Recent vulnerabilities


Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
ghsa-c6wm-m399-cmrx (github) Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability. This vulnerabili... 2024-11-22T21:32:16Z 2024-11-22T21:32:17Z
ghsa-9vx5-qvf7-p8xq (github) IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerabi... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-8fpg-x495-p3f9 (github) IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerabi... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-882h-ff2x-f86q (github) 7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnera... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-7w7j-q678-9jm4 (github) IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-7w5j-jvfw-99gr (github) Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability. ... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-7rv2-8jhc-rrg3 (github) IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerabi... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-7633-3r2w-xq8x (github) IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerab... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-64r2-w68m-x3qf (github) IrfanView JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerab... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-54m7-chq9-9wvr (github) IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerab... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-4v6v-34r8-27m4 (github) IrfanView WBZ plugin WB1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerabi... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-4rvq-m8mp-jcx2 (github) IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-4p8f-jchv-665g (github) IrfanView DJVU File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerabilit... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-4hxp-5wxw-83f8 (github) IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerabil... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-4h4v-69wg-m6q7 (github) IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerabi... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-4fvr-2wjh-fx6h (github) IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerab... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-4crp-rgr3-rv8m (github) IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerabil... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-442m-g3hg-h8j3 (github) IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerabi... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-2qj2-g5q3-xw3g (github) IrfanView ECW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This v... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-24gr-v9hq-3qw3 (github) IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This v... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-23pj-rvrr-6499 (github) IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerabil... 2024-11-22T21:32:17Z 2024-11-22T21:32:17Z
ghsa-wmcv-j9w5-vgv5 (github) Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability all... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
ghsa-vxp2-h5r5-jv9j (github) IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This v... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
ghsa-v35f-jr52-fwpj (github) Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerabil... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
ghsa-rq96-3q6x-w6vh (github) Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vul... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
ghsa-rh75-4g63-jhj7 (github) Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This v... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
ghsa-qwxh-j4v9-h3q4 (github) Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This vulne... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
ghsa-qrm7-h6wj-g2mx (github) Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vul... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
ghsa-qqcr-x579-7pxp (github) Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulner... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
ghsa-qp7v-hp83-pq4x (github) Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. T... 2024-11-22T21:32:16Z 2024-11-22T21:32:16Z
Vulnerabilities are sorted by update time (recent to old).
ID CVSS Base Score Description Vendor Product Publish Date Update Date
cve-2024-0122 (NVD) CVSS-v3.1: 7.6 NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. A successful exploit of this vulnerability may lead to partial denial of service and confidential information disclosure. NVIDIA
 DLS component of NVIDIA License System
 2024-11-22T23:23:23.218Z 2024-11-22T23:23:23.218Z
cve-2024-11296 (NVD) N/A {'providerMetadata': {'orgId': 'b15e7b5b-3da4-40ae-a43c-f7aa60e62599', 'shortName': 'Wordfence', 'dateUpdated': '2024-11-22T23:07:22.177Z'}, 'rejectedReasons': [{'lang': 'en', 'value': '** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.'}]} N/A N/A 2024-11-22T23:07:22.177Z
cve-2024-11298 (NVD) N/A {'providerMetadata': {'orgId': 'b15e7b5b-3da4-40ae-a43c-f7aa60e62599', 'shortName': 'Wordfence', 'dateUpdated': '2024-11-22T23:04:09.217Z'}, 'rejectedReasons': [{'lang': 'en', 'value': '** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.'}]} N/A N/A 2024-11-22T23:04:09.217Z
cve-2023-4061 (NVD) CVSS-v3.1: 6.5 Wildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
Red Hat
 EAP 7.4.13
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
Red Hat JBoss Enterprise Application Platform 8
 2023-11-08T00:56:05.124Z 2024-11-22T23:02:03.643Z
cve-2024-50054 (NVD) CVSS-v3.1: 7.5 CVSS-v4.0: 8.7 mySCADA myPRO Path Traversal mySCADA
mySCADA
 myPRO Manager
myPRO Runtime
 2024-11-22T22:22:08.207Z 2024-11-22T22:22:08.207Z
cve-2024-47138 (NVD) CVSS-v3.1: 9.8 CVSS-v4.0: 9.3 mySCADA myPRO Missing Authentication for Critical Function mySCADA
mySCADA
 myPRO Manager
myPRO Runtime
 2024-11-22T22:19:52.736Z 2024-11-22T22:19:52.736Z
cve-2024-45369 (NVD) CVSS-v3.1: 8.1 CVSS-v4.0: 9.2 mySCADA myPRO Improper Authentication mySCADA
mySCADA
 myPRO Manager
myPRO Runtime
 2024-11-22T22:18:12.706Z 2024-11-22T22:18:12.706Z
cve-2024-52034 (NVD) CVSS-v3.1: 10 CVSS-v4.0: 10 mySCADA myPRO OS Command Injection mySCADA
mySCADA
 myPRO Manager
myPRO Runtime
 2024-11-22T22:15:57.162Z 2024-11-22T22:15:57.162Z
cve-2024-47407 (NVD) CVSS-v3.1: 10 CVSS-v4.0: 10 mySCADA myPRO OS Command Injection mySCADA
mySCADA
 myPRO Manager
myPRO Runtime
 2024-11-22T22:15:03.490Z 2024-11-22T22:15:03.490Z
cve-2024-11630 (NVD) E-Lins H685/H685f/H700/H720/H750/H820/H820Q/H820Q0/H900 OEM Backend hard-coded credentials E-Lins
E-Lins
E-Lins
E-Lins
E-Lins
E-Lins
E-Lins
E-Lins
E-Lins
 H685
H685f
H700
H720
H750
H820
H820Q
H820Q0
H900
 2024-11-22T22:00:07.324Z 2024-11-22T22:00:07.324Z
cve-2023-1004 (NVD) MarkText WSH JScript code injection n/a
 MarkText
 2023-02-24T07:56:07.099Z 2024-11-22T21:58:30.907Z
cve-2024-6817 (NVD) CVSS-v3.0: 7.8 IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:05:50.302Z 2024-11-22T21:55:50.646Z
cve-2024-6816 (NVD) CVSS-v3.0: 7.8 IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:05:49.310Z 2024-11-22T21:55:50.531Z
cve-2024-6815 (NVD) CVSS-v3.0: 7.8 IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:05:48.229Z 2024-11-22T21:55:50.421Z
cve-2024-5877 (NVD) CVSS-v3.0: 7.8 IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:05:38.750Z 2024-11-22T21:55:50.308Z
cve-2024-5876 (NVD) CVSS-v3.0: 7.8 IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:05:37.770Z 2024-11-22T21:55:50.197Z
cve-2024-5875 (NVD) CVSS-v3.0: 7.8 IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:05:36.683Z 2024-11-22T21:55:50.061Z
cve-2024-5874 (NVD) CVSS-v3.0: 7.8 IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:05:35.679Z 2024-11-22T21:55:49.938Z
cve-2023-1036 (NVD) SourceCodester Dental Clinic Appointment Reservation System POST Parameter signup.php cross site scripting SourceCodester
 Dental Clinic Appointment Reservation System
 2023-02-26T11:49:57.972Z 2024-11-22T21:53:49.653Z
cve-2023-1047 (NVD) TechPowerUp RealTemp WinRing0x64.sys initialization TechPowerUp
 RealTemp
 2023-02-26T12:25:51.608Z 2024-11-22T21:53:11.788Z
cve-2017-20182 (NVD) Mobile Vikings Django AJAX Utilities Backslash pagination.js Pagination cross site scripting Mobile Vikings
 Django AJAX Utilities
 2023-03-10T02:00:05.899Z 2024-11-22T21:52:20.108Z
cve-2023-1353 (NVD) SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System verification.php cross site scripting SourceCodester
 Design and Implementation of Covid-19 Directory on Vaccination System
 2023-03-11T17:41:39.477Z 2024-11-22T21:51:46.640Z
cve-2023-1369 (NVD) TG Soft Vir.IT eXplorer IoControlCode VIRAGTLT.sys 0x82730088 denial of service TG Soft
 Vir.IT eXplorer
 2023-03-13T09:00:05.427Z 2024-11-22T21:51:13.683Z
cve-2023-1415 (NVD) Simple Art Gallery adminHome.php sliderPicSubmit unrestricted upload n/a
 Simple Art Gallery
 2023-03-15T15:00:56.548Z 2024-11-22T21:50:26.494Z
cve-2023-1746 (NVD) Dreamer CMS File Upload cross site scripting n/a
 Dreamer CMS
 2023-03-30T23:00:06.477Z 2024-11-22T21:49:38.257Z
cve-2023-1796 (NVD) SourceCodester Employee Payslip Generator Create News cross site scripting SourceCodester
 Employee Payslip Generator
 2023-04-02T09:00:06.561Z 2024-11-22T21:49:09.156Z
cve-2024-9114 (NVD) CVSS-v3.0: 7.8 FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability FastStone
 Image Viewer
 2024-11-22T21:34:05.006Z 2024-11-22T21:48:38.107Z
cve-2024-11571 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:41.406Z 2024-11-22T21:45:54.608Z
cve-2024-11570 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:47:36.379Z 2024-11-22T21:45:54.476Z
cve-2024-11559 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:07.757Z 2024-11-22T21:45:54.337Z
Vulnerabilities are sorted by update time (recent to old).
ID CVSS Base Score Description Vendor Product Publish Date Update Date
cve-2024-11578 (NVD) CVSS-v3.0: 7.8 Luxion KeyShot 3DS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability Luxion
 KeyShot
 2024-11-22T20:43:54.601Z 2024-11-22T20:43:54.601Z
cve-2024-11577 (NVD) CVSS-v3.0: 7.8 Luxion KeyShot SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability Luxion
 KeyShot
 2024-11-22T20:43:46.911Z 2024-11-22T20:43:46.911Z
cve-2024-11576 (NVD) CVSS-v3.0: 7.8 Luxion KeyShot 3DS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability Luxion
 KeyShot
 2024-11-22T20:42:54.741Z 2024-11-22T20:42:54.741Z
cve-2024-11575 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:54.706Z 2024-11-22T21:45:52.617Z
cve-2024-11574 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:47:46.067Z 2024-11-22T21:45:52.481Z
cve-2024-11573 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:37.998Z 2024-11-22T21:45:52.342Z
cve-2024-11572 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:47:30.184Z 2024-11-22T21:45:52.228Z
cve-2024-11571 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:41.406Z 2024-11-22T21:45:54.608Z
cve-2024-11570 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:47:36.379Z 2024-11-22T21:45:54.476Z
cve-2024-11569 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:47:50.508Z 2024-11-22T21:35:48.808Z
cve-2024-11568 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:29.774Z 2024-11-22T21:35:48.701Z
cve-2024-11567 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:47:54.879Z 2024-11-22T21:35:48.587Z
cve-2024-11566 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:33.614Z 2024-11-22T21:35:48.488Z
cve-2024-11565 (NVD) CVSS-v3.0: 7.8 IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:45.733Z 2024-11-22T21:35:48.388Z
cve-2024-11564 (NVD) CVSS-v3.0: 7.8 IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:49.285Z 2024-11-22T21:35:48.282Z
cve-2024-11563 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:47:58.945Z 2024-11-22T21:35:48.163Z
cve-2024-11562 (NVD) CVSS-v3.0: 7.8 IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:47:41.768Z 2024-11-22T21:35:47.991Z
cve-2024-11561 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:48:55.915Z 2024-11-22T21:35:47.887Z
cve-2024-11560 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:49:01.973Z 2024-11-22T21:35:47.782Z
cve-2024-11559 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:07.757Z 2024-11-22T21:45:54.337Z
cve-2024-11558 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:15.542Z 2024-11-22T21:45:54.030Z
cve-2024-11557 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:19.442Z 2024-11-22T21:45:52.094Z
cve-2024-11556 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:25.601Z 2024-11-22T21:45:51.958Z
cve-2024-11555 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:46:11.447Z 2024-11-22T21:45:51.819Z
cve-2024-11554 (NVD) CVSS-v3.0: 7.8 IrfanView DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:49:15.254Z 2024-11-22T21:35:47.476Z
cve-2024-11553 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:45:52.045Z 2024-11-22T21:45:51.693Z
cve-2024-11552 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:45:09.292Z 2024-11-22T21:45:51.574Z
cve-2024-11551 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:45:25.635Z 2024-11-22T21:45:51.449Z
cve-2024-11550 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:44:37.737Z 2024-11-22T21:45:51.306Z
cve-2024-11549 (NVD) CVSS-v3.0: 7.8 IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability IrfanView
 IrfanView
 2024-11-22T20:45:14.189Z 2024-11-22T21:45:50.808Z
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
pysec-2017-113 Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earl... 2017-03-16T21:59:00+00:00 2024-11-21T14:22:41.607839+00:00
pysec-2022-43072 An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens m... 2022-07-29T21:15:00Z 2024-11-21T14:22:41.861085Z
pysec-2021-880 Null pointer reference in CMS_Conservative_increment_obj in RaRe-Technologies bounter version 1.0... 2021-12-17T21:15:00Z 2024-11-21T14:22:41.448775Z
pysec-2020-343 blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a ... 2020-11-27T20:15:00Z 2024-11-21T14:22:41.397462Z
pysec-2019-242 Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_in... 2019-05-15T14:29:00Z 2024-11-21T14:22:41.553247Z
pysec-2012-28 The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (ak... 2012-03-21T10:11:00Z 2024-11-21T14:22:41.328571Z
pysec-2012-27 The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, ... 2012-03-21T10:11:00Z 2024-11-21T14:22:41.276629Z
pysec-2012-26 The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy... 2012-03-21T10:11:00Z 2024-11-21T14:22:41.220887Z
pysec-2012-25 The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8... 2012-03-21T10:11:00Z 2024-11-21T14:22:41.165409Z
pysec-2012-24 The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal... 2012-03-21T10:11:00Z 2024-11-21T14:22:41.111226Z
pysec-2012-23 The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe ... 2012-03-21T10:11:00Z 2024-11-21T14:22:41.056758Z
pysec-2012-22 The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Viru... 2012-03-21T10:11:00Z 2024-11-21T14:22:41.00719Z
pysec-2023-268 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinSchedul... 2023-11-24T08:15:00+00:00 2024-11-21T14:22:40.797843+00:00
pysec-2023-267 Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticate... 2023-12-21T10:15:00+00:00 2024-11-21T14:22:40.744438+00:00
pysec-2023-266 Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigg... 2023-12-21T10:15:00+00:00 2024-11-21T14:22:40.683792+00:00
pysec-2023-265 Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an auth... 2023-12-21T10:15:00+00:00 2024-11-21T14:22:40.621314+00:00
pysec-2023-264 Apache Airflow, versions 2.6.0 through 2.7.3 has a stored XSS vulnerability that allows a DAG aut... 2023-12-21T10:15:00+00:00 2024-11-21T14:22:40.559945+00:00
pysec-2023-263 An improper array index validation vulnerability exists in the stl_fix_normal_directions function... 2023-04-03T16:15:00Z 2024-11-21T14:22:40.308634Z
pysec-2022-43071 api-res-py package in PyPI 0.1 is vulnerable to a code execution backdoor in the request package. 2022-06-08T20:15:00Z 2024-11-21T14:22:40.957734Z
pysec-2022-43070 Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which ... 2022-09-05T10:15:00Z 2024-11-21T14:22:40.90699Z
pysec-2022-43069 Apache IoTDB version 0.13.0 is vulnerable by session id attack. Users should upgrade to version 0... 2022-09-05T10:15:00Z 2024-11-21T14:22:40.851901Z
pysec-2022-43068 A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creati... 2022-08-23T16:15:00Z 2024-11-21T14:22:40.419413Z
pysec-2022-43067 A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0... 2022-08-23T16:15:00Z 2024-11-21T14:22:40.36338Z
pysec-2022-43066 The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the re... 2022-06-24T21:15:00Z 2024-11-21T14:22:40.256677Z
pysec-2024-27 CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After... 2024-01-30T01:15:00Z 2024-11-21T04:10:52.988975Z
pysec-2024-124 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulne... 2024-11-18T12:15:00Z 2024-11-20T16:23:43.554559Z
pysec-2024-123 An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due... 2024-11-15T11:15:00+00:00 2024-11-19T22:22:34.280606+00:00
pysec-2021-125 A flaw was found in Ansible where the secret information present in async_files are getting discl... 2021-06-09T12:15:00Z 2024-11-19T17:22:26.016299Z
pysec-2024-85 Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDB platfo... 2024-09-12T13:15:00Z 2024-11-19T11:33:19.167718Z
pysec-2024-84 Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsDB platfo... 2024-09-12T13:15:00Z 2024-11-19T11:33:19.117325Z
Vulnerabilities are sorted by update time (recent to old).
ID Description
gsd-2024-33654 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33653 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33652 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33651 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33650 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33649 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33648 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33647 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33646 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33645 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33644 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33643 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33642 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33641 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33640 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33639 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33638 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33637 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33636 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33635 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33634 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33633 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33632 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33631 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33630 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33629 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33628 The format of the source doesn't require a description, click on the link for more details
gsd-2024-33627 The format of the source doesn't require a description, click on the link for more details
gsd-2024-4226 The format of the source doesn't require a description, click on the link for more details
gsd-2024-4225 The format of the source doesn't require a description, click on the link for more details
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
mal-2024-974 Malicious code in packages-analytics (npm) 2024-02-07T10:51:11Z 2024-02-07T10:51:11Z
mal-2024-972 Malicious code in internal-corp-package (npm) 2024-02-07T10:36:58Z 2024-02-07T10:36:58Z
mal-2024-976 Malicious code in discord.js-commandv14 (npm) 2024-02-07T09:25:50Z 2024-02-07T09:25:50Z
mal-2024-983 Malicious code in test-pkg1-random (npm) 2024-02-07T02:24:56Z 2024-02-07T02:24:57Z
mal-2024-978 Malicious code in can-explorer (npm) 2024-02-07T02:24:56Z 2024-02-07T02:24:57Z
mal-2024-951 Malicious code in discord-cache (npm) 2024-01-28T03:00:33Z 2024-02-07T02:09:16Z
mal-2024-967 Malicious code in @ssr-frontend/packages-analytics (npm) 2024-02-06T04:57:30Z 2024-02-06T04:57:30Z
mal-2024-968 Malicious code in auto-issues (npm) 2024-02-06T01:21:55Z 2024-02-06T01:21:56Z
mal-2024-969 Malicious code in bug-test-package (npm) 2024-02-06T01:21:55Z 2024-02-06T01:21:55Z
mal-2024-956 Malicious code in hub-blockly (npm) 2024-02-02T12:48:18Z 2024-02-06T00:24:12Z
mal-2024-136 Malicious code in librct (npm) 2024-01-21T13:19:02Z 2024-02-06T00:24:12Z
mal-2024-955 Malicious code in @time-loop/electron-panel-window (npm) 2024-02-02T09:26:50Z 2024-02-06T00:24:11Z
mal-2024-964 Malicious code in ngpd-merceros-dynamic-forms-fe-components (npm) 2024-02-05T04:57:18Z 2024-02-05T04:57:24Z
mal-2024-966 Malicious code in ngpd-merceros-ui-widget-core (npm) 2024-02-05T04:57:18Z 2024-02-05T04:57:18Z
mal-2024-965 Malicious code in ngpd-merceros-ui-meta (npm) 2024-02-05T04:57:18Z 2024-02-05T04:57:18Z
mal-2024-962 Malicious code in health-gbm-common (npm) 2024-02-05T04:57:18Z 2024-02-05T04:57:18Z
mal-2024-963 Malicious code in nan-win (npm) 2024-02-05T04:06:27Z 2024-02-05T04:06:27Z
mal-2024-961 Malicious code in cifuzz (npm) 2024-02-03T20:12:39Z 2024-02-03T20:12:39Z
mal-2024-957 Malicious code in ccl-modal (npm) 2024-02-02T16:40:48Z 2024-02-02T16:40:48Z
mal-2024-960 Malicious code in node-production (npm) 2024-02-02T03:52:25Z 2024-02-02T03:52:25Z
mal-2024-959 Malicious code in node-fetch-full (npm) 2024-02-02T03:52:25Z 2024-02-02T03:52:25Z
mal-2024-958 Malicious code in hardhat-gas-optimizer (npm) 2024-02-02T03:49:35Z 2024-02-02T03:49:35Z
mal-2024-164 Malicious code in discord.js-sounds (npm) 2024-01-23T16:31:06Z 2024-02-02T00:24:13Z
mal-2024-919 Malicious code in eslint-plugin-cas (npm) 2024-01-29T03:17:01Z 2024-02-01T00:25:40Z
mal-2024-918 Malicious code in ent-cas-services (npm) 2024-01-29T03:20:45Z 2024-02-01T00:25:40Z
mal-2024-948 Malicious code in identity-auth (npm) 2024-01-31T12:30:56Z 2024-01-31T13:04:51Z
mal-2024-953 Malicious code in fdistube-config (npm) 2024-01-31T08:58:18Z 2024-01-31T08:58:19Z
mal-2024-952 Malicious code in distube-f (npm) 2024-01-31T08:58:18Z 2024-01-31T08:58:19Z
mal-2024-954 Malicious code in usaa-drag-drop (npm) 2024-01-31T05:35:37Z 2024-01-31T05:35:38Z
mal-2024-950 Malicious code in diil-selfservice-components (npm) 2024-01-31T05:28:47Z 2024-01-31T05:29:40Z
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
wid-sec-w-2024-1335 JetBrains Produkte: Schwachstelle ermöglicht Offenlegung von Informationen 2024-06-10T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1334 Siemens SIMATIC S7: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen 2024-06-10T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1333 Siemens JT2Go: Mehrere Schwachstellen ermöglichen Codeausführung und Denial of Service 2024-06-10T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1332 Dell OpenManage Server Administrator: Schwachstelle ermöglicht Erlangen von Administratorrechten 2024-06-10T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1330 HP BIOS: Schwachstelle ermöglicht Privilegieneskalation und beliebige Codeausführung 2024-06-10T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1327 SAP Software: Mehrere Schwachstellen 2024-06-10T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1231 Google Chrome und Microsoft Edge: Schwachstelle ermöglicht Codeausführung 2024-05-23T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1152 Intel Prozessoren: Mehrere Schwachstellen 2024-05-14T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1111 Siemens SICAM: Mehrere Schwachstellen 2024-05-13T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1097 Apple iOS und iPadOS: Mehrere Schwachstellen 2024-05-13T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1080 Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff 2024-05-09T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1009 FRRouting Project FRRouting: Schwachstelle ermöglicht Denial of Service 2024-05-01T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-0983 win.rar WinRAR: Schwachstelle ermöglicht Denial of Service und Informationsoffenlegung 2024-04-28T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-0926 GNU libc: Schwachstelle ermöglicht Codeausführung 2024-04-17T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-0912 Google Chrome: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2024-04-16T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-0806 FRRouting Project FRRouting: Schwachstellen ermöglichen Denial of Service 2024-04-07T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-0801 Apache HTTP Server: Mehrere Schwachstellen ermöglichen Manipulation von Daten 2024-04-04T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-0734 util-linux: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2024-03-27T23:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-0698 Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation 2021-05-26T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-0457 VMware Tanzu Spring Framework: Schwachstelle ermöglicht Offenlegung von Informationen 2024-02-21T23:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2023-3037 Apache Camel: Mehrere Schwachstellen ermöglichen Denial of Service 2023-11-30T23:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2023-2024 Node.js: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen 2023-08-09T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2023-1522 GStreamer: Mehrere Schwachstellen ermöglichen Denial of Service 2023-06-20T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2022-1846 Apple macOS: Mehrere Schwachstellen 2022-10-24T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2022-0759 Oracle Java SE: Mehrere Schwachstellen 2022-07-19T22:00:00.000+00:00 2024-06-10T22:00:00.000+00:00
wid-sec-w-2024-1325 Mitel SIP Phone: Mehrere Schwachstellen 2024-06-09T22:00:00.000+00:00 2024-06-09T22:00:00.000+00:00
wid-sec-w-2024-1324 PHP: Schwachstelle ermöglicht Offenlegung von Informationen 2024-06-09T22:00:00.000+00:00 2024-06-09T22:00:00.000+00:00
wid-sec-w-2024-1323 PyTorch: Schwachstelle ermöglicht Codeausführung 2024-06-09T22:00:00.000+00:00 2024-06-09T22:00:00.000+00:00
wid-sec-w-2024-1321 Checkmk: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2024-06-09T22:00:00.000+00:00 2024-06-09T22:00:00.000+00:00
wid-sec-w-2024-1316 Microsoft Azure: Schwachstelle ermöglicht Codeausführung 2024-06-06T22:00:00.000+00:00 2024-06-09T22:00:00.000+00:00
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
rhsa-2024_8690 Red Hat Security Advisory: OpenShift Container Platform 4.13.53 packages and security update 2024-11-06T14:57:54+00:00 2024-11-24T21:48:47+00:00
rhsa-2024_6914 Red Hat Security Advisory: golang security update 2024-09-23T01:52:46+00:00 2024-11-24T21:48:42+00:00
rhsa-2024_8329 Red Hat Security Advisory: Red Hat build of Cryostat security update 2024-10-22T15:40:25+00:00 2024-11-24T21:48:39+00:00
rhsa-2024_8039 Red Hat Security Advisory: podman security update 2024-10-14T02:05:16+00:00 2024-11-24T21:48:38+00:00
rhsa-2024_6462 Red Hat Security Advisory: Cost Management enhancement and security update 2024-09-09T00:49:07+00:00 2024-11-24T21:48:32+00:00
rhsa-2024_7349 Red Hat Security Advisory: grafana security update 2024-09-30T01:25:30+00:00 2024-11-24T21:48:29+00:00
rhsa-2024_5537 Red Hat Security Advisory: Red Hat build of Cryostat security update 2024-08-19T01:53:01+00:00 2024-11-24T21:48:22+00:00
rhsa-2024_5013 Red Hat Security Advisory: The Red Hat OpenShift Builds Client 1.1.0 General Availability 2024-08-05T15:40:28+00:00 2024-11-24T21:46:15+00:00
rhsa-2024_3925 Red Hat Security Advisory: Red Hat Ceph Storage 7.1 security, enhancements, and bug fix update 2024-06-14T13:20:25+00:00 2024-11-24T21:45:48+00:00
rhsa-2024_2047 Red Hat Security Advisory: OpenShift Container Platform 4.13.41 bug fix and security update 2024-05-02T16:36:51+00:00 2024-11-24T21:45:35+00:00
rhsa-2024_0041 Red Hat Security Advisory: OpenShift Container Platform 4.16.0 bug fix and security update 2024-06-27T11:23:01+00:00 2024-11-24T21:45:31+00:00
rhsa-2024_0989 Red Hat Security Advisory: Red Hat Multicluster GlobalHub 1.0.2 bug fixes and security updates 2024-02-26T17:29:54+00:00 2024-11-24T21:45:30+00:00
rhsa-2024_2633 Red Hat Security Advisory: updated rhceph-6.1 container image 2024-05-01T01:17:27+00:00 2024-11-24T21:45:25+00:00
rhsa-2024_0040 Red Hat Security Advisory: OpenShift Container Platform 4.16.0 security and extras update 2024-06-27T10:52:21+00:00 2024-11-24T21:45:22+00:00
rhsa-2024_2631 Red Hat Security Advisory: Red Hat Ceph Storage 6.1 security and bug fix update 2024-05-01T01:14:23+00:00 2024-11-24T21:45:15+00:00
rhsa-2024_0845 Red Hat Security Advisory: OpenShift Container Platform 4.13.34 security update 2024-02-21T01:40:34+00:00 2024-11-24T21:45:04+00:00
rhsa-2024_1891 Red Hat Security Advisory: OpenShift Container Platform 4.14.22 bug fix and security update 2024-04-26T13:46:47+00:00 2024-11-24T21:45:03+00:00
rhsa-2023_7197 Red Hat Security Advisory: OpenShift Container Platform 4.15.0 security and extras update 2024-02-27T19:47:37+00:00 2024-11-24T21:44:58+00:00
rhsa-2024_0832 Red Hat Security Advisory: OpenShift Container Platform 4.12.50 security and extras update 2024-02-21T00:30:34+00:00 2024-11-24T21:44:55+00:00
rhsa-2024_1896 Red Hat Security Advisory: OpenShift Container Platform 4.12.56 security update 2024-04-25T15:13:55+00:00 2024-11-24T21:44:51+00:00
rhsa-2024_0735 Red Hat Security Advisory: OpenShift Container Platform 4.14.12 bug fix and security update 2024-02-13T17:23:36+00:00 2024-11-24T21:44:47+00:00
rhsa-2024_6221 Red Hat Security Advisory: The Red Hat OpenShift Builds 1.1.0 General Availability 2024-09-03T11:45:04+00:00 2024-11-24T21:44:45+00:00
rhsa-2024_0880 Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.31.1 security update 2024-02-20T11:06:07+00:00 2024-11-24T21:44:44+00:00
rhsa-2024_1557 Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1 2024-03-28T05:31:12+00:00 2024-11-24T21:44:40+00:00
rhsa-2024_2581 Red Hat Security Advisory: pcs security update 2024-04-30T14:37:16+00:00 2024-11-24T21:44:37+00:00
rhsa-2024_0843 Red Hat Security Advisory: Release of OpenShift Serverless 1.31.1 2024-02-15T12:55:28+00:00 2024-11-24T21:44:33+00:00
rhsa-2024_1549 Red Hat Security Advisory: ACS 4.3 enhancement and security update 2024-03-27T18:47:27+00:00 2024-11-24T21:44:31+00:00
rhsa-2024_2584 Red Hat Security Advisory: pcs security update 2024-04-30T14:52:26+00:00 2024-11-24T21:44:26+00:00
rhsa-2024_0641 Red Hat Security Advisory: OpenShift Container Platform 4.14.11 security and extras update 2024-02-07T16:41:29+00:00 2024-11-24T21:44:25+00:00
rhsa-2024_1678 Red Hat Security Advisory: nodejs security update 2024-04-04T16:12:40+00:00 2024-11-24T21:44:23+00:00
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
icsa-23-236-05 CODESYS Development System 2023-08-24T06:00:00.000000Z 2023-08-24T06:00:00.000000Z
icsa-23-236-04 CODESYS Development System 2023-08-24T06:00:00.000000Z 2023-08-24T06:00:00.000000Z
icsa-23-236-03 CODESYS Development System 2023-08-24T06:00:00.000000Z 2023-08-24T06:00:00.000000Z
icsa-23-236-02 OPTO 22 SNAP PAC S1 2023-08-24T06:00:00.000000Z 2023-08-24T06:00:00.000000Z
icsa-23-236-01 KNX Protocol 2023-08-24T06:00:00.000000Z 2023-08-24T06:00:00.000000Z
icsa-23-234-03 Rockwell Automation ThinManager ThinServer 2023-08-22T06:00:00.000000Z 2023-08-22T06:00:00.000000Z
icsa-23-234-02 Trane Thermostats 2023-08-22T06:00:00.000000Z 2023-08-22T06:00:00.000000Z
icsa-23-234-01 Hitachi Energy AFF66x 2023-08-22T06:00:00.000000Z 2023-08-22T06:00:00.000000Z
icsa-23-138-02 Mitsubishi Electric MELSEC WS Series 2023-05-18T06:00:00.000000Z 2023-08-22T06:00:00.000000Z
icsa-23-229-03 Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters 2023-08-17T06:00:00.000000Z 2023-08-17T06:00:00.000000Z
icsa-23-229-01 ICONICS and Mitsubishi Electric Products 2023-08-17T06:00:00.000000Z 2023-08-17T06:00:00.000000Z
icsa-23-227-02 Rockwell Automation Armor PowerFlex 2023-08-15T06:00:00.000000Z 2023-08-15T06:00:00.000000Z
icsa-23-227-01 Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU 2023-08-15T06:00:00.000000Z 2023-08-15T06:00:00.000000Z
icsa-23-220-02 Hitachi Energy RTU500 series 2023-08-08T06:00:00.000000Z 2023-08-08T06:00:00.000000Z
icsa-23-222-12 Network Mirroring in Siemens RUGGEDCOM 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-11 Siemens Solid Edge SE2023 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-10 Siemens SICAM TOOLBOX II 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-09 Siemens OpenSSL RSA Decryption in SIMATIC 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-08 Resource Allocation in Siemens RUGGEDCOM 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-07 Siemens Address Processing in SIMATIC 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-06 Siemens Parasolid and Teamcenter Visualization 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-05 Siemens RUGGEDCOM CROSSBOW 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-04 ​Siemens Software Center 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-03 ​Siemens JT Open, JT Utilities, and Parasolid 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-02 Siemens Parasolid Installer 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-222-01 Siemens Solid Edge, JT2Go, and Teamcenter Visualization 2023-08-08T00:00:00Z 2023-08-08T00:00:00Z
icsa-23-215-04 Sensormatic Electronics VideoEdge 2023-08-03T06:00:00.000000Z 2023-08-03T06:00:00.000000Z
icsa-23-215-03 TEL-STER TelWin SCADA WebInterface 2023-08-03T06:00:00.000000Z 2023-08-03T06:00:00.000000Z
icsa-23-215-02 Mitsubishi Electric GT and GOT Series Products 2023-08-03T06:00:00.000000Z 2023-08-03T06:00:00.000000Z
icsa-23-215-01 Mitsubishi Electric GOT2000 and GOT SIMPLE 2023-08-03T06:00:00.000000Z 2023-08-03T06:00:00.000000Z
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
cisco-sa-cisco-pi-epnm-xss-mzshh2j Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability 2023-03-01T16:00:00+00:00 2023-04-06T15:31:34+00:00
cisco-sa-sb-rv01x_rv32x_rce-nzagwwdd Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability 2023-04-05T16:00:00+00:00 2023-04-05T20:30:30+00:00
cisco-sa-wbx-sxss-fupl-64uhbcm5 Cisco Webex Meetings Web UI Vulnerabilities 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-uccx-xss-go9l9xxr Cisco Unified Contact Center Express Stored Cross-Site Scripting Vulnerability 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-stealthsmc-rce-sfnbpjcs Cisco Secure Network Analytics Remote Code Execution Vulnerability 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-stealth-rce-bdwxfk9c Cisco Secure Network Analytics Remote Code Execution Vulnerability 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-sb-rv32x-cmdinject-ckqszpxl Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers Command Injection Vulnerabilities 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-rv-stored-xss-vqz7gc8w Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-meraki-lsp-7xysn6pj Cisco Meraki Local Status Page Configuration Hardening 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-ise-injection-2xbog9dg Cisco Identity Services Engine Command Injection Vulnerabilities 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-adeos-mlayecvk Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities 2023-04-05T16:00:00+00:00 2023-04-05T16:00:00+00:00
cisco-sa-expressway-overwrite-3buqw8lh Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities 2022-07-06T16:00:00+00:00 2023-04-04T20:50:42+00:00
cisco-sa-stealth-rce-2hyb9kfk Cisco Secure Network Analytics Remote Code Execution Vulnerability 2022-05-18T16:00:00+00:00 2023-04-03T18:50:18+00:00
cisco-sa-wsa-bypass-bwbfugek Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerabilities 2022-10-05T16:00:00+00:00 2023-04-03T13:46:35+00:00
cisco-sa-ise-access-contol-eeufsucx Cisco Identity Services Engine Insufficient Access Control Vulnerability 2022-11-02T16:00:00+00:00 2023-03-31T21:21:42+00:00
cisco-sa-ise-xss-twlnpy3m Cisco Identity Services Engine Cross-Site Scripting Vulnerability 2022-10-19T16:00:00+00:00 2023-03-31T21:09:40+00:00
cisco-sa-ise-7q4tnyux Cisco Identity Services Engine Vulnerabilities 2022-11-16T16:00:00+00:00 2023-03-31T20:41:42+00:00
cisco-sa-capic-csrfv-dmx6kswv Cisco Application Policy Infrastructure Controller and Cisco Cloud Network Controller Cross-Site Request Forgery Vulnerability 2023-02-22T16:00:00+00:00 2023-03-29T21:04:31+00:00
cisco-sa-vman-csrf-76rdbleh Cisco SD-WAN vManage Software Cluster Mode Cross-Site Request Forgery Vulnerability 2023-03-22T16:00:00+00:00 2023-03-27T21:11:52+00:00
cisco-sa-wifi-ffeb-22epcewu Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues Affecting Multiple Cisco Products 2023-03-27T05:00:00+00:00 2023-03-27T05:00:00+00:00
cisco-sa-iosxe-priv-esc-sabd8hcu Cisco IOS XE Software Privilege Escalation Vulnerability 2023-03-22T16:00:00+00:00 2023-03-24T19:59:49+00:00
cisco-sa-ucsm-bkpsky-h8fcqgsa Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability 2023-02-22T16:00:00+00:00 2023-03-24T18:16:56+00:00
cisco-sa-ipv4-vfr-dos-cxxtfacb Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability 2023-03-22T16:00:00+00:00 2023-03-23T21:42:01+00:00
cisco-sa-webui-pthtrv-es7gsb9v Cisco IOS XE Software Web UI Path Traversal Vulnerability 2023-03-22T16:00:00+00:00 2023-03-22T16:00:00+00:00
cisco-sa-ios-xe-sdwan-vqahejyw Cisco IOS XE SD-WAN Software Command Injection Vulnerability 2023-03-22T16:00:00+00:00 2023-03-22T16:00:00+00:00
cisco-sa-ios-gre-crash-p6ne5sq5 Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability 2023-03-22T16:00:00+00:00 2023-03-22T16:00:00+00:00
cisco-sa-ios-dhcpv6-dos-44cmvddk Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability 2023-03-22T16:00:00+00:00 2023-03-22T16:00:00+00:00
cisco-sa-ewlc-dos-wfujbhkw Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability 2023-03-22T16:00:00+00:00 2023-03-22T16:00:00+00:00
cisco-sa-dnac-privesc-qfxe74rs Cisco DNA Center Privilege Escalation Vulnerability 2023-03-22T16:00:00+00:00 2023-03-22T16:00:00+00:00
cisco-sa-dnac-infodisc-pe7zabdr Cisco DNA Center Information Disclosure Vulnerability 2023-03-22T16:00:00+00:00 2023-03-22T16:00:00+00:00
Vulnerabilities are sorted by update time (recent to old).
ID Description
var-201902-0360 In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. Bootstrap Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: RHV Manager (ovirt-engine) 4.4 security, bug fix, and enhancement update Advisory ID: RHSA-2020:3247-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2020:3247 Issue date: 2020-08-04 CVE Names: CVE-2017-18635 CVE-2019-8331 CVE-2019-10086 CVE-2019-13990 CVE-2019-17195 CVE-2019-19336 CVE-2020-7598 CVE-2020-10775 CVE-2020-11022 CVE-2020-11023 ===================================================================== 1. Summary: Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch, x86_64 3. Description: The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer (REST) Application Programming Interface (API). A list of bugs fixed in this update is available in the Technical Notes book: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/ht ml-single/technical_notes Security Fix(es): * apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086) * libquartz: XXE attacks via job description (CVE-2019-13990) * novnc: XSS vulnerability via the messages propagated to the status field (CVE-2017-18635) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * nimbus-jose-jwt: Uncaught exceptions while parsing a JWT (CVE-2019-17195) * ovirt-engine: response_type parameter allows reflected XSS (CVE-2019-19336) * nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598) * ovirt-engine: Redirect to arbitrary URL allows for phishing (CVE-2020-10775) * Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/2974891 5. Bugs fixed (https://bugzilla.redhat.com/): 1080097 - [RFE] Allow editing disks details in the Disks tab 1325468 - [RFE] Autostart of VMs that are down (with Engine assistance - Engine has to be up) 1358501 - [RFE] multihost network change - notify when done 1427717 - [RFE] Create and/or select affinity group upon VM creation. 1475774 - RHV-M requesting four GetDeviceListVDSCommand when editing storage domain 1507438 - not able to deploy new rhvh host when "/tmp" is mounted with "noexec" option 1523835 - Hosted-Engine: memory hotplug does not work for engine vm 1527843 - [Tracker] Q35 chipset support (with seabios) 1529042 - [RFE] Changing of Cluster CPU Type does not trigger config update notification 1535796 - Undeployment of HE is not graceful 1546838 - [RFE] Refuse to deploy on localhost.localdomain 1547937 - [RFE] Live Storage Migration progress bar. 1585986 - [HE] When lowering the cluster compatibility, we need to force update the HE storage OVF store to ensure it can start up (migration will not work). 1593800 - [RFE] forbid new mac pools with overlapping ranges 1596178 - inconsistent display between automatic and manual Pool Type 1600059 - [RFE] Add by default a storage lease to HA VMs 1610212 - After updating to RHV 4.1 while trying to edit the disk, getting error "Cannot edit Virtual Disk. Cannot edit Virtual Disk. Disk extension combined with disk compat version update isn't supported. Please perform the updates separately." 1611395 - Unable to list Compute Templates in RHV 4.2 from Satellite 6.3.2 1616451 - [UI] add a tooltip to explain the supported matrix for the combination of disk allocation policies, formats and the combination result 1637172 - Live Merge hung in the volume deletion phase, leaving snapshot in a LOCKED state 1640908 - Javascript Error popup when Managing StorageDomain with LUNs and 400+ paths 1642273 - [UI] - left nav border highlight missing in RHV 1647440 - [RFE][UI] Provide information about the VM next run 1648345 - Jobs are not properly cleaned after a failed task. 1650417 - HA is broken for VMs having disks in NFS storage domain because of Qemu OFD locking 1650505 - Increase of ClusterCompatibilityVersion to Cluster with virtual machines with outstanding configuration changes, those changes will be reverted 1651406 - [RFE] Allow Maintenance of Host with Enforcing VM Affinity Rules (hard affinity) 1651939 - a new size of the direct LUN not updated in Admin Portal 1654069 - [Downstream Clone] [UI] - grids bottom scrollbar hides bottom row 1654889 - [RFE] Support console VNC for mediated devices 1656621 - Importing VM OVA always enables 'Cloud-Init/Sysprep' 1658101 - [RESTAPI] Adding ISO disables serial console 1659161 - Unable to edit pool that is delete protected 1660071 - Regression in Migration of VM that starts in pause mode: took 11 hours 1660644 - Concurrent LSMs of the same disk can be issued via the REST-API 1663366 - USB selection option disabled even though USB support is enabled in RHV-4.2 1664479 - Third VM fails to get migrated when host is placed into maintenance mode 1666913 - [UI] warn users about different "Vdsm Name" when creating network with a fancy char or long name 1670102 - [CinderLib] - openstack-cinder and cinderlib packages are not installed on ovirt-engine machine 1671876 - "Bond Active Slave" parameter on RHV-M GUI shows an incorrect until Refresh Caps 1679039 - Unable to upload image through Storage->Domain->Disk because of wrong DC 1679110 - [RFE] change Admin Portal toast notifications location 1679471 - [ja, de, es, fr, pt_BR] The console client resources page shows truncated title for some locales 1679730 - Warn about host IP addresses outside range 1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute 1686650 - Memory snapshots' deletion logging unnecessary WARNINGS in engine.log 1687345 - Snapshot with memory volumes can fail if the memory dump takes more than 180 seconds 1690026 - [RFE] - Creating an NFS storage domain the engine should let the user specify exact NFS version v4.0 and not just v4 1690155 - Disk migration progress bar not clearly visible and unusable. 1690475 - When a live storage migration fails, the auto generated snapshot does not get removed 1691562 - Cluster level changes are not increasing VMs generation numbers and so a new OVF_STORE content is not copied to the shared storage 1692592 - "Enable menu to select boot device shows 10 device listed with cdrom at 10th slot but when selecting 10 option the VM took 1 as option and boot with disk 1693628 - Engine generates too many updates to vm_dynamic table due to the session change 1693813 - Do not change DC level if there are VMs running/paused with older CL. 1695026 - Failure in creating snapshots during "Live Storage Migration" can result in a nonexistent snapshot 1695635 - [RFE] Improve Host Drop-down menu in different Dialogs (i.e. Alphabetical sort of Hosts in Remove|New StorageDomains) 1696245 - [RFE] Allow full customization while cloning a VM 1696669 - Build bouncycastle for RHV 4.4 RHEL 8 1696676 - Build ebay-cors-filter for RHV 4.4 RHEL 8 1698009 - Build openstack-java-sdk for RHV 4.4 RHEL 8 1698102 - Print a warning message to engine-setup, which highlights that other clusters than the Default one are not modified to use ovirt-provider-ovn as the default network provider 1700021 - [RFE] engine-setup should warn and prompt if ca.pem is missing but other generated pki files exist 1700036 - [RFE] Add RedFish API for host power management for RHEV 1700319 - VM is going to pause state with "storage I/O error". 1700338 - [RFE] Alternate method to configure the email Event Notifier for a user in RHV through API (instead of RHV GUI) 1700725 - [scale] RHV-M runs out of memory due to to much data reported by the guest agent 1700867 - Build makeself for RHV 4.4 RHEL 8 1701476 - Build unboundid-ldapsdk for RHV 4.4 RHEL 8 1701491 - Build RHV-M 4.4 - RHEL 8 1701522 - Build ovirt-imageio-proxy for RHV 4.4 / RHEL 8 1701528 - Build / Tag python-ovsdbapp for RHV 4.4 RHEL 8 1701530 - Build / Tag ovirt-cockpit-sso for RHV 4.4 RHEL 8 1701531 - Build / Tag ovirt-engine-api-explorer for RHV 4.4 RHEL 8 1701533 - Build / Tag ovirt-engine-dwh for RHV 4.4 / RHEL 8 1701538 - Build / Tag vdsm-jsonrpc-java for RHV 4.4 RHEL 8 1701544 - Build rhvm-dependencies for RHV 4.4 RHEL 8 1702310 - Build / Tag ovirt-engine-ui-extensions for RHV 4.4 RHEL 8 1702312 - Build ovirt-log-collector for RHV 4.4 RHEL 8 1703112 - PCI address of NICs are not stored in the database after a hotplug of passthrough NIC resulting in change of network device name in VM after a reboot 1703428 - VMs migrated from KVM to RHV show warning 'The latest guest agent needs to be installed and running on the guest' 1707225 - [cinderlib] Cinderlib DB is missing a backup and restore option 1708624 - Build rhvm-setup-plugins for RHV 4.4 - RHEL 8 1710491 - No EVENT_ID is generated in /var/log/ovirt-engine/engine.log when VM is rebooted from OS level itself. 1711006 - Metrics installation fails during the execution of playbook ovirt-metrics-store-installation if the environment is not having DHCP 1712255 - Drop 4.1 datacenter/cluster level 1712746 - [RFE] Ignition support for ovirt vms 1712890 - engine-setup should check for snapshots in unsupported CL 1714528 - Missing IDs on cluster upgrade buttons 1714633 - Using more than one asterisk in the search string is not working when searching for users. 1714834 - Cannot disable SCSI passthrough using API 1715725 - Sending credentials in query string logs them in ovirt-request-logs 1716590 - [RFE][UX] Make Cluster-wide "Custom serial number policy" value visible at VM level 1718818 - [RFE] Enhance local disk passthrough 1720686 - Tag ovirt-scheduler-proxy for RHV 4.4 RHEL 8 1720694 - Build ovirt-engine-extension-aaa-jdbc for RHV 4.4 RHEL 8 1720795 - New guest tools are available mark in case of guest tool located on Data Domain 1724959 - RHV recommends reporting issues to GitHub rather than access.redhat.com (ovirt->RHV rebrand glitch?) 1727025 - NPE in DestroyImage endAction during live merge leaving a task in DB for hours causing operations depending on host clean tasks to fail as Deactivate host/StopSPM/deactivate SD 1728472 - Engine reports network out of sync due to ipv6 default gateway via ND RA on a non default route network. 1729511 - engine-setup fails to upgrade to 4.3 with Unicode characters in CA subject 1729811 - [scale] updatevmdynamic broken if too many users logged in - psql ERROR: value too long for type character varying(255) 1730264 - VMs will fail to start if the vnic profile attached is having port mirroring enabled and have name greater than 15 characters 1730436 - Snapshot creation was successful, but snapshot remains locked 1731212 - RHV 4.4 landing page does not show login or allow scrolling. 1731590 - Cannot preview snapshot, it fails and VM remains locked. 1733031 - [RFE] Add warning when importing data domains to newer DC that may trigger SD format upgrade 1733529 - Consume python-ovsdbapp dependencies from OSP in RHEL 8 RHV 4.4 1733843 - Export to OVA fails if VM is running on the Host doing the export 1734839 - Unable to start guests in our Power9 cluster without running in headless mode. 1737234 - Attach a non-existent ISO to vm by the API return 201 and marks the Attach CD checkbox as ON 1737684 - Engine deletes the leaf volume when SnapshotVDSCommand timed out without checking if the volume is still used by the VM 1740978 - [RFE] Warn or Block importing VMs/Templates from unsupported compatibility levels. 1741102 - host activation causes RHHI nodes to lose the quorum 1741271 - Move/Copy disk are blocked if there is less space in source SD than the size of the disk 1741625 - VM fails to be re-started with error: Failed to acquire lock: No space left on device 1743690 - Commit and Undo buttons active when no snapshot selected 1744557 - RHV 4.3 throws an exception when trying to access VMs which have snapshots from unsupported compatibility levels 1745384 - [IPv6 Static] Engine should allow updating network's static ipv6gateway 1745504 - Tag rhv-log-collector-analyzer for RHV 4.4 RHEL 8 1746272 - [BREW BUILD ENABLER] Build the oVirt Ansible roles for RHV 4.4.0 1746430 - [Rebase] Rebase v2v-conversion-host for RHV 4.4 Engine 1746877 - [Metrics] Rebase bug - for the 4.4 release on EL8 1747772 - Extra white space at the top of webadmin dialogs 1749284 - Change the Snapshot operation to be asynchronous 1749944 - teardownImage attempts to deactivate in-use LV's rendering the VM disk image/volumes in locked state. 1750212 - MERGE_STATUS fails with 'Invalid UUID string: mapper' when Direct LUN that already exists is hot-plugged 1750348 - [Tracking] rhvm-branding-rhv for RHV 4.4 1750357 - [Tracking] ovirt-web-ui for RHV 4.4 1750371 - [Tracking] ovirt-engine-ui-extensions for RHV 4.4 1750482 - From VM Portal, users cannot create Operating System Windows VM. 1751215 - Unable to change Graphical Console of HE VM. 1751268 - add links to Insights to landing page 1751423 - Improve description of shared memory statistics and remove unimplemented memory metrics from API 1752890 - Build / Tag ovirt-engine-extension-aaa-ldap for RHV 4.4 RHEL 8 1752995 - [RFE] Need to be able to set default console option 1753629 - Build / Tag ovirt-engine-extension-aaa-misc for RHV 4.4 RHEL 8 1753661 - Build / Tag ovirt-engine-extension-logger-log4j got RHV 4.4 / RHEl 8 1753664 - Build ovirt-fast-forward-upgrade for RHV 4.4 /RHEL 8 support 1754363 - [Scale] Engine generates excessive amount of dns configuration related sql queries 1754490 - RHV Manager cannot start on EAP 7.2.4 1755412 - Setting "oreg_url: registry.redhat.io" fails with error 1758048 - clone(as thin) VM from template or create snapshot fails with 'Requested capacity 1073741824 < parent capacity 3221225472 (volume:1211)' 1758289 - [Warn] Duplicate chassis entries in southbound database if the host is down while removing the host from Manager 1762281 - Import of OVA created from template fails with java.lang.NullPointerException 1763992 - [RFE] Show "Open Console" as the main option in the VM actions menu 1764289 - Document details how each fence agent can be configured in RESTAPI 1764791 - CVE-2019-17195 nimbus-jose-jwt: Uncaught exceptions while parsing a JWT 1764932 - [BREW BUILD ENABLER] Build the ansible-runner-service for RHV 4.4 1764943 - Create Snapshot does not proceed beyond CreateVolume 1764959 - Apache is configured to offer TRACE method (security) 1765660 - CVE-2017-18635 novnc: XSS vulnerability via the messages propagated to the status field 1767319 - [RFE] forbid updating mac pool that contains ranges overlapping with any mac range in the system 1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 1768707 - Cannot set or update iscsi portal group tag when editing storage connection via API 1768844 - RHEL Advanced virtualization module streams support 1769463 - [Scale] Slow performance for api/clusters when many networks devices are present 1770237 - Cannot assign a vNIC profile for VM instance profile. 1771793 - VM Portal crashes in what appears to be a permission related problem. 1773313 - RHV Metric store installation fails with error: "You need to install \"jmespath\" prior to running json_query filter" 1777954 - VM Templates greater then 101 quantity are not listed/reported in RHV-M Webadmin UI. 1779580 - drop rhvm-doc package 1781001 - CVE-2019-19336 ovirt-engine: response_type parameter allows reflected XSS 1782236 - Windows Update (the drivers) enablement 1782279 - Warning message for low space is not received on Imported Storage domain 1782882 - qemu-kvm: kvm_init_vcpu failed: Function not implemented 1784049 - Rhel6 guest with cluster default q35 chipset causes kernel panic 1784385 - Still requiring rhvm-doc in rhvm-setup-plugins 1785750 - [RFE] Ability to change default VM action (Suspend) in the VM Portal. 1788424 - Importing a VM having direct LUN attached using virtio driver is failing with error "VirtIO-SCSI is disabled for the VM" 1796809 - Build apache-sshd for RHV 4.4 RHEL 8 1796811 - Remove bundled apache-sshd library 1796815 - Build snmp4j for RHV 4.4 RHEL 8 1796817 - Remove bundled snmp4j library 1797316 - Snapshot creation from VM fails on second snapshot and afterwords 1797500 - Add disk operation failed to complete. 1798114 - Build apache-commons-digester for RHV 4.4 RHEL 8 1798117 - Build apache-commons-configuration for RHV 4.4 RHEL 8 1798120 - Build apache-commons-jexl for RHV 4.4 RHEL 8 1798127 - Build apache-commons-collections4 for RHV 4.4 RHEL 8 1798137 - Build apache-commons-vfs for RHV 4.4 RHEL 8 1799171 - Build ws-commons-util for RHV 4.4 RHEL 8 1799204 - Build xmlrpc for RHV 4.4 RHEL 8 1801149 - CVE-2019-13990 libquartz: XXE attacks via job description 1801709 - Disable activation of the host while Enroll certificate flow is still in progress 1803597 - rhv-image-discrepancies should skip storage domains in maintenance mode and ISO/Export 1805669 - change requirement on rhvm package from spice-client-msi to spice-client-win 1806276 - [HE] ovirt-provider-ovn is non-functional on 4.3.9 Hosted-Engine 1807047 - Build m2crypto for RHV 4.4 RHEL 8 1807860 - [RFE] Allow resource allocation options to be customized 1808096 - Uploading ISOs causes "Uncaught exception occurred. Please try reloading the page. Details: (TypeError) : a.n is null" 1808126 - host_service.install() does not work with deploy_hosted_engine as True. 1809040 - [CNV&RHV] let the user know that token is not valid anymore 1809052 - [CNV&RHV] ovirt-engine log file spammed by failed timers ( approx 3-5 messages/sec ) 1809875 - rhv-image-discrepancies only compares images on the last DC 1809877 - rhv-image-discrepancies sends dump-volume-chains with parameter that is ignored 1810893 - mountOptions is ignored for "import storage domain" from GUI 1811865 - [Scale] Host Monitoring generates excessive amount of qos related sql queries 1811869 - [Scale] Webadmin\REST for host interface list response time is too long because of excessive amount of qos related sql queries 1812875 - Unable to create VMs when french Language is selected for the rhvm gui. 1813305 - Engine updating SLA policies of VMs continuously in an environment which is not having any QOS configured 1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload 1814197 - [CNV&RHV] when provider is remover DC is left behind and active 1814215 - [CNV&RHV] Adding new provider to engine fails after succesfull test 1816017 - Build log4j12 for RHV 4.4 EL8 1816643 - [CNV&RHV] VM created in CNV not visible in RHV 1816654 - [CNV&RHV] adding provider with already created vm failed 1816693 - [CNV&RHV] CNV VM failed to restart even if 1st dialog looks fine 1816739 - [CNV&RHV] CNV VM updated form CNV side doesn't update vm properties over on RHV side 1817467 - [Tracking] Migration path between RHV 4.3 and 4.4 1818745 - rhv-log-collector-analyzer 0.2.17 still requires pyhton2 1819201 - [CodeChange][i18n] oVirt 4.4 rhv branding - translation update 1819248 - Cannot upgrade host after engine setup 1819514 - Failed to register 4.4 host to the latest engine (4.4.0-0.29.master.el8ev) 1819960 - NPE on ImportVmTemplateFromConfigurationCommand when creating VM from ovf_data 1820621 - Build apache-commons-compress for RHV 4.4 EL8 1820638 - Build apache-commons-jxpath for RHV 4.4 EL8 1821164 - Failed snapshot creation can cause data corruption of other VMs 1821930 - Enable only TLSv1.2+ protocol for SPICE on EL7 hosts 1824095 - VM portal shows only error 1825793 - RHV branding is missing after upgrade from 4.3 1826248 - [4.4][ovirt-cockpit-sso] Compatibility issues with python3 1826437 - The console client resources page return HTTP code 500 1826801 - [CNV&RHV] update of memory on cnv side does not propagate to rhv 1826855 - [cnv&rhv] update of cpu on cnv side causing expetion in engine.log 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1828669 - After SPM select the engine lost communication to all hosts until restarted [improved logging] 1828736 - [CNV&RHV] cnv template is not propagated to rhv 1829189 - engine-setup httpd ssl configuration conflicts with Red Hat Insights 1829656 - Failed to register 4.3 host to 4.4 engine with 4.3 cluster (4.4.0-0.33.master.el8ev) 1829830 - vhost custom properties does not accept '-' 1832161 - rhv-log-collector-analyzer fails with UnicodeDecodeError on RHEL8 1834523 - Edit VM -> Enable Smartcard sharing does not stick when VM is running 1838493 - Live snapshot made with freeze in the engine will cause the FS to be frozen 1841495 - Upgrade openstack-java-sdk to 3.2.9 1842495 - high cpu usage after entering wrong search pattern in RHVM 1844270 - [vGPU] nodisplay option for mdev broken since mdev scheduling unit 1844855 - Missing images (favicon.ico, banner logo) and missing brand.css file on VM portal d/s installation 1845473 - Exporting an OVA file from a VM results in its ovf file having a format of RAW when the disk is COW 1847420 - CVE-2020-10775 ovirt-engine: Redirect to arbitrary URL allows for phishing 1850004 - CVE-2020-11023 jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution 1853444 - [CodeChange][i18n] oVirt 4.4 rhv branding - translation update (July-2020) 1854563 - [4.4 downstream only][RFE] Include a link to grafana on front page 6. Package List: RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4: Source: ansible-runner-1.4.5-1.el8ar.src.rpm ansible-runner-service-1.0.2-1.el8ev.src.rpm apache-commons-collections4-4.4-1.el8ev.src.rpm apache-commons-compress-1.18-1.el8ev.src.rpm apache-commons-configuration-1.10-1.el8ev.src.rpm apache-commons-jexl-2.1.1-1.el8ev.src.rpm apache-commons-jxpath-1.3-29.el8ev.src.rpm apache-commons-vfs-2.4.1-1.el8ev.src.rpm apache-sshd-2.5.1-1.el8ev.src.rpm ebay-cors-filter-1.0.1-4.el8ev.src.rpm ed25519-java-0.3.0-1.el8ev.src.rpm engine-db-query-1.6.1-1.el8ev.src.rpm java-client-kubevirt-0.5.0-1.el8ev.src.rpm log4j12-1.2.17-22.el8ev.src.rpm m2crypto-0.35.2-5.el8ev.src.rpm makeself-2.4.0-4.el8ev.src.rpm novnc-1.1.0-1.el8ost.src.rpm openstack-java-sdk-3.2.9-1.el8ev.src.rpm ovirt-cockpit-sso-0.1.4-1.el8ev.src.rpm ovirt-engine-4.4.1.8-0.7.el8ev.src.rpm ovirt-engine-api-explorer-0.0.6-1.el8ev.src.rpm ovirt-engine-dwh-4.4.1.2-1.el8ev.src.rpm ovirt-engine-extension-aaa-jdbc-1.2.0-1.el8ev.src.rpm ovirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.src.rpm ovirt-engine-extension-aaa-misc-1.1.0-1.el8ev.src.rpm ovirt-engine-extension-logger-log4j-1.1.0-1.el8ev.src.rpm ovirt-engine-extensions-api-1.0.1-1.el8ev.src.rpm ovirt-engine-metrics-1.4.1.1-1.el8ev.src.rpm ovirt-engine-ui-extensions-1.2.2-1.el8ev.src.rpm ovirt-fast-forward-upgrade-1.1.6-0.el8ev.src.rpm ovirt-log-collector-4.4.2-1.el8ev.src.rpm ovirt-scheduler-proxy-0.1.9-1.el8ev.src.rpm ovirt-web-ui-1.6.3-1.el8ev.src.rpm python-aniso8601-0.82-4.el8ost.src.rpm python-flask-1.0.2-2.el8ost.src.rpm python-flask-restful-0.3.6-8.el8ost.src.rpm python-netaddr-0.7.19-8.1.el8ost.src.rpm python-notario-0.0.16-2.el8cp.src.rpm python-ovsdbapp-0.17.1-0.20191216120142.206cf14.el8ost.src.rpm python-pbr-5.1.2-2.el8ost.src.rpm python-six-1.12.0-1.el8ost.src.rpm python-websocket-client-0.54.0-1.el8ost.src.rpm python-werkzeug-0.16.0-1.el8ost.src.rpm rhv-log-collector-analyzer-1.0.2-1.el8ev.src.rpm rhvm-branding-rhv-4.4.4-1.el8ev.src.rpm rhvm-dependencies-4.4.0-1.el8ev.src.rpm rhvm-setup-plugins-4.4.2-1.el8ev.src.rpm snmp4j-2.4.1-1.el8ev.src.rpm unboundid-ldapsdk-4.0.14-1.el8ev.src.rpm vdsm-jsonrpc-java-1.5.4-1.el8ev.src.rpm ws-commons-util-1.0.2-1.el8ev.src.rpm xmlrpc-3.1.3-1.el8ev.src.rpm noarch: ansible-runner-1.4.5-1.el8ar.noarch.rpm ansible-runner-service-1.0.2-1.el8ev.noarch.rpm apache-commons-collections4-4.4-1.el8ev.noarch.rpm apache-commons-collections4-javadoc-4.4-1.el8ev.noarch.rpm apache-commons-compress-1.18-1.el8ev.noarch.rpm apache-commons-compress-javadoc-1.18-1.el8ev.noarch.rpm apache-commons-configuration-1.10-1.el8ev.noarch.rpm apache-commons-jexl-2.1.1-1.el8ev.noarch.rpm apache-commons-jexl-javadoc-2.1.1-1.el8ev.noarch.rpm apache-commons-jxpath-1.3-29.el8ev.noarch.rpm apache-commons-jxpath-javadoc-1.3-29.el8ev.noarch.rpm apache-commons-vfs-2.4.1-1.el8ev.noarch.rpm apache-commons-vfs-ant-2.4.1-1.el8ev.noarch.rpm apache-commons-vfs-examples-2.4.1-1.el8ev.noarch.rpm apache-commons-vfs-javadoc-2.4.1-1.el8ev.noarch.rpm apache-sshd-2.5.1-1.el8ev.noarch.rpm apache-sshd-javadoc-2.5.1-1.el8ev.noarch.rpm ebay-cors-filter-1.0.1-4.el8ev.noarch.rpm ed25519-java-0.3.0-1.el8ev.noarch.rpm ed25519-java-javadoc-0.3.0-1.el8ev.noarch.rpm engine-db-query-1.6.1-1.el8ev.noarch.rpm java-client-kubevirt-0.5.0-1.el8ev.noarch.rpm log4j12-1.2.17-22.el8ev.noarch.rpm log4j12-javadoc-1.2.17-22.el8ev.noarch.rpm makeself-2.4.0-4.el8ev.noarch.rpm novnc-1.1.0-1.el8ost.noarch.rpm openstack-java-ceilometer-client-3.2.9-1.el8ev.noarch.rpm openstack-java-ceilometer-model-3.2.9-1.el8ev.noarch.rpm openstack-java-cinder-client-3.2.9-1.el8ev.noarch.rpm openstack-java-cinder-model-3.2.9-1.el8ev.noarch.rpm openstack-java-client-3.2.9-1.el8ev.noarch.rpm openstack-java-glance-client-3.2.9-1.el8ev.noarch.rpm openstack-java-glance-model-3.2.9-1.el8ev.noarch.rpm openstack-java-heat-client-3.2.9-1.el8ev.noarch.rpm openstack-java-heat-model-3.2.9-1.el8ev.noarch.rpm openstack-java-javadoc-3.2.9-1.el8ev.noarch.rpm openstack-java-keystone-client-3.2.9-1.el8ev.noarch.rpm openstack-java-keystone-model-3.2.9-1.el8ev.noarch.rpm openstack-java-nova-client-3.2.9-1.el8ev.noarch.rpm openstack-java-nova-model-3.2.9-1.el8ev.noarch.rpm openstack-java-quantum-client-3.2.9-1.el8ev.noarch.rpm openstack-java-quantum-model-3.2.9-1.el8ev.noarch.rpm openstack-java-resteasy-connector-3.2.9-1.el8ev.noarch.rpm openstack-java-swift-client-3.2.9-1.el8ev.noarch.rpm openstack-java-swift-model-3.2.9-1.el8ev.noarch.rpm ovirt-cockpit-sso-0.1.4-1.el8ev.noarch.rpm ovirt-engine-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-api-explorer-0.0.6-1.el8ev.noarch.rpm ovirt-engine-backend-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-dbscripts-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-dwh-4.4.1.2-1.el8ev.noarch.rpm ovirt-engine-dwh-grafana-integration-setup-4.4.1.2-1.el8ev.noarch.rpm ovirt-engine-dwh-setup-4.4.1.2-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-jdbc-1.2.0-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-ldap-setup-1.4.0-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-misc-1.1.0-1.el8ev.noarch.rpm ovirt-engine-extension-logger-log4j-1.1.0-1.el8ev.noarch.rpm ovirt-engine-extensions-api-1.0.1-1.el8ev.noarch.rpm ovirt-engine-extensions-api-javadoc-1.0.1-1.el8ev.noarch.rpm ovirt-engine-health-check-bundler-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-metrics-1.4.1.1-1.el8ev.noarch.rpm ovirt-engine-restapi-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-base-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-cinderlib-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-imageio-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-common-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-websocket-proxy-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-tools-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-tools-backup-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-ui-extensions-1.2.2-1.el8ev.noarch.rpm ovirt-engine-vmconsole-proxy-helper-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-webadmin-portal-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-websocket-proxy-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-fast-forward-upgrade-1.1.6-0.el8ev.noarch.rpm ovirt-log-collector-4.4.2-1.el8ev.noarch.rpm ovirt-scheduler-proxy-0.1.9-1.el8ev.noarch.rpm ovirt-web-ui-1.6.3-1.el8ev.noarch.rpm python-flask-doc-1.0.2-2.el8ost.noarch.rpm python2-netaddr-0.7.19-8.1.el8ost.noarch.rpm python2-pbr-5.1.2-2.el8ost.noarch.rpm python2-six-1.12.0-1.el8ost.noarch.rpm python3-aniso8601-0.82-4.el8ost.noarch.rpm python3-ansible-runner-1.4.5-1.el8ar.noarch.rpm python3-flask-1.0.2-2.el8ost.noarch.rpm python3-flask-restful-0.3.6-8.el8ost.noarch.rpm python3-netaddr-0.7.19-8.1.el8ost.noarch.rpm python3-notario-0.0.16-2.el8cp.noarch.rpm python3-ovirt-engine-lib-4.4.1.8-0.7.el8ev.noarch.rpm python3-ovsdbapp-0.17.1-0.20191216120142.206cf14.el8ost.noarch.rpm python3-pbr-5.1.2-2.el8ost.noarch.rpm python3-six-1.12.0-1.el8ost.noarch.rpm python3-websocket-client-0.54.0-1.el8ost.noarch.rpm python3-werkzeug-0.16.0-1.el8ost.noarch.rpm python3-werkzeug-doc-0.16.0-1.el8ost.noarch.rpm rhv-log-collector-analyzer-1.0.2-1.el8ev.noarch.rpm rhvm-4.4.1.8-0.7.el8ev.noarch.rpm rhvm-branding-rhv-4.4.4-1.el8ev.noarch.rpm rhvm-dependencies-4.4.0-1.el8ev.noarch.rpm rhvm-setup-plugins-4.4.2-1.el8ev.noarch.rpm snmp4j-2.4.1-1.el8ev.noarch.rpm snmp4j-javadoc-2.4.1-1.el8ev.noarch.rpm unboundid-ldapsdk-4.0.14-1.el8ev.noarch.rpm unboundid-ldapsdk-javadoc-4.0.14-1.el8ev.noarch.rpm vdsm-jsonrpc-java-1.5.4-1.el8ev.noarch.rpm ws-commons-util-1.0.2-1.el8ev.noarch.rpm ws-commons-util-javadoc-1.0.2-1.el8ev.noarch.rpm xmlrpc-client-3.1.3-1.el8ev.noarch.rpm xmlrpc-common-3.1.3-1.el8ev.noarch.rpm xmlrpc-javadoc-3.1.3-1.el8ev.noarch.rpm xmlrpc-server-3.1.3-1.el8ev.noarch.rpm x86_64: m2crypto-debugsource-0.35.2-5.el8ev.x86_64.rpm python3-m2crypto-0.35.2-5.el8ev.x86_64.rpm python3-m2crypto-debuginfo-0.35.2-5.el8ev.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-18635 https://access.redhat.com/security/cve/CVE-2019-8331 https://access.redhat.com/security/cve/CVE-2019-10086 https://access.redhat.com/security/cve/CVE-2019-13990 https://access.redhat.com/security/cve/CVE-2019-17195 https://access.redhat.com/security/cve/CVE-2019-19336 https://access.redhat.com/security/cve/CVE-2020-7598 https://access.redhat.com/security/cve/CVE-2020-10775 https://access.redhat.com/security/cve/CVE-2020-11022 https://access.redhat.com/security/cve/CVE-2020-11023 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/technical_notes 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXylir9zjgjWX9erEAQii/A//bJm3u0+ul+LdQwttSJJ79OdVqcp3FktP tdPj8AFbB6F9KkuX9FAQja0/2pgZAldB3Eyz57GYTxyDD1qeMqYSayGHCH01GWAn u8uF90lcSz6YvgEPDh1mWhLYQMfdWT6IUuKOEHldt8TyHbc7dX3xCbsLDzNCxGbl QuPSFPQBJaAXETSw42NGzdUzaM9zoQ0Mngj+Owcgw53YyBy3BSLAb5bKuijvkcLy SVCAxxiQ89E+cnETKYIv4dOfqXGA5wLg68hDmUQyFcXHA9nQbJM9Q0s1fbZ2Wav1 oGGTqJDTgVElxrHB5pYJ6pu484ZgJealkBCrHA2OBsMJUadwitVvQLXFZF5OyN0N f/vtZ1ua4mZADa61qfnlmVRiyISwmPPWIOImA3TIE5Q8Yl5ucCqtDjQPoJAbXsUl Y22Bb5x7JyrN0nyOgwh6BGGK51CmOaP+xNuWD7osI24pnzdmPTZuJrZLePxgPgac WWQNznzvokknva2ofvujAm+DEl+W7W3A8Vs9wkmUWYlaVC7GFLEkcvQjjHahZ7kh dVJNoh70vpA+aJCMQHYK6MGtCSAWoqXkRTsHb3Stfm2vLLz6GYxY5OuvB7Z0ME1N zCiFjBla5+3nKx5ab8Pola56T1wRULHL6zYN9GTsOzxjdJsKHXBVeV8OYcnoHiza 2TrKn2dtZwI= =92Q3 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . The purpose of this text-only errata is to inform you about the security issues fixed in this release. Solution: Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. Installation instructions are available from the Fuse 7.11.1 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/ 4. Bugs fixed (https://bugzilla.redhat.com/): 1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute 1991305 - CVE-2021-3717 wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users 2055496 - CVE-2022-0613 urijs: Authorization Bypass Through User-Controlled Key 2062370 - CVE-2022-24723 urijs: Leading white space bypasses protocol validation 2066009 - CVE-2021-44906 minimist: prototype pollution 2072009 - CVE-2022-24785 Moment.js: Path traversal in moment.locale 2087186 - CVE-2022-24823 netty: world readable temporary file containing sensitive data 2095862 - CVE-2022-2053 undertow: Large AJP request may cause DoS 2102695 - CVE-2021-31684 json-smart: Denial of Service in JSONParserByteArray function 2105067 - CVE-2022-33980 apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS 2116952 - CVE-2022-2048 http2-server: Invalid HTTP/2 requests cause DoS 2126789 - CVE-2022-25857 snakeyaml: Denial of Service due to missing nested depth limitation for collections 2129428 - CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names 2129706 - CVE-2022-38749 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode 2135435 - CVE-2022-42889 apache-commons-text: variable interpolation RCE 2136141 - CVE-2022-41853 hsqldb: Untrusted input may lead to RCE attack 5. Description: Bootstrap style library packaged for setuptools (easy_install) / pip. Security Fix(es): * XSS in the tooltip or popover data-template attribute (CVE-2019-8331) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Description: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es): * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) * jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041) * sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047) * woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * nodejs-moment: Regular expression denial of service (CVE-2017-18214) * wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143) * jackson-databind: use of deeply nested arrays (CVE-2022-42004) * jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003) * jettison: parser crash by stackoverflow (CVE-2022-40149) * jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150) * jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693) * CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364) 4. JIRA issues fixed (https://issues.jboss.org/): JBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001 JBEAP-23865 - [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001 JBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001 JBEAP-23927 - Tracker bug for the EAP 7.4.9 release for RHEL-8 JBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001 JBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001 JBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001 JBEAP-24100 - [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001 JBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value JBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001 JBEAP-24132 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001 JBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001 JBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002 JBEAP-24191 - [GSS](7.4.z) Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001 JBEAP-24195 - [GSS](7.4.z) Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001 JBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003 JBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2 JBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001 JBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001 7
var-202210-0043 The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. Node.js Foundation of Node.js For products from other vendors, HTTP There is a vulnerability related to request smuggling.Information may be obtained and information may be tampered with. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: nodejs:16 security update Advisory ID: RHSA-2022:6964-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:6964 Issue date: 2022-10-17 CVE Names: CVE-2022-35255 CVE-2022-35256 ==================================================================== 1. Summary: An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16. Security Fix(es): * nodejs: weak randomness in WebCrypto keygen (CVE-2022-35255) * nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2130517 - CVE-2022-35255 nodejs: weak randomness in WebCrypto keygen 2130518 - CVE-2022-35256 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: nodejs-16.17.1-1.module+el8.6.0+16848+a483195a.src.rpm nodejs-nodemon-2.0.19-2.module+el8.6.0+16240+7ca51420.src.rpm nodejs-packaging-25-1.module+el8.5.0+10992+fac5fe06.src.rpm aarch64: nodejs-16.17.1-1.module+el8.6.0+16848+a483195a.aarch64.rpm nodejs-debuginfo-16.17.1-1.module+el8.6.0+16848+a483195a.aarch64.rpm nodejs-debugsource-16.17.1-1.module+el8.6.0+16848+a483195a.aarch64.rpm nodejs-devel-16.17.1-1.module+el8.6.0+16848+a483195a.aarch64.rpm nodejs-full-i18n-16.17.1-1.module+el8.6.0+16848+a483195a.aarch64.rpm npm-8.15.0-1.16.17.1.1.module+el8.6.0+16848+a483195a.aarch64.rpm noarch: nodejs-docs-16.17.1-1.module+el8.6.0+16848+a483195a.noarch.rpm nodejs-nodemon-2.0.19-2.module+el8.6.0+16240+7ca51420.noarch.rpm nodejs-packaging-25-1.module+el8.5.0+10992+fac5fe06.noarch.rpm ppc64le: nodejs-16.17.1-1.module+el8.6.0+16848+a483195a.ppc64le.rpm nodejs-debuginfo-16.17.1-1.module+el8.6.0+16848+a483195a.ppc64le.rpm nodejs-debugsource-16.17.1-1.module+el8.6.0+16848+a483195a.ppc64le.rpm nodejs-devel-16.17.1-1.module+el8.6.0+16848+a483195a.ppc64le.rpm nodejs-full-i18n-16.17.1-1.module+el8.6.0+16848+a483195a.ppc64le.rpm npm-8.15.0-1.16.17.1.1.module+el8.6.0+16848+a483195a.ppc64le.rpm s390x: nodejs-16.17.1-1.module+el8.6.0+16848+a483195a.s390x.rpm nodejs-debuginfo-16.17.1-1.module+el8.6.0+16848+a483195a.s390x.rpm nodejs-debugsource-16.17.1-1.module+el8.6.0+16848+a483195a.s390x.rpm nodejs-devel-16.17.1-1.module+el8.6.0+16848+a483195a.s390x.rpm nodejs-full-i18n-16.17.1-1.module+el8.6.0+16848+a483195a.s390x.rpm npm-8.15.0-1.16.17.1.1.module+el8.6.0+16848+a483195a.s390x.rpm x86_64: nodejs-16.17.1-1.module+el8.6.0+16848+a483195a.x86_64.rpm nodejs-debuginfo-16.17.1-1.module+el8.6.0+16848+a483195a.x86_64.rpm nodejs-debugsource-16.17.1-1.module+el8.6.0+16848+a483195a.x86_64.rpm nodejs-devel-16.17.1-1.module+el8.6.0+16848+a483195a.x86_64.rpm nodejs-full-i18n-16.17.1-1.module+el8.6.0+16848+a483195a.x86_64.rpm npm-8.15.0-1.16.17.1.1.module+el8.6.0+16848+a483195a.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-35255 https://access.redhat.com/security/cve/CVE-2022-35256 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY01tM9zjgjWX9erEAQgRRw/8DdK1QObq3so9+4ybaPFjCpdytAyNFy2E vrWNb7xRSO8myrQJ3cspxWMgRgfjMeJYPL8MT7iolW0SMWPd3uNMIh6ej3nK6zo+ BqHGgPBB2+knIF9ApMxW+2OpQAl4j0ICOeyLinqUXsyzDqPUOdW5kgNIPog668tc VsxB2Lt7pAJcpNkmwx6gvU5aZ6rWOUeNKyjAnat5AJPUx+NbtOtFWymivlPKCNWg bcGktfXz22tAixuEih9pC+YrPbJ++AHg5lZbK35uHBeGe7i9OdhbH8lbGrV5+0Vo 3DOlVTvuofjPZr0Ft50ChMsgsc/3pmBTXZOEfLrNHIMlJ2sHsP/3ZQ4hUmYYI3xs BF6HmgS4d3rEybSyXjqkQHKvSEi8KxBcs0y8RrvZeEUOfwTPwdaWKIhlzzn3lGYm a4iPlYzfCTfV4h2YdLvNE0hcOeaChiPVWvVxb9aV9XUW2ibWyHPSlJpBoP1UjMW4 8T0tYn6hUUWhWWT4cra5ipEjCmU9YfhdFsjoqKS/KFNA7kD94NSqWcbPs+3XnKbT l2IjXb8aBpn2Yykq1u4t12VEJCnKeTEUt43/LAlXW1mkNV3OQ2bPl2qwdEPTQxDP WBoK9aPtqD6W3VyuNza3VItmZKYw7nHtZL40YpvbdA6XtmlHZF6bFEiLdSwNduaV jippDtM0Pgw=vFcS -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Bugs fixed (https://bugzilla.redhat.com/): 2066009 - CVE-2021-44906 minimist: prototype pollution 2130518 - CVE-2022-35256 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields 2134609 - CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function 2140911 - CVE-2022-43548 nodejs: DNS rebinding in inspect via invalid octal IP address 2142823 - nodejs:14/nodejs: Rebase to the latest Nodejs 14 release [rhel-8] [rhel-8.4.0.z] 2150323 - CVE-2022-24999 express: "qs" prototype poisoning causes the hang of the node process 2156324 - CVE-2021-35065 glob-parent: Regular Expression Denial of Service 2165824 - CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability 2168631 - CVE-2022-4904 c-ares: buffer overflow in config_sortlist() due to missing string length check 2170644 - CVE-2022-38900 decode-uri-component: improper input validation resulting in DoS 2171935 - CVE-2023-23918 Node.js: Permissions policies can be bypassed via process.mainModule 2172217 - CVE-2023-23920 Node.js: insecure loading of ICU data through ICU_DATA environment variable 2175828 - nodejs:14/nodejs: Rebase to the latest Nodejs 14 release [rhel-8] [rhel-8.4.0.z] 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5326-1 security@debian.org https://www.debian.org/security/ Aron Xu January 24, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nodejs CVE ID : CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 CVE-2022-35255 CVE-2022-35256 CVE-2022-43548 Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup. For the stable distribution (bullseye), these problems have been fixed in version 12.22.12~dfsg-1~deb11u3. We recommend that you upgrade your nodejs packages. For the detailed security status of nodejs please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nodejs Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPQNhIACgkQEMKTtsN8 TjaRmA/+KDFkQcd2sE/eAAx9cVikICNkfu7uIVKHpeDH9o5oq5M2nj4zHJCeAArp WblguyZwEtqzAOO2WesbrmwfXLmglhrNZwRMOrsbu63JxSnecp7qcMwR8A4JWdmd Txb4aZr6Prmwq6fT0G3K6oV8Hw+OeqYA/RZKenxtkBf/jdzVahGJHJ/NrFKKWVQW xbqHwCkP7uUlm+5UR5XzNrodTRCQYHJvUmDUrjEOjM6x+sqYirKWiERN0A14kVn9 0Ufrw6+Z2tKhdKFZfU1BtDthhlH/nybz0h3aHsk+E5/vx20WAURiCEDVi7nf8+Rf EtbCxaqV+/xVoPmXStHY/ogCo8CgRVsyYUIemgi4q5LwVx/Oqjm2CJ/xCwOKh0E2 idXLJfLSpxxBe598MUn9iKbnFFCN9DQZXf7BYs3djtn8ALFVBSHZSF1QXFoFQ86w Y9xGhBQzfEgCoEW7H4S30ZQ+Gz+ZnOMCSH+MKIMtSpqbc7wLtrKf839DO6Uux7B7 u0WR3lZlsihi92QKq9X/VRkyy8ZiA2TYy3IE+KDKlXDHKls9FR9BUClYe9L8RiRu boP8KPFUHUsSVaTzkufMStdKkcXCqgj/6KhJL6E9ZunTBpTmqx1Ty7/N2qktLFnH ujrffzV3rCE6eIg7ps8OdZbjCfqUqmQk9/pV6ZDjymqjZ1LKZDs\xfeRn -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6491-1 November 21, 2023 nodejs vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in Node.js. Software Description: - nodejs: An open-source, cross-platform JavaScript runtime environment. Details: Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-32212) Zeyu Zhang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-32213, CVE-2022-32214, CVE-2022-32215) It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-35256) It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-43548) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: libnode-dev 12.22.9~dfsg-1ubuntu3.2 libnode72 12.22.9~dfsg-1ubuntu3.2 nodejs 12.22.9~dfsg-1ubuntu3.2 nodejs-doc 12.22.9~dfsg-1ubuntu3.2 Ubuntu 20.04 LTS: libnode-dev 10.19.0~dfsg-3ubuntu1.3 libnode64 10.19.0~dfsg-3ubuntu1.3 nodejs 10.19.0~dfsg-3ubuntu1.3 nodejs-doc 10.19.0~dfsg-3ubuntu1.3 Ubuntu 18.04 LTS (Available with Ubuntu Pro): nodejs 8.10.0~dfsg-2ubuntu0.4+esm4 nodejs-dev 8.10.0~dfsg-2ubuntu0.4+esm4 nodejs-doc 8.10.0~dfsg-2ubuntu0.4+esm4 In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202405-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Node.js: Multiple Vulnerabilities Date: May 08, 2024 Bugs: #772422, #781704, #800986, #805053, #807775, #811273, #817938, #831037, #835615, #857111, #865627, #872692, #879617, #918086, #918614 ID: 202405-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Node.js. Background ========= Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Affected packages ================ Package Vulnerable Unaffected --------------- ------------ ------------ net-libs/nodejs < 16.20.2 >= 16.20.2 Description ========== Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Node.js 20 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/nodejs-20.5.1" All Node.js 18 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/nodejs-18.17.1" All Node.js 16 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/nodejs-16.20.2" References ========= [ 1 ] CVE-2020-7774 https://nvd.nist.gov/vuln/detail/CVE-2020-7774 [ 2 ] CVE-2021-3672 https://nvd.nist.gov/vuln/detail/CVE-2021-3672 [ 3 ] CVE-2021-22883 https://nvd.nist.gov/vuln/detail/CVE-2021-22883 [ 4 ] CVE-2021-22884 https://nvd.nist.gov/vuln/detail/CVE-2021-22884 [ 5 ] CVE-2021-22918 https://nvd.nist.gov/vuln/detail/CVE-2021-22918 [ 6 ] CVE-2021-22930 https://nvd.nist.gov/vuln/detail/CVE-2021-22930 [ 7 ] CVE-2021-22931 https://nvd.nist.gov/vuln/detail/CVE-2021-22931 [ 8 ] CVE-2021-22939 https://nvd.nist.gov/vuln/detail/CVE-2021-22939 [ 9 ] CVE-2021-22940 https://nvd.nist.gov/vuln/detail/CVE-2021-22940 [ 10 ] CVE-2021-22959 https://nvd.nist.gov/vuln/detail/CVE-2021-22959 [ 11 ] CVE-2021-22960 https://nvd.nist.gov/vuln/detail/CVE-2021-22960 [ 12 ] CVE-2021-37701 https://nvd.nist.gov/vuln/detail/CVE-2021-37701 [ 13 ] CVE-2021-37712 https://nvd.nist.gov/vuln/detail/CVE-2021-37712 [ 14 ] CVE-2021-39134 https://nvd.nist.gov/vuln/detail/CVE-2021-39134 [ 15 ] CVE-2021-39135 https://nvd.nist.gov/vuln/detail/CVE-2021-39135 [ 16 ] CVE-2021-44531 https://nvd.nist.gov/vuln/detail/CVE-2021-44531 [ 17 ] CVE-2021-44532 https://nvd.nist.gov/vuln/detail/CVE-2021-44532 [ 18 ] CVE-2021-44533 https://nvd.nist.gov/vuln/detail/CVE-2021-44533 [ 19 ] CVE-2022-0778 https://nvd.nist.gov/vuln/detail/CVE-2022-0778 [ 20 ] CVE-2022-3602 https://nvd.nist.gov/vuln/detail/CVE-2022-3602 [ 21 ] CVE-2022-3786 https://nvd.nist.gov/vuln/detail/CVE-2022-3786 [ 22 ] CVE-2022-21824 https://nvd.nist.gov/vuln/detail/CVE-2022-21824 [ 23 ] CVE-2022-32212 https://nvd.nist.gov/vuln/detail/CVE-2022-32212 [ 24 ] CVE-2022-32213 https://nvd.nist.gov/vuln/detail/CVE-2022-32213 [ 25 ] CVE-2022-32214 https://nvd.nist.gov/vuln/detail/CVE-2022-32214 [ 26 ] CVE-2022-32215 https://nvd.nist.gov/vuln/detail/CVE-2022-32215 [ 27 ] CVE-2022-32222 https://nvd.nist.gov/vuln/detail/CVE-2022-32222 [ 28 ] CVE-2022-35255 https://nvd.nist.gov/vuln/detail/CVE-2022-35255 [ 29 ] CVE-2022-35256 https://nvd.nist.gov/vuln/detail/CVE-2022-35256 [ 30 ] CVE-2022-35948 https://nvd.nist.gov/vuln/detail/CVE-2022-35948 [ 31 ] CVE-2022-35949 https://nvd.nist.gov/vuln/detail/CVE-2022-35949 [ 32 ] CVE-2022-43548 https://nvd.nist.gov/vuln/detail/CVE-2022-43548 [ 33 ] CVE-2023-30581 https://nvd.nist.gov/vuln/detail/CVE-2023-30581 [ 34 ] CVE-2023-30582 https://nvd.nist.gov/vuln/detail/CVE-2023-30582 [ 35 ] CVE-2023-30583 https://nvd.nist.gov/vuln/detail/CVE-2023-30583 [ 36 ] CVE-2023-30584 https://nvd.nist.gov/vuln/detail/CVE-2023-30584 [ 37 ] CVE-2023-30586 https://nvd.nist.gov/vuln/detail/CVE-2023-30586 [ 38 ] CVE-2023-30587 https://nvd.nist.gov/vuln/detail/CVE-2023-30587 [ 39 ] CVE-2023-30588 https://nvd.nist.gov/vuln/detail/CVE-2023-30588 [ 40 ] CVE-2023-30589 https://nvd.nist.gov/vuln/detail/CVE-2023-30589 [ 41 ] CVE-2023-30590 https://nvd.nist.gov/vuln/detail/CVE-2023-30590 [ 42 ] CVE-2023-32002 https://nvd.nist.gov/vuln/detail/CVE-2023-32002 [ 43 ] CVE-2023-32003 https://nvd.nist.gov/vuln/detail/CVE-2023-32003 [ 44 ] CVE-2023-32004 https://nvd.nist.gov/vuln/detail/CVE-2023-32004 [ 45 ] CVE-2023-32005 https://nvd.nist.gov/vuln/detail/CVE-2023-32005 [ 46 ] CVE-2023-32006 https://nvd.nist.gov/vuln/detail/CVE-2023-32006 [ 47 ] CVE-2023-32558 https://nvd.nist.gov/vuln/detail/CVE-2023-32558 [ 48 ] CVE-2023-32559 https://nvd.nist.gov/vuln/detail/CVE-2023-32559 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202405-29 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5
var-200809-0187 Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving a search for a remote disk on the local network. Apple Mac OS X Leopard does not accurately reflect which files and directories are available via sharing. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. The security update addresses a total of 17 new vulnerabilities that affect the Apple Type Services, Directory Services, Finder, ImageIO, Kernel, Login Windows, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference, and Wiki Server components of Mac OS X. The advisory also contains security updates for 17 previously reported issues. An attacker with access to the local network can cause the Finder to quit immediately after launching. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA15895 VERIFY ADVISORY: http://secunia.com/advisories/15895/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/ DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA15852 SOLUTION: Update to version 3.21. http://sourceforge.net/project/showfiles.php?group_id=66479 OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-202203-0664 BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. (CVE-2021-25220) By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. (CVE-2022-2795) By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38177) By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38178). ========================================================================== Ubuntu Security Notice USN-5332-1 March 17, 2022 bind9 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Bind. Software Description: - bind9: Internet Domain Name Server Details: Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. (CVE-2021-25220) It was discovered that Bind incorrectly handled certain crafted TCP streams. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2022-0396) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: bind9 1:9.16.15-1ubuntu1.2 Ubuntu 20.04 LTS: bind9 1:9.16.1-0ubuntu2.10 Ubuntu 18.04 LTS: bind9 1:9.11.3+dfsg-1ubuntu1.17 In general, a standard system update will make all the necessary changes. For the oldstable distribution (buster), this problem has been fixed in version 1:9.11.5.P4+dfsg-5.1+deb10u7. For the stable distribution (bullseye), this problem has been fixed in version 1:9.16.27-1~deb11u1. We recommend that you upgrade your bind9 packages. For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmI010UACgkQEMKTtsN8 Tjbp3xAAil38qfAIdNkaIxY2bauvTyZDWzr6KUjph0vzmLEoAFQ3bysVSGlCnZk9 IgdyfPRWQ+Bjau1/dlhNYaTlnQajbeyvCXfJcjRRgtUDCp7abZcOcb1WDu8jWLGW iRtKsvKKrTKkIou5LgDlyqZyf6OzjgRdwtm86GDPQiCaSEpmbRt+APj5tkIA9R1G ELWuZsjbIraBU0TsNfOalgNpAWtSBayxKtWB69J8rxUV69JI194A4AJ0wm9SPpFV G/TzlyHp1dUZJRLNmZOZU/dq4pPsXzh9I4QCg1kJWsVHe2ycAJKho6hr5iy43fNl MuokfI9YnU6/9SjHrQAWp1X/6MYCR8NieJ933W89/Zb8eTjTZC8EQGo6fkA287G8 glQOrJHMQyV+b97lT67+ioTHNzTEBXTih7ZDeC1TlLqypCNYhRF/ll0Hx/oeiJFU rbjh2Og9huhD5JH8z8YAvY2g81e7KdPxazuKJnQpxGutqddCuwBvyI9fovYrah9W bYD6rskLZM2x90RI2LszHisl6FV5k37PaczamlRqGgbbMb9YlnDFjJUbM8rZZgD4 +8u/AkHq2+11pTtZ40NYt1gpdidmIC/gzzha2TfZCHMs44KPMMdH+Fid1Kc6/Cq8 QygtL4M387J9HXUrlN7NDUOrDVuVqfBG+ve3i9GCZzYjwtajTAQ= =6st2 -----END PGP SIGNATURE----- . 8) - aarch64, ppc64le, s390x, x86_64 3. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202210-25 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: ISC BIND: Multiple Vulnerabilities Date: October 31, 2022 Bugs: #820563, #835439, #872206 ID: 202210-25 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/bind < 9.16.33 >= 9.16.33 2 net-dns/bind-tools < 9.16.33 >= 9.16.33 Description =========== Multiple vulnerabilities have been discovered in ISC BIND. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All ISC BIND users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.16.33" All ISC BIND-tools users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-tools-9.16.33" References ========== [ 1 ] CVE-2021-25219 https://nvd.nist.gov/vuln/detail/CVE-2021-25219 [ 2 ] CVE-2021-25220 https://nvd.nist.gov/vuln/detail/CVE-2021-25220 [ 3 ] CVE-2022-0396 https://nvd.nist.gov/vuln/detail/CVE-2022-0396 [ 4 ] CVE-2022-2795 https://nvd.nist.gov/vuln/detail/CVE-2022-2795 [ 5 ] CVE-2022-2881 https://nvd.nist.gov/vuln/detail/CVE-2022-2881 [ 6 ] CVE-2022-2906 https://nvd.nist.gov/vuln/detail/CVE-2022-2906 [ 7 ] CVE-2022-3080 https://nvd.nist.gov/vuln/detail/CVE-2022-3080 [ 8 ] CVE-2022-38177 https://nvd.nist.gov/vuln/detail/CVE-2022-38177 [ 9 ] CVE-2022-38178 https://nvd.nist.gov/vuln/detail/CVE-2022-38178 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202210-25 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: bind security update Advisory ID: RHSA-2023:0402-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0402 Issue date: 2023-01-24 CVE Names: CVE-2021-25220 CVE-2022-2795 ==================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: processing large delegations may severely degrade resolver performance (CVE-2022-2795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability 2128584 - CVE-2022-2795 bind: processing large delegations may severely degrade resolver performance 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: bind-9.11.4-26.P2.el7_9.13.src.rpm noarch: bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bind-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: bind-9.11.4-26.P2.el7_9.13.src.rpm noarch: bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bind-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.11.4-26.P2.el7_9.13.src.rpm noarch: bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm ppc64: bind-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.ppc.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-libs-9.11.4-26.P2.el7_9.13.ppc.rpm bind-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-utils-9.11.4-26.P2.el7_9.13.ppc64.rpm ppc64le: bind-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-chroot-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-utils-9.11.4-26.P2.el7_9.13.ppc64le.rpm s390x: bind-9.11.4-26.P2.el7_9.13.s390x.rpm bind-chroot-9.11.4-26.P2.el7_9.13.s390x.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.s390.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.s390x.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.s390.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.s390x.rpm bind-libs-9.11.4-26.P2.el7_9.13.s390.rpm bind-libs-9.11.4-26.P2.el7_9.13.s390x.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.s390.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.s390x.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.s390x.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.s390.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.s390x.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.s390x.rpm bind-utils-9.11.4-26.P2.el7_9.13.s390x.rpm x86_64: bind-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-devel-9.11.4-26.P2.el7_9.13.ppc.rpm bind-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.ppc.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.ppc64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.ppc64.rpm ppc64le: bind-debuginfo-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-sdb-9.11.4-26.P2.el7_9.13.ppc64le.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.ppc64le.rpm s390x: bind-debuginfo-9.11.4-26.P2.el7_9.13.s390.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.s390x.rpm bind-devel-9.11.4-26.P2.el7_9.13.s390.rpm bind-devel-9.11.4-26.P2.el7_9.13.s390x.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.s390.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.s390x.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.s390.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.s390x.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.s390.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.s390x.rpm bind-sdb-9.11.4-26.P2.el7_9.13.s390x.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.s390x.rpm x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: bind-9.11.4-26.P2.el7_9.13.src.rpm noarch: bind-license-9.11.4-26.P2.el7_9.13.noarch.rpm x86_64: bind-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.13.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-25220 https://access.redhat.com/security/cve/CVE-2022-2795 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY9AIs9zjgjWX9erEAQiz9BAAiQvmAQ5DWdOQbHHizPAHBnKnBtNBfCT3 iaAzKQ0Yrpk26N9cdrvcBJwdrHpI28VJ3eemFUxQFseUqtAErsgfL4QqnjPjQgsp U2qLPjqbzfOrbi1CuruMMIIbtxfwvsdic8OB9Zi7XzfZjWm2X4c6Ima+QXol6x9a 8J2qdzCqhoYUXJgdpVK9nAAGsPtidcnqLYYIcTclJArp6uRSlEEk7EbNJvs2SAbj MUo5aq5BoVy2TkiMyqhT5voy6K8f4c7WbQYerNieps18541ZSr29fAzWBznr3Yns gE10Aaoa8uCxlaexFR8EahPVYe6wJAm6R62LBabEWChbzW0oxr7X2DdzX9eiOwl0 wJT0n4GHoFsCGMa+v1yybkjHIUfiW25WC7bC4QDj4fjTpbicVlnttXhQJwCJK5bb PC27GE6qi7EqwHYJa/jPenbIG38mXj/r2bwIr1qYQMLjQ8BQIneShky3ZWE4l/jd zTMwGVal8ACBYdCALx/O9QNyzaO92xHLnKl3DIoqaQdjasIfGp/G6Xc1YggKyZAP VVtXPiOIbReBVNWiBXMH1ZEQeNon4su0/MbMWrmJpwvEzYeXkuWO98LZ4dlLVuim NG/dJ6RqzT6/aqRNVyOt5s4SLIQ5DrPXoPnZRUBsbpWhP6lxPhESKA0TUg5FYz33 eDGIrZR4jEY=azJw -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. The following advisory data is extracted from: https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2720.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment
var-201109-0214 Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles. Used in multiple products Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, perform spoofing attacks, and bypass the same-origin policy; other attacks may also be possible. Versions prior to Chrome 14.0.835.163 are vulnerable. Google Chrome is a web browser developed by Google (Google). These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed through an improved domain name validity check. This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies" preference in Safari was set to the default setting of "From third parties and advertisers". CVE-ID CVE-2012-0640 : nshah WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later Impact: HTTP authentication credentials may be inadvertently disclosed to another site Description: If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-03-07-2 iOS 5.1 Software Update iOS 5.1 Software Update is now available and addresses the following: CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. CVE-ID CVE-2012-0641 : Erling Ellingsen of Facebook HFS Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution Description: An integer underflow existed with the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g Kernel Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. CVE-ID CVE-2012-0643 : 2012 iOS Jailbreak Dream Team libresolv Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive Passcode Lock Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen. CVE-ID CVE-2012-0644 : Roland Kohler of the German Federal Ministry of Economics and Technology Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Web page visits may be recorded in browser history even when Private Browsing is active Description: Safari's Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active. CVE-ID CVE-2012-0585 : Eric Melville of American Express Siri Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: An attacker with physical access to a locked phone could get access to frontmost email message Description: A design issue existed in Siri's lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen. CVE-ID CVE-2012-0645 VPN Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges Description: A format string vulnerability existed in the handling of racoon configuration files. CVE-ID CVE-2012-0646 : pod2g WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of cookies Description: A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. CVE-ID CVE-2011-3887 : Sergey Glazunov WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack Description: A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins. CVE-ID CVE-2012-0590 : Adam Barth of Google Chrome Security Team WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-origin issues existed in WebKit. CVE-ID CVE-2011-3881 : Sergey Glazunov CVE-2012-0586 : Sergey Glazunov CVE-2012-0587 : Sergey Glazunov CVE-2012-0588 : Jochen Eisinger of Google Chrome Team CVE-2012-0589 : Alan Austin of polyvore.com WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-2833 : Apple CVE-2011-2846 : Arthur Gerkis, miaubiz CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense VCP CVE-2011-2857 : miaubiz CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2867 : Dirk Schulze CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2877 : miaubiz CVE-2011-3885 : miaubiz CVE-2011-3888 : miaubiz CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative CVE-2011-3908 : Aki Helin of OUSPG CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2012-0591 : miaubiz, and Martin Barbella CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day Initiative CVE-2012-0593 : Lei Zhang of the Chromium development community CVE-2012-0594 : Adam Klein of the Chromium development community CVE-2012-0595 : Apple CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0597 : miaubiz CVE-2012-0598 : Sergey Glazunov CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG, Apple CVE-2012-0601 : Apple CVE-2012-0602 : Apple CVE-2012-0603 : Apple CVE-2012-0604 : Apple CVE-2012-0605 : Apple CVE-2012-0606 : Apple CVE-2012-0607 : Apple CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0611 : Martin Barbella using AddressSanitizer CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0615 : Martin Barbella using AddressSanitizer CVE-2012-0616 : miaubiz CVE-2012-0617 : Martin Barbella using AddressSanitizer CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0621 : Martin Barbella using AddressSanitizer CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome Security Team CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0624 : Martin Barbella using AddressSanitizer CVE-2012-0625 : Martin Barbella CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0627 : Apple CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0630 : Sergio Villar Senin of Igalia CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using AddressSanitizer CVE-2012-0633 : Apple CVE-2012-0635 : Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer Installation note: This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad. The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "5.1". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq 4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90 HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6 7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY= =qPeE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Chromium, V8: Multiple vulnerabilities Date: November 01, 2011 Bugs: #351525, #353626, #354121, #356933, #357963, #358581, #360399, #363629, #365125, #366335, #367013, #368649, #370481, #373451, #373469, #377475, #377629, #380311, #380897, #381713, #383251, #385649, #388461 ID: 201111-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation. Background ========== Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 15.0.874.102 >= 15.0.874.102 2 dev-lang/v8 < 3.5.10.22 >= 3.5.10.22 ------------------------------------------------------------------- 2 affected packages ------------------------------------------------------------------- Description =========== Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A local attacker could gain root privileges (CVE-2011-1444, fixed in chromium-11.0.696.57). A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102" All V8 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22" References ========== [ 1 ] CVE-2011-2345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345 [ 2 ] CVE-2011-2346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346 [ 3 ] CVE-2011-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347 [ 4 ] CVE-2011-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348 [ 5 ] CVE-2011-2349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349 [ 6 ] CVE-2011-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350 [ 7 ] CVE-2011-2351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351 [ 8 ] CVE-2011-2834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834 [ 9 ] CVE-2011-2835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835 [ 10 ] CVE-2011-2837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837 [ 11 ] CVE-2011-2838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838 [ 12 ] CVE-2011-2839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839 [ 13 ] CVE-2011-2840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840 [ 14 ] CVE-2011-2841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841 [ 15 ] CVE-2011-2843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843 [ 16 ] CVE-2011-2844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844 [ 17 ] CVE-2011-2845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845 [ 18 ] CVE-2011-2846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846 [ 19 ] CVE-2011-2847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847 [ 20 ] CVE-2011-2848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848 [ 21 ] CVE-2011-2849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849 [ 22 ] CVE-2011-2850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850 [ 23 ] CVE-2011-2851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851 [ 24 ] CVE-2011-2852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852 [ 25 ] CVE-2011-2853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853 [ 26 ] CVE-2011-2854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854 [ 27 ] CVE-2011-2855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855 [ 28 ] CVE-2011-2856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856 [ 29 ] CVE-2011-2857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857 [ 30 ] CVE-2011-2858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858 [ 31 ] CVE-2011-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859 [ 32 ] CVE-2011-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860 [ 33 ] CVE-2011-2861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861 [ 34 ] CVE-2011-2862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862 [ 35 ] CVE-2011-2864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864 [ 36 ] CVE-2011-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874 [ 37 ] CVE-2011-3234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234 [ 38 ] CVE-2011-3873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873 [ 39 ] CVE-2011-3875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875 [ 40 ] CVE-2011-3876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876 [ 41 ] CVE-2011-3877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877 [ 42 ] CVE-2011-3878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878 [ 43 ] CVE-2011-3879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879 [ 44 ] CVE-2011-3880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880 [ 45 ] CVE-2011-3881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881 [ 46 ] CVE-2011-3882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882 [ 47 ] CVE-2011-3883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883 [ 48 ] CVE-2011-3884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884 [ 49 ] CVE-2011-3885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885 [ 50 ] CVE-2011-3886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886 [ 51 ] CVE-2011-3887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887 [ 52 ] CVE-2011-3888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888 [ 53 ] CVE-2011-3889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889 [ 54 ] CVE-2011-3890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890 [ 55 ] CVE-2011-3891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891 [ 56 ] Release Notes 10.0.648.127 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html [ 57 ] Release Notes 10.0.648.133 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html [ 58 ] Release Notes 10.0.648.205 http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html [ 59 ] Release Notes 11.0.696.57 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html [ 60 ] Release Notes 11.0.696.65 http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html [ 61 ] Release Notes 11.0.696.68 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html [ 62 ] Release Notes 11.0.696.71 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html [ 63 ] Release Notes 12.0.742.112 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html [ 64 ] Release Notes 12.0.742.91 http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html [ 65 ] Release Notes 13.0.782.107 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html [ 66 ] Release Notes 13.0.782.215 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html [ 67 ] Release Notes 13.0.782.220 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html [ 68 ] Release Notes 14.0.835.163 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html [ 69 ] Release Notes 14.0.835.202 http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html [ 70 ] Release Notes 15.0.874.102 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html [ 71 ] Release Notes 8.0.552.237 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html [ 72 ] Release Notes 9.0.597.107 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html [ 73 ] Release Notes 9.0.597.84 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html [ 74 ] Release Notes 9.0.597.94 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201111-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5
