Red Hat Product Errata RHSA-2016:2954 - Security Advisory
Issued:
2016-12-15
Updated:
2017-03-21

RHSA-2016:2954 - Security Advisory

Synopsis

Moderate: Red Hat Ceph Storage 2.1 security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Ceph Storage 2.1. This erratum is for Red Hat Ceph Storage that runs on Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

Security Fix(es):

  • A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. (CVE-2016-9579)

Bug Fix(es):

  • Due to a bug in the underlying source code, OSD nodes sometimes looped through the entire placement group, not only the requested segment, during the scrubbing process. Consequently, in some cases, the OSD nodes reached the 'suicide timeout' and terminated. This bug has been fixed, and OSD nodes no longer terminate due to the described problem. (BZ#1394007)
  • Due to changes in encoding of the OSD map in the ceph package version 10.2.2, upgrading from Red Hat Ceph Storage 1.3 to 2.0 sometimes led to serious performance issues on large clusters that contain hundreds of OSDs. With this update, the underlying source code has been improved, and upgrading from 1.3 to 2.0 works as expected. (BZ#1402185)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Ceph Storage MON 2 x86_64
  • Red Hat Ceph Storage OSD 2 x86_64

Fixes

  • BZ - 1394007 - filestore: can get stuck in an unbounded loop during scrub
  • BZ - 1402185 - jewel: osd: condition OSDMap encoding on features
  • BZ - 1403003 - An anonymous user can provoke an abort() of the RGW server by sending a request with an invalid HTTP Origin header, against buckets with CORS AllowedOrigin rules.
  • BZ - 1403245 - CVE-2016-9579 ceph: Object Gateway server DoS by sending invalid cross-origin HTTP request

Red Hat Enterprise Linux Server 7

SRPM
ceph-10.2.3-17.el7cp.src.rpm SHA-256: 53f25dc05a1b43e51957a3173ee03a91d14bc0ee1708d9385f876f9305adf90a
x86_64
ceph-base-10.2.3-17.el7cp.x86_64.rpm SHA-256: 90de72876f1c68955b7da6f9c15dc6e46bb636d413e33476140a0c422be4c6cc
ceph-common-10.2.3-17.el7cp.x86_64.rpm SHA-256: d2b15d4495c7b58c5320e7ee6b83a300be4f943f1c3745fb238ba2bb944d1e2a
ceph-debuginfo-10.2.3-17.el7cp.x86_64.rpm SHA-256: e52c78dfd2c4cf795c52ab8195460e7559054ac6307d3e9356d35ad922d88b92
ceph-fuse-10.2.3-17.el7cp.x86_64.rpm SHA-256: 372b532f4d409fd631ba5d6b8236b77e2555d8aa6dd6250e4d2f6bf6a5f6dca4
ceph-mds-10.2.3-17.el7cp.x86_64.rpm SHA-256: 51574cffdd3b050fd03e1bbd9d2a8828487d65df9c634f6012a499d67ef89f42
ceph-radosgw-10.2.3-17.el7cp.x86_64.rpm SHA-256: 204bddb365029849e7f3f4aef3b0312dad45c26ab9d3b9b85763dab6d169fae4
ceph-selinux-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6e04b33ef42b6933733e521b0903b6480ab7a754b4ab3786139a0880489c051d
libcephfs1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6aa881f5555ce5ca3ab5f6254cd079eec183031df897f4323f46d7083c87faab
libcephfs1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 101ac9fab342e67704f097cb94ca96c5d96cabbb54651f4bdfe39026146436b6
librados2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 826cdcbcbc9747ef0285b3b2cf508b21ca6891fed241860afc3d271e214489af
librados2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 3dcf8029b9df8ec9385137aaf99b9027976bcc066f600d0d41af2a0063e2a21d
librbd1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1b87a1277453a6fae6e4f70b031c70f0069eeae2ce2e38b2b911728a61ccfebc
librbd1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 5b84a0bfd8c328c985fd12ff4305d15d8c5a7c922ddbbffe54e67ade039a3639
librgw2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 7b37846eb8239fa94a75141b270ab7071e9586379fc88cf62d646174cfd8044f
librgw2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: fad1a3ff894604f275fa8eb004aea440ab785fa7acaed68ffd6915e576475906
python-cephfs-10.2.3-17.el7cp.x86_64.rpm SHA-256: a615137f1128188a2360001d8113a529fb54a7803297a1ab5fe511ecbb47e188
python-rados-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1f9c4a8376b215ba1bc59d2d61dbce3a1ecb30605ca127731c470c3f6212c98c
python-rbd-10.2.3-17.el7cp.x86_64.rpm SHA-256: 8e71a22acffb2508bb418fbfcbba09be286937023e7233681216c0b72a936b47
rbd-mirror-10.2.3-17.el7cp.x86_64.rpm SHA-256: 9be7e5b3731ecd49578438ae13be4869111f041e5b70eb8507db9408550cc180

