ubuntu jammy v1.719
Metadata:
BOSH Agent Version: 2.719.0
Kernel Version: 5.15.0.130.128
What's Changed
Full Changelog: ubuntu-jammy/v1.708...ubuntu-jammy/v1.719
USNs:
Title: USN-7182-1 -- Ceph vulnerability
URL: https://ubuntu.com/security/notices/USN-7182-1
Priorities: medium
Description:
It was discovered that Ceph incorrectly handled unsupported JWT algorithms in the RadosGW gateway. An attacker could possibly use this issue to bypass certain authentication checks and restrictions. Update Instructions: Run sudo pro fix USN-7182-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: ceph - 17.2.7-0ubuntu0.22.04.2 ceph-base - 17.2.7-0ubuntu0.22.04.2 ceph-common - 17.2.7-0ubuntu0.22.04.2 ceph-fuse - 17.2.7-0ubuntu0.22.04.2 ceph-grafana-dashboards - 17.2.7-0ubuntu0.22.04.2 ceph-immutable-object-cache - 17.2.7-0ubuntu0.22.04.2 ceph-mds - 17.2.7-0ubuntu0.22.04.2 ceph-mgr - 17.2.7-0ubuntu0.22.04.2 ceph-mgr-cephadm - 17.2.7-0ubuntu0.22.04.2 ceph-mgr-dashboard - 17.2.7-0ubuntu0.22.04.2 ceph-mgr-diskprediction-local - 17.2.7-0ubuntu0.22.04.2 ceph-mgr-k8sevents - 17.2.7-0ubuntu0.22.04.2 ceph-mgr-modules-core - 17.2.7-0ubuntu0.22.04.2 ceph-mgr-rook - 17.2.7-0ubuntu0.22.04.2 ceph-mon - 17.2.7-0ubuntu0.22.04.2 ceph-osd - 17.2.7-0ubuntu0.22.04.2 ceph-prometheus-alerts - 17.2.7-0ubuntu0.22.04.2 ceph-resource-agents - 17.2.7-0ubuntu0.22.04.2 ceph-volume - 17.2.7-0ubuntu0.22.04.2 cephadm - 17.2.7-0ubuntu0.22.04.2 cephfs-mirror - 17.2.7-0ubuntu0.22.04.2 cephfs-shell - 17.2.7-0ubuntu0.22.04.2 crimson-osd - 17.2.7-0ubuntu0.22.04.2 libcephfs-dev - 17.2.7-0ubuntu0.22.04.2 libcephfs-java - 17.2.7-0ubuntu0.22.04.2 libcephfs-jni - 17.2.7-0ubuntu0.22.04.2 libcephfs2 - 17.2.7-0ubuntu0.22.04.2 librados-dev - 17.2.7-0ubuntu0.22.04.2 librados2 - 17.2.7-0ubuntu0.22.04.2 libradospp-dev - 17.2.7-0ubuntu0.22.04.2 libradosstriper-dev - 17.2.7-0ubuntu0.22.04.2 libradosstriper1 - 17.2.7-0ubuntu0.22.04.2 librbd-dev - 17.2.7-0ubuntu0.22.04.2 librbd1 - 17.2.7-0ubuntu0.22.04.2 librgw-dev - 17.2.7-0ubuntu0.22.04.2 librgw2 - 17.2.7-0ubuntu0.22.04.2 libsqlite3-mod-ceph - 17.2.7-0ubuntu0.22.04.2 libsqlite3-mod-ceph-dev - 17.2.7-0ubuntu0.22.04.2 python3-ceph - 17.2.7-0ubuntu0.22.04.2 python3-ceph-argparse - 17.2.7-0ubuntu0.22.04.2 python3-ceph-common - 17.2.7-0ubuntu0.22.04.2 python3-cephfs - 17.2.7-0ubuntu0.22.04.2 python3-rados - 17.2.7-0ubuntu0.22.04.2 python3-rbd - 17.2.7-0ubuntu0.22.04.2 python3-rgw - 17.2.7-0ubuntu0.22.04.2 rados-objclass-dev - 17.2.7-0ubuntu0.22.04.2 radosgw - 17.2.7-0ubuntu0.22.04.2 rbd-fuse - 17.2.7-0ubuntu0.22.04.2 rbd-mirror - 17.2.7-0ubuntu0.22.04.2 rbd-nbd - 17.2.7-0ubuntu0.22.04.2 No subscription required
CVEs:
Title: USN-7206-1 -- rsync vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7206-1
Priorities: medium,high
Description:
Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. (CVE-2024-12084) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync compared checksums with uninitialized memory. An attacker could exploit this issue to leak sensitive information. (CVE-2024-12085) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync incorrectly handled file checksums. A malicious server could use this to expose arbitrary client files. (CVE-2024-12086) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync mishandled symlinks for some settings. An attacker could exploit this to write files outside the intended directory. (CVE-2024-12087) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync failed to verify symbolic link destinations for some settings. An attacker could exploit this for path traversal attacks. (CVE-2024-12088) Aleksei Gorban discovered a race condition in rsync's handling of symbolic links. An attacker could use this to access sensitive information or escalate privileges. (CVE-2024-12747) Update Instructions: Run sudo pro fix USN-7206-1 to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: rsync - 3.2.7-0ubuntu0.22.04.3 No subscription required
CVEs:
