tcmu 1.5.2-5ubuntu0.20.04.1 source package in Ubuntu
Changelog
tcmu (1.5.2-5ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Access control bypass vulnerability
- debian/patches/CVE-2021-3139_1.patch: fail cross-device XCOPY requests.
- debian/patches/CVE-2021-3139_2.patch: fail XCOPY requests with inline
data.
- debian/patches/CVE-2021-3139_3.patch: don't assume two XCOPY CSCDs.
- debian/patches/CVE-2021-3139_4.patch: error if both src/dst_dev are unset
after CSCD.
- CVE-2021-3139
-- Paulo Flabiano Smorigo <email address hidden> Tue, 19 Jan 2021 13:35:24 +0000
Upload details
- Uploaded by:
- Paulo Flabiano Smorigo
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | universe | misc | |
| Focal | security | universe | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| tcmu_1.5.2.orig.tar.xz | 122.6 KiB | 698d450e370beaeb043180fc1fde3f6e19243f0c8cb60df4a4a7e1437b065c09 |
| tcmu_1.5.2-5ubuntu0.20.04.1.debian.tar.xz | 7.9 KiB | 3ab667bd440a3b4a3cae1defd5b16f1c99fdc452b9e5c457b42c0e9d176f4b5b |
| tcmu_1.5.2-5ubuntu0.20.04.1.dsc | 2.1 KiB | 316225f585f7d9e83ca5f5c10d5dff3299b54c011683c707d9a79722810f886e |
Available diffs
Binary packages built by this source
- libtcmu2: Library that handles the userspace side of the LIO TCM-User backstore
LIO is the SCSI target in the Linux kernel. It is entirely kernel
code, and allows exported SCSI logical units (LUNs) to be backed by
regular files or block devices. But, if one want to get fancier with
the capabilities of the device one is emulating, the kernel is not
necessarily the right place. While there are userspace libraries for
compression, encryption, and clustered storage solutions like Ceph or
Gluster, these are not accessible from the kernel.
.
The TCMU userspace-passthrough backstore allows a userspace process
to handle requests to a LUN. But since the kernel-user interface that
TCMU provides must be fast and flexible, it is complex enough that
one would like to avoid each userspace handler having to write boilerplate
code.
.
tcmu-runner handles the messy details of the TCMU interface -- UIO,
netlink, pthreads, and DBus -- and exports a more friendly C plugin
module API. Modules using this API are called "TCMU
handlers". Handler authors can write code just to handle the SCSI
commands as desired, and can also link with whatever userspace
libraries they like.
.
This is the library package
- libtcmu2-dbgsym: debug symbols for libtcmu2
- tcmu-runner: Daemon that handles the userspace side of the LIO TCM-User backstore
LIO is the SCSI target in the Linux kernel. It is entirely kernel
code, and allows exported SCSI logical units (LUNs) to be backed by
regular files or block devices. But, if one want to get fancier with
the capabilities of the device one is emulating, the kernel is not
necessarily the right place. While there are userspace libraries for
compression, encryption, and clustered storage solutions like Ceph or
Gluster, these are not accessible from the kernel.
.
The TCMU userspace-passthrough backstore allows a userspace process
to handle requests to a LUN. But since the kernel-user interface that
TCMU provides must be fast and flexible, it is complex enough that
one would like to avoid each userspace handler having to write boilerplate
code.
.
tcmu-runner handles the messy details of the TCMU interface -- UIO,
netlink, pthreads, and DBus -- and exports a more friendly C plugin
module API. Modules using this API are called "TCMU
handlers". Handler authors can write code just to handle the SCSI
commands as desired, and can also link with whatever userspace
libraries they like.
.
This is the daemon package
- tcmu-runner-dbgsym: debug symbols for tcmu-runner