Red Hat Enterprise Linux Workstation 7

SRPM
ceph-10.2.3-17.el7cp.src.rpm SHA-256: 53f25dc05a1b43e51957a3173ee03a91d14bc0ee1708d9385f876f9305adf90a
x86_64
ceph-base-10.2.3-17.el7cp.x86_64.rpm SHA-256: 90de72876f1c68955b7da6f9c15dc6e46bb636d413e33476140a0c422be4c6cc
ceph-common-10.2.3-17.el7cp.x86_64.rpm SHA-256: d2b15d4495c7b58c5320e7ee6b83a300be4f943f1c3745fb238ba2bb944d1e2a
ceph-debuginfo-10.2.3-17.el7cp.x86_64.rpm SHA-256: e52c78dfd2c4cf795c52ab8195460e7559054ac6307d3e9356d35ad922d88b92
ceph-fuse-10.2.3-17.el7cp.x86_64.rpm SHA-256: 372b532f4d409fd631ba5d6b8236b77e2555d8aa6dd6250e4d2f6bf6a5f6dca4
ceph-mds-10.2.3-17.el7cp.x86_64.rpm SHA-256: 51574cffdd3b050fd03e1bbd9d2a8828487d65df9c634f6012a499d67ef89f42
ceph-radosgw-10.2.3-17.el7cp.x86_64.rpm SHA-256: 204bddb365029849e7f3f4aef3b0312dad45c26ab9d3b9b85763dab6d169fae4
ceph-selinux-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6e04b33ef42b6933733e521b0903b6480ab7a754b4ab3786139a0880489c051d
libcephfs1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6aa881f5555ce5ca3ab5f6254cd079eec183031df897f4323f46d7083c87faab
libcephfs1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 101ac9fab342e67704f097cb94ca96c5d96cabbb54651f4bdfe39026146436b6
librados2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 826cdcbcbc9747ef0285b3b2cf508b21ca6891fed241860afc3d271e214489af
librados2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 3dcf8029b9df8ec9385137aaf99b9027976bcc066f600d0d41af2a0063e2a21d
librbd1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1b87a1277453a6fae6e4f70b031c70f0069eeae2ce2e38b2b911728a61ccfebc
librbd1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 5b84a0bfd8c328c985fd12ff4305d15d8c5a7c922ddbbffe54e67ade039a3639
librgw2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 7b37846eb8239fa94a75141b270ab7071e9586379fc88cf62d646174cfd8044f
librgw2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: fad1a3ff894604f275fa8eb004aea440ab785fa7acaed68ffd6915e576475906
python-cephfs-10.2.3-17.el7cp.x86_64.rpm SHA-256: a615137f1128188a2360001d8113a529fb54a7803297a1ab5fe511ecbb47e188
python-rados-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1f9c4a8376b215ba1bc59d2d61dbce3a1ecb30605ca127731c470c3f6212c98c
python-rbd-10.2.3-17.el7cp.x86_64.rpm SHA-256: 8e71a22acffb2508bb418fbfcbba09be286937023e7233681216c0b72a936b47
rbd-mirror-10.2.3-17.el7cp.x86_64.rpm SHA-256: 9be7e5b3731ecd49578438ae13be4869111f041e5b70eb8507db9408550cc180

