Issued:

2014-10-13

Updated:

2014-10-13

RHBA-2014:1599 - scsi-target-utils bug fix update

Synopsis

scsi-target-utils bug fix update

Type/Severity

Bug Fix Advisory (none)

Topic

Updated scsi-target-utils packages that fix several bugs are now available for Red Hat Enterprise Linux 6.

Description

The scsi-target-utils packages contain a daemon and utilities to setup Small Computer System Interface (SCSI) targets. Currently, software Internet SCSI (iSCSI) and iSCSI Extensions for RDMA (iSER) targets are supported.

This update fixes the following bugs:

• Previously, the tgtadm SCSI target administration utility did not correctly handle backing-store errors. As a consequence, calling tgtadm with an invalid backing-store parameter in some cases caused the tgtd service to become unresponsive. With this update, the bug in tgtadm has been fixed, and tgtd now recovers from an invalid request as intended. (BZ#848585)

• Prior to this update, tgtadm failed to handle setting a device to pass-through mode. As a consequence, calling tgtadm with the device-type option set to "passthrough" caused tgtd on the server side to terminate unexpectedly with a segmentation fault. A patch has been applied to fix this bug, and tgtadm no longer crashes in the described scenario. (BZ#854123)

• Prior to this update, running the "tgtadm --mode target --op show" command did not return the complete number of targets if many targets were present on the system. Consequently, tgtadm could show incorrect and also inconsistent results, because the displayed number of targets varied over repeated attempts. A patch has been applied to fix this bug. Running "tgtadm --mode target --op show" now shows all the targets correctly even on systems with a large amount of targets. (BZ#865960)

• Previously, scsi-target-utils did not support the "WRITE and VERIFY (10)" SCSI command which is used by the AIX operating system. As a consequence, AIX failed to execute the mkvg command when the user tried to add iSCSI targets to the system. With this update, the support for "WRITE and VERIFY (10)" has been added, and scsi-target-utils now provide iSCSI targets to AIX as expected. (BZ#1094084)

• Previously, tgtd could experience a buffer overflow due to incorrect usage of the snprintf() function in the source code. As a consequence, tgtd terminated unexpectedly when trying to respond to a tgtadm query about a large number of connections. The source code has been updated to avoid the buffer overflow, and using tgtadm to display a large number of connections no longer causes tgtd to crash. (BZ#1123438)

Users of scsi-target-utils are advised to upgrade to these updated packages, which fix these bugs. All running scsi-target-utils services must be restarted for the update to take effect.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258

Affected Products

Updated Packages

• scsi-target-utils-1.0.24-16.el6.x86_64.rpm
• scsi-target-utils-1.0.24-16.el6.src.rpm
• scsi-target-utils-debuginfo-1.0.24-16.el6.i686.rpm
• scsi-target-utils-1.0.24-16.el6.i686.rpm
• scsi-target-utils-debuginfo-1.0.24-16.el6.x86_64.rpm
• scsi-target-utils-debuginfo-1.0.24-16.el6.ppc64.rpm
• scsi-target-utils-1.0.24-16.el6.ppc64.rpm

Fixes

• This content is not included.BZ - 848585
• This content is not included.BZ - 865960

CVEs

(none)

References

(none)

Additional information

• The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
• Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.