var-200901-0466 The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. Weaknesses in the MD5 algorithm allow for collisions in output. As a result, attackers can generate cryptographic tokens or other data that illegitimately appear to be authentic. Is a one-way hash function MD5 Outputs a value called a fixed-length message digest from the input value. A secure hash function must be extremely difficult to find an input value that corresponds to a particular message digest. That the same message digest is output from different inputs. " collision " Call it. 1996 From the year MD5 Attack methods that exploit the lack of collision resistance of algorithms have been reported. After that, this attack technique X.509 It can be used to forge certificates, 2008 A year CA Based on a certificate signed by CA It was reported that the certificate was successfully forged. MD5 Products that use the algorithm are affected.MD5 There are various effects depending on the usage pattern. As an example, forged SSL Trusting a malicious website using a certificate may cause information leakage. Attackers may take advantage of this issue to generate pairs of different, valid X.509 certificates that share a common signature. An attacker is most likely to exploit this issue to conduct phishing attacks or to impersonate legitimate sites by taking advantage of malicious certificates. Other attacks are likely possible. - HPE iMC PLAT - Please refer to the RESOLUTION below for a list of impacted products. All product versions are impacted prior to the fixed version listed. + **iMC PLAT - Version: IMC PLAT 7.2, E0403P10** - JD125A HP IMC Std S/W Platform w/100-node - JD126A HP IMC Ent S/W Platform w/100-node - JD808A HP IMC Ent Platform w/100-node License - JD814A HP A-IMC Enterprise Edition Software DVD Media - JD815A HP IMC Std Platform w/100-node License - JD816A HP A-IMC Standard Edition Software DVD Media - JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU - JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU - JF377A HP IMC Std S/W Platform w/100-node Lic - JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU - JF378A HP IMC Ent S/W Platform w/200-node Lic - JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU - JG546AAE HP IMC Basic SW Platform w/50-node E-LTU - JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU - JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU - JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU - JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU - JG550AAE HPE PCM+ Mobility Manager to IMC Basic WLAN Platform Upgrade 50-node and 150-AP E-LTU - JG590AAE HPE IMC Basic WLAN Manager Software Platform 50 Access Point E-LTU - JG660AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU - JG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU - JG767AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU - JG768AAE HPE PCM+ to IMC Standard Software Platform Upgrade with 200-node E-LTU **Note:** Please contact HPE Technical Support if any assistance is needed acquiring the software updates. HISTORY Version:1 (rev.1) - 26 September 2016 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05336888 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05336888 Version: 1 HPSBHF03673 rev.1 - HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Multiple Remote Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2016-11-18 Last Updated: 2016-11-18 Potential Security Impact: Remote: Multiple Vulnerabilities Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY Security vulnerabilities in MD5 message digest algorithm and RC4 ciphersuite could potentially impact HPE Comware 5 and Comware 7 network products using SSL/TLS. These vulnerabilities could be exploited remotely to conduct spoofing attacks and plaintext recovery attacks resulting in disclosure of information. References: - CVE-2004-2761 - MD5 Hash Collision Vulnerability - CVE-2013-2566 - SSL/TLS RC4 algorithm vulnerability - CVE-2015-2808 - SSL/TLS RC4 stream vulnerability known as "Bar Mitzvah" SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - Comware 5 (CW5) Products All versions - Comware 7 (CW7) Products All versions BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2004-2761 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N) CVE-2013-2566 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2015-2808 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE has released the following mitigation information to resolve the vulnerabilities in HPE Comware 5 and Comware 7 network products. *Note:* Please contact HPE Technical Support for any assistance configuring the recommended settings. **Mitigation for the hash collision vulnerability in the MD5 Algorithm:** + For Comware V7, this issue only exists when the key-type is RSA and the public key length less than 1024 bits. Since the default length of the RSA key is 1024 bits, the length should only have to be set manually if necessary. Example command to set the RSA key length to 1024 bits: public-key rsa general name xxx length 1024 + For Comware V5, this issue only exists when the key-type is RSA. HPE recommends using DSA and ECDSA keys and not an RSA key. **Mitigation for the RC4 vulnerabilities:** HPE recommends disabling RC2 and RC4 ciphers. + For Comware V7, remove the RC2/RC4 ciphers: - exp_rsa_rc2_md5 - exp_rsa_rc4_md5 - rsa_rc4_128_md5 - rsa_rc4_128_sha Example using the *ssl server-policy anamea ciphersuite* command to omit the RC2/RC4 ciphers: ssl server-policy anamea ciphersuite { dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_256_cbc_sha | exp_rsa_des_cbc_sha | rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_256_cbc_sha | rsa_des_cbc_sha } Example using the *ssl client-policy anamea prefer-cipher* command to omit the RC2/RC4 ciphers: ssl client-policy anamea prefer-cipher { dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_256_cbc_sha | exp_rsa_des_cbc_sha | rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_256_cbc_sha | rsa_des_cbc_sha } + For Comware V5, remove the following RC4 ciphers: - rsa_rc4_128_md5 - rsa_rc4_128_sha Example using the *ssl server-policy anamea ciphersuite* command to omit the RC4 ciphers: ssl server-policy anamea ciphersuite { rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_256_cbc_sha| rsa_des_cbc_sha } Example using the *ssl client-policy anamea prefer-cipher* command to omit the RC4 ciphers: ssl client-policy anamea prefer-cipher { rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha |rsa_aes_256_cbc_sha | rsa_des_cbc_sha } **COMWARE 5 Products** + **HSR6602 (Comware 5) - Version: See Mitigation** * HP Network Products - JC176A HP 6602 Router Chassis - JG353A HP HSR6602-G Router - JG354A HP HSR6602-XG Router - JG355A HP 6600 MCP-X1 Router Main Processing Unit - JG356A HP 6600 MCP-X2 Router Main Processing Unit - JG776A HP HSR6602-G TAA-compliant Router - JG777A HP HSR6602-XG TAA-compliant Router - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit + **HSR6800 (Comware 5) - Version: See Mitigation** * HP Network Products - JG361A HP HSR6802 Router Chassis - JG361B HP HSR6802 Router Chassis - JG362A HP HSR6804 Router Chassis - JG362B HP HSR6804 Router Chassis - JG363A HP HSR6808 Router Chassis - JG363B HP HSR6808 Router Chassis - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit + **MSR20 (Comware 5) - Version: See Mitigation** * HP Network Products - JD432A HP A-MSR20-21 Router - JD662A HP MSR20-20 Router - JD663A HP A-MSR20-21 Router - JD663B HP MSR20-21 Router - JD664A HP MSR20-40 Router - JF228A HP MSR20-40 Router - JF283A HP MSR20-20 Router + **MSR20-1X (Comware 5) - Version: See Mitigation** * HP Network Products - JD431A HP MSR20-10 Router - JD667A HP MSR20-15 IW Multi-Service Router - JD668A HP MSR20-13 Multi-Service Router - JD669A HP MSR20-13 W Multi-Service Router - JD670A HP MSR20-15 A Multi-Service Router - JD671A HP MSR20-15 AW Multi-Service Router - JD672A HP MSR20-15 I Multi-Service Router - JD673A HP MSR20-11 Multi-Service Router - JD674A HP MSR20-12 Multi-Service Router - JD675A HP MSR20-12 W Multi-Service Router - JD676A HP MSR20-12 T1 Multi-Service Router - JF236A HP MSR20-15-I Router - JF237A HP MSR20-15-A Router - JF238A HP MSR20-15-I-W Router - JF239A HP MSR20-11 Router - JF240A HP MSR20-13 Router - JF241A HP MSR20-12 Router - JF806A HP MSR20-12-T Router - JF807A HP MSR20-12-W Router - JF808A HP MSR20-13-W Router - JF809A HP MSR20-15-A-W Router - JF817A HP MSR20-15 Router - JG209A HP MSR20-12-T-W Router (NA) - JG210A HP MSR20-13-W Router (NA) + **MSR 30 (Comware 5) - Version: See Mitigation** * HP Network Products - JD654A HP MSR30-60 POE Multi-Service Router - JD657A HP MSR30-40 Multi-Service Router - JD658A HP MSR30-60 Multi-Service Router - JD660A HP MSR30-20 POE Multi-Service Router - JD661A HP MSR30-40 POE Multi-Service Router - JD666A HP MSR30-20 Multi-Service Router - JF229A HP MSR30-40 Router - JF230A HP MSR30-60 Router - JF232A HP RTMSR3040-AC-OVSAS-H3 - JF235A HP MSR30-20 DC Router - JF284A HP MSR30-20 Router - JF287A HP MSR30-40 DC Router - JF801A HP MSR30-60 DC Router - JF802A HP MSR30-20 PoE Router - JF803A HP MSR30-40 PoE Router - JF804A HP MSR30-60 PoE Router - JG728A HP MSR30-20 TAA-compliant DC Router - JG729A HP MSR30-20 TAA-compliant Router + **MSR 30-16 (Comware 5) - Version: See Mitigation** * HP Network Products - JD659A HP MSR30-16 POE Multi-Service Router - JD665A HP MSR30-16 Multi-Service Router - JF233A HP MSR30-16 Router - JF234A HP MSR30-16 PoE Router + **MSR 30-1X (Comware 5) - Version: See Mitigation** * HP Network Products - JF800A HP MSR30-11 Router - JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr - JG182A HP MSR30-11E Router - JG183A HP MSR30-11F Router - JG184A HP MSR30-10 DC Router + **MSR 50 (Comware 5) - Version: See Mitigation** * HP Network Products - JD433A HP MSR50-40 Router - JD653A HP MSR50 Processor Module - JD655A HP MSR50-40 Multi-Service Router - JD656A HP MSR50-60 Multi-Service Router - JF231A HP MSR50-60 Router - JF285A HP MSR50-40 DC Router - JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply + **MSR 50-G2 (Comware 5) - Version: See Mitigation** * HP Network Products - JD429A HP MSR50 G2 Processor Module - JD429B HP MSR50 G2 Processor Module + **MSR 9XX (Comware 5) - Version: See Mitigation** * HP Network Products - JF812A HP MSR900 Router - JF813A HP MSR920 Router - JF814A HP MSR900-W Router - JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr - JG207A HP MSR900-W Router (NA) - JG208A HP MSR920-W Router (NA) + **MSR 93X (Comware 5) - Version: See Mitigation** * HP Network Products - JG511A HP MSR930 Router - JG511B HP MSR930 Router - JG512A HP MSR930 Wireless Router - JG513A HP MSR930 3G Router - JG513B HP MSR930 3G Router - JG514A HP MSR931 Router - JG514B HP MSR931 Router - JG515A HP MSR931 3G Router - JG516A HP MSR933 Router - JG517A HP MSR933 3G Router - JG518A HP MSR935 Router - JG518B HP MSR935 Router - JG519A HP MSR935 Wireless Router - JG520A HP MSR935 3G Router - JG531A HP MSR931 Dual 3G Router - JG531B HP MSR931 Dual 3G Router - JG596A HP MSR930 4G LTE/3G CDMA Router - JG597A HP MSR936 Wireless Router - JG665A HP MSR930 4G LTE/3G WCDMA Global Router - JG704A HP MSR930 4G LTE/3G WCDMA ATT Router - JH009A HP MSR931 Serial (TI) Router - JH010A HP MSR933 G.SHDSL (TI) Router - JH011A HP MSR935 ADSL2+ (TI) Router - JH012A HP MSR930 Wireless 802.11n (NA) Router - JH012B HP MSR930 Wireless 802.11n (NA) Router - JH013A HP MSR935 Wireless 802.11n (NA) Router + **MSR1000 (Comware 5) - Version: See Mitigation** * HP Network Products - JG732A HP MSR1003-8 AC Router + **12500 (Comware 5) - Version: See Mitigation** * HP Network Products - JC072B HP 12500 Main Processing Unit - JC085A HP A12518 Switch Chassis - JC086A HP A12508 Switch Chassis - JC652A HP 12508 DC Switch Chassis - JC653A HP 12518 DC Switch Chassis - JC654A HP 12504 AC Switch Chassis - JC655A HP 12504 DC Switch Chassis - JC808A HP 12500 TAA Main Processing Unit - JF430A HP A12518 Switch Chassis - JF430B HP 12518 Switch Chassis - JF430C HP 12518 AC Switch Chassis - JF431A HP A12508 Switch Chassis - JF431B HP 12508 Switch Chassis - JF431C HP 12508 AC Switch Chassis + **9500E (Comware 5) - Version: See Mitigation** * HP Network Products - JC124A HP A9508 Switch Chassis - JC124B HP 9505 Switch Chassis - JC125A HP A9512 Switch Chassis - JC125B HP 9512 Switch Chassis - JC474A HP A9508-V Switch Chassis - JC474B HP 9508-V Switch Chassis + **10500 (Comware 5) - Version: See Mitigation** * HP Network Products - JC611A HP 10508-V Switch Chassis - JC612A HP 10508 Switch Chassis - JC613A HP 10504 Switch Chassis - JC614A HP 10500 Main Processing Unit - JC748A HP 10512 Switch Chassis - JG375A HP 10500 TAA-compliant Main Processing Unit - JG820A HP 10504 TAA-compliant Switch Chassis - JG821A HP 10508 TAA-compliant Switch Chassis - JG822A HP 10508-V TAA-compliant Switch Chassis - JG823A HP 10512 TAA-compliant Switch Chassis + **7500 (Comware 5) - Version: See Mitigation** * HP Network Products - JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo - JC697A HP 7502 TAA-compliant Main Processing Unit - JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports - JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports - JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit - JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit - JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports - JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports - JD194A HP 7500 384Gbps Fabric Module - JD194B HP 7500 384Gbps Fabric Module - JD195A HP 7500 384Gbps Advanced Fabric Module - JD196A HP 7502 Fabric Module - JD220A HP 7500 768Gbps Fabric Module - JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports - JD238A HP 7510 Switch Chassis - JD238B HP 7510 Switch Chassis - JD239A HP 7506 Switch Chassis - JD239B HP 7506 Switch Chassis - JD240A HP 7503 Switch Chassis - JD240B HP 7503 Switch Chassis - JD241A HP 7506-V Switch Chassis - JD241B HP 7506-V Switch Chassis - JD242A HP 7502 Switch Chassis - JD242B HP 7502 Switch Chassis - JD243A HP 7503-S Switch Chassis with 1 Fabric Slot - JD243B HP 7503-S Switch Chassis with 1 Fabric Slot - JE164A HP E7902 Switch Chassis - JE165A HP E7903 Switch Chassis - JE166A HP E7903 1 Fabric Slot Switch Chassis - JE167A HP E7906 Switch Chassis - JE168A HP E7906 Vertical Switch Chassis - JE169A HP E7910 Switch Chassis + **6125G/XG Blade Switch - Version: See Mitigation** * HP Network Products - 737220-B21 HP 6125G Blade Switch with TAA - 737226-B21 HP 6125G/XG Blade Switch with TAA - 658250-B21 HP 6125G/XG Blade Switch Opt Kit - 658247-B21 HP 6125G Blade Switch Opt Kit + **5830 (Comware 5) - Version: See Mitigation** * HP Network Products - JC691A HP 5830AF-48G Switch with 1 Interface Slot - JC694A HP 5830AF-96G Switch - JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot - JG374A HP 5830AF-96G TAA-compliant Switch + **5800 (Comware 5) - Version: See Mitigation** * HP Network Products - JC099A HP 5800-24G-PoE Switch - JC099B HP 5800-24G-PoE+ Switch - JC100A HP 5800-24G Switch - JC100B HP 5800-24G Switch - JC101A HP 5800-48G Switch with 2 Slots - JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots - JC103A HP 5800-24G-SFP Switch - JC103B HP 5800-24G-SFP Switch with 1 Interface Slot - JC104A HP 5800-48G-PoE Switch - JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot - JC105A HP 5800-48G Switch - JC105B HP 5800-48G Switch with 1 Interface Slot - JG254A HP 5800-24G-PoE+ TAA-compliant Switch - JG254B HP 5800-24G-PoE+ TAA-compliant Switch - JG255A HP 5800-24G TAA-compliant Switch - JG255B HP 5800-24G TAA-compliant Switch - JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot - JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot - JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot - JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot - JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot - JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot - JG225A HP 5800AF-48G Switch - JG225B HP 5800AF-48G Switch - JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots - JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface - JG243A HP 5820-24XG-SFP+ TAA-compliant Switch - JG243B HP 5820-24XG-SFP+ TAA-compliant Switch - JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot - JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot - JC106A HP 5820-14XG-SFP+ Switch with 2 Slots - JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot - JG219A HP 5820AF-24XG Switch - JG219B HP 5820AF-24XG Switch - JC102A HP 5820-24XG-SFP+ Switch - JC102B HP 5820-24XG-SFP+ Switch + **5500 HI (Comware 5) - Version: See Mitigation** * HP Network Products - JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots - JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots - JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots - JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots - JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots - JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots - JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots - JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots + **5500 EI (Comware 5) - Version: See Mitigation** * HP Network Products - JD373A HP 5500-24G DC EI Switch - JD374A HP 5500-24G-SFP EI Switch - JD375A HP 5500-48G EI Switch - JD376A HP 5500-48G-PoE EI Switch - JD377A HP 5500-24G EI Switch - JD378A HP 5500-24G-PoE EI Switch - JD379A HP 5500-24G-SFP DC EI Switch - JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots - JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots - JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface - JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots - JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots - JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots - JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots + **4800G (Comware 5) - Version: See Mitigation** * HP Network Products - JD007A HP 4800-24G Switch - JD008A HP 4800-24G-PoE Switch - JD009A HP 4800-24G-SFP Switch - JD010A HP 4800-48G Switch - JD011A HP 4800-48G-PoE Switch + **5500SI (Comware 5) - Version: See Mitigation** * HP Network Products - JD369A HP 5500-24G SI Switch - JD370A HP 5500-48G SI Switch - JD371A HP 5500-24G-PoE SI Switch - JD372A HP 5500-48G-PoE SI Switch - JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots - JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots + **4500G (Comware 5) - Version: See Mitigation** * HP Network Products - JF428A HP 4510-48G Switch - JF847A HP 4510-24G Switch + **5120 EI (Comware 5) - Version: See Mitigation** * HP Network Products - JE066A HP 5120-24G EI Switch - JE067A HP 5120-48G EI Switch - JE068A HP 5120-24G EI Switch with 2 Interface Slots - JE069A HP 5120-48G EI Switch with 2 Interface Slots - JE070A HP 5120-24G-PoE EI 2-slot Switch - JE071A HP 5120-48G-PoE EI 2-slot Switch - JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots - JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots - JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots - JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots - JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots - JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots + **4210G (Comware 5) - Version: See Mitigation** * HP Network Products - JF844A HP 4210-24G Switch - JF845A HP 4210-48G Switch - JF846A HP 4210-24G-PoE Switch + **5120 SI (Comware 5) - Version: See Mitigation** * HP Network Products - JE072A HP 5120-48G SI Switch - JE072B HPE 5120 48G SI Switch - JE073A HP 5120-16G SI Switch - JE073B HPE 5120 16G SI Switch - JE074A HP 5120-24G SI Switch - JE074B HPE 5120 24G SI Switch - JG091A HP 5120-24G-PoE+ (370W) SI Switch - JG091B HPE 5120 24G PoE+ (370W) SI Switch - JG092A HP 5120-24G-PoE+ (170W) SI Switch - JG309B HPE 5120 8G PoE+ (180W) SI Switch - JG310B HPE 5120 8G PoE+ (65W) SI Switch + **3610 (Comware 5) - Version: See Mitigation** * HP Network Products - JD335A HP 3610-48 Switch - JD336A HP 3610-24-4G-SFP Switch - JD337A HP 3610-24-2G-2G-SFP Switch - JD338A HP 3610-24-SFP Switch + **3600V2 (Comware 5) - Version: See Mitigation** * HP Network Products - JG299A HP 3600-24 v2 EI Switch - JG299B HP 3600-24 v2 EI Switch - JG300A HP 3600-48 v2 EI Switch - JG300B HP 3600-48 v2 EI Switch - JG301A HP 3600-24-PoE+ v2 EI Switch - JG301B HP 3600-24-PoE+ v2 EI Switch - JG301C HP 3600-24-PoE+ v2 EI Switch - JG302A HP 3600-48-PoE+ v2 EI Switch - JG302B HP 3600-48-PoE+ v2 EI Switch - JG302C HP 3600-48-PoE+ v2 EI Switch - JG303A HP 3600-24-SFP v2 EI Switch - JG303B HP 3600-24-SFP v2 EI Switch - JG304A HP 3600-24 v2 SI Switch - JG304B HP 3600-24 v2 SI Switch - JG305A HP 3600-48 v2 SI Switch - JG305B HP 3600-48 v2 SI Switch - JG306A HP 3600-24-PoE+ v2 SI Switch - JG306B HP 3600-24-PoE+ v2 SI Switch - JG306C HP 3600-24-PoE+ v2 SI Switch - JG307A HP 3600-48-PoE+ v2 SI Switch - JG307B HP 3600-48-PoE+ v2 SI Switch - JG307C HP 3600-48-PoE+ v2 SI Switch + **3100V2-48 (Comware 5) - Version: See Mitigation** * HP Network Products - JG315A HP 3100-48 v2 Switch - JG315B HP 3100-48 v2 Switch + **HP870 (Comware 5) - Version: See Mitigation** * HP Network Products - JG723A HP 870 Unified Wired-WLAN Appliance - JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance + **HP850 (Comware 5) - Version: See Mitigation** * HP Network Products - JG722A HP 850 Unified Wired-WLAN Appliance - JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance + **HP830 (Comware 5) - Version: See Mitigation** * HP Network Products - JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch - JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch - JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch - JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant + **HP6000 (Comware 5) - Version: See Mitigation** * HP Network Products - JG639A HP 10500/7500 20G Unified Wired-WLAN Module - JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module + **WX5004-EI (Comware 5) - Version: See Mitigation** * HP Network Products - JD447B HP WX5002 Access Controller - JD448A HP WX5004 Access Controller - JD448B HP WX5004 Access Controller - JD469A HP WX5004 Access Controller + **SecBlade FW (Comware 5) - Version: See Mitigation** * HP Network Products - JC635A HP 12500 VPN Firewall Module - JD245A HP 9500 VPN Firewall Module - JD249A HP 10500/7500 Advanced VPN Firewall Module - JD250A HP 6600 Firewall Processing Router Module - JD251A HP 8800 Firewall Processing Module - JD255A HP 5820 VPN Firewall Module + **F1000-E (Comware 5) - Version: See Mitigation** * HP Network Products - JD272A HP F1000-E VPN Firewall Appliance + **F1000-A-EI (Comware 5) - Version: See Mitigation** * HP Network Products - JG214A HP F1000-A-EI VPN Firewall Appliance + **F1000-S-EI (Comware 5) - Version: See Mitigation** * HP Network Products - JG213A HP F1000-S-EI VPN Firewall Appliance + **F5000-A (Comware 5) - Version: See Mitigation** * HP Network Products - JD259A HP A5000-A5 VPN Firewall Chassis - JG215A HP F5000 Firewall Main Processing Unit - JG216A HP F5000 Firewall Standalone Chassis + **U200S and CS (Comware 5) - Version: See Mitigation** * HP Network Products - JD273A HP U200-S UTM Appliance + **U200A and M (Comware 5) - Version: See Mitigation** * HP Network Products - JD275A HP U200-A UTM Appliance + **F5000-C/S (Comware 5) - Version: See Mitigation** * HP Network Products - JG650A HP F5000-C VPN Firewall Appliance - JG370A HP F5000-S VPN Firewall Appliance + **SecBlade III (Comware 5) - Version: See Mitigation** * HP Network Products - JG371A HP 12500 20Gbps VPN Firewall Module - JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module + **6600 RSE RU (Comware 5 Low Encryption SW) - Version: See Mitigation** * HP Network Products - JC177A HP 6608 Router - JC177B HP 6608 Router Chassis - JC178A HP 6604 Router Chassis - JC178B HP 6604 Router Chassis - JC496A HP 6616 Router Chassis - JC566A HP 6600 RSE-X1 Router Main Processing Unit - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit + **6600 RPE RU (Comware 5 Low Encryption SW) - Version: See Mitigation** * HP Network Products - JC165A HP 6600 RPE-X1 Router Module - JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit + **6602 RU (Comware 5 Low Encryption SW) - Version: See Mitigation** * HP Network Products - JC176A HP 6602 Router Chassis + **HSR6602 RU (Comware 5 Low Encryption SW) - Version: See Mitigation** * HP Network Products - JC177A HP 6608 Router - JC177B HP 6608 Router Chassis - JC178A HP 6604 Router Chassis - JC178B HP 6604 Router Chassis - JC496A HP 6616 Router Chassis - JG353A HP HSR6602-G Router - JG354A HP HSR6602-XG Router - JG355A HP 6600 MCP-X1 Router Main Processing Unit - JG356A HP 6600 MCP-X2 Router Main Processing Unit - JG776A HP HSR6602-G TAA-compliant Router - JG777A HP HSR6602-XG TAA-compliant Router - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit + **HSR6800 RU (Comware 5 Low Encryption SW) - Version: See Mitigation** * HP Network Products - JG361A HP HSR6802 Router Chassis - JG361B HP HSR6802 Router Chassis - JG362A HP HSR6804 Router Chassis - JG362B HP HSR6804 Router Chassis - JG363A HP HSR6808 Router Chassis - JG363B HP HSR6808 Router Chassis - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit + **SMB1910 (Comware 5) - Version: See Mitigation** * HP Network Products - JG540A HP 1910-48 Switch - JG539A HP 1910-24-PoE+ Switch - JG538A HP 1910-24 Switch - JG537A HP 1910-8 -PoE+ Switch - JG536A HP 1910-8 Switch + **SMB1920 (Comware 5) - Version: See Mitigation** * HP Network Products - JG928A HP 1920-48G-PoE+ (370W) Switch - JG927A HP 1920-48G Switch - JG926A HP 1920-24G-PoE+ (370W) Switch - JG925A HP 1920-24G-PoE+ (180W) Switch - JG924A HP 1920-24G Switch - JG923A HP 1920-16G Switch - JG922A HP 1920-8G-PoE+ (180W) Switch - JG921A HP 1920-8G-PoE+ (65W) Switch - JG920A HP 1920-8G Switch + **V1910 (Comware 5) - Version: See Mitigation** * HP Network Products - JE005A HP 1910-16G Switch - JE006A HP 1910-24G Switch - JE007A HP 1910-24G-PoE (365W) Switch - JE008A HP 1910-24G-PoE(170W) Switch - JE009A HP 1910-48G Switch - JG348A HP 1910-8G Switch - JG349A HP 1910-8G-PoE+ (65W) Switch - JG350A HP 1910-8G-PoE+ (180W) Switch + **SMB 1620 (Comware 5) - Version: See Mitigation** * HP Network Products - JG914A HP 1620-48G Switch - JG913A HP 1620-24G Switch - JG912A HP 1620-8G Switch **COMWARE 7 Products** + **12500 (Comware 7) - Version: See Mitigation** * HP Network Products - JC072B HP 12500 Main Processing Unit - JC085A HP A12518 Switch Chassis - JC086A HP A12508 Switch Chassis - JC652A HP 12508 DC Switch Chassis - JC653A HP 12518 DC Switch Chassis - JC654A HP 12504 AC Switch Chassis - JC655A HP 12504 DC Switch Chassis - JF430A HP A12518 Switch Chassis - JF430B HP 12518 Switch Chassis - JF430C HP 12518 AC Switch Chassis - JF431A HP A12508 Switch Chassis - JF431B HP 12508 Switch Chassis - JF431C HP 12508 AC Switch Chassis - JG497A HP 12500 MPU w/Comware V7 OS - JG782A HP FF 12508E AC Switch Chassis - JG783A HP FF 12508E DC Switch Chassis - JG784A HP FF 12518E AC Switch Chassis - JG785A HP FF 12518E DC Switch Chassis - JG802A HP FF 12500E MPU + **10500 (Comware 7) - Version: See Mitigation** * HP Network Products - JC611A HP 10508-V Switch Chassis - JC612A HP 10508 Switch Chassis - JC613A HP 10504 Switch Chassis - JC748A HP 10512 Switch Chassis - JG608A HP FlexFabric 11908-V Switch Chassis - JG609A HP FlexFabric 11900 Main Processing Unit - JG820A HP 10504 TAA Switch Chassis - JG821A HP 10508 TAA Switch Chassis - JG822A HP 10508-V TAA Switch Chassis - JG823A HP 10512 TAA Switch Chassis - JG496A HP 10500 Type A MPU w/Comware v7 OS - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit + **12900 (Comware 7) - Version: See Mitigation** * HP Network Products - JG619A HP FlexFabric 12910 Switch AC Chassis - JG621A HP FlexFabric 12910 Main Processing Unit - JG632A HP FlexFabric 12916 Switch AC Chassis - JG634A HP FlexFabric 12916 Main Processing Unit - JH104A HP FlexFabric 12900E Main Processing Unit - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit - JH263A HP FlexFabric 12904E Main Processing Unit - JH255A HP FlexFabric 12908E Switch Chassis - JH262A HP FlexFabric 12904E Switch Chassis - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis - JH103A HP FlexFabric 12916E Switch Chassis + **5900 (Comware 7) - Version: See Mitigation** * HP Network Products - JC772A HP 5900AF-48XG-4QSFP+ Switch - JG296A HP 5920AF-24XG Switch - JG336A HP 5900AF-48XGT-4QSFP+ Switch - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch - JG555A HP 5920AF-24XG TAA Switch - JG838A HP FF 5900CP-48XG-4QSFP+ Switch - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant + **MSR1000 (Comware 7) - Version: See Mitigation** * HP Network Products - JG875A HP MSR1002-4 AC Router - JH060A HP MSR1003-8S AC Router + **MSR2000 (Comware 7) - Version: See Mitigation** * HP Network Products - JG411A HP MSR2003 AC Router - JG734A HP MSR2004-24 AC Router - JG735A HP MSR2004-48 Router - JG866A HP MSR2003 TAA-compliant AC Router + **MSR3000 (Comware 7) - Version: See Mitigation** * HP Network Products - JG404A HP MSR3064 Router - JG405A HP MSR3044 Router - JG406A HP MSR3024 AC Router - JG407A HP MSR3024 DC Router - JG408A HP MSR3024 PoE Router - JG409A HP MSR3012 AC Router - JG410A HP MSR3012 DC Router - JG861A HP MSR3024 TAA-compliant AC Router + **MSR4000 (Comware 7) - Version: See Mitigation** * HP Network Products - JG402A HP MSR4080 Router Chassis - JG403A HP MSR4060 Router Chassis - JG412A HP MSR4000 MPU-100 Main Processing Unit - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit + **VSR (Comware 7) - Version: See Mitigation** * HP Network Products - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software - JG811AAE HP VSR1001 Comware 7 Virtual Services Router - JG812AAE HP VSR1004 Comware 7 Virtual Services Router - JG813AAE HP VSR1008 Comware 7 Virtual Services Router + **7900 (Comware 7) - Version: See Mitigation** * HP Network Products - JG682A HP FlexFabric 7904 Switch Chassis - JG841A HP FlexFabric 7910 Switch Chassis - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit + **5130 (Comware 7) - Version: See Mitigation** * HP Network Products - JG932A HP 5130-24G-4SFP+ EI Switch - JG933A HP 5130-24G-SFP-4SFP+ EI Switch - JG934A HP 5130-48G-4SFP+ EI Switch - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch - JG938A HP 5130-24G-2SFP+-2XGT EI Switch - JG939A HP 5130-48G-2SFP+-2XGT EI Switch - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch - JG975A HP 5130-24G-4SFP+ EI Brazil Switch - JG976A HP 5130-48G-4SFP+ EI Brazil Switch - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch + **6125XLG - Version: See Mitigation** * HP Network Products - 711307-B21 HP 6125XLG Blade Switch - 737230-B21 HP 6125XLG Blade Switch with TAA + **6127XLG - Version: See Mitigation** * HP Network Products - 787635 HP 6127XLG Blade Switch Opt Kit + **Moonshot - Version: See Mitigation** * HP Network Products - 786617-B21 - HP Moonshot-45Gc Switch Module - 704654-B21 - HP Moonshot-45XGc Switch Module - 786619-B21 - HP Moonshot-180XGc Switch Module + **5700 (Comware 7) - Version: See Mitigation** * HP Network Products - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch + **5930 (Comware 7) - Version: See Mitigation** * HP Network Products - JG726A HP FlexFabric 5930 32QSFP+ Switch - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch - JH179A HP FlexFabric 5930 4-slot Switch - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch + **HSR6600 (Comware 7) - Version: See Mitigation** * HP Network Products - JG353A HP HSR6602-G Router - JG354A HP HSR6602-XG Router - JG776A HP HSR6602-G TAA-compliant Router - JG777A HP HSR6602-XG TAA-compliant Router + **HSR6800 (Comware 7) - Version: See Mitigation** * HP Network Products - JG361A HP HSR6802 Router Chassis - JG361B HP HSR6802 Router Chassis - JG362A HP HSR6804 Router Chassis - JG362B HP HSR6804 Router Chassis - JG363A HP HSR6808 Router Chassis - JG363B HP HSR6808 Router Chassis - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing - JH075A HP HSR6800 RSE-X3 Router Main Processing Unit + **1950 (Comware 7) - Version: See Mitigation** * HP Network Products - JG960A HP 1950-24G-4XG Switch - JG961A HP 1950-48G-2SFP+-2XGT Switch - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch + **7500 (Comware 7) - Version: See Mitigation** * HP Network Products - JD238C HP 7510 Switch Chassis - JD239C HP 7506 Switch Chassis - JD240C HP 7503 Switch Chassis - JD242C HP 7502 Switch Chassis - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit - JH208A HP 7502 Main Processing Unit - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit + **5950 (Comware 7) - Version: See Mitigation** * HP Network Products - JH321A HPE FlexFabric 5950 32QSFP28 Switch + **5940 (Comware 7) - Version: See Mitigation** * HP Network Products - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch - JH396A HPE FlexFabric 5940 32QSFP+ Switch - JH397A HPE FlexFabric 5940 2-slot Switch - JH398A HPE FlexFabric 5940 4-slot Switch HISTORY Version:1 (rev.1) - 18 November 2016 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJYLytTAAoJELXhAxt7SZaiMjYIAI4xgRNJCPqOZ40XLUNhxYrc HyqTd62PbcGOPTFya1qOo16V94eJ5id5oRHOtcrFjJKtDedDS6OoAe5HWYXvLEI3 0fEzCNjk9aHTcvuf2t17MGhS0Fk2JrZ0191RFONKuEkqgMmK0d44SGMrVXSA28Dj phW1dzm1HiJO0NPUOa+cYMhNt0+I7b+ulD6FdldNdqx4fNtlXiHvcRbF4Wffe2hD N2hlvx1Wu1iu2g75XPNPOPYhDRkyAm79P2HZGCUohQlhWsRgcJRnubojJBr7CMf9 2Ud7MwYL4jTKK/mFdim4ej/hwPn3SCb5ekhTUBFDlu2J2DjUYi2xDQgyQkhuUIg= =NGQO -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-740-1 March 17, 2009 nss, firefox vulnerability CVE-2004-2761 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libnss3 1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2 Ubuntu 7.10: libnss3-0d 3.11.5-3ubuntu0.7.10.2 Ubuntu 8.04 LTS: libnss3-0d 3.12.0.3-0ubuntu0.8.04.5 libnss3-1d 3.12.0.3-0ubuntu0.8.04.5 Ubuntu 8.10: libnss3-1d 3.12.0.3-0ubuntu5.8.10.1 After a standard system upgrade you need to restart your session to effect the necessary changes. This update blacklists the proof of concept rogue certificate authority as discussed in http://www.win.tue.nl/hashclash/rogue-ca/. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2.diff.gz Size/MD5: 188837 84bf6c0e34576e50daab0284028533bb http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2.dsc Size/MD5: 2389 abbe8becc260777f55315eb565f8d732 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k.orig.tar.gz Size/MD5: 48504132 171958941a2ca0562039add097278245 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_all.deb Size/MD5: 53898 025eab1318c7a90e48fb0a927bbbd433 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_all.deb Size/MD5: 53014 87135a54ac04ea95a0a3c7dccb8a4d4e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 47681092 19a313089bf1da267950c8f5b8d2d2df http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 2859292 f6a4b48f0e0e3250d83f0bf4183836f7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 86270 0bd3983f76c7474d37018f26eee721f4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 9494334 91c75d6baf740531224bed258c6622b9 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 222572 2779237df4dc1c30d8d2c01623eef1e3 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 166118 862f4a02164840c1d94228a396c2688c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 248116 183208d5e43c3ddc117d6cbefc54a472 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 826574 2ff813a52cac4b3392f056b145129821 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_amd64.deb Size/MD5: 218858 2fcc1d909f4fdafaced1b1f737f83bf1 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 44228668 5a244b5b731d0d703cb573e2db10b74b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 2859256 274033babbff1131a391ca71c19a6e6b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 78600 3e86ec8d1b73b8f7b822f12aaa56451a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 7997718 56cb9f85d34aa86721dcc36414b8f0e9 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 222564 14edfb722d08b49930b901114b841c81 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 150606 fa56606c4d002559ee41e965299b523a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 248106 58139d67e47359f9cb056ad29292d06d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 717824 ce294179ee0e0fcdea589e751548f04e http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_i386.deb Size/MD5: 212058 b3874b6f769aeafedce238b9a15e7b09 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 49085684 a4ea3920e8120e9dc7138cf8e8595aa4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 2859352 dac458ed9e848ba8c64d0e18071149f8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 81686 228d420fc876cb95b6edad70d58c2c48 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 9113232 7ba2b92dad312ca9d2186dac6380d638 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 222564 9e89e2cc261f1c1b43e0b765e140d3d5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 163310 3ddb28abafbffe0943e25f48267df5f1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 248128 94da18de9bba74798a5ae257e85d882b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 817522 eb53d37dea9fce55780abda44b94ca89 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_powerpc.deb Size/MD5: 215556 779f90ccb4534487d2274536ac9279dd sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 45629214 b30a5365e327c4366ae3ea2b393e1d78 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 2859296 c7f225dc39717d6156b9163c7a8ddda0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 80180 51ca826844fa46702feb9bbeb5c6e999 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 8499070 ee1fd111aa113ac50e5ea42dc85e1e77 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 222590 6a5621015d57ffbd93f92a8552d98e54 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 153210 b7c4a9074a678fcaf70a4db7bcb8fd5d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 248150 1273ab06f98bf861e4e66985add8685a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 728698 cd5ba0f693710a604274d327d4724c88 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu2_sparc.deb Size/MD5: 213030 fe7a017cd7f4a8a9064372e51f903263 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.11.5-3ubuntu0.7.10.2.diff.gz Size/MD5: 23735 2c3b55fe3f316790d2174a56709723ad http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.11.5-3ubuntu0.7.10.2.dsc Size/MD5: 1925 9d9a2fa42ff8dcb452761d66e3238ef6 http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.11.5.orig.tar.gz Size/MD5: 3696893 1add44e6a41dbf5091cfd000f19ad6b9 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d-dbg_3.11.5-3ubuntu0.7.10.2_amd64.deb Size/MD5: 3143890 dad0155f293aff8a59d42086cef022c3 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.11.5-3ubuntu0.7.10.2_amd64.deb Size/MD5: 799588 70d491944efd2ce20cb839da11030b0e http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.11.5-3ubuntu0.7.10.2_amd64.deb Size/MD5: 241342 567c357ea31e0e1729db4738822aa7b0 http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.11.5-3ubuntu0.7.10.2_amd64.deb Size/MD5: 656372 a6868f642b5c295236c7df01dbc3f2d9 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d-dbg_3.11.5-3ubuntu0.7.10.2_i386.deb Size/MD5: 2995870 d4ea291de433c1768148f35a4f40e596 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.11.5-3ubuntu0.7.10.2_i386.deb Size/MD5: 723166 81b970c37e37b2bfe13bf8edf8b8c2df http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.11.5-3ubuntu0.7.10.2_i386.deb Size/MD5: 238436 a901d3b0431faa6bfd4d8b732fc6b8ed http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.11.5-3ubuntu0.7.10.2_i386.deb Size/MD5: 605568 f7a02ba6c2e65c2e3644f81e2e5add33 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d-dbg_3.11.5-3ubuntu0.7.10.2_lpia.deb Size/MD5: 3213428 32f032e4c5ebc8383d334e2de5b1e0b5 http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.11.5-3ubuntu0.7.10.2_lpia.deb Size/MD5: 709556 606d9ee62127ecad6620ce6ee2a351c1 http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.11.5-3ubuntu0.7.10.2_lpia.deb Size/MD5: 237148 526eb9b27871cee224d480ce8483d015 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.11.5-3ubuntu0.7.10.2_lpia.deb Size/MD5: 596394 35c4ef7f97a6934947760236b119d1f1 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d-dbg_3.11.5-3ubuntu0.7.10.2_powerpc.deb Size/MD5: 3168400 13560d02da9c481147177504476a3f21 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.11.5-3ubuntu0.7.10.2_powerpc.deb Size/MD5: 807892 5a0232d184bb4d87811974d61a902e17 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.11.5-3ubuntu0.7.10.2_powerpc.deb Size/MD5: 240514 9cfb4b3bace2f033b7c55ba571d0c4a1 http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.11.5-3ubuntu0.7.10.2_powerpc.deb Size/MD5: 645362 ccd118c24941759b0c2e758ae60b4ba5 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d-dbg_3.11.5-3ubuntu0.7.10.2_sparc.deb Size/MD5: 2834042 f884524281d9521e07b60c8bf9aa8074 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.11.5-3ubuntu0.7.10.2_sparc.deb Size/MD5: 718096 906896f0101a88bd6cb78ffdb103fe0e http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.11.5-3ubuntu0.7.10.2_sparc.deb Size/MD5: 235222 f679c8d076c15860a41c1e16b1d69ded http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.11.5-3ubuntu0.7.10.2_sparc.deb Size/MD5: 576390 75811d5dc9ddd1eca108bc50ffe3e911 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.0.3-0ubuntu0.8.04.5.diff.gz Size/MD5: 38918 6fda80e067b0f84e323b3556b5f9dd18 http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.0.3-0ubuntu0.8.04.5.dsc Size/MD5: 2001 e9365c71192c0e568d5dd9891708e436 http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.0.3.orig.tar.gz Size/MD5: 5161407 9e96418400e073f982e83c235718c4e9 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.12.0.3-0ubuntu0.8.04.5_amd64.deb Size/MD5: 17910 7933180f37ce55969719730463fef4cb http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu0.8.04.5_amd64.deb Size/MD5: 4511304 1a241985ee6673075b8610bbb2be2902 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu0.8.04.5_amd64.deb Size/MD5: 1135226 fcc9b7555aac5a0ef0260aa639b7421a http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu0.8.04.5_amd64.deb Size/MD5: 256738 992898a7cce94822e29a3e0d5d318e46 http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu0.8.04.5_amd64.deb Size/MD5: 813730 542b82a7837b4a43191fd5862a97699e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.12.0.3-0ubuntu0.8.04.5_i386.deb Size/MD5: 17894 3ea3554784b1242ce89f96bb631d0c4d http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu0.8.04.5_i386.deb Size/MD5: 4294520 d7eb7d334bd821d887e24d76d8e2804f http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu0.8.04.5_i386.deb Size/MD5: 1017710 7afd17b32bc5ce80babf2405488997e8 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu0.8.04.5_i386.deb Size/MD5: 253724 f7f8ad3723f384a657907016b8476c35 http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu0.8.04.5_i386.deb Size/MD5: 741278 ed53c68732f059a90a35310b68c4be88 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.0.3-0ubuntu0.8.04.5_lpia.deb Size/MD5: 17874 5e1a506010c923ba8a41129fef693344 http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu0.8.04.5_lpia.deb Size/MD5: 4322188 cd5765f42aaffa32e20b0ac0510d9b6c http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu0.8.04.5_lpia.deb Size/MD5: 993934 313d088bd4a0a44fe05b762e33ef927d http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu0.8.04.5_lpia.deb Size/MD5: 252500 dcaf82868eaa0e3162a6a49fb6f512be http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu0.8.04.5_lpia.deb Size/MD5: 719648 8e422c9ee3dd5a062f547d36d6e2725c powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.0.3-0ubuntu0.8.04.5_powerpc.deb Size/MD5: 20352 144b270c8fc23407e1da27112151c952 http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu0.8.04.5_powerpc.deb Size/MD5: 4440132 f89a7f34a199abd8e0d840bb011ca5bf http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu0.8.04.5_powerpc.deb Size/MD5: 1115852 d88c0295406e468f7ac1c087edb661dd http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu0.8.04.5_powerpc.deb Size/MD5: 255446 4eef63577fbaa5b611b0d9064c47ac6c http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu0.8.04.5_powerpc.deb Size/MD5: 777064 83ad19b301d2c1eceef6682cbad5a00d sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.0.3-0ubuntu0.8.04.5_sparc.deb Size/MD5: 17976 c763ceebcc3bf6371477809a8589cebf http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu0.8.04.5_sparc.deb Size/MD5: 4038136 bbb4ff75f73844f33727fada2ca730b4 http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu0.8.04.5_sparc.deb Size/MD5: 995598 2785d368bbb6665eee586ac3fc3e453e http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu0.8.04.5_sparc.deb Size/MD5: 250450 a972e1131466d149480a574a57537c37 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu0.8.04.5_sparc.deb Size/MD5: 702432 d16a1353ba80d7104820f97c4f712334 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.0.3-0ubuntu5.8.10.1.diff.gz Size/MD5: 38881 8be9f8eb187a657a743e115f58dbb58b http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.0.3-0ubuntu5.8.10.1.dsc Size/MD5: 2001 88381f73650cd5c2c369f387638ec40d http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.0.3.orig.tar.gz Size/MD5: 5161407 9e96418400e073f982e83c235718c4e9 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu5.8.10.1_amd64.deb Size/MD5: 4696732 5e2844909ee8896f71548c37f7ab711f http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu5.8.10.1_amd64.deb Size/MD5: 1182642 6f73554c7970e2c0e3da7dcddf8d4d7f http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu5.8.10.1_amd64.deb Size/MD5: 256520 808f5ff374081b1fd7f981699e267828 http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-0d_3.12.0.3-0ubuntu5.8.10.1_amd64.deb Size/MD5: 17962 63411a0d50d9fa340f688c7a5cec33ae http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu5.8.10.1_amd64.deb Size/MD5: 824382 367bbe2bf29f17c4fa5b085142e0bc8f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu5.8.10.1_i386.deb Size/MD5: 4450042 bb8560c5208a6f4d2a121a93d7ff7bac http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu5.8.10.1_i386.deb Size/MD5: 1054914 1f7cbdc5e0776b8c2fc92241776bd96e http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu5.8.10.1_i386.deb Size/MD5: 253554 c1cc8fff73ef7b34dadc6fea411bc7db http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-0d_3.12.0.3-0ubuntu5.8.10.1_i386.deb Size/MD5: 17940 b3577f334ed9f5a95c6fdbdd4de83ef4 http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu5.8.10.1_i386.deb Size/MD5: 752462 703f7bd356efc312f216e361209ef3a7 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu5.8.10.1_lpia.deb Size/MD5: 4482980 c27f13a5f5aba10c93b2dda917c1ba31 http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu5.8.10.1_lpia.deb Size/MD5: 1029092 3b2805f79d61b595907187846da18a54 http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu5.8.10.1_lpia.deb Size/MD5: 252140 06b18884a6e275a5fc9a73abd1464875 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.0.3-0ubuntu5.8.10.1_lpia.deb Size/MD5: 17914 28d1eeaac6ba2f9c17da9a9a6ea35fdd http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu5.8.10.1_lpia.deb Size/MD5: 730786 e1497e0cbdf8d7c3ac4c6e80e86837bf powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu5.8.10.1_powerpc.deb Size/MD5: 4659468 ceb162226c93c950c71d2f0236b9d53e http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu5.8.10.1_powerpc.deb Size/MD5: 1137358 f61287d145339ece156686d86a971480 http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu5.8.10.1_powerpc.deb Size/MD5: 255312 d7787174c0d6b25467b0f1262306be06 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.0.3-0ubuntu5.8.10.1_powerpc.deb Size/MD5: 20352 082622bc3e21161a1085695bd4f8f961 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu5.8.10.1_powerpc.deb Size/MD5: 775316 78ca70e113bd97d42f62e19e0ac8fdb1 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.0.3-0ubuntu5.8.10.1_sparc.deb Size/MD5: 4168250 b9f3c0b8eab76476c9bb057b43d9df40 http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.0.3-0ubuntu5.8.10.1_sparc.deb Size/MD5: 1015340 5dd83c288df733b6a84247b48d945647 http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.0.3-0ubuntu5.8.10.1_sparc.deb Size/MD5: 250138 f6a1dd454cc44a4684ab288e9eadde56 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.0.3-0ubuntu5.8.10.1_sparc.deb Size/MD5: 18068 27f0453909db6eda6d8ffd3ef35454c9 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.0.3-0ubuntu5.8.10.1_sparc.deb Size/MD5: 703524 e87fca0b128626aebf5bce77473ee8e0
var-201202-0137 Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. libpng Contains an integer overflow vulnerability.Service disruption by a third party (DoS) You may be put into a state or affected by other details. libpng is prone to a remote integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary malicious code in the context of a user running an application that uses the affected library. Failed exploit attempts will likely crash the library. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Summary: Updated libpng and libpng10 packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A heap-based buffer overflow flaw was found in libpng. (CVE-2011-3026) Users of libpng and libpng10 should upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using libpng or libpng10 must be restarted for the update to take effect. 4. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 790737 - CVE-2011-3026 libpng: Heap-buffer-overflow in png_decompress_chunk (MFSA 2012-11) 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libpng-1.2.7-9.el4.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libpng10-1.0.16-10.el4.src.rpm i386: libpng-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-devel-1.2.7-9.el4.i386.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-devel-1.0.16-10.el4.i386.rpm ia64: libpng-1.2.7-9.el4.i386.rpm libpng-1.2.7-9.el4.ia64.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.ia64.rpm libpng-devel-1.2.7-9.el4.ia64.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-1.0.16-10.el4.ia64.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.ia64.rpm libpng10-devel-1.0.16-10.el4.ia64.rpm ppc: libpng-1.2.7-9.el4.ppc.rpm libpng-1.2.7-9.el4.ppc64.rpm libpng-debuginfo-1.2.7-9.el4.ppc.rpm libpng-debuginfo-1.2.7-9.el4.ppc64.rpm libpng-devel-1.2.7-9.el4.ppc.rpm libpng10-1.0.16-10.el4.ppc.rpm libpng10-1.0.16-10.el4.ppc64.rpm libpng10-debuginfo-1.0.16-10.el4.ppc.rpm libpng10-debuginfo-1.0.16-10.el4.ppc64.rpm libpng10-devel-1.0.16-10.el4.ppc.rpm s390: libpng-1.2.7-9.el4.s390.rpm libpng-debuginfo-1.2.7-9.el4.s390.rpm libpng-devel-1.2.7-9.el4.s390.rpm libpng10-1.0.16-10.el4.s390.rpm libpng10-debuginfo-1.0.16-10.el4.s390.rpm libpng10-devel-1.0.16-10.el4.s390.rpm s390x: libpng-1.2.7-9.el4.s390.rpm libpng-1.2.7-9.el4.s390x.rpm libpng-debuginfo-1.2.7-9.el4.s390.rpm libpng-debuginfo-1.2.7-9.el4.s390x.rpm libpng-devel-1.2.7-9.el4.s390x.rpm libpng10-1.0.16-10.el4.s390.rpm libpng10-1.0.16-10.el4.s390x.rpm libpng10-debuginfo-1.0.16-10.el4.s390.rpm libpng10-debuginfo-1.0.16-10.el4.s390x.rpm libpng10-devel-1.0.16-10.el4.s390x.rpm x86_64: libpng-1.2.7-9.el4.i386.rpm libpng-1.2.7-9.el4.x86_64.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.x86_64.rpm libpng-devel-1.2.7-9.el4.x86_64.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-1.0.16-10.el4.x86_64.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.x86_64.rpm libpng10-devel-1.0.16-10.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libpng-1.2.7-9.el4.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libpng10-1.0.16-10.el4.src.rpm i386: libpng-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-devel-1.2.7-9.el4.i386.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-devel-1.0.16-10.el4.i386.rpm x86_64: libpng-1.2.7-9.el4.i386.rpm libpng-1.2.7-9.el4.x86_64.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.x86_64.rpm libpng-devel-1.2.7-9.el4.x86_64.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-1.0.16-10.el4.x86_64.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.x86_64.rpm libpng10-devel-1.0.16-10.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libpng-1.2.7-9.el4.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libpng10-1.0.16-10.el4.src.rpm i386: libpng-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-devel-1.2.7-9.el4.i386.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-devel-1.0.16-10.el4.i386.rpm ia64: libpng-1.2.7-9.el4.i386.rpm libpng-1.2.7-9.el4.ia64.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.ia64.rpm libpng-devel-1.2.7-9.el4.ia64.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-1.0.16-10.el4.ia64.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.ia64.rpm libpng10-devel-1.0.16-10.el4.ia64.rpm x86_64: libpng-1.2.7-9.el4.i386.rpm libpng-1.2.7-9.el4.x86_64.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.x86_64.rpm libpng-devel-1.2.7-9.el4.x86_64.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-1.0.16-10.el4.x86_64.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.x86_64.rpm libpng10-devel-1.0.16-10.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libpng-1.2.7-9.el4.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libpng10-1.0.16-10.el4.src.rpm i386: libpng-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-devel-1.2.7-9.el4.i386.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-devel-1.0.16-10.el4.i386.rpm ia64: libpng-1.2.7-9.el4.i386.rpm libpng-1.2.7-9.el4.ia64.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.ia64.rpm libpng-devel-1.2.7-9.el4.ia64.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-1.0.16-10.el4.ia64.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.ia64.rpm libpng10-devel-1.0.16-10.el4.ia64.rpm x86_64: libpng-1.2.7-9.el4.i386.rpm libpng-1.2.7-9.el4.x86_64.rpm libpng-debuginfo-1.2.7-9.el4.i386.rpm libpng-debuginfo-1.2.7-9.el4.x86_64.rpm libpng-devel-1.2.7-9.el4.x86_64.rpm libpng10-1.0.16-10.el4.i386.rpm libpng10-1.0.16-10.el4.x86_64.rpm libpng10-debuginfo-1.0.16-10.el4.i386.rpm libpng10-debuginfo-1.0.16-10.el4.x86_64.rpm libpng10-devel-1.0.16-10.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libpng-1.2.10-15.el5_7.src.rpm i386: libpng-1.2.10-15.el5_7.i386.rpm libpng-debuginfo-1.2.10-15.el5_7.i386.rpm x86_64: libpng-1.2.10-15.el5_7.i386.rpm libpng-1.2.10-15.el5_7.x86_64.rpm libpng-debuginfo-1.2.10-15.el5_7.i386.rpm libpng-debuginfo-1.2.10-15.el5_7.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libpng-1.2.10-15.el5_7.src.rpm i386: libpng-debuginfo-1.2.10-15.el5_7.i386.rpm libpng-devel-1.2.10-15.el5_7.i386.rpm x86_64: libpng-debuginfo-1.2.10-15.el5_7.i386.rpm libpng-debuginfo-1.2.10-15.el5_7.x86_64.rpm libpng-devel-1.2.10-15.el5_7.i386.rpm libpng-devel-1.2.10-15.el5_7.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libpng-1.2.10-15.el5_7.src.rpm i386: libpng-1.2.10-15.el5_7.i386.rpm libpng-debuginfo-1.2.10-15.el5_7.i386.rpm libpng-devel-1.2.10-15.el5_7.i386.rpm ia64: libpng-1.2.10-15.el5_7.i386.rpm libpng-1.2.10-15.el5_7.ia64.rpm libpng-debuginfo-1.2.10-15.el5_7.i386.rpm libpng-debuginfo-1.2.10-15.el5_7.ia64.rpm libpng-devel-1.2.10-15.el5_7.ia64.rpm ppc: libpng-1.2.10-15.el5_7.ppc.rpm libpng-1.2.10-15.el5_7.ppc64.rpm libpng-debuginfo-1.2.10-15.el5_7.ppc.rpm libpng-debuginfo-1.2.10-15.el5_7.ppc64.rpm libpng-devel-1.2.10-15.el5_7.ppc.rpm libpng-devel-1.2.10-15.el5_7.ppc64.rpm s390x: libpng-1.2.10-15.el5_7.s390.rpm libpng-1.2.10-15.el5_7.s390x.rpm libpng-debuginfo-1.2.10-15.el5_7.s390.rpm libpng-debuginfo-1.2.10-15.el5_7.s390x.rpm libpng-devel-1.2.10-15.el5_7.s390.rpm libpng-devel-1.2.10-15.el5_7.s390x.rpm x86_64: libpng-1.2.10-15.el5_7.i386.rpm libpng-1.2.10-15.el5_7.x86_64.rpm libpng-debuginfo-1.2.10-15.el5_7.i386.rpm libpng-debuginfo-1.2.10-15.el5_7.x86_64.rpm libpng-devel-1.2.10-15.el5_7.i386.rpm libpng-devel-1.2.10-15.el5_7.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libpng-1.2.46-2.el6_2.src.rpm i386: libpng-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.i686.rpm x86_64: libpng-1.2.46-2.el6_2.i686.rpm libpng-1.2.46-2.el6_2.x86_64.rpm libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libpng-1.2.46-2.el6_2.src.rpm i386: libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-devel-1.2.46-2.el6_2.i686.rpm libpng-static-1.2.46-2.el6_2.i686.rpm x86_64: libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.x86_64.rpm libpng-devel-1.2.46-2.el6_2.i686.rpm libpng-devel-1.2.46-2.el6_2.x86_64.rpm libpng-static-1.2.46-2.el6_2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libpng-1.2.46-2.el6_2.src.rpm x86_64: libpng-1.2.46-2.el6_2.i686.rpm libpng-1.2.46-2.el6_2.x86_64.rpm libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libpng-1.2.46-2.el6_2.src.rpm x86_64: libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.x86_64.rpm libpng-devel-1.2.46-2.el6_2.i686.rpm libpng-devel-1.2.46-2.el6_2.x86_64.rpm libpng-static-1.2.46-2.el6_2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libpng-1.2.46-2.el6_2.src.rpm i386: libpng-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-devel-1.2.46-2.el6_2.i686.rpm ppc64: libpng-1.2.46-2.el6_2.ppc.rpm libpng-1.2.46-2.el6_2.ppc64.rpm libpng-debuginfo-1.2.46-2.el6_2.ppc.rpm libpng-debuginfo-1.2.46-2.el6_2.ppc64.rpm libpng-devel-1.2.46-2.el6_2.ppc.rpm libpng-devel-1.2.46-2.el6_2.ppc64.rpm s390x: libpng-1.2.46-2.el6_2.s390.rpm libpng-1.2.46-2.el6_2.s390x.rpm libpng-debuginfo-1.2.46-2.el6_2.s390.rpm libpng-debuginfo-1.2.46-2.el6_2.s390x.rpm libpng-devel-1.2.46-2.el6_2.s390.rpm libpng-devel-1.2.46-2.el6_2.s390x.rpm x86_64: libpng-1.2.46-2.el6_2.i686.rpm libpng-1.2.46-2.el6_2.x86_64.rpm libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.x86_64.rpm libpng-devel-1.2.46-2.el6_2.i686.rpm libpng-devel-1.2.46-2.el6_2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libpng-1.2.46-2.el6_2.src.rpm i386: libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-static-1.2.46-2.el6_2.i686.rpm ppc64: libpng-debuginfo-1.2.46-2.el6_2.ppc64.rpm libpng-static-1.2.46-2.el6_2.ppc64.rpm s390x: libpng-debuginfo-1.2.46-2.el6_2.s390x.rpm libpng-static-1.2.46-2.el6_2.s390x.rpm x86_64: libpng-debuginfo-1.2.46-2.el6_2.x86_64.rpm libpng-static-1.2.46-2.el6_2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libpng-1.2.46-2.el6_2.src.rpm i386: libpng-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-devel-1.2.46-2.el6_2.i686.rpm x86_64: libpng-1.2.46-2.el6_2.i686.rpm libpng-1.2.46-2.el6_2.x86_64.rpm libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-debuginfo-1.2.46-2.el6_2.x86_64.rpm libpng-devel-1.2.46-2.el6_2.i686.rpm libpng-devel-1.2.46-2.el6_2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libpng-1.2.46-2.el6_2.src.rpm i386: libpng-debuginfo-1.2.46-2.el6_2.i686.rpm libpng-static-1.2.46-2.el6_2.i686.rpm x86_64: libpng-debuginfo-1.2.46-2.el6_2.x86_64.rpm libpng-static-1.2.46-2.el6_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-3026.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Symantec Products KeyView File Processing Vulnerabilities SECUNIA ADVISORY ID: SA51365 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51365/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51365 RELEASE DATE: 2012-11-21 DISCUSS ADVISORY: http://secunia.com/advisories/51365/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51365/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51365 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Symantec has acknowledged some vulnerabilities in multiple products, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA51362 The vulnerabilities are reported in the following products: * Symantec Mail Security for Microsoft Exchange (SMSMSE) versions 6.5.x * Symantec Mail Security for Domino (SMSDOM) versions 8.1.x * Symantec Messaging Gateway (SMG) versions 9.5.x * Symantec Data Loss Prevention(DLP) Enforce/Detection Servers for Windows versions 11.x * Symantec Data Loss Prevention Enforce/Detection Servers for Linux versions 11.x * Symantec Data Loss Prevention Endpoint Agents versions 11.x SOLUTION: Update of upgrade to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: Symantec: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121120_00 US-CERT: http://www.kb.cert.org/vuls/id/849841 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 14 affected packages Description =========== Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround ========== There is no known workaround at this time. Resolution ========== All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" All users of the Mozilla Firefox binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" All users of the Mozilla Thunderbird binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" All Mozilla SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1" All users of the Mozilla SeaMonkey binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14" All NSS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14" The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: # emerge --unmerge "www-client/icecat" Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner" Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner-bin" References ========== [ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-19-1 iOS 6 iOS 6 is now available and addresses the following: CFNetwork Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. CFNetwork may send requests to an incorrect hostname, resulting in the disclosure of sensitive information. This issue was addressed through improvements to URL handling. CVE-ID CVE-2012-3724 : Erling Ellingsen of Facebook CoreGraphics Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in FreeType Description: Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 CoreMedia Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access existed in the handling of Sorenson encoded movie files. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3722 : Will Dormann of the CERT/CC DHCP Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed Description: Upon connecting to a Wi-Fi network, iOS may broadcast MAC addresses of previously accessed networks per the DNAv4 protocol. This issue was addressed by disabling DNAv4 on unencrypted Wi-Fi networks. CVE-ID CVE-2012-3725 : Mark Wuergler of Immunity, Inc. ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue was addressed by updating libtiff to version 3.9.5. CVE-ID CVE-2011-1167 ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. CVE-ID CVE-2011-3026 : Juri Aedla CVE-2011-3048 CVE-2011-3328 ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in ImageIO's handling of JPEG images. This issue was addressed through improved memory management. CVE-ID CVE-2012-3726 : Phil of PKJE Consulting ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in libTIFF's handling of TIFF images. This issue was addressed through improved validation of TIFF images. CVE-ID CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day Initiative International Components for Unicode Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the handling of ICU locale IDs. This issue was addressed through improved bounds checking. CVE-ID CVE-2011-4599 IPSec Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution Description: A buffer overflow existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. CVE-ID CVE-2012-3727 : iOS Jailbreak Dream Team Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: An invalid pointer dereference issue existed in the kernel's handling of packet filter ioctls. This may allow an attacker to alter kernel memory. This issue was addressed through improved error handling. CVE-ID CVE-2012-3728 : iOS Jailbreak Dream Team Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to determine kernel memory layout Description: An uninitialized memory access issue existed in the Berkeley Packet Filter interpreter, which led to the disclosure of memory content. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3729 : Dan Rosenberg libxml Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches. CVE-ID CVE-2011-1944 : Chris Evans of Google Chrome Security Team CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-3919 : Juri Aedla Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Mail may present the wrong attachment in a message Description: A logic issue existed in Mail's handling of attachments. If a subsequent mail attachment used the same Content-ID as a previous one, the previous attachment would be displayed, even in the case where the 2 mails originated from different senders. This could facilitate some spoofing or phishing attacks. This issue was addressed through improved handling of attachments. CVE-ID CVE-2012-3730 : Angelo Prado of the salesforce.com Product Security Team Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Email attachments may be read without user's passcode Description: A logic issue existed in Mail's use of Data Protection on email attachments. This issue was addressed by properly setting the Data Protection class for email attachments. CVE-ID CVE-2012-3731 : Stephen Prairie of Travelers Insurance, Erich Stuntebeck of AirWatch Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker may spoof the sender of a S/MIME signed message Description: S/MIME signed messages displayed the untrusted 'From' address, instead of the name associated with the message signer's identity. This issue was addressed by displaying the address associated with the message signer's identity when it is available. CVE-ID CVE-2012-3732 : An anonymous researcher Messages Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user may unintentionally disclose the existence of their email addresses Description: When a user had multiple email addresses associated with iMessage, replying to a message may have resulted in the reply being sent from a different email address. This may disclose another email address associated to the user's account. This issue was addressed by always replying from the email address the original message was sent to. CVE-ID CVE-2012-3733 : Rodney S. Foley of Gnomesoft, LLC Office Viewer Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Unencrypted document data may be written to a temporary file Description: An information disclosure issue existed in the support for viewing Microsoft Office files. When viewing a document, the Office Viewer would write a temporary file containing data from the viewed document to the temporary directory of the invoking process. For an application that uses data protection or other encryption to protect the user's files, this could lead to information disclosure. This issue was addressed by avoiding creation of temporary files when viewing Office documents. CVE-ID CVE-2012-3734 : Salvatore Cataudella of Open Systems Technologies OpenGL Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of GLSL compilation. These issues were addressed through improved validation of GLSL shaders. CVE-ID CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device could briefly view the last used third-party app on a locked device Description: A logic issue existed with the display of the "Slide to Power Off" slider on the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3735 : Chris Lawrence DBB Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A logic issue existed in the termination of FaceTime calls from the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3736 : Ian Vitek of 2Secure AB Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: All photos may be accessible at the lock screen Description: A design issue existed in the support for viewing photos that were taken at the lock screen. In order to determine which photos to permit access to, the passcode lock consulted the time at which the device was locked and compared it to the time that a photo was taken. By spoofing the current time, an attacker could gain access to photos that were taken before the device was locked. This issues was addressed by explicitly keeping track of the photos that were taken while the device was locked. CVE-ID CVE-2012-3737 : Ade Barkah of BlueWax Inc. Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to a locked device may perform FaceTime calls Description: A logic issue existed in the Emergency Dialer screen, which permitted FaceTime calls via Voice Dialing on the locked device. This could also disclose the user's contacts via contact suggestions. This issue was addressed by disabling Voice Dialing on the Emergency Dialer screen. CVE-ID CVE-2012-3738 : Ade Barkah of BlueWax Inc. Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: Using the camera from the screen lock could in some cases interfere with automatic lock functionality, allowing a person with physical access to the device to bypass the Passcode Lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3739 : Sebastian Spanninger of the Austrian Federal Computing Centre (BRZ) Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A state management issue existed in the handling of the screen lock. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3740 : Ian Vitek of 2Secure AB Restrictions Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user may be able to make purchases without entering Apple ID credentials Description: After disabling Restrictions, iOS may not ask for the user's password during a transaction. This issue was addressed by additional enforcement of purchase authorization. CVE-ID CVE-2012-3741 : Kevin Makens of Redwood High School Safari Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Websites may use characters with an appearance similar to the lock icon in their titles Description: Websites could use a Unicode character to create a lock icon in the page title. This icon was similar in appearance to the icon used to indicate a secure connection, and could have lead the user to believe a secure connection had been established. This issue was addressed by removing these characters from page titles. CVE-ID CVE-2012-3742 : Boku Kihara of Lepidum Safari Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Passwords may autocomplete even when the site specifies that autocomplete should be disabled Description: Password input elements with the autocomplete attribute set to "off" were being autocompleted. This issue was addressed through improved handling of the autocomplete attribute. CVE-ID CVE-2012-0680 : Dan Poltawski of Moodle System Logs Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Sandboxed apps may obtain system log content Description: Sandboxed apps had read access to /var/log directory, which may allow them to obtain sensitive information contained in system logs. This issue was addressed by denying sandboxed apps access to the /var/log directory. CVE-ID CVE-2012-3743 Telephony Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An SMS message may appear to have been sent by an arbitrary user Description: Messages displayed the return address of an SMS message as the sender. Return addresses may be spoofed. This issue was addressed by always displaying the originating address instead of the return address. CVE-ID CVE-2012-3744 : pod2g Telephony Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An SMS message may disrupt cellular connectivity Description: An off-by-one buffer overflow existed in the handling of SMS user data headers. This issue was addressed through improved bounds checking. CVE-ID CVE-2012-3745 : pod2g UIKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker that gains access to a device's filesystem may be able to read files that were being displayed in a UIWebView Description: Applications that use UIWebView may leave unencrypted files on the file system even when a passcode is enabled. This issue was addressed through improved use of data protection. CVE-ID CVE-2012-3746 : Ben Smith of Box WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2011-3016 : miaubiz CVE-2011-3021 : Arthur Gerkis CVE-2011-3027 : miaubiz CVE-2011-3032 : Arthur Gerkis CVE-2011-3034 : Arthur Gerkis CVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur Gerkis CVE-2011-3036 : miaubiz CVE-2011-3037 : miaubiz CVE-2011-3038 : miaubiz CVE-2011-3039 : miaubiz CVE-2011-3040 : miaubiz CVE-2011-3041 : miaubiz CVE-2011-3042 : miaubiz CVE-2011-3043 : miaubiz CVE-2011-3044 : Arthur Gerkis CVE-2011-3050 : miaubiz CVE-2011-3053 : miaubiz CVE-2011-3059 : Arthur Gerkis CVE-2011-3060 : miaubiz CVE-2011-3064 : Atte Kettunen of OUSPG CVE-2011-3068 : miaubiz CVE-2011-3069 : miaubiz CVE-2011-3071 : pa_kt working with HP's Zero Day Initiative CVE-2011-3073 : Arthur Gerkis CVE-2011-3074 : Slawomir Blazek CVE-2011-3075 : miaubiz CVE-2011-3076 : miaubiz CVE-2011-3078 : Martin Barbella of the Google Chrome Security Team CVE-2011-3081 : miaubiz CVE-2011-3086 : Arthur Gerkis CVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz CVE-2011-3090 : Arthur Gerkis CVE-2011-3105 : miaubiz CVE-2011-3913 : Arthur Gerkis CVE-2011-3924 : Arthur Gerkis CVE-2011-3926 : Arthur Gerkis CVE-2011-3958 : miaubiz CVE-2011-3966 : Aki Helin of OUSPG CVE-2011-3968 : Arthur Gerkis CVE-2011-3969 : Arthur Gerkis CVE-2011-3971 : Arthur Gerkis CVE-2012-0682 : Apple Product Security CVE-2012-0683 : Dave Mandelin of Mozilla CVE-2012-1520 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2012-2818 : miaubiz CVE-2012-3589 : Dave Mandelin of Mozilla CVE-2012-3590 : Apple Product Security CVE-2012-3591 : Apple Product Security CVE-2012-3592 : Apple Product Security CVE-2012-3593 : Apple Product Security CVE-2012-3594 : miaubiz CVE-2012-3595 : Martin Barbella of Google Chrome Security CVE-2012-3596 : Skylined of the Google Chrome Security Team CVE-2012-3597 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3598 : Apple Product Security CVE-2012-3599 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3600 : David Levin of the Chromium development community CVE-2012-3601 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer CVE-2012-3602 : miaubiz CVE-2012-3603 : Apple Product Security CVE-2012-3604 : Skylined of the Google Chrome Security Team CVE-2012-3605 : Cris Neckar of the Google Chrome Security team CVE-2012-3608 : Skylined of the Google Chrome Security Team CVE-2012-3609 : Skylined of the Google Chrome Security Team CVE-2012-3610 : Skylined of the Google Chrome Security Team CVE-2012-3611 : Apple Product Security CVE-2012-3612 : Skylined of the Google Chrome Security Team CVE-2012-3613 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3614 : Yong Li of Research In Motion, Inc. CVE-2012-3615 : Stephen Chenney of the Chromium development community CVE-2012-3617 : Apple Product Security CVE-2012-3618 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3620 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3624 : Skylined of the Google Chrome Security Team CVE-2012-3625 : Skylined of Google Chrome Security Team CVE-2012-3626 : Apple Product Security CVE-2012-3627 : Skylined and Abhishek Arya (Inferno) of Google Chrome Security team CVE-2012-3628 : Apple Product Security CVE-2012-3629 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3630 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3631 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3633 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3634 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3635 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3636 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3637 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3638 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3639 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3640 : miaubiz CVE-2012-3641 : Slawomir Blazek CVE-2012-3642 : miaubiz CVE-2012-3644 : miaubiz CVE-2012-3645 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3646 : Julien Chaffraix of the Chromium development community, Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3647 : Skylined of the Google Chrome Security Team CVE-2012-3648 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3651 : Abhishek Arya (Inferno) and Martin Barbella of the Google Chrome Security Team CVE-2012-3652 : Martin Barbella of Google Chrome Security Team CVE-2012-3653 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3655 : Skylined of the Google Chrome Security Team CVE-2012-3656 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3658 : Apple CVE-2012-3659 : Mario Gomes of netfuzzer.blogspot.com, Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3660 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3661 : Apple Product Security CVE-2012-3663 : Skylined of Google Chrome Security Team CVE-2012-3664 : Thomas Sepez of the Chromium development community CVE-2012-3665 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3666 : Apple CVE-2012-3667 : Trevor Squires of propaneapp.com CVE-2012-3668 : Apple Product Security CVE-2012-3669 : Apple Product Security CVE-2012-3670 : Abhishek Arya (Inferno) of the Google Chrome Security Team, Arthur Gerkis CVE-2012-3671 : Skylined and Martin Barbella of the Google Chrome Security Team CVE-2012-3672 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3673 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3674 : Skylined of Google Chrome Security Team CVE-2012-3676 : Julien Chaffraix of the Chromium development community CVE-2012-3677 : Apple CVE-2012-3678 : Apple Product Security CVE-2012-3679 : Chris Leary of Mozilla CVE-2012-3680 : Skylined of Google Chrome Security Team CVE-2012-3681 : Apple CVE-2012-3682 : Adam Barth of the Google Chrome Security Team CVE-2012-3683 : wushi of team509 working with iDefense VCP CVE-2012-3684 : kuzzcc CVE-2012-3686 : Robin Cao of Torch Mobile (Beijing) CVE-2012-3703 : Apple Product Security CVE-2012-3704 : Skylined of the Google Chrome Security Team CVE-2012-3706 : Apple Product Security CVE-2012-3708 : Apple CVE-2012-3710 : James Robinson of Google CVE-2012-3747 : David Bloom of Cue WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of CSS property values. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-3691 : Apple WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious website may be able to replace the contents of an iframe on another site Description: A cross-origin issue existed in the handling of iframes in popup windows. This issue was addressed through improved origin tracking. CVE-ID CVE-2011-3067 : Sergey Glazunov WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of iframes and fragment identifiers. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt, and Dan Boneh of the Stanford University Security Laboratory WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Look-alike characters in a URL could be used to masquerade a website Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could have been used to create a URL which contains look-alike characters. These could have been used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue was addressed by supplementing WebKit's list of known look-alike characters. Look- alike characters are rendered in Punycode in the address bar. CVE-ID CVE-2012-3693 : Matt Cooley of Symantec WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of URLs. This may have led to cross-site scripting on sites which use the location.href property. This issue was addressed through improved canonicalization of URLs. CVE-ID CVE-2012-3695 : Masato Kinugawa WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to HTTP request splitting Description: An HTTP header injection issue existed in the handling of WebSockets. This issue was addressed through improved WebSockets URI sanitization. CVE-ID CVE-2012-3696 : David Belcher of the BlackBerry Security Incident Response Team WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A maliciously crafted website may be able to spoof the value in the URL bar Description: A state management issue existed in the handling of session history. Navigations to a fragment on the current page may cause Safari to display incorrect information in the URL bar. This issue was addressed through improved session state tracking. CVE-ID CVE-2011-2845 : Jordi Chancel WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the disclosure of the disclosure of memory contents Description: An uninitialized memory access issue existed in the handling of SVG images. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3650 : Apple Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "6.0". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQWeYHAAoJEPefwLHPlZEwFlwP/1Ib/2m8K7orlPb3zmsKTyjo 3T0rFqu1LbXNzwLRhan7E7KiJoQ7U6yVO4045o/19AYZM+zGVNnHsCkUc3+Vcpa5 TZIM9Rik2iXKMxzttFfc5tvhE1u18PstsDLU/jvyW+s3XxMVL54wnSmW1R+P0de0 8+Q++IANogUj+scJzQkTaFDNDN5v1p0BT0+cifCcqktXB4H/PoaQ7drIWiDGYB/9 n4IL5AjM0BJBzWkldfjPimZ0BseSA0BxdeVCopmAgdnigyB60G4cWGzkU7E35VnP dWgdU9rnIIvGGe/vP912f7AoPtWs1b8n6DYCJgGRXvaRfPoHFUlXaRoVB6vJlMVs JXyMrw/RSDfYEgJdNbFOSxyJXHUkTkt4+aNW4KcoMR6raI/W5zKDyMEICw1wpkwP id6Dz4e6ncf+cfvAFqXpk02OC7iJqn71IJN2MvU/hC7797l++PINIoOHwJZolt+T xL3wV8p3Lk8K6lZx3Q9Tu6Dd7GYkxtjLCgV1NgdHOwPKDUOJ47oG6RjZAd6hpicp RqYXbk5bJpd3nZv+X6FrCZqGfeuwREWW7FJ0dI+/8ohlnisTz16f48W9FtuN3HIj bmxFJ46P4LGxrizwDSdBngxf3Utkh+7hGLuMH51/jR8+tCqDIEgpKBA+2F+IOmyP XtT4lS60xKz63YSg79dd =LvMt -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4 Impact: Multiple vulnerabilities in Apache Description: Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at http://httpd.apache.org/. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 BIND Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4 Impact: A remote attacker may be able to cause a denial of service in systems configured to run BIND as a DNS nameserver Description: A reachable assertion issue existed in the handling of DNS records. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2011-4313 BIND Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1 Impact: A remote attacker may be able to cause a denial of service, data corruption, or obtain sensitive information from process memory in systems configured to run BIND as a DNS nameserver Description: A memory management issue existed in the handling of DNS records. This issue was addressed by updating to BIND 9.7.6-P1 on OS X Lion systems, and BIND 9.8.3-P1 on OS X Mountain Lion systems. This issue does not affect Mac OS X v10.6 or OS X Mountain Lion systems. CVE-ID CVE-2012-3716 : Jesse Ruderman of Mozilla Corporation Data Security Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1 Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: TrustWave, a trusted root CA, has issued, and subsequently revoked, a sub-CA certificate from one of its trusted anchors. This sub-CA facilitated the interception of communications secured by Transport Layer Security (TLS). This update adds the involved sub-CA certificate to OS X's list of untrusted certificates. This issue does not affect OS X Lion and Mountain Lion systems. These issues do not affect OS X Mountain Lion systems. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day Initiative Installer Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4 Impact: Remote admins and persons with physical access to the system may obtain account information Description: The fix for CVE-2012-0652 in OS X Lion 10.7.4 prevented user passwords from being recorded in the system log, but did not remove the old log entries. This issue does not affect Mac OS X 10.6 or OS X Mountain Lion systems. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2011-4599 Kernel Available for: OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2012-0643 : iOS Jailbreak Dream Team LoginWindow Available for: OS X Mountain Lion v10.8 and v10.8.1 Impact: A local user may be able to obtain other user's login passwords Description: A user-installed input method could intercept password keystrokes from Login Window or Screen Saver Unlock. CVE-ID CVE-2012-3718 : An anonymous researcher Mail Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4 Impact: Viewing an e-mail message may lead to execution of web plugins Description: An input validation issue existed in Mail's handling of embedded web plugins. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2012-3719 : Will Dormann of the CERT/CC Mobile Accounts Available for: OS X Mountain Lion v10.8 and v10.8.1 Impact: A user with access to the contents of a mobile account may obtain the account password Description: Creating a mobile account saved a hash of the password in the account, which was used to login when the mobile account was used as an external account. The password hash could be used to determine the user's password. This issue was addressed by creating the password hash only if external accounts are enabled on the system where the mobile account is created. CVE-ID CVE-2012-3720 : Harald Wagener of Google, Inc. PHP Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1 Impact: Multiple vulnerabilities in PHP Description: >PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2011-3048 Profile Manager Available for: OS X Lion Server v10.7 to v10.7.4 Impact: An unauthenticated user could enumerate managed devices Description: An authentication issue existed in the Device Management private interface. This issue does not affect OS X Mountain Lion systems. This issue does not affect OS X Mountain Lion systems. This issue does not affect OS X Mountain Lion systems. This issue does not affect OS X Mountain Lion systems. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative Ruby Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. The Ruby OpenSSL module disabled the 'empty fragment' countermeasure which prevented these attacks. This issue does not affect OS X Mountain Lion systems. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2012-3723 : Andy Davis of NGS Secure Note: OS X Mountain Lion v10.8.2 includes the content of Safari 6.0.1. Only one is needed, either OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 or Security Update 2012-004. For OS X Mountain Lion v10.8.1 The download file is named: OSXUpd10.8.2.dmg Its SHA-1 digest is: d6779e1cc748b78af0207499383b1859ffbebe33 For OS X Mountain Lion v10.8 The download file is named: OSXUpdCombo10.8.2.dmg Its SHA-1 digest is: b08f10233d362e39f20b69f91d1d73f5e7b68a2c For OS X Lion v10.7.4 The download file is named: MacOSXUpd10.7.5.dmg Its SHA-1 digest is: e0a9582cce9896938a7a541bd431862d93893532 For OS X Lion v10.7 and v10.7.3 The download file is named: MacOSXUpdCombo10.7.5.dmg Its SHA-1 digest is: f7a26b164fa10dae4fe646e57b01c34a619c8d9b For OS X Lion Server v10.7.4 The download file is named: MacOSXServerUpd10.7.5.dmg Its SHA-1 digest is: a891b03bfb4eecb745c0c39a32f39960fdb6796a For OS X Lion Server v10.7 and v10.7.3 The download file is named: MacOSXServerUpdCombo10.7.5.dmg Its SHA-1 digest is: df6e1748ab0a3c9e05c890be49d514673efd965e For Mac OS X v10.6.8 The download file is named: SecUpd2012-004.dmg Its SHA-1 digest is: 5b136e29a871d41012f0c6ea1362d6210c8b4fb7 For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2012-004.dmg Its SHA-1 digest is: 9b24496be15078e58a88537700f2f39c112e3b28 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQWhlbAAoJEPefwLHPlZEwwjwQAKrpQlZh1B2mkSTLxR7QZg6e Qm7SmIZL9sjl5gQkTxoAvOGxJ8uRdYPlJ1IpyU/MbK0GqO53KmFSeKkwCnvLKMaW pc6tiFaQ4zV4LEAwBAFEuqCsMyPEJqKDhYXl2cHQmWfAlrLCyCKfzGLy2mY2UnkE DQC2+ys70DChFv2GzyXlibBXAGMKDygJ5dVKynsi1ceZLYWbUJoGwlUtXPylBpnO QyGWXmEloPbhK6HJbKMNacuDdVcb26pvIeFiivkTSxPVlZ3ns2tAwEyvHrzA9O4n 7rQ6jvfDbguOZmM5sPFvVKBw2GVDBNU+G3T8ouIXhk6Pjhr4in8VFCb8MIMLb8hm 7YYn2z1TzKTNmUuYbwe6ukQvf57cPuW0bAvslbl6PgrzqorlNPU4rDoSvPrJx/RO BOYkcxfirevHDGibfkeqXPjL3h+bVrb1USZpAv+ZOAy0M89SHFcvMtpAhxnoGiV5 w4EyKB+9Yi/CSAk2Ne3Y5kHH7/v3pWV68aJwhVirya7ex3vnJ+M+lRLKSm2BUjL3 +9fykrJBDujFDXoCmK5CN5Wx36DSVZ4VO1h635crotudtcvd+LQ2VHma/Chav5wK q5SSllf4KEownpx6o/qTxpg5tcC4lvgTcsDHlYcNq2s8KTTjmOden8ar4h7M7QD2 xyBfrQfG/dsif6jGHaot =8joH -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-1367-1 February 16, 2012 libpng vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: libpng could be made to crash or run programs as your login if it opened a specially crafted file. This issue only affected Ubuntu 8.04 LTS. (CVE-2009-5063) Jueri Aedla discovered that libpng did not properly verify the size used when allocating memory during chunk decompression. (CVE-2011-3026) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libpng12-0 1.2.46-3ubuntu1.1 Ubuntu 11.04: libpng12-0 1.2.44-1ubuntu3.2 Ubuntu 10.10: libpng12-0 1.2.44-1ubuntu0.2 Ubuntu 10.04 LTS: libpng12-0 1.2.42-1ubuntu2.3 Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.5 After a standard system update you need to restart your session to make all the necessary changes
var-201806-1468 An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a persistent device identifier. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. The following products and versions are affected: Apple iOS prior to 11.4; Safari prior to 11.1.1; Windows-based iCloud prior to 7.5; Windows-based iTunes prior to 12.7.5; tvOS prior to 11.4; watchOS 4.3. 1 previous version. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-23-2 Additional information for APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and Security Update 2018-003 El Capitan address the following: Accessibility Framework Available for: macOS High Sierra 10.13.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An information disclosure issue existed in Accessibility Framework. CVE-2018-4196: G. CVE-2018-4253: shrek_wzw of Qihoo 360 Nirvan Team apache_mod_php Available for: macOS High Sierra 10.13.4 Impact: Issues in php were addressed in this update Description: This issue was addressed by updating to php version 7.1.16. CVE-2018-4219: Mohamed Ghannam (@_simo36) Bluetooth Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: A malicious application may be able to determine kernel memory layout. Description: An information disclosure issue existed in device properties. CVE-2018-4171: shrek_wzw of Qihoo 360 Nirvan Team Bluetooth Available for: MacBook Pro (Retina, 15-inch, Mid 2015), MacBook Pro (Retina, 15-inch, 2015), MacBook Pro (Retina, 13-inch, Early 2015), MacBook Pro (15-inch, 2017), MacBook Pro (15-inch, 2016), MacBook Pro (13-inch, Late 2016, Two Thunderbolt 3 Ports), MacBook Pro (13-inch, Late 2016, Four Thunderbolt 3 Ports), MacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports), MacBook (Retina, 12-inch, Early 2016), MacBook (Retina, 12-inch, Early 2015), MacBook (Retina, 12-inch, 2017), iMac Pro, iMac (Retina 5K, 27-inch, Late 2015), iMac (Retina 5K, 27-inch, 2017), iMac (Retina 4K, 21.5-inch, Late 2015), iMac (Retina 4K, 21.5-inch, 2017), iMac (21.5-inch, Late 2015), and iMac (21.5-inch, 2017) Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team Grand Central Dispatch Available for: macOS High Sierra 10.13.4 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An issue existed in parsing entitlement plists. The issue appears to be from an undocumented side effect of the instructions. An attacker might utilize this exception handling to gain access to Ring 0 and access sensitive memory or control operating system processes. CVE-2018-4226: Abraham Masri (@cheesecakeufo) Speech Available for: macOS High Sierra 10.13.4 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A sandbox issue existed in the handling of microphone access. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-06-01-4 iOS 11.4 iOS 11.4 addresses the following: Bluetooth Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4215: Abraham Masri (@cheesecakeufo) Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted vcf file may lead to a denial of service Description: A validation issue existed in the handling of phone numbers. This issue was addressed with improved validation of phone numbers. CVE-2018-4100: Abraham Masri (@cheesecakeufo) FontParser Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to spoof password prompts in iBooks Description: An input validation issue was addressed with improved input validation. CVE-2018-4202: Jerry Decime Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4249: Kevin Backhouse of Semmle Ltd. Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2018-4241: Ian Beer of Google Project Zero CVE-2018-4243: Ian Beer of Google Project Zero libxpc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved validation. CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative Magnifier Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen Description: A permissions issue existed in Magnifier. This was addressed with additional permission checks. CVE-2018-4239: an anonymous researcher Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exfiltrate the contents of S/MIME-encrypted e-mail Description: An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to conduct impersonation attacks Description: An injection issue was addressed with improved input validation. CVE-2018-4235: Anurodh Pokharel of Salesforce.com Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted message may lead to a denial of service Description: This issue was addressed with improved message validation. CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to cause a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise Solutions Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent account identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4223: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Users may be tracked by malicious websites using client certificates Description: An issue existed in the handling of S-MIME certificaties. This issue was addressed with improved validation of S-MIME certificates. CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent device identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4224: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to modify the state of the Keychain Description: An authorization issue was addressed with improved state management. CVE-2018-4225: Abraham Masri (@cheesecakeufo) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to view sensitive user information Description: An authorization issue was addressed with improved state management. CVE-2018-4226: Abraham Masri (@cheesecakeufo) Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to enable Siri from the lock screen Description: An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can BIKMAZ (@CanBkmaz) of Mustafa Kemal University Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn) Siri Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker with physical access to a device may be able to see private contact information Description: An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4244: an anonymous researcher UIKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A validation issue existed in the handling of text. This issue was addressed with improved validation of text. CVE-2018-4198: Hunter Byrnes WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4201: an anonymous researcher CVE-2018-4218: Natalie Silvanovich of Google Project Zero CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. CVE-2018-4232: an anonymous researcher, Aymeric Chaib WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A race condition was addressed with improved locking. CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4214: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4246: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may leak sensitive data Description: Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. CVE-2018-4190: Jun Kokatsu (@shhnjk) WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4222: Natalie Silvanovich of Google Project Zero Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 11.4". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEWpnGpHhyhjM9LuGIyxcaHpDFUHMFAlsRa1ApHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQyxcaHpDFUHObHBAA jBRwdrK3Eks7V798k16MQFOvlqkofZWO3D+Qxb5OSzxixGy0r/vml78tnerJ546C p9UrL/1IxH1PERiWevubg6nbWFstBrOhY0FWLiope9oLAMB92iMM/7a+O/6EHjOc 9p6Y/Bud0OwFHEoJmN4HLGMUubm1uTAdalXSmfanxuFvjpxAeczYvW/+wAblOnHr KfclXy68dfUlW0NMP0kbQwnk1lVrb8QKEeayYli19c8zSVC38eYyKYZwhRC37yWT ViBRSz9zVvgJQKX4JgjV6cRO3uIFZX+sksr6VdMM0nHjsTUT6Mc+IAe9Is3YlJCO x0H8+WeloeKrwNDs60Grz7tRNVpevIlInLEQJkuoOD3niWqzt0Q40IzCNlgd8FBv ZB5iencgWy/ObRJSgoOq29EIlt+KEb9nSJx3h6kByo0ZxYhSVrDm44cHzCF0+/zN vY4XR3hJpc1S3ySiSkWHIhqjPAEP7cb/D7Az/5SGgle8cklem5haOdzAkeOHnzim laKEg+F3vue6W+n9iv0x0byVBhC5Xr1iNuRh7+uor5TIVPR2s4moWOWvyTruG2Kk RLlL700y2OZl/04nTgxxShCwLygXiKd07nuFIh4fKiMcGw31HKx1Choof6sPHqzo Grg2dx9YQXTCTIsdDNG581MIwzVvJPLSM5OeNsHQEd0= =7ZCv -----END PGP SIGNATURE----- . Alternatively, on your watch, select "My Watch > General > About"
