SUSE-SU-2017:2922-1

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2017-7519
Published: 02 Nov 2017, 12:09
Last modified:04 Feb 2026, 02:15

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

02 Nov 2017, 12:09
Published
Vulnerability first disclosed
04 Feb 2026, 02:15
Last Modified
Vulnerability information updated

Description

Security update for ceph CEPH was updated to version 10.2.10, which brings several fixes and enhancements. Upstream 10.2.10 release summary can be found at: https://ceph.com/releases/v10-2-10-jewel-released/ Security issues fixed: - CVE-2017-7519: libradosstriper processed arbitrary printf placeholders in user input (bsc#1043767) Non-security issues fixed: - Add explicit Before=ceph.target to systemd service file. (bsc#1042973) - ceph-disk omits '--runtime' when enabling ceph-osd@$ID.service units. (bsc#1051598, bsc#1056536) - Make it possible to customize ceph-disk's timeout and set default to 3h. (bsc#1051432) - Move ceph-disk from ceph-common to ceph-base.

Affected Systems

  • suseceph-test&distro=SUSE Enterprise Storage 4

    < 10.2.10+git.1507616349.698469bd8d-12.6.1

  • suseceph&distro=SUSE Enterprise Storage 4

    < 10.2.10+git.1507616349.698469bd8d-12.6.1

References (7)