please upgrade to iscsitarget 1.4.20.2
Bug #618902 reported by
Colin Watson
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| linux (Ubuntu) |
Fix Released
|
Medium
|
Leann Ogasawara | ||
Bug Description
Could you please upgrade to iscsitarget 1.4.20.2? The release notes list the following changes:
- various issues in the iSNS code resulting from buffer boundaries not being
checked (CVE-2010-2221)
- memory leak in the iSNS ACL code
- the kernel module allocating UAs in atomic context could cause a soft lockup
- handling iSCSI logins was faulty, causing issues with QLogic HBAs
- ietd was not sufficiently protected against multiple instances
- ietd exited when trying to remove targets with active sessions
- MD5/SHA-1 used for CHAP authentication were faulty on big endian platforms
I can deal with the userspace half of it - in fact I'm currently blocked on this to resolve bug 604087.
Revision history for this message
| Leann Ogasawara (leannogasawara) wrote | #1 |
| Changed in linux (Ubuntu): | |
| assignee: | nobody → Leann Ogasawara (leannogasawara) |
| importance: | Undecided → Medium |
| status: | New → Fix Committed |
Revision history for this message
| Leann Ogasawara (leannogasawara) wrote | #2 |
| Changed in linux (Ubuntu): | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Hi Colin,
I've pushed a patch to update iscsitarget to 1.4.20.2 and am about to upload a new kernel with this included. Thanks.