var-201110-0321 FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. Free Type is prone to multiple memory corruption vulnerabilities. Successfully exploiting these issues will allow attackers to execute arbitrary code. Failed exploit attempts may cause denial-of-service conditions. NOTE: This issue was previously discussed in BID 50086 (Apple iPhone/iPad/iPod touch Prior to iOS 5 Multiple Vulnerabilities) but has been given its own record to better document it. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. A code injection vulnerability exists in FreeType of Apple's CoreGraphics versions prior to iOS 5. ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46377 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46377/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46377 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46377/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46377/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46377 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to disclose certain information and by malicious people to conduct script insertion, cross-site scripting, and spoofing attacks, disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a user's device. 1) An error within the CalDAV component does not properly validate the SSL certificate when synchronizing the calendar, which can be exploited to disclose encrypted information e.g. using a Man-in-the-Middle (MitM) attack. 2) Input passed via invitation notes is not properly sanitised in Calendar before being returned to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious invitation is being viewed. 3) The CFNetwork component stores a user's AppleID password and username in the log file readable by applications, which can be exploited to disclose the credentials. 4) The CFNetwork component does not properly restrict cross-domain access of HTTP cookies, which can be exploited to access the cookies of another web site. 5) An error exists within CoreFoundation when handling string tokenization. For more information see vulnerability #1 in: SA46339 6) Multiple errors within CoreGraphics when handling the certain freetype fonts can be exploited to corrupt memory. 7) An error within CoreMedia does not properly handle cross-site redirects and can be exploited to disclose video data. 8) An error exits within the Data Access component when handling multiple accounts configured on the same server and can be exploited to disclose the cookie of another account. 9) The application accepts X.509 certificates with MD5 hashes, which could lead to weak cryptographic certificates being used. This can be exploited to disclose encrypted information e.g. using a Man-in-the-Middle (MitM) attack. 10) A design error exists within the implementation of SSL 3.0 and TLS 1.0 protocols. For more information: SA46168 11) An error within ImageIO when handling CCITT Group 4 encoded TIFF files can be exploited to cause a buffer overflow. For more information see vulnerability #1 in: SA43593 12) An error in ImageIO within the handling of CCITT Group 4 encoded TIFF image files can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #9 in: SA45325 13) An error within ICU (International Components for Unicode) can be exploited to cause a buffer overflow. For more information see vulnerability #11 in: SA45054 14) An error within the kernel does not reclaim memory from incomplete TCP connections, which can be exploited to exhaust system resources by connecting to a listening service and cause the device to reset. 15) A NULL-pointer dereference error within the kernel when handling IPv6 socket options can be exploited to cause the device to reset. 16) An error within libxml can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #12 in: SA45325 17) An error within OfficeImport when viewing certain Microsoft Word files can be exploited to cause a buffer overflow. 18) An error within OfficeImport when viewing certain Microsoft Excel files can be exploited to cause a buffer overflow. 19) An indexing error exists in the OfficeImport framework when processing certain records in a Microsoft Word file. For more information see vulnerability #19 in: SA45054 20) An error in the OfficeImport framework when processing records can be exploited to corrupt memory. For more information see vulnerability #28 in: SA43814 21) An error within Safari does not properly handle the "attachment" HTTP Content-Disposition header and can be exploited to conduct cross-site scripting attacks. 22) The parental restrictions feature stores the restrictions passcode in plaintext on disk and can be exploited to disclose the passcode. 23) An error within UIKit does not properly handle "tel:" URIs and can be exploited to cause the device to hang by tricking the user into visiting a malicious website. 24) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit. For more information: SA43519 SA43683 SA43696 SA43859 SA45097 SA45325 SA45325 SA45498 SA45498 SA46339 SA46412 25) The WiFi credentials are stored in a file readable by other applications, which may lead to the credentials being disclosed. PROVIDED AND/OR DISCOVERED BY: 1) Leszek Tasiemski, nSense. 6, 9) Reported by the vendor. The vendor credits: 2) Rick Deacon 3) Peter Quade, qdevelop 4) Erling Ellingsen, Facebook. 7) Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR) 8) Bob Sielken, IBM 14) Wouter van der Veer, Topicus and Josh Enders 15) Thomas Clement, Intego 17) Tobias Klein via iDefense. 18) Tobias Klein, www.trapkit.de 21) Christian Matthies via iDefense and Yoshinori Oota, Business Architects via JP/CERT. 22) An anonymous person 23) Simon Young, Anglia Ruskin University 25) Laurent OUDOT, TEHTRI Security ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4999 nSense: http://www.nsense.fi/advisories/nsense_2011_006.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For the oldstable distribution (lenny), this problem has been fixed in version 2.3.7-2+lenny7. For the stable distribution (squeeze), this problem has been fixed in version 2.4.2-2.1+squeeze2. For the unstable distribution (sid), this problem has been fixed in version 2.4.7-1. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/freetype < 2.4.8 >= 2.4.8 Description =========== Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All FreeType users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.4.8" References ========== [ 1 ] CVE-2010-1797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1797 [ 2 ] CVE-2010-2497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2497 [ 3 ] CVE-2010-2498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2498 [ 4 ] CVE-2010-2499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2499 [ 5 ] CVE-2010-2500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2500 [ 6 ] CVE-2010-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2519 [ 7 ] CVE-2010-2520 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2520 [ 8 ] CVE-2010-2527 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2527 [ 9 ] CVE-2010-2541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2541 [ 10 ] CVE-2010-2805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2805 [ 11 ] CVE-2010-2806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2806 [ 12 ] CVE-2010-2807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2807 [ 13 ] CVE-2010-2808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2808 [ 14 ] CVE-2010-3053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3053 [ 15 ] CVE-2010-3054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3054 [ 16 ] CVE-2010-3311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3311 [ 17 ] CVE-2010-3814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3814 [ 18 ] CVE-2010-3855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3855 [ 19 ] CVE-2011-0226 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0226 [ 20 ] CVE-2011-3256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3256 [ 21 ] CVE-2011-3439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3439 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201201-09.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox (#63892). Additionally, improvements conserning the LZW handling (as noted in the freetype-2.4.7 version) was added. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFOoSQgmqjQ0CJFipgRAu7bAKCNJuDDSIC2BGla3ck+cJp/Kn88ZwCg1jD/ dxu3TlyhMXF4coBC+GcK+2g= =QK6b -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 OS X Lion v10.7.3 and Security Update 2012-001 is now available and addresses the following: Address Book Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker in a privileged network position may intercept CardDAV data Description: Address Book supports Secure Sockets Layer (SSL) for accessing CardDAV. A downgrade issue caused Address Book to attempt an unencrypted connection if an encrypted connection failed. An attacker in a privileged network position could abuse this behavior to intercept CardDAV data. This issue is addressed by not downgrading to an unencrypted connection without user approval. CVE-ID CVE-2011-3444 : Bernard Desruisseaux of Oracle Corporation Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in Apache Description: Apache is updated to version 2.2.21 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at http://httpd.apache.org/ CVE-ID CVE-2011-3348 Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Apache disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by providing a configuration parameter to control the countermeasure and enabling it by default. CVE-ID CVE-2011-3389 CFNetwork Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send the request to an incorrect origin server. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3246 : Erling Ellingsen of Facebook CFNetwork Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3447 : Erling Ellingsen of Facebook ColorSync Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative CoreAudio Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Playing maliciously crafted audio content may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of AAC encoded audio streams. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3252 : Luigi Auriemma working with TippingPoint's Zero Day Initiative CoreMedia Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in CoreMedia's handling of H.264 encoded movie files. CVE-ID CVE-2011-3448 : Scott Stender of iSEC Partners CoreText Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of font files. CVE-ID CVE-2011-3449 : Will Dormann of the CERT/CC CoreUI Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution Description: An unbounded stack allocation issue existed in the handling of long URLs. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3450 : Ben Syverson curl Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A remote server may be able to impersonate clients via GSSAPI requests Description: When doing GSSAPI authentication, libcurl unconditionally performs credential delegation. This issue is addressed by disabling GSSAPI credential delegation. CVE-ID CVE-2011-2192 Data Security Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Two certificate authorities in the list of trusted root certificates have independently issued intermediate certificates to DigiCert Malaysia. DigiCert Malaysia has issued certificates with weak keys that it is unable to revoke. An attacker with a privileged network position could intercept user credentials or other sensitive information intended for a site with a certificate issued by DigiCert Malaysia. This issue is addressed by configuring default system trust settings so that DigiCert Malaysia's certificates are not trusted. We would like to acknowledge Bruce Morton of Entrust, Inc. for reporting this issue. dovecot Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Dovecot disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling the countermeasure. CVE-ID CVE-2011-3389 : Apple filecmds Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Decompressing a maliciously crafted compressed file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the 'uncompress' command line tool. CVE-ID CVE-2011-2895 ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue is address by updating libtiff to version 3.9.5. CVE-ID CVE-2011-1167 ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in libpng 1.5.4 Description: libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-3328 Internet Sharing Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A Wi-Fi network created by Internet Sharing may lose security settings after a system update Description: After updating to a version of OS X Lion prior to 10.7.3, the Wi-Fi configuration used by Internet Sharing may revert to factory defaults, which disables the WEP password. This issue only affects systems with Internet Sharing enabled and sharing the connection to Wi-Fi. This issue is addressed by preserving the Wi-Fi configuration during a system update. CVE-ID CVE-2011-3452 : an anonymous researcher Libinfo Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in Libinfo's handling of hostname lookup requests. Libinfo could return incorrect results for a maliciously crafted hostname. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3441 : Erling Ellingsen of Facebook libresolv Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Applications that use OS X's libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the parsing of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive libsecurity Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Some EV certificates may be trusted even if the corresponding root has been marked as untrusted Description: The certificate code trusted a root certificate to sign EV certificates if it was on the list of known EV issuers, even if the user had marked it as 'Never Trust' in Keychain. The root would not be trusted to sign non-EV certificates. CVE-ID CVE-2011-3422 : Alastair Houghton OpenGL Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of GLSL compilation. CVE-ID CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in PHP 5.3.6 Description: PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at http://www.php.net CVE-ID CVE-2011-1148 CVE-2011-1657 CVE-2011-1938 CVE-2011-2202 CVE-2011-2483 CVE-2011-3182 CVE-2011-3189 CVE-2011-3267 CVE-2011-3268 PHP Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.7. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2011-3256 : Apple PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in libpng 1.5.4 Description: libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-3328 QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Opening a maliciously crafted MP4 encoded file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue existed in the handling of MP4 encoded files. CVE-ID CVE-2011-3458 : Luigi Auriemma and pa_kt both working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in the handling of font tables embedded in QuickTime movie files. CVE-ID CVE-2011-3248 : Luigi Auriemma working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An off by one buffer overflow existed in the handling of rdrf atoms in QuickTime movie files. CVE-ID CVE-2011-3459 : Luigi Auriemma working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted JPEG2000 image file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 files. CVE-ID CVE-2011-3250 : Luigi Auriemma working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Processing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of PNG files. CVE-ID CVE-2011-3460 : Luigi Auriemma working with TippingPoint's Zero Day Initiative QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of FLC encoded movie files CVE-ID CVE-2011-3249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative SquirrelMail Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in SquirrelMail Description: SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at http://www.SquirrelMail.org/ CVE-ID CVE-2010-1637 CVE-2010-2813 CVE-2010-4554 CVE-2010-4555 CVE-2011-2023 Subversion Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Accessing a Subversion repository may lead to the disclosure of sensitive information Description: Subversion is updated to version 1.6.17 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Further information is available via the Subversion web site at http://subversion.tigris.org/ CVE-ID CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 Time Machine Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A remote attacker may access new backups created by the user's system Description: The user may designate a remote AFP volume or Time Capsule to be used for Time Machine backups. Time Machine did not verify that the same device was being used for subsequent backup operations. An attacker who is able to spoof the remote volume could gain access to new backups created by the user's system. This issue is addressed by verifying the unique identifier associated with a disk for backup operations. CVE-ID CVE-2011-3462 : Michael Roitzsch of the Technische Universitat Dresden Tomcat Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Tomcat 6.0.32 Description: Tomcat is updated to version 6.0.33 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at http://tomcat.apache.org/ CVE-ID CVE-2011-2204 WebDAV Sharing Available for: OS X Lion Server v10.7 to v10.7.2 Impact: Local users may obtain system privileges Description: An issue existed in WebDAV Sharing's handling of user authentication. A user with a valid account on the server or one of its bound directories could cause the execution of arbitrary code with system privileges. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3463 : Gordon Davisson of Crywolf Webmail Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted e-mail message may lead to the disclosure of message content Description: A cross-site scripting vulnerability existed in the handling of mail messages. This issue is addressed by updating Roundcube Webmail to version 0.6. This issue does not affect systems prior to OS X Lion. Further information is available via the Roundcube site at http://trac.roundcube.net/ CVE-ID CVE-2011-2937 X11 Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.7. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2011-3256 : Apple OS X Lion v10.7.3 and Security Update 2012-001 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2021-001 or OS X v10.7.3. For OS X Lion v10.7.2 The download file is named: MacOSXUpd10.7.3.dmg Its SHA-1 digest is: 7102fe8f9f47286c45dfa35f6e84e7f730493a7c For OS X Lion v10.7 and v10.7.1 The download file is named: MacOSXUpdCombo10.7.3.dmg Its SHA-1 digest is: 07dfce300f6801eb63d9ac13e0bec84e1862a16c For OS X Lion Server v10.7.2 The download file is named: MacOSXServerUpd10.7.3.dmg Its SHA-1 digest is: 55a9571635d4ec088c142d68132d0d69fcb8867d For OS X Lion Server v10.7 and v10.7.1 The download file is named: MacOSXServerUpdCombo10.7.3.dmg Its SHA-1 digest is: 2c87824f09734499ea166ea0617a3ac21ecf832b For Mac OS X v10.6.8 The download file is named: SecUpd2012-001Snow.dmg Its SHA-1 digest is: 40875ee8cb609bbaefc8f421a9c34cc353db42b8 For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2012-001.dmg Its SHA-1 digest is: 53b3ca5548001a9920aeabed4a034c6e4657fe20 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJPKYxNAAoJEGnF2JsdZQeeLiIIAMLhH2ipDFrhCsw/n4VDeF1V P6jSkGXC9tBBVMvw1Xq4c2ok4SI34bDfMlURAVR+dde/h6nIZR24aLQVoDLjJuIp RrO2dm1nQeozLJSx2NbxhVh54BucJdKp4xS1GkDNxkqcdh04RE9hRURXdKagnfGy 9P8QQPOQmKAiWos/LYhCPDInMfrpVNvEVwP8MCDP15g6hylN4De/Oyt7ZshPshSf MnAFObfBTGX5KioVqTyfdlBkKUfdXHJux61QEFHn8eadX6+/6IuKbUvK9B0icc8E pvbjOxQatFRps0KNWeIsKQc5i6iQoJhocAiIy6Y6LCuZQuSXCImY2RWXkVYzbWo= =c1eU -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: freetype security update Advisory ID: RHSA-2011:1402-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1402.html Issue date: 2011-10-25 CVE Names: CVE-2011-3256 ===================================================================== 1. Summary: Updated freetype packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed bitmap font files. (CVE-2011-3256) Note: These issues only affected the FreeType 2 font engine. Users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 746226 - CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/freetype-2.1.9-20.el4.src.rpm i386: freetype-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-demos-2.1.9-20.el4.i386.rpm freetype-devel-2.1.9-20.el4.i386.rpm freetype-utils-2.1.9-20.el4.i386.rpm ia64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.ia64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.ia64.rpm freetype-demos-2.1.9-20.el4.ia64.rpm freetype-devel-2.1.9-20.el4.ia64.rpm freetype-utils-2.1.9-20.el4.ia64.rpm ppc: freetype-2.1.9-20.el4.ppc.rpm freetype-2.1.9-20.el4.ppc64.rpm freetype-debuginfo-2.1.9-20.el4.ppc.rpm freetype-debuginfo-2.1.9-20.el4.ppc64.rpm freetype-demos-2.1.9-20.el4.ppc.rpm freetype-devel-2.1.9-20.el4.ppc.rpm freetype-utils-2.1.9-20.el4.ppc.rpm s390: freetype-2.1.9-20.el4.s390.rpm freetype-debuginfo-2.1.9-20.el4.s390.rpm freetype-demos-2.1.9-20.el4.s390.rpm freetype-devel-2.1.9-20.el4.s390.rpm freetype-utils-2.1.9-20.el4.s390.rpm s390x: freetype-2.1.9-20.el4.s390.rpm freetype-2.1.9-20.el4.s390x.rpm freetype-debuginfo-2.1.9-20.el4.s390.rpm freetype-debuginfo-2.1.9-20.el4.s390x.rpm freetype-demos-2.1.9-20.el4.s390x.rpm freetype-devel-2.1.9-20.el4.s390x.rpm freetype-utils-2.1.9-20.el4.s390x.rpm x86_64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.x86_64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.x86_64.rpm freetype-demos-2.1.9-20.el4.x86_64.rpm freetype-devel-2.1.9-20.el4.x86_64.rpm freetype-utils-2.1.9-20.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/freetype-2.1.9-20.el4.src.rpm i386: freetype-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-demos-2.1.9-20.el4.i386.rpm freetype-devel-2.1.9-20.el4.i386.rpm freetype-utils-2.1.9-20.el4.i386.rpm x86_64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.x86_64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.x86_64.rpm freetype-demos-2.1.9-20.el4.x86_64.rpm freetype-devel-2.1.9-20.el4.x86_64.rpm freetype-utils-2.1.9-20.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/freetype-2.1.9-20.el4.src.rpm i386: freetype-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-demos-2.1.9-20.el4.i386.rpm freetype-devel-2.1.9-20.el4.i386.rpm freetype-utils-2.1.9-20.el4.i386.rpm ia64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.ia64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.ia64.rpm freetype-demos-2.1.9-20.el4.ia64.rpm freetype-devel-2.1.9-20.el4.ia64.rpm freetype-utils-2.1.9-20.el4.ia64.rpm x86_64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.x86_64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.x86_64.rpm freetype-demos-2.1.9-20.el4.x86_64.rpm freetype-devel-2.1.9-20.el4.x86_64.rpm freetype-utils-2.1.9-20.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/freetype-2.1.9-20.el4.src.rpm i386: freetype-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-demos-2.1.9-20.el4.i386.rpm freetype-devel-2.1.9-20.el4.i386.rpm freetype-utils-2.1.9-20.el4.i386.rpm ia64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.ia64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.ia64.rpm freetype-demos-2.1.9-20.el4.ia64.rpm freetype-devel-2.1.9-20.el4.ia64.rpm freetype-utils-2.1.9-20.el4.ia64.rpm x86_64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.x86_64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.x86_64.rpm freetype-demos-2.1.9-20.el4.x86_64.rpm freetype-devel-2.1.9-20.el4.x86_64.rpm freetype-utils-2.1.9-20.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/freetype-2.2.1-28.el5_7.1.src.rpm i386: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm x86_64: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-2.2.1-28.el5_7.1.x86_64.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/freetype-2.2.1-28.el5_7.1.src.rpm i386: freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-demos-2.2.1-28.el5_7.1.i386.rpm freetype-devel-2.2.1-28.el5_7.1.i386.rpm x86_64: freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.x86_64.rpm freetype-demos-2.2.1-28.el5_7.1.x86_64.rpm freetype-devel-2.2.1-28.el5_7.1.i386.rpm freetype-devel-2.2.1-28.el5_7.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/freetype-2.2.1-28.el5_7.1.src.rpm i386: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-demos-2.2.1-28.el5_7.1.i386.rpm freetype-devel-2.2.1-28.el5_7.1.i386.rpm ia64: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-2.2.1-28.el5_7.1.ia64.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.ia64.rpm freetype-demos-2.2.1-28.el5_7.1.ia64.rpm freetype-devel-2.2.1-28.el5_7.1.ia64.rpm ppc: freetype-2.2.1-28.el5_7.1.ppc.rpm freetype-2.2.1-28.el5_7.1.ppc64.rpm freetype-debuginfo-2.2.1-28.el5_7.1.ppc.rpm freetype-debuginfo-2.2.1-28.el5_7.1.ppc64.rpm freetype-demos-2.2.1-28.el5_7.1.ppc.rpm freetype-devel-2.2.1-28.el5_7.1.ppc.rpm freetype-devel-2.2.1-28.el5_7.1.ppc64.rpm s390x: freetype-2.2.1-28.el5_7.1.s390.rpm freetype-2.2.1-28.el5_7.1.s390x.rpm freetype-debuginfo-2.2.1-28.el5_7.1.s390.rpm freetype-debuginfo-2.2.1-28.el5_7.1.s390x.rpm freetype-demos-2.2.1-28.el5_7.1.s390x.rpm freetype-devel-2.2.1-28.el5_7.1.s390.rpm freetype-devel-2.2.1-28.el5_7.1.s390x.rpm x86_64: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-2.2.1-28.el5_7.1.x86_64.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.x86_64.rpm freetype-demos-2.2.1-28.el5_7.1.x86_64.rpm freetype-devel-2.2.1-28.el5_7.1.i386.rpm freetype-devel-2.2.1-28.el5_7.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm x86_64: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-2.3.11-6.el6_1.7.x86_64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-demos-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm x86_64: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-demos-2.3.11-6.el6_1.7.x86_64.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm x86_64: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-2.3.11-6.el6_1.7.x86_64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm x86_64: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-demos-2.3.11-6.el6_1.7.x86_64.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm ppc64: freetype-2.3.11-6.el6_1.7.ppc.rpm freetype-2.3.11-6.el6_1.7.ppc64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.ppc.rpm freetype-debuginfo-2.3.11-6.el6_1.7.ppc64.rpm freetype-devel-2.3.11-6.el6_1.7.ppc.rpm freetype-devel-2.3.11-6.el6_1.7.ppc64.rpm s390x: freetype-2.3.11-6.el6_1.7.s390.rpm freetype-2.3.11-6.el6_1.7.s390x.rpm freetype-debuginfo-2.3.11-6.el6_1.7.s390.rpm freetype-debuginfo-2.3.11-6.el6_1.7.s390x.rpm freetype-devel-2.3.11-6.el6_1.7.s390.rpm freetype-devel-2.3.11-6.el6_1.7.s390x.rpm x86_64: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-2.3.11-6.el6_1.7.x86_64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-demos-2.3.11-6.el6_1.7.i686.rpm ppc64: freetype-debuginfo-2.3.11-6.el6_1.7.ppc64.rpm freetype-demos-2.3.11-6.el6_1.7.ppc64.rpm s390x: freetype-debuginfo-2.3.11-6.el6_1.7.s390x.rpm freetype-demos-2.3.11-6.el6_1.7.s390x.rpm x86_64: freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-demos-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm x86_64: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-2.3.11-6.el6_1.7.x86_64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-demos-2.3.11-6.el6_1.7.i686.rpm x86_64: freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-demos-2.3.11-6.el6_1.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-3256.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFOpv7zXlSAg2UNWIIRAtxRAJ9yxP+ABOboEq9+fB+RnBOLIUp/XgCePltE cL8BidDpB1YhdkDs+bUyhbU= =qAkG -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
var-200703-0009 Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file. The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Apple QuickTime is prone to multiple unspecified remote code-execution vulnerabilities including mulitple heap and stack-based buffer-overflow and integer-overflow issues. These issues arise when the application handles specially crafted 3GP, MIDI, MOV, PICT, and QTIF files. Successful attacks can result in the compromise of the applicaiton or can cause denial-of-service conditions. Few details regarding these issues are currently available. Separate BIDs for each issue will be created as new information becomes available. QuickTime versions prior to 7.1.5 are vulnerable. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. There are multiple buffer overflow vulnerabilities in QuickTime's processing of various media formats. If a user is tricked into opening a malicious movie, this overflow could be triggered, resulting in a denial of service or arbitrary code execution. (CVE-2007-0711). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-065A Apple Releases Security Updates for QuickTime Original release date: March 06, 2007 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows Overview Apple QuickTime contains multiple vulnerabilities. I. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted image or media file with a vulnerable version of QuickTime. Since QuickTime configures most web browsers to handle QuickTime media files, an attacker could exploit these vulnerabilities using a web page. Note that QuickTime ships with Apple iTunes. For more information, please refer to the Vulnerability Notes Database. II. For further information, please see the Vulnerability Notes Database. III. Solution Upgrade QuickTime Upgrade to QuickTime 7.1.5. This and other updates for Mac OS X are available via Apple Update. On Microsoft Windows the QuickTime built-in auto-update mechanism may not detect this release. Instead, Windows users should check for updates using Apple Software Update or install the update manually. Disable QuickTime in your web browser An attacker may be able to exploit this vulnerability by persuading a user to access a specially crafted file with a web browser. Disabling QuickTime in your web browser will defend against this attack vector. For more information, refer to the Securing Your Web Browser document. References * Vulnerability Notes for QuickTime 7.1.5 - <http://www.kb.cert.org/vuls/byid?searchview&query=QuickTime_715> * About the security content of the QuickTime 7.1.5 Update - <http://docs.info.apple.com/article.html?artnum=305149> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple QuickTime 7.1.5 for Windows - <http://www.apple.com/support/downloads/quicktime715forwindows.html> * Apple QuickTime 7.1.5 for Mac - <http://www.apple.com/support/downloads/quicktime715formac.html> * Standalone Apple QuickTime Player - <http://www.apple.com/quicktime/download/standalone.html> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-065A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-065A Feedback VU#568689" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History March 06, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRe26JOxOF3G+ig+rAQIL/AgArfKGgONZLe46VrCe71/m/47EcYHx/m4u K7rK5zeV11CItic4BMTyhC/s9OMEJdkRpVLhi9TJtLv0OYQoqT8WCqkcWpn6rf+p mRbMMIc0m2/IqQWBz3oHU1rlAem8Xk0wbARe+y3Pb1Xz5TumoyVSjbkKkyQJVYLz 35SS6byTmpspL/GIui8lt37b66aiXOGr91FCMQ4eCJXucJKlDNndjdL5isVKjXoA 74aavroywUVzoBzjxXCRSquxcFHW0B6t1TIMuMJhyVbmcV4i/0Cq3EfEg8iKVZdO ZAXHIj3P4cPmdsYRbgl0IqqyZYt51gMdpmUNGORCShuMajqwwbNjvg== =5/kY -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_vacancies/ Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA24359 VERIFY ADVISORY: http://secunia.com/advisories/24359/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which potentially can be exploited by malicious people to compromise a user's system. 1) An integer overflow error exists in the handling of 3GP video files. 2) A boundary error in the handling of MIDI files can be exploited to cause a heap-based buffer overflow. 3) A boundary error in the handling of QuickTime movie files can be exploited to cause a heap-based buffer overflow. 4) An integer overflow exists in the handling of UDTA atoms in movie files. 5) A boundary error in the handling of PICT files can be exploited to cause a heap-based buffer overflow. 6) A boundary error in the handling of QTIF files can be exploited to cause a stack-based buffer overflow. 7) An integer overflow exists in the handling of QTIF files. 8) An input validation error exists in the processing of QTIF files. This can be exploited to cause a heap corruption via a specially crafted QTIF file with the "Color Table ID" field set to "0". SOLUTION: Update to version 7.1.5. Mac OS X: http://www.apple.com/quicktime/download/mac.html Windows: http://www.apple.com/quicktime/download/win.html PROVIDED AND/OR DISCOVERED BY: 1) JJ Reyes 2,5,6,7) Mike Price, McAfee AVERT Labs 3) Mike Price, McAfee AVERT Labs, Piotr Bania, and Artur Ogloza 4) Sowhat of Nevis Labs and an anonymous researcher via ZDI. 8) Ruben Santamarta via iDefense and JJ Reyes ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=305149 Piotr Bania: http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=486 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-200102-0029 Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Broadband Operating System is prone to a denial-of-service vulnerability. The vulnerability exists in Cisco 600 routers running CBOS 2.4.1 and earlier versions. -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Alert Summary January 1, 2001 Volume 6 Number 2 The following computer security issues have been publicly reported and documented in the X-Force Vulnerability and Threat Database (http://xforce.iss.net). This document is available at http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert Summaries: - - Subscribe to the Alert mailing list from http://xforce.iss.net/maillists/index.php - - Or send an email to majordomo@iss.net, and within the body of the message type: - - 'subscribe alert' (without the quotes). _____ Contents 115 Reported Vulnerabilities Risk Factor Key _____ Date Reported: 12/31/00 Vulnerability: exmh-error-symlink Platforms Affected: exmh 2.2 and earlier Risk Factor: High Attack Type: Host Based Brief Description: exmh error message symlink X-Force URL: http://xforce.iss.net/static/5829.php _____ Date Reported: 12/30/00 Vulnerability: informix-webdriver-symlink Platforms Affected: Informix Webdriver Risk Factor: High Attack Type: Host Based Brief Description: Informix Webdriver symbolic link X-Force URL: http://xforce.iss.net/static/5827.php _____ Date Reported: 12/30/00 Vulnerability: informix-webdriver-admin-access Platforms Affected: Informix Webdriver Risk Factor: High Attack Type: Network Based Brief Description: Informix Webdriver remote Admin access X-Force URL: http://xforce.iss.net/static/5833.php _____ Date Reported: 12/29/00 Vulnerability: zonealarm-mutex-dos Platforms Affected: ZoneAlarm Pro Risk Factor: Medium Attack Type: Host Based Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial of service X-Force URL: http://xforce.iss.net/static/5821.php _____ Date Reported: 12/29/00 Vulnerability: zonealarm-batfile-dos Platforms Affected: ZoneAlarm Pro Risk Factor: Medium Attack Type: Host Based Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with a batch file X-Force URL: http://xforce.iss.net/static/5822.php _____ Date Reported: 12/29/00 Vulnerability: shockwave-flash-swf-bo Platforms Affected: Shockwave Plugin 8.0 and prior Risk Factor: High Attack Type: Network/Host Based Brief Description: Shockwave Flash SWF file buffer overflow X-Force URL: http://xforce.iss.net/static/5826.php _____ Date Reported: 12/29/00 Vulnerability: macos-multiple-users Platforms Affected: MacOS 9.0 Risk Factor: High Attack Type: Host Based Brief Description: Mac OS 'Multiple Users' bypass password X-Force URL: http://xforce.iss.net/static/5830.php _____ Date Reported: 12/28/00 Vulnerability: http-cgi-ikonboard Platforms Affected: Ikonboard 2.1.7b and prior Risk Factor: High Attack Type: Host Based Brief Description: Ikonboard allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5819.php _____ Date Reported: 12/27/00 Vulnerability: http-cgi-technote-main Platforms Affected: TECH-NOTE (000, 2001, Pro) Risk Factor: High Attack Type: Network Based Brief Description: TECH-NOTE main.cgi reveals files X-Force URL: http://xforce.iss.net/static/5813.php _____ Date Reported: 12/26/00 Vulnerability: xwindows-char-dos Platforms Affected: XFree86 Risk Factor: Low Attack Type: Network/Host Based Brief Description: X Windows multiple character denial of service X-Force URL: http://xforce.iss.net/static/5834.php _____ Date Reported: 12/25/00 Vulnerability: 1stup-mail-server-bo Platforms Affected: 1st Up Mail Server 4.1 Risk Factor: Medium Attack Type: Network Based Brief Description: 1st Up Mail Server buffer overflow X-Force URL: http://xforce.iss.net/static/5808.php _____ Date Reported: 12/25/00 Vulnerability: dialog-symlink Platforms Affected: Linux Debian 2.2 Risk Factor: High Attack Type: Host Based Brief Description: Linux dialog package symlink attack X-Force URL: http://xforce.iss.net/static/5809.php _____ Date Reported: 12/25/00 Vulnerability: ibm-wcs-admin Platforms Affected: IBM Websphere Commerce Suite Risk Factor: High Attack Type: Host Based Brief Description: IBM WCS admin.config allows user to execute arbitrary commands X-Force URL: http://xforce.iss.net/static/5831.php _____ Date Reported: 12/23/00 Vulnerability: http-cgi-technote-print Platforms Affected: TECH-NOTE (2000, 2001, Pro) Risk Factor: Medium Attack Type: Network Based Brief Description: TECH-NOTE print.cgi reveals files X-Force URL: http://xforce.iss.net/static/5815.php _____ Date Reported: 12/22/00 Vulnerability: iis-web-form-submit Platforms Affected: IIS (4.0, 5.0) Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IIS Web form submission X-Force URL: http://xforce.iss.net/static/5823.php _____ Date Reported: 12/21/00 Vulnerability: hpux-kermit-bo Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00) Risk Factor: Medium Attack Type: Host Based Brief Description: HP-UX kermit buffer overflow X-Force URL: http://xforce.iss.net/static/5793.php _____ Date Reported: 12/21/00 Vulnerability: bsguest-cgi-execute-commands Platforms Affected: Linux Risk Factor: Medium Attack Type: Network Based Brief Description: bsguest.cgi allows remote execution of commands on server X-Force URL: http://xforce.iss.net/static/5796.php _____ Date Reported: 12/21/00 Vulnerability: bslist-cgi-execute-commands Platforms Affected: Linux Risk Factor: Medium Attack Type: Network Based Brief Description: bslist.cgi allows remote execution of commands on server X-Force URL: http://xforce.iss.net/static/5797.php _____ Date Reported: 12/21/00 Vulnerability: infinite-interchange-dos Platforms Affected: Infinite Interchange 3.61 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Infinite InterChange denial of service X-Force URL: http://xforce.iss.net/static/5798.php _____ Date Reported: 12/21/00 Vulnerability: oracle-execute-plsql Platforms Affected: Oracle Application Server Risk Factor: Medium Attack Type: Network Based Brief Description: Oracle remote procedure execution X-Force URL: http://xforce.iss.net/static/5817.php _____ Date Reported: 12/21/00 Vulnerability: ksh-redirection-symlink Platforms Affected: IRIX (6.2, 6.5.x) Solaris (2.5.1, 2.6, 7) HPUX 9.00 Digital Unix 5.0 Risk Factor: High Attack Type: Host Based Brief Description: ksh redirection symlink attack X-Force URL: http://xforce.iss.net/static/5811.php _____ Date Reported: 12/21/00 Vulnerability: oracle-webdb-admin-access Platforms Affected: Oracle Internet Application Server 3.0.7 Risk Factor: High Attack Type: Network/Host Based Brief Description: Oracle IAS allows administrative access X-Force URL: http://xforce.iss.net/static/5818.php _____ Date Reported: 12/21/00 Vulnerability: infinite-interchange-dos Platforms Affected: Infinite Interchange 3.61 Risk Factor: Web Scan Attack Type: Network/Host Based Brief Description: Infinite InterChange denial of service X-Force URL: http://xforce.iss.net/static/5798.php _____ Date Reported: 12/20/00 Vulnerability: gnupg-detached-sig-modify Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3) Risk Factor: Medium Attack Type: Host Based Brief Description: GnuPG allows users to modify signed messages with detached signatures X-Force URL: http://xforce.iss.net/static/5802.php _____ Date Reported: 12/20/00 Vulnerability: gnupg-reveal-private Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3) Risk Factor: Medium Attack Type: Host Based Brief Description: GnuPG will import private keys along with public keys X-Force URL: http://xforce.iss.net/static/5803.php _____ Date Reported: 12/20/00 Vulnerability: zonealarm-nmap-scans Platforms Affected: ZoneAlarm Risk Factor: High Attack Type: Network Based Brief Description: ZoneAlarm does not detect NMAP scans X-Force URL: http://xforce.iss.net/static/5799.php _____ Date Reported: 12/20/00 Vulnerability: zonealarm-open-shares Platforms Affected: ZoneAlarm Risk Factor: High Attack Type: Network Based Brief Description: ZoneAlarm open shares X-Force URL: http://xforce.iss.net/static/5825.php _____ Date Reported: 12/19/00 Vulnerability: win2k-index-service-activex Platforms Affected: Windows 2000 Risk Factor: Low Attack Type: Network/Host Based Brief Description: Windows 2000 Index Service ActiveX controls allow unauthorized access to file information X-Force URL: http://xforce.iss.net/static/5800.php _____ Date Reported: 12/19/00 Vulnerability: proftpd-size-memory-leak Platforms Affected: Proftpd Risk Factor: Low Attack Type: Network/Host Based Brief Description: proftpd memory leak when using SIZE command X-Force URL: http://xforce.iss.net/static/5801.php _____ Date Reported: 12/19/00 Vulnerability: weblogic-dot-bo Platforms Affected: WebLogic Risk Factor: Medium Attack Type: Network Based Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow X-Force URL: http://xforce.iss.net/static/5782.php _____ Date Reported: 12/19/00 Vulnerability: mdaemon-imap-dos Platforms Affected: MDaemon Risk Factor: Medium Attack Type: Network/Host Based Brief Description: MDaemon IMAP buffer overflow denial of service X-Force URL: http://xforce.iss.net/static/5805.php _____ Date Reported: 12/19/00 Vulnerability: zope-calculate-roles Platforms Affected: Zp[e Risk Factor: High Attack Type: Host Based Brief Description: zope package in Linux calculates local roles incorrectly X-Force URL: http://xforce.iss.net/static/5777.php _____ Date Reported: 12/19/00 Vulnerability: itetris-svgalib-path Platforms Affected: svgalib Risk Factor: High Attack Type: Host Based Brief Description: Itetris svgalib PATH X-Force URL: http://xforce.iss.net/static/5795.php _____ Date Reported: 12/18/00 Vulnerability: bsd-ftpd-replydirname-bo Platforms Affected: BSD Based Operating Systems Risk Factor: High Attack Type: Network Based Brief Description: BSD ftpd replydirname() function buffer overflow X-Force URL: http://xforce.iss.net/static/5776.php _____ Date Reported: 12/18/00 Vulnerability: sonata-command-execute Platforms Affected: Sonata Risk Factor: High Attack Type: Host Based Brief Description: Sonata argument command line execution X-Force URL: http://xforce.iss.net/static/5787.php _____ Date Reported: 12/18/00 Vulnerability: solaris-catman-symlink Platforms Affected: Solaris Risk Factor: High Attack Type: Host Based Brief Description: Solaris catman command symlink attack X-Force URL: http://xforce.iss.net/static/5788.php _____ Date Reported: 12/18/00 Vulnerability: solaris-patchadd-symlink Platforms Affected: Solaris Risk Factor: High Attack Type: Host Based Brief Description: Solaris patchadd symlink attack X-Force URL: http://xforce.iss.net/static/5789.php _____ Date Reported: 12/18/00 Vulnerability: stunnel-format-logfile Platforms Affected: Stunnel Risk Factor: High Attack Type: Network Based Brief Description: Stunnel format allows user to write to logfile X-Force URL: http://xforce.iss.net/static/5807.php _____ Date Reported: 12/17/00 Vulnerability: hp-top-sys-files Platforms Affected: HPUX Risk Factor: Low Attack Type: Host Based Brief Description: HP-UX top command could be used to overwrite files X-Force URL: http://xforce.iss.net/static/5773.php _____ Date Reported: 12/16/00 Vulnerability: zope-legacy-names Platforms Affected: Zope Risk Factor: Medium Attack Type: Network Based Brief Description: Linux zope package "legacy" names X-Force URL: http://xforce.iss.net/static/5824.php _____ Date Reported: 12/15/00 Vulnerability: mrj-runtime-malicious-applets Platforms Affected: MRJ Risk Factor: Low Attack Type: Host Based Brief Description: MRJ runtime environment could allow malicious applets to be executed X-Force URL: http://xforce.iss.net/static/5784.php _____ Date Reported: 12/14/00 Vulnerability: coffeecup-ftp-weak-encryption Platforms Affected: CoffeeCup FTP Risk Factor: Low Attack Type: Host Based Brief Description: CoffeeCup FTP client has weak password encryption X-Force URL: http://xforce.iss.net/static/5744.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-fragmented-packets Platforms Affected: WatchGuard Risk Factor: Medium Attack Type: Network Based Brief Description: WatchGuard SOHO Firewall fragmented IP packet attack X-Force URL: http://xforce.iss.net/static/5749.php _____ Date Reported: 12/14/00 Vulnerability: jpilot-perms Platforms Affected: J-Pilot Risk Factor: Medium Attack Type: Host Based Brief Description: J-Pilot permissions could reveal sensitive information X-Force URL: http://xforce.iss.net/static/5762.php _____ Date Reported: 12/14/00 Vulnerability: mediaservices-dropped-connection-dos Platforms Affected: Microsoft Media Services Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Microsoft Media Services dropped connection denial of service X-Force URL: http://xforce.iss.net/static/5785.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-web-auth Platforms Affected: WatchGuard Risk Factor: High Attack Type: Network Based Brief Description: WatchGuard SOHO Web config server could allow unauthenticated access X-Force URL: http://xforce.iss.net/static/5554.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-passcfg-reset Platforms Affected: WatchGuard Risk Factor: High Attack Type: Network Based Brief Description: WatchGuard SOHO administrator password can be remotely reset X-Force URL: http://xforce.iss.net/static/5742.php _____ Date Reported: 12/14/00 Vulnerability: http-cgi-simplestguest Platforms Affected: simplestguest.cgi Risk Factor: High Attack Type: Network Based Brief Description: simplestguest.cgi input validation error X-Force URL: http://xforce.iss.net/static/5743.php _____ Date Reported: 12/14/00 Vulnerability: safeword-palm-pin-extraction Platforms Affected: SafeWord e.iD Palm Authenticator Risk Factor: High Attack Type: Network/Host Based Brief Description: SafeWord and e.iD Palm Authenticator allows attacker to clone Palm device X-Force URL: http://xforce.iss.net/static/5753.php _____ Date Reported: 12/14/00 Vulnerability: mdaemon-lock-bypass-password Platforms Affected: MDaemon Risk Factor: High Attack Type: Host Based Brief Description: MDaemon "lock" bypass password X-Force URL: http://xforce.iss.net/static/5763.php _____ Date Reported: 12/13/00 Vulnerability: cisco-catalyst-ssh-mismatch Platforms Affected: Cisco Catalyst Risk Factor: Low Attack Type: Network Based Brief Description: Cisco Catalyst SSH protocol mismatch X-Force URL: http://xforce.iss.net/static/5760.php _____ Date Reported: 12/13/00 Vulnerability: microsoft-iis-file-disclosure Platforms Affected: IIS Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Microsoft IIS Far East editions file disclosure X-Force URL: http://xforce.iss.net/static/5729.php _____ Date Reported: 12/13/00 Vulnerability: ezshopper-cgi-file-disclosure Platforms Affected: loadpage.cgi Risk Factor: Medium Attack Type: Network Based Brief Description: EZshopper loadpage.cgi file disclosure X-Force URL: http://xforce.iss.net/static/5740.php _____ Date Reported: 12/13/00 Vulnerability: winnt-mstask-dos Platforms Affected: Windows NT Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Windows NT MSTask.exe denial of service X-Force URL: http://xforce.iss.net/static/5746.php _____ Date Reported: 12/13/00 Vulnerability: bftpd-site-chown-bo Platforms Affected: BFTPD Risk Factor: High Attack Type: Network Based Brief Description: BFTPD SITE CHOWN buffer overflow X-Force URL: http://xforce.iss.net/static/5775.php _____ Date Reported: 12/12/00 Vulnerability: aim-remote-bo Platforms Affected: AOL Instant Messenger Risk Factor: Medium Attack Type: Network Based Brief Description: AOL Instant Messenger buffer overflow X-Force URL: http://xforce.iss.net/static/5732.php _____ Date Reported: 12/12/00 Vulnerability: subscribemelite-gain-admin-access Platforms Affected: Subscribe Me Lite Risk Factor: Medium Attack Type: Network Based Brief Description: Subscribe Me Lite mailing list manager unauthorized access X-Force URL: http://xforce.iss.net/static/5735.php _____ Date Reported: 12/12/00 Vulnerability: zope-image-file Platforms Affected: Zope Risk Factor: Medium Attack Type: Host Based Brief Description: Linux zope package Image and File objects X-Force URL: http://xforce.iss.net/static/5778.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-everythingform Platforms Affected: everythingform.cgi Risk Factor: High Attack Type: Network Based Brief Description: everythingform.cgi input validation error X-Force URL: http://xforce.iss.net/static/5736.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-simplestmail Platforms Affected: simplestmail.cgi Risk Factor: High Attack Type: Network Based Brief Description: simplestmail.cgi input validation error X-Force URL: http://xforce.iss.net/static/5739.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-ad Platforms Affected: ad.cgi Risk Factor: High Attack Type: Network Based Brief Description: ad.cgi input validation error X-Force URL: http://xforce.iss.net/static/5741.php _____ Date Reported: 12/12/00 Vulnerability: kde-kmail-weak-encryption Platforms Affected: KDE KMail Risk Factor: High Attack Type: Network/Host Based Brief Description: KDE KMail weak password encryption X-Force URL: http://xforce.iss.net/static/5761.php _____ Date Reported: 12/12/00 Vulnerability: aolim-buddyicon-bo Platforms Affected: AOL Instant Messenger Risk Factor: High Attack Type: Network/Host Based Brief Description: AOL Instant Messenger Buddy Icon buffer overflow X-Force URL: http://xforce.iss.net/static/5786.php _____ Date Reported: 12/12/00 Vulnerability: aim-remote-bo Platforms Affected: AOL Instant Messenger Risk Factor: Medium Attack Type: Network Based Brief Description: AOL Instant Messenger buffer overflow X-Force URL: http://xforce.iss.net/static/5732.php _____ Date Reported: 12/11/00 Vulnerability: rppppoe-zero-length-dos Platforms Affected: rp-pppoe Risk Factor: Medium Attack Type: Network Based Brief Description: rp-pppoe "zero-length" option denial of service X-Force URL: http://xforce.iss.net/static/5727.php _____ Date Reported: 12/11/00 Vulnerability: proftpd-modsqlpw-unauth-access Platforms Affected: ProFTPd Risk Factor: Medium Attack Type: Network Based Brief Description: ProFTPD system using mod_sqlpw unauthorized access X-Force URL: http://xforce.iss.net/static/5737.php _____ Date Reported: 12/11/00 Vulnerability: gnu-ed-symlink Platforms Affected: GNU ed Risk Factor: High Attack Type: Host Based Brief Description: GNU ed symlink X-Force URL: http://xforce.iss.net/static/5723.php _____ Date Reported: 12/11/00 Vulnerability: oops-ftputils-bo Platforms Affected: Oops Proxy Server Risk Factor: High Attack Type: Network/Host Based Brief Description: Oops Proxy Server ftp_utils buffer overflow X-Force URL: http://xforce.iss.net/static/5725.php _____ Date Reported: 12/11/00 Vulnerability: oracle-oidldap-write-permission Platforms Affected: Oracle Internet Directory Risk Factor: High Attack Type: Host Based Brief Description: Oracle Internet Directory write permission X-Force URL: http://xforce.iss.net/static/5804.php _____ Date Reported: 12/9/00 Vulnerability: foolproof-security-bypass Platforms Affected: FoolProof Risk Factor: High Attack Type: Host Based Brief Description: FoolProof Security restriction bypass using FTP X-Force URL: http://xforce.iss.net/static/5758.php _____ Date Reported: 12/8/00 Vulnerability: broadvision-bv1to1-reveal-path Platforms Affected: BroadVision One-To-One Enterprise Server Risk Factor: Low Attack Type: Network Based Brief Description: BroadVision One-To-One Enterprise Server reveals path to server X-Force URL: http://xforce.iss.net/static/5661.php _____ Date Reported: 12/8/00 Vulnerability: ssldump-format-strings Platforms Affected: ssldump Risk Factor: Medium Attack Type: Network Based Brief Description: ssldump format string could allow arbitrary execution of code X-Force URL: http://xforce.iss.net/static/5717.php _____ Date Reported: 12/8/00 Vulnerability: coldfusion-sample-dos Platforms Affected: ColdFusion Risk Factor: Medium Attack Type: Network/Host Based Brief Description: ColdFusion sample script denial of service X-Force URL: http://xforce.iss.net/static/5755.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-arbitrary-proxy Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Network/Host Based Brief Description: KTH Kerberos 4 arbitrary proxy enviornment variable X-Force URL: http://xforce.iss.net/static/5733.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-auth-packet-overflow Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Network/Host Based Brief Description: KTH Kerberos 4 authentication packet buffer overflow X-Force URL: http://xforce.iss.net/static/5734.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-user-config Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Host Based Brief Description: KTH Kerberos 4 user supplied configuration files X-Force URL: http://xforce.iss.net/static/5738.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-tmpfile-dos Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Host Based Brief Description: KTH Kerberos 4 race condition X-Force URL: http://xforce.iss.net/static/5754.php _____ Date Reported: 12/7/00 Vulnerability: homeseer-directory-traversal Platforms Affected: HomeSeer Risk Factor: Low Attack Type: Network Based Brief Description: HomeSeer allows directory traversal X-Force URL: http://xforce.iss.net/static/5663.php _____ Date Reported: 12/7/00 Vulnerability: offline-explorer-reveal-files Platforms Affected: MetaProducts Offline Explorer Risk Factor: Low Attack Type: Network/Host Based Brief Description: MetaProducts Offline Explorer can reveal file system X-Force URL: http://xforce.iss.net/static/5728.php _____ Date Reported: 12/7/00 Vulnerability: imail-smtp-auth-dos Platforms Affected: IMail Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IMail SMTP auth denial of service X-Force URL: http://xforce.iss.net/static/5674.php _____ Date Reported: 12/6/00 Vulnerability: apc-apcupsd-dos Platforms Affected: APC apcupsd Risk Factor: Medium Attack Type: Host Based Brief Description: APC apcupsd denial of service X-Force URL: http://xforce.iss.net/static/5654.php _____ Date Reported: 12/6/00 Vulnerability: cisco-catalyst-telnet-dos Platforms Affected: Cisco Catalyst Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Cisco Catalyst telnet server memory leak denial of service X-Force URL: http://xforce.iss.net/static/5656.php _____ Date Reported: 12/6/00 Vulnerability: apache-php-disclose-files Platforms Affected: Apache Web server Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Apache Web server discloses files when used with php script X-Force URL: http://xforce.iss.net/static/5659.php _____ Date Reported: 12/6/00 Vulnerability: ultraseek-reveal-path Platforms Affected: Ultraseek Risk Factor: Medium Attack Type: Network Based Brief Description: Ultraseek Server can reveal the path and source code to certain files X-Force URL: http://xforce.iss.net/static/5660.php _____ Date Reported: 12/6/00 Vulnerability: irc-dreamforge-dns-dos Platforms Affected: DreamForge IRCd Risk Factor: Medium Attack Type: Network Based Brief Description: DreamForge IRCd DNS denial of service X-Force URL: http://xforce.iss.net/static/5721.php _____ Date Reported: 12/6/00 Vulnerability: mailman-alternate-templates Platforms Affected: MailMan Risk Factor: High Attack Type: Network Based Brief Description: MailMan Alternate Templates form variable allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5649.php _____ Date Reported: 12/6/00 Vulnerability: phpgroupware-include-files Platforms Affected: Risk Factor: High Attack Type: Network Based Brief Description: phpGroupWare include files allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5650.php _____ Date Reported: 12/6/00 Vulnerability: markvision-printer-driver-bo Platforms Affected: Lexmark MarkVision Risk Factor: High Attack Type: Host Based Brief Description: Lexmark MarkVision printer drivers for Unix buffer overflows X-Force URL: http://xforce.iss.net/static/5651.php _____ Date Reported: 12/6/00 Vulnerability: nt-ras-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Host Based Brief Description: Windows NT RAS registry permissions X-Force URL: http://xforce.iss.net/static/5671.php _____ Date Reported: 12/6/00 Vulnerability: nt-snmp-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Network/Host Based Brief Description: Windows NT SNMP registry permissions X-Force URL: http://xforce.iss.net/static/5672.php _____ Date Reported: 12/6/00 Vulnerability: nt-mts-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Network/Host Based Brief Description: Windows NT MTS registry permissions X-Force URL: http://xforce.iss.net/static/5673.php _____ Date Reported: 12/6/00 Vulnerability: irc-bitchx-dns-bo Platforms Affected: BitchX Risk Factor: High Attack Type: Network Based Brief Description: BitchX IRC DNS buffer overflow X-Force URL: http://xforce.iss.net/static/5701.php _____ Date Reported: 12/5/00 Vulnerability: ibm-db2-gain-access Platforms Affected: IBM DB2 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IBM DB2 Universal Database can give access through default username and password X-Force URL: http://xforce.iss.net/static/5662.php _____ Date Reported: 12/5/00 Vulnerability: ibm-db2-dos Platforms Affected: IBM DB2 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IBM DB2 Universal Database denial of service X-Force URL: http://xforce.iss.net/static/5664.php _____ Date Reported: 12/5/00 Vulnerability: vsu-source-routing Platforms Affected: VSU Risk Factor: Medium Attack Type: Network Based Brief Description: VPNet VSU gateways contain source routing X-Force URL: http://xforce.iss.net/static/5667.php _____ Date Reported: 12/5/00 Vulnerability: vsu-ip-bridging Platforms Affected: VSU Risk Factor: Medium Attack Type: Network Based Brief Description: VPNet VSU gateways contain bridging code X-Force URL: http://xforce.iss.net/static/5670.php _____ Date Reported: 12/5/00 Vulnerability: ftp-servu-homedir-travers Platforms Affected: Serv-U FTP Risk Factor: High Attack Type: Network/Host Based Brief Description: FTP Serv-U home directory traversal could allow access to FTProot X-Force URL: http://xforce.iss.net/static/5639.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-web-access Platforms Affected: CISCO CBOS Risk Factor: Medium Attack Type: Network Based Brief Description: Cisco CBOS Web access enabled denial of service X-Force URL: http://xforce.iss.net/static/5626.php _____ Date Reported: 12/4/00 Vulnerability: watchguard-soho-get-dos Platforms Affected: WatchGuard SOHO Risk Factor: Medium Attack Type: Network Based Brief Description: WatchGuard SOHO Firewall multiple GET requests denial of service X-Force URL: http://xforce.iss.net/static/5665.php _____ Date Reported: 12/4/00 Vulnerability: phone-book-service-bo Platforms Affected: Windows 2000 Windows NT Risk Factor: High Attack Type: Network Based Brief Description: Windows NT and 2000 Phone Book service buffer overflow X-Force URL: http://xforce.iss.net/static/5623.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-syn-packets Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS SYN packets denial of service X-Force URL: http://xforce.iss.net/static/5627.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-invalid-login Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS does not log invalid logins X-Force URL: http://xforce.iss.net/static/5628.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-icmp-echo Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS large ICMP ECHO packet denial of service X-Force URL: http://xforce.iss.net/static/5629.php _____ Date Reported: 12/2/00 Vulnerability: phpweblog-bypass-authentication Platforms Affected: phpWebLog Risk Factor: High Attack Type: Host Based Brief Description: phpWebLog allows users to bypass authentication X-Force URL: http://xforce.iss.net/static/5625.php _____ Date Reported: 12/1/00 Vulnerability: linux-diskcheck-race-symlink Platforms Affected: Linux Risk Factor: Low Attack Type: Host Based Brief Description: Linux diskcheck race condition could allow a tmp file symbolic link attack X-Force URL: http://xforce.iss.net/static/5624.php _____ Date Reported: 12/1/00 Vulnerability: ie-form-file-upload Platforms Affected: Microsoft Internet Explorer Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Internet Explorer file upload form X-Force URL: http://xforce.iss.net/static/5615.php _____ Date Reported: 12/1/00 Vulnerability: mssql-xp-paraminfo-bo Platforms Affected: Risk Factor: Medium Attack Type: Host Based Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow X-Force URL: http://xforce.iss.net/static/5622.php _____ Date Reported: 12/1/00 Vulnerability: majordomo-auth-execute-commands Platforms Affected: Majordomo Risk Factor: High Attack Type: Network Based Brief Description: Majordomo allows administrative access without password X-Force URL: http://xforce.iss.net/static/5611.php _____ Date Reported: 12/1/00 Vulnerability: ie-print-template Platforms Affected: Microsoft Internet Explorer Risk Factor: High Attack Type: Network/Host Based Brief Description: Internet Explorer print template X-Force URL: http://xforce.iss.net/static/5614.php _____ Date Reported: 12/1/00 Vulnerability: aix-piobe-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX piobe buffer overflow X-Force URL: http://xforce.iss.net/static/5616.php _____ Date Reported: 12/1/00 Vulnerability: aix-pioout-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX pioout buffer overflow X-Force URL: http://xforce.iss.net/static/5617.php _____ Date Reported: 12/1/00 Vulnerability: aix-setclock-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX setclock buffer overflow X-Force URL: http://xforce.iss.net/static/5618.php _____ Date Reported: 12/1/00 Vulnerability: aix-enq-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX enq buffer overflow X-Force URL: http://xforce.iss.net/static/5619.php _____ Date Reported: 12/1/00 Vulnerability: aix-digest-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX digest buffer overflow X-Force URL: http://xforce.iss.net/static/5620.php _____ Date Reported: 12/1/00 Vulnerability: aix-setsenv-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX setsenv buffer overflow X-Force URL: http://xforce.iss.net/static/5621.php Risk Factor Key: High Any vulnerability that provides an attacker with immediate access into a machine, gains superuser access, or bypasses a firewall. Example: A vulnerable Sendmail 8.6.5 version that allows an intruder to execute commands on mail server. Medium Any vulnerability that provides information that has a high potential of giving system access to an intruder. Example: A misconfigured TFTP or vulnerable NIS server that allows an intruder to get the password file that could contain an account with a guessable password. Low Any vulnerability that provides information that potentially could lead to a compromise. Example: A finger that allows an intruder to find out who is online and potential accounts to attempt to crack passwords via brute force methods. _____ Additional Information This document is available at http://xforce.iss.net/alerts/advisennn.php. To receive these Alerts and Advisories: - - Subscribe to the Alert mailing list from http://xforce.iss.net/maillists/index.php - - Or send an email to majordomo@iss.net, and within the body of the message type: 'subscribe alert' (without the quotes). About Internet Security Systems (ISS) Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading global provider of security management solutions for the Internet. By combining best of breed products, security management services, aggressive research and development, and comprehensive educational and consulting services, ISS is the trusted security advisor for thousands of organizations around the world looking to protect their mission critical information and networks. Copyright (c) 2001 by Internet Security Systems, Inc. Permission is hereby granted for the redistribution of this Alert electronically. It is not to be edited in any way without express consent of the X-Force. If you wish to reprint the whole or any part of this Alert in any other medium excluding electronic medium, please e-mail xforce@iss.net for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as well as on MIT's PGP key server and PGP.com's key server. Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0 LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw jbM10AXVSHw= =5U+8 -----END PGP SIGNATURE-----
var-201710-1405 An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the String.link method. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. WebKit is prone to multiple memory-corruption vulnerabilities. These issues affect the following technologies and versions: iCloud for Windows 7 Safari prior to 11 tvOS prior to 11 iTunes for Windows prior to 12.7. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. Installation note: Safari 11 may be obtained from the Mac App Store. ========================================================================== Ubuntu Security Notice USN-3460-1 October 23, 2017 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.17.04.2 libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.17.04.2 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.16.04.2 libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.16.04.2 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3460-1 CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.0-0ubuntu0.17.04.2 https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.0-0ubuntu0.16.04.2 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-25-4 Additional information for APPLE-SA-2017-09-19-1 iOS 11 iOS 11 addresses the following: Bluetooth Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to access restricted files Description: A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. CVE-2017-7131: Dominik Conrads of Federal Office for Information Security, an anonymous researcher, Elvis (@elvisimprsntr), an anonymous researcher Entry added September 25, 2017 CFNetwork Proxies Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7083: Abhinav Bansal of Zscaler Inc. Entry added September 25, 2017 CoreAudio Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4. CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro Entry added September 25, 2017 Exchange ActiveSync Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to erase a device during Exchange account setup Description: A validation issue existed in AutoDiscover V1. This was addressed by requiring TLS for AutoDiscover V1. AutoDiscover V2 is now supported. CVE-2017-7088: Ilya Nesterov, Maxim Goncharov Heimdal Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to impersonate a service Description: A validation issue existed in the handling of the KDC- REP service name. This issue was addressed through improved validation. CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams Entry added September 25, 2017 iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7072: JAdrzej Krysztofiak Entry added September 25, 2017 Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7114: Alex Plaskett of MWR InfoSecurity Entry added September 25, 2017 Keyboard Suggestions Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Keyboard autocorrect suggestions may reveal sensitive information Description: The iOS keyboard was inadvertently caching sensitive information. This issue was addressed with improved heuristics. CVE-2017-7140: an anonymous researcher Entry added September 25, 2017 libc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker may be able to cause a denial-of-service Description: A resource exhaustion issue in glob() was addressed through an improved algorithm. CVE-2017-7086: Russ Cox of Google Entry added September 25, 2017 libc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-1000373 Entry added September 25, 2017 libexpat Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Multiple issues in expat Description: Multiple issues were addressed by updating to version 2.2.1 CVE-2016-9063 CVE-2017-9233 Entry added September 25, 2017 Location Framework Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read sensitive location information Description: A permissions issue existed in the handling of the location variable. This was addressed with additional ownership checks. CVE-2017-7148: an anonymous researcher, an anonymous researcher Entry added September 25, 2017 Mail Drafts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker with a privileged network position may be able to intercept mail contents Description: An encryption issue existed in the handling of mail drafts. This issue was addressed with improved handling of mail drafts meant to be sent encrypted. CVE-2017-7078: an anonymous researcher, an anonymous researcher, an anonymous researcher Entry added September 25, 2017 Mail MessageUI Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted image may lead to a denial of service Description: A memory corruption issue was addressed with improved validation. CVE-2017-7097: Xinshu Dong and Jun Hao Tan of Anquan Capital Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted image may lead to a denial of service Description: A denial of service issue was addressed through improved validation. CVE-2017-7118: Kiki Jiang and Jason Tokoph MobileBackup Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Backup may perform an unencrypted backup despite a requirement to perform only encrypted backups Description: A permissions issue existed. This issue was addressed with improved permission validation. CVE-2017-7133: Don Sparks of HackediOS.com Phone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A screenshot of secure content may be taken when locking an iOS device Description: A timing issue existed in the handling of locking. This issue was addressed by disabling screenshots while locking. CVE-2017-7139: an anonymous researcher Entry added September 25, 2017 Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-7085: xisigr of Tencent's Xuanwu Lab (tencent.com) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A revoked certificate may be trusted Description: A certificate validation issue existed in the handling of revocation data. This issue was addressed through improved validation. CVE-2017-7080: an anonymous researcher, an anonymous researcher, Sven Driemecker of adesso mobile solutions gmbh, Rune Darrud (@theflyingcorpse) of BA|rum kommune Entry added September 25, 2017 Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious app may be able to track users between installs Description: A permission checking issue existed in the handling of an app's Keychain data. This issue was addressed with improved permission checking. CVE-2017-7146: an anonymous researcher Entry added September 25, 2017 SQLite Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3. CVE-2017-10989: found by OSS-Fuzz CVE-2017-7128: found by OSS-Fuzz CVE-2017-7129: found by OSS-Fuzz CVE-2017-7130: found by OSS-Fuzz Entry added September 25, 2017 SQLite Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7127: an anonymous researcher Entry added September 25, 2017 Time Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: "Setting Time Zone" may incorrectly indicate that it is using location Description: A permissions issue existed in the process that handles time zone information. The issue was resolved by modifying permissions. CVE-2017-7145: an anonymous researcher Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7081: Apple Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7087: Apple CVE-2017-7091: Wei Yuan of Baidu Security Lab working with Trend Microas Zero Day Initiative CVE-2017-7092: Samuel Gro and Niklas Baumstark working with Trend Micro's Zero Day Initiative, Qixun Zhao (@S0rryMybad) of Qihoo 360 Vulcan Team CVE-2017-7093: Samuel Gro and Niklas Baumstark working with Trend Microas Zero Day Initiative CVE-2017-7094: Tim Michaud (@TimGMichaud) of Leviathan Security Group CVE-2017-7095: Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University working with Trend Microas Zero Day Initiative CVE-2017-7096: Wei Yuan of Baidu Security Lab CVE-2017-7098: Felipe Freitas of Instituto TecnolA3gico de AeronA!utica CVE-2017-7099: Apple CVE-2017-7100: Masato Kinugawa and Mario Heiderich of Cure53 CVE-2017-7102: Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University CVE-2017-7104: likemeng of Baidu Secutity Lab CVE-2017-7107: Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University CVE-2017-7111: likemeng of Baidu Security Lab (xlab.baidu.com) working with Trend Micro's Zero Day Initiative CVE-2017-7117: lokihardt of Google Project Zero CVE-2017-7120: chenqin (ee|) of Ant-financial Light-Year Security Lab Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue existed in the handling of the parent-tab. This issue was addressed with improved state management. CVE-2017-7089: Anton Lopanitsyn of ONSEC, Frans RosA(c)n of Detectify Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies belonging to one origin may be sent to another origin Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes. CVE-2017-7090: Apple Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-7106: Oliver Paukstadt of Thinking Objects GmbH (to.com) WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: Application Cache policy may be unexpectedly applied. CVE-2017-7109: avlidienbrunn Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to track users in Safari private browsing mode Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. CVE-2017-7144: an anonymous researcher Entry added September 25, 2017 Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-11120: Gal Beniamini of Google Project Zero CVE-2017-11121: Gal Beniamini of Google Project Zero Entry added September 25, 2017 Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7103: Gal Beniamini of Google Project Zero CVE-2017-7105: Gal Beniamini of Google Project Zero CVE-2017-7108: Gal Beniamini of Google Project Zero CVE-2017-7110: Gal Beniamini of Google Project Zero CVE-2017-7112: Gal Beniamini of Google Project Zero Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: Multiple race conditions were addressed through improved validation. CVE-2017-7115: Gal Beniamini of Google Project Zero Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Malicious code executing on the Wi-Fi chip may be able to read restricted kernel memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7116: Gal Beniamini of Google Project Zero zlib Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Multiple issues in zlib Description: Multiple issues were addressed by updating to version 1.2.11. CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Entry added September 25, 2017 Additional recognition Security We would like to acknowledge Abhinav Bansal of Zscaler, Inc. for their assistance. Webkit We would like to acknowledge xisigr of Tencent's Xuanwu Lab (tencent.com) for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "11". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZyUQfAAoJEIOj74w0bLRGvBgQAJIF/+cKGy/7YWEugFrwr8A3 rNzHU/yZ3X976fmlYM8l+VUJEn2khu5huPsQzYUvEdbHOWkUGThKil+NzDr3YP6V YYRIi+6i9KJEATGQAdR9YW6bcqJCu7S2xxNBnXtOxR/1TzO4LvVQsWJo0c5z91dD Aid3uYhx1SPwcaF5O5CfRQcp1JSLOWKZOaxO+u+DmtYIM746jrz3FOrfEN8mQp0q CwUSE/Vum7ImOsNUO308QnGmL7s/FGkp86/JtNTbAxJ47Rhqu5lcXj3q1ntrlLdX VFC+K7mNdwNtc1vqB03W5gamyD1qVcTvvwJ3D9cpQAySTDyRFF9cGw+TrzaDl48B 8iiY7D/KkhHuY4jskCF6xyjzloK9RfgKg2FzEBndoESt7bEw4eufF9wnrfV/M1xw 6U4DSjZxgqUwV7YqMX/VnpcEuxg5q9emCQmBfudnVIPKuOITg8x1oyE1e036MDo5 zon/cRIxqaSt8K6rI7TafxQIwpM541N89O/VZbcVey5JFIu1kew4G/gMivMOyroE +xqxLmeGgD10LMZOgoRsNBiKDy8JLJa2lO2dVTZMV4bdtCngeDikDNLqYUcW8lfa 5ZsQBceoCI6abj4PV35N7dHVATFudhrZmhY0epHt13xmRHUFTywOktu/TkOZM8HR eU2TBtOsDF6N5SFunvAC =s5yy -----END PGP SIGNATURE-----
var-201912-0457 A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory. iCloud , iTunes , Safari Multiple Apple products contain vulnerabilities related to input validation.Information may be obtained. Apple Safari could allow a remote malicious user to obtain sensitive information, caused by a validation issue in the WebKit component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. CVE-2019-8546: ChiYuan Chang Passcode Available for: Apple Watch Series 1 and later Impact: A partially entered passcode may not clear when the device goes to sleep Description: An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-3-25-1 iOS 12.2 iOS 12.2 is now available and addresses the following: CFString Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to a denial of service Description: A validation issue was addressed with improved logic. CVE-2019-8516: SWIPS Team of Frifee Inc. configd Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8552: Mohamed Ghannam (@_simo36) Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2019-8511: an anonymous researcher CoreCrypto Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8542: an anonymous researcher Exchange ActiveSync Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure Description: This issue was addressed with improved transparency. CVE-2019-8512: an anonymous researcher, an anonymous researcher FaceTime Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A user's video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing Description: An issue existed in the pausing of FaceTime video. CVE-2019-8550: Lauren Guzniczak of Keystone Academy Feedback Assistant Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to gain root privileges Description: A race condition was addressed with additional validation. CVE-2019-8565: CodeColorist of Ant-Financial LightYear Labs Feedback Assistant Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to overwrite arbitrary files Description: This issue was addressed with improved checks. CVE-2019-8521: CodeColorist of Ant-Financial LightYear Labs file Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted file might disclose user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-6237: an anonymous researcher GeoServices Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Clicking a malicious SMS link may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2019-8553: an anonymous researcher iAP Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8542: an anonymous researcher IOHIDFamily Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2019-8545: Adam Donenfeld (@doadam) of the Zimperium zLabs Team IOKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8504: an anonymous researcher IOKit SCSI Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8529: Juwei Lin (@panicaII) of Trend Micro Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A buffer overflow was addressed with improved size validation. CVE-2019-8527: Ned Williamson of Google and derrek (@derrekr6) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2019-8514: Samuel Groß of Google Project Zero Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to determine kernel memory layout Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8540: Weibo Wang (@ma1fan) of Qihoo 360 Nirvan Team Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read kernel memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-7293: Ned Williamson of Google Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. CVE-2019-6207: Weibo Wang of Qihoo 360 Nirvan Team (@ma1fan) CVE-2019-8510: Stefan Esser of Antid0te UG Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted mail message may lead to S/MIME signature spoofing Description: This issue was addressed with improved checks. CVE-2019-7284: Damian Poddebniak of Münster University of Applied Sciences Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to view sensitive user information Description: An access issue was addressed with additional sandbox restrictions. CVE-2019-8546: ChiYuan Chang Power Management Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple input validation issues existed in MIG generated code. CVE-2019-8549: Mohamed Ghannam (@_simo36) of SSD Secure Disclosure (ssd-disclosure.com) Privacy Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious app may be able to track users between installs Description: A privacy issue existed in motion sensor calibration. CVE-2019-8541: Stan (Jiexin) Zhang and Alastair R. Beresford of the University of Cambridge, Ian Sheret of Polymath Insight Limited ReplayKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to access the microphone without indication to the user Description: An API issue existed in the handling of microphone data. CVE-2019-8566: an anonymous researcher Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A website may be able to access sensor information without user consent Description: A permissions issue existed in the handling of motion and orientation data. CVE-2019-8554: an anonymous researcher Safari Reader Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: A logic issue was addressed with improved validation. CVE-2019-6204: Ryan Pickren (ryanpickren.com) CVE-2019-8505: Ryan Pickren (ryanpickren.com) Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to initiate a Dictation request without user authorization Description: An API issue existed in the handling of dictation requests. CVE-2019-8502: Luke Deshotels of North Carolina State University, Jordan Beichler of North Carolina State University, William Enck of North Carolina State University, Costin Carabaș of University POLITEHNICA of Bucharest, and Răzvan Deaconescu of University POLITEHNICA of Bucharest TrueTypeScaler Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8517: riusksk of VulWar Corp working with Trend Micro Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved validation. CVE-2019-8551: Ryan Pickren (ryanpickren.com) WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8535: Zhiyang Zeng (@Wester) of Tencent Blade Team WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8558: Samuel Groß of Google Project Zero CVE-2019-8559: Apple CVE-2019-8563: Apple WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A memory corruption issue was addressed with improved validation. CVE-2019-8562: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A website may be able to access the microphone without the microphone use indicator being shown Description: A consistency issue was addressed with improved state handling. CVE-2019-6222: Denis Markov of Resonance Software WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8536: Apple CVE-2019-8544: an anonymous researcher WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cross-origin issue existed with the fetch API. CVE-2019-8515: James Lee (@Windowsrcer) WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-7285: dwfault working at ADLab of Venustech CVE-2019-8556: Apple WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2019-8506: Samuel Groß of Google Project Zero WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to execute scripts in the context of another website Description: A logic issue was addressed with improved validation. CVE-2019-7292: Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A device may be passively tracked by its WiFi MAC address Description: A user privacy issue was addressed by removing the broadcast MAC address. CVE-2019-8567: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt XPC Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to overwrite arbitrary files Description: This issue was addressed with improved checks. CVE-2019-8530: CodeColorist of Ant-Financial LightYear Labs Additional recognition Books We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Calendar We would like to acknowledge Peter Hempsall of 104days.com, Sascha Mogler of mogler.com, and an anonymous researcher for their assistance. Quick Look We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Safari We would like to acknowledge Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) for their assistance. Screen Time We would like to acknowledge Brandon Moore (@Brandonsecurity) for their assistance. WebKit We would like to acknowledge Andrey Kovalev of Yandex Security Team for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 12.2". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlyZM7opHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3GIIBAA kEosQIr8/w6Qjtw2KzO753EFWM0kp4Ylv1Z0hlrAAX3YROpt18Xq+RWTgJ+3yhXu 136ZfBYEOJx+Jxv7nokB+ZvP1832WqccV1XU4XVxxsGvEshyFeXrIWxHz9a6aTi9 ozTTzJ5N9pZnd+ImJp51TQ8Q38KoqUPMU2stTr/SYE43S/9bz28fFTXHBS6WQBMz fgevfhMV0Ty3QnuIpLeeCZ1SwC51a0yZ/BV88E+G8xgplgh2R8Mc2bZosP8JIjMx 7KdtpBh30+BvB++MzteQG0gE+aIs6p4CLPgzkm67UZApbKIlYJxkZXv/pIy+DdS1 LGwBwZ5TRJ73uAGZO7jtpx6FNN3sSthI84y5x7df+hretVSFTqsEAErcI4Ns8HiD m3Jd3OJxMBEGC7SVz+r8IfkwnyQxurQMDj063ojsT6HBUOTZcYn6VX/h37MCwnO4 +GVFivjZklbp/lt7WiGs2j4mDs7jgt5SsNm0K3Nm/2EOT3I2HNc/8msJBbH/uF9h dVYsC8+7uEDqHIQ30FO2NCUzJrtjWHA1rxLS0XnY1uvv/09LjPMc/Y1VuIuvKSuZ Xv7+V5tCjaZRMow6IwH0qON30O0puRr6YnJchRO7TILCoW5bibzX5oxeJm2E6lsK SjGjz4yWGw+2VFkNkFbbA8OKSZYk4ck2WdWgf6s0Vgc= =VAWG -----END PGP SIGNATURE-----= . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201909-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: September 06, 2019 Bugs: #683234, #686216, #693122 ID: 201909-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.24.4 >= 2.24.4 Description =========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.24.4" References ========== [ 1 ] CVE-2019-11070 https://nvd.nist.gov/vuln/detail/CVE-2019-11070 [ 2 ] CVE-2019-6201 https://nvd.nist.gov/vuln/detail/CVE-2019-6201 [ 3 ] CVE-2019-6251 https://nvd.nist.gov/vuln/detail/CVE-2019-6251 [ 4 ] CVE-2019-7285 https://nvd.nist.gov/vuln/detail/CVE-2019-7285 [ 5 ] CVE-2019-7292 https://nvd.nist.gov/vuln/detail/CVE-2019-7292 [ 6 ] CVE-2019-8503 https://nvd.nist.gov/vuln/detail/CVE-2019-8503 [ 7 ] CVE-2019-8506 https://nvd.nist.gov/vuln/detail/CVE-2019-8506 [ 8 ] CVE-2019-8515 https://nvd.nist.gov/vuln/detail/CVE-2019-8515 [ 9 ] CVE-2019-8518 https://nvd.nist.gov/vuln/detail/CVE-2019-8518 [ 10 ] CVE-2019-8523 https://nvd.nist.gov/vuln/detail/CVE-2019-8523 [ 11 ] CVE-2019-8524 https://nvd.nist.gov/vuln/detail/CVE-2019-8524 [ 12 ] CVE-2019-8535 https://nvd.nist.gov/vuln/detail/CVE-2019-8535 [ 13 ] CVE-2019-8536 https://nvd.nist.gov/vuln/detail/CVE-2019-8536 [ 14 ] CVE-2019-8544 https://nvd.nist.gov/vuln/detail/CVE-2019-8544 [ 15 ] CVE-2019-8551 https://nvd.nist.gov/vuln/detail/CVE-2019-8551 [ 16 ] CVE-2019-8558 https://nvd.nist.gov/vuln/detail/CVE-2019-8558 [ 17 ] CVE-2019-8559 https://nvd.nist.gov/vuln/detail/CVE-2019-8559 [ 18 ] CVE-2019-8563 https://nvd.nist.gov/vuln/detail/CVE-2019-8563 [ 19 ] CVE-2019-8595 https://nvd.nist.gov/vuln/detail/CVE-2019-8595 [ 20 ] CVE-2019-8607 https://nvd.nist.gov/vuln/detail/CVE-2019-8607 [ 21 ] CVE-2019-8615 https://nvd.nist.gov/vuln/detail/CVE-2019-8615 [ 22 ] CVE-2019-8644 https://nvd.nist.gov/vuln/detail/CVE-2019-8644 [ 23 ] CVE-2019-8644 https://nvd.nist.gov/vuln/detail/CVE-2019-8644 [ 24 ] CVE-2019-8649 https://nvd.nist.gov/vuln/detail/CVE-2019-8649 [ 25 ] CVE-2019-8649 https://nvd.nist.gov/vuln/detail/CVE-2019-8649 [ 26 ] CVE-2019-8658 https://nvd.nist.gov/vuln/detail/CVE-2019-8658 [ 27 ] CVE-2019-8658 https://nvd.nist.gov/vuln/detail/CVE-2019-8658 [ 28 ] CVE-2019-8666 https://nvd.nist.gov/vuln/detail/CVE-2019-8666 [ 29 ] CVE-2019-8666 https://nvd.nist.gov/vuln/detail/CVE-2019-8666 [ 30 ] CVE-2019-8669 https://nvd.nist.gov/vuln/detail/CVE-2019-8669 [ 31 ] CVE-2019-8669 https://nvd.nist.gov/vuln/detail/CVE-2019-8669 [ 32 ] CVE-2019-8671 https://nvd.nist.gov/vuln/detail/CVE-2019-8671 [ 33 ] CVE-2019-8671 https://nvd.nist.gov/vuln/detail/CVE-2019-8671 [ 34 ] CVE-2019-8672 https://nvd.nist.gov/vuln/detail/CVE-2019-8672 [ 35 ] CVE-2019-8672 https://nvd.nist.gov/vuln/detail/CVE-2019-8672 [ 36 ] CVE-2019-8673 https://nvd.nist.gov/vuln/detail/CVE-2019-8673 [ 37 ] CVE-2019-8673 https://nvd.nist.gov/vuln/detail/CVE-2019-8673 [ 38 ] CVE-2019-8676 https://nvd.nist.gov/vuln/detail/CVE-2019-8676 [ 39 ] CVE-2019-8676 https://nvd.nist.gov/vuln/detail/CVE-2019-8676 [ 40 ] CVE-2019-8677 https://nvd.nist.gov/vuln/detail/CVE-2019-8677 [ 41 ] CVE-2019-8677 https://nvd.nist.gov/vuln/detail/CVE-2019-8677 [ 42 ] CVE-2019-8678 https://nvd.nist.gov/vuln/detail/CVE-2019-8678 [ 43 ] CVE-2019-8678 https://nvd.nist.gov/vuln/detail/CVE-2019-8678 [ 44 ] CVE-2019-8679 https://nvd.nist.gov/vuln/detail/CVE-2019-8679 [ 45 ] CVE-2019-8679 https://nvd.nist.gov/vuln/detail/CVE-2019-8679 [ 46 ] CVE-2019-8680 https://nvd.nist.gov/vuln/detail/CVE-2019-8680 [ 47 ] CVE-2019-8680 https://nvd.nist.gov/vuln/detail/CVE-2019-8680 [ 48 ] CVE-2019-8681 https://nvd.nist.gov/vuln/detail/CVE-2019-8681 [ 49 ] CVE-2019-8681 https://nvd.nist.gov/vuln/detail/CVE-2019-8681 [ 50 ] CVE-2019-8683 https://nvd.nist.gov/vuln/detail/CVE-2019-8683 [ 51 ] CVE-2019-8683 https://nvd.nist.gov/vuln/detail/CVE-2019-8683 [ 52 ] CVE-2019-8684 https://nvd.nist.gov/vuln/detail/CVE-2019-8684 [ 53 ] CVE-2019-8684 https://nvd.nist.gov/vuln/detail/CVE-2019-8684 [ 54 ] CVE-2019-8686 https://nvd.nist.gov/vuln/detail/CVE-2019-8686 [ 55 ] CVE-2019-8686 https://nvd.nist.gov/vuln/detail/CVE-2019-8686 [ 56 ] CVE-2019-8687 https://nvd.nist.gov/vuln/detail/CVE-2019-8687 [ 57 ] CVE-2019-8687 https://nvd.nist.gov/vuln/detail/CVE-2019-8687 [ 58 ] CVE-2019-8688 https://nvd.nist.gov/vuln/detail/CVE-2019-8688 [ 59 ] CVE-2019-8688 https://nvd.nist.gov/vuln/detail/CVE-2019-8688 [ 60 ] CVE-2019-8689 https://nvd.nist.gov/vuln/detail/CVE-2019-8689 [ 61 ] CVE-2019-8689 https://nvd.nist.gov/vuln/detail/CVE-2019-8689 [ 62 ] CVE-2019-8690 https://nvd.nist.gov/vuln/detail/CVE-2019-8690 [ 63 ] CVE-2019-8690 https://nvd.nist.gov/vuln/detail/CVE-2019-8690 [ 64 ] WSA-2019-0002 https://webkitgtk.org/security/WSA-2019-0002.html [ 65 ] WSA-2019-0004 https://webkitgtk.org/security/WSA-2019-0004.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201909-05 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Installation note: Safari 12.1 may be obtained from the Mac App Store. ------------------------------------------------------------------------ WebKitGTK and WPE WebKit Security Advisory WSA-2019-0002 ------------------------------------------------------------------------ Date reported : April 10, 2019 Advisory ID : WSA-2019-0002 WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0002.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0002.html CVE identifiers : CVE-2019-6201, CVE-2019-6251, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-11070. Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. CVE-2019-6201 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to dwfault working with ADLab of Venustech. CVE-2019-6251 Versions affected: WebKitGTK and WPE WebKit before 2.24.1. Credit to Dhiraj. WebKitGTK and WPE WebKit were vulnerable to a URI spoofing attack similar to the CVE-2018-8383 issue in Microsoft Edge. CVE-2019-7285 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to dwfault working at ADLab of Venustech. CVE-2019-7292 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team. CVE-2019-8503 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to Linus S\xe4rud of Detectify. A malicious website may be able to execute scripts in the context of another website. CVE-2019-8506 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8515 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to James Lee, @Windowsrcer. A cross-origin issue existed with the fetch API. CVE-2019-8518 Versions affected: WebKitGTK before 2.22.7 and WPE WebKit before 2.22.5. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8523 Versions affected: WebKitGTK before 2.22.7 and WPE WebKit before 2.22.5. Credit to Apple. CVE-2019-8524 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to G. Geshev working with Trend Micro Zero Day Initiative. CVE-2019-8535 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Zhiyang Zeng, @Wester, of Tencent Blade Team. CVE-2019-8536 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-8544 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to an anonymous researcher. CVE-2019-8551 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Ryan Pickren, ryanpickren.com. CVE-2019-8558 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8559 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-8563 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-11070 Versions affected: WebKitGTK and WPE WebKit before 2.24.1. Credit to Igalia. WebKitGTK and WPE WebKit failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. We recommend updating to the latest stable versions of WebKitGTK and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK and WPE WebKit team, April 10, 2019