Red Hat Enterprise Linux Desktop 7

SRPM
ceph-10.2.3-17.el7cp.src.rpm SHA-256: 53f25dc05a1b43e51957a3173ee03a91d14bc0ee1708d9385f876f9305adf90a
x86_64
ceph-base-10.2.3-17.el7cp.x86_64.rpm SHA-256: 90de72876f1c68955b7da6f9c15dc6e46bb636d413e33476140a0c422be4c6cc
ceph-common-10.2.3-17.el7cp.x86_64.rpm SHA-256: d2b15d4495c7b58c5320e7ee6b83a300be4f943f1c3745fb238ba2bb944d1e2a
ceph-debuginfo-10.2.3-17.el7cp.x86_64.rpm SHA-256: e52c78dfd2c4cf795c52ab8195460e7559054ac6307d3e9356d35ad922d88b92
ceph-fuse-10.2.3-17.el7cp.x86_64.rpm SHA-256: 372b532f4d409fd631ba5d6b8236b77e2555d8aa6dd6250e4d2f6bf6a5f6dca4
ceph-mds-10.2.3-17.el7cp.x86_64.rpm SHA-256: 51574cffdd3b050fd03e1bbd9d2a8828487d65df9c634f6012a499d67ef89f42
ceph-radosgw-10.2.3-17.el7cp.x86_64.rpm SHA-256: 204bddb365029849e7f3f4aef3b0312dad45c26ab9d3b9b85763dab6d169fae4
ceph-selinux-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6e04b33ef42b6933733e521b0903b6480ab7a754b4ab3786139a0880489c051d
libcephfs1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6aa881f5555ce5ca3ab5f6254cd079eec183031df897f4323f46d7083c87faab
libcephfs1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 101ac9fab342e67704f097cb94ca96c5d96cabbb54651f4bdfe39026146436b6
librados2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 826cdcbcbc9747ef0285b3b2cf508b21ca6891fed241860afc3d271e214489af
librados2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 3dcf8029b9df8ec9385137aaf99b9027976bcc066f600d0d41af2a0063e2a21d
librbd1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1b87a1277453a6fae6e4f70b031c70f0069eeae2ce2e38b2b911728a61ccfebc
librbd1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 5b84a0bfd8c328c985fd12ff4305d15d8c5a7c922ddbbffe54e67ade039a3639
librgw2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 7b37846eb8239fa94a75141b270ab7071e9586379fc88cf62d646174cfd8044f
librgw2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: fad1a3ff894604f275fa8eb004aea440ab785fa7acaed68ffd6915e576475906
python-cephfs-10.2.3-17.el7cp.x86_64.rpm SHA-256: a615137f1128188a2360001d8113a529fb54a7803297a1ab5fe511ecbb47e188
python-rados-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1f9c4a8376b215ba1bc59d2d61dbce3a1ecb30605ca127731c470c3f6212c98c
python-rbd-10.2.3-17.el7cp.x86_64.rpm SHA-256: 8e71a22acffb2508bb418fbfcbba09be286937023e7233681216c0b72a936b47
rbd-mirror-10.2.3-17.el7cp.x86_64.rpm SHA-256: 9be7e5b3731ecd49578438ae13be4869111f041e5b70eb8507db9408550cc180

