UbuntuUpdates.org

Package "ceph"

Name: ceph

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • FUSE-based client for the Ceph distributed file system
  • Grafana dashboards for the Ceph dashboard
  • Ceph daemon for immutable object cache
  • cephadm orchestrator module for ceph-mgr
Latest version: 19.2.3-0ubuntu0.24.04.3
Release: noble (24.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "ceph" in Noble

Repository Area Version
base universe 19.2.0~git20240301.4c76c50-0ubuntu6
base main 19.2.0~git20240301.4c76c50-0ubuntu6
security main 19.2.3-0ubuntu0.24.04.3
updates main 19.2.3-0ubuntu0.24.04.3
updates universe 19.2.3-0ubuntu0.24.04.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 19.2.3-0ubuntu0.24.04.3 2026-02-24 21:07:53 UTC

  ceph (19.2.3-0ubuntu0.24.04.3) noble-security; urgency=medium

  * SECURITY UPDATE: Improper certificate checking via Pybind
    - debian/patches/CVE-2024-31884.patch: Enforce ssl context validation to
      SMTP_SSL in src/pybind/mgr/alerts/module.py
    - CVE-2024-31884
  * SECURITY UPDATE: Denial of service by passing empty header argument
    - debian/patches/CVE-2024-47866.patch: Ensure `HTTP_X_AMZ_COPY_SOURCE`
      header is empty in src/rgw/rgw_op.cc
    - CVE-2024-47866

 -- Shafayat Hossain Majumder <email address hidden> Sun, 08 Feb 2026 15:52:27 -0500
Source diff to previous version
CVE-2024-47866 Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument `x-amz-copy-source` to put

Version: 19.2.0-0ubuntu0.24.04.2 2025-01-06 18:07:09 UTC

  ceph (19.2.0-0ubuntu0.24.04.2) noble-security; urgency=medium

  * SECURITY UPDATE: Authentication bypass through unsupported JWT algorithm.
    - debian/patches/CVE-2024-48916.patch: Disallow unsupported JWT algorithms
      in src/rgw/rgw_rest_sts.cc.
    - CVE-2024-48916

 -- Hlib Korzhynskyy <email address hidden> Wed, 18 Dec 2024 10:02:15 -0330
CVE-2024-48916 Authentication bypass in CEPH RadosGW


About   -   Send Feedback to @ubuntu_updates