateway client library
 python-ceph - Meta-package for Python modules for the Ceph libraries
 python-cephfs - Python libraries for the Ceph libcephfs library
 python-rados - Python libraries for the Ceph librados library
 python-rbd - Python libraries for the Ceph librbd library
 python-rgw - Python 2 libraries for the Ceph librgw library
 python3-ceph - Meta-package for Python 3 modules for the Ceph libraries
 python3-cephfs - Python 3 libraries for the Ceph libcephfs library
 python3-rados - Python 3 libraries for the Ceph librados library
 python3-rbd - Python 3 libraries for the Ceph librbd library
 python3-rgw - Python 3 libraries for the Ceph librgw library
 rados-objclass-dev - RADOS object class development kit.
 radosgw    - REST gateway for RADOS distributed object store
 rbd-fuse   - FUSE-based rbd client for the Ceph distributed file system
 rbd-mirror - Ceph daemon for mirroring RBD images
 rbd-nbd    - NBD-based rbd client for the Ceph distributed file system
Closes: 918969 919871 919898 920176 921947 921948
Changes:
 ceph (12.2.11+dfsg1-1) unstable; urgency=medium
 .
   * [8b6f70] Build depend on cmake >= 3.13.2
   * [98ed84] New upstream version 12.2.11+dfsg1
     - Fixes CVE-2018-14662, CVE-2018-16889, CVE-2018-16846
     (Closes: #921948, #918969, #921947)
   * [4d5c86] Mark all LTTng tracepoints symbols as optional
   * [b92a2f] Build depend on debhelper >= 11.5.4~
   * [5781cc] Add Breaks/Replaces ceph-base (<< 12.2.10+dfsg1-1~) to ceph-common
     (Closes: #919898)
   * [658bd3] Fixup Breaks/Replaces for files moved between binary packages
   * [c24137] Install systemd units for Ceph MGR service
     (Closes: #920176, #919871)
   * [091e14] Remove no longer needed dpkg-maintscript-helper calls in radosgw
   * [567dde] Temp changelog commit
Checksums-Sha1:
 539586b0dbb06034a58271a026bf453147a787d0 5100 ceph_12.2.11+dfsg1-1.dsc
 50362b51a08bfe5284f1be1911beb58bf0c3aa8f 54781136 ceph_12.2.11+dfsg1.orig.tar.xz
 6229913cb58c4f59adb18eec32c1725f1ee2d1a6 385776 ceph_12.2.11+dfsg1-1.debian.tar.xz
 dfb23c9f62d19ea97c2be5229ccfb8d3b2a981bb 15077 ceph_12.2.11+dfsg1-1_source.buildinfo
Checksums-Sha256:
 3342d772aa2b0fa00bc117f28468a01ac2dc231b2deab97ca2def7acb8e804c8 5100 ceph_12.2.11+dfsg1-1.dsc
 71f093b198481387a30067efd34948fb94dd2f967b543ce000277ab699afc75d 54781136 ceph_12.2.11+dfsg1.orig.tar.xz
 e954828ffabda45a44e65d88d84c29b184705679a56abba84e8f9ebb4729d119 385776 ceph_12.2.11+dfsg1-1.debian.tar.xz
 19a6219d8b31451da9d2fdd6c72c0a40ed5627fee41a835ac746a53508cdbacf 15077 ceph_12.2.11+dfsg1-1_source.buildinfo
Files:
 c71d9316d1617ab63dcad57a650f203a 5100 admin optional ceph_12.2.11+dfsg1-1.dsc
 e4caffbadf81a0b95b05d82dea2fd39a 54781136 admin optional ceph_12.2.11+dfsg1.orig.tar.xz
 48d91ac7e72041878691713c58f7754d 385776 admin optional ceph_12.2.11+dfsg1-1.debian.tar.xz
 e7a53ce01ec7164dff54e0e74660afc0 15077 admin optional ceph_12.2.11+dfsg1-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEXtjbd32AqFIO1HzsOrL5guAQm9UFAlximcgACgkQOrL5guAQ
m9X9gggAmULtxXNcie+H2EmSJp0nk0R7ZL3Ctw1LYwVPaxkc2rzDUvH9NW/6kWMD
9+oYvkjQRZm2lDRJEwq0MmXbO+9qK6RBwVN6b/iEzXZi8gKilOyqOfe4g579xyXd
nddP8fYEGU1Di0Uy7tmxkVG7UR8dDNg4J9FlrwOF1BIKrGyn8Gxns1BYtqnLgB2h
RAZV21dnMWui9b/O5RSx9iQ5/rX/b+0X1IJOg7pSqMdJD+sEpnwyE/2yEN1RaAjS
1EvcDzC674dEc3Qjux1dylKzCpU4NEQiGxKxLI1R10EZ+NV4lppjL/k2s8x3SZ8R
SyQZPvLk6C8t9YPs7CbacZLODv0p0A==
=E+rE
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 13 Mar 2019 07:29:20 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 16:52:13 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started