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
ceph-10.2.3-17.el7cp.src.rpm SHA-256: 53f25dc05a1b43e51957a3173ee03a91d14bc0ee1708d9385f876f9305adf90a
x86_64
ceph-base-10.2.3-17.el7cp.x86_64.rpm SHA-256: 90de72876f1c68955b7da6f9c15dc6e46bb636d413e33476140a0c422be4c6cc
ceph-common-10.2.3-17.el7cp.x86_64.rpm SHA-256: d2b15d4495c7b58c5320e7ee6b83a300be4f943f1c3745fb238ba2bb944d1e2a
ceph-debuginfo-10.2.3-17.el7cp.x86_64.rpm SHA-256: e52c78dfd2c4cf795c52ab8195460e7559054ac6307d3e9356d35ad922d88b92
ceph-fuse-10.2.3-17.el7cp.x86_64.rpm SHA-256: 372b532f4d409fd631ba5d6b8236b77e2555d8aa6dd6250e4d2f6bf6a5f6dca4
ceph-mds-10.2.3-17.el7cp.x86_64.rpm SHA-256: 51574cffdd3b050fd03e1bbd9d2a8828487d65df9c634f6012a499d67ef89f42
ceph-radosgw-10.2.3-17.el7cp.x86_64.rpm SHA-256: 204bddb365029849e7f3f4aef3b0312dad45c26ab9d3b9b85763dab6d169fae4
ceph-selinux-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6e04b33ef42b6933733e521b0903b6480ab7a754b4ab3786139a0880489c051d
libcephfs1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6aa881f5555ce5ca3ab5f6254cd079eec183031df897f4323f46d7083c87faab
libcephfs1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 101ac9fab342e67704f097cb94ca96c5d96cabbb54651f4bdfe39026146436b6
librados2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 826cdcbcbc9747ef0285b3b2cf508b21ca6891fed241860afc3d271e214489af
librados2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 3dcf8029b9df8ec9385137aaf99b9027976bcc066f600d0d41af2a0063e2a21d
librbd1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1b87a1277453a6fae6e4f70b031c70f0069eeae2ce2e38b2b911728a61ccfebc
librbd1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 5b84a0bfd8c328c985fd12ff4305d15d8c5a7c922ddbbffe54e67ade039a3639
librgw2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 7b37846eb8239fa94a75141b270ab7071e9586379fc88cf62d646174cfd8044f
librgw2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: fad1a3ff894604f275fa8eb004aea440ab785fa7acaed68ffd6915e576475906
python-cephfs-10.2.3-17.el7cp.x86_64.rpm SHA-256: a615137f1128188a2360001d8113a529fb54a7803297a1ab5fe511ecbb47e188
python-rados-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1f9c4a8376b215ba1bc59d2d61dbce3a1ecb30605ca127731c470c3f6212c98c
python-rbd-10.2.3-17.el7cp.x86_64.rpm SHA-256: 8e71a22acffb2508bb418fbfcbba09be286937023e7233681216c0b72a936b47
rbd-mirror-10.2.3-17.el7cp.x86_64.rpm SHA-256: 9be7e5b3731ecd49578438ae13be4869111f041e5b70eb8507db9408550cc180

Red Hat Ceph Storage MON 2

SRPM
ceph-10.2.3-17.el7cp.src.rpm SHA-256: 53f25dc05a1b43e51957a3173ee03a91d14bc0ee1708d9385f876f9305adf90a
x86_64
ceph-base-10.2.3-17.el7cp.x86_64.rpm SHA-256: 90de72876f1c68955b7da6f9c15dc6e46bb636d413e33476140a0c422be4c6cc
ceph-common-10.2.3-17.el7cp.x86_64.rpm SHA-256: d2b15d4495c7b58c5320e7ee6b83a300be4f943f1c3745fb238ba2bb944d1e2a
ceph-debuginfo-10.2.3-17.el7cp.x86_64.rpm SHA-256: e52c78dfd2c4cf795c52ab8195460e7559054ac6307d3e9356d35ad922d88b92
ceph-mon-10.2.3-17.el7cp.x86_64.rpm SHA-256: 408eee530ca7efd31a9af2c23f32838bb6cf1c3bca5e9db58fb23202b8b49506
ceph-selinux-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6e04b33ef42b6933733e521b0903b6480ab7a754b4ab3786139a0880489c051d
ceph-test-10.2.3-17.el7cp.x86_64.rpm SHA-256: 146ffd11b0372f8c7ec062bd2fea50f82782de1b14ef85e78bbc1e5e27593d52
libcephfs1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6aa881f5555ce5ca3ab5f6254cd079eec183031df897f4323f46d7083c87faab
libcephfs1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 101ac9fab342e67704f097cb94ca96c5d96cabbb54651f4bdfe39026146436b6
librados2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 826cdcbcbc9747ef0285b3b2cf508b21ca6891fed241860afc3d271e214489af
librados2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 3dcf8029b9df8ec9385137aaf99b9027976bcc066f600d0d41af2a0063e2a21d
librbd1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1b87a1277453a6fae6e4f70b031c70f0069eeae2ce2e38b2b911728a61ccfebc
librbd1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 5b84a0bfd8c328c985fd12ff4305d15d8c5a7c922ddbbffe54e67ade039a3639
librgw2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 7b37846eb8239fa94a75141b270ab7071e9586379fc88cf62d646174cfd8044f
librgw2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: fad1a3ff894604f275fa8eb004aea440ab785fa7acaed68ffd6915e576475906
python-cephfs-10.2.3-17.el7cp.x86_64.rpm SHA-256: a615137f1128188a2360001d8113a529fb54a7803297a1ab5fe511ecbb47e188
python-rados-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1f9c4a8376b215ba1bc59d2d61dbce3a1ecb30605ca127731c470c3f6212c98c
python-rbd-10.2.3-17.el7cp.x86_64.rpm SHA-256: 8e71a22acffb2508bb418fbfcbba09be286937023e7233681216c0b72a936b47