var-201302-0309 Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649. Adobe Flash Player Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2013-0644 and CVE-2013-0649 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374) A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.270-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.270-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.270-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.270-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.270-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . SOLUTION: Update to version 24.0.1312.70. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310" References ========== [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201309-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Please send email to <cert@cert.org> with "TA13-043A Feedback VU#689711" in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities SECUNIA ADVISORY ID: SA52166 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166 RELEASE DATE: 2013-02-12 DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/52166/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=52166 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system. 1) Some unspecified errors can be exploited to cause buffer overflows. 2) Some use-after-free errors can be exploited to dereference already freed memory. 4) An unspecified error can be exploited to corrupt memory. 5) An unspecified error can be exploited to corrupt memory. 6) An unspecified error can be exploited to disclose certain sensitive information. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor. ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-202103-1464 An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). OpenSSL is an open source general encryption library of the Openssl team that can implement the Secure Sockets Layer (SSLv2/v3) and Transport Layer Security (TLSv1) protocols. The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. On March 25, 2021, the OpenSSL Project released a security advisory, OpenSSL Security Advisory [25 March 2021], that disclosed two vulnerabilities. Exploitation of these vulnerabilities could allow an malicious user to use a valid non-certificate authority (CA) certificate to act as a CA and sign a certificate for an arbitrary organization, user or device, or to cause a denial of service (DoS) condition. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API. Security Fix(es): * NooBaa: noobaa-operator leaking RPC AuthToken into log files (CVE-2021-3528) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Currently, a newly restored PVC cannot be mounted if some of the OpenShift Container Platform nodes are running on a version of Red Hat Enterprise Linux which is less than 8.2, and the snapshot from which the PVC was restored is deleted. Workaround: Do not delete the snapshot from which the PVC was restored until the restored PVC is deleted. (BZ#1962483) * Previously, the default backingstore was not created on AWS S3 when OpenShift Container Storage was deployed, due to incorrect identification of AWS S3. With this update, the default backingstore gets created when OpenShift Container Storage is deployed on AWS S3. (BZ#1927307) * Previously, log messages were printed to the endpoint pod log even if the debug option was not set. With this update, the log messages are printed to the endpoint pod log only when the debug option is set. (BZ#1938106) * Previously, the PVCs could not be provisioned as the `rook-ceph-mds` did not register the pod IP on the monitor servers, and hence every mount on the filesystem timed out, resulting in CephFS volume provisioning failure. With this update, an argument `--public-addr=podIP` is added to the MDS pod when the host network is not enabled, and hence the CephFS volume provisioning does not fail. (BZ#1949558) * Previously, OpenShift Container Storage 4.2 clusters were not updated with the correct cache value, and hence MDSs in standby-replay might report an oversized cache, as rook did not apply the `mds_cache_memory_limit` argument during upgrades. With this update, the `mds_cache_memory_limit` argument is applied during upgrades and the mds daemon operates normally. (BZ#1951348) * Previously, the coredumps were not generated in the correct location as rook was setting the config option `log_file` to an empty string since logging happened on stdout and not on the files, and hence Ceph read the value of the `log_file` to build the dump path. With this update, rook does not set the `log_file` and keeps Ceph's internal default, and hence the coredumps are generated in the correct location and are accessible under `/var/log/ceph/`. (BZ#1938049) * Previously, Ceph became inaccessible, as the mons lose quorum if a mon pod was drained while another mon was failing over. With this update, voluntary mon drains are prevented while a mon is failing over, and hence Ceph does not become inaccessible. (BZ#1946573) * Previously, the mon quorum was at risk, as the operator could erroneously remove the new mon if the operator was restarted during a mon failover. With this update, the operator completes the same mon failover after the operator is restarted, and hence the mon quorum is more reliable in the node drains and mon failover scenarios. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 1938106 - [GSS][RFE]Reduce debug level for logs of Nooba Endpoint pod 1950915 - XSS Vulnerability with Noobaa version 5.5.0-3bacc6b 1951348 - [GSS][CephFS] health warning "MDS cache is too large (3GB/1GB); 0 inodes in use by clients, 0 stray files" for the standby-replay 1951600 - [4.6.z][Clone of BZ #1936545] setuid and setgid file bits are not retained after a OCS CephFS CSI restore 1955601 - CVE-2021-3528 NooBaa: noobaa-operator leaking RPC AuthToken into log files 1957189 - [Rebase] Use RHCS4.2z1 container image with OCS 4..6.5[may require doc update for external mode min supported RHCS version] 1959980 - When a node is being drained, increase the mon failover timeout to prevent unnecessary mon failover 1959983 - [GSS][mon] rook-operator scales mons to 4 after healthCheck timeout 1962483 - [RHEL7][RBD][4.6.z clone] FailedMount error when using restored PVC on app pod 5. Bug Fix(es): * WMCO patch pub-key-hash annotation to Linux node (BZ#1945248) * LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath (BZ#1952917) * Telemetry info not completely available to identify windows nodes (BZ#1955319) * WMCO incorrectly shows node as ready after a failed configuration (BZ#1956412) * kube-proxy service terminated unexpectedly after recreated LB service (BZ#1963263) 3. Solution: For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/4.7/windows_containers/window s-node-upgrades.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1945248 - WMCO patch pub-key-hash annotation to Linux node 1946538 - CVE-2021-25736 kubernetes: LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM 1952917 - LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath 1955319 - Telemetry info not completely available to identify windows nodes 1956412 - WMCO incorrectly shows node as ready after a failed configuration 1963263 - kube-proxy service terminated unexpectedly after recreated LB service 5. Description: Red Hat Advanced Cluster Management for Kubernetes 2.3.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana gement_for_kubernetes/2.3/html/release_notes/ Security: * fastify-reply-from: crafted URL allows prefix scape of the proxied backend service (CVE-2021-21321) * fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service (CVE-2021-21322) * nodejs-netmask: improper input validation of octal input data (CVE-2021-28918) * redis: Integer overflow via STRALGO LCS command (CVE-2021-29477) * redis: Integer overflow via COPY command for large intsets (CVE-2021-29478) * nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469) * nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500) * golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing - -u- extension (CVE-2020-28851) * golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852) * nodejs-ansi_up: XSS due to insufficient URL sanitization (CVE-2021-3377) * oras: zip-slip vulnerability via oras-pull (CVE-2021-21272) * redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms (CVE-2021-21309) * nodejs-lodash: command injection via template (CVE-2021-23337) * nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362) * browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) (CVE-2021-23364) * nodejs-postcss: Regular expression denial of service during source map parsing (CVE-2021-23368) * nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option (CVE-2021-23369) * nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js (CVE-2021-23382) * nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option (CVE-2021-23383) * openssl: integer overflow in CipherUpdate (CVE-2021-23840) * openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841) * nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292) * grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call (CVE-2021-27358) * nodejs-is-svg: ReDoS via malicious string (CVE-2021-28092) * nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character (CVE-2021-29418) * ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482) * normalize-url: ReDoS for data URLs (CVE-2021-33502) * nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623) * nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343) * html-parse-stringify: Regular Expression DoS (CVE-2021-23346) * openssl: incorrect SSLv2 rollback protection (CVE-2021-23839) For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section. Bugs: * RFE Make the source code for the endpoint-metrics-operator public (BZ# 1913444) * cluster became offline after apiserver health check (BZ# 1942589) 3. Bugs fixed (https://bugzilla.redhat.com/): 1913333 - CVE-2020-28851 golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension 1913338 - CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag 1913444 - RFE Make the source code for the endpoint-metrics-operator public 1921286 - CVE-2021-21272 oras: zip-slip vulnerability via oras-pull 1927520 - RHACM 2.3.0 images 1928937 - CVE-2021-23337 nodejs-lodash: command injection via template 1928954 - CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions 1930294 - CVE-2021-23839 openssl: incorrect SSLv2 rollback protection 1930310 - CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 1930324 - CVE-2021-23840 openssl: integer overflow in CipherUpdate 1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms 1936427 - CVE-2021-3377 nodejs-ansi_up: XSS due to insufficient URL sanitization 1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string 1940196 - View Resource YAML option shows 404 error when reviewing a Subscription for an application 1940613 - CVE-2021-27292 nodejs-ua-parser-js: ReDoS via malicious User-Agent header 1941024 - CVE-2021-27358 grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call 1941675 - CVE-2021-23346 html-parse-stringify: Regular Expression DoS 1942178 - CVE-2021-21321 fastify-reply-from: crafted URL allows prefix scape of the proxied backend service 1942182 - CVE-2021-21322 fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service 1942589 - cluster became offline after apiserver health check 1943208 - CVE-2021-23362 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() 1944822 - CVE-2021-29418 nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character 1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data 1945459 - CVE-2020-28469 nodejs-glob-parent: Regular expression denial of service 1948761 - CVE-2021-23369 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option 1948763 - CVE-2021-23368 nodejs-postcss: Regular expression denial of service during source map parsing 1954150 - CVE-2021-23382 nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js 1954368 - CVE-2021-29482 ulikunitz/xz: Infinite loop in readUvarint allows for denial of service 1955619 - CVE-2021-23364 browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) 1956688 - CVE-2021-23383 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option 1956818 - CVE-2021-23343 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe 1957410 - CVE-2021-29477 redis: Integer overflow via STRALGO LCS command 1957414 - CVE-2021-29478 redis: Integer overflow via COPY command for large intsets 1964461 - CVE-2021-33502 normalize-url: ReDoS for data URLs 1966615 - CVE-2021-33623 nodejs-trim-newlines: ReDoS in .end() method 1968122 - clusterdeployment fails because hiveadmission sc does not have correct permissions 1972703 - Subctl fails to join cluster, since it cannot auto-generate a valid cluster id 1983131 - Defragmenting an etcd member doesn't reduce the DB size (7.5GB) on a setup with ~1000 spoke clusters 5. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.10.3 security update Advisory ID: RHSA-2022:0056-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2022:0056 Issue date: 2022-03-10 CVE Names: CVE-2014-3577 CVE-2016-10228 CVE-2017-14502 CVE-2018-20843 CVE-2018-1000858 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9169 CVE-2019-13050 CVE-2019-13627 CVE-2019-14889 CVE-2019-15903 CVE-2019-19906 CVE-2019-20454 CVE-2019-20807 CVE-2019-25013 CVE-2020-1730 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-8927 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-9952 CVE-2020-10018 CVE-2020-11793 CVE-2020-13434 CVE-2020-14391 CVE-2020-15358 CVE-2020-15503 CVE-2020-25660 CVE-2020-25677 CVE-2020-27618 CVE-2020-27781 CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 CVE-2021-3121 CVE-2021-3326 CVE-2021-3449 CVE-2021-3450 CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3520 CVE-2021-3521 CVE-2021-3537 CVE-2021-3541 CVE-2021-3733 CVE-2021-3749 CVE-2021-20305 CVE-2021-21684 CVE-2021-22946 CVE-2021-22947 CVE-2021-25215 CVE-2021-27218 CVE-2021-30666 CVE-2021-30761 CVE-2021-30762 CVE-2021-33928 CVE-2021-33929 CVE-2021-33930 CVE-2021-33938 CVE-2021-36222 CVE-2021-37750 CVE-2021-39226 CVE-2021-41190 CVE-2021-43813 CVE-2021-44716 CVE-2021-44717 CVE-2022-0532 CVE-2022-21673 CVE-2022-24407 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.10.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.3. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2022:0055 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * grafana: Snapshot authentication bypass (CVE-2021-39226) * golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) * nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749) * golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) * grafana: Forward OAuth Identity Token can allow users to access some data sources (CVE-2022-21673) * grafana: directory traversal vulnerability (CVE-2021-43813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-x86_64 The image digest is sha256:7ffe4cd612be27e355a640e5eec5cd8f923c1400d969fd590f806cffdaabcc56 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-s390x The image digest is sha256:4cf21a9399da1ce8427246f251ae5dedacfc8c746d2345f9cfe039ed9eda3e69 (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-ppc64le The image digest is sha256:4ee571da1edf59dfee4473aa4604aba63c224bf8e6bcf57d048305babbbde93c All OpenShift Container Platform 4.10 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html 3. Solution: For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for moderate instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1808240 - Always return metrics value for pods under the user's namespace 1815189 - feature flagged UI does not always become available after operator installation 1825034 - e2e: Mock CSI tests fail on IBM ROKS clusters 1826225 - edge terminated h2 (gRPC) connections need a haproxy template change to work correctly 1860774 - csr for vSphere egress nodes were not approved automatically during cert renewal 1878106 - token inactivity timeout is not shortened after oauthclient/oauth config values are lowered 1878925 - 'oc adm upgrade --to ...' rejects versions which occur only in history, while the cluster-version operator supports history fallback 1880738 - origin e2e test deletes original worker 1882983 - oVirt csi driver should refuse to provision RWX and ROX PV 1886450 - Keepalived router id check not documented for RHV/VMware IPI 1889488 - The metrics endpoint for the Scheduler is not protected by RBAC 1894431 - Router pods fail to boot if the SSL certificate applied is missing an empty line at the bottom 1896474 - Path based routing is broken for some combinations 1897431 - CIDR support for additional network attachment with the bridge CNI plug-in 1903408 - NodePort externalTrafficPolicy does not work for ovn-kubernetes 1907433 - Excessive logging in image operator 1909906 - The router fails with PANIC error when stats port already in use 1911173 - [MSTR-998] Many charts' legend names show {{}} instead of words 1914053 - pods assigned with Multus whereabouts IP get stuck in ContainerCreating state after node rebooting. 1916169 - a reboot while MCO is applying changes leaves the node in undesirable state and MCP looks fine (UPDATED=true) 1917893 - [ovirt] install fails: due to terraform error "Cannot attach Virtual Disk: Disk is locked" on vm resource 1921627 - GCP UPI installation failed due to exceeding gcp limitation of instance group name 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1926522 - oc adm catalog does not clean temporary files 1927478 - Default CatalogSources deployed by marketplace do not have toleration for tainted nodes. 1928141 - kube-storage-version-migrator constantly reporting type "Upgradeable" status Unknown 1928285 - [LSO][OCS][arbiter] OCP Console shows no results while in fact underlying setup of LSO localvolumeset and it's storageclass is not yet finished, confusing users 1931594 - [sig-cli] oc --request-timeout works as expected fails frequently on s390x 1933847 - Prometheus goes unavailable (both instances down) during 4.8 upgrade 1937085 - RHV UPI inventory playbook missing guarantee_memory 1937196 - [aws ebs csi driver] events for block volume expansion may cause confusion 1938236 - vsphere-problem-detector does not support overriding log levels via storage CR 1939401 - missed labels for CMO/openshift-state-metric/telemeter-client/thanos-querier pods 1939435 - Setting an IPv6 address in noProxy field causes error in openshift installer 1939552 - [sig-api-machinery] CustomResourcePublishOpenAPI [Privileged:ClusterAdmin] works for CRD preserving unknown fields in an embedded object [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s] 1942913 - ThanosSidecarUnhealthy isn't resilient to WAL replays. 1943363 - [ovn] CNO should gracefully terminate ovn-northd 1945274 - ostree-finalize-staged.service failed while upgrading a rhcos node to 4.6.17 1948080 - authentication should not set Available=False APIServices_Error with 503s 1949262 - Prometheus Statefulsets should have 2 replicas and hard affinity set 1949672 - [GCP] Update 4.8 UPI template to match ignition version: 3.2.0 1950827 - [LSO] localvolumediscoveryresult name is not friendly to customer 1952576 - csv_succeeded metric not present in olm-operator for all successful CSVs 1953264 - "remote error: tls: bad certificate" logs in prometheus-operator container 1955300 - Machine config operator reports unavailable for 23m during upgrade 1955489 - Alertmanager Statefulsets should have 2 replicas and hard affinity set 1955490 - Thanos ruler Statefulsets should have 2 replicas and hard affinity set 1955544 - [IPI][OSP] densed master-only installation with 0 workers fails due to missing worker security group on masters 1956496 - Needs SR-IOV Docs Upstream 1956739 - Permission for authorized_keys for core user changes from core user to root when changed the pull secret 1956776 - [vSphere] Installer should do pre-check to ensure user-provided network name is valid 1956964 - upload a boot-source to OpenShift virtualization using the console 1957547 - [RFE]VM name is not auto filled in dev console 1958349 - ovn-controller doesn't release the memory after cluster-density run 1959352 - [scale] failed to get pod annotation: timed out waiting for annotations 1960378 - icsp allows mirroring of registry root - install-config imageContentSources does not 1960674 - Broken test: [sig-imageregistry][Serial][Suite:openshift/registry/serial] Image signature workflow can push a signed image to openshift registry and verify it [Suite:openshift/conformance/serial] 1961317 - storage ClusterOperator does not declare ClusterRoleBindings in relatedObjects 1961391 - String updates 1961509 - DHCP daemon pod should have CPU and memory requests set but not limits 1962066 - Edit machine/machineset specs not working 1962206 - openshift-multus/dhcp-daemon set should meet platform requirements for update strategy that have maxUnavailable update of 10 or 33 percent 1963053 - `oc whoami --show-console` should show the web console URL, not the server api URL 1964112 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters 1964327 - Support containers with name:tag@digest 1964789 - Send keys and disconnect does not work for VNC console 1965368 - ClusterQuotaAdmission received non-meta object - message constantly reported in OpenShift Container Platform 4.7 1966445 - Unmasking a service doesn't work if it masked using MCO 1966477 - Use GA version in KAS/OAS/OauthAS to avoid: "audit.k8s.io/v1beta1" is deprecated and will be removed in a future release, use "audit.k8s.io/v1" instead 1966521 - kube-proxy's userspace implementation consumes excessive CPU 1968364 - [Azure] when using ssh type ed25519 bootstrap fails to come up 1970021 - nmstate does not persist its configuration due to overlay systemd-connections-merged mount 1970218 - MCO writes incorrect file contents if compression field is specified 1970331 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install [Suite:openshift/conformance/parallel] 1970805 - Cannot create build when docker image url contains dir structure 1972033 - [azure] PV region node affinity is failure-domain.beta.kubernetes.io instead of topology.kubernetes.io 1972827 - image registry does not remain available during upgrade 1972962 - Should set the minimum value for the `--max-icsp-size` flag of `oc adm catalog mirror` 1973447 - ovn-dbchecker peak memory spikes to ~500MiB during cluster-density run 1975826 - ovn-kubernetes host directed traffic cannot be offloaded as CT zone 64000 is not established 1976301 - [ci] e2e-azure-upi is permafailing 1976399 - During the upgrade from OpenShift 4.5 to OpenShift 4.6 the election timers for the OVN north and south databases did not change. 1976674 - CCO didn't set Upgradeable to False when cco mode is configured to Manual on azure platform 1976894 - Unidling a StatefulSet does not work as expected 1977319 - [Hive] Remove stale cruft installed by CVO in earlier releases 1977414 - Build Config timed out waiting for condition 400: Bad Request 1977929 - [RFE] Display Network Attachment Definitions from openshift-multus namespace during OCS deployment via UI using Multus 1978528 - systemd-coredump started and failed intermittently for unknown reasons 1978581 - machine-config-operator: remove runlevel from mco namespace 1979562 - Cluster operators: don't show messages when neither progressing, degraded or unavailable 1979962 - AWS SDN Network Stress tests have not passed in 4.9 release-openshift-origin-installer-e2e-aws-sdn-network-stress-4.9 1979966 - OCP builds always fail when run on RHEL7 nodes 1981396 - Deleting pool inside pool page the pool stays in Ready phase in the heading 1981549 - Machine-config daemon does not recover from broken Proxy configuration 1981867 - [sig-cli] oc explain should contain proper fields description for special types [Suite:openshift/conformance/parallel] 1981941 - Terraform upgrade required in openshift-installer to resolve multiple issues 1982063 - 'Control Plane' is not translated in Simplified Chinese language in Home->Overview page 1982498 - Default registry credential path should be adjusted to use containers/auth.json for oc commands 1982662 - Workloads - DaemonSets - Add storage: i18n misses 1982726 - kube-apiserver audit logs show a lot of 404 errors for DELETE "*/secrets/encryption-config" on single node clusters 1983758 - upgrades are failing on disruptive tests 1983964 - Need Device plugin configuration for the NIC "needVhostNet" & "isRdma" 1984592 - global pull secret not working in OCP4.7.4+ for additional private registries 1985073 - new-in-4.8 ExtremelyHighIndividualControlPlaneCPU fires on some GCP update jobs 1985486 - Cluster Proxy not used during installation on OSP with Kuryr 1985724 - VM Details Page missing translations 1985838 - [OVN] CNO exportNetworkFlows does not clear collectors when deleted 1985933 - Downstream image registry recommendation 1985965 - oVirt CSI driver does not report volume stats 1986216 - [scale] SNO: Slow Pod recovery due to "timed out waiting for OVS port binding" 1986237 - "MachineNotYetDeleted" in Pending state , alert not fired 1986239 - crictl create fails with "PID namespace requested, but sandbox infra container invalid" 1986302 - console continues to fetch prometheus alert and silences for normal user 1986314 - Current MTV installation for KubeVirt import flow creates unusable Forklift UI 1986338 - error creating list of resources in Import YAML 1986502 - yaml multi file dnd duplicates previous dragged files 1986819 - fix string typos for hot-plug disks 1987044 - [OCPV48] Shutoff VM is being shown as "Starting" in WebUI when using spec.runStrategy Manual/RerunOnFailure 1987136 - Declare operatorframework.io/arch.* labels for all operators 1987257 - Go-http-client user-agent being used for oc adm mirror requests 1987263 - fsSpaceFillingUpWarningThreshold not aligned to Kubernetes Garbage Collection Threshold 1987445 - MetalLB integration: All gateway routers in the cluster answer ARP requests for LoadBalancer services IP 1988406 - SSH key dropped when selecting "Customize virtual machine" in UI 1988440 - Network operator changes ovnkube-config too early causing ovnkube-master pods to crashloop during cluster upgrade 1988483 - Azure drop ICMP need to frag FRAG when using OVN: openshift-apiserver becomes False after env runs some time due to communication between one master to pods on another master fails with "Unable to connect to the server" 1988879 - Virtual media based deployment fails on Dell servers due to pending Lifecycle Controller jobs 1989438 - expected replicas is wrong 1989502 - Developer Catalog is disappearing after short time 1989843 - 'More' and 'Show Less' functions are not translated on several page 1990014 - oc debug <pod-name> does not work for Windows pods 1990190 - e2e testing failed with basic manifest: reason/ExternalProvisioning waiting for a volume to be created 1990193 - 'more' and 'Show Less' is not being translated on Home -> Search page 1990255 - Partial or all of the Nodes/StorageClasses don't appear back on UI after text is removed from search bar 1990489 - etcdHighNumberOfFailedGRPCRequests fires only on metal env in CI 1990506 - Missing udev rules in initramfs for /dev/disk/by-id/scsi-* symlinks 1990556 - get-resources.sh doesn't honor the no_proxy settings even with no_proxy var 1990625 - Ironic agent registers with SLAAC address with privacy-stable 1990635 - CVO does not recognize the channel change if desired version and channel changed at the same time 1991067 - github.com can not be resolved inside pods where cluster is running on openstack. 1991573 - Enable typescript strictNullCheck on network-policies files 1991641 - Baremetal Cluster Operator still Available After Delete Provisioning 1991770 - The logLevel and operatorLogLevel values do not work with Cloud Credential Operator 1991819 - Misspelled word "ocurred" in oc inspect cmd 1991942 - Alignment and spacing fixes 1992414 - Two rootdisks show on storage step if 'This is a CD-ROM boot source' is checked 1992453 - The configMap failed to save on VM environment tab 1992466 - The button 'Save' and 'Reload' are not translated on vm environment tab 1992475 - The button 'Open console in New Window' and 'Disconnect' are not translated on vm console tab 1992509 - Could not customize boot source due to source PVC not found 1992541 - all the alert rules' annotations "summary" and "description" should comply with the OpenShift alerting guidelines 1992580 - storageProfile should stay with the same value by check/uncheck the apply button 1992592 - list-type missing in oauth.config.openshift.io for identityProviders breaking Server Side Apply 1992777 - [IBMCLOUD] Default "ibm_iam_authorization_policy" is not working as expected in all scenarios 1993364 - cluster destruction fails to remove router in BYON with Kuryr as primary network (even after BZ 1940159 got fixed) 1993376 - periodic-ci-openshift-release-master-ci-4.6-upgrade-from-stable-4.5-e2e-azure-upgrade is permfailing 1994094 - Some hardcodes are detected at the code level in OpenShift console components 1994142 - Missing required cloud config fields for IBM Cloud 1994733 - MetalLB: IP address is not assigned to service if there is duplicate IP address in two address pools 1995021 - resolv.conf and corefile sync slows down/stops after keepalived container restart 1995335 - [SCALE] ovnkube CNI: remove ovs flows check 1995493 - Add Secret to workload button and Actions button are not aligned on secret details page 1995531 - Create RDO-based Ironic image to be promoted to OKD 1995545 - Project drop-down amalgamates inside main screen while creating storage system for odf-operator 1995887 - [OVN]After reboot egress node, lr-policy-list was not correct, some duplicate records or missed internal IPs 1995924 - CMO should report `Upgradeable: false` when HA workload is incorrectly spread 1996023 - kubernetes.io/hostname values are larger than filter when create localvolumeset from webconsole 1996108 - Allow backwards compatibility of shared gateway mode to inject host-based routes into OVN 1996624 - 100% of the cco-metrics/cco-metrics targets in openshift-cloud-credential-operator namespace are down 1996630 - Fail to delete the first Authorized SSH Key input box on Advanced page 1996647 - Provide more useful degraded message in auth operator on DNS errors 1996736 - Large number of 501 lr-policies in INCI2 env 1996886 - timedout waiting for flows during pod creation and ovn-controller pegged on worker nodes 1996916 - Special Resource Operator(SRO) - Fail to deploy simple-kmod on GCP 1996928 - Enable default operator indexes on ARM 1997028 - prometheus-operator update removes env var support for thanos-sidecar 1997059 - Failed to create cluster in AWS us-east-1 region due to a local zone is used 1997226 - Ingresscontroller reconcilations failing but not shown in operator logs or status of ingresscontroller. 1997245 - "Subscription already exists in openshift-storage namespace" error message is seen while installing odf-operator via UI 1997269 - Have to refresh console to install kube-descheduler 1997478 - Storage operator is not available after reboot cluster instances 1997509 - flake: [sig-cli] oc builds new-build [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 1997967 - storageClass is not reserved from default wizard to customize wizard 1998035 - openstack IPI CI: custom var-lib-etcd.mount (ramdisk) unit is racing due to incomplete After/Before order 1998038 - [e2e][automation] add tests for UI for VM disk hot-plug 1998087 - Fix CephHealthCheck wrapping contents and add data-tests for HealthItem and SecondaryStatus 1998174 - Create storageclass gp3-csi after install ocp cluster on aws 1998183 - "r: Bad Gateway" info is improper 1998235 - Firefox warning: Cookie “csrf-token” will be soon rejected 1998377 - Filesystem table head is not full displayed in disk tab 1998378 - Virtual Machine is 'Not available' in Home -> Overview -> Cluster inventory 1998519 - Add fstype when create localvolumeset instance on web console 1998951 - Keepalived conf ingress peer on in Dual stack cluster contains both IPv6 and IPv4 addresses 1999076 - [UI] Page Not Found error when clicking on Storage link provided in Overview page 1999079 - creating pods before sriovnetworknodepolicy sync up succeed will cause node unschedulable 1999091 - Console update toast notification can appear multiple times 1999133 - removing and recreating static pod manifest leaves pod in error state 1999246 - .indexignore is not ingore when oc command load dc configuration 1999250 - ArgoCD in GitOps operator can't manage namespaces 1999255 - ovnkube-node always crashes out the first time it starts 1999261 - ovnkube-node log spam (and security token leak?) 1999309 - While installing odf-operator via UI, web console update pop-up navigates to OperatorHub -> Operator Installation page 1999314 - console-operator is slow to mark Degraded as False once console starts working 1999425 - kube-apiserver with "[SHOULD NOT HAPPEN] failed to update managedFields" err="failed to convert new object (machine.openshift.io/v1beta1, Kind=MachineHealthCheck) 1999556 - "master" pool should be updated before the CVO reports available at the new version occurred 1999578 - AWS EFS CSI tests are constantly failing 1999603 - Memory Manager allows Guaranteed QoS Pod with hugepages requested is exactly equal to the left over Hugepages 1999619 - cloudinit is malformatted if a user sets a password during VM creation flow 1999621 - Empty ssh_authorized_keys entry is added to VM's cloudinit if created from a customize flow 1999649 - MetalLB: Only one type of IP address can be assigned to service on dual stack cluster from a address pool that have both IPv4 and IPv6 addresses defined 1999668 - openshift-install destroy cluster panic's when given invalid credentials to cloud provider (Azure Stack Hub) 1999734 - IBM Cloud CIS Instance CRN missing in infrastructure manifest/resource 1999771 - revert "force cert rotation every couple days for development" in 4.10 1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function 1999796 - Openshift Console `Helm` tab is not showing helm releases in a namespace when there is high number of deployments in the same namespace. 1999836 - Admin web-console inconsistent status summary of sparse ClusterOperator conditions 1999903 - Click "This is a CD-ROM boot source" ticking "Use template size PVC" on pvc upload form 1999983 - No way to clear upload error from template boot source 2000081 - [IPI baremetal] The metal3 pod failed to restart when switching from Disabled to Managed provisioning without specifying provisioningInterface parameter 2000096 - Git URL is not re-validated on edit build-config form reload 2000216 - Successfully imported ImageStreams are not resolved in DeploymentConfig 2000236 - Confusing usage message from dynkeepalived CLI 2000268 - Mark cluster unupgradable if vcenter, esxi versions or HW versions are unsupported 2000430 - bump cluster-api-provider-ovirt version in installer 2000450 - 4.10: Enable static PV multi-az test 2000490 - All critical alerts shipped by CMO should have links to a runbook 2000521 - Kube-apiserver CO degraded due to failed conditional check (ConfigObservationDegraded) 2000573 - Incorrect StorageCluster CR created and ODF cluster getting installed with 2 Zone OCP cluster 2000628 - ibm-flashsystem-storage-storagesystem got created without any warning even when the attempt was cancelled 2000651 - ImageStreamTag alias results in wrong tag and invalid link in Web Console 2000754 - IPerf2 tests should be lower 2000846 - Structure logs in the entire codebase of Local Storage Operator 2000872 - [tracker] container is not able to list on some directories within the nfs after upgrade to 4.7.24 2000877 - OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM 2000938 - CVO does not respect changes to a Deployment strategy 2000963 - 'Inline-volume (default fs)] volumes should store data' tests are failing on OKD with updated selinux-policy 2001008 - [MachineSets] CloneMode defaults to linkedClone, but I don't have snapshot and should be fullClone 2001240 - Remove response headers for downloads of binaries from OpenShift WebConsole 2001295 - Remove openshift:kubevirt-machine-controllers decleration from machine-api 2001317 - OCP Platform Quota Check - Inaccurate MissingQuota error 2001337 - Details Card in ODF Dashboard mentions OCS 2001339 - fix text content hotplug 2001413 - [e2e][automation] add/delete nic and disk to template 2001441 - Test: oc adm must-gather runs successfully for audit logs - fail due to startup log 2001442 - Empty termination.log file for the kube-apiserver has too permissive mode 2001479 - IBM Cloud DNS unable to create/update records 2001566 - Enable alerts for prometheus operator in UWM 2001575 - Clicking on the perspective switcher shows a white page with loader 2001577 - Quick search placeholder is not displayed properly when the search string is removed 2001578 - [e2e][automation] add tests for vm dashboard tab 2001605 - PVs remain in Released state for a long time after the claim is deleted 2001617 - BucketClass Creation is restricted on 1st page but enabled using side navigation options 2001620 - Cluster becomes degraded if it can't talk to Manila 2001760 - While creating 'Backing Store', 'Bucket Class', 'Namespace Store' user is navigated to 'Installed Operators' page after clicking on ODF 2001761 - Unable to apply cluster operator storage for SNO on GCP platform. 2001765 - Some error message in the log of diskmaker-manager caused confusion 2001784 - show loading page before final results instead of showing a transient message No log files exist 2001804 - Reload feature on Environment section in Build Config form does not work properly 2001810 - cluster admin unable to view BuildConfigs in all namespaces 2001817 - Failed to load RoleBindings list that will lead to ‘Role name’ is not able to be selected on Create RoleBinding page as well 2001823 - OCM controller must update operator status 2001825 - [SNO]ingress/authentication clusteroperator degraded when enable ccm from start 2001835 - Could not select image tag version when create app from dev console 2001855 - Add capacity is disabled for ocs-storagecluster 2001856 - Repeating event: MissingVersion no image found for operand pod 2001959 - Side nav list borders don't extend to edges of container 2002007 - Layout issue on "Something went wrong" page 2002010 - ovn-kube may never attempt to retry a pod creation 2002012 - Cannot change volume mode when cloning a VM from a template 2002027 - Two instances of Dotnet helm chart show as one in topology 2002075 - opm render does not automatically pulling in the image(s) used in the deployments 2002121 - [OVN] upgrades failed for IPI OSP16 OVN IPSec cluster 2002125 - Network policy details page heading should be updated to Network Policy details 2002133 - [e2e][automation] add support/virtualization and improve deleteResource 2002134 - [e2e][automation] add test to verify vm details tab 2002215 - Multipath day1 not working on s390x 2002238 - Image stream tag is not persisted when switching from yaml to form editor 2002262 - [vSphere] Incorrect user agent in vCenter sessions list 2002266 - SinkBinding create form doesn't allow to use subject name, instead of label selector 2002276 - OLM fails to upgrade operators immediately 2002300 - Altering the Schedule Profile configurations doesn't affect the placement of the pods 2002354 - Missing DU configuration "Done" status reporting during ZTP flow 2002362 - Dynamic Plugin - ConsoleRemotePlugin for webpack doesn't use commonjs 2002368 - samples should not go degraded when image allowedRegistries blocks imagestream creation 2002372 - Pod creation failed due to mismatched pod IP address in CNI and OVN 2002397 - Resources search is inconsistent 2002434 - CRI-O leaks some children PIDs 2002443 - Getting undefined error on create local volume set page 2002461 - DNS operator performs spurious updates in response to API's defaulting of service's internalTrafficPolicy 2002504 - When the openshift-cluster-storage-operator is degraded because of "VSphereProblemDetectorController_SyncError", the insights operator is not sending the logs from all pods. 2002559 - User preference for topology list view does not follow when a new namespace is created 2002567 - Upstream SR-IOV worker doc has broken links 2002588 - Change text to be sentence case to align with PF 2002657 - ovn-kube egress IP monitoring is using a random port over the node network 2002713 - CNO: OVN logs should have millisecond resolution 2002748 - [ICNI2] 'ErrorAddingLogicalPort' failed to handle external GW check: timeout waiting for namespace event 2002759 - Custom profile should not allow not including at least one required HTTP2 ciphersuite 2002763 - Two storage systems getting created with external mode RHCS 2002808 - KCM does not use web identity credentials 2002834 - Cluster-version operator does not remove unrecognized volume mounts 2002896 - Incorrect result return when user filter data by name on search page 2002950 - Why spec.containers.command is not created with "oc create deploymentconfig <dc-name> --image=<image> -- <command>" 2003096 - [e2e][automation] check bootsource URL is displaying on review step 2003113 - OpenShift Baremetal IPI installer uses first three defined nodes under hosts in install-config for master nodes instead of filtering the hosts with the master role 2003120 - CI: Uncaught error with ResizeObserver on operand details page 2003145 - Duplicate operand tab titles causes "two children with the same key" warning 2003164 - OLM, fatal error: concurrent map writes 2003178 - [FLAKE][knative] The UI doesn't show updated traffic distribution after accepting the form 2003193 - Kubelet/crio leaks netns and veth ports in the host 2003195 - OVN CNI should ensure host veths are removed 2003204 - Jenkins all new container images (openshift4/ose-jenkins) not supporting '-e JENKINS_PASSWORD=password' ENV which was working for old container images 2003206 - Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace 2003239 - "[sig-builds][Feature:Builds][Slow] can use private repositories as build input" tests fail outside of CI 2003244 - Revert libovsdb client code 2003251 - Patternfly components with list element has list item bullet when they should not. 2003252 - "[sig-builds][Feature:Builds][Slow] starting a build using CLI start-build test context override environment BUILD_LOGLEVEL in buildconfig" tests do not work as expected outside of CI 2003269 - Rejected pods should be filtered from admission regression 2003357 - QE- Removing the epic tags for gherkin tags related to 4.9 Release 2003426 - [e2e][automation] add test for vm details bootorder 2003496 - [e2e][automation] add test for vm resources requirment settings 2003641 - All metal ipi jobs are failing in 4.10 2003651 - ODF4.9+LSO4.8 installation via UI, StorageCluster move to error state 2003655 - [IPI ON-PREM] Keepalived chk_default_ingress track script failed even though default router pod runs on node 2003683 - Samples operator is panicking in CI 2003711 - [UI] Empty file ceph-external-cluster-details-exporter.py downloaded from external cluster "Connection Details" page 2003715 - Error on creating local volume set after selection of the volume mode 2003743 - Remove workaround keeping /boot RW for kdump support 2003775 - etcd pod on CrashLoopBackOff after master replacement procedure 2003788 - CSR reconciler report error constantly when BYOH CSR approved by other Approver 2003792 - Monitoring metrics query graph flyover panel is useless 2003808 - Add Sprint 207 translations 2003845 - Project admin cannot access image vulnerabilities view 2003859 - sdn emits events with garbage messages 2003896 - (release-4.10) ApiRequestCounts conditional gatherer 2004009 - 4.10: Fix multi-az zone scheduling e2e for 5 control plane replicas 2004051 - CMO can report as being Degraded while node-exporter is deployed on all nodes 2004059 - [e2e][automation] fix current tests for downstream 2004060 - Trying to use basic spring boot sample causes crash on Firefox 2004101 - [UI] When creating storageSystem deployment type dropdown under advanced setting doesn't close after selection 2004127 - [flake] openshift-controller-manager event reason/SuccessfulDelete occurs too frequently 2004203 - build config's created prior to 4.8 with image change triggers can result in trigger storm in OCM/openshift-apiserver 2004313 - [RHOCP 4.9.0-rc.0] Failing to deploy Azure cluster from the macOS installer - ignition_bootstrap.ign: no such file or directory 2004449 - Boot option recovery menu prevents image boot 2004451 - The backup filename displayed in the RecentBackup message is incorrect 2004459 - QE - Modified the AddFlow gherkin scripts and automation scripts 2004508 - TuneD issues with the recent ConfigParser changes. 2004510 - openshift-gitops operator hooks gets unauthorized (401) errors during jobs executions 2004542 - [osp][octavia lb] cannot create LoadBalancer type svcs 2004578 - Monitoring and node labels missing for an external storage platform 2004585 - prometheus-k8s-0 cpu usage keeps increasing for the first 3 days 2004596 - [4.10] Bootimage bump tracker 2004597 - Duplicate ramdisk log containers running 2004600 - Duplicate ramdisk log containers running 2004609 - output of "crictl inspectp" is not complete 2004625 - BMC credentials could be logged if they change 2004632 - When LE takes a large amount of time, multiple whereabouts are seen 2004721 - ptp/worker custom threshold doesn't change ptp events threshold 2004736 - [knative] Create button on new Broker form is inactive despite form being filled 2004796 - [e2e][automation] add test for vm scheduling policy 2004814 - (release-4.10) OCM controller - change type of the etc-pki-entitlement secret to opaque 2004870 - [External Mode] Insufficient spacing along y-axis in RGW Latency Performance Card 2004901 - [e2e][automation] improve kubevirt devconsole tests 2004962 - Console frontend job consuming too much CPU in CI 2005014 - state of ODF StorageSystem is misreported during installation or uninstallation 2005052 - Adding a MachineSet selector matchLabel causes orphaned Machines 2005179 - pods status filter is not taking effect 2005182 - sync list of deprecated apis about to be removed 2005282 - Storage cluster name is given as title in StorageSystem details page 2005355 - setuptools 58 makes Kuryr CI fail 2005407 - ClusterNotUpgradeable Alert should be set to Severity Info 2005415 - PTP operator with sidecar api configured throws bind: address already in use 2005507 - SNO spoke cluster failing to reach coreos.live.rootfs_url is missing url in console 2005554 - The switch status of the button "Show default project" is not revealed correctly in code 2005581 - 4.8.12 to 4.9 upgrade hung due to cluster-version-operator pod CrashLoopBackOff: error creating clients: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable 2005761 - QE - Implementing crw-basic feature file 2005783 - Fix accessibility issues in the "Internal" and "Internal - Attached Mode" Installation Flow 2005811 - vSphere Problem Detector operator - ServerFaultCode: InvalidProperty 2005854 - SSH NodePort service is created for each VM 2005901 - KS, KCM and KA going Degraded during master nodes upgrade 2005902 - Current UI flow for MCG only deployment is confusing and doesn't reciprocate any message to the end-user 2005926 - PTP operator NodeOutOfPTPSync rule is using max offset from the master instead of openshift_ptp_clock_state metrics 2005971 - Change telemeter to report the Application Services product usage metrics 2005997 - SELinux domain container_logreader_t does not have a policy to follow sym links for log files 2006025 - Description to use an existing StorageClass while creating StorageSystem needs to be re-phrased 2006060 - ocs-storagecluster-storagesystem details are missing on UI for MCG Only and MCG only in LSO mode deployment types 2006101 - Power off fails for drivers that don't support Soft power off 2006243 - Metal IPI upgrade jobs are running out of disk space 2006291 - bootstrapProvisioningIP set incorrectly when provisioningNetworkCIDR doesn't use the 0th address 2006308 - Backing Store YAML tab on click displays a blank screen on UI 2006325 - Multicast is broken across nodes 2006329 - Console only allows Web Terminal Operator to be installed in OpenShift Operators 2006364 - IBM Cloud: Set resourceGroupId for resourceGroups, not simply resource 2006561 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't have failing rules evaluation [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2006690 - OS boot failure "x64 Exception Type 06 - Invalid Opcode Exception" 2006714 - add retry for etcd errors in kube-apiserver 2006767 - KubePodCrashLooping may not fire 2006803 - Set CoreDNS cache entries for forwarded zones 2006861 - Add Sprint 207 part 2 translations 2006945 - race condition can cause crashlooping bootstrap kube-apiserver in cluster-bootstrap 2006947 - e2e-aws-proxy for 4.10 is permafailing with samples operator errors 2006975 - clusteroperator/etcd status condition should not change reasons frequently due to EtcdEndpointsDegraded 2007085 - Intermittent failure mounting /run/media/iso when booting live ISO from USB stick 2007136 - Creation of BackingStore, BucketClass, NamespaceStore fails 2007271 - CI Integration for Knative test cases 2007289 - kubevirt tests are failing in CI 2007322 - Devfile/Dockerfile import does not work for unsupported git host 2007328 - Updated patternfly to v4.125.3 and pf.quickstarts to v1.2.3. 2007379 - Events are not generated for master offset for ordinary clock 2007443 - [ICNI 2.0] Loadbalancer pods do not establish BFD sessions with all workers that host pods for the routed namespace 2007455 - cluster-etcd-operator: render command should fail if machineCidr contains reserved address 2007495 - Large label value for the metric kubelet_started_pods_errors_total with label message when there is a error 2007522 - No new local-storage-operator-metadata-container is build for 4.10 2007551 - No new ose-aws-efs-csi-driver-operator-bundle-container is build for 4.10 2007580 - Azure cilium installs are failing e2e tests 2007581 - Too many haproxy processes in default-router pod causing high load average after upgrade from v4.8.3 to v4.8.10 2007677 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes 2007692 - 4.9 "old-rhcos" jobs are permafailing with storage test failures 2007710 - ci/prow/e2e-agnostic-cmd job is failing on prow 2007757 - must-gather extracts imagestreams in the "openshift" namespace, but not Templates 2007802 - AWS machine actuator get stuck if machine is completely missing 2008096 - TestAWSFinalizerDeleteS3Bucket sometimes fails to teardown operator 2008119 - The serviceAccountIssuer field on Authentication CR is reseted to “” when installation process 2008151 - Topology breaks on clicking in empty state 2008185 - Console operator go.mod should use go 1.16.version 2008201 - openstack-az job is failing on haproxy idle test 2008207 - vsphere CSI driver doesn't set resource limits 2008223 - gather_audit_logs: fix oc command line to get the current audit profile 2008235 - The Save button in the Edit DC form remains disabled 2008256 - Update Internationalization README with scope info 2008321 - Add correct documentation link for MON_DISK_LOW 2008462 - Disable PodSecurity feature gate for 4.10 2008490 - Backing store details page does not contain all the kebab actions. 2008521 - gcp-hostname service should correct invalid search entries in resolv.conf 2008532 - CreateContainerConfigError:: failed to prepare subPath for volumeMount 2008539 - Registry doesn't fall back to secondary ImageContentSourcePolicy Mirror 2008540 - HighlyAvailableWorkloadIncorrectlySpread always fires on upgrade on cluster with two workers 2008599 - Azure Stack UPI does not have Internal Load Balancer 2008612 - Plugin asset proxy does not pass through browser cache headers 2008712 - VPA webhook timeout prevents all pods from starting 2008733 - kube-scheduler: exposed /debug/pprof port 2008911 - Prometheus repeatedly scaling prometheus-operator replica set 2008926 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial] 2008987 - OpenShift SDN Hosted Egress IP's are not being scheduled to nodes after upgrade to 4.8.12 2009055 - Instances of OCS to be replaced with ODF on UI 2009078 - NetworkPodsCrashLooping alerts in upgrade CI jobs 2009083 - opm blocks pruning of existing bundles during add 2009111 - [IPI-on-GCP] 'Install a cluster with nested virtualization enabled' failed due to unable to launch compute instances 2009131 - [e2e][automation] add more test about vmi 2009148 - [e2e][automation] test vm nic presets and options 2009233 - ACM policy object generated by PolicyGen conflicting with OLM Operator 2009253 - [BM] [IPI] [DualStack] apiVIP and ingressVIP should be of the same primary IP family 2009298 - Service created for VM SSH access is not owned by the VM and thus is not deleted if the VM is deleted 2009384 - UI changes to support BindableKinds CRD changes 2009404 - ovnkube-node pod enters CrashLoopBackOff after OVN_IMAGE is swapped 2009424 - Deployment upgrade is failing availability check 2009454 - Change web terminal subscription permissions from get to list 2009465 - container-selinux should come from rhel8-appstream 2009514 - Bump OVS to 2.16-15 2009555 - Supermicro X11 system not booting from vMedia with AI 2009623 - Console: Observe > Metrics page: Table pagination menu shows bullet points 2009664 - Git Import: Edit of knative service doesn't work as expected for git import flow 2009699 - Failure to validate flavor RAM 2009754 - Footer is not sticky anymore in import forms 2009785 - CRI-O's version file should be pinned by MCO 2009791 - Installer: ibmcloud ignores install-config values 2009823 - [sig-arch] events should not repeat pathologically - reason/VSphereOlderVersionDetected Marking cluster un-upgradeable because one or more VMs are on hardware version vmx-13 2009840 - cannot build extensions on aarch64 because of unavailability of rhel-8-advanced-virt repo 2009859 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests 2009873 - Stale Logical Router Policies and Annotations for a given node 2009879 - There should be test-suite coverage to ensure admin-acks work as expected 2009888 - SRO package name collision between official and community version 2010073 - uninstalling and then reinstalling sriov-network-operator is not working 2010174 - 2 PVs get created unexpectedly with different paths that actually refer to the same device on the node. 2010181 - Environment variables not getting reset on reload on deployment edit form 2010310 - [sig-instrumentation][Late] OpenShift alerting rules should have description and summary annotations [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2010341 - OpenShift Alerting Rules Style-Guide Compliance 2010342 - Local console builds can have out of memory errors 2010345 - OpenShift Alerting Rules Style-Guide Compliance 2010348 - Reverts PIE build mode for K8S components 2010352 - OpenShift Alerting Rules Style-Guide Compliance 2010354 - OpenShift Alerting Rules Style-Guide Compliance 2010359 - OpenShift Alerting Rules Style-Guide Compliance 2010368 - OpenShift Alerting Rules Style-Guide Compliance 2010376 - OpenShift Alerting Rules Style-Guide Compliance 2010662 - Cluster is unhealthy after image-registry-operator tests 2010663 - OpenShift Alerting Rules Style-Guide Compliance (ovn-kubernetes subcomponent) 2010665 - Bootkube tries to use oc after cluster bootstrap is done and there is no API 2010698 - [BM] [IPI] [Dual Stack] Installer must ensure ipv6 short forms too if clusterprovisioning IP is specified as ipv6 address 2010719 - etcdHighNumberOfFailedGRPCRequests runbook is missing 2010864 - Failure building EFS operator 2010910 - ptp worker events unable to identify interface for multiple interfaces 2010911 - RenderOperatingSystem() returns wrong OS version on OCP 4.7.24 2010921 - Azure Stack Hub does not handle additionalTrustBundle 2010931 - SRO CSV uses non default category "Drivers and plugins" 2010946 - concurrent CRD from ovirt-csi-driver-operator gets reconciled by CVO after deployment, changing CR as well. 2011038 - optional operator conditions are confusing 2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass 2011171 - diskmaker-manager constantly redeployed by LSO when creating LV's 2011293 - Build pod are not pulling images if we are not explicitly giving the registry name with the image 2011368 - Tooltip in pipeline visualization shows misleading data 2011386 - [sig-arch] Check if alerts are firing during or after upgrade success --- alert KubePodNotReady fired for 60 seconds with labels 2011411 - Managed Service's Cluster overview page contains link to missing Storage dashboards 2011443 - Cypress tests assuming Admin Perspective could fail on shared/reference cluster 2011513 - Kubelet rejects pods that use resources that should be freed by completed pods 2011668 - Machine stuck in deleting phase in VMware "reconciler failed to Delete machine" 2011693 - (release-4.10) "insightsclient_request_recvreport_total" metric is always incremented 2011698 - After upgrading cluster to 4.8 the kube-state-metrics service doesn't export namespace labels anymore 2011733 - Repository README points to broken documentarion link 2011753 - Ironic resumes clean before raid configuration job is actually completed 2011809 - The nodes page in the openshift console doesn't work. You just get a blank page 2011822 - Obfuscation doesn't work at clusters with OVN 2011882 - SRO helm charts not synced with templates 2011893 - Validation: BMC driver ipmi is not supported for secure UEFI boot 2011896 - [4.10] ClusterVersion Upgradeable=False MultipleReasons should include all messages 2011903 - vsphere-problem-detector: session leak 2011927 - OLM should allow users to specify a proxy for GRPC connections 2011956 - [tracker] Kubelet rejects pods that use resources that should be freed by completed pods 2011960 - [tracker] Storage operator is not available after reboot cluster instances 2011971 - ICNI2 pods are stuck in ContainerCreating state 2011972 - Ingress operator not creating wildcard route for hypershift clusters 2011977 - SRO bundle references non-existent image 2012069 - Refactoring Status controller 2012177 - [OCP 4.9 + OCS 4.8.3] Overview tab is missing under Storage after successful deployment on UI 2012228 - ibmcloud: credentialsrequests invalid for machine-api-operator: resource-group 2012233 - [IBMCLOUD] IPI: "Exceeded limit of remote rules per security group (the limit is 5 remote rules per security group)" 2012235 - [IBMCLOUD] IPI: IBM cloud provider requires ResourceGroupName in cloudproviderconfig 2012317 - Dynamic Plugins: ListPageCreateDropdown items cut off 2012407 - [e2e][automation] improve vm tab console tests 2012426 - ThanosSidecarBucketOperationsFailed/ThanosSidecarUnhealthy alerts don't have namespace label 2012562 - migration condition is not detected in list view 2012770 - when using expression metric openshift_apps_deploymentconfigs_last_failed_rollout_time namespace label is re-written 2012780 - The port 50936 used by haproxy is occupied by kube-apiserver 2012838 - Setting the default maximum container root partition size for Overlay with CRI-O stop working 2012902 - Neutron Ports assigned to Completed Pods are not reused Edit 2012915 - kube_persistentvolumeclaim_labels and kube_persistentvolume_labels are missing in OCP 4.8 monitoring stack 2012971 - Disable operands deletes 2013034 - Cannot install to openshift-nmstate namespace 2013127 - OperatorHub links could not be opened in a new tabs (sharing and open a deep link works fine) 2013199 - post reboot of node SRIOV policy taking huge time 2013203 - UI breaks when trying to create block pool before storage cluster/system creation 2013222 - Full breakage for nightly payload promotion 2013273 - Nil pointer exception when phc2sys options are missing 2013321 - TuneD: high CPU utilization of the TuneD daemon. 2013416 - Multiple assets emit different content to the same filename 2013431 - Application selector dropdown has incorrect font-size and positioning 2013528 - mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8 2013545 - Service binding created outside topology is not visible 2013599 - Scorecard support storage is not included in ocp4.9 2013632 - Correction/Changes in Quick Start Guides for ODF 4.9 (Install ODF guide) 2013646 - fsync controller will show false positive if gaps in metrics are observed. 2013710 - ZTP Operator subscriptions for 4.9 release branch should point to 4.9 by default 2013751 - Service details page is showing wrong in-cluster hostname 2013787 - There are two tittle 'Network Attachment Definition Details' on NAD details page 2013871 - Resource table headings are not aligned with their column data 2013895 - Cannot enable accelerated network via MachineSets on Azure 2013920 - "--collector.filesystem.ignored-mount-points is DEPRECATED and will be removed in 2.0.0, use --collector.filesystem.mount-points-exclude" 2013930 - Create Buttons enabled for Bucket Class, Backingstore and Namespace Store in the absence of Storagesystem(or MCG) 2013969 - oVIrt CSI driver fails on creating PVCs on hosted engine storage domain 2013990 - Observe dashboard crashs on reload when perspective has changed (in another tab) 2013996 - Project detail page: Action "Delete Project" does nothing for the default project 2014071 - Payload imagestream new tags not properly updated during cluster upgrade 2014153 - SRIOV exclusive pooling 2014202 - [OCP-4.8.10] OVN-Kubernetes: service IP is not responding when egressIP set to the namespace 2014238 - AWS console test is failing on importing duplicate YAML definitions 2014245 - Several aria-labels, external links, and labels aren't internationalized 2014248 - Several files aren't internationalized 2014352 - Could not filter out machine by using node name on machines page 2014464 - Unexpected spacing/padding below navigation groups in developer perspective 2014471 - Helm Release notes tab is not automatically open after installing a chart for other languages 2014486 - Integration Tests: OLM single namespace operator tests failing 2014488 - Custom operator cannot change orders of condition tables 2014497 - Regex slows down different forms and creates too much recursion errors in the log 2014538 - Kuryr controller crash looping on self._get_vip_port(loadbalancer).id 'NoneType' object has no attribute 'id' 2014614 - Metrics scraping requests should be assigned to exempt priority level 2014710 - TestIngressStatus test is broken on Azure 2014954 - The prometheus-k8s-{0,1} pods are CrashLoopBackoff repeatedly 2014995 - oc adm must-gather cannot gather audit logs with 'None' audit profile 2015115 - [RFE] PCI passthrough 2015133 - [IBMCLOUD] ServiceID API key credentials seems to be insufficient for ccoctl '--resource-group-name' parameter 2015154 - Support ports defined networks and primarySubnet 2015274 - Yarn dev fails after updates to dynamic plugin JSON schema logic 2015337 - 4.9.0 GA MetalLB operator image references need to be adjusted to match production 2015386 - Possibility to add labels to the built-in OCP alerts 2015395 - Table head on Affinity Rules modal is not fully expanded 2015416 - CI implementation for Topology plugin 2015418 - Project Filesystem query returns No datapoints found 2015420 - No vm resource in project view's inventory 2015422 - No conflict checking on snapshot name 2015472 - Form and YAML view switch button should have distinguishable status 2015481 - [4.10] sriov-network-operator daemon pods are failing to start 2015493 - Cloud Controller Manager Operator does not respect 'additionalTrustBundle' setting 2015496 - Storage - PersistentVolumes : Claim colum value 'No Claim' in English 2015498 - [UI] Add capacity when not applicable (for MCG only deployment and External mode cluster) fails to pass any info. to user and tries to just load a blank screen on 'Add Capacity' button click 2015506 - Home - Search - Resources - APIRequestCount : hard to select an item from ellipsis menu 2015515 - Kubelet checks all providers even if one is configured: NoCredentialProviders: no valid providers in chain. 2015535 - Administration - ResourceQuotas - ResourceQuota details: Inside Pie chart 'x% used' is in English 2015549 - Observe - Metrics: Column heading and pagination text is in English 2015557 - Workloads - DeploymentConfigs : Error message is in English 2015568 - Compute - Nodes : CPU column's values are in English 2015635 - Storage operator fails causing installation to fail on ASH 2015660 - "Finishing boot source customization" screen should not use term "patched" 2015793 - [hypershift] The collect-profiles job's pods should run on the control-plane node 2015806 - Metrics view in Deployment reports "Forbidden" when not cluster-admin 2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning 2015837 - OS_CLOUD overwrites install-config's platform.openstack.cloud 2015950 - update from 4.7.22 to 4.8.11 is failing due to large amount of secrets to watch 2015952 - RH CodeReady Workspaces Operator in e2e testing will soon fail 2016004 - [RFE] RHCOS: help determining whether a user-provided image was already booted (Ignition provisioning already performed) 2016008 - [4.10] Bootimage bump tracker 2016052 - No e2e CI presubmit configured for release component azure-file-csi-driver 2016053 - No e2e CI presubmit configured for release component azure-file-csi-driver-operator 2016054 - No e2e CI presubmit configured for release component cluster-autoscaler 2016055 - No e2e CI presubmit configured for release component console 2016058 - openshift-sync does not synchronise in "ose-jenkins:v4.8" 2016064 - No e2e CI presubmit configured for release component ibm-cloud-controller-manager 2016065 - No e2e CI presubmit configured for release component ibmcloud-machine-controllers 2016175 - Pods get stuck in ContainerCreating state when attaching volumes fails on SNO clusters. 2016179 - Add Sprint 208 translations 2016228 - Collect Profiles pprof secret is hardcoded to openshift-operator-lifecycle-manager 2016235 - should update to 7.5.11 for grafana resources version label 2016296 - Openshift virtualization : Create Windows Server 2019 VM using template : Fails 2016334 - shiftstack: SRIOV nic reported as not supported 2016352 - Some pods start before CA resources are present 2016367 - Empty task box is getting created for a pipeline without finally task 2016435 - Duplicate AlertmanagerClusterFailedToSendAlerts alerts 2016438 - Feature flag gating is missing in few extensions contributed via knative plugin 2016442 - OCPonRHV: pvc should be in Bound state and without error when choosing default sc 2016446 - [OVN-Kubernetes] Egress Networkpolicy is failing Intermittently for statefulsets 2016453 - Complete i18n for GaugeChart defaults 2016479 - iface-id-ver is not getting updated for existing lsp 2016925 - Dashboards with All filter, change to a specific value and change back to All, data will disappear 2016951 - dynamic actions list is not disabling "open console" for stopped vms 2016955 - m5.large instance type for bootstrap node is hardcoded causing deployments to fail if instance type is not available 2016988 - NTO does not set io_timeout and max_retries for AWS Nitro instances 2017016 - [REF] Virtualization menu 2017036 - [sig-network-edge][Feature:Idling] Unidling should handle many TCP connections fails in periodic-ci-openshift-release-master-ci-4.9-e2e-openstack-ovn 2017050 - Dynamic Plugins: Shared modules loaded multiple times, breaking use of PatternFly 2017130 - t is not a function error navigating to details page 2017141 - Project dropdown has a dynamic inline width added which can cause min-width issue 2017244 - ovirt csi operator static files creation is in the wrong order 2017276 - [4.10] Volume mounts not created with the correct security context 2017327 - When run opm index prune failed with error removing operator package cic-operator FOREIGN KEY constraint failed. 2017427 - NTO does not restart TuneD daemon when profile application is taking too long 2017535 - Broken Argo CD link image on GitOps Details Page 2017547 - Siteconfig application sync fails with The AgentClusterInstall is invalid: spec.provisionRequirements.controlPlaneAgents: Required value when updating images references 2017564 - On-prem prepender dispatcher script overwrites DNS search settings 2017565 - CCMO does not handle additionalTrustBundle on Azure Stack 2017566 - MetalLB: Web Console -Create Address pool form shows address pool name twice 2017606 - [e2e][automation] add test to verify send key for VNC console 2017650 - [OVN]EgressFirewall cannot be applied correctly if cluster has windows nodes 2017656 - VM IP address is "undefined" under VM details -> ssh field 2017663 - SSH password authentication is disabled when public key is not supplied 2017680 - [gcp] Couldn’t enable support for instances with GPUs on GCP 2017732 - [KMS] Prevent creation of encryption enabled storageclass without KMS connection set 2017752 - (release-4.10) obfuscate identity provider attributes in collected authentication.operator.openshift.io resource 2017756 - overlaySize setting on containerruntimeconfig is ignored due to cri-o defaults 2017761 - [e2e][automation] dummy bug for 4.9 test dependency 2017872 - Add Sprint 209 translations 2017874 - The installer is incorrectly checking the quota for X instances instead of G and VT instances 2017879 - Add Chinese translation for "alternate" 2017882 - multus: add handling of pod UIDs passed from runtime 2017909 - [ICNI 2.0] ovnkube-masters stop processing add/del events for pods 2018042 - HorizontalPodAutoscaler CPU averageValue did not show up in HPA metrics GUI 2018093 - Managed cluster should ensure control plane pods do not run in best-effort QoS 2018094 - the tooltip length is limited 2018152 - CNI pod is not restarted when It cannot start servers due to ports being used 2018208 - e2e-metal-ipi-ovn-ipv6 are failing 75% of the time 2018234 - user settings are saved in local storage instead of on cluster 2018264 - Delete Export button doesn't work in topology sidebar (general issue with unknown CSV?) 2018272 - Deployment managed by link and topology sidebar links to invalid resource page (at least for Exports) 2018275 - Topology graph doesn't show context menu for Export CSV 2018279 - Edit and Delete confirmation modals for managed resource should close when the managed resource is clicked 2018380 - Migrate docs links to access.redhat.com 2018413 - Error: context deadline exceeded, OCP 4.8.9 2018428 - PVC is deleted along with VM even with "Delete Disks" unchecked 2018445 - [e2e][automation] enhance tests for downstream 2018446 - [e2e][automation] move tests to different level 2018449 - [e2e][automation] add test about create/delete network attachment definition 2018490 - [4.10] Image provisioning fails with file name too long 2018495 - Fix typo in internationalization README 2018542 - Kernel upgrade does not reconcile DaemonSet 2018880 - Get 'No datapoints found.' when query metrics about alert rule KubeCPUQuotaOvercommit and KubeMemoryQuotaOvercommit 2018884 - QE - Adapt crw-basic feature file to OCP 4.9/4.10 changes 2018935 - go.sum not updated, that ART extracts version string from, WAS: Missing backport from 4.9 for Kube bump PR#950 2018965 - e2e-metal-ipi-upgrade is permafailing in 4.10 2018985 - The rootdisk size is 15Gi of windows VM in customize wizard 2019001 - AWS: Operator degraded (CredentialsFailing): 1 of 6 credentials requests are failing to sync. 2019096 - Update SRO leader election timeout to support SNO 2019129 - SRO in operator hub points to wrong repo for README 2019181 - Performance profile does not apply 2019198 - ptp offset metrics are not named according to the log output 2019219 - [IBMCLOUD]: cloud-provider-ibm missing IAM permissions in CCCMO CredentialRequest 2019284 - Stop action should not in the action list while VMI is not running 2019346 - zombie processes accumulation and Argument list too long 2019360 - [RFE] Virtualization Overview page 2019452 - Logger object in LSO appends to existing logger recursively 2019591 - Operator install modal body that scrolls has incorrect padding causing shadow position to be incorrect 2019634 - Pause and migration is enabled in action list for a user who has view only permission 2019636 - Actions in VM tabs should be disabled when user has view only permission 2019639 - "Take snapshot" should be disabled while VM image is still been importing 2019645 - Create button is not removed on "Virtual Machines" page for view only user 2019646 - Permission error should pop-up immediately while clicking "Create VM" button on template page for view only user 2019647 - "Remove favorite" and "Create new Template" should be disabled in template action list for view only user 2019717 - cant delete VM with un-owned pvc attached 2019722 - The shared-resource-csi-driver-node pod runs as “BestEffort” qosClass 2019739 - The shared-resource-csi-driver-node uses imagePullPolicy as "Always" 2019744 - [RFE] Suggest users to download newest RHEL 8 version 2019809 - [OVN][Upgrade] After upgrade to 4.7.34 ovnkube-master pods are in CrashLoopBackOff/ContainerCreating and other multiple issues at OVS/OVN level 2019827 - Display issue with top-level menu items running demo plugin 2019832 - 4.10 Nightlies blocked: Failed to upgrade authentication, operator was degraded 2019886 - Kuryr unable to finish ports recovery upon controller restart 2019948 - [RFE] Restructring Virtualization links 2019972 - The Nodes section doesn't display the csr of the nodes that are trying to join the cluster 2019977 - Installer doesn't validate region causing binary to hang with a 60 minute timeout 2019986 - Dynamic demo plugin fails to build 2019992 - instance:node_memory_utilisation:ratio metric is incorrect 2020001 - Update dockerfile for demo dynamic plugin to reflect dir change 2020003 - MCD does not regard "dangling" symlinks as a files, attempts to write through them on next backup, resulting in "not writing through dangling symlink" error and degradation. 2020107 - cluster-version-operator: remove runlevel from CVO namespace 2020153 - Creation of Windows high performance VM fails 2020216 - installer: Azure storage container blob where is stored bootstrap.ign file shouldn't be public 2020250 - Replacing deprecated ioutil 2020257 - Dynamic plugin with multiple webpack compilation passes may fail to build 2020275 - ClusterOperators link in console returns blank page during upgrades 2020377 - permissions error while using tcpdump option with must-gather 2020489 - coredns_dns metrics don't include the custom zone metrics data due to CoreDNS prometheus plugin is not defined 2020498 - "Show PromQL" button is disabled 2020625 - [AUTH-52] User fails to login from web console with keycloak OpenID IDP after enable group membership sync feature 2020638 - [4.7] CI conformance test failures related to CustomResourcePublishOpenAPI 2020664 - DOWN subports are not cleaned up 2020904 - When trying to create a connection from the Developer view between VMs, it fails 2021016 - 'Prometheus Stats' of dashboard 'Prometheus Overview' miss data on console compared with Grafana 2021017 - 404 page not found error on knative eventing page 2021031 - QE - Fix the topology CI scripts 2021048 - [RFE] Added MAC Spoof check 2021053 - Metallb operator presented as community operator 2021067 - Extensive number of requests from storage version operator in cluster 2021081 - Missing PolicyGenTemplate for configuring Local Storage Operator LocalVolumes 2021135 - [azure-file-csi-driver] "make unit-test" returns non-zero code, but tests pass 2021141 - Cluster should allow a fast rollout of kube-apiserver is failing on single node 2021151 - Sometimes the DU node does not get the performance profile configuration applied and MachineConfigPool stays stuck in Updating 2021152 - imagePullPolicy is "Always" for ptp operator images 2021191 - Project admins should be able to list available network attachment defintions 2021205 - Invalid URL in git import form causes validation to not happen on URL change 2021322 - cluster-api-provider-azure should populate purchase plan information 2021337 - Dynamic Plugins: ResourceLink doesn't render when passed a groupVersionKind 2021364 - Installer requires invalid AWS permission s3:GetBucketReplication 2021400 - Bump documentationBaseURL to 4.10 2021405 - [e2e][automation] VM creation wizard Cloud Init editor 2021433 - "[sig-builds][Feature:Builds][pullsearch] docker build where the registry is not specified" test fail permanently on disconnected 2021466 - [e2e][automation] Windows guest tool mount 2021544 - OCP 4.6.44 - Ingress VIP assigned as secondary IP in ovs-if-br-ex and added to resolv.conf as nameserver 2021551 - Build is not recognizing the USER group from an s2i image 2021607 - Unable to run openshift-install with a vcenter hostname that begins with a numeric character 2021629 - api request counts for current hour are incorrect 2021632 - [UI] Clicking on odf-operator breadcrumb from StorageCluster details page displays empty page 2021693 - Modals assigned modal-lg class are no longer the correct width 2021724 - Observe > Dashboards: Graph lines are not visible when obscured by other lines 2021731 - CCO occasionally down, reporting networksecurity.googleapis.com API as disabled 2021936 - Kubelet version in RPMs should be using Dockerfile label instead of git tags 2022050 - [BM][IPI] Failed during bootstrap - unable to read client-key /var/lib/kubelet/pki/kubelet-client-current.pem 2022053 - dpdk application with vhost-net is not able to start 2022114 - Console logging every proxy request 2022144 - 1 of 3 ovnkube-master pods stuck in clbo after ipi bm deployment - dualstack (Intermittent) 2022251 - wait interval in case of a failed upload due to 403 is unnecessarily long 2022399 - MON_DISK_LOW troubleshooting guide link when clicked, gives 404 error . 2022447 - ServiceAccount in manifests conflicts with OLM 2022502 - Patternfly tables with a checkbox column are not displaying correctly because of conflicting css rules. 2022509 - getOverrideForManifest does not check manifest.GVK.Group 2022536 - WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache 2022612 - no namespace field for "Kubernetes / Compute Resources / Namespace (Pods)" admin console dashboard 2022627 - Machine object not picking up external FIP added to an openstack vm 2022646 - configure-ovs.sh failure - Error: unknown connection 'WARN:' 2022707 - Observe / monitoring dashboard shows forbidden errors on Dev Sandbox 2022801 - Add Sprint 210 translations 2022811 - Fix kubelet log rotation file handle leak 2022812 - [SCALE] ovn-kube service controller executes unnecessary load balancer operations 2022824 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests 2022880 - Pipeline renders with minor visual artifact with certain task dependencies 2022886 - Incorrect URL in operator description 2023042 - CRI-O filters custom runtime allowed annotation when both custom workload and custom runtime sections specified under the config 2023060 - [e2e][automation] Windows VM with CDROM migration 2023077 - [e2e][automation] Home Overview Virtualization status 2023090 - [e2e][automation] Examples of Import URL for VM templates 2023102 - [e2e][automation] Cloudinit disk of VM from custom template 2023216 - ACL for a deleted egressfirewall still present on node join switch 2023228 - Remove Tech preview badge on Trigger components 1.6 OSP on OCP 4.9 2023238 - [sig-devex][Feature:ImageEcosystem][python][Slow] hot deploy for openshift python image Django example should work with hot deploy 2023342 - SCC admission should take ephemeralContainers into account 2023356 - Devfiles can't be loaded in Safari on macOS (403 - Forbidden) 2023434 - Update Azure Machine Spec API to accept Marketplace Images 2023500 - Latency experienced while waiting for volumes to attach to node 2023522 - can't remove package from index: database is locked 2023560 - "Network Attachment Definitions" has no project field on the top in the list view 2023592 - [e2e][automation] add mac spoof check for nad 2023604 - ACL violation when deleting a provisioning-configuration resource 2023607 - console returns blank page when normal user without any projects visit Installed Operators page 2023638 - Downgrade support level for extended control plane integration to Dev Preview 2023657 - inconsistent behaviours of adding ssh key on rhel node between 4.9 and 4.10 2023675 - Changing CNV Namespace 2023779 - Fix Patch 104847 in 4.9 2023781 - initial hardware devices is not loading in wizard 2023832 - CCO updates lastTransitionTime for non-Status changes 2023839 - Bump recommended FCOS to 34.20211031.3.0 2023865 - Console css overrides prevent dynamic plug-in PatternFly tables from displaying correctly 2023950 - make test-e2e-operator on kubernetes-nmstate results in failure to pull image from "registry:5000" repository 2023985 - [4.10] OVN idle service cannot be accessed after upgrade from 4.8 2024055 - External DNS added extra prefix for the TXT record 2024108 - Occasionally node remains in SchedulingDisabled state even after update has been completed sucessfully 2024190 - e2e-metal UPI is permafailing with inability to find rhcos.json 2024199 - 400 Bad Request error for some queries for the non admin user 2024220 - Cluster monitoring checkbox flickers when installing Operator in all-namespace mode 2024262 - Sample catalog is not displayed when one API call to the backend fails 2024309 - cluster-etcd-operator: defrag controller needs to provide proper observability 2024316 - modal about support displays wrong annotation 2024328 - [oVirt / RHV] PV disks are lost when machine deleted while node is disconnected 2024399 - Extra space is in the translated text of "Add/Remove alternate service" on Create Route page 2024448 - When ssh_authorized_keys is empty in form view it should not appear in yaml view 2024493 - Observe > Alerting > Alerting rules page throws error trying to destructure undefined 2024515 - test-blocker: Ceph-storage-plugin tests failing 2024535 - hotplug disk missing OwnerReference 2024537 - WINDOWS_IMAGE_LINK does not refer to windows cloud image 2024547 - Detail page is breaking for namespace store , backing store and bucket class. 2024551 - KMS resources not getting created for IBM FlashSystem storage 2024586 - Special Resource Operator(SRO) - Empty image in BuildConfig when using RT kernel 2024613 - pod-identity-webhook starts without tls 2024617 - vSphere CSI tests constantly failing with Rollout of the monitoring stack failed and is degraded 2024665 - Bindable services are not shown on topology 2024731 - linuxptp container: unnecessary checking of interfaces 2024750 - i18n some remaining OLM items 2024804 - gcp-pd-csi-driver does not use trusted-ca-bundle when cluster proxy configured 2024826 - [RHOS/IPI] Masters are not joining a clusters when installing on OpenStack 2024841 - test Keycloak with latest tag 2024859 - Not able to deploy an existing image from private image registry using developer console 2024880 - Egress IP breaks when network policies are applied 2024900 - Operator upgrade kube-apiserver 2024932 - console throws "Unauthorized" error after logging out 2024933 - openshift-sync plugin does not sync existing secrets/configMaps on start up 2025093 - Installer does not honour diskformat specified in storage policy and defaults to zeroedthick 2025230 - ClusterAutoscalerUnschedulablePods should not be a warning 2025266 - CreateResource route has exact prop which need to be removed 2025301 - [e2e][automation] VM actions availability in different VM states 2025304 - overwrite storage section of the DV spec instead of the pvc section 2025431 - [RFE]Provide specific windows source link 2025458 - [IPI-AWS] cluster-baremetal-operator pod in a crashloop state after patching from 4.7.21 to 4.7.36 2025464 - [aws] openshift-install gather bootstrap collects logs for bootstrap and only one master node 2025467 - [OVN-K][ETP=local] Host to service backed by ovn pods doesn't work for ExternalTrafficPolicy=local 2025481 - Update VM Snapshots UI 2025488 - [DOCS] Update the doc for nmstate operator installation 2025592 - ODC 4.9 supports invalid devfiles only 2025765 - It should not try to load from storageProfile after unchecking"Apply optimized StorageProfile settings" 2025767 - VMs orphaned during machineset scaleup 2025770 - [e2e] non-priv seems looking for v2v-vmware configMap in ns "kubevirt-hyperconverged" while using customize wizard 2025788 - [IPI on azure]Pre-check on IPI Azure, should check VM Size’s vCPUsAvailable instead of vCPUs for the sku. 2025821 - Make "Network Attachment Definitions" available to regular user 2025823 - The console nav bar ignores plugin separator in existing sections 2025830 - CentOS capitalizaion is wrong 2025837 - Warn users that the RHEL URL expire 2025884 - External CCM deploys openstack-cloud-controller-manager from quay.io/openshift/origin-* 2025903 - [UI] RoleBindings tab doesn't show correct rolebindings 2026104 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2026178 - OpenShift Alerting Rules Style-Guide Compliance 2026209 - Updation of task is getting failed (tekton hub integration) 2026223 - Internal error occurred: failed calling webhook "ptpconfigvalidationwebhook.openshift.io" 2026321 - [UPI on Azure] Shall we remove allowedValue about VMSize in ARM templates 2026343 - [upgrade from 4.5 to 4.6] .status.connectionState.address of catsrc community-operators is not correct 2026352 - Kube-Scheduler revision-pruner fail during install of new cluster 2026374 - aws-pod-identity-webhook go.mod version out of sync with build environment 2026383 - Error when rendering custom Grafana dashboard through ConfigMap 2026387 - node tuning operator metrics endpoint serving old certificates after certificate rotation 2026396 - Cachito Issues: sriov-network-operator Image build failure 2026488 - openshift-controller-manager - delete event is repeating pathologically 2026489 - ThanosRuleRuleEvaluationLatencyHigh alerts when a big quantity of alerts defined. 2026560 - Cluster-version operator does not remove unrecognized volume mounts 2026699 - fixed a bug with missing metadata 2026813 - add Mellanox CX-6 Lx DeviceID 101f NIC support in SR-IOV Operator 2026898 - Description/details are missing for Local Storage Operator 2027132 - Use the specific icon for Fedora and CentOS template 2027238 - "Node Exporter / USE Method / Cluster" CPU utilization graph shows incorrect legend 2027272 - KubeMemoryOvercommit alert should be human readable 2027281 - [Azure] External-DNS cannot find the private DNS zone in the resource group 2027288 - Devfile samples can't be loaded after fixing it on Safari (redirect caching issue) 2027299 - The status of checkbox component is not revealed correctly in code 2027311 - K8s watch hooks do not work when fetching core resources 2027342 - Alert ClusterVersionOperatorDown is firing on OpenShift Container Platform after ca certificate rotation 2027363 - The azure-file-csi-driver and azure-file-csi-driver-operator don't use the downstream images 2027387 - [IBMCLOUD] Terraform ibmcloud-provider buffers entirely the qcow2 image causing spikes of 5GB of RAM during installation 2027498 - [IBMCloud] SG Name character length limitation 2027501 - [4.10] Bootimage bump tracker 2027524 - Delete Application doesn't delete Channels or Brokers 2027563 - e2e/add-flow-ci.feature fix accessibility violations 2027585 - CVO crashes when changing spec.upstream to a cincinnati graph which includes invalid conditional edges 2027629 - Gather ValidatingWebhookConfiguration and MutatingWebhookConfiguration resource definitions 2027685 - openshift-cluster-csi-drivers pods crashing on PSI 2027745 - default samplesRegistry prevents the creation of imagestreams when registrySources.allowedRegistries is enforced 2027824 - ovnkube-master CrashLoopBackoff: panic: Expected slice or struct but got string 2027917 - No settings in hostfirmwaresettings and schema objects for masters 2027927 - sandbox creation fails due to obsolete option in /etc/containers/storage.conf 2027982 - nncp stucked at ConfigurationProgressing 2028019 - Max pending serving CSRs allowed in cluster machine approver is not right for UPI clusters 2028024 - After deleting a SpecialResource, the node is still tagged although the driver is removed 2028030 - Panic detected in cluster-image-registry-operator pod 2028042 - Desktop viewer for Windows VM shows "no Service for the RDP (Remote Desktop Protocol) can be found" 2028054 - Cloud controller manager operator can't get leader lease when upgrading from 4.8 up to 4.9 2028106 - [RFE] Use dynamic plugin actions for kubevirt plugin 2028141 - Console tests doesn't pass on Node.js 15 and 16 2028160 - Remove i18nKey in network-policy-peer-selectors.tsx 2028162 - Add Sprint 210 translations 2028170 - Remove leading and trailing whitespace 2028174 - Add Sprint 210 part 2 translations 2028187 - Console build doesn't pass on Node.js 16 because node-sass doesn't support it 2028217 - Cluster-version operator does not default Deployment replicas to one 2028240 - Multiple CatalogSources causing higher CPU use than necessary 2028268 - Password parameters are listed in FirmwareSchema in spite that cannot and shouldn't be set in HostFirmwareSettings 2028325 - disableDrain should be set automatically on SNO 2028484 - AWS EBS CSI driver's livenessprobe does not respect operator's loglevel 2028531 - Missing netFilter to the list of parameters when platform is OpenStack 2028610 - Installer doesn't retry on GCP rate limiting 2028685 - LSO repeatedly reports errors while diskmaker-discovery pod is starting 2028695 - destroy cluster does not prune bootstrap instance profile 2028731 - The containerruntimeconfig controller has wrong assumption regarding the number of containerruntimeconfigs 2028802 - CRI-O panic due to invalid memory address or nil pointer dereference 2028816 - VLAN IDs not released on failures 2028881 - Override not working for the PerformanceProfile template 2028885 - Console should show an error context if it logs an error object 2028949 - Masthead dropdown item hover text color is incorrect 2028963 - Whereabouts should reconcile stranded IP addresses 2029034 - enabling ExternalCloudProvider leads to inoperative cluster 2029178 - Create VM with wizard - page is not displayed 2029181 - Missing CR from PGT 2029273 - wizard is not able to use if project field is "All Projects" 2029369 - Cypress tests github rate limit errors 2029371 - patch pipeline--worker nodes unexpectedly reboot during scale out 2029394 - missing empty text for hardware devices at wizard review 2029414 - Alibaba Disk snapshots with XFS filesystem cannot be used 2029416 - Alibaba Disk CSI driver does not use credentials provided by CCO / ccoctl 2029521 - EFS CSI driver cannot delete volumes under load 2029570 - Azure Stack Hub: CSI Driver does not use user-ca-bundle 2029579 - Clicking on an Application which has a Helm Release in it causes an error 2029644 - New resource FirmwareSchema - reset_required exists for Dell machines and doesn't for HPE 2029645 - Sync upstream 1.15.0 downstream 2029671 - VM action "pause" and "clone" should be disabled while VM disk is still being importing 2029742 - [ovn] Stale lr-policy-list and snat rules left for egressip 2029750 - cvo keep restart due to it fail to get feature gate value during the initial start stage 2029785 - CVO panic when an edge is included in both edges and conditionaledges 2029843 - Downstream ztp-site-generate-rhel8 4.10 container image missing content(/home/ztp) 2030003 - HFS CRD: Attempt to set Integer parameter to not-numeric string value - no error 2030029 - [4.10][goroutine]Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace 2030228 - Fix StorageSpec resources field to use correct API 2030229 - Mirroring status card reflect wrong data 2030240 - Hide overview page for non-privileged user 2030305 - Export App job do not completes 2030347 - kube-state-metrics exposes metrics about resource annotations 2030364 - Shared resource CSI driver monitoring is not setup correctly 2030488 - Numerous Azure CI jobs are Failing with Partially Rendered machinesets 2030534 - Node selector/tolerations rules are evaluated too early 2030539 - Prometheus is not highly available 2030556 - Don't display Description or Message fields for alerting rules if those annotations are missing 2030568 - Operator installation fails to parse operatorframework.io/initialization-resource annotation 2030574 - console service uses older "service.alpha.openshift.io" for the service serving certificates. 2030677 - BOND CNI: There is no option to configure MTU on a Bond interface 2030692 - NPE in PipelineJobListener.upsertWorkflowJob 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache 2030806 - CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error 2030847 - PerformanceProfile API version should be v2 2030961 - Customizing the OAuth server URL does not apply to upgraded cluster 2031006 - Application name input field is not autofocused when user selects "Create application" 2031012 - Services of type loadbalancer do not work if the traffic reaches the node from an interface different from br-ex 2031040 - Error screen when open topology sidebar for a Serverless / knative service which couldn't be started 2031049 - [vsphere upi] pod machine-config-operator cannot be started due to panic issue 2031057 - Topology sidebar for Knative services shows a small pod ring with "0 undefined" as tooltip 2031060 - Failing CSR Unit test due to expired test certificate 2031085 - ovs-vswitchd running more threads than expected 2031141 - Some pods not able to reach k8s api svc IP 198.223.0.1 2031228 - CVE-2021-43813 grafana: directory traversal vulnerability 2031502 - [RFE] New common templates crash the ui 2031685 - Duplicated forward upstreams should be removed from the dns operator 2031699 - The displayed ipv6 address of a dns upstream should be case sensitive 2031797 - [RFE] Order and text of Boot source type input are wrong 2031826 - CI tests needed to confirm driver-toolkit image contents 2031831 - OCP Console - Global CSS overrides affecting dynamic plugins 2031839 - Starting from Go 1.17 invalid certificates will render a cluster dysfunctional 2031858 - GCP beta-level Role (was: CCO occasionally down, reporting networksecurity.googleapis.com API as disabled) 2031875 - [RFE]: Provide online documentation for the SRO CRD (via oc explain) 2031926 - [ipv6dualstack] After SVC conversion from single stack only to RequireDualStack, cannot curl NodePort from the node itself 2032006 - openshift-gitops-application-controller-0 failed to schedule with sufficient node allocatable resource 2032111 - arm64 cluster, create project and deploy the example deployment, pod is CrashLoopBackOff due to the image is built on linux+amd64 2032141 - open the alertrule link in new tab, got empty page 2032179 - [PROXY] external dns pod cannot reach to cloud API in the cluster behind a proxy 2032296 - Cannot create machine with ephemeral disk on Azure 2032407 - UI will show the default openshift template wizard for HANA template 2032415 - Templates page - remove "support level" badge and add "support level" column which should not be hard coded 2032421 - [RFE] UI integration with automatic updated images 2032516 - Not able to import git repo with .devfile.yaml 2032521 - openshift-installer intermittent failure on AWS with "Error: Provider produced inconsistent result after apply" when creating the aws_vpc_dhcp_options_association resource 2032547 - hardware devices table have filter when table is empty 2032565 - Deploying compressed files with a MachineConfig resource degrades the MachineConfigPool 2032566 - Cluster-ingress-router does not support Azure Stack 2032573 - Adopting enforces deploy_kernel/ramdisk which does not work with deploy_iso 2032589 - DeploymentConfigs ignore resolve-names annotation 2032732 - Fix styling conflicts due to recent console-wide CSS changes 2032831 - Knative Services and Revisions are not shown when Service has no ownerReference 2032851 - Networking is "not available" in Virtualization Overview 2032926 - Machine API components should use K8s 1.23 dependencies 2032994 - AddressPool IP is not allocated to service external IP wtih aggregationLength 24 2032998 - Can not achieve 250 pods/node with OVNKubernetes in a multiple worker node cluster 2033013 - Project dropdown in user preferences page is broken 2033044 - Unable to change import strategy if devfile is invalid 2033098 - Conjunction in ProgressiveListFooter.tsx is not translatable 2033111 - IBM VPC operator library bump removed global CLI args 2033138 - "No model registered for Templates" shows on customize wizard 2033215 - Flaky CI: crud/other-routes.spec.ts fails sometimes with an cypress ace/a11y AssertionError: 1 accessibility violation was detected 2033239 - [IPI on Alibabacloud] 'openshift-install' gets the wrong region (‘cn-hangzhou’) selected 2033257 - unable to use configmap for helm charts 2033271 - [IPI on Alibabacloud] destroying cluster succeeded, but the resource group deletion wasn’t triggered 2033290 - Product builds for console are failing 2033382 - MAPO is missing machine annotations 2033391 - csi-driver-shared-resource-operator sets unused CVO-manifest annotations 2033403 - Devfile catalog does not show provider information 2033404 - Cloud event schema is missing source type and resource field is using wrong value 2033407 - Secure route data is not pre-filled in edit flow form 2033422 - CNO not allowing LGW conversion from SGW in runtime 2033434 - Offer darwin/arm64 oc in clidownloads 2033489 - CCM operator failing on baremetal platform 2033518 - [aws-efs-csi-driver]Should not accept invalid FSType in sc for AWS EFS driver 2033524 - [IPI on Alibabacloud] interactive installer cannot list existing base domains 2033536 - [IPI on Alibabacloud] bootstrap complains invalid value for alibabaCloud.resourceGroupID when updating "cluster-infrastructure-02-config.yml" status, which leads to bootstrap failed and all master nodes NotReady 2033538 - Gather Cost Management Metrics Custom Resource 2033579 - SRO cannot update the special-resource-lifecycle ConfigMap if the data field is undefined 2033587 - Flaky CI test project-dashboard.scenario.ts: Resource Quotas Card was not found on project detail page 2033634 - list-style-type: disc is applied to the modal dropdowns 2033720 - Update samples in 4.10 2033728 - Bump OVS to 2.16.0-33 2033729 - remove runtime request timeout restriction for azure 2033745 - Cluster-version operator makes upstream update service / Cincinnati requests more frequently than intended 2033749 - Azure Stack Terraform fails without Local Provider 2033750 - Local volume should pull multi-arch image for kube-rbac-proxy 2033751 - Bump kubernetes to 1.23 2033752 - make verify fails due to missing yaml-patch 2033784 - set kube-apiserver degraded=true if webhook matches a virtual resource 2034004 - [e2e][automation] add tests for VM snapshot improvements 2034068 - [e2e][automation] Enhance tests for 4.10 downstream 2034087 - [OVN] EgressIP was assigned to the node which is not egress node anymore 2034097 - [OVN] After edit EgressIP object, the status is not correct 2034102 - [OVN] Recreate the deleted EgressIP object got InvalidEgressIP warning 2034129 - blank page returned when clicking 'Get started' button 2034144 - [OVN AWS] ovn-kube egress IP monitoring cannot detect the failure on ovn-k8s-mp0 2034153 - CNO does not verify MTU migration for OpenShiftSDN 2034155 - [OVN-K] [Multiple External Gateways] Per pod SNAT is disabled 2034170 - Use function.knative.dev for Knative Functions related labels 2034190 - unable to add new VirtIO disks to VMs 2034192 - Prometheus fails to insert reporting metrics when the sample limit is met 2034243 - regular user cant load template list 2034245 - installing a cluster on aws, gcp always fails with "Error: Incompatible provider version" 2034248 - GPU/Host device modal is too small 2034257 - regular user `Create VM` missing permissions alert 2034285 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial] 2034287 - do not block upgrades if we can't create storageclass in 4.10 in vsphere 2034300 - Du validator policy is NonCompliant after DU configuration completed 2034319 - Negation constraint is not validating packages 2034322 - CNO doesn't pick up settings required when ExternalControlPlane topology 2034350 - The CNO should implement the Whereabouts IP reconciliation cron job 2034362 - update description of disk interface 2034398 - The Whereabouts IPPools CRD should include the podref field 2034409 - Default CatalogSources should be pointing to 4.10 index images 2034410 - Metallb BGP, BFD: prometheus is not scraping the frr metrics 2034413 - cloud-network-config-controller fails to init with secret "cloud-credentials" not found in manual credential mode 2034460 - Summary: cloud-network-config-controller does not account for different environment 2034474 - Template's boot source is "Unknown source" before and after set enableCommonBootImageImport to true 2034477 - [OVN] Multiple EgressIP objects configured, EgressIPs weren't working properly 2034493 - Change cluster version operator log level 2034513 - [OVN] After update one EgressIP in EgressIP object, one internal IP lost from lr-policy-list 2034527 - IPI deployment fails 'timeout reached while inspecting the node' when provisioning network ipv6 2034528 - [IBM VPC] volumeBindingMode should be WaitForFirstConsumer 2034534 - Update ose-machine-api-provider-openstack images to be consistent with ART 2034537 - Update team 2034559 - KubeAPIErrorBudgetBurn firing outside recommended latency thresholds 2034563 - [Azure] create machine with wrong ephemeralStorageLocation value success 2034577 - Current OVN gateway mode should be reflected on node annotation as well 2034621 - context menu not popping up for application group 2034622 - Allow volume expansion by default in vsphere CSI storageclass 4.10 2034624 - Warn about unsupported CSI driver in vsphere operator 2034647 - missing volumes list in snapshot modal 2034648 - Rebase openshift-controller-manager to 1.23 2034650 - Rebase openshift/builder to 1.23 2034705 - vSphere: storage e2e tests logging configuration data 2034743 - EgressIP: assigning the same egress IP to a second EgressIP object after a ovnkube-master restart does not fail. 2034766 - Special Resource Operator(SRO) - no cert-manager pod created in dual stack environment 2034785 - ptpconfig with summary_interval cannot be applied 2034823 - RHEL9 should be starred in template list 2034838 - An external router can inject routes if no service is added 2034839 - Jenkins sync plugin does not synchronize ConfigMap having label role=jenkins-agent 2034879 - Lifecycle hook's name and owner shouldn't be allowed to be empty 2034881 - Cloud providers components should use K8s 1.23 dependencies 2034884 - ART cannot build the image because it tries to download controller-gen 2034889 - `oc adm prune deployments` does not work 2034898 - Regression in recently added Events feature 2034957 - update openshift-apiserver to kube 1.23.1 2035015 - ClusterLogForwarding CR remains stuck remediating forever 2035093 - openshift-cloud-network-config-controller never runs on Hypershift cluster 2035141 - [RFE] Show GPU/Host devices in template's details tab 2035146 - "kubevirt-plugin~PVC cannot be empty" shows on add-disk modal while adding existing PVC 2035167 - [cloud-network-config-controller] unable to deleted cloudprivateipconfig when deleting 2035199 - IPv6 support in mtu-migration-dispatcher.yaml 2035239 - e2e-metal-ipi-virtualmedia tests are permanently failing 2035250 - Peering with ebgp peer over multi-hops doesn't work 2035264 - [RFE] Provide a proper message for nonpriv user who not able to add PCI devices 2035315 - invalid test cases for AWS passthrough mode 2035318 - Upgrade management workflow needs to allow custom upgrade graph path for disconnected env 2035321 - Add Sprint 211 translations 2035326 - [ExternalCloudProvider] installation with additional network on workers fails 2035328 - Ccoctl does not ignore credentials request manifest marked for deletion 2035333 - Kuryr orphans ports on 504 errors from Neutron 2035348 - Fix two grammar issues in kubevirt-plugin.json strings 2035393 - oc set data --dry-run=server makes persistent changes to configmaps and secrets 2035409 - OLM E2E test depends on operator package that's no longer published 2035439 - SDN Automatic assignment EgressIP on GCP returned node IP adress not egressIP address 2035453 - [IPI on Alibabacloud] 2 worker machines stuck in Failed phase due to connection to 'ecs-cn-hangzhou.aliyuncs.com' timeout, although the specified region is 'us-east-1' 2035454 - [IPI on Alibabacloud] the OSS bucket created during installation for image registry is not deleted after destroying the cluster 2035467 - UI: Queried metrics can't be ordered on Oberve->Metrics page 2035494 - [SDN Migration]ovnkube-node pods CrashLoopBackOff after sdn migrated to ovn for RHEL workers 2035515 - [IBMCLOUD] allowVolumeExpansion should be true in storage class 2035602 - [e2e][automation] add tests for Virtualization Overview page cards 2035703 - Roles -> RoleBindings tab doesn't show RoleBindings correctly 2035704 - RoleBindings list page filter doesn't apply 2035705 - Azure 'Destroy cluster' get stuck when the cluster resource group is already not existing. 