Operating System:

[RedHat]

Published:

12 February 2024

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2024.0860
                      new container image: rhceph-5.3
                             12 February 2024

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Red Hat Ceph Storage
Publisher:         Red Hat
Operating System:  Red Hat
Resolution:        Patch/Upgrade
CVE Names:         CVE-2023-25725 CVE-2023-24538 CVE-2023-22462
                   CVE-2023-1387 CVE-2023-0594 CVE-2023-0507
                   CVE-2023-0056 CVE-2022-41717 CVE-2022-23498

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2024:0746

Comment: CVSS (Max):  9.8 CVE-2023-24538 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: Red Hat
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

=====================================================================
                Red Hat Security Advisory

Synopsis:          Important: new container image: rhceph-5.3
Advisory ID:       RHSA-2024:0746
Product:           Red Hat Ceph Storage 5.3 Tools
Advisory URL:      https://access.redhat.com/errata/RHSA-2024:0746
Issue date:        2024-02-08
CVE Names:         CVE-2022-23498 CVE-2022-41717 CVE-2023-0056 CVE-2023-0507
                   CVE-2023-0594 CVE-2023-1387 CVE-2023-22462 CVE-2023-24538
                   CVE-2023-25725
=====================================================================

1. Summary:

Updated container image for Red Hat Ceph Storage 5.3 is now available in
the Red Hat Ecosystem Catalog.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Ceph Storage 5.3 Tools - amd64, ppc64le, s390x 

3. Description:

Red Hat Ceph Storage is a scalable, open, software-defined storage platform
that combines the most stable version of the Ceph storage system with a
Ceph management platform, deployment utilities, and support services.

This updated container image is based on Red Hat Ceph Storage 5.3 and Red
Hat Enterprise Linux.

Space precludes documenting all of these changes in this advisory. Users
are directed to the Red Hat Ceph Storage Release Notes for information on
the most significant of these changes:

https://access.redhat.com/documentation/en-
us/red_hat_ceph_storage/5.3/html/release_notes/index

All users of Red Hat Ceph Storage are advised to pull these new images from
the Red Hat Ecosystem catalog.

Security Fix(es):

* grafana: Use of Cache Containing Sensitive Information (CVE-2022-23498)

* grafana: cross site scripting (CVE-2023-0507)

* grafana: cross site scripting (CVE-2023-0594)

* haproxy: request smuggling attack in HTTP/1 header parsing (CVE-2023-25725)

* golang: net/http: excessive memory growth in a Go server accepting HTTP/2
requests (CVE-2022-41717)

* haproxy: segfault DoS (CVE-2023-0056)

* grafana: JWT token leak to data source (CVE-2023-1387)

* grafana: stored XSS vulnerability affecting the core plugin "Text"
(CVE-2023-22462)

* golang: html/template: backticks not treated as string delimiters
(CVE-2023-24538)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

4. Solution:

Before applying this update, make sure all previously released errata relevant
to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/2789521

and 

https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5/html-
single/upgrade_guide/index

For supported configurations, refer to:

https://access.redhat.com/articles/1548993

5. Bugs fixed (https://bugzilla.redhat.com/):

2167266 - CVE-2022-23498 - grafana: Use of Cache Containing Sensitive
Information
2161274 - CVE-2022-41717 - golang: net/http: excessive memory growth in a Go
server accepting HTTP/2 requests
2160808 - CVE-2023-0056 - haproxy: segfault DoS 
2168038 - CVE-2023-0507 - grafana: cross site scripting 
2168037 - CVE-2023-0594 - grafana: cross site scripting 
2186322 - CVE-2023-1387 - grafana: JWT token leak to data source 
2164936 - CVE-2023-22462 - grafana: stored XSS vulnerability affecting the core
plugin "Text"
2184481 - CVE-2023-24538 - golang: html/template: backticks not treated as
string delimiters
2169089 - CVE-2023-25725 - haproxy: request smuggling attack in HTTP/1 header
parsing

