targetcli-2.1.53-1.el7

エラータID: AXSA:2020-989:04

Release date: 
Wednesday, December 16, 2020 - 04:55
Subject: 
targetcli-2.1.53-1.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

The targetcli package contains an administration shell for configuring Internet Small Computer System Interface (iSCSI), Fibre Channel over Ethernet (FCoE), and other SCSI targets, using the Target Core Mod/Linux-IO (TCM/LIO) kernel target subsystem. FCoE users also need to install and use the fcoe-utils package.

The following packages have been upgraded to a later upstream version: targetcli (2.1.53). (BZ#1853645)

Security Fix(es):

* targetcli: weak permissions for /etc/target and backup files (CVE-2020-13867)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-13867
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. targetcli-2.1.53-1.el7.src.rpm
    MD5: 2cb3164997c432126b98a1d71661752c
    SHA-256: bb08afacf6d87ddae61f0a1c61b082fa973ed681cb6b84eb8d887b9cd706e93b
    Size: 51.75 kB

Asianux Server 7 for x86_64
  1. targetcli-2.1.53-1.el7.noarch.rpm
    MD5: a76266df46f58cc88471aff6a7746b70
    SHA-256: 615bf93010358a2f227ababde757b69025e9732484e57c2bd5997968eeb33f0d
    Size: 73.69 kB