2035757 - [IPI on Alibabacloud] one master node turned NotReady which leads to installation failed 2035772 - AccessMode and VolumeMode is not reserved for customize wizard 2035847 - Two dashes in the Cronjob / Job pod name 2035859 - the output of opm render doesn't contain olm.constraint which is defined in dependencies.yaml 2035882 - [BIOS setting values] Create events for all invalid settings in spec 2035903 - One redundant capi-operator credential requests in “oc adm extract --credentials-requests” 2035910 - [UI] Manual approval options are missing after ODF 4.10 installation starts when Manual Update approval is chosen 2035927 - Cannot enable HighNodeUtilization scheduler profile 2035933 - volume mode and access mode are empty in customize wizard review tab 2035969 - "ip a " shows "Error: Peer netns reference is invalid" after create test pods 2035986 - Some pods under kube-scheduler/kube-controller-manager are using the deprecated annotation 2036006 - [BIOS setting values] Attempt to set Integer parameter results in preparation error 2036029 - New added cloud-network-config operator doesn’t supported aws sts format credential 2036096 - [azure-file-csi-driver] there are no e2e tests for NFS backend 2036113 - cluster scaling new nodes ovs-configuration fails on all new nodes 2036567 - [csi-driver-nfs] Upstream merge: Bump k8s libraries to 1.23 2036569 - [cloud-provider-openstack] Upstream merge: Bump k8s libraries to 1.23 2036577 - OCP 4.10 nightly builds from 4.10.0-0.nightly-s390x-2021-12-18-034912 to 4.10.0-0.nightly-s390x-2022-01-11-233015 fail to upgrade from OCP 4.9.11 and 4.9.12 for network type OVNKubernetes for zVM hypervisor environments 2036622 - sdn-controller crashes when restarted while a previous egress IP assignment exists 2036717 - Valid AlertmanagerConfig custom resource with valid a mute time interval definition is rejected 2036826 - `oc adm prune deployments` can prune the RC/RS 2036827 - The ccoctl still accepts CredentialsRequests without ServiceAccounts on GCP platform 2036861 - kube-apiserver is degraded while enable multitenant 2036937 - Command line tools page shows wrong download ODO link 2036940 - oc registry login fails if the file is empty or stdout 2036951 - [cluster-csi-snapshot-controller-operator] proxy settings is being injected in container 2036989 - Route URL copy to clipboard button wraps to a separate line by itself 2036990 - ZTP "DU Done inform policy" never becomes compliant on multi-node clusters 2036993 - Machine API components should use Go lang version 1.17 2037036 - The tuned profile goes into degraded status and ksm.service is displayed in the log. 2037061 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cluster-api 2037073 - Alertmanager container fails to start because of startup probe never being successful 2037075 - Builds do not support CSI volumes 2037167 - Some log level in ibm-vpc-block-csi-controller are hard code 2037168 - IBM-specific Deployment manifest for package-server-manager should be excluded on non-IBM cluster-profiles 2037182 - PingSource badge color is not matched with knativeEventing color 2037203 - "Running VMs" card is too small in Virtualization Overview 2037209 - [IPI on Alibabacloud] worker nodes are put in the default resource group unexpectedly 2037237 - Add "This is a CD-ROM boot source" to customize wizard 2037241 - default TTL for noobaa cache buckets should be 0 2037246 - Cannot customize auto-update boot source 2037276 - [IBMCLOUD] vpc-node-label-updater may fail to label nodes appropriately 2037288 - Remove stale image reference 2037331 - Ensure the ccoctl behaviors are similar between aws and gcp on the existing resources 2037483 - Rbacs for Pods within the CBO should be more restrictive 2037484 - Bump dependencies to k8s 1.23 2037554 - Mismatched wave number error message should include the wave numbers that are in conflict 2037622 - [4.10-Alibaba CSI driver][Restore size for volumesnapshot/volumesnapshotcontent is showing as 0 in Snapshot feature for Alibaba platform] 2037635 - impossible to configure custom certs for default console route in ingress config 2037637 - configure custom certificate for default console route doesn't take effect for OCP >= 4.8 2037638 - Builds do not support CSI volumes as volume sources 2037664 - text formatting issue in Installed Operators list table 2037680 - [IPI on Alibabacloud] sometimes operator 'cloud-controller-manager' tells empty VERSION, due to conflicts on listening tcp :8080 2037689 - [IPI on Alibabacloud] sometimes operator 'cloud-controller-manager' tells empty VERSION, due to conflicts on listening tcp :8080 2037801 - Serverless installation is failing on CI jobs for e2e tests 2037813 - Metal Day 1 Networking - networkConfig Field Only Accepts String Format 2037856 - use lease for leader election 2037891 - 403 Forbidden error shows for all the graphs in each grafana dashboard after upgrade from 4.9 to 4.10 2037903 - Alibaba Cloud: delete-ram-user requires the credentials-requests 2037904 - upgrade operator deployment failed due to memory limit too low for manager container 2038021 - [4.10-Alibaba CSI driver][Default volumesnapshot class is not added/present after successful cluster installation] 2038034 - non-privileged user cannot see auto-update boot source 2038053 - Bump dependencies to k8s 1.23 2038088 - Remove ipa-downloader references 2038160 - The `default` project missed the annotation : openshift.io/node-selector: "" 2038166 - Starting from Go 1.17 invalid certificates will render a cluster non-functional 2038196 - must-gather is missing collecting some metal3 resources 2038240 - Error when configuring a file using permissions bigger than decimal 511 (octal 0777) 2038253 - Validator Policies are long lived 2038272 - Failures to build a PreprovisioningImage are not reported 2038384 - Azure Default Instance Types are Incorrect 2038389 - Failing test: [sig-arch] events should not repeat pathologically 2038412 - Import page calls the git file list unnecessarily twice from GitHub/GitLab/Bitbucket 2038465 - Upgrade chromedriver to 90.x to support Mac M1 chips 2038481 - kube-controller-manager-guard and openshift-kube-scheduler-guard pods being deleted and restarted on a cordoned node when drained 2038596 - Auto egressIP for OVN cluster on GCP: After egressIP object is deleted, egressIP still takes effect 2038663 - update kubevirt-plugin OWNERS 2038691 - [AUTH-8] Panic on user login when the user belongs to a group in the IdP side and the group already exists via "oc adm groups new" 2038705 - Update ptp reviewers 2038761 - Open Observe->Targets page, wait for a while, page become blank 2038768 - All the filters on the Observe->Targets page can't work 2038772 - Some monitors failed to display on Observe->Targets page 2038793 - [SDN EgressIP] After reboot egress node, the egressip was lost from egress node 2038827 - should add user containers in /etc/subuid and /etc/subgid to support run pods in user namespaces 2038832 - New templates for centos stream8 are missing registry suggestions in create vm wizard 2038840 - [SDN EgressIP]cloud-network-config-controller pod was CrashLoopBackOff after some operation 2038864 - E2E tests fail because multi-hop-net was not created 2038879 - All Builds are getting listed in DeploymentConfig under workloads on OpenShift Console 2038934 - CSI driver operators should use the trusted CA bundle when cluster proxy is configured 2038968 - Move feature gates from a carry patch to openshift/api 2039056 - Layout issue with breadcrumbs on API explorer page 2039057 - Kind column is not wide enough in API explorer page 2039064 - Bulk Import e2e test flaking at a high rate 2039065 - Diagnose and fix Bulk Import e2e test that was previously disabled 2039085 - Cloud credential operator configuration failing to apply in hypershift/ROKS clusters 2039099 - [OVN EgressIP GCP] After reboot egress node, egressip that was previously assigned got lost 2039109 - [FJ OCP4.10 Bug]: startironic.sh failed to pull the image of image-customization container when behind a proxy 2039119 - CVO hotloops on Service openshift-monitoring/cluster-monitoring-operator 2039170 - [upgrade]Error shown on registry operator "missing the cloud-provider-config configmap" after upgrade 2039227 - Improve image customization server parameter passing during installation 2039241 - Improve image customization server parameter passing during installation 2039244 - Helm Release revision history page crashes the UI 2039294 - SDN controller metrics cannot be consumed correctly by prometheus 2039311 - oc Does Not Describe Build CSI Volumes 2039315 - Helm release list page should only fetch secrets for deployed charts 2039321 - SDN controller metrics are not being consumed by prometheus 2039330 - Create NMState button doesn't work in OperatorHub web console 2039339 - cluster-ingress-operator should report Unupgradeable if user has modified the aws resources annotations 2039345 - CNO does not verify the minimum MTU value for IPv6/dual-stack clusters. 2039359 - `oc adm prune deployments` can't prune the RS where the associated Deployment no longer exists 2039382 - gather_metallb_logs does not have execution permission 2039406 - logout from rest session after vsphere operator sync is finished 2039408 - Add GCP region northamerica-northeast2 to allowed regions 2039414 - Cannot see the weights increased for NodeAffinity, InterPodAffinity, TaintandToleration 2039425 - No need to set KlusterletAddonConfig CR applicationManager->enabled: true in RAN ztp deployment 2039491 - oc - git:// protocol used in unit tests 2039516 - Bump OVN to ovn21.12-21.12.0-25 2039529 - Project Dashboard Resource Quotas Card empty state test flaking at a high rate 2039534 - Diagnose and fix Project Dashboard Resource Quotas Card test that was previously disabled 2039541 - Resolv-prepender script duplicating entries 2039586 - [e2e] update centos8 to centos stream8 2039618 - VM created from SAP HANA template leads to 404 page if leave one network parameter empty 2039619 - [AWS] In tree provisioner storageclass aws disk type should contain 'gp3' and csi provisioner storageclass default aws disk type should be 'gp3' 2039670 - Create PDBs for control plane components 2039678 - Page goes blank when create image pull secret 2039689 - [IPI on Alibabacloud] Pay-by-specification NAT is no longer supported 2039743 - React missing key warning when open operator hub detail page (and maybe others as well) 2039756 - React missing key warning when open KnativeServing details 2039770 - Observe dashboard doesn't react on time-range changes after browser reload when perspective is changed in another tab 2039776 - Observe dashboard shows nothing if the URL links to an non existing dashboard 2039781 - [GSS] OBC is not visible by admin of a Project on Console 2039798 - Contextual binding with Operator backed service creates visual connector instead of Service binding connector 2039868 - Insights Advisor widget is not in the disabled state when the Insights Operator is disabled 2039880 - Log level too low for control plane metrics 2039919 - Add E2E test for router compression feature 2039981 - ZTP for standard clusters installs stalld on master nodes 2040132 - Flag --port has been deprecated, This flag has no effect now and will be removed in v1.24. You can use --secure-port instead 2040136 - external-dns-operator pod keeps restarting and reports error: timed out waiting for cache to be synced 2040143 - [IPI on Alibabacloud] suggest to remove region "cn-nanjing" or provide better error message 2040150 - Update ConfigMap keys for IBM HPCS 2040160 - [IPI on Alibabacloud] installation fails when region does not support pay-by-bandwidth 2040285 - Bump build-machinery-go for console-operator to pickup change in yaml-patch repository 2040357 - bump OVN to ovn-2021-21.12.0-11.el8fdp 2040376 - "unknown instance type" error for supported m6i.xlarge instance 2040394 - Controller: enqueue the failed configmap till services update 2040467 - Cannot build ztp-site-generator container image 2040504 - Change AWS EBS GP3 IOPS in MachineSet doesn't take affect in OpenShift 4 2040521 - RouterCertsDegraded certificate could not validate route hostname v4-0-config-system-custom-router-certs.apps 2040535 - Auto-update boot source is not available in customize wizard 2040540 - ovs hardware offload: ovsargs format error when adding vf netdev name 2040603 - rhel worker scaleup playbook failed because missing some dependency of podman 2040616 - rolebindings page doesn't load for normal users 2040620 - [MAPO] Error pulling MAPO image on installation 2040653 - Topology sidebar warns that another component is updated while rendering 2040655 - User settings update fails when selecting application in topology sidebar 2040661 - Different react warnings about updating state on unmounted components when leaving topology 2040670 - Permafailing CI job: periodic-ci-openshift-release-master-nightly-4.10-e2e-gcp-libvirt-cert-rotation 2040671 - [Feature:IPv6DualStack] most tests are failing in dualstack ipi 2040694 - Three upstream HTTPClientConfig struct fields missing in the operator 2040705 - Du policy for standard cluster runs the PTP daemon on masters and workers 2040710 - cluster-baremetal-operator cannot update BMC subscription CR 2040741 - Add CI test(s) to ensure that metal3 components are deployed in vSphere, OpenStack and None platforms 2040782 - Import YAML page blocks input with more then one generateName attribute 2040783 - The Import from YAML summary page doesn't show the resource name if created via generateName attribute 2040791 - Default PGT policies must be 'inform' to integrate with the Lifecycle Operator 2040793 - Fix snapshot e2e failures 2040880 - do not block upgrades if we can't connect to vcenter 2041087 - MetalLB: MetalLB CR is not upgraded automatically from 4.9 to 4.10 2041093 - autounattend.xml missing 2041204 - link to templates in virtualization-cluster-overview inventory card is to all templates 2041319 - [IPI on Alibabacloud] installation in region "cn-shanghai" failed, due to "Resource alicloud_vswitch CreateVSwitch Failed...InvalidCidrBlock.Overlapped" 2041326 - Should bump cluster-kube-descheduler-operator to kubernetes version V1.23 2041329 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cloud-network-config-controller 2041361 - [IPI on Alibabacloud] Disable session persistence and removebBandwidth peak of listener 2041441 - Provision volume with size 3000Gi even if sizeRange: '[10-2000]GiB' in storageclass on IBM cloud 2041466 - Kubedescheduler version is missing from the operator logs 2041475 - React components should have a (mostly) unique name in react dev tools to simplify code analyses 2041483 - MetallB: quay.io/openshift/origin-kube-rbac-proxy:4.10 deploy Metallb CR is missing (controller and speaker pods) 2041492 - Spacing between resources in inventory card is too small 2041509 - GCP Cloud provider components should use K8s 1.23 dependencies 2041510 - cluster-baremetal-operator doesn't run baremetal-operator's subscription webhook 2041541 - audit: ManagedFields are dropped using API not annotation 2041546 - ovnkube: set election timer at RAFT cluster creation time 2041554 - use lease for leader election 2041581 - KubeDescheduler operator log shows "Use of insecure cipher detected" 2041583 - etcd and api server cpu mask interferes with a guaranteed workload 2041598 - Including CA bundle in Azure Stack cloud config causes MCO failure 2041605 - Dynamic Plugins: discrepancy in proxy alias documentation/implementation 2041620 - bundle CSV alm-examples does not parse 2041641 - Fix inotify leak and kubelet retaining memory 2041671 - Delete templates leads to 404 page 2041694 - [IPI on Alibabacloud] installation fails when region does not support the cloud_essd disk category 2041734 - ovs hwol: VFs are unbind when switchdev mode is enabled 2041750 - [IPI on Alibabacloud] trying "create install-config" with region "cn-wulanchabu (China (Ulanqab))" (or "ap-southeast-6 (Philippines (Manila))", "cn-guangzhou (China (Guangzhou))") failed due to invalid endpoint 2041763 - The Observe > Alerting pages no longer have their default sort order applied 2041830 - CI: ovn-kubernetes-master-e2e-aws-ovn-windows is broken 2041854 - Communities / Local prefs are applied to all the services regardless of the pool, and only one community is applied 2041882 - cloud-network-config operator can't work normal on GCP workload identity cluster 2041888 - Intermittent incorrect build to run correlation, leading to run status updates applied to wrong build, builds stuck in non-terminal phases 2041926 - [IPI on Alibabacloud] Installer ignores public zone when it does not exist 2041971 - [vsphere] Reconciliation of mutating webhooks didn't happen 2041989 - CredentialsRequest manifests being installed for ibm-cloud-managed profile 2041999 - [PROXY] external dns pod cannot recognize custom proxy CA 2042001 - unexpectedly found multiple load balancers 2042029 - kubedescheduler fails to install completely 2042036 - [IBMCLOUD] "openshift-install explain installconfig.platform.ibmcloud" contains not yet supported custom vpc parameters 2042049 - Seeing warning related to unrecognized feature gate in kubescheduler & KCM logs 2042059 - update discovery burst to reflect lots of CRDs on openshift clusters 2042069 - Revert toolbox to rhcos-toolbox 2042169 - Can not delete egressnetworkpolicy in Foreground propagation 2042181 - MetalLB: User should not be allowed add same bgp advertisement twice in BGP address pool 2042265 - [IBM]"--scale-down-utilization-threshold" doesn't work on IBMCloud 2042274 - Storage API should be used when creating a PVC 2042315 - Baremetal IPI deployment with IPv6 control plane and disabled provisioning network fails as the nodes do not pass introspection 2042366 - Lifecycle hooks should be independently managed 2042370 - [IPI on Alibabacloud] installer panics when the zone does not have an enhanced NAT gateway 2042382 - [e2e][automation] CI takes more then 2 hours to run 2042395 - Add prerequisites for active health checks test 2042438 - Missing rpms in openstack-installer image 2042466 - Selection does not happen when switching from Topology Graph to List View 2042493 - No way to verify if IPs with leading zeros are still valid in the apiserver 2042567 - insufficient info on CodeReady Containers configuration 2042600 - Alone, the io.kubernetes.cri-o.Devices option poses a security risk 2042619 - Overview page of the console is broken for hypershift clusters 2042655 - [IPI on Alibabacloud] cluster becomes unusable if there is only one kube-apiserver pod running 2042711 - [IBMCloud] Machine Deletion Hook cannot work on IBMCloud 2042715 - [AliCloud] Machine Deletion Hook cannot work on AliCloud 2042770 - [IPI on Alibabacloud] with vpcID & vswitchIDs specified, the installer would still try creating NAT gateway unexpectedly 2042829 - Topology performance: HPA was fetched for each Deployment (Pod Ring) 2042851 - Create template from SAP HANA template flow - VM is created instead of a new template 2042906 - Edit machineset with same machine deletion hook name succeed 2042960 - azure-file CI fails with "gid(0) in storageClass and pod fsgroup(1000) are not equal" 2043003 - [IPI on Alibabacloud] 'destroy cluster' of a failed installation (bug2041694) stuck after 'stage=Nat gateways' 2043042 - [Serial] [sig-auth][Feature:OAuthServer] [RequestHeaders] [IdP] test RequestHeaders IdP [Suite:openshift/conformance/serial] 2043043 - Cluster Autoscaler should use K8s 1.23 dependencies 2043064 - Topology performance: Unnecessary rerenderings in topology nodes (unchanged mobx props) 2043078 - Favorite system projects not visible in the project selector after toggling "Show default projects". 2043117 - Recommended operators links are erroneously treated as external 2043130 - Update CSI sidecars to the latest release for 4.10 2043234 - Missing validation when creating several BGPPeers with the same peerAddress 2043240 - Sync openshift/descheduler with sigs.k8s.io/descheduler 2043254 - crio does not bind the security profiles directory 2043296 - Ignition fails when reusing existing statically-keyed LUKS volume 2043297 - [4.10] Bootimage bump tracker 2043316 - RHCOS VM fails to boot on Nutanix AOS 2043446 - Rebase aws-efs-utils to the latest upstream version. 2043556 - Add proper ci-operator configuration to ironic and ironic-agent images 2043577 - DPU network operator 2043651 - Fix bug with exp. backoff working correcly when setting nextCheck in vsphere operator 2043675 - Too many machines deleted by cluster autoscaler when scaling down 2043683 - Revert bug 2039344 Ignoring IPv6 addresses against etcd cert validation 2043709 - Logging flags no longer being bound to command line 2043721 - Installer bootstrap hosts using outdated kubelet containing bugs 2043731 - [IBMCloud] terraform outputs missing for ibmcloud bootstrap and worker ips for must-gather 2043759 - Bump cluster-ingress-operator to k8s.io/api 1.23 2043780 - Bump router to k8s.io/api 1.23 2043787 - Bump cluster-dns-operator to k8s.io/api 1.23 2043801 - Bump CoreDNS to k8s.io/api 1.23 2043802 - EgressIP stopped working after single egressIP for a netnamespace is switched to the other node of HA pair after the first egress node is shutdown 2043961 - [OVN-K] If pod creation fails, retry doesn't work as expected. 2044201 - Templates golden image parameters names should be supported 2044244 - Builds are failing after upgrading the cluster with builder image [jboss-webserver-5/jws56-openjdk8-openshift-rhel8] 2044248 - [IBMCloud][vpc.block.csi.ibm.io]Cluster common user use the storageclass without parameter “csi.storage.k8s.io/fstype” create pvc,pod successfully but write data to the pod's volume failed of "Permission denied" 2044303 - [ovn][cloud-network-config-controller] cloudprivateipconfigs ips were left after deleting egressip objects 2044347 - Bump to kubernetes 1.23.3 2044481 - collect sharedresource cluster scoped instances with must-gather 2044496 - Unable to create hardware events subscription - failed to add finalizers 2044628 - CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources 2044680 - Additional libovsdb performance and resource consumption fixes 2044704 - Observe > Alerting pages should not show runbook links in 4.10 2044717 - [e2e] improve tests for upstream test environment 2044724 - Remove namespace column on VM list page when a project is selected 2044745 - Upgrading cluster from 4.9 to 4.10 on Azure (ARO) causes the cloud-network-config-controller pod to CrashLoopBackOff 2044808 - machine-config-daemon-pull.service: use `cp` instead of `cat` when extracting MCD in OKD 2045024 - CustomNoUpgrade alerts should be ignored 2045112 - vsphere-problem-detector has missing rbac rules for leases 2045199 - SnapShot with Disk Hot-plug hangs 2045561 - Cluster Autoscaler should use the same default Group value as Cluster API 2045591 - Reconciliation of aws pod identity mutating webhook did not happen 2045849 - Add Sprint 212 translations 2045866 - MCO Operator pod spam "Error creating event" warning messages in 4.10 2045878 - Sync upstream 1.16.0 downstream; includes hybrid helm plugin 2045916 - [IBMCloud] Default machine profile in installer is unreliable 2045927 - [FJ OCP4.10 Bug]: Podman failed to pull the IPA image due to the loss of proxy environment 2046025 - [IPI on Alibabacloud] pre-configured alicloud DNS private zone is deleted after destroying cluster, please clarify 2046137 - oc output for unknown commands is not human readable 2046296 - When creating multiple consecutive egressIPs on GCP not all of them get assigned to the instance 2046297 - Bump DB reconnect timeout 2046517 - In Notification drawer, the "Recommendations" header shows when there isn't any recommendations 2046597 - Observe > Targets page may show the wrong service monitor is multiple monitors have the same namespace & label selectors 2046626 - Allow setting custom metrics for Ansible-based Operators 2046683 - [AliCloud]"--scale-down-utilization-threshold" doesn't work on AliCloud 2047025 - Installation fails because of Alibaba CSI driver operator is degraded 2047190 - Bump Alibaba CSI driver for 4.10 2047238 - When using communities and localpreferences together, only localpreference gets applied 2047255 - alibaba: resourceGroupID not found 2047258 - [aws-usgov] fatal error occurred if AMI is not provided for AWS GovCloud regions 2047317 - Update HELM OWNERS files under Dev Console 2047455 - [IBM Cloud] Update custom image os type 2047496 - Add image digest feature 2047779 - do not degrade cluster if storagepolicy creation fails 2047927 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used 2047929 - use lease for leader election 2047975 - [sig-network][Feature:Router] The HAProxy router should override the route host for overridden domains with a custom value [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2048046 - New route annotation to show another URL or hide topology URL decorator doesn't work for Knative Services 2048048 - Application tab in User Preferences dropdown menus are too wide. 2048050 - Topology list view items are not highlighted on keyboard navigation 2048117 - [IBM]Shouldn't change status.storage.bucket and status.storage.resourceKeyCRN when update sepc.stroage,ibmcos with invalid value 2048413 - Bond CNI: Failed to attach Bond NAD to pod 2048443 - Image registry operator panics when finalizes config deletion 2048478 - [alicloud] CCM deploys alibaba-cloud-controller-manager from quay.io/openshift/origin-* 2048484 - SNO: cluster-policy-controller failed to start due to missing serving-cert/tls.crt 2048598 - Web terminal view is broken 2048836 - ovs-configure mis-detecting the ipv6 status on IPv4 only cluster causing Deployment failure 2048891 - Topology page is crashed 2049003 - 4.10: [IBMCloud] ibm-vpc-block-csi-node does not specify an update strategy, only resource requests, or priority class 2049043 - Cannot create VM from template 2049156 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used 2049886 - Placeholder bug for OCP 4.10.0 metadata release 2049890 - Warning annotation for pods with cpu requests or limits on single-node OpenShift cluster without workload partitioning 2050189 - [aws-efs-csi-driver] Merge upstream changes since v1.3.2 2050190 - [aws-ebs-csi-driver] Merge upstream changes since v1.2.0 2050227 - Installation on PSI fails with: 'openstack platform does not have the required standard-attr-tag network extension' 2050247 - Failing test in periodics: [sig-network] Services should respect internalTrafficPolicy=Local Pod and Node, to Pod (hostNetwork: true) [Feature:ServiceInternalTrafficPolicy] [Skipped:Network/OVNKubernetes] [Suite:openshift/conformance/parallel] [Suite:k8s] 2050250 - Install fails to bootstrap, complaining about DefragControllerDegraded and sad members 2050310 - ContainerCreateError when trying to launch large (>500) numbers of pods across nodes 2050370 - alert data for burn budget needs to be updated to prevent regression 2050393 - ZTP missing support for local image registry and custom machine config 2050557 - Can not push images to image-registry when enabling KMS encryption in AlibabaCloud 2050737 - Remove metrics and events for master port offsets 2050801 - Vsphere upi tries to access vsphere during manifests generation phase 2050883 - Logger object in LSO does not log source location accurately 2051692 - co/image-registry is degrade because ImagePrunerDegraded: Job has reached the specified backoff limit 2052062 - Whereabouts should implement client-go 1.22+ 2052125 - [4.10] Crio appears to be coredumping in some scenarios 2052210 - [aws-c2s] kube-apiserver crashloops due to missing cloud config 2052339 - Failing webhooks will block an upgrade to 4.10 mid-way through the upgrade. 2052458 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests 2052598 - kube-scheduler should use configmap lease 2052599 - kube-controller-manger should use configmap lease 2052600 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh 2052609 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid 2052611 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop 2052612 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set. 2052644 - Infinite OAuth redirect loop post-upgrade to 4.10.0-rc.1 2052666 - [4.10.z] change gitmodules to rhcos-4.10 branch 2052756 - [4.10] PVs are not being cleaned up after PVC deletion 2053175 - oc adm catalog mirror throws 'missing signature key' error when using file://local/index 2053218 - ImagePull fails with error "unable to pull manifest from example.com/busy.box:v5 invalid reference format" 2053252 - Sidepanel for Connectors/workloads in topology shows invalid tabs 2053268 - inability to detect static lifecycle failure 2053314 - requestheader IDP test doesn't wait for cleanup, causing high failure rates 2053323 - OpenShift-Ansible BYOH Unit Tests are Broken 2053339 - Remove dev preview badge from IBM FlashSystem deployment windows 2053751 - ztp-site-generate container is missing convenience entrypoint 2053945 - [4.10] Failed to apply sriov policy on intel nics 2054109 - Missing "app" label 2054154 - RoleBinding in project without subject is causing "Project access" page to fail 2054244 - Latest pipeline run should be listed on the top of the pipeline run list 2054288 - console-master-e2e-gcp-console is broken 2054562 - DPU network operator 4.10 branch need to sync with master 2054897 - Unable to deploy hw-event-proxy operator 2055193 - e2e-metal-ipi-serial-ovn-ipv6 is failing frequently 2055358 - Summary Interval Hardcoded in PTP Operator if Set in the Global Body Instead of Command Line 2055371 - Remove Check which enforces summary_interval must match logSyncInterval 2055689 - [ibm]Operator storage PROGRESSING and DEGRADED is true during fresh install for ocp4.11 2055894 - CCO mint mode will not work for Azure after sunsetting of Active Directory Graph API 2056441 - AWS EFS CSI driver should use the trusted CA bundle when cluster proxy is configured 2056479 - ovirt-csi-driver-node pods are crashing intermittently 2056572 - reconcilePrecaching error: cannot list resource "clusterserviceversions" in API group "operators.coreos.com" at the cluster scope" 2056629 - [4.10] EFS CSI driver can't unmount volumes with "wait: no child processes" 2056878 - (dummy bug) ovn-kubernetes ExternalTrafficPolicy still SNATs 2056928 - Ingresscontroller LB scope change behaviour differs for different values of aws-load-balancer-internal annotation 2056948 - post 1.23 rebase: regression in service-load balancer reliability 2057438 - Service Level Agreement (SLA) always show 'Unknown' 2057721 - Fix Proxy support in RHACM 2.4.2 2057724 - Image creation fails when NMstateConfig CR is empty 2058641 - [4.10] Pod density test causing problems when using kube-burner 2059761 - 4.9.23-s390x-machine-os-content manifest invalid when mirroring content for disconnected install 2060610 - Broken access to public images: Unable to connect to the server: no basic auth credentials 2060956 - service domain can't be resolved when networkpolicy is used in OCP 4.10-rc 5. References: https://access.redhat.com/security/cve/CVE-2014-3577 https://access.redhat.com/security/cve/CVE-2016-10228 https://access.redhat.com/security/cve/CVE-2017-14502 https://access.redhat.com/security/cve/CVE-2018-20843 https://access.redhat.com/security/cve/CVE-2018-1000858 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-9169 https://access.redhat.com/security/cve/CVE-2019-13050 https://access.redhat.com/security/cve/CVE-2019-13627 https://access.redhat.com/security/cve/CVE-2019-14889 https://access.redhat.com/security/cve/CVE-2019-15903 https://access.redhat.com/security/cve/CVE-2019-19906 https://access.redhat.com/security/cve/CVE-2019-20454 https://access.redhat.com/security/cve/CVE-2019-20807 https://access.redhat.com/security/cve/CVE-2019-25013 https://access.redhat.com/security/cve/CVE-2020-1730 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2020-9802 https://access.redhat.com/security/cve/CVE-2020-9803 https://access.redhat.com/security/cve/CVE-2020-9805 https://access.redhat.com/security/cve/CVE-2020-9806 https://access.redhat.com/security/cve/CVE-2020-9807 https://access.redhat.com/security/cve/CVE-2020-9843 https://access.redhat.com/security/cve/CVE-2020-9850 https://access.redhat.com/security/cve/CVE-2020-9862 https://access.redhat.com/security/cve/CVE-2020-9893 https://access.redhat.com/security/cve/CVE-2020-9894 https://access.redhat.com/security/cve/CVE-2020-9895 https://access.redhat.com/security/cve/CVE-2020-9915 https://access.redhat.com/security/cve/CVE-2020-9925 https://access.redhat.com/security/cve/CVE-2020-9952 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/cve/CVE-2020-13434 https://access.redhat.com/security/cve/CVE-2020-14391 https://access.redhat.com/security/cve/CVE-2020-15358 https://access.redhat.com/security/cve/CVE-2020-15503 https://access.redhat.com/security/cve/CVE-2020-25660 https://access.redhat.com/security/cve/CVE-2020-25677 https://access.redhat.com/security/cve/CVE-2020-27618 https://access.redhat.com/security/cve/CVE-2020-27781 https://access.redhat.com/security/cve/CVE-2020-29361 https://access.redhat.com/security/cve/CVE-2020-29362 https://access.redhat.com/security/cve/CVE-2020-29363 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/cve/CVE-2021-3326 https://access.redhat.com/security/cve/CVE-2021-3449 https://access.redhat.com/security/cve/CVE-2021-3450 https://access.redhat.com/security/cve/CVE-2021-3516 https://access.redhat.com/security/cve/CVE-2021-3517 https://access.redhat.com/security/cve/CVE-2021-3518 https://access.redhat.com/security/cve/CVE-2021-3520 https://access.redhat.com/security/cve/CVE-2021-3521 https://access.redhat.com/security/cve/CVE-2021-3537 https://access.redhat.com/security/cve/CVE-2021-3541 https://access.redhat.com/security/cve/CVE-2021-3733 https://access.redhat.com/security/cve/CVE-2021-3749 https://access.redhat.com/security/cve/CVE-2021-20305 https://access.redhat.com/security/cve/CVE-2021-21684 https://access.redhat.com/security/cve/CVE-2021-22946 https://access.redhat.com/security/cve/CVE-2021-22947 https://access.redhat.com/security/cve/CVE-2021-25215 https://access.redhat.com/security/cve/CVE-2021-27218 https://access.redhat.com/security/cve/CVE-2021-30666 https://access.redhat.com/security/cve/CVE-2021-30761 https://access.redhat.com/security/cve/CVE-2021-30762 https://access.redhat.com/security/cve/CVE-2021-33928 https://access.redhat.com/security/cve/CVE-2021-33929 https://access.redhat.com/security/cve/CVE-2021-33930 https://access.redhat.com/security/cve/CVE-2021-33938 https://access.redhat.com/security/cve/CVE-2021-36222 https://access.redhat.com/security/cve/CVE-2021-37750 https://access.redhat.com/security/cve/CVE-2021-39226 https://access.redhat.com/security/cve/CVE-2021-41190 https://access.redhat.com/security/cve/CVE-2021-43813 https://access.redhat.com/security/cve/CVE-2021-44716 https://access.redhat.com/security/cve/CVE-2021-44717 https://access.redhat.com/security/cve/CVE-2022-0532 https://access.redhat.com/security/cve/CVE-2022-21673 https://access.redhat.com/security/cve/CVE-2022-24407 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYipqONzjgjWX9erEAQjQcBAAgWTjA6Q2NgqfVf63ZpJF1jPurZLPqxDL 0in/5+/wqWaiQ6yk7wM3YBZgviyKnAMCVdrLsaR7R77BvfJcTE3W/fzogxpp6Rne eGT1PTgQRecrSIn+WG4gGSteavTULWOIoPvUiNpiy3Y7fFgjFdah+Nyx3Xd+xehM CEswylOd6Hr03KZ1tS3XL3kGL2botha48Yls7FzDFbNcy6TBAuycmQZifKu8mHaF aDAupVJinDnnVgACeS6CnZTAD+Vrx5W7NIisteXv4x5Hy+jBIUHr8Yge3oxYoFnC Y/XmuOw2KilLZuqFe+KHig45qT+FmNU8E1egcGpNWvmS8hGZfiG1jEQAqDPbZHxp sQAQZLQyz3TvXa29vp4QcsUuMxndIOi+QaK75JmqE06MqMIlFDYpr6eQOIgIZvFO RDZU/qvBjh56ypInoqInBf8KOQMy6eO+r6nFbMGcAfucXmz0EVcSP1oFHAoA1nWN rs1Qz/SO4CvdPERxcr1MLuBLggZ6iqGmHKk5IN0SwcndBHaVJ3j/LBv9m7wBYVry bSvojBDYx5ricbTwB5sGzu7oH5yVl813FA9cjkFpEhBiMtTfI+DKC8ssoRYNHd5Z 7gLW6KWPUIDuCIiiioPZAJMyvJ0IMrNDoQ0lhqPeV7PFdlRhT95M/DagUZOpPVuT b5PUYUBIZLc= =GUDA -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release. Solution: Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. The References section of this erratum contains a download link for the update. You must be logged in to download the update. Bugs fixed (https://bugzilla.redhat.com/): 1941547 - CVE-2021-3450 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT 1941554 - CVE-2021-3449 openssl: NULL pointer dereference in signature_algorithms processing 5. ========================================================================== Ubuntu Security Notice USN-5038-1 August 12, 2021 postgresql-10, postgresql-12, postgresql-13 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in PostgreSQL. Software Description: - postgresql-13: Object-relational SQL database - postgresql-12: Object-relational SQL database - postgresql-10: Object-relational SQL database Details: It was discovered that the PostgresQL planner could create incorrect plans in certain circumstances. A remote attacker could use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly obtain sensitive information from memory. (CVE-2021-3677) It was discovered that PostgreSQL incorrectly handled certain SSL renegotiation ClientHello messages from clients. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2021-3449) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: postgresql-13 13.4-0ubuntu0.21.04.1 Ubuntu 20.04 LTS: postgresql-12 12.8-0ubuntu0.20.04.1 Ubuntu 18.04 LTS: postgresql-10 10.18-0ubuntu0.18.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart PostgreSQL to make all the necessary changes. Security Fix(es): * golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) * golang: net: lookup functions may return invalid host names (CVE-2021-33195) * golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) * golang: match/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198) * golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader (CVE-2021-27918) * golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525) * golang: archive/zip: malformed archive may cause panic or memory exhaustion (CVE-2021-33196) It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless client kn 1.16.0. Bugs fixed (https://bugzilla.redhat.com/): 1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic 1983651 - Release of OpenShift Serverless Serving 1.17.0 1983654 - Release of OpenShift Serverless Eventing 1.17.0 1989564 - CVE-2021-33195 golang: net: lookup functions may return invalid host names 1989570 - CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty 1989575 - CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents 1992955 - CVE-2021-3703 serverless: incomplete fix for CVE-2021-27918 / CVE-2021-31525 / CVE-2021-33196 5. OpenSSL Security Advisory [25 March 2021] ========================================= CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450) ======================================================================== Severity: High The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. This issue was reported to OpenSSL on 18th March 2021 by Benjamin Kaduk from Akamai and was discovered by Xiang Ding and others at Akamai. The fix was developed by Tomáš Mráz. This issue was reported to OpenSSL on 17th March 2021 by Nokia. The fix was developed by Peter Kästle and Samuel Sapalski from Nokia. Note ==== OpenSSL 1.0.2 is out of support and no longer receiving public updates. Extended support is available for premium support customers: https://www.openssl.org/support/contracts.html OpenSSL 1.1.0 is out of support and no longer receiving updates of any kind. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20210325.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
var-201710-1409 An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple arbitrary-code execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user. Failed exploit attempts will likely cause a denial-of-service condition. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. Installation note: Safari 11 may be obtained from the Mac App Store. ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2017-0008 ------------------------------------------------------------------------ Date reported : October 18, 2017 Advisory ID : WSA-2017-0008 Advisory URL : https://webkitgtk.org/security/WSA-2017-0008.html CVE identifiers : CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7142. Several vulnerabilities were discovered in WebKitGTK+. Credit to Apple. Description: A memory corruption issue was addressed through improved input validation. Credit to Apple. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Anton Lopanitsyn of ONSEC, Frans RosA(c)n of Detectify. Impact: Processing maliciously crafted web content may lead to universal cross site scripting. Description: A logic issue existed in the handling of the parent-tab. This issue was addressed with improved state management. Credit to Apple. Impact: Cookies belonging to one origin may be sent to another origin. Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes. Credit to Wei Yuan of Baidu Security Lab working with Trend Microas Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Qixun Zhao (@S0rryMybad) of Qihoo 360 Vulcan Team, Samuel Gro and Niklas Baumstark working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Samuel Gro and Niklas Baumstark working with Trend Microas Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Tim Michaud (@TimGMichaud) of Leviathan Security Group. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University working with Trend Microas Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Wei Yuan of Baidu Security Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Felipe Freitas of Instituto TecnolA3gico de AeronA!utica. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Apple. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Masato Kinugawa and Mario Heiderich of Cure53. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to likemeng of Baidu Secutity Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to avlidienbrunn. Impact: Processing maliciously crafted web content may lead to a cross site scripting attack. Description: Application Cache policy may be unexpectedly applied. Credit to likemeng of Baidu Security Lab (xlab.baidu.com) working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to lokihardt of Google Project Zero. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to chenqin (ee|) of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher. Impact: Website data may persist after a Safari Private browsing session. Description: An information leakage issue existed in the handling of website data in Safari Private windows. This issue was addressed with improved data handling. We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html The WebKitGTK+ team, October 18, 2017 . ========================================================================== Ubuntu Security Notice USN-3460-1 October 23, 2017 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.17.04.2 libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.17.04.2 Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.16.04.2 libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.16.04.2 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3460-1 CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.0-0ubuntu0.17.04.2 https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.0-0ubuntu0.16.04.2 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-25-4 Additional information for APPLE-SA-2017-09-19-1 iOS 11 iOS 11 addresses the following: Bluetooth Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to access restricted files Description: A privacy issue existed in the handling of Contact cards. CVE-2017-7131: Dominik Conrads of Federal Office for Information Security, an anonymous researcher, Elvis (@elvisimprsntr), an anonymous researcher Entry added September 25, 2017 CFNetwork Proxies Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7083: Abhinav Bansal of Zscaler Inc. Entry added September 25, 2017 CoreAudio Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4. CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro Entry added September 25, 2017 Exchange ActiveSync Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to erase a device during Exchange account setup Description: A validation issue existed in AutoDiscover V1. This was addressed by requiring TLS for AutoDiscover V1. AutoDiscover V2 is now supported. CVE-2017-7088: Ilya Nesterov, Maxim Goncharov Heimdal Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to impersonate a service Description: A validation issue existed in the handling of the KDC- REP service name. CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams Entry added September 25, 2017 iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7072: JAdrzej Krysztofiak Entry added September 25, 2017 Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7114: Alex Plaskett of MWR InfoSecurity Entry added September 25, 2017 Keyboard Suggestions Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Keyboard autocorrect suggestions may reveal sensitive information Description: The iOS keyboard was inadvertently caching sensitive information. CVE-2017-7140: an anonymous researcher Entry added September 25, 2017 libc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker may be able to cause a denial-of-service Description: A resource exhaustion issue in glob() was addressed through an improved algorithm. CVE-2017-7086: Russ Cox of Google Entry added September 25, 2017 libc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-1000373 Entry added September 25, 2017 libexpat Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Multiple issues in expat Description: Multiple issues were addressed by updating to version 2.2.1 CVE-2016-9063 CVE-2017-9233 Entry added September 25, 2017 Location Framework Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read sensitive location information Description: A permissions issue existed in the handling of the location variable. This was addressed with additional ownership checks. CVE-2017-7148: an anonymous researcher, an anonymous researcher Entry added September 25, 2017 Mail Drafts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker with a privileged network position may be able to intercept mail contents Description: An encryption issue existed in the handling of mail drafts. CVE-2017-7078: an anonymous researcher, an anonymous researcher, an anonymous researcher Entry added September 25, 2017 Mail MessageUI Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted image may lead to a denial of service Description: A memory corruption issue was addressed with improved validation. CVE-2017-7097: Xinshu Dong and Jun Hao Tan of Anquan Capital Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted image may lead to a denial of service Description: A denial of service issue was addressed through improved validation. CVE-2017-7118: Kiki Jiang and Jason Tokoph MobileBackup Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Backup may perform an unencrypted backup despite a requirement to perform only encrypted backups Description: A permissions issue existed. CVE-2017-7133: Don Sparks of HackediOS.com Phone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A screenshot of secure content may be taken when locking an iOS device Description: A timing issue existed in the handling of locking. CVE-2017-7139: an anonymous researcher Entry added September 25, 2017 Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-7085: xisigr of Tencent's Xuanwu Lab (tencent.com) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A revoked certificate may be trusted Description: A certificate validation issue existed in the handling of revocation data. CVE-2017-7080: an anonymous researcher, an anonymous researcher, Sven Driemecker of adesso mobile solutions gmbh, Rune Darrud (@theflyingcorpse) of BA|rum kommune Entry added September 25, 2017 Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious app may be able to track users between installs Description: A permission checking issue existed in the handling of an app's Keychain data. CVE-2017-7146: an anonymous researcher Entry added September 25, 2017 SQLite Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3. CVE-2017-10989: found by OSS-Fuzz CVE-2017-7128: found by OSS-Fuzz CVE-2017-7129: found by OSS-Fuzz CVE-2017-7130: found by OSS-Fuzz Entry added September 25, 2017 SQLite Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7127: an anonymous researcher Entry added September 25, 2017 Time Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: "Setting Time Zone" may incorrectly indicate that it is using location Description: A permissions issue existed in the process that handles time zone information. The issue was resolved by modifying permissions. CVE-2017-7145: an anonymous researcher Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7081: Apple Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7089: Anton Lopanitsyn of ONSEC, Frans RosA(c)n of Detectify Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies belonging to one origin may be sent to another origin Description: A permissions issue existed in the handling of web browser cookies. CVE-2017-7090: Apple Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-7109: avlidienbrunn Entry added September 25, 2017 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to track users in Safari private browsing mode Description: A permissions issue existed in the handling of web browser cookies. CVE-2017-7144: an anonymous researcher Entry added September 25, 2017 Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-11120: Gal Beniamini of Google Project Zero CVE-2017-11121: Gal Beniamini of Google Project Zero Entry added September 25, 2017 Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7103: Gal Beniamini of Google Project Zero CVE-2017-7105: Gal Beniamini of Google Project Zero CVE-2017-7108: Gal Beniamini of Google Project Zero CVE-2017-7110: Gal Beniamini of Google Project Zero CVE-2017-7112: Gal Beniamini of Google Project Zero Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: Multiple race conditions were addressed through improved validation. CVE-2017-7115: Gal Beniamini of Google Project Zero Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Malicious code executing on the Wi-Fi chip may be able to read restricted kernel memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7116: Gal Beniamini of Google Project Zero zlib Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Multiple issues in zlib Description: Multiple issues were addressed by updating to version 1.2.11. CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Entry added September 25, 2017 Additional recognition Security We would like to acknowledge Abhinav Bansal of Zscaler, Inc. for their assistance. Webkit We would like to acknowledge xisigr of Tencent's Xuanwu Lab (tencent.com) for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZyUQfAAoJEIOj74w0bLRGvBgQAJIF/+cKGy/7YWEugFrwr8A3 rNzHU/yZ3X976fmlYM8l+VUJEn2khu5huPsQzYUvEdbHOWkUGThKil+NzDr3YP6V YYRIi+6i9KJEATGQAdR9YW6bcqJCu7S2xxNBnXtOxR/1TzO4LvVQsWJo0c5z91dD Aid3uYhx1SPwcaF5O5CfRQcp1JSLOWKZOaxO+u+DmtYIM746jrz3FOrfEN8mQp0q CwUSE/Vum7ImOsNUO308QnGmL7s/FGkp86/JtNTbAxJ47Rhqu5lcXj3q1ntrlLdX VFC+K7mNdwNtc1vqB03W5gamyD1qVcTvvwJ3D9cpQAySTDyRFF9cGw+TrzaDl48B 8iiY7D/KkhHuY4jskCF6xyjzloK9RfgKg2FzEBndoESt7bEw4eufF9wnrfV/M1xw 6U4DSjZxgqUwV7YqMX/VnpcEuxg5q9emCQmBfudnVIPKuOITg8x1oyE1e036MDo5 zon/cRIxqaSt8K6rI7TafxQIwpM541N89O/VZbcVey5JFIu1kew4G/gMivMOyroE +xqxLmeGgD10LMZOgoRsNBiKDy8JLJa2lO2dVTZMV4bdtCngeDikDNLqYUcW8lfa 5ZsQBceoCI6abj4PV35N7dHVATFudhrZmhY0epHt13xmRHUFTywOktu/TkOZM8HR eU2TBtOsDF6N5SFunvAC =s5yy -----END PGP SIGNATURE-----
var-201210-0343 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot. Oracle Java Virtual Machine (JVM) is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to disclose sensitive information that may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_35 Description: Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5086 CVE-2012-5089 CVE-2012-5979 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.dmg Its SHA-1 digest is: 2ca7594a6f7849b502715e8473cf46ef73570da6 For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX.dmg Its SHA-1 digest is: eff777cdc39b4e3336b3477f60e8ad769ded8532 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQfZ+bAAoJEPefwLHPlZEwF+YP/iVGN+CqCkLf7SavQUwyTQ08 a6+I34hefvCQcLCQ4EBYOzDXUJIlcH2azcGnvQsrrgWgpoE6ykqyj4fkpwLM0nF1 CfcSGOV8hmC2ZtR2PgJLcaP4FDKyNoOqLtKY6KtZnUQNcKBYcdM/y3OON9Zc0F2/ m/nQGnm3RfuXYXzSmTwJVKjuR1MkhUfZ9N6cwYUfjQC6cQaRs4tjeezd1jaobeXZ lfk5Mo/kp3KTwAKsjdwqIThGX/UXdHQm9PnGfU9ktNv0429vKTX4VarPjyLsIeiO GcBjfzRKzWYrbzTyKqKRAmtC/TcTnGJ8AfOjCP6HedeelJEbHB3iBb4ugqHzcPGG ffZ9rZy8SMVppJyv3NeJJN86Kl3etdShmhj7maxyQUopDanpZQraaarkNlSYyLql I0z4/IGX6W4Y2HYI+5wRchSewZi9mU9tw1HFZaoINaPBynEC0jihbeT5P9olX7mL 1OrWyPMPeaXtD9VRaSlV1WwPojJp26XrcWFUu6gqCOWRTzL0h83hNJrQJwTW7PrT g6ryifMGItMkmOuINyniuUbz1PcOiQZ5VhtQn8XbvjX4BpGS6GJ4IAJ0rv9nSeON PGv6JcpEAdjEdsChnDTGGTyUzQSN+HU/KTd7Jngg/Bu1v96ZAqrmVzFVkZi+6dtN 8KhhmiZ54RdiudmsUgFu =TWGY -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: RHSA-2012:1385-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1385.html Issue date: 2012-10-17 CVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-5086, CVE-2012-5084, CVE-2012-5089) Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071, CVE-2012-5069, CVE-2012-5073, CVE-2012-5072) It was discovered that java.util.ServiceLoader could create an instance of an incompatible class while performing provider lookup. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2012-5079) It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS implementation did not properly handle handshake records containing an overly large data length value. An unauthenticated, remote attacker could possibly use this flaw to cause an SSL/TLS server to terminate with an exception. (CVE-2012-5081) It was discovered that the JMX component in OpenJDK could perform certain actions in an insecure manner. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5075) A bug in the Java HotSpot Virtual Machine optimization code could cause it to not perform array initialization in certain cases. An untrusted Java application or applet could use this flaw to disclose portions of the virtual machine's memory. (CVE-2012-4416) It was discovered that the SecureRandom class did not properly protect against the creation of multiple seeders. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5077) It was discovered that the java.io.FilePermission class exposed the hash code of the canonicalized path name. An untrusted Java application or applet could possibly use this flaw to determine certain system paths, such as the current working directory. (CVE-2012-3216) This update disables Gopher protocol support in the java.net package by default. Gopher support can be enabled by setting the newly introduced property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085) This erratum also upgrades the OpenJDK package to IcedTea6 1.10.10. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.10.el5_8.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.10.el5_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4416.html https://www.redhat.com/security/data/cve/CVE-2012-5068.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5072.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5077.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5085.html https://www.redhat.com/security/data/cve/CVE-2012-5086.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#important http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.10/NEWS http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQftoKXlSAg2UNWIIRAlxMAJ4+4H1sLrKcMHwCn+Dlg2sZc4GxwACfVAI/ p/e+cXPH/rQkcx4meVul1Ro= =o5MM -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory and Oracle Security Alert pages, listed in the References section. Background ========== IcedTea is a distribution of the Java OpenJDK source code built with free build tools. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03596813 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03596813 Version: 1 HPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. References: CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087, CVE-2012-5089 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. OpenVMS Integrity JDK and JRE 6.0-3.p1 and earlier. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5073 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0 CVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has made the following software updates available to resolve these vulnerabilities. The updates are available from the following location: http://h18012.www1.hp.com/java/alpha Kit Name Java SE Development Kit (JDK) 6.0-4 for the OpenVMS I64 Operating System Java SE Runtime Environment (JRE) 6.0-4 for the OpenVMS I64 Operating System HISTORY Version:1 (rev.1) - 7 January 2013 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51" All Oracle JRE 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51" All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51" All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea. References ========== [ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201401-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5
var-201912-0551 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 12.2; tvOS prior to 12.2; Safari prior to 12.1; Windows-based iTunes prior to 12.9.4; Windows-based iCloud prior to 7.11. WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-6237) WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-8601) An out-of-bounds read was addressed with improved input validation. (CVE-2019-8644) A logic issue existed in the handling of synchronous page loads. (CVE-2019-8689) A logic issue existed in the handling of document loads. (CVE-2019-8719) This fixes a remote code execution in webkitgtk4. No further details are available in NIST. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. (CVE-2019-8766) "Clear History and Website Data" did not clear the history. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768) An issue existed in the drawing of web page elements. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8846) WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. (CVE-2020-10018) A use-after-free flaw exists in WebKitGTK. This flaw allows remote malicious users to execute arbitrary code or cause a denial of service. A malicious website may be able to cause a denial of service. A DOM object context may not have had a unique security origin. A file URL may be incorrectly processed. (CVE-2020-3885) A race condition was addressed with additional validation. An application may be able to read restricted memory. (CVE-2020-3902). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201909-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: September 06, 2019 Bugs: #683234, #686216, #693122 ID: 201909-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.24.4 >= 2.24.4 Description =========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.24.4" References ========== [ 1 ] CVE-2019-11070 https://nvd.nist.gov/vuln/detail/CVE-2019-11070 [ 2 ] CVE-2019-6201 https://nvd.nist.gov/vuln/detail/CVE-2019-6201 [ 3 ] CVE-2019-6251 https://nvd.nist.gov/vuln/detail/CVE-2019-6251 [ 4 ] CVE-2019-7285 https://nvd.nist.gov/vuln/detail/CVE-2019-7285 [ 5 ] CVE-2019-7292 https://nvd.nist.gov/vuln/detail/CVE-2019-7292 [ 6 ] CVE-2019-8503 https://nvd.nist.gov/vuln/detail/CVE-2019-8503 [ 7 ] CVE-2019-8506 https://nvd.nist.gov/vuln/detail/CVE-2019-8506 [ 8 ] CVE-2019-8515 https://nvd.nist.gov/vuln/detail/CVE-2019-8515 [ 9 ] CVE-2019-8518 https://nvd.nist.gov/vuln/detail/CVE-2019-8518 [ 10 ] CVE-2019-8523 https://nvd.nist.gov/vuln/detail/CVE-2019-8523 [ 11 ] CVE-2019-8524 https://nvd.nist.gov/vuln/detail/CVE-2019-8524 [ 12 ] CVE-2019-8535 https://nvd.nist.gov/vuln/detail/CVE-2019-8535 [ 13 ] CVE-2019-8536 https://nvd.nist.gov/vuln/detail/CVE-2019-8536 [ 14 ] CVE-2019-8544 https://nvd.nist.gov/vuln/detail/CVE-2019-8544 [ 15 ] CVE-2019-8551 https://nvd.nist.gov/vuln/detail/CVE-2019-8551 [ 16 ] CVE-2019-8558 https://nvd.nist.gov/vuln/detail/CVE-2019-8558 [ 17 ] CVE-2019-8559 https://nvd.nist.gov/vuln/detail/CVE-2019-8559 [ 18 ] CVE-2019-8563 https://nvd.nist.gov/vuln/detail/CVE-2019-8563 [ 19 ] CVE-2019-8595 https://nvd.nist.gov/vuln/detail/CVE-2019-8595 [ 20 ] CVE-2019-8607 https://nvd.nist.gov/vuln/detail/CVE-2019-8607 [ 21 ] CVE-2019-8615 https://nvd.nist.gov/vuln/detail/CVE-2019-8615 [ 22 ] CVE-2019-8644 https://nvd.nist.gov/vuln/detail/CVE-2019-8644 [ 23 ] CVE-2019-8644 https://nvd.nist.gov/vuln/detail/CVE-2019-8644 [ 24 ] CVE-2019-8649 https://nvd.nist.gov/vuln/detail/CVE-2019-8649 [ 25 ] CVE-2019-8649 https://nvd.nist.gov/vuln/detail/CVE-2019-8649 [ 26 ] CVE-2019-8658 https://nvd.nist.gov/vuln/detail/CVE-2019-8658 [ 27 ] CVE-2019-8658 https://nvd.nist.gov/vuln/detail/CVE-2019-8658 [ 28 ] CVE-2019-8666 https://nvd.nist.gov/vuln/detail/CVE-2019-8666 [ 29 ] CVE-2019-8666 https://nvd.nist.gov/vuln/detail/CVE-2019-8666 [ 30 ] CVE-2019-8669 https://nvd.nist.gov/vuln/detail/CVE-2019-8669 [ 31 ] CVE-2019-8669 https://nvd.nist.gov/vuln/detail/CVE-2019-8669 [ 32 ] CVE-2019-8671 https://nvd.nist.gov/vuln/detail/CVE-2019-8671 [ 33 ] CVE-2019-8671 https://nvd.nist.gov/vuln/detail/CVE-2019-8671 [ 34 ] CVE-2019-8672 https://nvd.nist.gov/vuln/detail/CVE-2019-8672 [ 35 ] CVE-2019-8672 https://nvd.nist.gov/vuln/detail/CVE-2019-8672 [ 36 ] CVE-2019-8673 https://nvd.nist.gov/vuln/detail/CVE-2019-8673 [ 37 ] CVE-2019-8673 https://nvd.nist.gov/vuln/detail/CVE-2019-8673 [ 38 ] CVE-2019-8676 https://nvd.nist.gov/vuln/detail/CVE-2019-8676 [ 39 ] CVE-2019-8676 https://nvd.nist.gov/vuln/detail/CVE-2019-8676 [ 40 ] CVE-2019-8677 https://nvd.nist.gov/vuln/detail/CVE-2019-8677 [ 41 ] CVE-2019-8677 https://nvd.nist.gov/vuln/detail/CVE-2019-8677 [ 42 ] CVE-2019-8678 https://nvd.nist.gov/vuln/detail/CVE-2019-8678 [ 43 ] CVE-2019-8678 https://nvd.nist.gov/vuln/detail/CVE-2019-8678 [ 44 ] CVE-2019-8679 https://nvd.nist.gov/vuln/detail/CVE-2019-8679 [ 45 ] CVE-2019-8679 https://nvd.nist.gov/vuln/detail/CVE-2019-8679 [ 46 ] CVE-2019-8680 https://nvd.nist.gov/vuln/detail/CVE-2019-8680 [ 47 ] CVE-2019-8680 https://nvd.nist.gov/vuln/detail/CVE-2019-8680 [ 48 ] CVE-2019-8681 https://nvd.nist.gov/vuln/detail/CVE-2019-8681 [ 49 ] CVE-2019-8681 https://nvd.nist.gov/vuln/detail/CVE-2019-8681 [ 50 ] CVE-2019-8683 https://nvd.nist.gov/vuln/detail/CVE-2019-8683 [ 51 ] CVE-2019-8683 https://nvd.nist.gov/vuln/detail/CVE-2019-8683 [ 52 ] CVE-2019-8684 https://nvd.nist.gov/vuln/detail/CVE-2019-8684 [ 53 ] CVE-2019-8684 https://nvd.nist.gov/vuln/detail/CVE-2019-8684 [ 54 ] CVE-2019-8686 https://nvd.nist.gov/vuln/detail/CVE-2019-8686 [ 55 ] CVE-2019-8686 https://nvd.nist.gov/vuln/detail/CVE-2019-8686 [ 56 ] CVE-2019-8687 https://nvd.nist.gov/vuln/detail/CVE-2019-8687 [ 57 ] CVE-2019-8687 https://nvd.nist.gov/vuln/detail/CVE-2019-8687 [ 58 ] CVE-2019-8688 https://nvd.nist.gov/vuln/detail/CVE-2019-8688 [ 59 ] CVE-2019-8688 https://nvd.nist.gov/vuln/detail/CVE-2019-8688 [ 60 ] CVE-2019-8689 https://nvd.nist.gov/vuln/detail/CVE-2019-8689 [ 61 ] CVE-2019-8689 https://nvd.nist.gov/vuln/detail/CVE-2019-8689 [ 62 ] CVE-2019-8690 https://nvd.nist.gov/vuln/detail/CVE-2019-8690 [ 63 ] CVE-2019-8690 https://nvd.nist.gov/vuln/detail/CVE-2019-8690 [ 64 ] WSA-2019-0002 https://webkitgtk.org/security/WSA-2019-0002.html [ 65 ] WSA-2019-0004 https://webkitgtk.org/security/WSA-2019-0004.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201909-05 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . CVE-2019-8542: an anonymous researcher iTunes Available for: Windows 7 and later Impact: Running the iTunes installer in an untrusted directory may result in arbitrary code execution Description: A race condition existed during the installation of iTunes for Windows. CVE-2019-8551: Ryan Pickren (ryanpickren.com) Windows Installer Available for: Windows 7 and later Impact: Running the iCloud installer in an untrusted directory may result in arbitrary code execution Description: A race condition existed during the installation of iCloud for Windows. Installation note: Safari 12.1 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update Advisory ID: RHSA-2020:4035-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035 Issue date: 2020-09-29 CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506 CVE-2019-8524 CVE-2019-8535 CVE-2019-8536 CVE-2019-8544 CVE-2019-8551 CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 CVE-2019-8571 CVE-2019-8583 CVE-2019-8584 CVE-2019-8586 CVE-2019-8587 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8601 CVE-2019-8607 CVE-2019-8608 CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 CVE-2019-8615 CVE-2019-8619 CVE-2019-8622 CVE-2019-8623 CVE-2019-8625 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8674 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-8707 CVE-2019-8710 CVE-2019-8719 CVE-2019-8720 CVE-2019-8726 CVE-2019-8733 CVE-2019-8735 CVE-2019-8743 CVE-2019-8763 CVE-2019-8764 CVE-2019-8765 CVE-2019-8766 CVE-2019-8768 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8821 CVE-2019-8822 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-11070 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-10018 CVE-2020-11793 ==================================================================== 1. Summary: An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch 3. Description: WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. The following packages have been upgraded to a later upstream version: webkitgtk4 (2.28.2). (BZ#1817144) Security Fix(es): * webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm x86_64: webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm x86_64: webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm ppc64: webkitgtk4-2.28.2-2.el7.ppc.rpm webkitgtk4-2.28.2-2.el7.ppc64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm ppc64le: webkitgtk4-2.28.2-2.el7.ppc64le.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm s390x: webkitgtk4-2.28.2-2.el7.s390.rpm webkitgtk4-2.28.2-2.el7.s390x.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm webkitgtk4-jsc-2.28.2-2.el7.s390.rpm webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm ppc64: webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm webkitgtk4-devel-2.28.2-2.el7.ppc.rpm webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm s390x: webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm webkitgtk4-devel-2.28.2-2.el7.s390.rpm webkitgtk4-devel-2.28.2-2.el7.s390x.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: webkitgtk4-2.28.2-2.el7.src.rpm x86_64: webkitgtk4-2.28.2-2.el7.i686.rpm webkitgtk4-2.28.2-2.el7.x86_64.rpm webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm webkitgtk4-devel-2.28.2-2.el7.i686.rpm webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: webkitgtk4-doc-2.28.2-2.el7.noarch.rpm These packages are GPG signed by Red Hat for security. References: https://access.redhat.com/security/cve/CVE-2019-6237 https://access.redhat.com/security/cve/CVE-2019-6251 https://access.redhat.com/security/cve/CVE-2019-8506 https://access.redhat.com/security/cve/CVE-2019-8524 https://access.redhat.com/security/cve/CVE-2019-8535 https://access.redhat.com/security/cve/CVE-2019-8536 https://access.redhat.com/security/cve/CVE-2019-8544 https://access.redhat.com/security/cve/CVE-2019-8551 https://access.redhat.com/security/cve/CVE-2019-8558 https://access.redhat.com/security/cve/CVE-2019-8559 https://access.redhat.com/security/cve/CVE-2019-8563 https://access.redhat.com/security/cve/CVE-2019-8571 https://access.redhat.com/security/cve/CVE-2019-8583 https://access.redhat.com/security/cve/CVE-2019-8584 https://access.redhat.com/security/cve/CVE-2019-8586 https://access.redhat.com/security/cve/CVE-2019-8587 https://access.redhat.com/security/cve/CVE-2019-8594 https://access.redhat.com/security/cve/CVE-2019-8595 https://access.redhat.com/security/cve/CVE-2019-8596 https://access.redhat.com/security/cve/CVE-2019-8597 https://access.redhat.com/security/cve/CVE-2019-8601 https://access.redhat.com/security/cve/CVE-2019-8607 https://access.redhat.com/security/cve/CVE-2019-8608 https://access.redhat.com/security/cve/CVE-2019-8609 https://access.redhat.com/security/cve/CVE-2019-8610 https://access.redhat.com/security/cve/CVE-2019-8611 https://access.redhat.com/security/cve/CVE-2019-8615 https://access.redhat.com/security/cve/CVE-2019-8619 https://access.redhat.com/security/cve/CVE-2019-8622 https://access.redhat.com/security/cve/CVE-2019-8623 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8644 https://access.redhat.com/security/cve/CVE-2019-8649 https://access.redhat.com/security/cve/CVE-2019-8658 https://access.redhat.com/security/cve/CVE-2019-8666 https://access.redhat.com/security/cve/CVE-2019-8669 https://access.redhat.com/security/cve/CVE-2019-8671 https://access.redhat.com/security/cve/CVE-2019-8672 https://access.redhat.com/security/cve/CVE-2019-8673 https://access.redhat.com/security/cve/CVE-2019-8674 https://access.redhat.com/security/cve/CVE-2019-8676 https://access.redhat.com/security/cve/CVE-2019-8677 https://access.redhat.com/security/cve/CVE-2019-8678 https://access.redhat.com/security/cve/CVE-2019-8679 https://access.redhat.com/security/cve/CVE-2019-8680 https://access.redhat.com/security/cve/CVE-2019-8681 https://access.redhat.com/security/cve/CVE-2019-8683 https://access.redhat.com/security/cve/CVE-2019-8684 https://access.redhat.com/security/cve/CVE-2019-8686 https://access.redhat.com/security/cve/CVE-2019-8687 https://access.redhat.com/security/cve/CVE-2019-8688 https://access.redhat.com/security/cve/CVE-2019-8689 https://access.redhat.com/security/cve/CVE-2019-8690 https://access.redhat.com/security/cve/CVE-2019-8707 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8719 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8726 https://access.redhat.com/security/cve/CVE-2019-8733 https://access.redhat.com/security/cve/CVE-2019-8735 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8763 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8765 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8768 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8821 https://access.redhat.com/security/cve/CVE-2019-8822 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-11070 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01 RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1 PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467 eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ 1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh PKg+HFNkMjk=dS3G -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): * golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283) * SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169) * grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen (CVE-2018-18624) * js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358) * npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769) * kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013) * nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598) * npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662) * nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) * grafana: stored XSS (CVE-2020-11110) * grafana: XSS annotation popup vulnerability (CVE-2020-12052) * grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245) * nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) * nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366) * openshift/console: text injection on error page via crafted url (CVE-2020-10715) * kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743) * openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13) 1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection 1767665 - CVE-2020-10715 openshift/console: text injection on error page via crafted url 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1834550 - CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking 1845982 - CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser 1848089 - CVE-2020-12052 grafana: XSS annotation popup vulnerability 1848092 - CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions 1848643 - CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip 1848647 - CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures 1849044 - CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) 1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution 1850572 - CVE-2018-18624 grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1857412 - CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function 1857977 - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function 1858981 - CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets 1861044 - CVE-2020-11110 grafana: stored XSS 1874671 - CVE-2020-14336 ose-machine-config-operator-container: openshift: restricted SCC allows pods to craft custom network packets [openshift-4] 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-3-25-3 tvOS 12.2 tvOS 12.2 is now available and addresses the following: CFString Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted string may lead to a denial of service Description: A validation issue was addressed with improved logic. CVE-2019-8516: SWIPS Team of Frifee Inc. configd Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8552: Mohamed Ghannam (@_simo36) CoreCrypto Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8542: an anonymous researcher file Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted file might disclose user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-6237: an anonymous researcher Foundation Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2019-7286: an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero GeoServices Available for: Apple TV 4K and Apple TV (4th generation) Impact: Clicking a malicious SMS link may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2019-8553: an anonymous researcher iAP Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8542: an anonymous researcher IOHIDFamily Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2019-8545: Adam Donenfeld (@doadam) of the Zimperium zLabs Team Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A buffer overflow was addressed with improved size validation. CVE-2019-8527: Ned Williamson of Google and derrek (@derrekr6) Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to determine kernel memory layout Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8540: Weibo Wang (@ma1fan) of Qihoo 360 Nirvan Team Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2019-8514: Samuel Groß of Google Project Zero Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to read kernel memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-7293: Ned Williamson of Google Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. CVE-2019-6207: Weibo Wang of Qihoo 360 Nirvan Team (@ma1fan) CVE-2019-8510: Stefan Esser of Antid0te UG Power Management Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple input validation issues existed in MIG generated code. CVE-2019-8549: Mohamed Ghannam (@_simo36) of SSD Secure Disclosure (ssd-disclosure.com) Siri Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to initiate a Dictation request without user authorization Description: An API issue existed in the handling of dictation requests. CVE-2019-8502: Luke Deshotels of North Carolina State University, Jordan Beichler of North Carolina State University, William Enck of North Carolina State University, Costin Carabaș of University POLITEHNICA of Bucharest, and Răzvan Deaconescu of University POLITEHNICA of Bucharest TrueTypeScaler Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8517: riusksk of VulWar Corp working with Trend Micro Zero Day Initiative WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved validation. CVE-2019-8535: Zhiyang Zeng (@Wester) of Tencent Blade Team WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8558: Samuel Groß of Google Project Zero CVE-2019-8559: Apple CVE-2019-8563: Apple WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A memory corruption issue was addressed with improved validation. CVE-2019-8562: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8515: James Lee (@Windowsrcer) WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8506: Samuel Groß of Google Project Zero WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious website may be able to execute scripts in the context of another website Description: A logic issue was addressed with improved validation. CVE-2019-7292: Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team XPC Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to overwrite arbitrary files Description: This issue was addressed with improved checks. CVE-2019-8530: CodeColorist of Ant-Financial LightYear Labs Additional recognition Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Safari We would like to acknowledge Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) for their assistance. WebKit We would like to acknowledge Andrey Kovalev of Yandex Security Team for their assistance. Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlyZM7gpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EWyBAA nFUeN7oBBPCdezabzgIAh29Mk1K+tgNeH0BIkyyPuoqeYd5UQK9cwZJ7Ww9J7uqB nAH30awuCq8r8h3oLLOn8X9A/ORNxFKUZRF+8AbH00G0taATIFjseSwGwGz5/rG7 aPoi/Mh4ilWh8luQJVvPO7KTHTeJLSsiBOuvqUmDaJVxu1y10inVW3j1s8RtrOVt BR+PZq7/BQ9wsSPxRS2bTQp3BX3m3aleadnZ9HkeXVB/9O8c5TrG6HIgfBNYMJFY mGpQoCM1nCh8jaWmoO1gjP7B0W2DKPhE6jFmCtuRsmnOG3ROhGbXi6T6AOOI9EX3 233FgygUVZgs7t4dhz0UZ1EczQiQ4dL0YYL7J/LYMjaM31qul2cdJWTPb9ZFARFt PHeyU1uHcJ2j67kGt1qepETUfWNa4W/RD3wUmKJdKBED65xOuwv9ijnEcAhzwh4F q6UefOTf1PwszuzWpAi7rCyOWq3TqDF+r6som9j5q15fMPx+TakBA6/TKViWLRw1 ydoi3g2OkKpvgapzBdVAm9Rtcvr4B0uXtLUXL7heB6TP12UheSum817QQiLs4aqV 9syBL5XpFOJUdQPD0SMIzuhvaN2dugH2wc1BDeiv5H8nYvMx6oiebJN8CgJ3uo8Y iJBethq6bdDVq8EfYN6vHCjH7bTFtcaCVgXWq5KJYp8= =8uDf -----END PGP SIGNATURE-----= . ------------------------------------------------------------------------ WebKitGTK and WPE WebKit Security Advisory WSA-2019-0002 ------------------------------------------------------------------------ Date reported : April 10, 2019 Advisory ID : WSA-2019-0002 WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0002.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0002.html CVE identifiers : CVE-2019-6201, CVE-2019-6251, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-11070. Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. CVE-2019-6201 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to dwfault working with ADLab of Venustech. CVE-2019-6251 Versions affected: WebKitGTK and WPE WebKit before 2.24.1. Credit to Dhiraj. CVE-2019-7285 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to dwfault working at ADLab of Venustech. CVE-2019-7292 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team. CVE-2019-8503 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to Linus S\xe4rud of Detectify. CVE-2019-8506 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8515 Versions affected: WebKitGTK before 2.22.6 and WPE WebKit before 2.22.4. Credit to James Lee, @Windowsrcer. A cross-origin issue existed with the fetch API. CVE-2019-8518 Versions affected: WebKitGTK before 2.22.7 and WPE WebKit before 2.22.5. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8523 Versions affected: WebKitGTK before 2.22.7 and WPE WebKit before 2.22.5. Credit to Apple. CVE-2019-8524 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to G. Geshev working with Trend Micro Zero Day Initiative. CVE-2019-8535 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Zhiyang Zeng, @Wester, of Tencent Blade Team. CVE-2019-8536 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-8544 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to an anonymous researcher. CVE-2019-8551 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Ryan Pickren, ryanpickren.com. CVE-2019-8558 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Samuel Gro\xdf of Google Project Zero. CVE-2019-8559 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-8563 Versions affected: WebKitGTK and WPE WebKit before 2.24.0. Credit to Apple. CVE-2019-11070 Versions affected: WebKitGTK and WPE WebKit before 2.24.1. Credit to Igalia. We recommend updating to the latest stable versions of WebKitGTK and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK and WPE WebKit team, April 10, 2019
var-201211-0366 Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5277, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5274 , CVE-2012-5275 , CVE-2012-5277 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA51210 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210 RELEASE DATE: 2012-11-07 DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51210/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51210 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA51213 2) An integer overflow error exists in WebP handling. 3) An error in v8 can be exploited to cause an out-of-bounds array access. 4) A use-after-free error exists in SVG filter handling. 5) An error exists related to integer boundary checks within GPU command buffers. 6) A use-after-free error exists in video layout handling. 7) An error exists related to inappropriate loading of SVG subresource in "img" context. 8) A race condition error exists in Pepper buffer handling. 9) A type casting error exists in certain input handling. 10) An error in Skia can be exploited to cause an out-of-bounds read. 11) An error in texture handling can be exploited to corrupt memory. 12) A use-after-free error exists in extension tab handling. 13) A use-after-free error exists in plug-in placeholder handling. 14) An error in v8 can be exploited to corrupt memory. SOLUTION: Upgrade to version 23.0.1271.64. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 873818 - flash-plugin: multiple code-execution flaws (APSB12-24) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.251-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.251-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.251-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.251-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.251-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310" References ========== [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201309-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . 7) Eduardo Vela Nava, Google Security Team
var-200609-0310 Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie. Apple QuickTime fails to properly handle SGI images. Successful exploits may facilitate a remote compromise of affected computers. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. McAfee, Inc. QuickTime is used by the Mac OS X operating system and by the QuickTime media player for Microsoft Windows. Seven code execution vulnerabilities are present in QuickTime support for various multimedia formats including: MOV, H.264, FLC, FPX and SGI. Exploitation could lead to execution of arbitrary code. User interaction is required for an attack to succeed. The risk rating for these issues is medium. _________________________________________________ * Vulnerable Systems QuickTime 7.1.2 and below for Mac OS X QuickTime for Windows 7.1.2 and below _________________________________________________ * Vulnerability Information CVE-2006-4382 Two buffer overflow vulnerabilities are present in QuickTime MOV format support. CVE-2006-4384 On heap overflow vulnerability is present in QuickTime FLC format support. CVE-2006-4385 One buffer overflow vulnerability is present in QuickTime SGI format support. CVE-2006-4386 One buffer overflow vulnerability is present in QuickTime MOV H.264 format support. CVE-2006-4388 One buffer overflow vulnerability is present in QuickTime FlashPix (FPX) format support. CVE-2006-4389 One uninitialized memory access vulnerability is present in QuickTime FlashPix (FPX) format support. _________________________________________________ * Resolution Apple has included fixes for the QuickTime issues in QuickTime version 7.1.3 for Mac OS X and for Microsoft Windows. Further information is available at: http://docs.info.apple.com/article.html?artnum=304357 _________________________________________________ * Credits These vulnerabilities were discovered by Mike Price of McAfee Avert Labs. _________________________________________________ * Legal Notice Copyright (C) 2006 McAfee, Inc. The information contained within this advisory is provided for the convenience of McAfee's customers, and may be redistributed provided that no fee is charged for distribution and that the advisory is not modified in any way. McAfee makes no representations or warranties regarding the accuracy of the information referenced in this document, or the suitability of that information for your purposes. McAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee, Inc. and/or its affiliated companies in the United States and/or other Countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners. Best regards, Dave Marcus, B.A., CCNA, MCSE Security Research and Communications Manager McAfee(r) Avert(r) Labs . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Win32 binary codecs: Multiple vulnerabilities Date: March 04, 2008 Bugs: #150288 ID: 200803-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in the Win32 codecs for Linux may result in the remote execution of arbitrary code. Background ========== Win32 binary codecs provide support for video and audio playback. Workaround ========== There is no known workaround at this time. Resolution ========== All Win32 binary codecs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/win32codecs-20071007-r2" Note: Since no updated binary versions have been released, the Quicktime libraries have been removed from the package. Please use the free alternative Quicktime implementations within VLC, MPlayer or Xine for playback. References ========== [ 1 ] CVE-2006-4382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382 [ 2 ] CVE-2006-4384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384 [ 3 ] CVE-2006-4385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385 [ 4 ] CVE-2006-4386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386 [ 5 ] CVE-2006-4388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388 [ 6 ] CVE-2006-4389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389 [ 7 ] CVE-2007-4674 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674 [ 8 ] CVE-2007-6166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200803-08.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHzc+AuhJ+ozIKI5gRAkBQAJ45BLSUrSDb21Ro/ZHEimwyzBpqqQCcD15e VpxOGmsa3V34PILWdYXqoXE= =70De -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
