rpm package

suse/ceph&distro=SUSE Linux Enterprise Desktop 12 SP4

pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-16889	—	< 12.2.10+git.1549630712.bb089269ea-2.27.2	12.2.10+git.1549630712.bb089269ea-2.27.2	Jan 28, 2019	Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.
CVE-2018-14662	—	< 12.2.10+git.1549630712.bb089269ea-2.27.2	12.2.10+git.1549630712.bb089269ea-2.27.2	Jan 15, 2019	It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.
CVE-2018-16846	—	< 12.2.10+git.1549630712.bb089269ea-2.27.2	12.2.10+git.1549630712.bb089269ea-2.27.2	Jan 15, 2019	It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.

CVE-2018-16889Jan 28, 2019
affected < 12.2.10+git.1549630712.bb089269ea-2.27.2fixed 12.2.10+git.1549630712.bb089269ea-2.27.2
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.
CVE-2018-14662Jan 15, 2019
affected < 12.2.10+git.1549630712.bb089269ea-2.27.2fixed 12.2.10+git.1549630712.bb089269ea-2.27.2
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.
CVE-2018-16846Jan 15, 2019
affected < 12.2.10+git.1549630712.bb089269ea-2.27.2fixed 12.2.10+git.1549630712.bb089269ea-2.27.2
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.