Red Hat Ceph Storage OSD 2

SRPM
ceph-10.2.3-17.el7cp.src.rpm SHA-256: 53f25dc05a1b43e51957a3173ee03a91d14bc0ee1708d9385f876f9305adf90a
x86_64
ceph-base-10.2.3-17.el7cp.x86_64.rpm SHA-256: 90de72876f1c68955b7da6f9c15dc6e46bb636d413e33476140a0c422be4c6cc
ceph-common-10.2.3-17.el7cp.x86_64.rpm SHA-256: d2b15d4495c7b58c5320e7ee6b83a300be4f943f1c3745fb238ba2bb944d1e2a
ceph-debuginfo-10.2.3-17.el7cp.x86_64.rpm SHA-256: e52c78dfd2c4cf795c52ab8195460e7559054ac6307d3e9356d35ad922d88b92
ceph-osd-10.2.3-17.el7cp.x86_64.rpm SHA-256: 59cf83b322afdf1ac9a452696ab8f2311450ecbc592556a01a7e8305388c5160
ceph-selinux-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6e04b33ef42b6933733e521b0903b6480ab7a754b4ab3786139a0880489c051d
ceph-test-10.2.3-17.el7cp.x86_64.rpm SHA-256: 146ffd11b0372f8c7ec062bd2fea50f82782de1b14ef85e78bbc1e5e27593d52
libcephfs1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 6aa881f5555ce5ca3ab5f6254cd079eec183031df897f4323f46d7083c87faab
libcephfs1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 101ac9fab342e67704f097cb94ca96c5d96cabbb54651f4bdfe39026146436b6
librados2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 826cdcbcbc9747ef0285b3b2cf508b21ca6891fed241860afc3d271e214489af
librados2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 3dcf8029b9df8ec9385137aaf99b9027976bcc066f600d0d41af2a0063e2a21d
librbd1-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1b87a1277453a6fae6e4f70b031c70f0069eeae2ce2e38b2b911728a61ccfebc
librbd1-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: 5b84a0bfd8c328c985fd12ff4305d15d8c5a7c922ddbbffe54e67ade039a3639
librgw2-10.2.3-17.el7cp.x86_64.rpm SHA-256: 7b37846eb8239fa94a75141b270ab7071e9586379fc88cf62d646174cfd8044f
librgw2-devel-10.2.3-17.el7cp.x86_64.rpm SHA-256: fad1a3ff894604f275fa8eb004aea440ab785fa7acaed68ffd6915e576475906
python-cephfs-10.2.3-17.el7cp.x86_64.rpm SHA-256: a615137f1128188a2360001d8113a529fb54a7803297a1ab5fe511ecbb47e188
python-rados-10.2.3-17.el7cp.x86_64.rpm SHA-256: 1f9c4a8376b215ba1bc59d2d61dbce3a1ecb30605ca127731c470c3f6212c98c
python-rbd-10.2.3-17.el7cp.x86_64.rpm SHA-256: 8e71a22acffb2508bb418fbfcbba09be286937023e7233681216c0b72a936b47

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.