var-200909-0789 libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. SSL A vulnerability that impersonates a server exists. This vulnerability CVE-2009-2408 And is related.By crafted certificate, any SSL There is a possibility of impersonating a server. OpenLDAP is prone to a security-bypass vulnerability. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. Summary: JBoss Enterprise Web Server 1.0.2 is now available from the Red Hat Customer Portal for Red Hat Enterprise Linux 4, 5 and 6, Solaris, and Microsoft Windows. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Description: JBoss Enterprise Web Server is a fully-integrated and certified set of components for hosting Java web applications. This is the first release of JBoss Enterprise Web Server for Red Hat Enterprise Linux 6. For Red Hat Enterprise Linux 4 and 5, Solaris, and Microsoft Windows, this release serves as a replacement for JBoss Enterprise Web Server 1.0.1, and includes a number of bug fixes. Refer to the Release Notes, linked in the References, for more information. This update corrects security flaws in the following components: tomcat6: A cross-site scripting (XSS) flaw was found in the Manager application, used for managing web applications on Apache Tomcat. If a remote attacker could trick a user who is logged into the Manager application into visiting a specially-crafted URL, the attacker could perform Manager application tasks with the privileges of the logged in user. (CVE-2010-4172) tomcat5 and tomcat6: It was found that web applications could modify the location of the Apache Tomcat host's work directory. As web applications deployed on Tomcat have read and write access to this directory, a malicious web application could use this flaw to trick Tomcat into giving it read and write access to an arbitrary directory on the file system. (CVE-2010-3718) A second cross-site scripting (XSS) flaw was found in the Manager application. A malicious web application could use this flaw to conduct an XSS attack, leading to arbitrary web script execution with the privileges of victims who are logged into and viewing Manager application web pages. (CVE-2011-0013) A possible minor information leak was found in the way Apache Tomcat generated HTTP BASIC and DIGEST authentication requests. For configurations where a realm name was not specified and Tomcat was accessed via a proxy, the default generated realm contained the hostname and port used by the proxy to send requests to the Tomcat server. (CVE-2010-1157) httpd: A flaw was found in the way the mod_dav module of the Apache HTTP Server handled certain requests. If a remote attacker were to send a carefully crafted request to the server, it could cause the httpd child process to crash. (CVE-2010-1452) A flaw was discovered in the way the mod_proxy_http module of the Apache HTTP Server handled the timeouts of requests forwarded by a reverse proxy to the back-end server. In some configurations, the proxy could return a response intended for another user under certain timeout conditions, possibly leading to information disclosure. Note: This issue only affected httpd running on the Windows operating system. (CVE-2010-2068) apr: It was found that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching. (CVE-2011-0419) apr-util: It was found that certain input could cause the apr-util library to allocate more memory than intended in the apr_brigade_split_line() function. An attacker able to provide input in small chunks to an application using the apr-util library (such as httpd) could possibly use this flaw to trigger high memory consumption. (CVE-2010-1623) The following flaws were corrected in the packages for Solaris and Windows. Updates for Red Hat Enterprise Linux can be downloaded from the Red Hat Network. Multiple flaws in OpenSSL, which could possibly cause a crash, code execution, or a change of session parameters, have been corrected. (CVE-2009-3245, CVE-2010-4180, CVE-2008-7270) Two denial of service flaws were corrected in Expat. (CVE-2009-3560, CVE-2009-3720) An X.509 certificate verification flaw was corrected in OpenLDAP. (CVE-2009-3767) More information about these flaws is available from the CVE links in the References. Solution: All users of JBoss Enterprise Web Server 1.0.1 as provided from the Red Hat Customer Portal are advised to upgrade to JBoss Enterprise Web Server 1.0.2, which corrects these issues. The References section of this erratum contains a download link (you must log in to download the update). Before installing the update, backup your existing JBoss Enterprise Web Server installation (including all applications and configuration files). Apache Tomcat and the Apache HTTP Server must be restarted for the update to take effect. Bugs fixed (http://bugzilla.redhat.com/): 530715 - CVE-2009-3767 OpenLDAP: Doesn't properly handle NULL character in subject Common Name 531697 - CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequences 533174 - CVE-2009-3560 expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences 570924 - CVE-2009-3245 openssl: missing bn_wexpand return value checks 585331 - CVE-2010-1157 tomcat: information disclosure in authentication headers 618189 - CVE-2010-1452 httpd mod_cache, mod_dav: DoS (httpd child process crash) by parsing URI structure with missing path segments 632994 - CVE-2010-2068 httpd (mod_proxy): Sensitive response disclosure due improper handling of timeouts 640281 - CVE-2010-1623 apr-util: high memory consumption in apr_brigade_split_line() 656246 - CVE-2010-4172 tomcat: cross-site-scripting vulnerability in the manager application 659462 - CVE-2010-4180 openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG ciphersuite downgrade attack 660650 - CVE-2008-7270 openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG downgrade-to-disabled ciphersuite attack 675786 - CVE-2011-0013 tomcat: XSS vulnerability in HTML Manager interface 675792 - CVE-2010-3718 tomcat: file permission bypass flaw 703390 - CVE-2011-0419 apr: unconstrained recursion in apr_fnmatch 5. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. For the oldstable distribution (etch), this problem has been fixed in version 2.3.30-5+etch3 for openldap2.3. For the stable distribution (lenny), this problem has been fixed in version 2.4.11-1+lenny1 for openldap. For the testing distribution (squeeze), and the unstable distribution (sid), this problem has been fixed in version 2.4.17-2.1 for openldap. We recommend that you upgrade your openldap2.3/openldap packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30.orig.tar.gz Size/MD5 checksum: 2971126 c40bcc23fa65908b8d7a86a4a6061251 http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30-5+etch3.dsc Size/MD5 checksum: 1214 36efc1cf2a98c54d4b1da0910e273843 http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30-5+etch3.diff.gz Size/MD5 checksum: 315058 310ce752b78ff3227d78dcd8c1bd60a5 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_alpha.deb Size/MD5 checksum: 293108 2172048d5f8b8b7f379b3414fc5c2e37 http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_alpha.deb Size/MD5 checksum: 1280772 ab65f162a40607c1787f9b03783a7563 http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_alpha.deb Size/MD5 checksum: 193768 602a6da790648dd8b0af7d9f386b5c6e amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_amd64.deb Size/MD5 checksum: 285554 42480b47018eb1d70b9e62d05b925a5b http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_amd64.deb Size/MD5 checksum: 1244570 b88256f8259516b09c51f166ff6b4aea http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_amd64.deb Size/MD5 checksum: 184652 716cc53985a031d1fe03fede778d6ae5 arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_arm.deb Size/MD5 checksum: 1190314 8686c6a9a9240e6113f92c8bb20d7e1a http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_arm.deb Size/MD5 checksum: 254828 49d9c9a250fb4a5a828de5791ee92380 http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_arm.deb Size/MD5 checksum: 155876 bb45d3104fe4b9811fdb3063da42d3b1 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_hppa.deb Size/MD5 checksum: 1307146 698d7416e4cc544522ce2e25ac9c0fce http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_hppa.deb Size/MD5 checksum: 292798 eb9d6d19560a1153cc58ccae3f354a4e http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_hppa.deb Size/MD5 checksum: 182568 caade74265ee9d7b8ac77c844c23b413 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_i386.deb Size/MD5 checksum: 1177552 f3ccf11b82474593af5e30a272f9edb9 http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_i386.deb Size/MD5 checksum: 148744 168e58797e74f9b3b6d3c337b6369ca7 http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_i386.deb Size/MD5 checksum: 266538 3be52b8402d06913624a3e808be58ecb ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_ia64.deb Size/MD5 checksum: 239248 78d1537b3a106824ff5d076e828a0312 http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_ia64.deb Size/MD5 checksum: 379904 dbc96e1a44dce4bb5f79b9c043823293 http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_ia64.deb Size/MD5 checksum: 1660854 fcc2873ffd50e45c956d9bcc81d83c51 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_mips.deb Size/MD5 checksum: 258210 298f5a83a1efd8c035644fd58df21f2c http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_mips.deb Size/MD5 checksum: 185598 b6c67ee072f2de03820e7ce11edb39c3 http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_mips.deb Size/MD5 checksum: 1205768 3f312958af5ea129384513e5fab72208 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_mipsel.deb Size/MD5 checksum: 258852 d7ba57787989e3fb5035fce34b04965d http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_mipsel.deb Size/MD5 checksum: 187100 46910e3923926ac060c13a7a53f8cac4 http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_mipsel.deb Size/MD5 checksum: 1188878 5698884b42d7206c2b0c134602861354 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_powerpc.deb Size/MD5 checksum: 188914 e03855167b8e13bdb72e47baa9644f86 http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_powerpc.deb Size/MD5 checksum: 272378 f5741b7ac8f4172e7481f5c2e699231b http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_powerpc.deb Size/MD5 checksum: 1243754 2a8b933e956e5ac4bc29028688bb09ec s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_s390.deb Size/MD5 checksum: 291822 6b47ac5b7fbc269c1973c494d5dadbc2 http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_s390.deb Size/MD5 checksum: 168716 f72b023d98d61565c624f7acbf953baf http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_s390.deb Size/MD5 checksum: 1241532 0167eb506b063de5435181f40c6cf809 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch3_sparc.deb Size/MD5 checksum: 1177712 770a58d0c60ad11e5ca4cf25159fe2c7 http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch3_sparc.deb Size/MD5 checksum: 153682 d8bf20f2a94456451d4ea29d3237d280 http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch3_sparc.deb Size/MD5 checksum: 258560 4bfd77d56852608813f158ecfd91b42b Debian GNU/Linux 5.0 alias lenny - -------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny1.diff.gz Size/MD5 checksum: 148075 024b717169f42734ee5650ebe2978631 http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny1.dsc Size/MD5 checksum: 1831 ca4cb86b4847a59f95275ff2f4d0e173 http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11.orig.tar.gz Size/MD5 checksum: 4193523 d4e8669e2c9b8d981e371e97e3cf92d9 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_alpha.deb Size/MD5 checksum: 3624752 5b4e467360ecd8cc897b03b5aca57dad http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_alpha.deb Size/MD5 checksum: 205526 3b083869976ab4d8d8df69d27fe9480e http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_alpha.deb Size/MD5 checksum: 280526 4ed333757fef7e98d89c5edda6589b04 http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_alpha.deb Size/MD5 checksum: 1537448 98d6aeab748560a491e0b526d930fc0c http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_alpha.deb Size/MD5 checksum: 1013148 cc656603f7ae0eacc2b3c22dd1fae967 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_alpha.deb Size/MD5 checksum: 285128 e526e547a4af2c13bf3ae90dfdf023a2 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_amd64.deb Size/MD5 checksum: 1493300 31c077d63cc2ff159927939cadb29808 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_amd64.deb Size/MD5 checksum: 299612 e148216f77a9136adb19acd8df026d6d http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_amd64.deb Size/MD5 checksum: 267470 f903f46433faa1d2b6b203e50aaed3d8 http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_amd64.deb Size/MD5 checksum: 881074 de337737dd93af0b81bd90e3c6f23377 http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_amd64.deb Size/MD5 checksum: 3664994 8ad4581bd54e1ed7a8f3c1c8bf210c17 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_amd64.deb Size/MD5 checksum: 204896 c0dba3b62aa14392d29f831d6c87206d arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_arm.deb Size/MD5 checksum: 280140 ccaed923684d35304f50f27fc6b868b3 http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_arm.deb Size/MD5 checksum: 248918 a08cf9fd18ce8806be437c364179c2b3 http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_arm.deb Size/MD5 checksum: 877400 614df898211cc5311a62159f6ee21b93 http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_arm.deb Size/MD5 checksum: 1405962 5e1e62d6f0a5984486fa2eaa478eab38 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_arm.deb Size/MD5 checksum: 180520 96b5fe5d50b9a1d59eb5ab03489a1b90 http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_arm.deb Size/MD5 checksum: 3572646 a8e804a9e966a57306a9229acd11ff80 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_hppa.deb Size/MD5 checksum: 1533292 8d5c2d83596b10c9d3ee7a4dcb692026 http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_hppa.deb Size/MD5 checksum: 3619256 2ad8452962291b553fadc8bb6398f834 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_hppa.deb Size/MD5 checksum: 200874 27205d8a86701cb133f7507eeef5e76a http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_hppa.deb Size/MD5 checksum: 283816 1163f67e39b08c10cf492b24bd526f24 http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_hppa.deb Size/MD5 checksum: 264158 905749f1e385f9d93c2358b05dc42dfb http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_hppa.deb Size/MD5 checksum: 999386 6a071952604a9c30483fca7f3a3754ec i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_i386.deb Size/MD5 checksum: 189442 879dac84b581979646c49bde9743c630 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_i386.deb Size/MD5 checksum: 286808 2dcb4f8e5514d9e4d9072b4853da322d http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_i386.deb Size/MD5 checksum: 892068 449ba5d6037617e4e93dfd6bcb093549 http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_i386.deb Size/MD5 checksum: 3560322 c6a6fbc66944bd05585c1065ab012c93 http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_i386.deb Size/MD5 checksum: 244952 5a5b31ebb9098059e62eb57d209a6846 http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_i386.deb Size/MD5 checksum: 1404266 a3bffb93ec3b0d0d130a6a7e29091a9b ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_ia64.deb Size/MD5 checksum: 3589108 d34afb06a3b21ad7267ef5d31b6ad322 http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_ia64.deb Size/MD5 checksum: 932026 1194a002673f8a73cf382c2333c7882b http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_ia64.deb Size/MD5 checksum: 352020 e40c570396514fee0c6eee3920be2607 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_ia64.deb Size/MD5 checksum: 269084 1720388cc8102f33122375034a703a05 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_ia64.deb Size/MD5 checksum: 259018 658248f4329555e81896800709302575 http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_ia64.deb Size/MD5 checksum: 2006532 6ad20563d8999759f32445576fd69856 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_mips.deb Size/MD5 checksum: 3712752 8d48a2797c1f4e6b5dea203698e4b31c http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_mips.deb Size/MD5 checksum: 180956 88613b463fcdba79539048ce681d4f5e http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_mips.deb Size/MD5 checksum: 260240 f6fa5402a6fc03aef4b87735030969c5 http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_mips.deb Size/MD5 checksum: 854756 76ad64ab6fe85c5bfc654266101e024a http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_mips.deb Size/MD5 checksum: 1394436 4930b2b56c642182c8ccd69d5bc53685 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_mips.deb Size/MD5 checksum: 302106 3672bab4d2c0c037a1d9c0a61fa16139 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_powerpc.deb Size/MD5 checksum: 3718584 7b120292ce66e7ea85b3ad623da0bb4e http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_powerpc.deb Size/MD5 checksum: 295146 f131ea5cdbab25c2416ff06f6697bc08 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_powerpc.deb Size/MD5 checksum: 199248 c683d506deb5fadabea906c9dec36c9f http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_powerpc.deb Size/MD5 checksum: 1536614 b5c37ae6f72127bdf6910100edeb06e5 http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_powerpc.deb Size/MD5 checksum: 907106 6af4614c092e6ccda8580e6a73cb8728 http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_powerpc.deb Size/MD5 checksum: 284952 b75e2ddab46ddab036ef40b21cec63ee sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny1_sparc.deb Size/MD5 checksum: 872178 a7739e034d0df26a69e0cb569802d594 http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny1_sparc.deb Size/MD5 checksum: 249022 334ecf73608e20ec6cff79716cf10fde http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny1_sparc.deb Size/MD5 checksum: 1387990 4935db487abd61e04adb3a846ed7aadc http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny1_sparc.deb Size/MD5 checksum: 260980 006fdd6b90293fdf1331442ccabde568 http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny1_sparc.deb Size/MD5 checksum: 182822 73c3edfab6b52e772ed36c990c13f210 http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny1_sparc.deb Size/MD5 checksum: 3502906 c19b8875ae915cec344bb74a5e462e44 These files will probably be moved into the stable distribution on its next update. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-36 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenLDAP: Multiple vulnerabilities Date: June 30, 2014 Bugs: #290345, #323777, #355333, #388605, #407941, #424167 ID: 201406-36 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities were found in OpenLDAP, allowing for Denial of Service or a man-in-the-middle attack. Background ========== OpenLDAP is an LDAP suite of application and development tools. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-nds/openldap < 2.4.35 >= 2.4.35 Description =========== Multiple vulnerabilities have been discovered in OpenLDAP. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker might employ a specially crafted certificate to conduct man-in-the-middle attacks on SSL connections made using OpenLDAP, bypass security restrictions or cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenLDAP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-nds/openldap-2.4.35" References ========== [ 1 ] CVE-2009-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3767 [ 2 ] CVE-2010-0211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0211 [ 3 ] CVE-2010-0212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0212 [ 4 ] CVE-2011-1024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1024 [ 5 ] CVE-2011-1025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1025 [ 6 ] CVE-2011-1081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1081 [ 7 ] CVE-2011-4079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4079 [ 8 ] CVE-2012-1164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1164 [ 9 ] CVE-2012-2668 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2668 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201406-36.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0015 Synopsis: VMware ESX third party updates for Service Console Issue date: 2010-09-30 Updated on: 2010-09-30 (initial release of advisory) CVE numbers: CVE-2010-0826 CVE-2009-3767 CVE-2010-0734 CVE-2010-1646 CVE-2009-3555 CVE-2009-2409 CVE-2009-3245 CVE-2010-0433 - ------------------------------------------------------------------------ 1. Summary ESX 4.0 Console OS (COS) updates for NSS_db, OpenLDAP, cURL, sudo OpenSSL, GnuTLS, NSS and NSPR packages. 2. Relevant releases VMware ESX 4.0 without patches ESX400-201009407-SG, ESX400-201009408-SG, ESX400-201009409-SG, ESX400-201009410-SG, ESX400-201009401-SG Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details. Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available. 3. Problem Description a. Service Console update for NSS_db The service console package NSS_db is updated to version nss_db-2.2-35.4.el5_5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0826 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009407-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. b. Service Console update for OpenLDAP The service console package OpenLDAP updated to version 2.3.43-12.el5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-3767 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009408-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. c. Service Console update for cURL The service console packages for cURL updated to version 7.15.5-9.el5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009409-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. d. Service Console update for sudo The service console package sudo updated to version 1.7.2p1-7.el5_5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1646 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009410-SG ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. e. Service Console update for OpenSSL, GnuTLS, NSS and NSPR Service Console updates for OpenSSL to version 097a-0.9.7a-9.el5_4.2 and version 0.9.8e-12.el5_4.6, GnuTLS to version 1.4.1-3.el5_4.8, and NSS to version 3.12.6-1.3235.vmw and NSPR to version 4.8.4-1.3235.vmw. These four updates are bundled together due to their mutual dependencies. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-3555, CVE-2009-2409, CVE-2009-3245 and CVE-2010-0433 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX affected, patch pending ESX 4.0 ESX ESX400-201009401-SG ** ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Server, Fusion. ** Note: This patch also addresses non-security issues. See KB article 1023759 for details. 4. Solution Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file. ESX 4.0 ------- ESX400-201009001 Download link: http://bit.ly/adhjEu md5sum: 988c593b7a7abf0be5b72970ac64a369 sha1sum: 26d875955b01c19f4e56703216e135257c08836f http://kb.vmware.com/kb/1025321 ESX400-201009001 contains the following security bulletins: ESX400-201009407-SG (NSS_db) | http://kb.vmware.com/kb/1023763 ESX400-201009408-SG (OpenLDAP) | http://kb.vmware.com/kb/1023764 ESX400-201009409-SG (cURL) | http://kb.vmware.com/kb/1023765 ESX400-201009410-SG (sudo) | http://kb.vmware.com/kb/1023766 ESX400-201009401-SG (OpenSSL, GnuTLS, NSS) | http://kb.vmware.com/kb/1023759 And contains the following security bundles from VMSA-2010-0013.1: ESX400-201009402-SG (cpio) | http://kb.vmware.com/kb/1023760 ESX400-201009406-SG (tar) | http://kb.vmware.com/kb/1023762 ESX400-201009403-SG (krb5) | http://kb.vmware.com/kb/1023761 ESX400-201009411-SG (perl) | http://kb.vmware.com/kb/1023767 And also contains ESX400-201009412-BG a non-security critical update. To install an individual bulletin use esxupdate with the -b option. 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0826 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1646 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 - ------------------------------------------------------------------------ 6. Change log 2010-09-30 VMSA-2010-0015 Initial security advisory after release of patches for ESX 4.0 on 2010-09-30 - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware Security Advisories http://www.vmware.com/security/advisoiries VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2010 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAkykSsUACgkQS2KysvBH1xn89gCcCMcHvt1LDG9pNh5lbRmxphDg R2UAmQHIUDg4mWUStJolvh98eiTS140I =bM3K -----END PGP SIGNATURE----- . Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLXwOHmqjQ0CJFipgRAp7yAJ40umReJDo1Asg6BoihvuXXShK+vACeP+Vx 9jUkR+Zs9Nl7nEVuZXdjAvw= =Fkxu -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-858-1 November 12, 2009 openldap2.2 vulnerability CVE-2009-3767 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libldap-2.2-7 2.2.26-5ubuntu2.9 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/openldap2.2_2.2.26-5ubuntu2.9.diff.gz Size/MD5: 516098 098a03b4f7d511ce730e9647deca2072 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/openldap2.2_2.2.26-5ubuntu2.9.dsc Size/MD5: 1028 5a95dae94a1016fbcf41c1c1992ea8e6 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/openldap2.2_2.2.26.orig.tar.gz Size/MD5: 2626629 afc8700b5738da863b30208e1d3e9de8 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/ldap-utils_2.2.26-5ubuntu2.9_amd64.deb Size/MD5: 130854 1f1b40b12adcb557a810194d0c4f7993 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/libldap-2.2-7_2.2.26-5ubuntu2.9_amd64.deb Size/MD5: 166444 500528d10502361c075a08578c1586f5 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/slapd_2.2.26-5ubuntu2.9_amd64.deb Size/MD5: 961974 f56eef919306d6ca7f4a7a090d2ae6ba i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/ldap-utils_2.2.26-5ubuntu2.9_i386.deb Size/MD5: 118638 0558a833fb6eadf4d87bd9fd6e687838 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/libldap-2.2-7_2.2.26-5ubuntu2.9_i386.deb Size/MD5: 146444 fc85d5259c97622324047bbda153937d http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/slapd_2.2.26-5ubuntu2.9_i386.deb Size/MD5: 873424 358c78f76ee16010c1fb81e89adfe849 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/ldap-utils_2.2.26-5ubuntu2.9_powerpc.deb Size/MD5: 133012 92d9de435a795261e6bf4143f2bf59c7 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/libldap-2.2-7_2.2.26-5ubuntu2.9_powerpc.deb Size/MD5: 157480 099b1ee5e158f77be109a7972587f596 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/slapd_2.2.26-5ubuntu2.9_powerpc.deb Size/MD5: 960052 850fb56995224edd6ae329af1b8236ef sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/ldap-utils_2.2.26-5ubuntu2.9_sparc.deb Size/MD5: 120932 4fa0f7accd968ba71dff1f7c5b2ef811 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/libldap-2.2-7_2.2.26-5ubuntu2.9_sparc.deb Size/MD5: 148546 2d1af209a8b53a8315fbd4bd86573d70 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2/slapd_2.2.26-5ubuntu2.9_sparc.deb Size/MD5: 903928 4aa6b0478821e803c80a020b031aafed
var-201606-0382 Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. Libxml2 is prone to a remote format-string vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libxml2 security update Advisory ID: RHSA-2016:1292-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1292 Issue date: 2016-06-23 CVE Names: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 ===================================================================== 1. Summary: An update for libxml2 is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application. (CVE-2016-1834, CVE-2016-1840) Multiple denial of service flaws were found in libxml2. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, could cause that application to crash. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all applications linked to the libxml2 library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1319829 - CVE-2016-3627 libxml2: stack exhaustion while parsing xml files in recovery mode 1332443 - CVE-2016-3705 libxml2: stack overflow before detecting invalid XML file 1338682 - CVE-2016-1833 libxml2: Heap-based buffer overread in htmlCurrentChar 1338686 - CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName 1338691 - CVE-2016-1835 libxml2: Heap use-after-free in xmlSAX2AttributeNs 1338696 - CVE-2016-1837 libxml2: Heap use-after-free in htmlPArsePubidLiteral and htmlParseSystemiteral 1338700 - CVE-2016-4448 libxml2: Format string vulnerability 1338701 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content 1338702 - CVE-2016-1836 libxml2: Heap use-after-free in xmlDictComputeFastKey 1338703 - CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString 1338705 - CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal 1338706 - CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup 1338708 - CVE-2016-1834 libxml2: Heap-buffer-overflow in xmlStrncat 1338711 - CVE-2016-1762 libxml2: Heap-based buffer-overread in xmlNextChar 6. Package List: Red Hat Enterprise Linux HPC Node (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm ppc64: libxml2-2.7.6-21.el6_8.1.ppc.rpm libxml2-2.7.6-21.el6_8.1.ppc64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc64.rpm libxml2-python-2.7.6-21.el6_8.1.ppc64.rpm s390x: libxml2-2.7.6-21.el6_8.1.s390.rpm libxml2-2.7.6-21.el6_8.1.s390x.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-devel-2.7.6-21.el6_8.1.s390.rpm libxml2-devel-2.7.6-21.el6_8.1.s390x.rpm libxml2-python-2.7.6-21.el6_8.1.s390x.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm ppc64: libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-static-2.7.6-21.el6_8.1.ppc64.rpm s390x: libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-static-2.7.6-21.el6_8.1.s390x.rpm x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm ppc64: libxml2-2.9.1-6.el7_2.3.ppc.rpm libxml2-2.9.1-6.el7_2.3.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64.rpm ppc64le: libxml2-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64le.rpm s390x: libxml2-2.9.1-6.el7_2.3.s390.rpm libxml2-2.9.1-6.el7_2.3.s390x.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-devel-2.9.1-6.el7_2.3.s390.rpm libxml2-devel-2.9.1-6.el7_2.3.s390x.rpm libxml2-python-2.9.1-6.el7_2.3.s390x.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-static-2.9.1-6.el7_2.3.ppc.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64.rpm ppc64le: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64le.rpm s390x: libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-static-2.9.1-6.el7_2.3.s390.rpm libxml2-static-2.9.1-6.el7_2.3.s390x.rpm x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1762 https://access.redhat.com/security/cve/CVE-2016-1833 https://access.redhat.com/security/cve/CVE-2016-1834 https://access.redhat.com/security/cve/CVE-2016-1835 https://access.redhat.com/security/cve/CVE-2016-1836 https://access.redhat.com/security/cve/CVE-2016-1837 https://access.redhat.com/security/cve/CVE-2016-1838 https://access.redhat.com/security/cve/CVE-2016-1839 https://access.redhat.com/security/cve/CVE-2016-1840 https://access.redhat.com/security/cve/CVE-2016-3627 https://access.redhat.com/security/cve/CVE-2016-3705 https://access.redhat.com/security/cve/CVE-2016-4447 https://access.redhat.com/security/cve/CVE-2016-4448 https://access.redhat.com/security/cve/CVE-2016-4449 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXa8B8XlSAg2UNWIIRAh9ZAJ99xgPhOaIopIxmynm+vlDcmw4jFACeLvTm ZsVLEgJAF0Zt6xZVzqvVW7U= =fREV -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================================== Ubuntu Security Notice USN-3235-1 March 16, 2017 libxml2 vulnerabilities =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in libxml2. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 16.04 LTS. (CVE-2016-4448) It was discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-4658) Nick Wellnhofer discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-5131) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: libxml2 2.9.4+dfsg1-2ubuntu0.1 Ubuntu 16.04 LTS: libxml2 2.9.3+dfsg1-1ubuntu0.2 Ubuntu 14.04 LTS: libxml2 2.9.1+dfsg1-3ubuntu4.9 Ubuntu 12.04 LTS: libxml2 2.7.8.dfsg-5.1ubuntu4.17 After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-07-18-2 iOS 9.3.3 iOS 9.3.3 is now available and addresses the following: Calendar Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted calendar invite may cause a device to unexpectedly restart Description: A null pointer dereference was addressed through improved memory handling. CVE-2016-4605 : Henry Feldman MD at Beth Israel Deaconess Medical Center CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) FaceTime Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) ImageIO Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to read kernel memory Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4628 : Ju Zhu of Trend Micro IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation. CVE-2016-4627 : Ju Zhu of Trend Micro IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany libxslt Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Redirect responses to invalid ports may have allowed a malicious website to display an arbitrary domain while displaying arbitrary content. This issue was addressed through improved URL display logic. CVE-2016-4604 : xisigr of Tencent's Xuanwu Lab (www.tencent.com) Sandbox Profiles Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins Siri Contacts Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to a device may be able to see private contact information Description: A privacy issue existed in the handling of Contact cards. This was addressed through improved state management. CVE-2016-4593 : Pedro Pinheiro (facebook.com/pedro.pinheiro.1996) Web Media Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a video in Safari's Private Browsing mode displays the URL of the video outside of Private Browsing mode Description: A privacy issue existed in the handling of user data by Safari View Controller. This issue was addressed through improved state management. CVE-2016-4603 : Brian Porter (@portex33) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4589 : Tongbo Luo and Bo Qu of Palo Alto Networks CVE-2016-4622 : Samuel Gross working with Trend Microas Zero Day Initiative CVE-2016-4623 : Apple CVE-2016-4624 : Apple WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted webpage may lead to a system denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4592 : Mikhail WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may disclose image data from another website Description: A timing issue existed in the processing of SVG. This issue was addressed through improved validation. CVE-2016-4583 : Roeland Krak WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An origin inheritance issue existed in parsing of about: URLs. This was addressed through improved validation of security origins. CVE-2016-4590 : xisigr of Tencent's Xuanwu Lab (www.tencent.com), an anonymous researcher WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may compromise user information on the file system Description: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks. CVE-2016-4591 : ma.la of LINE Corporation WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may result in the disclosure of process memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4587 : Apple WebKit JavaScript Bindings Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to script execution in the context of a non-HTTP service Description: A cross-protocol cross-site scripting (XPXSS) issue existed in Safari when submitting forms to non-HTTP services compatible with HTTP/0.9. This issue was addressed by disabling scripts and plugins on resources loaded over HTTP/0.9. CVE-2016-4651 : Obscure WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may exfiltrate data cross-origin Description: A cross-site scripting issue existed in Safari URL redirection. This issue was addressed through improved URL validation on redirection. CVE-2016-4585 : Takeshi Terada of Mitsui Bussan Secure Directions, Inc. (www.mbsd.jp) WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4584 : Chris Vienneau Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.3.3". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n a-c05194709 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05194709 Version: 1 HPSBGN03628 rev.1 - HPE IceWall Federation Agent using libXML2 library, Remote Denial of Service (DoS), Unauthorized Modification, Unauthorized Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2016-07-07 Last Updated: 2016-07-07 Potential Security Impact: Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY Security vulnerabilities in the libXML2 library could potentially impact HPE IceWall Federation Agent resulting in Remote Denial of Service (DoS), or unauthorized modification, or unauthorized disclosure of information. References: - CVE-2016-4447: Remote Denial of Service (DoS) - CVE-2016-4448: Remote unauthorized disclosure of information, unauthorized modification, Denial of Service (DoS) - CVE-2016-4449: Remote unauthorized disclosure of information, Denial of Service (DoS) - PSRT110164 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - IceWall Federation Agent Version 3.0 (RHEL 6/7) using libXML2 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2016-4447 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-4448 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-4449 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 5.8 (AV:N/AC:M/Au:N/C:P/I:N/A:P) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI d=emr_na-c01345499 RESOLUTION HPE recommends applying the latest OS vendor security patches for libXML2 to resolve the vulnerabilities in the libXML2 library. HISTORY Version:1 (rev.1) - 7 July 2016 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/libxml2-2.9.4-i486-1_slack14.1.txz: Upgraded. Inappropriate fetch of entities content (CVE-2016-4449). For more information, see: http://xmlsoft.org/news.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libxml2-2.9.4-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libxml2-2.9.4-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libxml2-2.9.4-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libxml2-2.9.4-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxml2-2.9.4-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxml2-2.9.4-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: c498433ae7d6077a9d5245877aa2c06e libxml2-2.9.4-i486-1_slack14.0.txz Slackware x86_64 14.0 package: c92258a87bb30a6cdce2b5428d640bd5 libxml2-2.9.4-x86_64-1_slack14.0.txz Slackware 14.1 package: 2b74b913a164a23ad2da10eebf923e46 libxml2-2.9.4-i486-1_slack14.1.txz Slackware x86_64 14.1 package: e2dee612c7de77822824e43a61414c2c libxml2-2.9.4-x86_64-1_slack14.1.txz Slackware -current package: 98d1ede4a347a49f2ad972ac5339b9e6 l/libxml2-2.9.4-i586-1.txz Slackware x86_64 -current package: c2d5721aac77b74d7e47a2a8a372d47a l/libxml2-2.9.4-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libxml2-2.9.4-i486-1_slack14.1.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. Description: This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. Security Fix(es): * This update fixes several flaws in OpenSSL. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483) * This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141) * This update fixes two flaws in httpd. (CVE-2016-4459, CVE-2016-8612) * A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808) * A memory leak flaw was fixed in expat. Upstream acknowledges Stephen Henson (OpenSSL development team) as the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat), Hanno BAPck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105, CVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj Somorovsky as the original reporter of CVE-2016-2107; Yuval Yarom (University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv University), and Nadia Heninger (University of Pennsylvania) as the original reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as the original reporter of CVE-2016-0705. See the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). After installing the updated packages, the httpd daemon will be restarted automatically. JIRA issues fixed (https://issues.jboss.org/): JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service 6
var-201206-0058 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721. This vulnerability CVE-2012-1721 Is a different vulnerability.Information is leaked by a third party, information is altered, or service operation is interrupted. (DoS) An attack may be carried out. The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component. This vulnerability affects the following supported versions: 7 Update 4, 6 Update 32. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2012:0734-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0734.html Issue date: 2012-06-13 CVE Names: CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 ===================================================================== 1. Summary: Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. (CVE-2012-0551, CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 33 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 829354 - CVE-2012-1711 OpenJDK: improper protection of CORBA data models (CORBA, 7079902) 829358 - CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606) 829360 - CVE-2012-1716 OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614) 829361 - CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617) 829371 - CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851) 829372 - CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872) 829373 - CVE-2012-1723 OpenJDK: insufficient field accessibility checks (HotSpot, 7152811) 829374 - CVE-2012-1724 OpenJDK: XML parsing infinite loop (JAXP, 7157609) 829376 - CVE-2012-1725 OpenJDK: insufficient invokespecial <init> verification (HotSpot, 7160757) 831353 - CVE-2012-1721 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 831354 - CVE-2012-1722 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 831355 - CVE-2012-0551 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.i586.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.i586.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.i686.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.i686.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.i686.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-0551.html https://www.redhat.com/security/data/cve/CVE-2012-1711.html https://www.redhat.com/security/data/cve/CVE-2012-1713.html https://www.redhat.com/security/data/cve/CVE-2012-1716.html https://www.redhat.com/security/data/cve/CVE-2012-1717.html https://www.redhat.com/security/data/cve/CVE-2012-1718.html https://www.redhat.com/security/data/cve/CVE-2012-1719.html https://www.redhat.com/security/data/cve/CVE-2012-1721.html https://www.redhat.com/security/data/cve/CVE-2012-1722.html https://www.redhat.com/security/data/cve/CVE-2012-1723.html https://www.redhat.com/security/data/cve/CVE-2012-1724.html https://www.redhat.com/security/data/cve/CVE-2012-1725.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFP2PdfXlSAg2UNWIIRAmPoAKC0e7v7/kro/BSlg3WvTcUuUsY5GwCgnIxh yIn7jJFAEdlZRgCuCNL1mk0= =TbeE -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Apple Mac OS X update for Java SECUNIA ADVISORY ID: SA49542 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49542/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49542 RELEASE DATE: 2012-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/49542/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49542/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49542 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has issued an update for Java for Mac OS X. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://support.apple.com/kb/HT5319 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Impact ====== An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51" All Oracle JRE 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51" All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51" All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea. NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. References ========== [ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201401-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03441075 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03441075 Version: 1 HPSBUX02805 SSRT100919 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-08-13 Last Updated: 2012-08-13 - ----------------------------------------------------------------------------- Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE 7.0.02 and 6.0.15 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-0508 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0551 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-1711 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-1713 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1716 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1718 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1719 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-1720 (AV:L/AC:H/Au:N/C:P/I:P/A:P) 3.7 CVE-2012-1721 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1722 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1723 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1724 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1725 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1726 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/go/java HP-UX B.11.23, B.11.31 / JDK and JRE v7.0.02 or subsequent HP-UX B.11.23, B.11.31 / JDK and JRE v6.0.15 or subsequent HP-UX B.11.11, B.11.23 / JDK and JRE v6.0.15 or subsequent MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.02 or subsequent For Java v6.0 update to Java v6.0.15 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.02.00 or subsequent HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.15.00 or subsequent HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS action: install revision 1.6.0.15.00 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 13 August 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
var-201912-1860 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple watchOS is a smart watch operating system. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple watchOS prior to 6.1; iOS prior to 13.1; iPadOS prior to 13.1; Windows-based iTunes prior to 12.10.1; Safari prior to 13.0.1. WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. (CVE-2019-6237) WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. (CVE-2019-8601) An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. (CVE-2019-8644) A logic issue existed in the handling of synchronous page loads. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. (CVE-2019-8689) A logic issue existed in the handling of document loads. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. (CVE-2019-8719) This fixes a remote code execution in webkitgtk4. No further details are available in NIST. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. (CVE-2019-8766) "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. A user may be unable to delete browsing history items. (CVE-2019-8768) An issue existed in the drawing of web page elements. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769) This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. (CVE-2019-8846) WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. (CVE-2020-10018) A use-after-free flaw exists in WebKitGTK. This flaw allows remote malicious users to execute arbitrary code or cause a denial of service. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885) A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. (CVE-2020-3901) An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. (CVE-2020-3902). Solution: Download the release images via: quay.io/redhat/quay:v3.3.3 quay.io/redhat/clair-jwt:v3.3.3 quay.io/redhat/quay-builder:v3.3.3 quay.io/redhat/clair:v3.3.3 4. Bugs fixed (https://bugzilla.redhat.com/): 1905758 - CVE-2020-27831 quay: email notifications authorization bypass 1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display 5. JIRA issues fixed (https://issues.jboss.org/): PROJQUAY-1124 - NVD feed is broken for latest Clair v2 version 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-10-29-9 Additional information for APPLE-SA-2019-9-26-6 tvOS 13 tvOS 13 addresses the following: AppleFirmwareUpdateKext Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2019-8747: Mohamed Ghannam (@_simo36) Entry added October 29, 2019 Audio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab Entry added October 29, 2019 CFNetwork Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks. CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland Entry added October 29, 2019 CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted movie may result in the disclosure of process memory Description: A memory corruption issue was addressed with improved validation. CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative Entry added October 29, 2019 CoreCrypto Available for: Apple TV 4K and Apple TV HD Impact: Processing a large input may lead to a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2019-8741: Nicky Mouha of NIST Entry added October 29, 2019 Foundation Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project Zero Entry added October 29, 2019 IOUSBDeviceFamily Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8718: Joshua Hill and Sem Voigtländer Entry added October 29, 2019 Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2019-8740: Mohamed Ghannam (@_simo36) Entry added October 29, 2019 Kernel Available for: Apple TV 4K and Apple TV HD Impact: A local app may be able to read a persistent account identifier Description: A validation issue was addressed with improved logic. CVE-2019-8809: Apple Entry added October 29, 2019 Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8717: Jann Horn of Google Project Zero Entry added October 29, 2019 Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8712: Mohamed Ghannam (@_simo36) Entry added October 29, 2019 Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to determine kernel memory layout Description: A memory corruption issue existed in the handling of IPv6 packets. CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team Entry added October 29, 2019 Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2019-8709: derrek (@derrekr6) [confirmed]derrek (@derrekr6) Entry added October 29, 2019 Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to determine kernel memory layout Description: The issue was addressed with improved permissions logic. CVE-2019-8780: Siguza Entry added October 29, 2019 Keyboards Available for: Apple TV 4K and Apple TV HD Impact: A local user may be able to leak sensitive user information Description: An authentication issue was addressed with improved state management. CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC libxml2 Available for: Apple TV 4K and Apple TV HD Impact: Multiple issues in libxml2 Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8749: found by OSS-Fuzz CVE-2019-8756: found by OSS-Fuzz Entry added October 29, 2019 libxslt Available for: Apple TV 4K and Apple TV HD Impact: Multiple issues in libxslt Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8750: found by OSS-Fuzz Entry added October 29, 2019 mDNSResponder Available for: Apple TV 4K and Apple TV HD Impact: An attacker in physical proximity may be able to passively observe device names in AWDL communications Description: This issue was resolved by replacing device names with a random identifier. CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt Entry added October 29, 2019 UIFoundation Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative Entry added October 29, 2019 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8625: Sergei Glazunov of Google Project Zero CVE-2019-8719: Sergei Glazunov of Google Project Zero CVE-2019-8764: Sergei Glazunov of Google Project Zero Entry added October 29, 2019 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative CVE-2019-8710: found by OSS-Fuzz CVE-2019-8726: Jihui Lu of Tencent KeenLab CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation CVE-2019-8733: Sergei Glazunov of Google Project Zero CVE-2019-8734: found by OSS-Fuzz CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group CVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech CVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech CVE-2019-8763: Sergei Glazunov of Google Project Zero CVE-2019-8765: Samuel Groß of Google Project Zero CVE-2019-8766: found by OSS-Fuzz CVE-2019-8773: found by OSS-Fuzz Additional recognition Audio We would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance. Entry added October 29, 2019 boringssl We would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum and Thijs Alkemade (@xnyhps) of Computest for their assistance. HomeKit We would like to acknowledge Tian Zhang for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Keyboard We would like to acknowledge an anonymous researcher for their assistance. mDNSResponder We would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance. Profiles We would like to acknowledge Erik Johnson of Vernon Hills High School and James Seeley (@Code4iOS) of Shriver Job Corps for their assistance. WebKit We would like to acknowledge MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Yiğit Can YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an anonymous researcher, and cc working with Trend Micro's Zero Day Initiative for their assistance. Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5YpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M0YchAA jI2eRdy8AoKd5E9xzIGpItuTINxIrpmJ7DLc5gGiCivdWfrIA1uqBdF+ACaaJKUm g1BGl1APui1r8ad4a1guUjVWsw7anVpORj/de/S80lylWR/4Fyhr2MCC1rq2twYs 2MlKiJ+KsQKM8Sf9QECrKivmQYI2Ssqwq8VwadsfZ6Mxrou7726bfjZ0+dlOSf0m ilG2hiOvc5mB8ZLvjQBXwLKdD3Li9DBQohpAM5VULymHmDUlWPPSdwkvdTxkMDYt 9pmhEq28K7oOCtCFD8SvAru/lNqJ6Q7sSTpzhnya8yh1sxKmfm0e7PQn08vX4JJ4 JCCj+ShEVl+ZKqX3IWvfITqgAZlF+vFM4S5UypkOTKSWzGob3Q5MRssbM+kK78M6 25GquKgaVfY8fxovMkskphi+z059FNVmivxSg/pnDjuiD6Z/t6A8DhxKmYCfbz9e HS9A8sSBGdP0IrIsznz0jBKdonoOzAQPcSreghac9G23JEN4vPb9Os8f+Wv8Yt1Q eWYHS8VliMnq/Zg9PqVvs4n/n8ttZ52uJcYpNLVR6NKJZMtaSoh/r3crwKyLB0UB /mOdIl55qzDUSVcyohcQlQa9moU02I8RaHw35lOVp87QtCK4IzKT8fPQnTN/c/bP 4eb6I9TA/xlMlYsXYNvIss8l6+Cs8NDdEqP3WQH7WCs= =SFPc -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update Advisory ID: RHSA-2020:5633-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2020:5633 Issue date: 2021-02-24 CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14553 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2018-20843 CVE-2019-3884 CVE-2019-5018 CVE-2019-6977 CVE-2019-6978 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9455 CVE-2019-9458 CVE-2019-11068 CVE-2019-12614 CVE-2019-13050 CVE-2019-13225 CVE-2019-13627 CVE-2019-14889 CVE-2019-15165 CVE-2019-15166 CVE-2019-15903 CVE-2019-15917 CVE-2019-15925 CVE-2019-16167 CVE-2019-16168 CVE-2019-16231 CVE-2019-16233 CVE-2019-16935 CVE-2019-17450 CVE-2019-17546 CVE-2019-18197 CVE-2019-18808 CVE-2019-18809 CVE-2019-19046 CVE-2019-19056 CVE-2019-19062 CVE-2019-19063 CVE-2019-19068 CVE-2019-19072 CVE-2019-19221 CVE-2019-19319 CVE-2019-19332 CVE-2019-19447 CVE-2019-19524 CVE-2019-19533 CVE-2019-19537 CVE-2019-19543 CVE-2019-19602 CVE-2019-19767 CVE-2019-19770 CVE-2019-19906 CVE-2019-19956 CVE-2019-20054 CVE-2019-20218 CVE-2019-20386 CVE-2019-20387 CVE-2019-20388 CVE-2019-20454 CVE-2019-20636 CVE-2019-20807 CVE-2019-20812 CVE-2019-20907 CVE-2019-20916 CVE-2020-0305 CVE-2020-0444 CVE-2020-1716 CVE-2020-1730 CVE-2020-1751 CVE-2020-1752 CVE-2020-1971 CVE-2020-2574 CVE-2020-2752 CVE-2020-2922 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3898 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-6405 CVE-2020-7595 CVE-2020-7774 CVE-2020-8177 CVE-2020-8492 CVE-2020-8563 CVE-2020-8566 CVE-2020-8619 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9327 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-10018 CVE-2020-10029 CVE-2020-10732 CVE-2020-10749 CVE-2020-10751 CVE-2020-10763 CVE-2020-10773 CVE-2020-10774 CVE-2020-10942 CVE-2020-11565 CVE-2020-11668 CVE-2020-11793 CVE-2020-12465 CVE-2020-12655 CVE-2020-12659 CVE-2020-12770 CVE-2020-12826 CVE-2020-13249 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-14019 CVE-2020-14040 CVE-2020-14381 CVE-2020-14382 CVE-2020-14391 CVE-2020-14422 CVE-2020-15157 CVE-2020-15503 CVE-2020-15862 CVE-2020-15999 CVE-2020-16166 CVE-2020-24490 CVE-2020-24659 CVE-2020-25211 CVE-2020-25641 CVE-2020-25658 CVE-2020-25661 CVE-2020-25662 CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 CVE-2020-25694 CVE-2020-25696 CVE-2020-26160 CVE-2020-27813 CVE-2020-27846 CVE-2020-28362 CVE-2020-29652 CVE-2021-2007 CVE-2021-3121 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.7.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.0. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2020:5634 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64 The image digest is sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-s390x The image digest is sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le The image digest is sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6 All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor. Security Fix(es): * crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846) * golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652) * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774) * kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider (CVE-2020-8563) * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749) * heketi: gluster-block volume password details available in logs (CVE-2020-10763) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) * jwt-go: access restriction bypass vulnerability (CVE-2020-26160) * golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813) * golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: For OpenShift Container Platform 4.7, see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html. 4. Bugs fixed (https://bugzilla.redhat.com/): 1620608 - Restoring deployment config with history leads to weird state 1752220 - [OVN] Network Policy fails to work when project label gets overwritten 1756096 - Local storage operator should implement must-gather spec 1756173 - /etc/udev/rules.d/66-azure-storage.rules missing from initramfs 1768255 - installer reports 100% complete but failing components 1770017 - Init containers restart when the exited container is removed from node. 1775057 - [MSTR-485] Cluster is abnormal after etcd backup/restore when the backup is conducted during etcd encryption is migrating 1775444 - RFE: k8s cpu manager does not restrict /usr/bin/pod cpuset 1777038 - Cluster scaled beyond host subnet limits does not fire alert or cleanly report why it cannot scale 1777224 - InfraID in metadata.json and .openshift_install_state.json is not consistent when repeating `create` commands 1784298 - "Displaying with reduced resolution due to large dataset." would show under some conditions 1785399 - Under condition of heavy pod creation, creation fails with 'error reserving pod name ...: name is reserved" 1797766 - Resource Requirements" specDescriptor fields - CPU and Memory injects empty string YAML editor 1801089 - [OVN] Installation failed and monitoring pod not created due to some network error. 1805025 - [OSP] Machine status doesn't become "Failed" when creating a machine with invalid image 1805639 - Machine status should be "Failed" when creating a machine with invalid machine configuration 1806000 - CRI-O failing with: error reserving ctr name 1806915 - openshift-service-ca: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be 1806917 - openshift-service-ca-operator: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be 1810438 - Installation logs are not gathered from OCP nodes 1812085 - kubernetes-networking-namespace-pods dashboard doesn't exist 1812412 - Monitoring Dashboard: on restricted cluster, query timed out in expression evaluation 1813012 - EtcdDiscoveryDomain no longer needed 1813949 - openshift-install doesn't use env variables for OS_* for some of API endpoints 1816812 - OpenShift test suites are not resilient to rate limited registries (like docker.io) and cannot control their dependencies for offline use 1819053 - loading OpenAPI spec for "v1beta1.metrics.k8s.io" failed with: OpenAPI spec does not exist 1819457 - Package Server is in 'Cannot update' status despite properly working 1820141 - [RFE] deploy qemu-quest-agent on the nodes 1822744 - OCS Installation CI test flaking 1824038 - Integration Tests: StaleElementReferenceError in OLM single-installmode scenario 1825892 - StorageClasses and PVs are not cleaned completely after running the csi verification tool 1826301 - Wrong NodeStatus reports in file-integrity scan when configuration error in aide.conf file 1829723 - User workload monitoring alerts fire out of the box 1832968 - oc adm catalog mirror does not mirror the index image itself 1833012 - Lower OVNKubernetes HTTP E/W performance compared with OpenShiftSDN 1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters 1834995 - olmFull suite always fails once th suite is run on the same cluster 1836017 - vSphere UPI: Both Internal and External load balancers for kube-apiserver should use /readyz 1837953 - Replacing masters doesn't work for ovn-kubernetes 4.4 1838352 - OperatorExited, Pending marketplace-operator-... pod for several weeks 1838751 - [oVirt][Tracker] Re-enable skipped network tests 1839239 - csi-snapshot-controller flickers Degraded=True on etcd hiccups 1840759 - [aws-ebs-csi-driver] The volume created by aws ebs csi driver can not be deleted when the cluster is destroyed 1841039 - authentication-operator: Add e2e test for password grants to Keycloak being set as OIDC IdP 1841119 - Get rid of config patches and pass flags directly to kcm 1841175 - When an Install Plan gets deleted, OLM does not create a new one 1841381 - Issue with memoryMB validation 1841885 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option 1844727 - Etcd container leaves grep and lsof zombie processes 1845387 - CVE-2020-10763 heketi: gluster-block volume password details available in logs 1847074 - Filter bar layout issues at some screen widths on search page 1848358 - CRDs with preserveUnknownFields:true don't reflect in status that they are non-structural 1849543 - [4.5]kubeletconfig's description will show multiple lines for finalizers when upgrade from 4.4.8->4.5 1851103 - Use of NetworkManager-wait-online.service in rhcos-growpart.service 1851203 - [GSS] [RFE] Need a simpler representation of capactiy breakdown in total usage and per project breakdown in OCS 4 dashboard 1851351 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing 1851693 - The `oc apply` should return errors instead of hanging there when failing to create the CRD 1852289 - Upgrade testsuite fails on ppc64le environment - Unsupported LoadBalancer service 1853115 - the restriction of --cloud option should be shown in help text. 1853116 - `--to` option does not work with `--credentials-requests` flag. 1853352 - [v2v][UI] Storage Class fields Should Not be empty in VM disks view 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1854567 - "Installed Operators" list showing "duplicated" entries during installation 1855325 - [Feature:Prometheus][Conformance] Prometheus when installed on the cluster [Top Level] [Feature:Prometheus][Conformance] Prometheus when installed on the cluster should report telemetry if a cloud.openshift.com token is present 1855351 - Inconsistent Installer reactions to Ctrl-C during user input process 1855408 - OVN cluster unstable after running minimal scale test 1856351 - Build page should show metrics for when the build ran, not the last 30 minutes 1856354 - New APIServices missing from OpenAPI definitions 1857446 - ARO/Azure: excessive pod memory allocation causes node lockup 1857877 - Operator upgrades can delete existing CSV before completion 1858578 - [v2v] [ui] VM import RHV to CNV Target VM Name longer than 63 chars should not be allowed 1859174 - [IPI][OSP] Having errors from 4.3 to 4.6 about Security group rule already created 1860136 - default ingress does not propagate annotations to route object on update 1860322 - [OCPv4.5.2] after unexpected shutdown one of RHV Hypervisors, OCP worker nodes machine are marked as "Failed" 1860518 - unable to stop a crio pod 1861383 - Route with `haproxy.router.openshift.io/timeout: 365d` kills the ingress controller 1862430 - LSO: PV creation lock should not be acquired in a loop 1862489 - LSO autoprovisioning should exclude top level disks that are part of LVM volume group. 1862608 - Virtual media does not work on hosts using BIOS, only UEFI 1862918 - [v2v] User should only select SRIOV network when importin vm with SRIOV network 1865743 - Some pods are stuck in ContainerCreating and some sdn pods are in CrashLoopBackOff 1865839 - rpm-ostree fails with "System transaction in progress" when moving to kernel-rt 1866043 - Configurable table column headers can be illegible 1866087 - Examining agones helm chart resources results in "Oh no!" 1866261 - Need to indicate the intentional behavior for Ansible in the `create api` help info 1866298 - [RHOCS Usability Study][Installation] Labeling the namespace should be a part of the installation flow or be clearer as a requirement 1866320 - [RHOCS Usability Study][Dashboard] Users were confused by Available Capacity and the Total Capacity 1866334 - [RHOCS Usability Study][Installation] On the Operator installation page, there’s no indication on which labels offer tooltip/help 1866340 - [RHOCS Usability Study][Dashboard] It was not clear why “No persistent storage alerts” was prominently displayed 1866343 - [RHOCS Usability Study][Dashboard] User wanted to know the time frame for Data Consumption, e.g I/O Operations 1866445 - kola --basic-qemu-scenarios scenario fail on ppc64le & s390x 1866482 - Few errors are seen when oc adm must-gather is run 1866605 - No metadata.generation set for build and buildconfig objects 1866873 - MCDDrainError "Drain failed on , updates may be blocked" missing rendered node name 1866901 - Deployment strategy for BMO allows multiple pods to run at the same time 1866925 - openshift-install destroy cluster should fail quickly when provided with invalid credentials on Azure. 1867165 - Cannot assign static address to baremetal install bootstrap vm 1867380 - When using webhooks in OCP 4.5 fails to rollout latest deploymentconfig 1867400 - [OCs 4.5]UI should not allow creation of second storagecluster of different mode in a single OCS 1867477 - HPA monitoring cpu utilization fails for deployments which have init containers 1867518 - [oc] oc should not print so many goroutines when ANY command fails 1867608 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster 1867965 - OpenShift Console Deployment Edit overwrites deployment yaml 1868004 - opm index add appears to produce image with wrong registry server binary 1868065 - oc -o jsonpath prints possible warning / bug "Unable to decode server response into a Table" 1868104 - Baremetal actuator should not delete Machine objects 1868125 - opm index add is not creating an index with valid images when --permissive flag is added, the index is empty instead 1868384 - CLI does not save login credentials as expected when using the same username in multiple clusters 1868527 - OpenShift Storage using VMWare vSAN receives error "Failed to add disk 'scsi0:2'" when mounted pod is created on separate node 1868645 - After a disaster recovery pods a stuck in "NodeAffinity" state and not running 1868748 - ClusterProvisioningIP in baremetal platform has wrong JSON annotation 1868765 - [vsphere][ci] could not reserve an IP address: no available addresses 1868770 - catalogSource named "redhat-operators" deleted in a disconnected cluster 1868976 - Prometheus error opening query log file on EBS backed PVC 1869293 - The configmap name looks confusing in aide-ds pod logs 1869606 - crio's failing to delete a network namespace 1870337 - [sig-storage] Managed cluster should have no crashlooping recycler pods over four minutes 1870342 - [sig-scheduling] SchedulerPredicates [Serial] validates resource limits of pods that are allowed to run [Conformance] 1870373 - Ingress Operator reports available when DNS fails to provision 1870467 - D/DC Part of Helm / Operator Backed should not have HPA 1870728 - openshift-install creates expired ignition files from stale .openshift_install_state.json 1870800 - [4.6] Managed Column not appearing on Pods Details page 1871170 - e2e tests are needed to validate the functionality of the etcdctl container 1872001 - EtcdDiscoveryDomain no longer needed 1872095 - content are expanded to the whole line when only one column in table on Resource Details page 1872124 - Could not choose device type as "disk" or "part" when create localvolumeset from web console 1872128 - Can't run container with hostPort on ipv6 cluster 1872166 - 'Silences' link redirects to unexpected 'Alerts' view after creating a silence in the Developer perspective 1872251 - [aws-ebs-csi-driver] Verify job in CI doesn't check for vendor dir sanity 1872786 - Rules in kube-apiserver.rules are taking too long and consuming too much memory for Prometheus to evaluate them 1872821 - [DOC] Typo in Ansible Operator Tutorial 1872907 - Fail to create CR from generated Helm Base Operator 1872923 - Click "Cancel" button on the "initialization-resource" creation form page should send users to the "Operator details" page instead of "Install Operator" page (previous page) 1873007 - [downstream] failed to read config when running the operator-sdk in the home path 1873030 - Subscriptions without any candidate operators should cause resolution to fail 1873043 - Bump to latest available 1.19.x k8s 1873114 - Nodes goes into NotReady state (VMware) 1873288 - Changing Cluster-Wide Pull Secret Does Not Trigger Updates In Kubelet Filesystem 1873305 - Failed to power on /inspect node when using Redfish protocol 1873326 - Accessibility - The symbols e.g checkmark in the overview page has no text description, label, or other accessible information 1873480 - Accessibility - No text description, alt text, label, or other accessible information associated with the help icon: “?” button/icon in Developer Console ->Navigation 1873556 - [Openstack] HTTP_PROXY setting for NetworkManager-resolv-prepender not working 1873593 - MCO fails to cope with ContainerRuntimeConfig thas has a name > 63 characters 1874057 - Pod stuck in CreateContainerError - error msg="container_linux.go:348: starting container process caused \"chdir to cwd (\\\"/mount-point\\\") set in config.json failed: permission denied\"" 1874074 - [CNV] Windows 2019 Default Template Not Defaulting to Proper NIC/Storage Driver 1874192 - [RFE] "Create Backing Store" page doesn't allow to select already defined k8s secret as target bucket credentials when Google Cloud Storage is selected as a provider 1874240 - [vsphere] unable to deprovision - Runtime error list attached objects 1874248 - Include validation for vcenter host in the install-config 1874340 - vmware: NodeClockNotSynchronising alert is triggered in openshift cluster after upgrading form 4.4.16 to 4.5.6 1874583 - apiserver tries and fails to log an event when shutting down 1874584 - add retry for etcd errors in kube-apiserver 1874638 - Missing logging for nbctl daemon 1874736 - [downstream] no version info for the helm-operator 1874901 - add utm_source parameter to Red Hat Marketplace URLs for attribution 1874968 - Accessibility: The project selection drop down is a keyboard trap 1875247 - Dependency resolution error "found more than one head for channel" is unhelpful for users 1875516 - disabled scheduling is easy to miss in node page of OCP console 1875598 - machine status is Running for a master node which has been terminated from the console 1875806 - When creating a service of type "LoadBalancer" (Kuryr,OVN) communication through this loadbalancer failes after 2-5 minutes. 1876166 - need to be able to disable kube-apiserver connectivity checks 1876469 - Invalid doc link on yaml template schema description 1876701 - podCount specDescriptor change doesn't take effect on operand details page 1876815 - Installer uses the environment variable OS_CLOUD for manifest generation despite explicit prompt 1876935 - AWS volume snapshot is not deleted after the cluster is destroyed 1877071 - vSphere IPI - Nameserver limits were exceeded, some nameservers have been omitted 1877105 - add redfish to enabled_bios_interfaces 1877116 - e2e aws calico tests fail with `rpc error: code = ResourceExhausted` 1877273 - [OVN] EgressIP cannot fail over to available nodes after one egressIP node shutdown 1877648 - [sriov]VF from allocatable and capacity of node is incorrect when the policy is only 'rootDevices' 1877681 - Manually created PV can not be used 1877693 - dnsrecords specify recordTTL as 30 but the value is null in AWS Route 53 1877740 - RHCOS unable to get ip address during first boot 1877812 - [ROKS] IBM cloud failed to terminate OSDs when upgraded between internal builds of OCS 4.5 1877919 - panic in multus-admission-controller 1877924 - Cannot set BIOS config using Redfish with Dell iDracs 1878022 - Met imagestreamimport error when import the whole image repository 1878086 - OCP 4.6+OCS 4.6(multiple SC) Internal Mode- UI should populate the default "Filesystem Name" instead of providing a textbox, & the name should be validated 1878301 - [4.6] [UI] Unschedulable used to always be displayed when Node is Ready status 1878701 - After deleting and recreating a VM with same name, the VM events contain the events from the old VM 1878766 - CPU consumption on nodes is higher than the CPU count of the node. 1878772 - On the nodes there are up to 547 zombie processes caused by thanos and Prometheus. 1878823 - "oc adm release mirror" generating incomplete imageContentSources when using "--to" and "--to-release-image" 1878845 - 4.5 to 4.6.rc.4 upgrade failure: authentication operator health check connection refused for multitenant mode 1878900 - Installer complains about not enough vcpu for the baremetal flavor where generic bm flavor is being used 1878953 - RBAC error shows when normal user access pvc upload page 1878956 - `oc api-resources` does not include API version 1878972 - oc adm release mirror removes the architecture information 1879013 - [RFE]Improve CD-ROM interface selection 1879056 - UI should allow to change or unset the evictionStrategy 1879057 - [CSI Certificate Test] Test failed for CSI certification tests for CSIdriver openshift-storage.rbd.csi.ceph.com with RWX enabled 1879094 - RHCOS dhcp kernel parameters not working as expected 1879099 - Extra reboot during 4.5 -> 4.6 upgrade 1879244 - Error adding container to network "ipvlan-host-local": "master" field is required 1879248 - OLM Cert Dir for Webhooks does not align SDK/Kubebuilder 1879282 - Update OLM references to point to the OLM's new doc site 1879283 - panic after nil pointer dereference in pkg/daemon/update.go 1879365 - Overlapping, divergent openshift-cluster-storage-operator manifests 1879419 - [RFE]Improve boot source description for 'Container' and ‘URL’ 1879430 - openshift-object-counts quota is not dynamically updating as the resource is deleted. 1879565 - IPv6 installation fails on node-valid-hostname 1879777 - Overlapping, divergent openshift-machine-api namespace manifests 1879878 - Messages flooded in thanos-querier pod- oauth-proxy container: Authorization header does not start with 'Basic', skipping basic authentication in Log message in thanos-querier pod the oauth-proxy 1879930 - Annotations shouldn't be removed during object reconciliation 1879976 - No other channel visible from console 1880068 - image pruner is not aware of image policy annotation, StatefulSets, etc. 1880148 - dns daemonset rolls out slowly in large clusters 1880161 - Actuator Update calls should have fixed retry time 1880259 - additional network + OVN network installation failed 1880389 - Pipeline Runs with skipped Tasks incorrectly show Tasks as "Failed" 1880410 - Convert Pipeline Visualization node to SVG 1880417 - [vmware] Fail to boot with Secure Boot enabled, kernel lockdown denies iopl access to afterburn 1880443 - broken machine pool management on OpenStack 1880450 - Host failed to install because its installation stage joined took longer than expected 20m0s. 1880473 - IBM Cloudpak operators installation stuck "UpgradePending" with InstallPlan status updates failing due to size limitation 1880680 - [4.3] [Tigera plugin] - openshift-kube-proxy fails - Failed to execute iptables-restore: exit status 4 (iptables-restore v1.8.4 (nf_tables) 1880785 - CredentialsRequest missing description in `oc explain` 1880787 - No description for Provisioning CRD for `oc explain` 1880902 - need dnsPlocy set in crd ingresscontrollers 1880913 - [DeScheduler] - change loglevel from Info to Error when priority class given in the descheduler params is not present in the cluster 1881027 - Cluster installation fails at with error : the container name \"assisted-installer\" is already in use 1881046 - [OSP] openstack-cinder-csi-driver-operator doesn't contain required manifests and assets 1881155 - operator install authentication: Authentication require functional ingress which requires at least one schedulable and ready node 1881268 - Image uploading failed but wizard claim the source is available 1881322 - kube-scheduler not scheduling pods for certificates not renewed automatically after nodes restoration 1881347 - [v2v][ui]VM Import Wizard does not call Import provider cleanup 1881881 - unable to specify target port manually resulting in application not reachable 1881898 - misalignment of sub-title in quick start headers 1882022 - [vsphere][ipi] directory path is incomplete, terraform can't find the cluster 1882057 - Not able to select access modes for snapshot and clone 1882140 - No description for spec.kubeletConfig 1882176 - Master recovery instructions don't handle IP change well 1882191 - Installation fails against external resources which lack DNS Subject Alternative Name 1882209 - [ BateMetal IPI ] local coredns resolution not working 1882210 - [release 4.7] insights-operator: Fix bug in reflector not recovering from "Too large resource version" 1882268 - [e2e][automation]Add Integration Test for Snapshots 1882361 - Retrieve and expose the latest report for the cluster 1882485 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use 1882556 - git:// protocol in origin tests is not currently proxied 1882569 - CNO: Replacing masters doesn't work for ovn-kubernetes 4.4 1882608 - Spot instance not getting created on AzureGovCloud 1882630 - Fstype is changed after deleting pv provisioned by localvolumeset instance 1882649 - IPI installer labels all images it uploads into glance as qcow2 1882653 - The Approval should display the Manual after the APPROVAL changed to Manual from the Automatic 1882658 - [RFE] Volume Snapshot is not listed under inventory in Project Details page 1882660 - Operators in a namespace should be installed together when approve one 1882667 - [ovn] br-ex Link not found when scale up RHEL worker 1882723 - [vsphere]Suggested mimimum value for providerspec not working 1882730 - z systems not reporting correct core count in recording rule 1882750 - [sig-api-machinery][Feature:APIServer][Late] kubelet terminates kube-apiserver gracefully 1882781 - nameserver= option to dracut creates extra NM connection profile 1882785 - Multi-Arch CI Jobs destroy libvirt network but occasionally leave it defined 1882844 - [IPI on vsphere] Executing 'openshift-installer destroy cluster' leaves installer tag categories in vsphere 1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability 1883388 - Bare Metal Hosts Details page doesn't show Mainitenance and Power On/Off status 1883422 - operator-sdk cleanup fail after installing operator with "run bundle" without installmode and og with ownnamespace 1883425 - Gather top installplans and their count 1883502 - Logging is broken due to mix of k8s.io/klog v1 and v2 1883523 - [sig-cli] oc adm must-gather runs successfully for audit logs [Suite:openshift/conformance/parallel] 1883538 - must gather report "cannot file manila/aws ebs/ovirt csi related namespaces and objects" error 1883560 - operator-registry image needs clean up in /tmp 1883563 - Creating duplicate namespace from create namespace modal breaks the UI 1883614 - [OCP 4.6] [UI] UI should not describe power cycle as "graceful" 1883642 - [sig-imageregistry][Feature:ImageTriggers][Serial] ImageStream admission TestImageStreamAdmitSpecUpdate 1883660 - e2e-metal-ipi CI job consistently failing on 4.4 1883765 - [user workload monitoring] improve latency of Thanos sidecar when streaming read requests 1883766 - [e2e][automation] Adjust tests for UI changes 1883768 - [user workload monitoring] The Prometheus operator should discard invalid TLS configurations 1883773 - opm alpha bundle build fails on win10 home 1883790 - revert "force cert rotation every couple days for development" in 4.7 1883803 - node pull secret feature is not working as expected 1883836 - Jenkins imagestream ubi8 and nodejs12 update 1883847 - The UI does not show checkbox for enable encryption at rest for OCS 1883853 - go list -m all does not work 1883905 - race condition in opm index add --overwrite-latest 1883946 - Understand why trident CSI pods are getting deleted by OCP 1884035 - Pods are illegally transitioning back to pending 1884041 - e2e should provide error info when minimum number of pods aren't ready in kube-system namespace 1884131 - oauth-proxy repository should run tests 1884165 - Repos should be disabled in -firstboot.service before OS extensions are applied 1884221 - IO becomes unhealthy due to a file change 1884258 - Node network alerts should work on ratio rather than absolute values 1884270 - Git clone does not support SCP-style ssh locations 1884334 - CVO marks an upgrade as failed when an operator takes more than 20 minutes to rollout 1884435 - vsphere - loopback is randomly not being added to resolver 1884565 - oauth-proxy crashes on invalid usage 1884584 - Kuryr controller continuously restarting due to unable to clean up Network Policy 1884613 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users 1884628 - ovs-configuration service fails when the external network is configured on a tagged vlan on top of a bond device on a baremetal IPI deployment 1884629 - Visusally impaired user using screen reader not able to select Admin/Developer console options in drop down menu. 1884632 - Adding BYOK disk encryption through DES 1884654 - Utilization of a VMI is not populated 1884655 - KeyError on self._existing_vifs[port_id] 1884664 - Operator install page shows "installing..." instead of going to install status page 1884672 - Failed to inspect hardware. Reason: unable to start inspection: 'idrac' 1884691 - Installer blocks cloud-credential-operator manual mode on GCP and Azure 1884724 - Quick Start: Serverless quickstart doesn't match Operator install steps 1884739 - Node process segfaulted 1884824 - Update baremetal-operator libraries to k8s 1.19 1885002 - network kube-rbac-proxy scripts crashloop rather than non-crash looping 1885138 - Wrong detection of pending state in VM details 1885151 - [Cloud Team - Cluster API Provider Azure] Logging is broken due to mix of k8s.io/klog v1 and v2 1885165 - NoRunningOvnMaster alert falsely triggered 1885170 - Nil pointer when verifying images 1885173 - [e2e][automation] Add test for next run configuration feature 1885179 - oc image append fails on push (uploading a new layer) 1885213 - Vertical Pod Autoscaler (VPA) not working with DeploymentConfig 1885218 - [e2e][automation] Add virtctl to gating script 1885223 - Sync with upstream (fix panicking cluster-capacity binary) 1885235 - Prometheus: Logging is broken due to mix of k8s.io/klog v1 and v2 1885241 - kube-rbac-proxy: Logging is broken due to mix of k8s.io/klog v1 and v2 1885243 - prometheus-adapter: Logging is broken due to mix of k8s.io/klog v1 and v2 1885244 - prometheus-operator: Logging is broken due to mix of k8s.io/klog v1 and v2 1885246 - cluster-monitoring-operator: Logging is broken due to mix of k8s.io/klog v1 and v2 1885249 - openshift-state-metrics: Logging is broken due to mix of k8s.io/klog v1 and v2 1885308 - Supermicro nodes failed to boot via disk during installation when using IPMI and UEFI 1885315 - unit tests fail on slow disks 1885319 - Remove redundant use of group and kind of DataVolumeTemplate 1885343 - Console doesn't load in iOS Safari when using self-signed certificates 1885344 - 4.7 upgrade - dummy bug for 1880591 1885358 - add p&f configuration to protect openshift traffic 1885365 - MCO does not respect the install section of systemd files when enabling 1885376 - failed to initialize the cluster: Cluster operator marketplace is still updating 1885398 - CSV with only Webhook conversion can't be installed 1885403 - Some OLM events hide the underlying errors 1885414 - Need to disable HTX when not using HTTP/2 in order to preserve HTTP header name case 1885425 - opm index add cannot batch add multiple bundles that use skips 1885543 - node tuning operator builds and installs an unsigned RPM 1885644 - Panic output due to timeouts in openshift-apiserver 1885676 - [OCP 4.7]UI should fallback to minimal deployment only after total CPU < 30 || totalMemory < 72 GiB for initial deployment 1885702 - Cypress: Fix 'aria-hidden-focus' accesibility violations 1885706 - Cypress: Fix 'link-name' accesibility violation 1885761 - DNS fails to resolve in some pods 1885856 - Missing registry v1 protocol usage metric on telemetry 1885864 - Stalld service crashed under the worker node 1885930 - [release 4.7] Collect ServiceAccount statistics 1885940 - kuryr/demo image ping not working 1886007 - upgrade test with service type load balancer will never work 1886022 - Move range allocations to CRD's 1886028 - [BM][IPI] Failed to delete node after scale down 1886111 - UpdatingopenshiftStateMetricsFailed: DeploymentRollout of openshift-monitoring/openshift-state-metrics: got 1 unavailable replicas 1886134 - Need to set GODEBUG=x509ignoreCN=0 in initrd 1886154 - System roles are not present while trying to create new role binding through web console 1886166 - 1885517 Clone - Not needed for 4.7 - upgrade from 4.5->4.6 causes broadcast storm 1886168 - Remove Terminal Option for Windows Nodes 1886200 - greenwave / CVP is failing on bundle validations, cannot stage push 1886229 - Multipath support for RHCOS sysroot 1886294 - Unable to schedule a pod due to Insufficient ephemeral-storage 1886327 - Attempt to add a worker using bad roodDeviceHint: bmh and machine become Provisioned, no error in status 1886353 - [e2e][automation] kubevirt-gating job fails for a missing virtctl URL 1886397 - Move object-enum to console-shared 1886423 - New Affinities don't contain ID until saving 1886435 - Azure UPI uses deprecated command 'group deployment' 1886449 - p&f: add configuration to protect oauth server traffic 1886452 - layout options doesn't gets selected style on click i.e grey background 1886462 - IO doesn't recognize namespaces - 2 resources with the same name in 2 namespaces -> only 1 gets collected 1886488 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest 1886524 - Change default terminal command for Windows Pods 1886553 - i/o timeout experienced from build02 when targeting CI test cluster during test execution 1886600 - panic: assignment to entry in nil map 1886620 - Application behind service load balancer with PDB is not disrupted 1886627 - Kube-apiserver pods restarting/reinitializing periodically 1886635 - CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider 1886636 - Panic in machine-config-operator 1886749 - Removing network policy from namespace causes inability to access pods through loadbalancer. 1886751 - Gather MachineConfigPools 1886766 - PVC dropdown has 'Persistent Volume' Label 1886834 - ovn-cert is mandatory in both master and node daemonsets 1886848 - [OSP] machine instance-state annotation discrepancy with providerStatus.instanceState 1886861 - ordered-values.yaml not honored if values.schema.json provided 1886871 - Neutron ports created for hostNetworking pods 1886890 - Overwrite jenkins-agent-base imagestream 1886900 - Cluster-version operator fills logs with "Manifest: ..." spew 1886922 - [sig-network] pods should successfully create sandboxes by getting pod 1886973 - Local storage operator doesn't include correctly populate LocalVolumeDiscoveryResult in console 1886977 - [v2v]Incorrect VM Provider type displayed in UI while importing VMs through VMIO 1887010 - Imagepruner met error "Job has reached the specified backoff limit" which causes image registry degraded 1887026 - FC volume attach fails with “no fc disk found” error on OCP 4.6 PowerVM cluster 1887040 - [upgrade] ovs pod crash for rhel worker when upgarde from 4.5 to 4.6 1887046 - Event for LSO need update to avoid confusion 1887088 - cluster-node-tuning-operator refers to missing cluster-node-tuned image 1887375 - User should be able to specify volumeMode when creating pvc from web-console 1887380 - Unsupported access mode should not be available to select when creating pvc by aws-ebs-csi-driver(gp2-csi) from web-console 1887392 - openshift-apiserver: delegated authn/z should have ttl > metrics/healthz/readyz/openapi interval 1887428 - oauth-apiserver service should be monitored by prometheus 1887441 - ingress misconfiguration may break authentication but ingress operator keeps reporting "degraded: False" 1887454 - [sig-storage] In-tree Volumes [Driver: azure-disk] [Testpattern: Dynamic PV (ext4)] volumes should store data 1887456 - It is impossible to attach the default NIC to a bridge with the latest version of OVN Kubernetes 1887465 - Deleted project is still referenced 1887472 - unable to edit application group for KSVC via gestures (shift+Drag) 1887488 - OCP 4.6: Topology Manager OpenShift E2E test fails: gu workload attached to SRIOV networks should let resource-aligned PODs have working SRIOV network interface 1887509 - Openshift-tests conformance TopologyManager tests run when Machine Config Operator is not installed on cluster 1887525 - Failures to set master HardwareDetails cannot easily be debugged 1887545 - 4.5 to 4.6 upgrade fails when external network is configured on a bond device: ovs-configuration service fails and node becomes unreachable 1887585 - ovn-masters stuck in crashloop after scale test 1887651 - [Internal Mode] Object gateway (RGW) in unknown state after OCP upgrade. 1887737 - Test TestImageRegistryRemovedWithImages is failing on e2e-vsphere-operator 1887740 - cannot install descheduler operator after uninstalling it 1887745 - API server is throwing 5xx error code for 42.11% of requests for LIST events 1887750 - `oc explain localvolumediscovery` returns empty description 1887751 - `oc explain localvolumediscoveryresult` returns empty description 1887778 - Add ContainerRuntimeConfig gatherer 1887783 - PVC upload cannot continue after approve the certificate 1887797 - [CNV][V2V] Default network type is bridge for interface bound to POD network in VMWare migration wizard 1887799 - User workload monitoring prometheus-config-reloader OOM 1887850 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install test is flaky 1887863 - Installer panics on invalid flavor 1887864 - Clean up dependencies to avoid invalid scan flagging 1887934 - TestForwardedHeaderPolicyAppend, TestForwardedHeaderPolicyReplace, and TestForwardedHeaderPolicyIfNone consistently fail because of case-sensitive comparison 1887936 - Kube-scheduler should be able to parse v1beta1 KubeSchedulerConfig 1888015 - workaround kubelet graceful termination of static pods bug 1888028 - prevent extra cycle in aggregated apiservers 1888036 - Operator details shows old CRD versions 1888041 - non-terminating pods are going from running to pending 1888072 - Setting Supermicro node to PXE boot via Redfish doesn't take affect 1888073 - Operator controller continuously busy looping 1888118 - Memory requests not specified for image registry operator 1888150 - Install Operand Form on OperatorHub is displaying unformatted text 1888172 - PR 209 didn't update the sample archive, but machineset and pdbs are now namespaced 1888227 - Failed to deploy some of container image on the recent OCP 4.6 nightly build 1888292 - Fix CVE-2015-7501 affecting agent-maven-3.5 1888311 - p&f: make SAR traffic from oauth and openshift apiserver exempt 1888363 - namespaces crash in dev 1888378 - [IPI on Azure] errors destroying cluster when Azure resource group was never created 1888381 - instance:node_network_receive_bytes_excluding_lo:rate1m value twice expected 1888464 - installer missing permission definitions for TagResources and UntagResources when installing in existing VPC 1888494 - imagepruner pod is error when image registry storage is not configured 1888565 - [OSP] machine-config-daemon-firstboot.service failed with "error reading osImageURL from rpm-ostree" 1888595 - cluster-policy-controller logs shows error which reads initial monitor sync has error 1888601 - The poddisruptionbudgets is using the operator service account, instead of gather 1888657 - oc doesn't know its name 1888663 - sdn starts after kube-apiserver, delay readyz until oauth-apiserver is reachable 1888671 - Document the Cloud Provider's ignore-volume-az setting 1888738 - quay.io/openshift/origin-must-gather:latest is not a multi-arch, manifest-list image 1888763 - at least one of these parameters (Vendor, DeviceID or PfNames) has to be defined in nicSelector in CR %s", cr.GetName() 1888827 - ovnkube-master may segfault when trying to add IPs to a nil address set 1888861 - need to pass dual-stack service CIDRs to kube-apiserver in dual-stack cluster 1888866 - AggregatedAPIDown permanently firing after removing APIService 1888870 - JS error when using autocomplete in YAML editor 1888874 - hover message are not shown for some properties 1888900 - align plugins versions 1888985 - Cypress: Fix 'Ensures buttons have discernible text' accesibility violation 1889213 - The error message of uploading failure is not clear enough 1889267 - Increase the time out for creating template and upload image in the terraform 1889348 - Project link should be removed from Application Details page, since it is inaccurate (Application Stages) 1889374 - Kiali feature won't work on fresh 4.6 cluster 1889388 - ListBundles returns incorrect replaces/skips when bundles have been added via semver-skippatch mode 1889420 - OCP failed to add vsphere disk when pod moved to new node during cluster upgrade 1889515 - Accessibility - The symbols e.g checkmark in the Node > overview page has no text description, label, or other accessible information 1889529 - [Init-CR annotation] Inline alert shows operand instance was needed still appearing after creating an Operand instance 1889540 - [4.5 upgrade][alert]CloudCredentialOperatorDown 1889577 - Resources are not shown on project workloads page 1889620 - [Azure] - Machineset not scaling when publicIP:true in disconnected Azure enviroment 1889630 - Scheduling disabled popovers are missing for Node status in Node Overview and Details pages 1889692 - Selected Capacity is showing wrong size 1889694 - usbguard fails to install as RHCOS extension due to missing libprotobuf.so.15 1889698 - When the user clicked cancel at the Create Storage Class confirmation dialog all the data from the Local volume set goes off 1889710 - Prometheus metrics on disk take more space compared to OCP 4.5 1889721 - opm index add semver-skippatch mode does not respect prerelease versions 1889724 - When LocalVolumeDiscovery CR is created form the LSO page User doesn't see the Disk tab 1889767 - [vsphere] Remove certificate from upi-installer image 1889779 - error when destroying a vSphere installation that failed early 1889787 - OCP is flooding the oVirt engine with auth errors 1889838 - race in Operator update after fix from bz1888073 1889852 - support new AWS regions ap-east-1, af-south-1, eu-south-1 1889863 - Router prints incorrect log message for namespace label selector 1889891 - Backport timecache LRU fix 1889912 - Drains can cause high CPU usage 1889921 - Reported Degraded=False Available=False pair does not make sense 1889928 - [e2e][automation] Add more tests for golden os 1889943 - EgressNetworkPolicy does not work when setting Allow rule to a dnsName 1890038 - Infrastructure status.platform not migrated to status.platformStatus causes warnings 1890074 - MCO extension kernel-headers is invalid 1890104 - with Serverless 1.10 version of trigger/subscription/channel/IMC is V1 as latest 1890130 - multitenant mode consistently fails CI 1890141 - move off docker.io images for build/image-eco/templates/jenkins e2e 1890145 - The mismatched of font size for Status Ready and Health Check secondary text 1890180 - FieldDependency x-descriptor doesn't support non-sibling fields 1890182 - DaemonSet with existing owner garbage collected 1890228 - AWS: destroy stuck on route53 hosted zone not found 1890235 - e2e: update Protractor's checkErrors logging 1890250 - workers may fail to join the cluster during an update from 4.5 1890256 - Replacing a master node on a baremetal IPI deployment gets stuck when deleting the machine of the unhealthy member 1890270 - External IP doesn't work if the IP address is not assigned to a node 1890361 - s390x: Generate new ostree rpm with fix for rootfs immutability 1890456 - [vsphere] mapi_instance_create_failed doesn't work on vsphere 1890467 - unable to edit an application without a service 1890472 - [Kuryr] Bulk port creation exception not completely formatted 1890494 - Error assigning Egress IP on GCP 1890530 - cluster-policy-controller doesn't gracefully terminate 1890630 - [Kuryr] Available port count not correctly calculated for alerts 1890671 - [SA] verify-image-signature using service account does not work 1890677 - 'oc image info' claims 'does not exist' for application/vnd.oci.image.manifest.v1+json manifest 1890808 - New etcd alerts need to be added to the monitoring stack 1890951 - Mirror of multiarch images together with cluster logging case problems. It doesn't sync the "overall" sha it syncs only the sub arch sha. 1890984 - Rename operator-webhook-config to sriov-operator-webhook-config 1890995 - wew-app should provide more insight into why image deployment failed 1891023 - ovn-kubernetes rbac proxy never starts waiting for an incorrect API call 1891047 - Helm chart fails to install using developer console because of TLS certificate error 1891068 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't report any alerts in firing state apart from Watchdog and AlertmanagerReceiversNotConfigured [Early] failing due to TargetDown alert from kube-scheduler 1891080 - [LSO] When Localvolumeset and SC is already created before OCS install Creation of LVD and LVS is skipped when user click created storage cluster from UI 1891108 - p&f: Increase the concurrency share of workload-low priority level 1891143 - CVO deadlocked while shutting down, shortly after fresh cluster install (metrics goroutine) 1891189 - [LSO] max device limit is accepting negative values. PVC is not getting created and no error is shown 1891314 - Display incompatible helm charts for installation (kubeVersion of cluster doesn't meet requirements of chart) 1891362 - Wrong metrics count for openshift_build_result_total 1891368 - fync should be fsync for etcdHighFsyncDurations alert's annotations.message 1891374 - fync should be fsync for etcdHighFsyncDurations critical alert's annotations.message 1891376 - Extra text in Cluster Utilization charts 1891419 - Wrong detail head on network policy detail page. 1891459 - Snapshot tests should report stderr of failed commands 1891498 - Other machine config pools do not show during update 1891543 - OpenShift 4.6/OSP install fails when node flavor has less than 25GB, even with dedicated storage 1891551 - Clusterautoscaler doesn't scale up as expected 1891552 - Handle missing labels as empty. 1891555 - The windows oc.exe binary does not have version metadata 1891559 - kuryr-cni cannot start new thread 1891614 - [mlx] testpmd fails inside OpenShift pod using DevX version 19.11 1891625 - [Release 4.7] Mutable LoadBalancer Scope 1891702 - installer get pending when additionalTrustBundle is added into install-config.yaml 1891716 - OVN cluster upgrade from 4.6.1 to 4.7 fails 1891740 - OperatorStatusChanged is noisy 1891758 - the authentication operator may spam DeploymentUpdated event endlessly 1891759 - Dockerfile builds cannot change /etc/pki/ca-trust 1891816 - [UPI] [OSP] control-plane.yml provisioning playbook fails on OSP 16.1 1891825 - Error message not very informative in case of mode mismatch 1891898 - The ClusterServiceVersion can define Webhooks that cannot be created. 1891951 - UI should show warning while creating pools with compression on 1891952 - [Release 4.7] Apps Domain Enhancement 1891993 - 4.5 to 4.6 upgrade doesn't remove deployments created by marketplace 1891995 - OperatorHub displaying old content 1891999 - Storage efficiency card showing wrong compression ratio 1892004 - OCP 4.6 opm on Ubuntu 18.04.4 - error /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.28' not found (required by ./opm) 1892167 - [SR-IOV] SriovNetworkNodePolicies apply ignoring the spec.nodeSelector. 1892198 - TypeError in 'Performance Profile' tab displayed for 'Performance Addon Operator' 1892288 - assisted install workflow creates excessive control-plane disruption 1892338 - HAProxyReloadFail alert only briefly fires in the event of a broken HAProxy config 1892358 - [e2e][automation] update feature gate for kubevirt-gating job 1892376 - Deleted netnamespace could not be re-created 1892390 - TestOverwrite/OverwriteBundle/DefaultBehavior in operator-registry is flaky 1892393 - TestListPackages is flaky 1892448 - MCDPivotError alert/metric missing 1892457 - NTO-shipped stalld needs to use FIFO for boosting. 1892467 - linuxptp-daemon crash 1892521 - [AWS] Startup bootstrap machine failed due to ignition file is missing in disconnected UPI env 1892653 - User is unable to create KafkaSource with v1beta 1892724 - VFS added to the list of devices of the nodeptpdevice CRD 1892799 - Mounting additionalTrustBundle in the operator 1893117 - Maintenance mode on vSphere blocks installation. 1893351 - TLS secrets are not able to edit on console. 1893362 - The ovs-xxxxx_openshift-sdn container does not terminate gracefully, slowing down reboots 1893386 - false-positive ReadyIngressNodes_NoReadyIngressNodes: Auth operator makes risky "worker" assumption when guessing about ingress availability 1893546 - Deploy using virtual media fails on node cleaning step 1893601 - overview filesystem utilization of OCP is showing the wrong values 1893645 - oc describe route SIGSEGV 1893648 - Ironic image building process is not compatible with UEFI secure boot 1893724 - OperatorHub generates incorrect RBAC 1893739 - Force deletion doesn't work for snapshots if snapshotclass is already deleted 1893776 - No useful metrics for image pull time available, making debugging issues there impossible 1893798 - Lots of error messages starting with "get namespace to enqueue Alertmanager instances failed" in the logs of prometheus-operator 1893832 - ErrorCount field is missing in baremetalhosts.metal3.io CRD 1893889 - disabled dropdown items in the pf dropdown component are skipped over and unannounced by JAWS 1893926 - Some "Dynamic PV (block volmode)" pattern storage e2e tests are wrongly skipped 1893944 - Wrong product name for Multicloud Object Gateway 1893953 - (release-4.7) Gather default StatefulSet configs 1893956 - Installation always fails at "failed to initialize the cluster: Cluster operator image-registry is still updating" 1893963 - [Testday] Workloads-> Virtualization is not loading for Firefox browser 1893972 - Should skip e2e test cases as early as possible 1894013 - [v2v][Testday] VMware to CNV VM import]VMware URL: It is not clear that only the FQDN/IP address is required without 'https://' 1894020 - User with edit users cannot deploy images from their own namespace from the developer perspective 1894025 - OCP 4.5 to 4.6 upgrade for "aws-ebs-csi-driver-operator" fails when "defaultNodeSelector" is set 1894041 - [v2v][[Testday]VM import from VMware/RHV] VM import wizard: The target storage class name is not displayed if default storage class is used. 1894065 - tag new packages to enable TLS support 1894110 - Console shows wrong value for maxUnavailable and maxSurge when set to 0 1894144 - CI runs of baremetal IPI are failing due to newer libvirt libraries 1894146 - ironic-api used by metal3 is over provisioned and consumes a lot of RAM 1894194 - KuryrPorts leftovers from 4.6 GA need to be deleted 1894210 - Failed to encrypt OSDs on OCS4.6 installation (via UI) 1894216 - Improve OpenShift Web Console availability 1894275 - Fix CRO owners file to reflect node owner 1894278 - "database is locked" error when adding bundle to index image 1894330 - upgrade channels needs to be updated for 4.7 1894342 - oauth-apiserver logs many "[SHOULD NOT HAPPEN] failed to update managedFields for ... OAuthClient ... no corresponding type for oauth.openshift.io/v1, Kind=OAuthClient" 1894374 - Dont prevent the user from uploading a file with incorrect extension 1894432 - [oVirt] sometimes installer timeout on tmp_import_vm 1894477 - bash syntax error in nodeip-configuration.service 1894503 - add automated test for Polarion CNV-5045 1894519 - [OSP] External mode cluster creation disabled for Openstack and oVirt platform 1894539 - [on-prem] Unable to deploy additional machinesets on separate subnets 1894645 - Cinder volume provisioning crashes on nil cloud provider 1894677 - image-pruner job is panicking: klog stack 1894810 - Remove TechPreview Badge from Eventing in Serverless version 1.11.0 1894860 - 'backend' CI job passing despite failing tests 1894910 - Update the node to use the real-time kernel fails 1894992 - All nightly jobs for e2e-metal-ipi failing due to ipa image missing tenacity package 1895065 - Schema / Samples / Snippets Tabs are all selected at the same time 1895099 - vsphere-upi and vsphere-upi-serial jobs time out waiting for bootstrap to complete in CI 1895141 - panic in service-ca injector 1895147 - Remove memory limits on openshift-dns 1895169 - VM Template does not properly manage Mount Windows guest tools check box during VM creation 1895268 - The bundleAPIs should NOT be empty 1895309 - [OCP v47] The RHEL node scaleup fails due to "No package matching 'cri-o-1.19.*' found available" on OCP 4.7 cluster 1895329 - The infra index filled with warnings "WARNING: kubernetes.io/cinder built-in volume provider is now deprecated. The Cinder volume provider is deprecated and will be removed in a future release" 1895360 - Machine Config Daemon removes a file although its defined in the dropin 1895367 - Missing image in metadata DB index.db in disconnected Operator Hub installation. OCP 4.6.1 1895372 - Web console going blank after selecting any operator to install from OperatorHub 1895385 - Revert KUBELET_LOG_LEVEL back to level 3 1895423 - unable to edit an application with a custom builder image 1895430 - unable to edit custom template application 1895509 - Backup taken on one master cannot be restored on other masters 1895537 - [sig-imageregistry][Feature:ImageExtract] Image extract should extract content from an image 1895838 - oc explain description contains '/' 1895908 - "virtio" option is not available when modifying a CD-ROM to disk type 1895909 - e2e-metal-ipi-ovn-dualstack is failing 1895919 - NTO fails to load kernel modules 1895959 - configuring webhook token authentication should prevent cluster upgrades 1895979 - Unable to get coreos-installer with --copy-network to work 1896101 - [cnv][automation] Added negative tests for migration from VMWare and RHV 1896160 - CI: Some cluster operators are not ready: marketplace (missing: Degraded) 1896188 - [sig-cli] oc debug deployment configs from a build: local-busybox-1-build not completed 1896218 - Occasional GCP install failures: Error setting IAM policy for project ...: googleapi: Error 400: Service account ... does not exist., badRequest 1896229 - Current Rate of Bytes Received and Current Rate of Bytes Transmitted data can not be loaded 1896244 - Found a panic in storage e2e test 1896296 - Git links should avoid .git as part of the URL and should not link git:// urls in general 1896302 - [e2e][automation] Fix 4.6 test failures 1896365 - [Migration]The SDN migration cannot revert under some conditions 1896384 - [ovirt IPI]: local coredns resolution not working 1896446 - Git clone from private repository fails after upgrade OCP 4.5 to 4.6 1896529 - Incorrect instructions in the Serverless operator and application quick starts 1896645 - documentationBaseURL needs to be updated for 4.7 1896697 - [Descheduler] policy.yaml param in cluster configmap is empty 1896704 - Machine API components should honour cluster wide proxy settings 1896732 - "Attach to Virtual Machine OS" button should not be visible on old clusters 1896866 - File /etc/NetworkManager/system-connections/default_connection.nmconnection is incompatible with SR-IOV operator 1896898 - ovs-configuration.service fails when multiple IPv6 default routes are provided via RAs over the same interface and deployment bootstrap fails 1896918 - start creating new-style Secrets for AWS 1896923 - DNS pod /metrics exposed on anonymous http port 1896977 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters 1897003 - VNC console cannot be connected after visit it in new window 1897008 - Cypress: reenable check for 'aria-hidden-focus' rule & checkA11y test for modals 1897026 - [Migration] With updating optional network operator configuration, migration stucks on MCO 1897039 - router pod keeps printing log: template "msg"="router reloaded" "output"="[WARNING] 316/065823 (15) : parsing [/var/lib/haproxy/conf/haproxy.config:52]: option 'http-use-htx' is deprecated and ignored 1897050 - [IBM Power] LocalVolumeSet provisions boot partition as PV. 1897073 - [OCP 4.5] wrong netid assigned to Openshift projects/namespaces 1897138 - oVirt provider uses depricated cluster-api project 1897142 - When scaling replicas to zero, Octavia loadbalancer pool members are not updated accordingly 1897252 - Firing alerts are not showing up in console UI after cluster is up for some time 1897354 - Operator installation showing success, but Provided APIs are missing 1897361 - The MCO GCP-OP tests fail consistently on containerruntime tests with "connection refused" 1897412 - [sriov]disableDrain did not be updated in CRD of manifest 1897423 - Max unavailable and Max surge value are not shown on Deployment Config Details page 1897516 - Baremetal IPI deployment with IPv6 control plane fails when the nodes obtain both SLAAC and DHCPv6 addresses as they set their hostname to 'localhost' 1897520 - After restarting nodes the image-registry co is in degraded true state. 