targetcli-2.1.53-1.el8

エラータID: AXSA:2020-1067:05

Release date: 
Wednesday, December 23, 2020 - 13:18
Subject: 
targetcli-2.1.53-1.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The targetcli package contains an administration shell for configuring Internet Small Computer System Interface (iSCSI), Fibre Channel over Ethernet (FCoE), and other SCSI targets, using the Target Core Mod/Linux-IO (TCM/LIO) kernel target subsystem. FCoE users also need to install and use the fcoe-utils package.

The following packages have been upgraded to a later upstream version: targetcli (2.1.53).
Security Fix(es):

* targetcli: weak permissions for /etc/target and backup files (CVE-2020-13867)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-13867
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).

Solution: 

Update packages.

CVEs: 
CVE-2020-13867
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).
Additional Info: 

N/A

Download: 

SRPMS
  1. targetcli-2.1.53-1.el8.src.rpm
    MD5: 4548502795ddd50bc4af44f1b6be9b78
    SHA-256: a0ee210689bb032fe7dff586bcfa197a20602932a7795c382725437b9808c0fc
    Size: 56.32 kB

Asianux Server 8 for x86_64
  1. targetcli-2.1.53-1.el8.noarch.rpm
    MD5: 1aa044b80102728ce3999cd2b8bf90fd
    SHA-256: fe45567d3b68523262c4341613ecaea9a5715195ddd80a53d1ac75b641d5b4f8
    Size: 78.85 kB