6. Package List:

Red Hat Ceph Storage 5.3 Tools

3-Tools:rhceph/rhceph-5-dashboard-rhel8@sha256:5eeace779a37893bfe8f526be9dcfbcf6
131af8009cc09d8c04c6a30adf23832_amd64:
rhceph/rhceph-5-dashboard-rhel8@sha256:5eeace779a37893bfe8f526be9dcfbcf6131af800
9cc09d8c04c6a30adf23832_amd64.rpm

3-Tools:rhceph/rhceph-5-dashboard-rhel8@sha256:6862d889c99ed5652b877660533056d53
9918e3362a25fea0fb53abe7de23a32_ppc64le:
rhceph/rhceph-5-dashboard-rhel8@sha256:6862d889c99ed5652b877660533056d539918e336
2a25fea0fb53abe7de23a32_ppc64le.rpm

3-Tools:rhceph/rhceph-5-dashboard-rhel8@sha256:cbcf2ca9ef81e45796ece23783c282d03
13d4a6813a086122466af3f0d3b6088_s390x:
rhceph/rhceph-5-dashboard-rhel8@sha256:cbcf2ca9ef81e45796ece23783c282d0313d4a681
3a086122466af3f0d3b6088_s390x.rpm

3-Tools:rhceph/keepalived-rhel8@sha256:6a75187c09c4c29565a936b67314d37fa34cabe09
02e5a70deea731ddcee59a2_s390x:
rhceph/keepalived-rhel8@sha256:6a75187c09c4c29565a936b67314d37fa34cabe0902e5a70d
eea731ddcee59a2_s390x.rpm

3-Tools:rhceph/keepalived-rhel8@sha256:a3271d3fe7f918a59f96c32fde709b66c9dc5f6d4
82b5881ca5322a3d701de58_ppc64le:
rhceph/keepalived-rhel8@sha256:a3271d3fe7f918a59f96c32fde709b66c9dc5f6d482b5881c
a5322a3d701de58_ppc64le.rpm

3-Tools:rhceph/keepalived-rhel8@sha256:e39e1ff87d78a154a98bc60f4002ced54758aa1cb
be1a03d57b3141e046eecad_amd64:
rhceph/keepalived-rhel8@sha256:e39e1ff87d78a154a98bc60f4002ced54758aa1cbbe1a03d5
7b3141e046eecad_amd64.rpm

3-Tools:rhceph/rhceph-5-rhel8@sha256:10f9c1198dda12709ad7d67f9cb270370eca4f882ef
00f40586d5b0acbc8190b_ppc64le:
rhceph/rhceph-5-rhel8@sha256:10f9c1198dda12709ad7d67f9cb270370eca4f882ef00f40586
d5b0acbc8190b_ppc64le.rpm

3-Tools:rhceph/rhceph-5-rhel8@sha256:51d3d740a3b063e07a6054142d28bb512af3772201c
2233f8e14be5e3d4f6f05_s390x:
rhceph/rhceph-5-rhel8@sha256:51d3d740a3b063e07a6054142d28bb512af3772201c2233f8e1
4be5e3d4f6f05_s390x.rpm

3-Tools:rhceph/rhceph-5-rhel8@sha256:e0d758ac81cdc23c8a03ebc7832158ffe53a8cab9b2
f5f18dfac0bc0147b0f6f_amd64:
rhceph/rhceph-5-rhel8@sha256:e0d758ac81cdc23c8a03ebc7832158ffe53a8cab9b2f5f18dfa
c0bc0147b0f6f_amd64.rpm

3-Tools:rhceph/rhceph-haproxy-rhel8@sha256:04682c5e2b75cebaf5bd57c9f2c9375361869
aa3b7e2e8795a548b7f872327db_amd64:
rhceph/rhceph-haproxy-rhel8@sha256:04682c5e2b75cebaf5bd57c9f2c9375361869aa3b7e2e
8795a548b7f872327db_amd64.rpm

3-Tools:rhceph/rhceph-haproxy-rhel8@sha256:663c2136462c821cafff78ebe1fd993308834
358b1241eb7a8c1c440e3057935_ppc64le:
rhceph/rhceph-haproxy-rhel8@sha256:663c2136462c821cafff78ebe1fd993308834358b1241
eb7a8c1c440e3057935_ppc64le.rpm