1897584 - Add casc plugins 1897603 - Cinder volume attachment detection failure in Kubelet 1897604 - Machine API deployment fails: Kube-Controller-Manager can't reach API: "Unauthorized" 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1897641 - Baremetal IPI with IPv6 control plane: nodes respond with duplicate packets to ICMP6 echo requests 1897676 - [CI] [Azure] [UPI] CI failing since 4.6 changes in ignition 1897830 - [GSS] Unable to deploy OCS 4.5.2 on OCP 4.6.1, cannot `Create OCS Cluster Service` 1897891 - [RFE][v2v][UI][CNV VM import] Providing error message or/and block migration when vddk-init-image is missing 1897897 - ptp lose sync openshift 4.6 1898036 - no network after reboot (IPI) 1898045 - AWS EBS CSI Driver can not get updated cloud credential secret automatically 1898097 - mDNS floods the baremetal network 1898118 - Lack of logs on some image stream tests make hard to find root cause of a problem 1898134 - Descheduler logs show absolute values instead of percentage when LowNodeUtilization strategy is applied 1898159 - kcm operator shall pass --allocate-node-cidrs=false to kcm for ovn-kube and openshift-sdn cluster 1898174 - [OVN] EgressIP does not guard against node IP assignment 1898194 - GCP: can't install on custom machine types 1898238 - Installer validations allow same floating IP for API and Ingress 1898268 - [OVN]: `make check` broken on 4.6 1898289 - E2E test: Use KUBEADM_PASSWORD_FILE by default 1898320 - Incorrect Apostrophe Translation of "it's" in Scheduling Disabled Popover 1898357 - Within the operatorhub details view, long unbroken text strings do not wrap cause breaking display. 1898407 - [Deployment timing regression] Deployment takes longer with 4.7 1898417 - GCP: the dns targets in Google Cloud DNS is not updated after recreating loadbalancer service 1898487 - [oVirt] Node is not removed when VM has been removed from oVirt engine 1898500 - Failure to upgrade operator when a Service is included in a Bundle 1898517 - Ironic auto-discovery may result in rogue nodes registered in ironic 1898532 - Display names defined in specDescriptors not respected 1898580 - When adding more than one node selector to the sriovnetworknodepolicy, the cni and the device plugin pods are constantly rebooted 1898613 - Whereabouts should exclude IPv6 ranges 1898655 - [oVirt] Node deleted in oVirt should cause the Machine to go into a Failed phase 1898679 - Operand creation form - Required "type: object" properties (Accordion component) are missing red asterisk 1898680 - CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability 1898745 - installation failing with CVO reporting openshift-samples not rolled out, samples not setting versions in its ClusterOperator 1898839 - Wrong YAML in operator metadata 1898851 - Multiple Pods access the same volume on the same node e2e test cases are missed from aws ebs csi driver e2e test job 1898873 - Remove TechPreview Badge from Monitoring 1898954 - Backup script does not take /etc/kubernetes/static-pod-resources on a reliable way 1899111 - [RFE] Update jenkins-maven-agen to maven36 1899128 - VMI details screen -> show the warning that it is preferable to have a VM only if the VM actually does not exist 1899175 - bump the RHCOS boot images for 4.7 1899198 - Use new packages for ipa ramdisks 1899200 - In Installed Operators page I cannot search for an Operator by it's name 1899220 - Support AWS IMDSv2 1899350 - configure-ovs.sh doesn't configure bonding options 1899433 - When Creating OCS from ocs wizard Step Discover Disks shows Error "An error occurred Not Found" 1899459 - Failed to start monitoring pods once the operator removed from override list of CVO 1899515 - Passthrough credentials are not immediately re-distributed on update 1899575 - update discovery burst to reflect lots of CRDs on openshift clusters 1899582 - update discovery burst to reflect lots of CRDs on openshift clusters 1899588 - Operator objects are re-created after all other associated resources have been deleted 1899600 - Increased etcd fsync latency as of OCP 4.6 1899603 - workers-rhel7 CI jobs failing: Failed to remove rollback: error running rpm-ostree cleanup 1899627 - Project dashboard Active status using small icon 1899725 - Pods table does not wrap well with quick start sidebar open 1899746 - [ovn] error while waiting on flows for pod: OVS sandbox port is no longer active (probably due to a subsequent CNI ADD) 1899760 - etcd_request_duration_seconds_bucket metric has excessive cardinality 1899835 - catalog-operator repeatedly crashes with "runtime error: index out of range [0] with length 0" 1899839 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap 1899853 - additionalSecurityGroupIDs not working for master nodes 1899922 - NP changes sometimes influence new pods. 1899949 - [Platform] Remove restriction on disk type selection for LocalVolumeSet 1900008 - Fix internationalized sentence fragments in ImageSearch.tsx 1900010 - Fix internationalized sentence fragments in BuildImageSelector.tsx 1900020 - Remove &apos; from internationalized keys 1900022 - Search Page - Top labels field is not applied to selected Pipeline resources 1900030 - disruption_tests: [sig-imageregistry] Image registry remain available failing consistently 1900126 - Creating a VM results in suggestion to create a default storage class when one already exists 1900138 - [OCP on RHV] Remove insecure mode from the installer 1900196 - stalld is not restarted after crash 1900239 - Skip "subPath should be able to unmount" NFS test 1900322 - metal3 pod's toleration for key: node-role.kubernetes.io/master currently matches on exact value matches but should match on Exists 1900377 - [e2e][automation] create new css selector for active users 1900496 - (release-4.7) Collect spec config for clusteroperator resources 1900672 - (s390x) Upgrade from old LUKS to new not working with DASD disks 1900699 - Impossible to add new Node on OCP 4.6 using large ECKD disks - fdasd issue 1900759 - include qemu-guest-agent by default 1900790 - Track all resource counts via telemetry 1900835 - Multus errors when cachefile is not found 1900935 - `oc adm release mirror` panic panic: runtime error 1900989 - accessing the route cannot wake up the idled resources 1901040 - When scaling down the status of the node is stuck on deleting 1901057 - authentication operator health check failed when installing a cluster behind proxy 1901107 - pod donut shows incorrect information 1901111 - Installer dependencies are broken 1901200 - linuxptp-daemon crash when enable debug log level 1901301 - CBO should handle platform=BM without provisioning CR 1901355 - [Azure][4.7] Invalid vm size from customized compute nodes does not fail properly 1901363 - High Podready Latency due to timed out waiting for annotations 1901373 - redundant bracket on snapshot restore button 1901376 - [on-prem] Upgrade from 4.6 to 4.7 failed with "timed out waiting for the condition during waitForControllerConfigToBeCompleted: controllerconfig is not completed: ControllerConfig has not completed: completed(false) running(false) failing(true" 1901395 - "Edit virtual machine template" action link should be removed 1901472 - [OSP] Bootstrap and master nodes use different keepalived unicast setting 1901517 - RHCOS 4.6.1 uses a single NetworkManager connection for multiple NICs when using default DHCP 1901531 - Console returns a blank page while trying to create an operator Custom CR with Invalid Schema 1901594 - Kubernetes resource CRUD operations.Kubernetes resource CRUD operations Pod "before all" hook for "creates the resource instance" 1901604 - CNO blocks editing Kuryr options 1901675 - [sig-network] multicast when using one of the plugins 'redhat/openshift-ovs-multitenant, redhat/openshift-ovs-networkpolicy' should allow multicast traffic in namespaces where it is enabled 1901909 - The device plugin pods / cni pod are restarted every 5 minutes 1901982 - [sig-builds][Feature:Builds] build can reference a cluster service with a build being created from new-build should be able to run a build that references a cluster service 1902019 - when podTopologySpreadConstraint strategy is enabled for descheduler it throws error 1902059 - Wire a real signer for service accout issuer 1902091 - `cluster-image-registry-operator` pod leaves connections open when fails connecting S3 storage 1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service 1902157 - The DaemonSet machine-api-termination-handler couldn't allocate Pod 1902253 - MHC status doesnt set RemediationsAllowed = 0 1902299 - Failed to mirror operator catalog - error: destination registry required 1902545 - Cinder csi driver node pod should add nodeSelector for Linux 1902546 - Cinder csi driver node pod doesn't run on master node 1902547 - Cinder csi driver controller pod doesn't run on master node 1902552 - Cinder csi driver does not use the downstream images 1902595 - Project workloads list view doesn't show alert icon and hover message 1902600 - Container csi-snapshotter in Cinder csi driver needs to use ImagePullPolicy=IfNotPresent 1902601 - Cinder csi driver pods run as BestEffort qosClass 1902653 - [BM][IPI] Master deployment failed: No valid host was found. Reason: No conductor service registered which supports driver redfish for conductor group 1902702 - [sig-auth][Feature:LDAP][Serial] ldap group sync can sync groups from ldap: oc cp over non-existing directory/file fails 1902746 - [BM][IP] Master deployment failed - Base.1.0.GeneralError: database is locked 1902824 - failed to generate semver informed package manifest: unable to determine default channel 1902894 - hybrid-overlay-node crashing trying to get node object during initialization 1902969 - Cannot load vmi detail page 1902981 - It should default to current namespace when create vm from template 1902996 - [AWS] UPI on USGov, bootstrap machine can not fetch ignition file via s3:// URI 1903033 - duplicated lines of imageContentSources is seen when mirror release image to local registry 1903034 - OLM continuously printing debug logs 1903062 - [Cinder csi driver] Deployment mounted volume have no write access 1903078 - Deleting VolumeSnapshotClass makes VolumeSnapshot not Ready 1903107 - Enable vsphere-problem-detector e2e tests 1903164 - OpenShift YAML editor jumps to top every few seconds 1903165 - Improve Canary Status Condition handling for e2e tests 1903172 - Column Management: Fix sticky footer on scroll 1903186 - [Descheduler] cluster logs should report some info when PodTopologySpreadConstraints strategy is enabled 1903188 - [Descheduler] cluster log reports failed to validate server configuration" err="unsupported log format: 1903192 - Role name missing on create role binding form 1903196 - Popover positioning is misaligned for Overview Dashboard status items 1903206 - Ingress controller incorrectly routes traffic to non-ready pods/backends. 1903226 - MutatingWebhookConfiguration pod-identity-webhook does not exclude critical control-plane components 1903248 - Backport Upstream Static Pod UID patch 1903277 - Deprovisioning Not Deleting Security Groups [VpcLimitExceeded on e2e-aws tests] 1903290 - Kubelet repeatedly log the same log line from exited containers 1903346 - PV backed by FC lun is not being unmounted properly and this leads to IO errors / xfs corruption. 1903382 - Panic when task-graph is canceled with a TaskNode with no tasks 1903400 - Migrate a VM which is not running goes to pending state 1903402 - Nic/Disk on VMI overview should link to VMI's nic/disk page 1903414 - NodePort is not working when configuring an egress IP address 1903424 - mapi_machine_phase_transition_seconds_sum doesn't work 1903464 - "Evaluating rule failed" for "record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum" and "record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum" 1903639 - Hostsubnet gatherer produces wrong output 1903651 - Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service 1903660 - Cannot install with Assisted Installer on top of IPv6 since network provider is not started 1903674 - [sig-apps] ReplicationController should serve a basic image on each replica with a private image 1903717 - Handle different Pod selectors for metal3 Deployment 1903733 - Scale up followed by scale down can delete all running workers 1903917 - Failed to load "Developer Catalog" page 1903999 - Httplog response code is always zero 1904026 - The quota controllers should resync on new resources and make progress 1904064 - Automated cleaning is disabled by default 1904124 - DHCP to static lease script doesn't work correctly if starting with infinite leases 1904125 - Boostrap VM .ign image gets added into 'default' pool instead of <cluster-name>-<id>-bootstrap 1904131 - kuryr tempest plugin test test_ipblock_network_policy_sg_rules fails 1904133 - KubeletConfig flooded with failure conditions 1904161 - AlertmanagerReceiversNotConfigured fires unconditionally on alertmanager restart 1904243 - RHCOS 4.6.1 missing ISCSI initiatorname.iscsi ! 1904244 - MissingKey errors for two plugins using i18next.t 1904262 - clusterresourceoverride-operator has version: 1.0.0 every build 1904296 - VPA-operator has version: 1.0.0 every build 1904297 - The index image generated by "opm index prune" leaves unrelated images 1904305 - Should have scroll-down bar for the field which the values list has too many results under dashboards 1904385 - [oVirt] registry cannot mount volume on 4.6.4 -> 4.6.6 upgrade 1904497 - vsphere-problem-detector: Run on vSphere cloud only 1904501 - [Descheduler] descheduler does not evict any pod when PodTopologySpreadConstraint strategy is set 1904502 - vsphere-problem-detector: allow longer timeouts for some operations 1904503 - vsphere-problem-detector: emit alerts 1904538 - [sig-arch][Early] Managed cluster should start all core operators: monitoring: container has runAsNonRoot and image has non-numeric user (nobody) 1904578 - metric scraping for vsphere problem detector is not configured 1904582 - All application traffic broken due to unexpected load balancer change on 4.6.4 -> 4.6.6 upgrade 1904663 - IPI pointer customization MachineConfig always generated 1904679 - [Feature:ImageInfo] Image info should display information about images 1904683 - `[sig-builds][Feature:Builds] s2i build with a root user image` tests use docker.io image 1904684 - [sig-cli] oc debug ensure it works with image streams 1904713 - Helm charts with kubeVersion restriction are filtered incorrectly 1904776 - Snapshot modal alert is not pluralized 1904824 - Set vSphere hostname from guestinfo before NM starts 1904941 - Insights status is always showing a loading icon 1904973 - KeyError: 'nodeName' on NP deletion 1904985 - Prometheus and thanos sidecar targets are down 1904993 - Many ampersand special characters are found in strings 1905066 - QE - Monitoring test cases - smoke test suite automation 1905074 - QE -Gherkin linter to maintain standards 1905100 - Too many haproxy processes in default-router pod causing high load average 1905104 - Snapshot modal disk items missing keys 1905115 - CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm 1905119 - Race in AWS EBS determining whether custom CA bundle is used 1905128 - [e2e][automation] e2e tests succeed without actually execute 1905133 - operator conditions special-resource-operator 1905141 - vsphere-problem-detector: report metrics through telemetry 1905146 - Backend Tests: TestHelmRepoGetter_SkipDisabled failures 1905194 - Detecting broken connections to the Kube API takes up to 15 minutes 1905221 - CVO transitions from "Initializing" to "Updating" despite not attempting many manifests 1905232 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them failing due to inconsistent images between CI and OCP 1905253 - Inaccurate text at bottom of Events page 1905298 - openshift-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory 1905299 - OLM fails to update operator 1905307 - Provisioning CR is missing from must-gather 1905319 - cluster-samples-operator containers are not requesting required memory resource 1905320 - csi-snapshot-webhook is not requesting required memory resource 1905323 - dns-operator is not requesting required memory resource 1905324 - ingress-operator is not requesting required memory resource 1905327 - openshift-kube-scheduler initContainer wait-for-host-port is not requesting required resources: cpu, memory 1905328 - Changing the bound token service account issuer invalids previously issued bound tokens 1905329 - openshift-oauth-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory 1905330 - openshift-monitoring init-textfile is not requesting required resources: cpu, memory 1905338 - QE -Cypress Automation for Add Flow - Database, Yaml, OperatorBacked, PageDetails 1905347 - QE - Design Gherkin Scenarios 1905348 - QE - Design Gherkin Scenarios 1905362 - [sriov] Error message 'Fail to update DaemonSet' always shown in sriov operator pod 1905368 - [sriov] net-attach-def generated from sriovnetwork cannot be restored once it was deleted 1905370 - A-Z/Z-A sorting dropdown on Developer Catalog page is not aligned with filter text input 1905380 - Default to Red Hat/KubeVirt provider if common template does not have provider annotation 1905393 - CMO uses rbac.authorization.k8s.io/v1beta1 instead of rbac.authorization.k8s.io/v1 1905404 - The example of "Remove the entrypoint on the mysql:latest image" for `oc image append` does not work 1905416 - Hyperlink not working from Operator Description 1905430 - usbguard extension fails to install because of missing correct protobuf dependency version 1905492 - The stalld service has a higher scheduler priority than ksoftirq and rcu{b, c} threads 1905502 - Test flake - unable to get https transport for ephemeral-registry 1905542 - [GSS] The "External" mode option is not available when the OCP cluster is deployed using Redhat Cluster Assisted Installer 4.6. 1905599 - Errant change to lastupdatetime in copied CSV status can trigger runaway csv syncs 1905610 - Fix typo in export script 1905621 - Protractor login test fails against a 4.7 (nightly) Power cluster 1905640 - Subscription manual approval test is flaky 1905647 - Report physical core valid-for-subscription min/max/cumulative use to telemetry 1905696 - ClusterMoreUpdatesModal component did not get internationalized 1905748 - with sharded ingresscontrollers, all shards reload when any endpoint changes 1905761 - NetworkPolicy with Egress policyType is resulting in SDN errors and improper communication within Project 1905778 - inconsistent ingresscontroller between fresh installed cluster and upgraded cluster 1905792 - [OVN]Cannot create egressfirewalll with dnsName 1905889 - Should create SA for each namespace that the operator scoped 1905920 - Quickstart exit and restart 1905941 - Page goes to error after create catalogsource 1905977 - QE ghaekin design scenaio-pipeline metrics ODC-3711 1906032 - Canary Controller: Canary daemonset rolls out slowly in large clusters 1906100 - Disconnected cluster upgrades are failing from the cli, when signature retrieval is being blackholed instead of quickly rejected 1906105 - CBO annotates an existing Metal3 deployment resource to indicate that it is managing it 1906118 - OCS feature detection constantly polls storageclusters and storageclasses 1906120 - 'Create Role Binding' form not setting user or group value when created from a user or group resource 1906121 - [oc] After new-project creation, the kubeconfig file does not set the project 1906134 - OLM should not create OperatorConditions for copied CSVs 1906143 - CBO supports log levels 1906186 - i18n: Translators are not able to translate `this` without context for alert manager config 1906228 - tuned and openshift-tuned sometimes do not terminate gracefully, slowing reboots 1906274 - StorageClass installed by Cinder csi driver operator should enable the allowVolumeExpansion to support volume resize. 1906276 - `oc image append` can't work with multi-arch image with --filter-by-os='.*' 1906318 - use proper term for Authorized SSH Keys 1906335 - The lastTransitionTime, message, reason field of operatorcondition should be optional 1906356 - Unify Clone PVC boot source flow with URL/Container boot source 1906397 - IPA has incorrect kernel command line arguments 1906441 - HorizontalNav and NavBar have invalid keys 1906448 - Deploy using virtualmedia with provisioning network disabled fails - 'Failed to connect to the agent' in ironic-conductor log 1906459 - openstack: Quota Validation fails if unlimited quotas are given to a project 1906496 - [BUG] Thanos having possible memory leak consuming huge amounts of node's memory and killing them 1906508 - TestHeaderNameCaseAdjust outputs nil error message on some failures 1906511 - Root reprovisioning tests flaking often in CI 1906517 - Validation is not robust enough and may prevent to generate install-confing. 1906518 - Update snapshot API CRDs to v1 1906519 - Update LSO CRDs to use v1 1906570 - Number of disruptions caused by reboots on a cluster cannot be measured 1906588 - [ci][sig-builds] nodes is forbidden: User "e2e-test-jenkins-pipeline-xfghs-user" cannot list resource "nodes" in API group "" at the cluster scope 1906650 - Cannot collect network policy, EgressFirewall, egressip logs with gather_network_logs 1906655 - [SDN]Cannot colloect ovsdb-server.log and ovs-vswitchd.log with gather_network_logs 1906679 - quick start panel styles are not loaded 1906683 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber 1906684 - Event Source creation fails if user selects no app group and switch to yaml and then to form 1906685 - SinkBinding is shown in topology view if underlying resource along with actual source created 1906689 - user can pin to nav configmaps and secrets multiple times 1906691 - Add doc which describes disabling helm chart repository 1906713 - Quick starts not accesible for a developer user 1906718 - helm chart "provided by Redhat" is misspelled 1906732 - Machine API proxy support should be tested 1906745 - Update Helm endpoints to use Helm 3.4.x 1906760 - performance issues with topology constantly re-rendering 1906766 - localized `Autoscaled` & `Autoscaling` pod texts overlap with the pod ring 1906768 - Virtualization nav item is incorrectly placed in the Admin Workloads section 1906769 - topology fails to load with non-kubeadmin user 1906770 - shortcuts on mobiles view occupies a lot of space 1906798 - Dev catalog customization doesn't update console-config ConfigMap 1906806 - Allow installing extra packages in ironic container images 1906808 - [test-disabled] ServiceAccounts should support OIDC discovery of service account issuer 1906835 - Topology view shows add page before then showing full project workloads 1906840 - ClusterOperator should not have status "Updating" if operator version is the same as the release version 1906844 - EndpointSlice and EndpointSliceProxying feature gates should be disabled for openshift-sdn kube-proxy 1906860 - Bump kube dependencies to v1.20 for Net Edge components 1906864 - Quick Starts Tour: Need to adjust vertical spacing 1906866 - Translations of Sample-Utils 1906871 - White screen when sort by name in monitoring alerts page 1906872 - Pipeline Tech Preview Badge Alignment 1906875 - Provide an option to force backup even when API is not available. 1906877 - Placeholder' value in search filter do not match column heading in Vulnerabilities 1906879 - Add missing i18n keys 1906880 - oidcdiscoveryendpoint controller invalidates all TokenRequest API tokens during install 1906896 - No Alerts causes odd empty Table (Need no content message) 1906898 - Missing User RoleBindings in the Project Access Web UI 1906899 - Quick Start - Highlight Bounding Box Issue 1906916 - Teach CVO about flowcontrol.apiserver.k8s.io/v1beta1 1906933 - Cluster Autoscaler should have improved mechanisms for group identifiers 1906935 - Delete resources when Provisioning CR is deleted 1906968 - Must-gather should support collecting kubernetes-nmstate resources 1906986 - Ensure failed pod adds are retried even if the pod object doesn't change 1907199 - Need to upgrade machine-api-operator module version under cluster-api-provider-kubevirt 1907202 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change 1907211 - beta promotion of p&f switched storage version to v1beta1, making downgrades impossible. 1907269 - Tooltips data are different when checking stack or not checking stack for the same time 1907280 - Install tour of OCS not available. 1907282 - Topology page breaks with white screen 1907286 - The default mhc machine-api-termination-handler couldn't watch spot instance 1907287 - [csi-snapshot-webhook] should support both v1beta1 and v1 version when creating volumesnapshot/volumesnapshotcontent 1907293 - Increase timeouts in e2e tests 1907295 - Gherkin script for improve management for helm 1907299 - Advanced Subscription Badge for KMS and Arbiter not present 1907303 - Align VM template list items by baseline 1907304 - Use PF styles for selected template card in VM Wizard 1907305 - Drop 'ISO' from CDROM boot source message 1907307 - Support and provider labels should be passed on between templates and sources 1907310 - Pin action should be renamed to favorite 1907312 - VM Template source popover is missing info about added date 1907313 - ClusterOperator objects cannot be overriden with cvo-overrides 1907328 - iproute-tc package is missing in ovn-kube image 1907329 - CLUSTER_PROFILE env. variable is not used by the CVO 1907333 - Node stuck in degraded state, mcp reports "Failed to remove rollback: error running rpm-ostree cleanup -r: error: Timeout was reached" 1907373 - Rebase to kube 1.20.0 1907375 - Bump to latest available 1.20.x k8s - workloads team 1907378 - Gather netnamespaces networking info 1907380 - kube-rbac-proxy exposes tokens, has excessive verbosity 1907381 - OLM fails to deploy an operator if its deployment template contains a description annotation that doesn't match the CSV one 1907390 - prometheus-adapter: panic after k8s 1.20 bump 1907399 - build log icon link on topology nodes cause app to reload 1907407 - Buildah version not accessible 1907421 - [4.6.1]oc-image-mirror command failed on "error: unable to copy layer" 1907453 - Dev Perspective -> running vm details -> resources -> no data 1907454 - Install PodConnectivityCheck CRD with CNO 1907459 - "The Boot source is also maintained by Red Hat." is always shown for all boot sources 1907475 - Unable to estimate the error rate of ingress across the connected fleet 1907480 - `Active alerts` section throwing forbidden error for users. 1907518 - Kamelets/Eventsource should be shown to user if they have create access 1907543 - Korean timestamps are shown when users' language preferences are set to German-en-en-US 1907610 - Update kubernetes deps to 1.20 1907612 - Update kubernetes deps to 1.20 1907621 - openshift/installer: bump cluster-api-provider-kubevirt version 1907628 - Installer does not set primary subnet consistently 1907632 - Operator Registry should update its kubernetes dependencies to 1.20 1907639 - pass dual-stack node IPs to kubelet in dual-stack clusters 1907644 - fix up handling of non-critical annotations on daemonsets/deployments 1907660 - Pod list does not render cell height correctly when pod names are too long (dynamic table rerendering issue?) 1907670 - CVE-2020-27846 crewjam/saml: authentication bypass in saml authentication 1907671 - Ingress VIP assigned to two infra nodes simultaneously - keepalived process running in pods seems to fail 1907767 - [e2e][automation]update test suite for kubevirt plugin 1907770 - Recent RHCOS 47.83 builds (from rhcos-47.83.202012072210-0 on) don't allow master and worker nodes to boot 1907792 - The `overrides` of the OperatorCondition cannot block the operator upgrade 1907793 - Surface support info in VM template details 1907812 - 4.7 to 4.6 downgrade stuck in clusteroperator storage 1907822 - [OCP on OSP] openshift-install panic when checking quota with install-config have no flavor set 1907863 - Quickstarts status not updating when starting the tour 1907872 - dual stack with an ipv6 network fails on bootstrap phase 1907874 - QE - Design Gherkin Scenarios for epic ODC-5057 1907875 - No response when try to expand pvc with an invalid size 1907876 - Refactoring record package to make gatherer configurable 1907877 - QE - Automation- pipelines builder scripts 1907883 - Fix Pipleine creation without namespace issue 1907888 - Fix pipeline list page loader 1907890 - Misleading and incomplete alert message shown in pipeline-parameters and pipeline-resources form 1907892 - Unable to edit application deployed using "From Devfile" option 1907893 - navSortUtils.spec.ts unit test failure 1907896 - When a workload is added, Topology does not place the new items well 1907908 - VM Wizard always uses VirtIO for the VM rootdisk regardless what is defined in common-template 1907924 - Enable madvdontneed in OpenShift Images 1907929 - Enable madvdontneed in OpenShift System Components Part 2 1907936 - NTO is not reporting nto_profile_set_total metrics correctly after reboot 1907947 - The kubeconfig saved in tenantcluster shouldn't include anything that is not related to the current context 1907948 - OCM-O bump to k8s 1.20 1907952 - bump to k8s 1.20 1907972 - Update OCM link to open Insights tab 1907989 - DataVolumes was intorduced in common templates - VM creation fails in the UI 1907998 - Gather kube_pod_resource_request/limit metrics as exposed in upstream KEP 1916 1908001 - [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in egress-router-cni 1908014 - e2e-aws-ansible and e2e-aws-helm are broken in ocp-release-operator-sdk 1908035 - dynamic-demo-plugin build does not generate dist directory 1908135 - quick search modal is not centered over topology 1908145 - kube-scheduler-recovery-controller container crash loop when router pod is co-scheduled 1908159 - [AWS C2S] MCO fails to sync cloud config 1908171 - GCP: Installation fails when installing cluster with n1-custom-4-16384custom type (n1-custom-4-16384) 1908180 - Add source for template is stucking in preparing pvc 1908217 - CI: Server-Side Apply should work for oauth.openshift.io/v1: has no tokens 1908231 - [Migration] The pods ovnkube-node are in CrashLoopBackOff after SDN to OVN 1908277 - QE - Automation- pipelines actions scripts 1908280 - Documentation describing `ignore-volume-az` is incorrect 1908296 - Fix pipeline builder form yaml switcher validation issue 1908303 - [CVE-2020-28367 CVE-2020-28366] Remove CGO flag from rhel Dockerfile in Egress-Router-CNI 1908323 - Create button missing for PLR in the search page 1908342 - The new pv_collector_total_pv_count is not reported via telemetry 1908344 - [vsphere-problem-detector] CheckNodeProviderID and CheckNodeDiskUUID have the same name 1908347 - CVO overwrites ValidatingWebhookConfiguration for snapshots 1908349 - Volume snapshot tests are failing after 1.20 rebase 1908353 - QE - Automation- pipelines runs scripts 1908361 - bump to k8s 1.20 1908367 - QE - Automation- pipelines triggers scripts 1908370 - QE - Automation- pipelines secrets scripts 1908375 - QE - Automation- pipelines workspaces scripts 1908381 - Go Dependency Fixes for Devfile Lib 1908389 - Loadbalancer Sync failing on Azure 1908400 - Tests-e2e, increase timeouts, re-add TestArchiveUploadedAndResultsReceived 1908407 - Backport Upstream 95269 to fix potential crash in kubelet 1908410 - Exclude Yarn from VSCode search 1908425 - Create Role Binding form subject type and name are undefined when All Project is selected 1908431 - When the marketplace-operator pod get's restarted, the custom catalogsources are gone, as well as the pods 1908434 - Remove &apos from metal3-plugin internationalized strings 1908437 - Operator backed with no icon has no badge associated with the CSV tag 1908459 - bump to k8s 1.20 1908461 - Add bugzilla component to OWNERS file 1908462 - RHCOS 4.6 ostree removed dhclient 1908466 - CAPO AZ Screening/Validating 1908467 - Zoom in and zoom out in topology package should be sentence case 1908468 - [Azure][4.7] Installer can't properly parse instance type with non integer memory size 1908469 - nbdb failed to come up while bringing up OVNKubernetes cluster 1908471 - OLM should bump k8s dependencies to 1.20 1908484 - oc adm release extract --cloud=aws --credentials-requests dumps all manifests 1908493 - 4.7-e2e-metal-ipi-ovn-dualstack intermittent test failures, worker hostname is overwritten by NM 1908545 - VM clone dialog does not open 1908557 - [e2e][automation]Miss css id on bootsource and reviewcreate step on wizard 1908562 - Pod readiness is not being observed in real world cases 1908565 - [4.6] Cannot filter the platform/arch of the index image 1908573 - Align the style of flavor 1908583 - bootstrap does not run on additional networks if configured for master in install-config 1908596 - Race condition on operator installation 1908598 - Persistent Dashboard shows events for all provisioners 1908641 - Go back to Catalog Page link on Virtual Machine page vanishes on empty state 1908648 - Skip TestKernelType test on OKD, adjust TestExtensions 1908650 - The title of customize wizard is inconsistent 1908654 - cluster-api-provider: volumes and disks names shouldn't change by machine-api-operator 1908675 - Reenable [sig-storage] CSI mock volume CSI FSGroupPolicy [LinuxOnly] should modify fsGroup if fsGroupPolicy=default [Suite:openshift/conformance/parallel] [Suite:k8s] 1908687 - Option to save user settings separate when using local bridge (affects console developers only) 1908697 - Show `kubectl diff ` command in the oc diff help page 1908715 - Pressing the arrow up key when on topmost quick-search list item it should loop back to bottom 1908716 - UI breaks on click of sidebar of ksvc (if revisions not up) in topology on 4.7 builds 1908717 - "missing unit character in duration" error in some network dashboards 1908746 - [Safari] Drop Shadow doesn't works as expected on hover on workload 1908747 - stale S3 CredentialsRequest in CCO manifest 1908758 - AWS: NLB timeout value is rejected by AWS cloud provider after 1.20 rebase 1908830 - RHCOS 4.6 - Missing Initiatorname 1908868 - Update empty state message for EventSources and Channels tab 1908880 - 4.7 aws-serial CI: NoExecuteTaintManager Single Pod [Serial] eventually evict pod with finite tolerations from tainted nodes 1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference 1908888 - Dualstack does not work with multiple gateways 1908889 - Bump CNO to k8s 1.20 1908891 - TestDNSForwarding DNS operator e2e test is failing frequently 1908914 - CNO: upgrade nodes before masters 1908918 - Pipeline builder yaml view sidebar is not responsive 1908960 - QE - Design Gherkin Scenarios 1908971 - Gherkin Script for pipeline debt 4.7 1908983 - i18n: Add Horizontal Pod Autoscaler action menu is not translated 1908997 - Unsupported access mode should not be available when creating pvc by cinder-csi-driver/gcp-pd-csi-driver from web-console 1908998 - [cinder-csi-driver] doesn't detect the credentials change 1909004 - "No datapoints found" for RHEL node's filesystem graph 1909005 - i18n: workloads list view heading is not translated 1909012 - csi snapshot webhook does not block any invalid update for volumesnapshot and volumesnapshotcontent objects 1909027 - Disks option of Sectected capacity chart shows HDD disk even on selection of SDD disk type 1909043 - OCP + OCS 4.7 Internal - Storage cluster creation throws warning when zone=0 in VMware 1909067 - Web terminal should keep latest output when connection closes 1909070 - PLR and TR Logs component is not streaming as fast as tkn 1909092 - Error Message should not confuse user on Channel form 1909096 - OCP 4.7+OCS 4.7 - The Requested Cluster Capacity field needs to include the selected capacity in calculation in Review and Create Page 1909108 - Machine API components should use 1.20 dependencies 1909116 - Catalog Sort Items dropdown is not aligned on Firefox 1909198 - Move Sink action option is not working 1909207 - Accessibility Issue on monitoring page 1909236 - Remove pinned icon overlap on resource name 1909249 - Intermittent packet drop from pod to pod 1909276 - Accessibility Issue on create project modal 1909289 - oc debug of an init container no longer works 1909290 - Logging may be broken due to mix of k8s.io/klog v1 and v2 1909358 - registry.redhat.io/redhat/community-operator-index:latest only have hyperfoil-bundle 1909453 - Boot disk RAID can corrupt ESP if UEFI firmware writes to it 1909455 - Boot disk RAID will not boot if the primary disk enumerates but fails I/O 1909464 - Build operator-registry with golang-1.15 1909502 - NO_PROXY is not matched between bootstrap and global cluster setting which lead to desired master machineconfig is not found 1909521 - Add kubevirt cluster type for e2e-test workflow 1909527 - [IPI Baremetal] After upgrade from 4.6 to 4.7 metal3 pod does not get created 1909587 - [OCP4] all of the OCP master nodes with soft-anti-affinity run on the same OSP node 1909610 - Fix available capacity when no storage class selected 1909678 - scale up / down buttons available on pod details side panel 1909723 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART 1909730 - unbound variable error if EXTRA_PKGS_LIST is not defined 1909739 - Arbiter request data changes 1909744 - cluster-api-provider-openstack: Bump gophercloud 1909790 - PipelineBuilder yaml view cannot be used for editing a pipeline 1909791 - Update standalone kube-proxy config for EndpointSlice 1909792 - Empty states for some details page subcomponents are not i18ned 1909815 - Perspective switcher is only half-i18ned 1909821 - OCS 4.7 LSO installation blocked because of Error "Invalid value: "integer": spec.flexibleScaling in body 1909836 - operator-install-global Cypress test was failing in OLM as it depends on an operator that isn't installed in CI 1909864 - promote-release-openshift-machine-os-content-e2e-aws-4.5 is perm failing 1909911 - [OVN]EgressFirewall caused a segfault 1909943 - Upgrade from 4.6 to 4.7 stuck due to write /sys/devices/xxxx/block/sda/queue/scheduler: invalid argument 1909958 - Support Quick Start Highlights Properly 1909978 - ignore-volume-az = yes not working on standard storageClass 1909981 - Improve statement in template select step 1909992 - Fail to pull the bundle image when using the private index image 1910024 - Reload issue in latest(4.7) UI code on 4.6 cluster locally in dev 1910036 - QE - Design Gherkin Scenarios ODC-4504 1910049 - UPI: ansible-galaxy is not supported 1910127 - [UPI on oVirt]: Improve UPI Documentation 1910140 - fix the api dashboard with changes in upstream kube 1.20 1910160 - If two OperatorConditions include the same deployments they will keep updating the deployment's containers with the OPERATOR_CONDITION_NAME Environment Variable 1910165 - DHCP to static lease script doesn't handle multiple addresses 1910305 - [Descheduler] - The minKubeVersion should be 1.20.0 1910409 - Notification drawer is not localized for i18n 1910459 - Could not provision gcp volume if delete secret gcp-pd-cloud-credentials 1910492 - KMS details are auto-populated on the screen in next attempt at Storage cluster creation 1910501 - Installed Operators->Operand required: Clicking on cancel in Storage cluster page takes back to the Install Operator page 1910533 - [OVN] It takes about 5 minutes for EgressIP failover to work 1910581 - library-go: proxy ENV is not injected into csi-driver-controller which lead to storage operator never get ready 1910666 - Creating a Source Secret from type SSH-Key should use monospace font for better usability 1910738 - OCP 4.7 Installation fails on VMWare due to 1 worker that is degraded 1910739 - Redfish-virtualmedia (idrac) deploy fails on "The Virtual Media image server is already connected" 1910753 - Support Directory Path to Devfile 1910805 - Missing translation for Pipeline status and breadcrumb text 1910829 - Cannot delete a PVC if the dv's phase is WaitForFirstConsumer 1910840 - Show Nonexistent command info in the `oc rollback -h` help page 1910859 - breadcrumbs doesn't use last namespace 1910866 - Unify templates string 1910870 - Unify template dropdown action 1911016 - Prometheus unable to mount NFS volumes after upgrading to 4.6 1911129 - Monitoring charts renders nothing when switching from a Deployment to "All workloads" 1911176 - [MSTR-998] Wrong text shown when hovering on lines of charts in API Performance dashboard 1911212 - [MSTR-998] API Performance Dashboard "Period" drop-down has a choice "$__auto_interval_period" which can bring "1:154: parse error: missing unit character in duration" 1911213 - Wrong and misleading warning for VMs that were created manually (not from template) 1911257 - [aws-c2s] failed to create cluster, kube-cloud-config was not created 1911269 - waiting for the build message present when build exists 1911280 - Builder images are not detected for Dotnet, Httpd, NGINX 1911307 - Pod Scale-up requires extra privileges in OpenShift web-console 1911381 - "Select Persistent Volume Claim project" shows in customize wizard when select a source available template 1911382 - "source volumeMode (Block) and target volumeMode (Filesystem) do not match" shows in VM Error 1911387 - Hit error - "Cannot read property 'value' of undefined" while creating VM from template 1911408 - [e2e][automation] Add auto-clone cli tests and new flow of VM creation 1911418 - [v2v] The target storage class name is not displayed if default storage class is used 1911434 - git ops empty state page displays icon with watermark 1911443 - SSH Cretifiaction field should be validated 1911465 - IOPS display wrong unit 1911474 - Devfile Application Group Does Not Delete Cleanly (errors) 1911487 - Pruning Deployments should use ReplicaSets instead of ReplicationController 1911574 - Expose volume mode on Upload Data form 1911617 - [CNV][UI] Failure to add source to VM template when no default storage class is defined 1911632 - rpm-ostree command fail due to wrong options when updating ocp-4.6 to 4.7 on worker nodes with rt-kernel 1911656 - using 'operator-sdk run bundle' to install operator successfully, but the command output said 'Failed to run bundle'' 1911664 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state 1911782 - Descheduler should not evict pod used local storage by the PVC 1911796 - uploading flow being displayed before submitting the form 1912066 - The ansible type operator's manager container is not stable when managing the CR 1912077 - helm operator's default rbac forbidden 1912115 - [automation] Analyze job keep failing because of 'JavaScript heap out of memory' 1912237 - Rebase CSI sidecars for 4.7 1912381 - [e2e][automation] Miss css ID on Create Network Attachment Definition page 1912409 - Fix flow schema deployment 1912434 - Update guided tour modal title 1912522 - DNS Operator e2e test: TestCoreDNSImageUpgrade is fundamentally broken 1912523 - Standalone pod status not updating in topology graph 1912536 - Console Plugin CR for console-demo-plugin has wrong apiVersion 1912558 - TaskRun list and detail screen doesn't show Pending status 1912563 - p&f: carry 97206: clean up executing request on panic 1912565 - OLM macOS local build broken by moby/term dependency 1912567 - [OCP on RHV] Node becomes to 'NotReady' status when shutdown vm from RHV UI only on the second deletion 1912577 - 4.1/4.2->4.3->...-> 4.7 upgrade is stuck during 4.6->4.7 with co/openshift-apiserver Degraded, co/network not Available and several other components pods CrashLoopBackOff 1912590 - publicImageRepository not being populated 1912640 - Go operator's controller pods is forbidden 1912701 - Handle dual-stack configuration for NIC IP 1912703 - multiple queries can't be plotted in the same graph under some conditons 1912730 - Operator backed: In-context should support visual connector if SBO is not installed 1912828 - Align High Performance VMs with High Performance in RHV-UI 1912849 - VM from wizard - default flavor does not match the actual flavor set by common templates 1912852 - VM from wizard - available VM templates - "storage" field is "0 B" 1912888 - recycler template should be moved to KCM operator 1912907 - Helm chart repository index can contain unresolvable relative URL's 1912916 - Set external traffic policy to cluster for IBM platform 1912922 - Explicitly specifying the operator generated default certificate for an ingress controller breaks the ingress controller 1912938 - Update confirmation modal for quick starts 1912942 - cluster-storage-operator: proxy ENV is not injected into vsphere-problem-detector deployment 1912944 - cluster-storage-operator: proxy ENV is not injected into Manila CSI driver operator deployment 1912945 - aws-ebs-csi-driver-operator: proxy ENV is not injected into the CSI driver 1912946 - gcp-pd-csi-driver-operator: proxy ENV is not injected into the CSI driver 1912947 - openstack-cinder-csi-driver-operator: proxy ENV is not injected into the CSI driver 1912948 - csi-driver-manila-operator: proxy ENV is not injected into the CSI driver 1912949 - ovirt-csi-driver-operator: proxy ENV is not injected into the CSI driver 1912977 - rebase upstream static-provisioner 1913006 - Remove etcd v2 specific alerts with etcd_http* metrics 1913011 - [OVN] Pod's external traffic not use egressrouter macvlan ip as a source ip 1913037 - update static-provisioner base image 1913047 - baremetal clusteroperator progressing status toggles between true and false when cluster is in a steady state 1913085 - Regression OLM uses scoped client for CRD installation 1913096 - backport: cadvisor machine metrics are missing in k8s 1.19 1913132 - The installation of Openshift Virtualization reports success early before it 's succeeded eventually 1913154 - Upgrading to 4.6.10 nightly failed with RHEL worker nodes: Failed to find /dev/disk/by-label/root 1913196 - Guided Tour doesn't handle resizing of browser 1913209 - Support modal should be shown for community supported templates 1913226 - [Migration] The SDN migration rollback failed if customize vxlanPort 1913249 - update info alert this template is not aditable 1913285 - VM list empty state should link to virtualization quick starts 1913289 - Rebase AWS EBS CSI driver for 4.7 1913292 - OCS 4.7 Installation failed over vmware when arbiter was enabled, as flexibleScaling is also getting enabled 1913297 - Remove restriction of taints for arbiter node 1913306 - unnecessary scroll bar is present on quick starts panel 1913325 - 1.20 rebase for openshift-apiserver 1913331 - Import from git: Fails to detect Java builder 1913332 - Pipeline visualization breaks the UI when multiple taskspecs are used 1913343 - (release-4.7) Added changelog file for insights-operator 1913356 - (release-4.7) Implemented gathering specific logs from openshift apiserver operator 1913371 - Missing i18n key "Administrator" in namespace "console-app" and language "en." 1913386 - users can see metrics of namespaces for which they don't have rights when monitoring own services with prometheus user workloads 1913420 - Time duration setting of resources is not being displayed 1913536 - 4.6.9 -> 4.7 upgrade hangs. RHEL 7.9 worker stuck on "error enabling unit: Failed to execute operation: File exists\\n\" 1913554 - Recording rule for ingress error fraction SLI is incorrect, uses irate instead of increase 1913560 - Normal user cannot load template on the new wizard 1913563 - "Virtual Machine" is not on the same line in create button when logged with normal user 1913567 - Tooltip data should be same for line chart or stacked chart, display data value same as the table 1913568 - Normal user cannot create template 1913582 - [Migration]SDN to OVN migration stucks on MCO for rhel worker 1913585 - Topology descriptive text fixes 1913608 - Table data contains data value None after change time range in graph and change back 1913651 - Improved Red Hat image and crashlooping OpenShift pod collection 1913660 - Change location and text of Pipeline edit flow alert 1913685 - OS field not disabled when creating a VM from a template 1913716 - Include additional use of existing libraries 1913725 - Refactor Insights Operator Plugin states 1913736 - Regression: fails to deploy computes when using root volumes 1913747 - Update operator to kubernetes 1.20.1 to pickup upstream fixes 1913751 - add third-party network plugin test suite to openshift-tests 1913783 - QE-To fix the merging pr issue, commenting the afterEach() block 1913807 - Template support badge should not be shown for community supported templates 1913821 - Need definitive steps about uninstalling descheduler operator 1913851 - Cluster Tasks are not sorted in pipeline builder 1913864 - BuildConfig YAML template references ruby ImageStreamTag that no longer exists 1913951 - Update the Devfile Sample Repo to an Official Repo Host 1913960 - Cluster Autoscaler should use 1.20 dependencies 1913969 - Field dependency descriptor can sometimes cause an exception 1914060 - Disk created from 'Import via Registry' cannot be used as boot disk 1914066 - [sriov] sriov dp pod crash when delete ovs HW offload policy 1914090 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks) 1914119 - vsphere problem detector operator has no permission to update storages.operator.openshift.io instances 1914125 - Still using /dev/vde as default device path when create localvolume 1914183 - Empty NAD page is missing link to quickstarts 1914196 - target port in `from dockerfile` flow does nothing 1914204 - Creating VM from dev perspective may fail with template not found error 1914209 - Associate image secret name to pipeline serviceaccount imagePullSecrets 1914212 - [e2e][automation] Add test to validate bootable disk souce 1914250 - ovnkube-node fails on master nodes when both DHCPv6 and SLAAC addresses are configured on nodes 1914284 - Upgrade to OCP 4.6.9 results in cluster-wide DNS and connectivity issues due to bad NetworkPolicy flows 1914287 - Bring back selfLink 1914301 - User VM Template source should show the same provider as template itself 1914303 - linuxptp-daemon is not forwarding ptp4l stderr output to openshift logs 1914309 - /terminal page when WTO not installed shows nonsensical error 1914334 - order of getting started samples is arbitrary 1914343 - [sig-imageregistry][Feature:ImageTriggers] Annotation trigger reconciles after the image is overwritten [Suite:openshift/conformance/parallel] timeout on s390x 1914349 - Increase and decrease buttons in max and min pods in HPA page has distorted UI 1914405 - Quick search modal should be opened when coming back from a selection 1914407 - Its not clear that node-ca is running as non-root 1914427 - Count of pods on the dashboard is incorrect 1914439 - Typo in SRIOV port create command example 1914451 - cluster-storage-operator pod running as root 1914452 - oc image append, oc image extract outputs wrong suggestion to use --keep-manifest-list=true 1914642 - Customize Wizard Storage tab does not pass validation 1914723 - SamplesTBRInaccessibleOnBoot Alert has a misspelling 1914793 - device names should not be translated 1914894 - Warn about using non-groupified api version 1914926 - webdriver-manager pulls incorrect version of ChomeDriver due to a bug 1914932 - Put correct resource name in relatedObjects 1914938 - PVC disk is not shown on customization wizard general tab 1914941 - VM Template rootdisk is not deleted after fetching default disk bus 1914975 - Collect logs from openshift-sdn namespace 1915003 - No estimate of average node readiness during lifetime of a cluster 1915027 - fix MCS blocking iptables rules 1915041 - s3:ListMultipartUploadParts is relied on implicitly 1915079 - Canary controller should not periodically rotate the canary route endpoint for performance reasons 1915080 - Large number of tcp connections with shiftstack ocp cluster in about 24 hours 1915085 - Pods created and rapidly terminated get stuck 1915114 - [aws-c2s] worker machines are not create during install 1915133 - Missing default pinned nav items in dev perspective 1915176 - Update snapshot API CRDs to v1 in web-console when creating volumesnapshot related resource 1915187 - Remove the "Tech preview" tag in web-console for volumesnapshot 1915188 - Remove HostSubnet anonymization 1915200 - [OCP 4.7+ OCS 4.6]Arbiter related Note should not show up during UI deployment 1915217 - OKD payloads expect to be signed with production keys 1915220 - Remove dropdown workaround for user settings 1915235 - Failed to upgrade to 4.7 from 4.6 due to the machine-config failure 1915262 - When deploying with assisted install the CBO operator is installed and enabled without metal3 pod 1915277 - [e2e][automation]fix cdi upload form test 1915295 - [BM][IP][Dualstack] Installation failed - operators report dial tcp 172.30.0.1:443: i/o timeout 1915304 - Updating scheduling component builder & base images to be consistent with ART 1915312 - Prevent schedule Linux openshift-network-diagnostics pod on Windows node 1915318 - [Metal] bareMetal IPI - cannot interact with toolbox container after first execution only in parallel from different connection 1915348 - [RFE] linuxptp operator needs to expose the uds_address_socket to be used by an application pod 1915357 - Dev Catalog doesn't load anything if virtualization operator is installed 1915379 - New template wizard should require provider and make support input a dropdown type 1915408 - Failure in operator-registry kind e2e test 1915416 - [Descheduler] descheduler evicts pod which does not have any ownerRef or descheduler evict annotation 1915460 - Cluster name size might affect installations 1915500 - [aws c2s] kube-controller-manager crash loops trying to fetch the AWS instance 1915540 - Silent 4.7 RHCOS install failure on ppc64le 1915579 - [Metal] redhat-support-tool became unavailable after tcpdump usage (BareMetal IPI) 1915582 - p&f: carry upstream pr 97860 1915594 - [e2e][automation] Improve test for disk validation 1915617 - Bump bootimage for various fixes 1915624 - "Please fill in the following field: Template provider" blocks customize wizard 1915627 - Translate Guided Tour text. 1915643 - OCP4.6 to 4.7 upgrade failed due to manila csi driver operator sync error 1915647 - Intermittent White screen when the connector dragged to revision 1915649 - "Template support" pop up is not a warning; checkbox text should be rephrased 1915654 - [e2e][automation] Add a verification for Afinity modal should hint "Matching node found" 1915661 - Can't run the 'oc adm prune' command in a pod 1915672 - Kuryr doesn't work with selfLink disabled. 1915674 - Golden image PVC creation - storage size should be taken from the template 1915685 - Message for not supported template is not clear enough 1915760 - Need to increase timeout to wait rhel worker get ready 1915793 - quick starts panel syncs incorrectly across browser windows 1915798 - oauth connection errors for openshift console pods on an OVNKube OCP 4.7 cluster 1915818 - vsphere-problem-detector: use "_totals" in metrics 1915828 - Latest Dell firmware (04.40.00.00) fails to install IPI on BM using idrac-virtualmedia protocol 1915859 - vsphere-problem-detector: does not report ESXi host version nor VM HW version 1915871 - operator-sdk version in new downstream image should be v1.2.0-ocp not v4.7.0 1915879 - Pipeline Dashboard tab Rename to Pipeline Metrics 1915885 - Kuryr doesn't support workers running on multiple subnets 1915898 - TaskRun log output shows "undefined" in streaming 1915907 - test/cmd/builds.sh uses docker.io 1915912 - sig-storage-csi-snapshotter image not available 1915926 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART 1915929 - A11y Violation: svg-img-alt for time axis of Utilization Card on Cluster Dashboard 1915939 - Resizing the browser window removes Web Terminal Icon 1915945 - [sig-scheduling] SchedulerPreemption [Serial] validates basic preemption works [Conformance] 1915959 - Baremetal cluster operator is included in a ROKS installation of 4.7 1915962 - ROKS: manifest with machine health check fails to apply in 4.7 1915972 - Global configuration breadcrumbs do not work as expected 1915981 - Install ethtool and conntrack in container for debugging 1915995 - "Edit RoleBinding Subject" action under RoleBinding list page kebab actions causes unhandled exception 1915998 - Installer bootstrap node setting of additional subnets inconsistent with additional security groups 1916021 - OLM enters infinite loop if Pending CSV replaces itself 1916056 - Need Visual Web Terminal metric enabled for OCP monitoring telemetry 1916081 - non-existant should be non-existent in CloudCredentialOperatorTargetNamespaceMissing alert's annotations 1916099 - VM creation - customization wizard - user should be allowed to delete and re-create root disk 1916126 - [e2e][automation] Help fix tests for vm guest-agent and next-run-configuration 1916145 - Explicitly set minimum versions of python libraries 1916164 - Update csi-driver-nfs builder & base images to be consistent with ART 1916221 - csi-snapshot-controller-operator: bump dependencies for 4.7 1916271 - Known issues should mention failure to apply soft-anti-affinity to masters beyond the third 1916363 - [OVN] ovs-configuration.service reports as failed within all nodes using version 4.7.0-fc.2 1916379 - error metrics from vsphere-problem-detector should be gauge 1916382 - Can't create ext4 filesystems with Ignition 1916384 - 4.5.15 and later cluster-version operator does not sync ClusterVersion status before exiting, leaving 'verified: false' even for verified updates 1916401 - Deleting an ingress controller with a bad DNS Record hangs 1916417 - [Kuryr] Must-gather does not have all Custom Resources information 1916419 - [sig-devex][Feature:ImageEcosystem][Slow] openshift images should be SCL enabled returning s2i usage when running the image 1916454 - teach CCO about upgradeability from 4.6 to 4.7 1916486 - [OCP RHV] [Docs] Update RHV CSI provisioning section in OCP documenation 1916502 - Boot disk mirroring fails with mdadm error 1916524 - Two rootdisk shows on storage step 1916580 - Default yaml is broken for VM and VM template 1916621 - oc adm node-logs examples are wrong 1916642 - [zh_CN] Redundant period in Secrets - Create drop down menu - Key value secret. 1916692 - Possibly fails to destroy LB and thus cluster 1916711 - Update Kube dependencies in MCO to 1.20.0 1916747 - remove links to quick starts if virtualization operator isn't updated to 2.6 1916764 - editing a workload with no application applied, will auto fill the app 1916834 - Pipeline Metrics - Text Updates 1916843 - collect logs from openshift-sdn-controller pod 1916853 - cluster will not gracefully recover if openshift-etcd namespace is removed 1916882 - OCS 4.7 LSO : wizard (Discover disks and create storageclass) does not show zone when topology.kubernetes.io/zone are added manually 1916888 - OCS wizard Donor chart does not get updated when `Device Type` is edited 1916938 - Using 4.6 install-config.yaml file with lbFloatingIP results in validation error "Forbidden: cannot specify lbFloatingIP and apiFloatingIP together" 1916949 - ROKS: manifests in openshift-oauth-apiserver ns fails to create with non-existent namespace 1917101 - [UPI on oVirt] - 'RHCOS image' topic isn't located in the right place in UPI document 1917114 - Upgrade from 4.5.9 to 4.7 fails as authentication operator is Degraded due to '"ProxyConfigController" controller failed to sync "key"' error 1917117 - Common templates - disks screen: invalid disk name 1917124 - Custom template - clone existing PVC - the name of the target VM's data volume is hard-coded; only one VM can be created 1917146 - [oVirt] Consume 23-10 ovirt sdk- csi operator 1917147 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable. 1917148 - [oVirt] Consume 23-10 ovirt sdk 1917239 - Monitoring time options overlaps monitoring tab navigation when Quickstart panel is opened 1917272 - Should update the default minSize to 1Gi when create localvolumeset on web console 1917303 - [automation][e2e] make kubevirt-plugin gating job mandatory 1917315 - localvolumeset-local-provisoner-xxx pods are not killed after upgrading from 4.6 to 4.7 1917327 - annotations.message maybe wrong for NTOPodsNotReady alert 1917367 - Refactor periodic.go 1917371 - Add docs on how to use the built-in profiler 1917372 - Application metrics are shown on Metrics dashboard but not in linked Prometheus UI in OCP management console 1917395 - pv-pool backing store name restriction should be at 43 characters from the ocs ui 1917484 - [BM][IPI] Failed to scale down machineset 1917522 - Deprecate --filter-by-os in oc adm catalog mirror 1917537 - controllers continuously busy reconciling operator 1917551 - use min_over_time for vsphere prometheus alerts 1917585 - OLM Operator install page missing i18n 1917587 - Manila CSI operator becomes degraded if user doesn't have permissions to list share types 1917605 - Deleting an exgw causes pods to no longer route to other exgws 1917614 - [aws c2s] ingress operator uses unavailable resourcegrouptaggings API 1917656 - Add to Project/application for eventSources from topology shows 404 1917658 - Show TP badge for sources powered by camel connectors in create flow 1917660 - Editing parallelism of job get error info 1917678 - Could not provision pv when no symlink and target found on rhel worker 1917679 - Hide double CTA in admin pipelineruns tab 1917683 - `NodeTextFileCollectorScrapeError` alert in OCP 4.6 cluster. 1917759 - Console operator panics after setting plugin that does not exists to the console-operator config 1917765 - ansible-operator version in downstream image should be v1.3.0 not v4.7.0 1917770 - helm-operator version in downstream image should be v1.3.0 not v4.7.0 1917799 - Gather s list of names and versions of installed OLM operators 1917803 - [sig-storage] Pod Disks should be able to delete a non-existent PD without error 1917814 - Show Broker create option in eventing under admin perspective 1917838 - MachineSet scaling from 0 is not available or evaluated incorrectly for the new or changed instance types 1917872 - [oVirt] rebase on latest SDK 2021-01-12 1917911 - network-tools needs ovnkube-trace binary from ovn-kubernetes image 1917938 - upgrade version of dnsmasq package 1917942 - Canary controller causes panic in ingress-operator 1918019 - Undesired scrollbars in markdown area of QuickStart 1918068 - Flaky olm integration tests 1918085 - reversed name of job and namespace in cvo log 1918112 - Flavor is not editable if a customize VM is created from cli 1918129 - Update IO sample archive with missing resources & remove IP anonymization from clusteroperator resources 1918132 - i18n: Volume Snapshot Contents menu is not translated 1918133 - [e2e][automation] Fix ocp 4.7 existing tests - part2 1918140 - Deployment openstack-cinder-csi-driver-controller and openstack-manila-csi-controllerplugin doesn't be installed on OSP 1918153 - When `&` character is set as an environment variable in a build config it is getting converted as `\u0026` 1918185 - Capitalization on PLR details page 1918287 - [ovirt] ovirt csi driver is flooding RHV with API calls and spam the event UI with new connections 1918318 - Kamelet connector's are not shown in eventing section under Admin perspective 1918351 - Gather SAP configuration (SCC & ClusterRoleBinding) 1918375 - [calico] rbac-proxy container in kube-proxy fails to create tokenreviews 1918395 - [ovirt] increase livenessProbe period 1918415 - MCD nil pointer on dropins 1918438 - [ja_JP, zh_CN] Serverless i18n misses 1918440 - Kernel Arguments get reapplied even when no new kargs has been added in MachineConfig 1918471 - CustomNoUpgrade Feature gates are not working correctly 1918558 - Supermicro nodes boot to PXE upon reboot after successful deployment to disk 1918622 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART 1918623 - Updating ose-jenkins-agent-nodejs-12 builder & base images to be consistent with ART 1918625 - Updating ose-jenkins-agent-nodejs-10 builder & base images to be consistent with ART 1918635 - Updating openshift-jenkins-2 builder & base images to be consistent with ART #1197 1918639 - Event listener with triggerRef crashes the console 1918648 - Subscription page doesn't show InstallPlan correctly 1918716 - Manilacsi becomes degraded even though it is not available with the underlying Openstack 1918748 - helmchartrepo is not http(s)_proxy-aware 1918757 - Consistant fallures of features/project-creation.feature Cypress test in CI 1918803 - Need dedicated details page w/ global config breadcrumbs for 'KnativeServing' plugin 1918826 - Insights popover icons are not horizontally aligned 1918879 - need better debug for bad pull secrets 1918958 - The default NMstate instance from the operator is incorrect 1919097 - Close bracket ")" missing at the end of the sentence in the UI 1919231 - quick search modal cut off on smaller screens 1919259 - Make "Add x" singular in Pipeline Builder 1919260 - VM Template list actions should not wrap 1919271 - NM prepender script doesn't support systemd-resolved 1919341 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART 1919360 - Need managed-cluster-info metric enabled for OCP monitoring telemetry 1919379 - dotnet logo out of date 1919387 - Console login fails with no error when it can't write to localStorage 1919396 - A11y Violation: svg-img-alt on Pod Status ring 1919407 - OpenStack IPI has three-node control plane limitation, but InstallConfigs aren't verified 1919750 - Search InstallPlans got Minified React error 1919778 - Upgrade is stuck in insights operator Degraded with "Source clusterconfig could not be retrieved" until insights operator pod is manually deleted 1919823 - OCP 4.7 Internationalization Chinese tranlate issue 1919851 - Visualization does not render when Pipeline & Task share same name 1919862 - The tip information for `oc new-project --skip-config-write` is wrong 1919876 - VM created via customize wizard cannot inherit template's PVC attributes 1919877 - Click on KSVC breaks with white screen 1919879 - The toolbox container name is changed from 'toolbox-root' to 'toolbox-' in a chroot environment 1919945 - user entered name value overridden by default value when selecting a git repository 1919968 - [release-4.7] Undiagnosed panic detected in pod runtime.go:76: invalid memory address or nil pointer dereference 1919970 - NTO does not update when the tuned profile is updated. 1919999 - Bump Cluster Resource Operator Golang Versions 1920027 - machine-config-operator consistently failing during 4.6 to 4.7 upgrades and clusters do not install successfully with proxy configuration 1920200 - user-settings network error results in infinite loop of requests 1920205 - operator-registry e2e tests not working properly 1920214 - Bump golang to 1.15 in cluster-resource-override-admission 1920248 - re-running the pipelinerun with pipelinespec crashes the UI 1920320 - VM template field is "Not available" if it's created from common template 1920367 - When creating localvolumeset instance from the web console, the title for setting volumeMode is `Disk Mode` 1920368 - Fix containers creation issue resulting in runc running on Guaranteed Pod CPUs 1920390 - Monitoring > Metrics graph shifts to the left when clicking the "Stacked" option and when toggling data series lines on / off 1920426 - Egress Router CNI OWNERS file should have ovn-k team members 1920427 - Need to update `oc login` help page since we don't support prompt interactively for the username 1920430 - [V2V] [UI] Browser window becomes empty when running import wizard for the first time 1920438 - openshift-tuned panics on turning debugging on/off. 1920445 - e2e-gcp-ovn-upgrade job is actually using openshift-sdn 1920481 - kuryr-cni pods using unreasonable amount of CPU 1920509 - wait for port 6443 to be open in the kube-scheduler container; use ss instead of lsof 1920524 - Topology graph crashes adding Open Data Hub operator 1920526 - catalog operator causing CPU spikes and bad etcd performance 1920551 - Boot Order is not editable for Templates in "openshift" namespace 1920555 - bump cluster-resource-override-admission api dependencies 1920571 - fcp multipath will not recover failed paths automatically 1920619 - Remove default scheduler profile value 1920655 - Console should not show the Create Autoscaler link in cluster settings when the CRD is not present 1920674 - MissingKey errors in bindings namespace 1920684 - Text in language preferences modal is misleading 1920695 - CI is broken because of bad image registry reference in the Makefile 1920756 - update generic-admission-server library to get the system:masters authorization optimization 1920769 - [Upgrade] OCP upgrade from 4.6.13 to 4.7.0-fc.4 for "network-check-target" failed when "defaultNodeSelector" is set 1920771 - i18n: Delete persistent volume claim drop down is not translated 1920806 - [OVN]Nodes lost network connection after reboot on the vSphere UPI 1920912 - Unable to power off BMH from console 1920981 - When OCS was deployed with arbiter mode enable add capacity is increasing the count by "2" 1920984 - [e2e][automation] some menu items names are out dated 1921013 - Gather PersistentVolume definition (if any) used in image registry config 1921023 - Do not enable Flexible Scaling to true for Internal mode clusters(revert to 4.6 behavior) 1921087 - 'start next quick start' link doesn't work and is unintuitive 1921088 - test-cmd is failing on volumes.sh pretty consistently 1921248 - Clarify the kubelet configuration cr description 1921253 - Text filter default placeholder text not internationalized 1921258 - User Preferences: Active perspective and project change in the current window when selected in a different window 1921275 - Panic in authentication-operator in (*deploymentController).updateOperatorDeploymentInfo 1921277 - Fix Warning and Info log statements to handle arguments 1921281 - oc get -o yaml --export returns "error: unknown flag: --export" 1921458 - [SDK] Gracefully handle the `run bundle-upgrade` if the lower version operator doesn't exist 1921556 - [OCS with Vault]: OCS pods didn't comeup after deploying with Vault details from UI 1921572 - For external source (i.e GitHub Source) form view as well shows yaml 1921580 - [e2e][automation]Test VM detail view actions dropdown does not pass 1921610 - Pipeline metrics font size inconsistency 1921644 - [e2e][automation] tests errors with wrong cloudInit new line syntax 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1921655 - [OSP] Incorrect error handling during cloudinfo generation 1921713 - [e2e][automation] fix failing VM migration tests 1921762 - Serving and Eventing breadcrumbs should direct users back to tabbed page view 1921774 - delete application modal errors when a resource cannot be found 1921806 - Explore page APIResourceLinks aren't i18ned 1921823 - CheckBoxControls not internationalized 1921836 - AccessTableRows don't internationalize "User" or "Group" 1921857 - Test flake when hitting router in e2e tests due to one router not being up to date 1921880 - Dynamic plugins are not initialized on console load in production mode 1921911 - Installer PR #4589 is causing leak of IAM role policy bindings 1921921 - "Global Configuration" breadcrumb does not use sentence case 1921949 - Console bug - source code URL broken for gitlab self-hosted repositories 1921954 - Subscription-related constraints in ResolutionFailed events are misleading 1922015 - buttons in modal header are invisible on Safari 1922021 - Nodes terminal page 'Expand' 'Collapse' button not translated 1922050 - [e2e][automation] Improve vm clone tests 1922066 - Cannot create VM from custom template which has extra disk 1922098 - Namespace selection dialog is not closed after select a namespace 1922099 - Updated Readme documentation for QE code review and setup 1922146 - Egress Router CNI doesn't have logging support. 1922267 - Collect specific ADFS error 1922292 - Bump RHCOS boot images for 4.7 1922454 - CRI-O doesn't enable pprof by default 1922473 - reconcile LSO images for 4.8 1922573 - oc returns an error while using -o jsonpath when there is no resource found in the namespace 1922782 - Source registry missing docker:// in yaml 1922907 - Interop UI Tests - step implementation for updating feature files 1922911 - Page crash when click the "Stacked" checkbox after clicking the data series toggle buttons 1922991 - "verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build" test fails on OKD 1923003 - WebConsole Insights widget showing "Issues pending" when the cluster doesn't report anything 1923098 - [vsphere-problem-detector-operator] Need permission to access replicasets.apps resources 1923102 - [vsphere-problem-detector-operator] pod's version is not correct 1923245 - [Assisted-4.7] [Staging][Minimal-ISO] nodes fails to boot 1923674 - k8s 1.20 vendor dependencies 1923721 - PipelineRun running status icon is not rotating 1923753 - Increase initialDelaySeconds for ovs-daemons container in the ovs-node daemonset for upgrade scenarios 1923774 - Docker builds failing for openshift/cluster-resource-override-admission-operator 1923802 - ci/prow/e2e-aws-olm build failing for openshift/cluster-resource-override-admission-operator 1923874 - Unable to specify values with % in kubeletconfig 1923888 - Fixes error metadata gathering 1923892 - Update arch.md after refactor. 1923894 - "installed" operator status in operatorhub page does not reflect the real status of operator 1923895 - Changelog generation. 1923911 - [e2e][automation] Improve tests for vm details page and list filter 1923945 - PVC Name and Namespace resets when user changes os/flavor/workload 1923951 - EventSources shows `undefined` in project 1923973 - Dynamic plugin demo README does not contain info how to enable the ConsolePlugins 1924046 - Localhost: Refreshing on a Project removes it from nav item urls 1924078 - Topology quick search View all results footer should be sticky. 1924081 - NTO should ship the latest Tuned daemon release 2.15 1924084 - backend tests incorrectly hard-code artifacts dir 1924128 - [sig-builds][Feature:Builds] verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build 1924135 - Under sufficient load, CRI-O may segfault 1924143 - Code Editor Decorator url is broken for Bitbucket repos 1924188 - Language selector dropdown doesn't always pre-select the language 1924365 - Add extra disk for VM which use boot source PXE 1924383 - Degraded network operator during upgrade to 4.7.z 1924387 - [ja_JP][zh_CN] Incorrect warning message for deleting namespace on Delete Pod dialog box. 1924480 - non cluster admin can not take VM snapshot: An error occurred, cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on 1924583 - Deprectaed templates are listed in the Templates screen 1924870 - pick upstream pr#96901: plumb context with request deadline 1924955 - Images from Private external registry not working in deploy Image 1924961 - k8sutil.TrimDNS1123Label creates invalid values 1924985 - Build egress-router-cni for both RHEL 7 and 8 1925020 - Console demo plugin deployment image shoult not point to dockerhub 1925024 - Remove extra validations on kafka source form view net section 1925039 - [e2e] Fix Test - ID(CNV-5327) Change Custom Flavor while VM is running 1925072 - NTO needs to ship the current latest stalld v1.7.0 1925163 - Missing info about dev catalog in boot source template column 1925200 - Monitoring Alert icon is missing on the workload in Topology view 1925262 - apiserver getting 2 SIGTERM signals which was immediately making it exit code 1 1925319 - bash syntax error in configure-ovs.sh script 1925408 - Remove StatefulSet gatherer and replace it with gathering corresponding config map data 1925516 - Pipeline Metrics Tooltips are overlapping data 1925562 - Add new ArgoCD link from GitOps application environments page 1925596 - Gitops details page image and commit id text overflows past card boundary 1926556 - 'excessive etcd leader changes' test case failing in serial job because prometheus data is wiped by machine set test 1926588 - The tarball of operator-sdk is not ready for ocp4.7 1927456 - 4.7 still points to 4.6 catalog images 1927500 - API server exits non-zero on 2 SIGTERM signals 1929278 - Monitoring workloads using too high a priorityclass 1929645 - Remove openshift:kubevirt-machine-controllers decleration from machine-api 1929920 - Cluster monitoring documentation link is broken - 404 not found 5. References: https://access.redhat.com/security/cve/CVE-2018-10103 https://access.redhat.com/security/cve/CVE-2018-10105 https://access.redhat.com/security/cve/CVE-2018-14461 https://access.redhat.com/security/cve/CVE-2018-14462 https://access.redhat.com/security/cve/CVE-2018-14463 https://access.redhat.com/security/cve/CVE-2018-14464 https://access.redhat.com/security/cve/CVE-2018-14465 https://access.redhat.com/security/cve/CVE-2018-14466 https://access.redhat.com/security/cve/CVE-2018-14467 https://access.redhat.com/security/cve/CVE-2018-14468 https://access.redhat.com/security/cve/CVE-2018-14469 https://access.redhat.com/security/cve/CVE-2018-14470 https://access.redhat.com/security/cve/CVE-2018-14553 https://access.redhat.com/security/cve/CVE-2018-14879 https://access.redhat.com/security/cve/CVE-2018-14880 https://access.redhat.com/security/cve/CVE-2018-14881 https://access.redhat.com/security/cve/CVE-2018-14882 https://access.redhat.com/security/cve/CVE-2018-16227 https://access.redhat.com/security/cve/CVE-2018-16228 https://access.redhat.com/security/cve/CVE-2018-16229 https://access.redhat.com/security/cve/CVE-2018-16230 https://access.redhat.com/security/cve/CVE-2018-16300 https://access.redhat.com/security/cve/CVE-2018-16451 https://access.redhat.com/security/cve/CVE-2018-16452 https://access.redhat.com/security/cve/CVE-2018-20843 https://access.redhat.com/security/cve/CVE-2019-3884 https://access.redhat.com/security/cve/CVE-2019-5018 https://access.redhat.com/security/cve/CVE-2019-6977 https://access.redhat.com/security/cve/CVE-2019-6978 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-9455 https://access.redhat.com/security/cve/CVE-2019-9458 https://access.redhat.com/security/cve/CVE-2019-11068 https://access.redhat.com/security/cve/CVE-2019-12614 https://access.redhat.com/security/cve/CVE-2019-13050 https://access.redhat.com/security/cve/CVE-2019-13225 https://access.redhat.com/security/cve/CVE-2019-13627 https://access.redhat.com/security/cve/CVE-2019-14889 https://access.redhat.com/security/cve/CVE-2019-15165 https://access.redhat.com/security/cve/CVE-2019-15166 https://access.redhat.com/security/cve/CVE-2019-15903 https://access.redhat.com/security/cve/CVE-2019-15917 https://access.redhat.com/security/cve/CVE-2019-15925 https://access.redhat.com/security/cve/CVE-2019-16167 https://access.redhat.com/security/cve/CVE-2019-16168 https://access.redhat.com/security/cve/CVE-2019-16231 https://access.redhat.com/security/cve/CVE-2019-16233 https://access.redhat.com/security/cve/CVE-2019-16935 https://access.redhat.com/security/cve/CVE-2019-17450 https://access.redhat.com/security/cve/CVE-2019-17546 https://access.redhat.com/security/cve/CVE-2019-18197 https://access.redhat.com/security/cve/CVE-2019-18808 https://access.redhat.com/security/cve/CVE-2019-18809 https://access.redhat.com/security/cve/CVE-2019-19046 https://access.redhat.com/security/cve/CVE-2019-19056 https://access.redhat.com/security/cve/CVE-2019-19062 https://access.redhat.com/security/cve/CVE-2019-19063 https://access.redhat.com/security/cve/CVE-2019-19068 https://access.redhat.com/security/cve/CVE-2019-19072 https://access.redhat.com/security/cve/CVE-2019-19221 https://access.redhat.com/security/cve/CVE-2019-19319 https://access.redhat.com/security/cve/CVE-2019-19332 https://access.redhat.com/security/cve/CVE-2019-19447 https://access.redhat.com/security/cve/CVE-2019-19524 https://access.redhat.com/security/cve/CVE-2019-19533 https://access.redhat.com/security/cve/CVE-2019-19537 https://access.redhat.com/security/cve/CVE-2019-19543 https://access.redhat.com/security/cve/CVE-2019-19602 https://access.redhat.com/security/cve/CVE-2019-19767 https://access.redhat.com/security/cve/CVE-2019-19770 https://access.redhat.com/security/cve/CVE-2019-19906 https://access.redhat.com/security/cve/CVE-2019-19956 https://access.redhat.com/security/cve/CVE-2019-20054 https://access.redhat.com/security/cve/CVE-2019-20218 https://access.redhat.com/security/cve/CVE-2019-20386 https://access.redhat.com/security/cve/CVE-2019-20387 https://access.redhat.com/security/cve/CVE-2019-20388 https://access.redhat.com/security/cve/CVE-2019-20454 https://access.redhat.com/security/cve/CVE-2019-20636 https://access.redhat.com/security/cve/CVE-2019-20807 https://access.redhat.com/security/cve/CVE-2019-20812 https://access.redhat.com/security/cve/CVE-2019-20907 https://access.redhat.com/security/cve/CVE-2019-20916 https://access.redhat.com/security/cve/CVE-2020-0305 https://access.redhat.com/security/cve/CVE-2020-0444 https://access.redhat.com/security/cve/CVE-2020-1716 https://access.redhat.com/security/cve/CVE-2020-1730 https://access.redhat.com/security/cve/CVE-2020-1751 https://access.redhat.com/security/cve/CVE-2020-1752 https://access.redhat.com/security/cve/CVE-2020-1971 https://access.redhat.com/security/cve/CVE-2020-2574 https://access.redhat.com/security/cve/CVE-2020-2752 https://access.redhat.com/security/cve/CVE-2020-2922 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3898 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-6405 https://access.redhat.com/security/cve/CVE-2020-7595 https://access.redhat.com/security/cve/CVE-2020-7774 https://access.redhat.com/security/cve/CVE-2020-8177 https://access.redhat.com/security/cve/CVE-2020-8492 https://access.redhat.com/security/cve/CVE-2020-8563 https://access.redhat.com/security/cve/CVE-2020-8566 https://access.redhat.com/security/cve/CVE-2020-8619 https://access.redhat.com/security/cve/CVE-2020-8622 https://access.redhat.com/security/cve/CVE-2020-8623 https://access.redhat.com/security/cve/CVE-2020-8624 https://access.redhat.com/security/cve/CVE-2020-8647 https://access.redhat.com/security/cve/CVE-2020-8648 https://access.redhat.com/security/cve/CVE-2020-8649 https://access.redhat.com/security/cve/CVE-2020-9327 https://access.redhat.com/security/cve/CVE-2020-9802 https://access.redhat.com/security/cve/CVE-2020-9803 https://access.redhat.com/security/cve/CVE-2020-9805 https://access.redhat.com/security/cve/CVE-2020-9806 https://access.redhat.com/security/cve/CVE-2020-9807 https://access.redhat.com/security/cve/CVE-2020-9843 https://access.redhat.com/security/cve/CVE-2020-9850 https://access.redhat.com/security/cve/CVE-2020-9862 https://access.redhat.com/security/cve/CVE-2020-9893 https://access.redhat.com/security/cve/CVE-2020-9894 https://access.redhat.com/security/cve/CVE-2020-9895 https://access.redhat.com/security/cve/CVE-2020-9915 https://access.redhat.com/security/cve/CVE-2020-9925 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-10029 https://access.redhat.com/security/cve/CVE-2020-10732 https://access.redhat.com/security/cve/CVE-2020-10749 https://access.redhat.com/security/cve/CVE-2020-10751 https://access.redhat.com/security/cve/CVE-2020-10763 https://access.redhat.com/security/cve/CVE-2020-10773 https://access.redhat.com/security/cve/CVE-2020-10774 https://access.redhat.com/security/cve/CVE-2020-10942 https://access.redhat.com/security/cve/CVE-2020-11565 https://access.redhat.com/security/cve/CVE-2020-11668 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/cve/CVE-2020-12465 https://access.redhat.com/security/cve/CVE-2020-12655 https://access.redhat.com/security/cve/CVE-2020-12659 https://access.redhat.com/security/cve/CVE-2020-12770 https://access.redhat.com/security/cve/CVE-2020-12826 https://access.redhat.com/security/cve/CVE-2020-13249 https://access.redhat.com/security/cve/CVE-2020-13630 https://access.redhat.com/security/cve/CVE-2020-13631 https://access.redhat.com/security/cve/CVE-2020-13632 https://access.redhat.com/security/cve/CVE-2020-14019 https://access.redhat.com/security/cve/CVE-2020-14040 https://access.redhat.com/security/cve/CVE-2020-14381 https://access.redhat.com/security/cve/CVE-2020-14382 https://access.redhat.com/security/cve/CVE-2020-14391 https://access.redhat.com/security/cve/CVE-2020-14422 https://access.redhat.com/security/cve/CVE-2020-15157 https://access.redhat.com/security/cve/CVE-2020-15503 https://access.redhat.com/security/cve/CVE-2020-15862 https://access.redhat.com/security/cve/CVE-2020-15999 https://access.redhat.com/security/cve/CVE-2020-16166 https://access.redhat.com/security/cve/CVE-2020-24490 https://access.redhat.com/security/cve/CVE-2020-24659 https://access.redhat.com/security/cve/CVE-2020-25211 https://access.redhat.com/security/cve/CVE-2020-25641 https://access.redhat.com/security/cve/CVE-2020-25658 https://access.redhat.com/security/cve/CVE-2020-25661 https://access.redhat.com/security/cve/CVE-2020-25662 https://access.redhat.com/security/cve/CVE-2020-25681 https://access.redhat.com/security/cve/CVE-2020-25682 https://access.redhat.com/security/cve/CVE-2020-25683 https://access.redhat.com/security/cve/CVE-2020-25684 https://access.redhat.com/security/cve/CVE-2020-25685 https://access.redhat.com/security/cve/CVE-2020-25686 https://access.redhat.com/security/cve/CVE-2020-25687 https://access.redhat.com/security/cve/CVE-2020-25694 https://access.redhat.com/security/cve/CVE-2020-25696 https://access.redhat.com/security/cve/CVE-2020-26160 https://access.redhat.com/security/cve/CVE-2020-27813 https://access.redhat.com/security/cve/CVE-2020-27846 https://access.redhat.com/security/cve/CVE-2020-28362 https://access.redhat.com/security/cve/CVE-2020-29652 https://access.redhat.com/security/cve/CVE-2021-2007 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYDZ+bNzjgjWX9erEAQghXg//awGwjQxJ5LEZWBTdgyuCa8mHEi2rop5T lmebolBMNRSbo9gI8LMSHlvIBBFiV4CuFvfxE0AVLNentfzOTH11TxNWe1KQYt4H EmcGHPeHWTxKDkvAHtVcWXy9WN3y5d4lHSaq6AR1nHRPcj/k1upyx22kotpnYxN8 4d49PjFTO3YbmdYpNLVJ9nY8izqUpTfM7YSyj6ANZSlaYc5Z215o6TPo6e3wobf4 mWu+VfDS0v+/AbGhQhO2sQ7r2ysJ85MB7c62cxck4a51KiA0NKd4xr0TAA4KHnNL ISHFzi5QYXu+meE+9wYRo1ZjJ5fbPj41+1TJbR6O4CbP0xQiFpcUSipNju3rGSGy Ae5G/QGT8J7HzOjlKVvY3SFu/odENR6c+xUIr7IB/FBlu7DdPF2XxMZDQD4DKHEk 4aiDbuiEL3Yf78Ic1RqPPmrj9plIwprVFQz+k3JaQXKD+1dBxO6tk+nVu2/5xNbM uR03hrthYYIpdXLSWU4lzq8j3kQ9wZ4j/m2o6/K6eHNl9PyqAG5jfQv9bVf8E3oG krzc/JLvOfHNEQ/oJs/v/DFDmnAxshCCtGWlpLJ5J0pcD3EePsrPNs1QtQurVrMv RjfBCWKOij53+BinrMKHdsHxfur7GCFCIQCVaLIv6GUjX2NWI0voIVA8JkrFNNp6 McvuEaxco7U= =sw8i -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . CVE-2019-8775: videosdebarraquito WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Visiting a maliciously crafted website may reveal browsing history Description: An issue existed in the drawing of web page elements. Share Sheet We would like to acknowledge Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt for their assistance. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13.1 and iPadOS 13.1". Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 1732329 - Virtual Machine is missing documentation of its properties in yaml editor 1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type and virtio disk in cnv 1791753 - [RFE] [SSP] Template validator should check validations in template's parent template 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1848954 - KMP missing CA extensions in cabundle of mutatingwebhookconfiguration 1848956 - KMP requires downtime for CA stabilization during certificate rotation 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1853911 - VM with dot in network name fails to start with unclear message 1854098 - NodeNetworkState on workers doesn't have "status" key due to nmstate-handler pod failure to run "nmstatectl show" 1856347 - SR-IOV : Missing network name for sriov during vm setup 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS 1859235 - Common Templates - after upgrade there are 2 common templates per each os-workload-flavor combination 1860714 - No API information from `oc explain` 1860992 - CNV upgrade - users are not removed from privileged SecurityContextConstraints 1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd / File system due to overhead required for Filesystem 1866593 - CDI is not handling vm disk clone 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 1868817 - Container-native Virtualization 2.6.0 Images 1873771 - Improve the VMCreationFailed error message caused by VM low memory 1874812 - SR-IOV: Guest Agent expose link-local ipv6 address for sometime and then remove it 1878499 - DV import doesn't recover from scratch space PVC deletion 1879108 - Inconsistent naming of "oc virt" command in help text 1881874 - openshift-cnv namespace is getting stuck if the user tries to delete it while CNV is running 1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable sidecar injection if namespace has sidecar injection enabled but VM Template does NOT 1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability 1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a relevant error message 1885418 - [openshift-cnv] issues with memory overhead calculation when limits are used 1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first, *before* the NodeNetworkConfigurationPolicy is applied 1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is not passed on to PVC request. Bugs fixed (https://bugzilla.redhat.com/): 1808240 - Always return metrics value for pods under the user's namespace 1815189 - feature flagged UI does not always become available after operator installation 1825034 - e2e: Mock CSI tests fail on IBM ROKS clusters 1826225 - edge terminated h2 (gRPC) connections need a haproxy template change to work correctly 1860774 - csr for vSphere egress nodes were not approved automatically during cert renewal 1878106 - token inactivity timeout is not shortened after oauthclient/oauth config values are lowered 1878925 - 'oc adm upgrade --to ...' rejects versions which occur only in history, while the cluster-version operator supports history fallback 1880738 - origin e2e test deletes original worker 1882983 - oVirt csi driver should refuse to provision RWX and ROX PV 1886450 - Keepalived router id check not documented for RHV/VMware IPI 1889488 - The metrics endpoint for the Scheduler is not protected by RBAC 1894431 - Router pods fail to boot if the SSL certificate applied is missing an empty line at the bottom 1896474 - Path based routing is broken for some combinations 1897431 - CIDR support for additional network attachment with the bridge CNI plug-in 1903408 - NodePort externalTrafficPolicy does not work for ovn-kubernetes 1907433 - Excessive logging in image operator 1909906 - The router fails with PANIC error when stats port already in use 1911173 - [MSTR-998] Many charts' legend names show {{}} instead of words 1914053 - pods assigned with Multus whereabouts IP get stuck in ContainerCreating state after node rebooting. 1916169 - a reboot while MCO is applying changes leaves the node in undesirable state and MCP looks fine (UPDATED=true) 1917893 - [ovirt] install fails: due to terraform error "Cannot attach Virtual Disk: Disk is locked" on vm resource 1921627 - GCP UPI installation failed due to exceeding gcp limitation of instance group name 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1926522 - oc adm catalog does not clean temporary files 1927478 - Default CatalogSources deployed by marketplace do not have toleration for tainted nodes. 1928141 - kube-storage-version-migrator constantly reporting type "Upgradeable" status Unknown 1928285 - [LSO][OCS][arbiter] OCP Console shows no results while in fact underlying setup of LSO localvolumeset and it's storageclass is not yet finished, confusing users 1931594 - [sig-cli] oc --request-timeout works as expected fails frequently on s390x 1933847 - Prometheus goes unavailable (both instances down) during 4.8 upgrade 1937085 - RHV UPI inventory playbook missing guarantee_memory 1937196 - [aws ebs csi driver] events for block volume expansion may cause confusion 1938236 - vsphere-problem-detector does not support overriding log levels via storage CR 1939401 - missed labels for CMO/openshift-state-metric/telemeter-client/thanos-querier pods 1939435 - Setting an IPv6 address in noProxy field causes error in openshift installer 1939552 - [sig-api-machinery] CustomResourcePublishOpenAPI [Privileged:ClusterAdmin] works for CRD preserving unknown fields in an embedded object [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s] 1942913 - ThanosSidecarUnhealthy isn't resilient to WAL replays. 1943363 - [ovn] CNO should gracefully terminate ovn-northd 1945274 - ostree-finalize-staged.service failed while upgrading a rhcos node to 4.6.17 1948080 - authentication should not set Available=False APIServices_Error with 503s 1949262 - Prometheus Statefulsets should have 2 replicas and hard affinity set 1949672 - [GCP] Update 4.8 UPI template to match ignition version: 3.2.0 1950827 - [LSO] localvolumediscoveryresult name is not friendly to customer 1952576 - csv_succeeded metric not present in olm-operator for all successful CSVs 1953264 - "remote error: tls: bad certificate" logs in prometheus-operator container 1955300 - Machine config operator reports unavailable for 23m during upgrade 1955489 - Alertmanager Statefulsets should have 2 replicas and hard affinity set 1955490 - Thanos ruler Statefulsets should have 2 replicas and hard affinity set 1955544 - [IPI][OSP] densed master-only installation with 0 workers fails due to missing worker security group on masters 1956496 - Needs SR-IOV Docs Upstream 1956739 - Permission for authorized_keys for core user changes from core user to root when changed the pull secret 1956776 - [vSphere] Installer should do pre-check to ensure user-provided network name is valid 1956964 - upload a boot-source to OpenShift virtualization using the console 1957547 - [RFE]VM name is not auto filled in dev console 1958349 - ovn-controller doesn't release the memory after cluster-density run 1959352 - [scale] failed to get pod annotation: timed out waiting for annotations 1960378 - icsp allows mirroring of registry root - install-config imageContentSources does not 1960674 - Broken test: [sig-imageregistry][Serial][Suite:openshift/registry/serial] Image signature workflow can push a signed image to openshift registry and verify it [Suite:openshift/conformance/serial] 1961317 - storage ClusterOperator does not declare ClusterRoleBindings in relatedObjects 1961391 - String updates 1961509 - DHCP daemon pod should have CPU and memory requests set but not limits 1962066 - Edit machine/machineset specs not working 1962206 - openshift-multus/dhcp-daemon set should meet platform requirements for update strategy that have maxUnavailable update of 10 or 33 percent 1963053 - `oc whoami --show-console` should show the web console URL, not the server api URL 1964112 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters 1964327 - Support containers with name:tag@digest 1964789 - Send keys and disconnect does not work for VNC console 1965368 - ClusterQuotaAdmission received non-meta object - message constantly reported in OpenShift Container Platform 4.7 1966445 - Unmasking a service doesn't work if it masked using MCO 1966477 - Use GA version in KAS/OAS/OauthAS to avoid: "audit.k8s.io/v1beta1" is deprecated and will be removed in a future release, use "audit.k8s.io/v1" instead 1966521 - kube-proxy's userspace implementation consumes excessive CPU 1968364 - [Azure] when using ssh type ed25519 bootstrap fails to come up 1970021 - nmstate does not persist its configuration due to overlay systemd-connections-merged mount 1970218 - MCO writes incorrect file contents if compression field is specified 1970331 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install [Suite:openshift/conformance/parallel] 1970805 - Cannot create build when docker image url contains dir structure 1972033 - [azure] PV region node affinity is failure-domain.beta.kubernetes.io instead of topology.kubernetes.io 1972827 - image registry does not remain available during upgrade 1972962 - Should set the minimum value for the `--max-icsp-size` flag of `oc adm catalog mirror` 1973447 - ovn-dbchecker peak memory spikes to ~500MiB during cluster-density run 1975826 - ovn-kubernetes host directed traffic cannot be offloaded as CT zone 64000 is not established 1976301 - [ci] e2e-azure-upi is permafailing 1976399 - During the upgrade from OpenShift 4.5 to OpenShift 4.6 the election timers for the OVN north and south databases did not change. 2007379 - Events are not generated for master offset for ordinary clock 2007443 - [ICNI 2.0] Loadbalancer pods do not establish BFD sessions with all workers that host pods for the routed namespace 2007455 - cluster-etcd-operator: render command should fail if machineCidr contains reserved address 2007495 - Large label value for the metric kubelet_started_pods_errors_total with label message when there is a error 2007522 - No new local-storage-operator-metadata-container is build for 4.10 2007551 - No new ose-aws-efs-csi-driver-operator-bundle-container is build for 4.10 2007580 - Azure cilium installs are failing e2e tests 2007581 - Too many haproxy processes in default-router pod causing high load average after upgrade from v4.8.3 to v4.8.10 2007677 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes 2007692 - 4.9 "old-rhcos" jobs are permafailing with storage test failures 2007710 - ci/prow/e2e-agnostic-cmd job is failing on prow 2007757 - must-gather extracts imagestreams in the "openshift" namespace, but not Templates 2007802 - AWS machine actuator get stuck if machine is completely missing 2008096 - TestAWSFinalizerDeleteS3Bucket sometimes fails to teardown operator 2008119 - The serviceAccountIssuer field on Authentication CR is reseted to “” when installation process 2008151 - Topology breaks on clicking in empty state 2008185 - Console operator go.mod should use go 1.16.version 2008201 - openstack-az job is failing on haproxy idle test 2008207 - vsphere CSI driver doesn't set resource limits 2008223 - gather_audit_logs: fix oc command line to get the current audit profile 2008235 - The Save button in the Edit DC form remains disabled 2008256 - Update Internationalization README with scope info 2008321 - Add correct documentation link for MON_DISK_LOW 2008462 - Disable PodSecurity feature gate for 4.10 2008490 - Backing store details page does not contain all the kebab actions. 