3-Tools:rhceph/rhceph-haproxy-rhel8@sha256:88f02f1bba0d7698a1848ad011c418bdaaa97
b9095f5d5d5b7fdda48869c87a2_s390x:
rhceph/rhceph-haproxy-rhel8@sha256:88f02f1bba0d7698a1848ad011c418bdaaa97b9095f5d
5d5b7fdda48869c87a2_s390x.rpm

3-Tools:rhceph/snmp-notifier-rhel8@sha256:031ef712e4211d539514d5c5ce447515f5711a
f4e6b679e758352942b8b2d709_s390x:
rhceph/snmp-notifier-rhel8@sha256:031ef712e4211d539514d5c5ce447515f5711af4e6b679
e758352942b8b2d709_s390x.rpm

3-Tools:rhceph/snmp-notifier-rhel8@sha256:ab41dff414825b28512047407bb4bdf7bfa67c
02f783c2469712f54a24a5d167_ppc64le:
rhceph/snmp-notifier-rhel8@sha256:ab41dff414825b28512047407bb4bdf7bfa67c02f783c2
469712f54a24a5d167_ppc64le.rpm

3-Tools:rhceph/snmp-notifier-rhel8@sha256:d7334b7d095562b8fd7d93b17bc5a9f4b2788e
d553148bb8bad9ab0a2bba0be9_amd64:
rhceph/snmp-notifier-rhel8@sha256:d7334b7d095562b8fd7d93b17bc5a9f4b2788ed553148b
b8bad9ab0a2bba0be9_amd64.rpm

7. References:

https://access.redhat.com/security/cve/CVE-2022-23498
https://access.redhat.com/security/cve/CVE-2022-41717
https://access.redhat.com/security/cve/CVE-2023-0056
https://access.redhat.com/security/cve/CVE-2023-0507
https://access.redhat.com/security/cve/CVE-2023-0594
https://access.redhat.com/security/cve/CVE-2023-1387
https://access.redhat.com/security/cve/CVE-2023-22462
https://access.redhat.com/security/cve/CVE-2023-24538
https://access.redhat.com/security/cve/CVE-2023-25725
https://access.redhat.com/security/updates/classification/#important

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBZcl2+MkNZI30y1K9AQhxHhAAoabVLMeX/nGOqitme4xI1+HoJ2LkZR5X
BeWcRzED8is9zJdDbMetbcvSLUk8wJZbEN692vcOpfMvtzHhFCfiINLAp/pvQcUQ
Vww2cIdQPTWWzFUFGL6j4G6ZuQB+PXs6mNVvXLLD9STdD9A1qHaoWCvWEy9XmX0r
fVFZSpMGeMivb6shKmKfIDK2DgeN3L5WBbCF3RxyqjNmb0Cb9ydPqpwHNCjnhBTe
8xfVpwACtHLiuxq0uD6RE+TlK2eOlgZ5acIPMz+0g48Y8xNT1W59f2C7xTbgAkW6
JANT66jYtnN77wn8uws9A4CBkvRR7eMsVO0G0gY2iC3Pzm21EBZyxnwU/16fppI7
sbERKueL9MBOl8qGPKwxUJxgpr0Ox/XAIakh2K4hAKp3KgDWhAxp2wqwPpt4+zyf
A8OjBSsETTm7/UedaAH7/ylRYzu2AIrQUZ6b73x9Ok8XhhTEpJHATsnfs3N99gTM
u0TBZmnZRc2LF7O5tWnnr4TScTnFDzkIhoykwiHKQ9TSKp/B/zX6033HtTxaiAiS
QPA7hwP09T+ZgTcLzTff9GfmHpCtmCC3AcqL6luxzqpnLc+1DhGTvK/w0RmjErXG
fVlQqjGjiycX/4zjpKlR+B1jiymhRsQGTVlacSxg6No/PXZ/3NIkjyfLx7la7JIm
SKA18CGqbsc=
=ggaJ
-----END PGP SIGNATURE-----