2010181 - Environment variables not getting reset on reload on deployment edit form 2010310 - [sig-instrumentation][Late] OpenShift alerting rules should have description and summary annotations [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2010341 - OpenShift Alerting Rules Style-Guide Compliance 2010342 - Local console builds can have out of memory errors 2010345 - OpenShift Alerting Rules Style-Guide Compliance 2010348 - Reverts PIE build mode for K8S components 2010352 - OpenShift Alerting Rules Style-Guide Compliance 2010354 - OpenShift Alerting Rules Style-Guide Compliance 2010359 - OpenShift Alerting Rules Style-Guide Compliance 2010368 - OpenShift Alerting Rules Style-Guide Compliance 2010376 - OpenShift Alerting Rules Style-Guide Compliance 2010662 - Cluster is unhealthy after image-registry-operator tests 2010663 - OpenShift Alerting Rules Style-Guide Compliance (ovn-kubernetes subcomponent) 2010665 - Bootkube tries to use oc after cluster bootstrap is done and there is no API 2010698 - [BM] [IPI] [Dual Stack] Installer must ensure ipv6 short forms too if clusterprovisioning IP is specified as ipv6 address 2010719 - etcdHighNumberOfFailedGRPCRequests runbook is missing 2010864 - Failure building EFS operator 2010910 - ptp worker events unable to identify interface for multiple interfaces 2010911 - RenderOperatingSystem() returns wrong OS version on OCP 4.7.24 2010921 - Azure Stack Hub does not handle additionalTrustBundle 2010931 - SRO CSV uses non default category "Drivers and plugins" 2010946 - concurrent CRD from ovirt-csi-driver-operator gets reconciled by CVO after deployment, changing CR as well. 2011038 - optional operator conditions are confusing 2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass 2011171 - diskmaker-manager constantly redeployed by LSO when creating LV's 2011293 - Build pod are not pulling images if we are not explicitly giving the registry name with the image 2011368 - Tooltip in pipeline visualization shows misleading data 2011386 - [sig-arch] Check if alerts are firing during or after upgrade success --- alert KubePodNotReady fired for 60 seconds with labels 2011411 - Managed Service's Cluster overview page contains link to missing Storage dashboards 2011443 - Cypress tests assuming Admin Perspective could fail on shared/reference cluster 2011513 - Kubelet rejects pods that use resources that should be freed by completed pods 2011668 - Machine stuck in deleting phase in VMware "reconciler failed to Delete machine" 2011693 - (release-4.10) "insightsclient_request_recvreport_total" metric is always incremented 2011698 - After upgrading cluster to 4.8 the kube-state-metrics service doesn't export namespace labels anymore 2011733 - Repository README points to broken documentarion link 2011753 - Ironic resumes clean before raid configuration job is actually completed 2011809 - The nodes page in the openshift console doesn't work. You just get a blank page 2011822 - Obfuscation doesn't work at clusters with OVN 2011882 - SRO helm charts not synced with templates 2011893 - Validation: BMC driver ipmi is not supported for secure UEFI boot 2011896 - [4.10] ClusterVersion Upgradeable=False MultipleReasons should include all messages 2011903 - vsphere-problem-detector: session leak 2011927 - OLM should allow users to specify a proxy for GRPC connections 2011956 - [tracker] Kubelet rejects pods that use resources that should be freed by completed pods 2011960 - [tracker] Storage operator is not available after reboot cluster instances 2011971 - ICNI2 pods are stuck in ContainerCreating state 2011972 - Ingress operator not creating wildcard route for hypershift clusters 2011977 - SRO bundle references non-existent image 2012069 - Refactoring Status controller 2012177 - [OCP 4.9 + OCS 4.8.3] Overview tab is missing under Storage after successful deployment on UI 2012228 - ibmcloud: credentialsrequests invalid for machine-api-operator: resource-group 2012233 - [IBMCLOUD] IPI: "Exceeded limit of remote rules per security group (the limit is 5 remote rules per security group)" 2012235 - [IBMCLOUD] IPI: IBM cloud provider requires ResourceGroupName in cloudproviderconfig 2012317 - Dynamic Plugins: ListPageCreateDropdown items cut off 2012407 - [e2e][automation] improve vm tab console tests 2012426 - ThanosSidecarBucketOperationsFailed/ThanosSidecarUnhealthy alerts don't have namespace label 2012562 - migration condition is not detected in list view 2012770 - when using expression metric openshift_apps_deploymentconfigs_last_failed_rollout_time namespace label is re-written 2012780 - The port 50936 used by haproxy is occupied by kube-apiserver 2012838 - Setting the default maximum container root partition size for Overlay with CRI-O stop working 2012902 - Neutron Ports assigned to Completed Pods are not reused Edit 2012915 - kube_persistentvolumeclaim_labels and kube_persistentvolume_labels are missing in OCP 4.8 monitoring stack 2012971 - Disable operands deletes 2013034 - Cannot install to openshift-nmstate namespace 2013127 - OperatorHub links could not be opened in a new tabs (sharing and open a deep link works fine) 2013199 - post reboot of node SRIOV policy taking huge time 2013203 - UI breaks when trying to create block pool before storage cluster/system creation 2013222 - Full breakage for nightly payload promotion 2013273 - Nil pointer exception when phc2sys options are missing 2013321 - TuneD: high CPU utilization of the TuneD daemon. 2013416 - Multiple assets emit different content to the same filename 2013431 - Application selector dropdown has incorrect font-size and positioning 2013528 - mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8 2013545 - Service binding created outside topology is not visible 2013599 - Scorecard support storage is not included in ocp4.9 2013632 - Correction/Changes in Quick Start Guides for ODF 4.9 (Install ODF guide) 2013646 - fsync controller will show false positive if gaps in metrics are observed. to user and tries to just load a blank screen on 'Add Capacity' button click 2015506 - Home - Search - Resources - APIRequestCount : hard to select an item from ellipsis menu 2015515 - Kubelet checks all providers even if one is configured: NoCredentialProviders: no valid providers in chain. 2015535 - Administration - ResourceQuotas - ResourceQuota details: Inside Pie chart 'x% used' is in English 2015549 - Observe - Metrics: Column heading and pagination text is in English 2015557 - Workloads - DeploymentConfigs : Error message is in English 2015568 - Compute - Nodes : CPU column's values are in English 2015635 - Storage operator fails causing installation to fail on ASH 2015660 - "Finishing boot source customization" screen should not use term "patched" 2015793 - [hypershift] The collect-profiles job's pods should run on the control-plane node 2015806 - Metrics view in Deployment reports "Forbidden" when not cluster-admin 2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning 2015837 - OS_CLOUD overwrites install-config's platform.openstack.cloud 2015950 - update from 4.7.22 to 4.8.11 is failing due to large amount of secrets to watch 2015952 - RH CodeReady Workspaces Operator in e2e testing will soon fail 2016004 - [RFE] RHCOS: help determining whether a user-provided image was already booted (Ignition provisioning already performed) 2016008 - [4.10] Bootimage bump tracker 2016052 - No e2e CI presubmit configured for release component azure-file-csi-driver 2016053 - No e2e CI presubmit configured for release component azure-file-csi-driver-operator 2016054 - No e2e CI presubmit configured for release component cluster-autoscaler 2016055 - No e2e CI presubmit configured for release component console 2016058 - openshift-sync does not synchronise in "ose-jenkins:v4.8" 2016064 - No e2e CI presubmit configured for release component ibm-cloud-controller-manager 2016065 - No e2e CI presubmit configured for release component ibmcloud-machine-controllers 2016175 - Pods get stuck in ContainerCreating state when attaching volumes fails on SNO clusters. 2016179 - Add Sprint 208 translations 2016228 - Collect Profiles pprof secret is hardcoded to openshift-operator-lifecycle-manager 2016235 - should update to 7.5.11 for grafana resources version label 2016296 - Openshift virtualization : Create Windows Server 2019 VM using template : Fails 2016334 - shiftstack: SRIOV nic reported as not supported 2016352 - Some pods start before CA resources are present 2016367 - Empty task box is getting created for a pipeline without finally task 2016435 - Duplicate AlertmanagerClusterFailedToSendAlerts alerts 2016438 - Feature flag gating is missing in few extensions contributed via knative plugin 2016442 - OCPonRHV: pvc should be in Bound state and without error when choosing default sc 2016446 - [OVN-Kubernetes] Egress Networkpolicy is failing Intermittently for statefulsets 2016453 - Complete i18n for GaugeChart defaults 2016479 - iface-id-ver is not getting updated for existing lsp 2016925 - Dashboards with All filter, change to a specific value and change back to All, data will disappear 2016951 - dynamic actions list is not disabling "open console" for stopped vms 2016955 - m5.large instance type for bootstrap node is hardcoded causing deployments to fail if instance type is not available 2016988 - NTO does not set io_timeout and max_retries for AWS Nitro instances 2017016 - [REF] Virtualization menu 2017036 - [sig-network-edge][Feature:Idling] Unidling should handle many TCP connections fails in periodic-ci-openshift-release-master-ci-4.9-e2e-openstack-ovn 2017050 - Dynamic Plugins: Shared modules loaded multiple times, breaking use of PatternFly 2017130 - t is not a function error navigating to details page 2017141 - Project dropdown has a dynamic inline width added which can cause min-width issue 2017244 - ovirt csi operator static files creation is in the wrong order 2017276 - [4.10] Volume mounts not created with the correct security context 2017327 - When run opm index prune failed with error removing operator package cic-operator FOREIGN KEY constraint failed. 2022447 - ServiceAccount in manifests conflicts with OLM 2022502 - Patternfly tables with a checkbox column are not displaying correctly because of conflicting css rules. 2025821 - Make "Network Attachment Definitions" available to regular user 2025823 - The console nav bar ignores plugin separator in existing sections 2025830 - CentOS capitalizaion is wrong 2025837 - Warn users that the RHEL URL expire 2025884 - External CCM deploys openstack-cloud-controller-manager from quay.io/openshift/origin-* 2025903 - [UI] RoleBindings tab doesn't show correct rolebindings 2026104 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2026178 - OpenShift Alerting Rules Style-Guide Compliance 2026209 - Updation of task is getting failed (tekton hub integration) 2026223 - Internal error occurred: failed calling webhook "ptpconfigvalidationwebhook.openshift.io" 2026321 - [UPI on Azure] Shall we remove allowedValue about VMSize in ARM templates 2026343 - [upgrade from 4.5 to 4.6] .status.connectionState.address of catsrc community-operators is not correct 2026352 - Kube-Scheduler revision-pruner fail during install of new cluster 2026374 - aws-pod-identity-webhook go.mod version out of sync with build environment 2026383 - Error when rendering custom Grafana dashboard through ConfigMap 2026387 - node tuning operator metrics endpoint serving old certificates after certificate rotation 2026396 - Cachito Issues: sriov-network-operator Image build failure 2026488 - openshift-controller-manager - delete event is repeating pathologically 2026489 - ThanosRuleRuleEvaluationLatencyHigh alerts when a big quantity of alerts defined. 2039359 - `oc adm prune deployments` can't prune the RS where the associated Deployment no longer exists 2039382 - gather_metallb_logs does not have execution permission 2039406 - logout from rest session after vsphere operator sync is finished 2039408 - Add GCP region northamerica-northeast2 to allowed regions 2039414 - Cannot see the weights increased for NodeAffinity, InterPodAffinity, TaintandToleration 2039425 - No need to set KlusterletAddonConfig CR applicationManager->enabled: true in RAN ztp deployment 2039491 - oc - git:// protocol used in unit tests 2039516 - Bump OVN to ovn21.12-21.12.0-25 2039529 - Project Dashboard Resource Quotas Card empty state test flaking at a high rate 2039534 - Diagnose and fix Project Dashboard Resource Quotas Card test that was previously disabled 2039541 - Resolv-prepender script duplicating entries 2039586 - [e2e] update centos8 to centos stream8 2039618 - VM created from SAP HANA template leads to 404 page if leave one network parameter empty 2039619 - [AWS] In tree provisioner storageclass aws disk type should contain 'gp3' and csi provisioner storageclass default aws disk type should be 'gp3' 2039670 - Create PDBs for control plane components 2039678 - Page goes blank when create image pull secret 2039689 - [IPI on Alibabacloud] Pay-by-specification NAT is no longer supported 2039743 - React missing key warning when open operator hub detail page (and maybe others as well) 2039756 - React missing key warning when open KnativeServing details 2039770 - Observe dashboard doesn't react on time-range changes after browser reload when perspective is changed in another tab 2039776 - Observe dashboard shows nothing if the URL links to an non existing dashboard 2039781 - [GSS] OBC is not visible by admin of a Project on Console 2039798 - Contextual binding with Operator backed service creates visual connector instead of Service binding connector 2039868 - Insights Advisor widget is not in the disabled state when the Insights Operator is disabled 2039880 - Log level too low for control plane metrics 2039919 - Add E2E test for router compression feature 2039981 - ZTP for standard clusters installs stalld on master nodes 2040132 - Flag --port has been deprecated, This flag has no effect now and will be removed in v1.24. 2043117 - Recommended operators links are erroneously treated as external 2043130 - Update CSI sidecars to the latest release for 4.10 2043234 - Missing validation when creating several BGPPeers with the same peerAddress 2043240 - Sync openshift/descheduler with sigs.k8s.io/descheduler 2043254 - crio does not bind the security profiles directory 2043296 - Ignition fails when reusing existing statically-keyed LUKS volume 2043297 - [4.10] Bootimage bump tracker 2043316 - RHCOS VM fails to boot on Nutanix AOS 2043446 - Rebase aws-efs-utils to the latest upstream version. 2043556 - Add proper ci-operator configuration to ironic and ironic-agent images 2043577 - DPU network operator 2043651 - Fix bug with exp. backoff working correcly when setting nextCheck in vsphere operator 2043675 - Too many machines deleted by cluster autoscaler when scaling down 2043683 - Revert bug 2039344 Ignoring IPv6 addresses against etcd cert validation 2043709 - Logging flags no longer being bound to command line 2043721 - Installer bootstrap hosts using outdated kubelet containing bugs 2043731 - [IBMCloud] terraform outputs missing for ibmcloud bootstrap and worker ips for must-gather 2043759 - Bump cluster-ingress-operator to k8s.io/api 1.23 2043780 - Bump router to k8s.io/api 1.23 2043787 - Bump cluster-dns-operator to k8s.io/api 1.23 2043801 - Bump CoreDNS to k8s.io/api 1.23 2043802 - EgressIP stopped working after single egressIP for a netnamespace is switched to the other node of HA pair after the first egress node is shutdown 2043961 - [OVN-K] If pod creation fails, retry doesn't work as expected. 2052458 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests 2052598 - kube-scheduler should use configmap lease 2052599 - kube-controller-manger should use configmap lease 2052600 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh 2052609 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid 2052611 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop 2052612 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set. Bugs fixed (https://bugzilla.redhat.com/): 1823765 - nfd-workers crash under an ipv6 environment 1838802 - mysql8 connector from operatorhub does not work with metering operator 1838845 - Metering operator can't connect to postgres DB from Operator Hub 1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1868294 - NFD operator does not allow customisation of nfd-worker.conf 1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 1890672 - NFD is missing a build flag to build correctly 1890741 - path to the CA trust bundle ConfigMap is broken in report operator 1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster 1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel 1900125 - FIPS error while generating RSA private key for CA 1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub 1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub 1913837 - The CI and ART 4.7 metering images are not mirrored 1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le 1916010 - olm skip range is set to the wrong range 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923998 - NFD Operator is failing to update and remains in Replacing state 5. Summary: An update is now available for Service Telemetry Framework 1.4 for RHEL 8. Description: Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally. Bugs fixed (https://bugzilla.redhat.com/): 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 5
var-200711-0560 Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns. Perl-Compatible Regular Expression (PCRE) The library contains UTF-8 When processing regular expression strings in modes other than, important information is leaked or service operation is interrupted because it is read in excess from the beginning. (DoS) There is a vulnerability that becomes a condition.“\X?\d” and “\P{L}?\d” Format regular expression UTF-8 When used in other modes, important information is taken or service operation is interrupted (DoS) There is a possibility of being put into a state. PCRE regular-expression library is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library. PCRE (Perl Compatible Regular Expressions) is an open source regular expression library written in C language developed by software developer Philip Hazel. There is an information leakage vulnerability in pcre's method of processing certain malformed regular expressions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1399-1 security@debian.org http://www.debian.org/security/ Florian Weimer November 5th, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : pcre3 Vulnerability : several Problem type : local (remote) Debian-specific: no CVE Ids : CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768 Tavis Ormandy of the Google Security Team has discovered several security issues in PCRE, the Perl-Compatible Regular Expression library, which potentially allow attackers to execute arbitrary code by compiling specially crafted regular expressions. Version 7.0 of the PCRE library featured a major rewrite of the regular expression compiler, and it was deemed infeasible to backport the security fixes in version 7.3 to the versions in Debian's stable and oldstable distributions (6.7 and 4.5, respectively). Therefore, this update contains version 7.3, with special patches to improve the compatibility with the older versions. As a result, extra care is necessary when applying this update. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1659 Unmatched \Q\E sequences with orphan \E codes can cause the compiled regex to become desynchronized, resulting in corrupt bytecode that may result in multiple exploitable conditions. CVE-2007-1660 Multiple forms of character class had their sizes miscalculated on initial passes, resulting in too little memory being allocated. CVE-2007-1661 Multiple patterns of the form \X?\d or \P{L}?\d in non-UTF-8 mode could backtrack before the start of the string, possibly leaking information from the address space, or causing a crash by reading out of bounds. CVE-2007-1662 A number of routines can be fooled into reading past the end of an string looking for unmatched parentheses or brackets, resulting in a denial of service. CVE-2007-4766 Multiple integer overflows in the processing of escape sequences could result in heap overflows or out of bounds reads/writes. CVE-2007-4767 Multiple infinite loops and heap overflows were disovered in the handling of \P and \P{x} sequences, where the length of these non-standard operations was mishandled. CVE-2007-4768 Character classes containing a lone unicode sequence were incorrectly optimised, resulting in a heap overflow. For the stable distribution (etch), these problems have been fixed in version 6.7+7.4-2. For the old stable distribution (sarge), these problems have been fixed in version 4.5+7.4-1. For the unstable distribution (sid), these problems have been fixed in version 7.3-1. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4-1.dsc Size/MD5 checksum: 883 c0a3ccb50369530f99e2316800fc8235 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4-1.diff.gz Size/MD5 checksum: 95042 afc6a74beeef8cf5d176f67c69d24134 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_4.5+7.4.orig.tar.gz Size/MD5 checksum: 1106897 de886b22cddc8eaf620a421d3041ee0b Architecture independent packages: http://security.debian.org/pool/updates/main/p/pcre3/pgrep_4.5+7.4-1_all.deb Size/MD5 checksum: 762 6eaceaa90e829e7cdfa06fb998bb8233 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_alpha.deb Size/MD5 checksum: 218176 350cc1e53f59d700e499d1a748f8cbd8 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_alpha.deb Size/MD5 checksum: 191076 fb92cd7ca9ef7716e60160acea9d8074 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_alpha.deb Size/MD5 checksum: 21342 27b99f0f6f80046b565fb2ee4521bc9f arm architecture (ARM) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_arm.deb Size/MD5 checksum: 209516 854273bab63857eaf33161db3c51fafb http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_arm.deb Size/MD5 checksum: 19404 dceedf5791eb956b0c17d981fde97d60 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_arm.deb Size/MD5 checksum: 183560 a2571d9ddd20dea2b8c02c6f82aa2e04 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_hppa.deb Size/MD5 checksum: 208360 30d77147bb19d09c3022892f3c56799b http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_hppa.deb Size/MD5 checksum: 21022 c7a12598a8d72e3a1920ddf59d41c05b http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_hppa.deb Size/MD5 checksum: 190744 14a88e3a22a4513b33fd190fa985c459 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_i386.deb Size/MD5 checksum: 206134 433a36e096973d372994b3652504707f http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_i386.deb Size/MD5 checksum: 183984 aa21622f099330f60614304832e4c7f5 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_i386.deb Size/MD5 checksum: 19034 d9af02efce9d0a499a0ab175a66a22ee ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_ia64.deb Size/MD5 checksum: 228448 8185ea0adb742d386eafbedb1a6150fa http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_ia64.deb Size/MD5 checksum: 24758 78fe5bff205289853471e48df1c9313f http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_ia64.deb Size/MD5 checksum: 211152 cea2a6ce5b965832743c0934147b9dc6 m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_m68k.deb Size/MD5 checksum: 172344 e36b664fd639e7da09087e48e3015e1c http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_m68k.deb Size/MD5 checksum: 17974 e4cf7a1f5c4e877e6303de0f1713bf37 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_m68k.deb Size/MD5 checksum: 194320 ec7a340511218566fbf8fd24107c8db4 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_mips.deb Size/MD5 checksum: 181276 c6d1b927b0c1d76ef0f8c9aab01cc46d http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_mips.deb Size/MD5 checksum: 208676 0cac847f1c0aac143dc4221e94591fa8 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_mips.deb Size/MD5 checksum: 20088 746734d3c58c1182f6e789e90421edab mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_mipsel.deb Size/MD5 checksum: 20236 cd7c9b57558c3f02336ef1a9336defd1 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_mipsel.deb Size/MD5 checksum: 207652 676e7376ae34519aeffca833fe148920 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_mipsel.deb Size/MD5 checksum: 181050 dfc9c14755d8cd1f6eda5869fc0cb7aa powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_powerpc.deb Size/MD5 checksum: 185100 9f43e18ab5ca3fb66955c6e6c2ea8a66 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_powerpc.deb Size/MD5 checksum: 21244 d38c9a2953a360fee4985b16faf90356 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_powerpc.deb Size/MD5 checksum: 213414 d951d611b6db1843939c258b9ae75b4d s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_s390.deb Size/MD5 checksum: 207600 67a6569168be876d2b277ab39741c8a8 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_s390.deb Size/MD5 checksum: 20146 9d444e72c0d2c5801dd73fc615fdf21b http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_s390.deb Size/MD5 checksum: 186128 fcf344c6fe92b16fac749d20c31e27b2 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_4.5+7.4-1_sparc.deb Size/MD5 checksum: 182522 056c33ca98c1af1872554f11890a8aad http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_4.5+7.4-1_sparc.deb Size/MD5 checksum: 206190 f03644175e2850034f6808f0d1474128 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_4.5+7.4-1_sparc.deb Size/MD5 checksum: 19582 6ff7847326eb7d43bd47e889b4a41b19 Debian GNU/Linux 4.0 alias etch - ------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-2.diff.gz Size/MD5 checksum: 79078 1894a9a0dbab52b63d7e1a28f37ab6c6 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-2.dsc Size/MD5 checksum: 888 4db4d7a4b61dada63242d7a95eaec294 http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4.orig.tar.gz Size/MD5 checksum: 1106897 de886b22cddc8eaf620a421d3041ee0b alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_alpha.deb Size/MD5 checksum: 90652 e33f31b71bfc1786479d5de48b920276 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_alpha.deb Size/MD5 checksum: 265062 0b62fa0afb187330894b04961325471f http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_alpha.deb Size/MD5 checksum: 21038 a7c378c89d6f69a5f04902b6a45a2a6d http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_alpha.deb Size/MD5 checksum: 209104 52e7e3c9a756535f6f02dd07df1d276e amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_amd64.deb Size/MD5 checksum: 89822 b617645e94ca5269c1c757c7eb0a03bb http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_amd64.deb Size/MD5 checksum: 20156 cf3f0d1a30d10a64c3f8067d5c8b98ad http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_amd64.deb Size/MD5 checksum: 198372 f0b2e646431302b576e0de6f4e4cbd0c http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_amd64.deb Size/MD5 checksum: 249792 cfcc6c71907b4aafd1f050569f413d2c arm architecture (ARM) http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_arm.deb Size/MD5 checksum: 88786 70d5ed4db2b37df871483e236430bfd9 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_arm.deb Size/MD5 checksum: 198022 c10252b7cc4cb6f603efc21e20f6172f http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_arm.deb Size/MD5 checksum: 243784 3a34b552827049e989be0361faf88078 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_arm.deb Size/MD5 checksum: 19920 9bd0dafb9121bb40fa2e556b8cc27c11 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_hppa.deb Size/MD5 checksum: 256874 aad214ff1157b3354c20348eb00e08ea http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_hppa.deb Size/MD5 checksum: 92136 7f4b7cbfd19c837fa2e412d289ab662c http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_hppa.deb Size/MD5 checksum: 20726 c759b1d33dd8ea8811c96ac9664c6242 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_hppa.deb Size/MD5 checksum: 201700 c307db03fcc9d8e2cc1becd15e6458f6 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_i386.deb Size/MD5 checksum: 246578 6fc5148f6848d4b90041a9d3d738779a http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_i386.deb Size/MD5 checksum: 89706 d59cc3cc167b6d81c18bd13ded830fa6 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_i386.deb Size/MD5 checksum: 197590 6f37a0e51e7fa6dc315f70a8f4347074 http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_i386.deb Size/MD5 checksum: 19348 2cb19f81e576321be69962a29ffdfa60 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_ia64.deb Size/MD5 checksum: 25654 5d93dd5f45f5ba92e97d7ce1891b7800 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_ia64.deb Size/MD5 checksum: 230480 5853d6946a21a1404402371ba000e010 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_ia64.deb Size/MD5 checksum: 93672 51714934316405999636b65a65a06bbe http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_ia64.deb Size/MD5 checksum: 280418 fb98335f69702d3fed96449fbee41eee mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_mips.deb Size/MD5 checksum: 20416 01c7d89a278c432b86ab97f9b1ac96a8 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_mips.deb Size/MD5 checksum: 253406 7ad6c3ca69bcf480ae9d1b9199d88699 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_mips.deb Size/MD5 checksum: 197750 17619a85539b72c20884a68e6c4c313f http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_mips.deb Size/MD5 checksum: 90378 288ca9b0d5b3a599cdbe7703fc4880c1 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_mipsel.deb Size/MD5 checksum: 252222 12c6750dcd7ed0bcfd947083981367a2 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_mipsel.deb Size/MD5 checksum: 90350 aee7bd92b0cffd904cd4773b38396859 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_mipsel.deb Size/MD5 checksum: 197412 d80633436080fed5611bb7403e9ba06f http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_mipsel.deb Size/MD5 checksum: 20454 d5bfe0b06780f9286eea54d184652ab4 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_powerpc.deb Size/MD5 checksum: 21268 27714c1940a36759ce00479802eb1e79 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_powerpc.deb Size/MD5 checksum: 197508 0eb430eb3d93bd269e1bd039553fe2f1 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_powerpc.deb Size/MD5 checksum: 252890 ef3bd238d7bc96f98a6e2b7e1b4fd4c3 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_powerpc.deb Size/MD5 checksum: 91972 1631a4484913482d0095921279ecbb02 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_s390.deb Size/MD5 checksum: 20096 2470ee4920d007e89006c29f6657995d http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_s390.deb Size/MD5 checksum: 248408 12cc9fed15c7df3927cf2b1a67e7d932 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_s390.deb Size/MD5 checksum: 90404 393b5a20b3ff3994fa67b54d655a1580 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_s390.deb Size/MD5 checksum: 199852 41c608c3b77965984baf8369fc195e1a sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-2_sparc.deb Size/MD5 checksum: 19410 7fbb3350f740710b851a0559b0dd037b http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-2_sparc.deb Size/MD5 checksum: 197518 d0665f02b329c6d61715e2a35205d014 http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-2_sparc.deb Size/MD5 checksum: 247038 10cace98a25999d4a8cf15536a7e95f6 http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-2_sparc.deb Size/MD5 checksum: 88598 09bb6fa7dd8ebf1d3a18b46be0e398d4 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHL1oIXm3vHE4uyloRAst9AJ9IYwptSQJseS8EhIFA0AlapSqwhACgwkTF ts06dbP/9f/Sc2fR26Y2NMc= =iaWe -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-547-1 November 27, 2007 pcre3 vulnerabilities CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libpcre3 7.4-0ubuntu0.6.06.1 libpcrecpp0 7.4-0ubuntu0.6.06.1 Ubuntu 6.10: libpcre3 7.4-0ubuntu0.6.10.1 libpcrecpp0 7.4-0ubuntu0.6.10.1 Ubuntu 7.04: libpcre3 7.4-0ubuntu0.7.04.1 libpcrecpp0 7.4-0ubuntu0.7.04.1 Ubuntu 7.10: libpcre3 7.4-0ubuntu0.7.10.1 libpcrecpp0 7.4-0ubuntu0.7.10.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Due to the large internal code changes needed to solve outstanding flaws, it was not possible to backport all the upstream security fixes to the earlier released versions. Details follow: Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. He reported an error when processing "\Q\E" sequences with unmatched "\E" codes that can lead to the compiled bytecode being corrupted (CVE-2007-1659). Further improper calculations of memory boundaries were reported when matching certain input bytes against regex patterns in non UTF-8 mode (CVE-2007-1661) and when searching for unmatched brackets or parentheses (CVE-2007-1662). PCRE does not properly handle "\P" and "\P{x}" sequences which can lead to heap-based buffer overflows or trigger the execution of infinite loops (CVE-2007-4767), PCRE is also prone to an error when optimizing character classes containing a singleton UTF-8 sequence which might lead to a heap-based buffer overflow (CVE-2007-4768). Chris Evans also reported multiple integer overflow vulnerabilities in PCRE when processing a large number of named subpatterns ("name_count") or long subpattern names ("max_name_size") (CVE-2006-7227), and via large "min", "max", or "duplength" values (CVE-2006-7228) both possibly leading to buffer overflows. Another vulnerability was reported when compiling patterns where the "-x" or "-i" UTF-8 options change within the pattern, which might lead to improper memory calculations (CVE-2006-7230). Workaround ========== There is no known workaround at this time. Resolution ========== All PCRE users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libpcre-7.3-r1" References ========== [ 1 ] CVE-2006-7227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7227 [ 2 ] CVE-2006-7228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7228 [ 3 ] CVE-2006-7230 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7230 [ 4 ] CVE-2007-1659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1659 [ 5 ] CVE-2007-1660 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1660 [ 6 ] CVE-2007-1661 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1661 [ 7 ] CVE-2007-1662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1662 [ 8 ] CVE-2007-4766 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4766 [ 9 ] CVE-2007-4767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4767 [ 10 ] CVE-2007-4768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200711-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. This update ensures that kazehakase uses that supported library, and not its own embedded and insecure version. We recommend that you upgrade your kazehakase package. Updated packages have been patched to prevent this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1660 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1661 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4766 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: e3eadb5dc3ae91ffc735a0021bb4c3b8 2007.1/i586/libpcre-devel-7.3-0.1mdv2007.1.i586.rpm 8eee92b33ed6f6be95cae33249242dfa 2007.1/i586/libpcre0-7.3-0.1mdv2007.1.i586.rpm 42e1ac0e8188b5f142e645c1ff6bb44d 2007.1/i586/pcre-7.3-0.1mdv2007.1.i586.rpm a03dca7708aa437655a393b0fe66f3c0 2007.1/SRPMS/pcre-7.3-0.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 370f8de2c9166883cbbcb2968b0575ec 2007.1/x86_64/lib64pcre-devel-7.3-0.1mdv2007.1.x86_64.rpm 306b2a144a25e1025d4ed02f3878b9dc 2007.1/x86_64/lib64pcre0-7.3-0.1mdv2007.1.x86_64.rpm 29b00561151987446eaaa3f0aaac5684 2007.1/x86_64/pcre-7.3-0.1mdv2007.1.x86_64.rpm a03dca7708aa437655a393b0fe66f3c0 2007.1/SRPMS/pcre-7.3-0.1mdv2007.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFHM08lmqjQ0CJFipgRAvYTAKC+/5/D4RgCUnWInSK3iWw02iIZhACgliaH go5yp5LfVMY1jIk+EpEQgy0= =vGOF -----END PGP SIGNATURE-----
var-201109-0209 Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node.". Used in multiple products Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, perform spoofing attacks, and bypass the same-origin policy; other attacks may also be possible. Versions prior to Chrome 14.0.835.163 are vulnerable. Google Chrome is a web browser developed by Google (Google). These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed through an improved domain name validity check. This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies" preference in Safari was set to the default setting of "From third parties and advertisers". CVE-ID CVE-2012-0640 : nshah WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later Impact: HTTP authentication credentials may be inadvertently disclosed to another site Description: If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-03-07-2 iOS 5.1 Software Update iOS 5.1 Software Update is now available and addresses the following: CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. CVE-ID CVE-2012-0641 : Erling Ellingsen of Facebook HFS Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution Description: An integer underflow existed with the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g Kernel Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. CVE-ID CVE-2012-0643 : 2012 iOS Jailbreak Dream Team libresolv Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive Passcode Lock Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen. CVE-ID CVE-2012-0644 : Roland Kohler of the German Federal Ministry of Economics and Technology Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Web page visits may be recorded in browser history even when Private Browsing is active Description: Safari's Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active. CVE-ID CVE-2012-0585 : Eric Melville of American Express Siri Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: An attacker with physical access to a locked phone could get access to frontmost email message Description: A design issue existed in Siri's lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen. CVE-ID CVE-2012-0645 VPN Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges Description: A format string vulnerability existed in the handling of racoon configuration files. CVE-ID CVE-2012-0646 : pod2g WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of cookies Description: A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. CVE-ID CVE-2011-3887 : Sergey Glazunov WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack Description: A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins. CVE-ID CVE-2012-0590 : Adam Barth of Google Chrome Security Team WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-origin issues existed in WebKit. CVE-ID CVE-2011-3881 : Sergey Glazunov CVE-2012-0586 : Sergey Glazunov CVE-2012-0587 : Sergey Glazunov CVE-2012-0588 : Jochen Eisinger of Google Chrome Team CVE-2012-0589 : Alan Austin of polyvore.com WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-2833 : Apple CVE-2011-2846 : Arthur Gerkis, miaubiz CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense VCP CVE-2011-2857 : miaubiz CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2867 : Dirk Schulze CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2877 : miaubiz CVE-2011-3885 : miaubiz CVE-2011-3888 : miaubiz CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative CVE-2011-3908 : Aki Helin of OUSPG CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2012-0591 : miaubiz, and Martin Barbella CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day Initiative CVE-2012-0593 : Lei Zhang of the Chromium development community CVE-2012-0594 : Adam Klein of the Chromium development community CVE-2012-0595 : Apple CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0597 : miaubiz CVE-2012-0598 : Sergey Glazunov CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG, Apple CVE-2012-0601 : Apple CVE-2012-0602 : Apple CVE-2012-0603 : Apple CVE-2012-0604 : Apple CVE-2012-0605 : Apple CVE-2012-0606 : Apple CVE-2012-0607 : Apple CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0611 : Martin Barbella using AddressSanitizer CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0615 : Martin Barbella using AddressSanitizer CVE-2012-0616 : miaubiz CVE-2012-0617 : Martin Barbella using AddressSanitizer CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0621 : Martin Barbella using AddressSanitizer CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome Security Team CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0624 : Martin Barbella using AddressSanitizer CVE-2012-0625 : Martin Barbella CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0627 : Apple CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0630 : Sergio Villar Senin of Igalia CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using AddressSanitizer CVE-2012-0633 : Apple CVE-2012-0635 : Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer Installation note: This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad. The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "5.1". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq 4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90 HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6 7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY= =qPeE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Chromium, V8: Multiple vulnerabilities Date: November 01, 2011 Bugs: #351525, #353626, #354121, #356933, #357963, #358581, #360399, #363629, #365125, #366335, #367013, #368649, #370481, #373451, #373469, #377475, #377629, #380311, #380897, #381713, #383251, #385649, #388461 ID: 201111-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation. Background ========== Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 15.0.874.102 >= 15.0.874.102 2 dev-lang/v8 < 3.5.10.22 >= 3.5.10.22 ------------------------------------------------------------------- 2 affected packages ------------------------------------------------------------------- Description =========== Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A local attacker could gain root privileges (CVE-2011-1444, fixed in chromium-11.0.696.57). A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102" All V8 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22" References ========== [ 1 ] CVE-2011-2345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345 [ 2 ] CVE-2011-2346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346 [ 3 ] CVE-2011-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347 [ 4 ] CVE-2011-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348 [ 5 ] CVE-2011-2349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349 [ 6 ] CVE-2011-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350 [ 7 ] CVE-2011-2351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351 [ 8 ] CVE-2011-2834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834 [ 9 ] CVE-2011-2835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835 [ 10 ] CVE-2011-2837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837 [ 11 ] CVE-2011-2838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838 [ 12 ] CVE-2011-2839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839 [ 13 ] CVE-2011-2840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840 [ 14 ] CVE-2011-2841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841 [ 15 ] CVE-2011-2843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843 [ 16 ] CVE-2011-2844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844 [ 17 ] CVE-2011-2845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845 [ 18 ] CVE-2011-2846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846 [ 19 ] CVE-2011-2847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847 [ 20 ] CVE-2011-2848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848 [ 21 ] CVE-2011-2849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849 [ 22 ] CVE-2011-2850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850 [ 23 ] CVE-2011-2851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851 [ 24 ] CVE-2011-2852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852 [ 25 ] CVE-2011-2853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853 [ 26 ] CVE-2011-2854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854 [ 27 ] CVE-2011-2855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855 [ 28 ] CVE-2011-2856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856 [ 29 ] CVE-2011-2857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857 [ 30 ] CVE-2011-2858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858 [ 31 ] CVE-2011-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859 [ 32 ] CVE-2011-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860 [ 33 ] CVE-2011-2861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861 [ 34 ] CVE-2011-2862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862 [ 35 ] CVE-2011-2864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864 [ 36 ] CVE-2011-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874 [ 37 ] CVE-2011-3234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234 [ 38 ] CVE-2011-3873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873 [ 39 ] CVE-2011-3875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875 [ 40 ] CVE-2011-3876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876 [ 41 ] CVE-2011-3877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877 [ 42 ] CVE-2011-3878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878 [ 43 ] CVE-2011-3879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879 [ 44 ] CVE-2011-3880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880 [ 45 ] CVE-2011-3881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881 [ 46 ] CVE-2011-3882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882 [ 47 ] CVE-2011-3883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883 [ 48 ] CVE-2011-3884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884 [ 49 ] CVE-2011-3885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885 [ 50 ] CVE-2011-3886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886 [ 51 ] CVE-2011-3887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887 [ 52 ] CVE-2011-3888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888 [ 53 ] CVE-2011-3889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889 [ 54 ] CVE-2011-3890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890 [ 55 ] CVE-2011-3891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891 [ 56 ] Release Notes 10.0.648.127 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html [ 57 ] Release Notes 10.0.648.133 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html [ 58 ] Release Notes 10.0.648.205 http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html [ 59 ] Release Notes 11.0.696.57 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html [ 60 ] Release Notes 11.0.696.65 http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html [ 61 ] Release Notes 11.0.696.68 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html [ 62 ] Release Notes 11.0.696.71 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html [ 63 ] Release Notes 12.0.742.112 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html [ 64 ] Release Notes 12.0.742.91 http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html [ 65 ] Release Notes 13.0.782.107 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html [ 66 ] Release Notes 13.0.782.215 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html [ 67 ] Release Notes 13.0.782.220 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html [ 68 ] Release Notes 14.0.835.163 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html [ 69 ] Release Notes 14.0.835.202 http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html [ 70 ] Release Notes 15.0.874.102 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html [ 71 ] Release Notes 8.0.552.237 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html [ 72 ] Release Notes 9.0.597.107 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html [ 73 ] Release Notes 9.0.597.84 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html [ 74 ] Release Notes 9.0.597.94 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201111-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5
var-201007-0319 The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Webkit's support for generated content. When utilizing generated content on a particular element, the library will insert more than one reference of the generated element element. During page destruction the application will navigate through the reference to discover more elements to destroy. This can lead to code execution under the context of the application. WebKit is prone to a remote memory-corruption vulnerability. This issue has been addressed in Apple Safari 5.0.1 and 4.1.1. NOTE: This issue was previously covered in BID 42020 (Apple Safari Prior to 5.0.1 and 4.1.1 Multiple Security Vulnerabilities) but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT4276 -- Disclosure Timeline: 2010-06-01 - Vulnerability reported to vendor 2010-08-09 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * wushi of team509 -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:039 http://www.mandriva.com/security/ _______________________________________________________________________ Package : webkit Date : March 2, 2011 Affected: 2010.1 _______________________________________________________________________ Problem Description: Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. Please consult the CVE web links for further information. The updated packages have been upgraded to the latest version (1.2.7) to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2797 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0314 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0647 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0650 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0651 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1391 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1394 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1406 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1407 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1501 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1762 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1766 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2264 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2647 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2648 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3119 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3255 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3257 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3259 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4206 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.1: 141f3cd181b875d1bb40b67a507b6db1 2010.1/i586/libwebkitgtk1.0_2-1.2.7-0.1mdv2010.2.i586.rpm 054886a3c645b3ce710b9b9daec1d5f9 2010.1/i586/libwebkitgtk1.0-devel-1.2.7-0.1mdv2010.2.i586.rpm bef556ca3f281f6ef4086292c3b658d2 2010.1/i586/webkit1.0-1.2.7-0.1mdv2010.2.i586.rpm a1ff7ac638646aeb64e3bbdca9bc945d 2010.1/i586/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.i586.rpm 3f40e3ebc62bad67097a9e102e0e79c2 2010.1/i586/webkit-1.2.7-0.1mdv2010.2.i586.rpm 50875cf1bc8718cedce1a45dc509b44b 2010.1/i586/webkit-gtklauncher-1.2.7-0.1mdv2010.2.i586.rpm 625d27780d1cc9edb935d4ac3521ae16 2010.1/i586/webkit-jsc-1.2.7-0.1mdv2010.2.i586.rpm 8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 5ce57cd6ab823f8084030033c7c230d7 2010.1/x86_64/lib64webkitgtk1.0_2-1.2.7-0.1mdv2010.2.x86_64.rpm 690d8718a97af93f58de3bb2357fbe9b 2010.1/x86_64/lib64webkitgtk1.0-devel-1.2.7-0.1mdv2010.2.x86_64.rpm 7cc1d4aa77e1901ccc92f27faf85c9ea 2010.1/x86_64/webkit1.0-1.2.7-0.1mdv2010.2.x86_64.rpm 2b77a77159529c55f64343aba98c15d9 2010.1/x86_64/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.x86_64.rpm 475cf83c5ddd8f6809c2c73a1f5a71d1 2010.1/x86_64/webkit-1.2.7-0.1mdv2010.2.x86_64.rpm b0f1c76107c3d54241daa7e61bfb29a9 2010.1/x86_64/webkit-gtklauncher-1.2.7-0.1mdv2010.2.x86_64.rpm 97deff5e94a625a79842b4c240b0b00d 2010.1/x86_64/webkit-jsc-1.2.7-0.1mdv2010.2.x86_64.rpm 8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNbgbemqjQ0CJFipgRAs9YAJ92z2WSC2ijj34b/wr42OIYLtv65gCg7XgL Yv/ButpYAcXsmnJWUG4ayxQ= =GRM6 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Multiple packages, Multiple vulnerabilities fixed in 2011 Date: December 11, 2014 Bugs: #194151, #294253, #294256, #334087, #344059, #346897, #350598, #352608, #354209, #355207, #356893, #358611, #358785, #358789, #360891, #361397, #362185, #366697, #366699, #369069, #370839, #372971, #376793, #381169, #386321, #386361 ID: 201412-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. Please see the package list and CVE identifiers below for more information. Background ========== For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 games-sports/racer-bin >= 0.5.0-r1 Vulnerable! 2 media-libs/fmod < 4.38.00 >= 4.38.00 3 dev-php/PEAR-Mail < 1.2.0 >= 1.2.0 4 sys-fs/lvm2 < 2.02.72 >= 2.02.72 5 app-office/gnucash < 2.4.4 >= 2.4.4 6 media-libs/xine-lib < 1.1.19 >= 1.1.19 7 media-sound/lastfmplayer < 1.5.4.26862-r3 >= 1.5.4.26862-r3 8 net-libs/webkit-gtk < 1.2.7 >= 1.2.7 9 sys-apps/shadow < 4.1.4.3 >= 4.1.4.3 10 dev-php/PEAR-PEAR < 1.9.2-r1 >= 1.9.2-r1 11 dev-db/unixODBC < 2.3.0-r1 >= 2.3.0-r1 12 sys-cluster/resource-agents < 1.0.4-r1 >= 1.0.4-r1 13 net-misc/mrouted < 3.9.5 >= 3.9.5 14 net-misc/rsync < 3.0.8 >= 3.0.8 15 dev-libs/xmlsec < 1.2.17 >= 1.2.17 16 x11-apps/xrdb < 1.0.9 >= 1.0.9 17 net-misc/vino < 2.32.2 >= 2.32.2 18 dev-util/oprofile < 0.9.6-r1 >= 0.9.6-r1 19 app-admin/syslog-ng < 3.2.4 >= 3.2.4 20 net-analyzer/sflowtool < 3.20 >= 3.20 21 gnome-base/gdm < 3.8.4-r3 >= 3.8.4-r3 22 net-libs/libsoup < 2.34.3 >= 2.34.3 23 app-misc/ca-certificates < 20110502-r1 >= 20110502-r1 24 dev-vcs/gitolite < 1.5.9.1 >= 1.5.9.1 25 dev-util/qt-creator < 2.1.0 >= 2.1.0 ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 25 affected packages Description =========== Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. * FMOD Studio * PEAR Mail * LVM2 * GnuCash * xine-lib * Last.fm Scrobbler * WebKitGTK+ * shadow tool suite * PEAR * unixODBC * Resource Agents * mrouted * rsync * XML Security Library * xrdb * Vino * OProfile * syslog-ng * sFlow Toolkit * GNOME Display Manager * libsoup * CA Certificates * Gitolite * QtCreator * Racer Impact ====== A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround ========== There are no known workarounds at this time. Resolution ========== All FMOD Studio users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/fmod-4.38.00" All PEAR Mail users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-php/PEAR-Mail-1.2.0" All LVM2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=sys-fs/lvm2-2.02.72" All GnuCash users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-office/gnucash-2.4.4" All xine-lib users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/xine-lib-1.1.19" All Last.fm Scrobbler users should upgrade to the latest version: # emerge --sync # emerge -a --oneshot -v ">=media-sound/lastfmplayer-1.5.4.26862-r3" All WebKitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-1.2.7" All shadow tool suite users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=sys-apps/shadow-4.1.4.3" All PEAR users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-php/PEAR-PEAR-1.9.2-r1" All unixODBC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/unixODBC-2.3.0-r1" All Resource Agents users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=sys-cluster/resource-agents-1.0.4-r1" All mrouted users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/mrouted-3.9.5" All rsync users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/rsync-3.0.8" All XML Security Library users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/xmlsec-1.2.17" All xrdb users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=x11-apps/xrdb-1.0.9" All Vino users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/vino-2.32.2" All OProfile users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-util/oprofile-0.9.6-r1" All syslog-ng users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-admin/syslog-ng-3.2.4" All sFlow Toolkit users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/sflowtool-3.20" All GNOME Display Manager users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=gnome-base/gdm-3.8.4-r3" All libsoup users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/libsoup-2.34.3" All CA Certificates users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-misc/ca-certificates-20110502-r1" All Gitolite users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-vcs/gitolite-1.5.9.1" All QtCreator users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-util/qt-creator-2.1.0" Gentoo has discontinued support for Racer. We recommend that users unmerge Racer: # emerge --unmerge "games-sports/racer-bin" NOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2012. It is likely that your system is already no longer affected by these issues. References ========== [ 1 ] CVE-2007-4370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4370 [ 2 ] CVE-2009-4023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4023 [ 3 ] CVE-2009-4111 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4111 [ 4 ] CVE-2010-0778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0778 [ 5 ] CVE-2010-1780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1780 [ 6 ] CVE-2010-1782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1782 [ 7 ] CVE-2010-1783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1783 [ 8 ] CVE-2010-1784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1784 [ 9 ] CVE-2010-1785 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1785 [ 10 ] CVE-2010-1786 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1786 [ 11 ] CVE-2010-1787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1787 [ 12 ] CVE-2010-1788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1788 [ 13 ] CVE-2010-1790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1790 [ 14 ] CVE-2010-1791 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1791 [ 15 ] CVE-2010-1792 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1792 [ 16 ] CVE-2010-1793 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1793 [ 17 ] CVE-2010-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1807 [ 18 ] CVE-2010-1812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1812 [ 19 ] CVE-2010-1814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1814 [ 20 ] CVE-2010-1815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1815 [ 21 ] CVE-2010-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2526 [ 22 ] CVE-2010-2901 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2901 [ 23 ] CVE-2010-3255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3255 [ 24 ] CVE-2010-3257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3257 [ 25 ] CVE-2010-3259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3259 [ 26 ] CVE-2010-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3362 [ 27 ] CVE-2010-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3374 [ 28 ] CVE-2010-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3389 [ 29 ] CVE-2010-3812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3812 [ 30 ] CVE-2010-3813 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3813 [ 31 ] CVE-2010-3999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3999 [ 32 ] CVE-2010-4042 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4042 [ 33 ] CVE-2010-4197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4197 [ 34 ] CVE-2010-4198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4198 [ 35 ] CVE-2010-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4204 [ 36 ] CVE-2010-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4206 [ 37 ] CVE-2010-4492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4492 [ 38 ] CVE-2010-4493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4493 [ 39 ] CVE-2010-4577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4577 [ 40 ] CVE-2010-4578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4578 [ 41 ] CVE-2011-0007 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0007 [ 42 ] CVE-2011-0465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0465 [ 43 ] CVE-2011-0482 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0482 [ 44 ] CVE-2011-0721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0721 [ 45 ] CVE-2011-0727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0727 [ 46 ] CVE-2011-0904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0904 [ 47 ] CVE-2011-0905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0905 [ 48 ] CVE-2011-1072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1072 [ 49 ] CVE-2011-1097 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1097 [ 50 ] CVE-2011-1144 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1144 [ 51 ] CVE-2011-1425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1425 [ 52 ] CVE-2011-1572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1572 [ 53 ] CVE-2011-1760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1760 [ 54 ] CVE-2011-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1951 [ 55 ] CVE-2011-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2471 [ 56 ] CVE-2011-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2472 [ 57 ] CVE-2011-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2473 [ 58 ] CVE-2011-2524 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2524 [ 59 ] CVE-2011-3365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3365 [ 60 ] CVE-2011-3366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3366 [ 61 ] CVE-2011-3367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3367 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-09.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5
var-201302-0136 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. This vulnerability February 2013 CPU This is a different vulnerability than the other vulnerabilities listed on the list.Information is obtained by a third party, information is altered, or service operation is interrupted. (DoS) An attack may be carried out. The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component. This vulnerability affects the following supported versions: 7 Update 11 and prior, 6 Update 38 and prior, 5.0 Update 38 and prior Note: This issue was previously discussed in BID 57670 (Oracle Java Runtime Environment Multiple Security Vulnerabilities) but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12 Java for Mac OS X v10.6 Update 12 is now available and addresses the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Java 1.6.0_37 Description: Multiple vulnerabilities exist in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Release Date: 2013-04-29 Last Updated: 2013-04-29 Potential Security Impact: Java Runtime Environment (JRE) security update Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX. References: CVE-2013-1487, CVE-2013-1486, CVE-2013-1484,CVE-2013-1485,CVE-2013-0169, CVE-2013-0437, CVE-2013-1478, CVE-2013-0442, CVE-2013-0445, CVE-2013-1480, CVE-2013-0441, CVE-2013-1475, CVE-2013-1476, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0450, CVE-2013-1479, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2012-3213, CVE-2013-1481, CVE-2013-0436, CVE-2013-0439, CVE-2013-0447, CVE-2013-1472, CVE-2012-4301, CVE-2013-1477, CVE-2013-1482, CVE-2013-1483, CVE-2013-1474, CVE-2012-4305, CVE-2013-0444, CVE-2013-0429, CVE-2013-0419, CVE-2013-0423, CVE-2012-1543, CVE-2013-0351, CVE-2013-0430, CVE-2013-0432, CVE-2013-0449, CVE-2013-1473, CVE-2013-0435, CVE-2013-0434, CVE-2013-0409, CVE-2013-0431, CVE-2013-0427, CVE-2013-0448, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0438, CVE-2013-0443, CVE-2013-1489 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX v 9.30, v9.31 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-1541 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1543 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2012-3213 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3342 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-4301 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-4305 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-0169 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2013-0351 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-0409 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0419 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0423 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0424 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0425 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0426 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0427 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0428 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0430 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2013-0431 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-0433 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0434 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0435 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0436 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0437 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0438 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-0439 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0440 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0441 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0442 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0443 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0 CVE-2013-0444 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0445 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0446 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0447 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0448 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0449 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0450 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1472 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1473 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-1474 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-1475 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1476 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1477 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1478 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1479 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1480 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1481 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1482 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1483 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1484 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1485 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-1486 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1487 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1489 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided an update for Service Manager that updates the JRE to the latest version, thus eliminating known JRE7-related security vulnerabilities. Download and install the updates from The HP Software Support Online (SSO). SM 9.31P2 Server Windows Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00423 HP Itanium Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00420 Linux Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00421 Solaris Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00422 AIX Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00419 SM 9.31P2 Web Tier Web Tier 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00424 SM 9.31P2 Windows Client Windows Client 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00425 SM 9.31P2 Knowledge Management SM 9.31P2 Knowledge Management http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00426 HISTORY Version:1 (rev.1) - 29 April 2013 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2013:0236-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0236.html Issue date: 2013-02-04 CVE Names: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 ===================================================================== 1. Summary: Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 39. All running instances of Oracle Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 860652 - CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50) 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068) 906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906930 - CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install) 906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting) 907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066) 907460 - CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm x86_64: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm x86_64: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-1541.html https://www.redhat.com/security/data/cve/CVE-2012-3213.html https://www.redhat.com/security/data/cve/CVE-2012-3342.html https://www.redhat.com/security/data/cve/CVE-2013-0351.html https://www.redhat.com/security/data/cve/CVE-2013-0409.html https://www.redhat.com/security/data/cve/CVE-2013-0419.html https://www.redhat.com/security/data/cve/CVE-2013-0423.html https://www.redhat.com/security/data/cve/CVE-2013-0424.html https://www.redhat.com/security/data/cve/CVE-2013-0425.html https://www.redhat.com/security/data/cve/CVE-2013-0426.html https://www.redhat.com/security/data/cve/CVE-2013-0427.html https://www.redhat.com/security/data/cve/CVE-2013-0428.html https://www.redhat.com/security/data/cve/CVE-2013-0429.html https://www.redhat.com/security/data/cve/CVE-2013-0430.html https://www.redhat.com/security/data/cve/CVE-2013-0432.html https://www.redhat.com/security/data/cve/CVE-2013-0433.html https://www.redhat.com/security/data/cve/CVE-2013-0434.html https://www.redhat.com/security/data/cve/CVE-2013-0435.html https://www.redhat.com/security/data/cve/CVE-2013-0438.html https://www.redhat.com/security/data/cve/CVE-2013-0440.html https://www.redhat.com/security/data/cve/CVE-2013-0441.html https://www.redhat.com/security/data/cve/CVE-2013-0442.html https://www.redhat.com/security/data/cve/CVE-2013-0443.html https://www.redhat.com/security/data/cve/CVE-2013-0445.html https://www.redhat.com/security/data/cve/CVE-2013-0446.html https://www.redhat.com/security/data/cve/CVE-2013-0450.html https://www.redhat.com/security/data/cve/CVE-2013-1473.html https://www.redhat.com/security/data/cve/CVE-2013-1475.html https://www.redhat.com/security/data/cve/CVE-2013-1476.html https://www.redhat.com/security/data/cve/CVE-2013-1478.html https://www.redhat.com/security/data/cve/CVE-2013-1480.html https://www.redhat.com/security/data/cve/CVE-2013-1481.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFREE7WXlSAg2UNWIIRAuWTAJ4g2iIk0XnUEpbIXz6nDgDjaHxz7ACbBcjy gqkoqFew2BZDYA/n817qYO8= =m5pJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Oracle Java Multiple Vulnerabilities SECUNIA ADVISORY ID: SA52064 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52064/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52064 RELEASE DATE: 2013-02-02 DISCUSS ADVISORY: http://secunia.com/advisories/52064/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/52064/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=52064 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious local users to gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code. 2) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code. 3) An unspecified error in the AWT component of the client deployment can be exploited to potentially execute arbitrary code. 4) An unspecified error in the AWT component of the client deployment can be exploited to potentially execute arbitrary code. 5) An unspecified error in the AWT component of the client and server deployment can be exploited to potentially execute arbitrary code. 6) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code. 7) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code. 8) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code. 9) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code. 10) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code. 11) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code. 12) An unspecified error in the JMX component of the client deployment can be exploited to potentially execute arbitrary code. 13) An unspecified error in the JavaFX component of the client deployment can be exploited to potentially execute arbitrary code. 14) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code. 15) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code. 16) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code. 17) An unspecified error in the Scripting component of the client deployment can be exploited to potentially execute arbitrary code. 18) An unspecified error in the Sound component of the client deployment can be exploited to potentially execute arbitrary code. 19) An unspecified error in the Beans component of the client deployment can be exploited to potentially execute arbitrary code. 20) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code. 21) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code. 22) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code. 23) An unspecified error in the Deployment component of the client deployment can be exploited to disclose and manipulate certain data and cause a DoS. 24) An unspecified error in the Install component of the client deployment can be exploited by a local user to gain escalated privileges. 25) An unspecified error in the AWT component of the client deployment can be exploited to disclose and manipulate certain data. 26) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data. 27) An unspecified error in the Deployment component of the client deployment can be exploited to manipulate certain data. 28) An unspecified error in the JAX-WS component of the client deployment can be exploited to disclose certain data. 29) An unspecified error in the JAXP component of the client deployment can be exploited to disclose certain data. 30) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data. 31) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data. 32) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data. 33) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data. 34) An unspecified error in the Networking component of the client deployment can be exploited to manipulate certain data. 35) An unspecified error in the RMI component of the client deployment can be exploited to manipulate certain data. 36) An unspecified error in the JSSE component of the server deployment can be exploited via SSL/TLS to cause a DoS. 37) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data. 38) An unspecified error in the JSSE component of the client deployment can be exploited via SSL/TLS to disclose and manipulate certain data. The vulnerabilities are reported in the following products: * JDK and JRE 7 Update 11 and earlier. * JDK and JRE 6 Update 38 and earlier. * JDK and JRE 5.0 Update 38 and earlier. * SDK and JRE 1.4.2_40 and earlier. SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: One of the vulnerabilities is reported as a 0-day. It is currently unclear who reported the remaining vulnerabilities as the Oracle Jave SE Critical Patch Update for February 2013 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-200703-0018 Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file. The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Apple QuickTime is prone to multiple unspecified remote code-execution vulnerabilities including mulitple heap and stack-based buffer-overflow and integer-overflow issues. These issues arise when the application handles specially crafted 3GP, MIDI, MOV, PICT, and QTIF files. Successful attacks can result in the compromise of the applicaiton or can cause denial-of-service conditions. Few details regarding these issues are currently available. Separate BIDs for each issue will be created as new information becomes available. QuickTime versions prior to 7.1.5 are vulnerable. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. There are multiple buffer overflow vulnerabilities in QuickTime's processing of various media formats. (CVE-2007-0717). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-065A Apple Releases Security Updates for QuickTime Original release date: March 06, 2007 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows Overview Apple QuickTime contains multiple vulnerabilities. I. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted image or media file with a vulnerable version of QuickTime. Since QuickTime configures most web browsers to handle QuickTime media files, an attacker could exploit these vulnerabilities using a web page. Note that QuickTime ships with Apple iTunes. For more information, please refer to the Vulnerability Notes Database. II. For further information, please see the Vulnerability Notes Database. III. Solution Upgrade QuickTime Upgrade to QuickTime 7.1.5. This and other updates for Mac OS X are available via Apple Update. On Microsoft Windows the QuickTime built-in auto-update mechanism may not detect this release. Instead, Windows users should check for updates using Apple Software Update or install the update manually. Disable QuickTime in your web browser An attacker may be able to exploit this vulnerability by persuading a user to access a specially crafted file with a web browser. Disabling QuickTime in your web browser will defend against this attack vector. For more information, refer to the Securing Your Web Browser document. References * Vulnerability Notes for QuickTime 7.1.5 - <http://www.kb.cert.org/vuls/byid?searchview&query=QuickTime_715> * About the security content of the QuickTime 7.1.5 Update - <http://docs.info.apple.com/article.html?artnum=305149> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple QuickTime 7.1.5 for Windows - <http://www.apple.com/support/downloads/quicktime715forwindows.html> * Apple QuickTime 7.1.5 for Mac - <http://www.apple.com/support/downloads/quicktime715formac.html> * Standalone Apple QuickTime Player - <http://www.apple.com/quicktime/download/standalone.html> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-065A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-065A Feedback VU#568689" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History March 06, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRe26JOxOF3G+ig+rAQIL/AgArfKGgONZLe46VrCe71/m/47EcYHx/m4u K7rK5zeV11CItic4BMTyhC/s9OMEJdkRpVLhi9TJtLv0OYQoqT8WCqkcWpn6rf+p mRbMMIc0m2/IqQWBz3oHU1rlAem8Xk0wbARe+y3Pb1Xz5TumoyVSjbkKkyQJVYLz 35SS6byTmpspL/GIui8lt37b66aiXOGr91FCMQ4eCJXucJKlDNndjdL5isVKjXoA 74aavroywUVzoBzjxXCRSquxcFHW0B6t1TIMuMJhyVbmcV4i/0Cq3EfEg8iKVZdO ZAXHIj3P4cPmdsYRbgl0IqqyZYt51gMdpmUNGORCShuMajqwwbNjvg== =5/kY -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_vacancies/ Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA24359 VERIFY ADVISORY: http://secunia.com/advisories/24359/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which potentially can be exploited by malicious people to compromise a user's system. 1) An integer overflow error exists in the handling of 3GP video files. 2) A boundary error in the handling of MIDI files can be exploited to cause a heap-based buffer overflow. 3) A boundary error in the handling of QuickTime movie files can be exploited to cause a heap-based buffer overflow. 4) An integer overflow exists in the handling of UDTA atoms in movie files. 5) A boundary error in the handling of PICT files can be exploited to cause a heap-based buffer overflow. 6) A boundary error in the handling of QTIF files can be exploited to cause a stack-based buffer overflow. 7) An integer overflow exists in the handling of QTIF files. 8) An input validation error exists in the processing of QTIF files. This can be exploited to cause a heap corruption via a specially crafted QTIF file with the "Color Table ID" field set to "0". SOLUTION: Update to version 7.1.5. Mac OS X: http://www.apple.com/quicktime/download/mac.html Windows: http://www.apple.com/quicktime/download/win.html PROVIDED AND/OR DISCOVERED BY: 1) JJ Reyes 2,5,6,7) Mike Price, McAfee AVERT Labs 3) Mike Price, McAfee AVERT Labs, Piotr Bania, and Artur Ogloza 4) Sowhat of Nevis Labs and an anonymous researcher via ZDI. 8) Ruben Santamarta via iDefense and JJ Reyes ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=305149 Piotr Bania: http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=486 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
var-201603-0222 The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. libxml2 is prone to multiple memory-corruption vulnerabilities. A remote attacker can leverage these issues to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service condition. Apple iOS, OS X, Safari, tvOS and watchOS are all products of Apple Inc. in the United States. Apple iOS is a set of operating systems developed for mobile devices; Apple OS X is a set of dedicated operating systems developed for Mac computers; and the default browser that comes with the iOS operating system; tvOS is a smart TV operating system; watchOS is a smart watch operating system. A security vulnerability exists in libxml2 of several Apple products. The following products and versions are affected: Apple iOS versions prior to 9.3, OS X versions prior to 10.11.4, Safari versions prior to 9.1, tvOS versions prior to 9.2, and watchOS versions prior to 2.2. Summary: An update for libxml2 is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all applications linked to the libxml2 library must be restarted, or the system rebooted. 5. Package List: Red Hat Enterprise Linux HPC Node (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm ppc64: libxml2-2.7.6-21.el6_8.1.ppc.rpm libxml2-2.7.6-21.el6_8.1.ppc64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc64.rpm libxml2-python-2.7.6-21.el6_8.1.ppc64.rpm s390x: libxml2-2.7.6-21.el6_8.1.s390.rpm libxml2-2.7.6-21.el6_8.1.s390x.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-devel-2.7.6-21.el6_8.1.s390.rpm libxml2-devel-2.7.6-21.el6_8.1.s390x.rpm libxml2-python-2.7.6-21.el6_8.1.s390x.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm ppc64: libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-static-2.7.6-21.el6_8.1.ppc64.rpm s390x: libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-static-2.7.6-21.el6_8.1.s390x.rpm x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm ppc64: libxml2-2.9.1-6.el7_2.3.ppc.rpm libxml2-2.9.1-6.el7_2.3.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64.rpm ppc64le: libxml2-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64le.rpm s390x: libxml2-2.9.1-6.el7_2.3.s390.rpm libxml2-2.9.1-6.el7_2.3.s390x.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-devel-2.9.1-6.el7_2.3.s390.rpm libxml2-devel-2.9.1-6.el7_2.3.s390x.rpm libxml2-python-2.9.1-6.el7_2.3.s390x.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-static-2.9.1-6.el7_2.3.ppc.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64.rpm ppc64le: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64le.rpm s390x: libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-static-2.9.1-6.el7_2.3.s390.rpm libxml2-static-2.9.1-6.el7_2.3.s390x.rpm x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1762 https://access.redhat.com/security/cve/CVE-2016-1833 https://access.redhat.com/security/cve/CVE-2016-1834 https://access.redhat.com/security/cve/CVE-2016-1835 https://access.redhat.com/security/cve/CVE-2016-1836 https://access.redhat.com/security/cve/CVE-2016-1837 https://access.redhat.com/security/cve/CVE-2016-1838 https://access.redhat.com/security/cve/CVE-2016-1839 https://access.redhat.com/security/cve/CVE-2016-1840 https://access.redhat.com/security/cve/CVE-2016-3627 https://access.redhat.com/security/cve/CVE-2016-3705 https://access.redhat.com/security/cve/CVE-2016-4447 https://access.redhat.com/security/cve/CVE-2016-4448 https://access.redhat.com/security/cve/CVE-2016-4449 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXa8B8XlSAg2UNWIIRAh9ZAJ99xgPhOaIopIxmynm+vlDcmw4jFACeLvTm ZsVLEgJAF0Zt6xZVzqvVW7U= =fREV -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <5755B7E3.5040103@canonical.com> Subject: [USN-2994-1] libxml2 vulnerabilities ============================================================================ Ubuntu Security Notice USN-2994-1 June 06, 2016 libxml2 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in libxml2. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447) It was discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-1762, CVE-2016-1834) Mateusz Jurczyk discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-1833, CVE-2016-1838, CVE-2016-1839) Wei Lei and Liu Yang discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-1835, CVE-2016-1837) Wei Lei and Liu Yang discovered that libxml2 incorrectly handled certain malformed documents. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-1836) Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-1840) It was discovered that libxml2 would load certain XML external entities. (CVE-2016-4449) Gustavo Grieco discovered that libxml2 incorrectly handled certain malformed documents. (CVE-2016-4483) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libxml2 2.9.3+dfsg1-1ubuntu0.1 Ubuntu 15.10: libxml2 2.9.2+zdfsg1-4ubuntu0.4 Ubuntu 14.04 LTS: libxml2 2.9.1+dfsg1-3ubuntu4.8 Ubuntu 12.04 LTS: libxml2 2.7.8.dfsg-5.1ubuntu4.15 After a standard system update you need to reboot your computer to make all the necessary changes. For the stable distribution (jessie), these problems have been fixed in version 2.9.1+dfsg1-5+deb8u2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-03-21-1 iOS 9.3 iOS 9.3 is now available and addresses the following: AppleUSBNetworking Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of data from USB devices. This issue was addressed through improved input validation. CVE-ID CVE-2016-1734 : Andrea Barisani and Andrej Rosano of Inverse Path FontParser Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1740 : HappilyCoded (ant4g0nist and r3dsm0k3) working with Trend Micro's Zero Day Initiative (ZDI) HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple vulnerabilities existed in nghttp2 versions prior to 1.6.0, the most serious of which may have led to remote code execution. These were addressed by updating nghttp2 to version 1.6.0. CVE-ID CVE-2015-8659 IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to determine kernel memory layout Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1748 : Brandon Azad Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to cause a denial of service Description: A denial of service issue was addressed through improved validation. CVE-ID CVE-2016-1752 : CESG Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-ID CVE-2016-1750 : CESG Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple integer overflows were addressed through improved input validation. CVE-ID CVE-2016-1753 : Juwei Lin Trend Micro working with Trend Micro's Zero Day Initiative (ZDI) Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to bypass code signing Description: A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed through improved permission validation. CVE-ID CVE-2016-1751 : Eric Monti of Square Mobile Security Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition existed during the creation of new processes. This was addressed through improved state handling. CVE-ID CVE-2016-1757 : Ian Beer of Google Project Zero and Pedro Vilaça Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-ID CVE-2016-1756 : Lufeng Li of Qihoo 360 Vulcan Team Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1754 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2016-1755 : Ian Beer of Google Project Zero Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to determine kernel memory layout Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-ID CVE-2016-1758 : Brandon Azad LaunchServices Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to modify events from other applications Description: An event handler validation issue existed in the XPC Services API. This issue was addressed through improved message validation. CVE-ID CVE-2016-1760 : Proteas of Qihoo 360 Nirvan Team libxml2 Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2015-1819 CVE-2015-5312 : David Drysdale of Google CVE-2015-7499 CVE-2015-7500 : Kostya Serebryany of Google CVE-2015-7942 : Kostya Serebryany of Google CVE-2015-8035 : gustavo.grieco CVE-2015-8242 : Hugh Davenport CVE-2016-1761 : wol0xff working with Trend Micro's Zero Day Initiative (ZDI) CVE-2016-1762 Messages Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may auto-fill text into other Message threads Description: An issue existed in the parsing of SMS URLs. This issue was addressed through improved URL validation. CVE-ID CVE-2016-1763 : CityTog Messages Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker who is able to bypass Apple's certificate pinning, intercept TLS connections, inject messages, and record encrypted attachment-type messages may be able to read attachments Description: A cryptographic issue was addressed by rejecting duplicate messages on the client. CVE-ID CVE-2016-1788 : Christina Garman, Matthew Green, Gabriel Kaptchuk, Ian Miers, and Michael Rushanan of Johns Hopkins University Profiles Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An untrusted MDM profile may be incorrectly displayed as verified Description: A certificate validation issue existed in MDM profiles. This was addressed through additional checks. CVE-ID CVE-2016-1766 : Taylor Boyko working with Trend Micro's Zero Day Initiative (ZDI) Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue existed in the ASN.1 decoder. This issue was addressed through improved input validation. CVE-ID CVE-2016-1950 : Francis Gabriel of Quarkslab TrueTypeScaler Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2016-1775 : 0x1byte working with Trend Micro's Zero Day Initiative (ZDI) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1778 : 0x1byte working with Trend Micro's Zero Day Initiative (ZDI) CVE-2016-1783 : Mihai Parparita of Google WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A website may be able to track sensitive user information Description: An issue existed in the handling of attachment URLs. This issue was addressed through improved URL handling. CVE-ID CVE-2016-1781 : Devdatta Akhawe of Dropbox, Inc. WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A website may be able to track sensitive user information Description: A hidden web page may be able to access device- orientation and device-motion data. This issue was addressed by suspending the availability of this data when the web view is hidden. CVE-ID CVE-2016-1780 : Maryam Mehrnezhad, Ehsan Toreini, Siamak F. Shahandashti, and Feng Hao of the School of Computing Science, Newcastle University, UK WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's current location Description: An issue existed in the parsing of geolocation requests. This was addressed through improved validation of the security origin for geolocation requests. CVE-ID CVE-2016-1779 : xisigr of Tencent's Xuanwu Lab (http://www.tencent.com) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A port redirection issue was addressed through additional port validation. CVE-ID CVE-2016-1782 : Muneaki Nishimura (nishimunea) of Recruit Technologies Co.,Ltd. WebKit History Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A resource exhaustion issue was addressed through improved input validation. CVE-ID CVE-2016-1784 : Moony Li and Jack Tang of TrendMicro and 李普君 of 无声信息技术PKAV Team (PKAV.net) WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Redirect responses may have allowed a malicious website to display an arbitrary URL and read cached contents of the destination origin. This issue was addressed through improved URL display logic. CVE-ID CVE-2016-1786 : ma.la of LINE Corporation WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may exfiltrate data cross-origin Description: A caching issue existed with character encoding. This was addressed through additional request checking. CVE-ID CVE-2016-1785 : an anonymous researcher Wi-Fi Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may be able to execute arbitrary code Description: A frame validation and memory corruption issue existed for a given ethertype. This issue was addressed through additional ethertype validation and improved memory handling. CVE-ID CVE-2016-0801 : an anonymous researcher CVE-2016-0802 : an anonymous researcher Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "9.3 ". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW8JPyAAoJEBcWfLTuOo7tWzQP/i8AwdkoE9uvhfe5X5p1yDxr YVcAkvHAgWzNee9Tvc6ERa2KWdOkmbVRGzySyG62lhGnrUTSMtlCs0/Bp/Ui5p65 FF2viREhDJNA83WZcsFP0ELZVJ5VwUv6BJR0L0ERn7QSfaftAwVSFmyHHURA7rGj IRQWnwD6IOblI0veLXjJjN8nPY2ueAzVvyv5mD8c4MdCxwxZNi2X9ugtIBBbZr6Y arjAVh/wfB0m+f50feDaPvo/8mZDn1UwrDu0YPtGDmGebgX17TE39q0YgOFf0uXv HzA0S1+mDURGR3h+7wpyO25+uOPHyGkeIA1GVISA2O7pmHKTcY5pvWC4zyIsDfRC ziI4AIml9ySY7nIltuUWeUdO81nHrjvEtXyWZ6VBH4Dah4yne80B04UGgLIzD1ON hTlTySVnMBJ8+N0g+e3ldGTuf49ISEKh9s6u+ABtBi9+sDSiWxGIkvNuZN37522O dK4MsAZIffxbKo2DuJxiWrfIzhAOO3rZbRD8oFkOtKh5QHlS1eOBlN29U9S1Cq+P jZ/sffscri8q9m8KUx4a+1HG3N6TDIJtIz7/jJyTld2Aw+1JAlU4DG41t1lkEs6S 41wah3j9YrqXCp2uc3JmcI6k2XW2pj73T9Mqqz5e/xk2sfwnJ299dAK7vXkGR3ix Fg29LzTb0eQ9Ub1Mkn5E =Ouex -----END PGP SIGNATURE----- . CVE-ID CVE-2016-1762 Safari Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 to v10.11.3 Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue existed where the text of a dialog included page-supplied text. CVE-ID CVE-2016-1786 : ma.la of LINE Corporation Installation note: Safari 9.1 may be obtained from the Mac App Store. Description: This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. Security Fix(es): * This update fixes several flaws in OpenSSL. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483) * This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141) * This update fixes two flaws in httpd. (CVE-2016-4459, CVE-2016-8612) * A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808) * A memory leak flaw was fixed in expat. Upstream acknowledges Stephen Henson (OpenSSL development team) as the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat), Hanno BAPck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105, CVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj Somorovsky as the original reporter of CVE-2016-2107; Yuval Yarom (University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv University), and Nadia Heninger (University of Pennsylvania) as the original reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as the original reporter of CVE-2016-0705. See the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). After installing the updated packages, the httpd daemon will be restarted automatically. JIRA issues fixed (https://issues.jboss.org/): JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service 6
Vulnerabilities are sorted by update time (recent to old).
ID Description Publish Date Update Date
jvndb-2024-003178 Trend Micro Maximum Security vulnerable to improper link resolution (CVE-2024-32849) 2024-05-08T10:19+09:00 2024-05-08T10:19+09:00
jvndb-2023-002725 Multiple vulnerabilities in Command Center RX (CCRX) of Kyocera Document Solutions MFPs and printers 2023-07-28T18:24+09:00 2024-05-07T18:15+09:00
jvndb-2023-000108 Inkdrop vulnerable to code injection 2023-10-30T13:48+09:00 2024-05-07T16:09+09:00
jvndb-2023-000106 Multiple vulnerabilities in baserCMS 2023-10-27T14:46+09:00 2024-05-07T15:59+09:00
jvndb-2023-000109 Cybozu Remote Service vulnerable to uncontrolled resource consumption 2023-10-31T13:43+09:00 2024-05-07T15:51+09:00
jvndb-2023-004919 FUJIFILM Business Innovation Corp. and Xerox Corporation MFPs export Address Books with insufficient encryption strength 2023-11-02T17:21+09:00 2024-05-07T15:25+09:00
jvndb-2023-000114 Multiple vulnerabilities in Cisco Firepower Management Center Software 2023-11-13T14:01+09:00 2024-05-07T15:07+09:00
jvndb-2023-000060 Multiple vulnerabilities in Pleasanter 2023-06-22T15:49+09:00 2024-05-07T14:10+09:00
jvndb-2023-000110 Improper restriction of XML external entity references (XXE) in e-Tax software 2023-11-02T13:38+09:00 2024-05-01T18:41+09:00
jvndb-2023-007152 Multiple vulnerabilities in EXPRESSCLUSTER X 2023-11-20T14:09+09:00 2024-05-01T18:10+09:00
jvndb-2023-000113 HOTELDRUID vulnerable to cross-site scripting 2023-11-10T14:41+09:00 2024-05-01T17:47+09:00
jvndb-2023-000115 OSS Calendar vulnerable to SQL injection 2023-11-14T14:05+09:00 2024-05-01T17:38+09:00
jvndb-2023-000118 Multiple vulnerabilities in CubeCart 2023-11-17T14:22+09:00 2024-04-30T18:15+09:00
jvndb-2023-000068 "NewsPicks" App uses a hard-coded API key for an external service 2023-06-30T15:06+09:00 2024-04-30T18:09+09:00
jvndb-2023-006578 ASUSTeK COMPUTER RT-AC87U vulnerable to improper access control 2023-11-15T17:44+09:00 2024-04-30T18:08+09:00
jvndb-2023-000064 SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS) 2023-06-20T14:48+09:00 2024-04-26T18:03+09:00
jvndb-2023-000067 WordPress Plugin "Snow Monkey Forms" vulnerable to directory traversal 2023-06-27T17:05+09:00 2024-04-26T17:56+09:00
jvndb-2023-000033 Trend Micro Security may insecurely load Dynamic Link Libraries 2023-04-14T15:44+09:00 2024-04-26T17:48+09:00
jvndb-2023-006588 Multiple vulnerabilities in ELECOM and LOGITEC routers 2023-11-15T18:27+09:00 2024-04-26T15:22+09:00
jvndb-2023-002511 File and Directory Permissions Vulnerability in Hitachi Command Suite 2023-07-19T14:48+09:00 2024-04-26T12:29+09:00
jvndb-2023-002512 EL Injection Vulnerability in Hitachi Replication Manager 2023-07-19T14:48+09:00 2024-04-26T12:24+09:00
jvndb-2024-003119 NETGEAR routers vulnerable to buffer overflow 2024-04-25T11:21+09:00 2024-04-25T11:21+09:00
jvndb-2024-000042 Multiple vulnerabilities in RoamWiFi R10 2024-04-24T13:44+09:00 2024-04-24T13:44+09:00
jvndb-2024-003008 Sangoma Technologies CG/MG family driver cg6kwin2k.sys vulnerable to insufficient access control on its IOCTL 2024-03-22T13:50+09:00 2024-04-24T11:45+09:00
jvndb-2023-003028 Phoenix Technologies Windows kernel driver vulnerable to insufficient access control on its IOCTL 2023-08-30T10:05+09:00 2024-04-24T11:43+09:00
jvndb-2024-003116 Multiple vulnerabilities in OMRON Sysmac Studio/CX-One and CX-Programmer 2024-04-24T10:13+09:00 2024-04-24T10:13+09:00
jvndb-2024-000901 TvRock vulnerable to cross-site request forgery 2024-04-23T18:22+09:00 2024-04-23T18:22+09:00
jvndb-2024-000903 TvRock vulnerable to denial-of-service (DoS) 2024-04-23T18:21+09:00 2024-04-23T18:21+09:00
jvndb-2023-000119 Ruckus Access Point contains a cross-site scripting vulnerability. 2023-12-01T14:58+09:00 2024-04-23T17:51+09:00
jvndb-2023-000112 Multiple vulnerabilities in Pleasanter 2023-11-13T15:57+09:00 2024-04-22T17:56+09:00