|
var-201605-0467
|
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. Apple Mac OS X, watchOS, iOS, and tvOS are prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code and bypass security restrictions. Failed exploit attempts may result in a denial-of-service condition.
Versions prior to iOS 9.3.2, watchOS 2.2.1, Mac OS X 10.11.5, and tvOS 9.2.1 are vulnerable. in the United States. Apple iOS is an operating system developed for mobile devices; watchOS is a smart watch operating system; OS X El Capitan is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc.
CVE-ID
CVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto Networks
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/en-us/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: libxml2 security update
Advisory ID: RHSA-2016:1292-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2016:1292
Issue date: 2016-06-23
CVE Names: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834
CVE-2016-1835 CVE-2016-1836 CVE-2016-1837
CVE-2016-1838 CVE-2016-1839 CVE-2016-1840
CVE-2016-3627 CVE-2016-3705 CVE-2016-4447
CVE-2016-4448 CVE-2016-4449
=====================================================================
1. Summary:
An update for libxml2 is now available for Red Hat Enterprise Linux 6 and
Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
The libxml2 library is a development toolbox providing the implementation
of various XML standards. (CVE-2016-1834,
CVE-2016-1840)
Multiple denial of service flaws were found in libxml2. A remote attacker
could provide a specially crafted XML file that, when processed by an
application using libxml2, could cause that application to crash.
(CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,
CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447,
CVE-2016-4448, CVE-2016-4449)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all applications linked to the libxml2
library must be restarted, or the system rebooted.
5. Bugs fixed (https://bugzilla.redhat.com/):
1319829 - CVE-2016-3627 libxml2: stack exhaustion while parsing xml files in recovery mode
1332443 - CVE-2016-3705 libxml2: stack overflow before detecting invalid XML file
1338682 - CVE-2016-1833 libxml2: Heap-based buffer overread in htmlCurrentChar
1338686 - CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName
1338691 - CVE-2016-1835 libxml2: Heap use-after-free in xmlSAX2AttributeNs
1338696 - CVE-2016-1837 libxml2: Heap use-after-free in htmlPArsePubidLiteral and htmlParseSystemiteral
1338700 - CVE-2016-4448 libxml2: Format string vulnerability
1338701 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content
1338702 - CVE-2016-1836 libxml2: Heap use-after-free in xmlDictComputeFastKey
1338703 - CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString
1338705 - CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal
1338706 - CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup
1338708 - CVE-2016-1834 libxml2: Heap-buffer-overflow in xmlStrncat
1338711 - CVE-2016-1762 libxml2: Heap-based buffer-overread in xmlNextChar
6. Package List:
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
libxml2-2.7.6-21.el6_8.1.src.rpm
x86_64:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
libxml2-2.7.6-21.el6_8.1.src.rpm
i386:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-python-2.7.6-21.el6_8.1.i686.rpm
ppc64:
libxml2-2.7.6-21.el6_8.1.ppc.rpm
libxml2-2.7.6-21.el6_8.1.ppc64.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.ppc.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm
libxml2-devel-2.7.6-21.el6_8.1.ppc.rpm
libxml2-devel-2.7.6-21.el6_8.1.ppc64.rpm
libxml2-python-2.7.6-21.el6_8.1.ppc64.rpm
s390x:
libxml2-2.7.6-21.el6_8.1.s390.rpm
libxml2-2.7.6-21.el6_8.1.s390x.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.s390.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm
libxml2-devel-2.7.6-21.el6_8.1.s390.rpm
libxml2-devel-2.7.6-21.el6_8.1.s390x.rpm
libxml2-python-2.7.6-21.el6_8.1.s390x.rpm
x86_64:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-static-2.7.6-21.el6_8.1.i686.rpm
ppc64:
libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm
libxml2-static-2.7.6-21.el6_8.1.ppc64.rpm
s390x:
libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm
libxml2-static-2.7.6-21.el6_8.1.s390x.rpm
x86_64:
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
libxml2-2.7.6-21.el6_8.1.src.rpm
i386:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-python-2.7.6-21.el6_8.1.i686.rpm
x86_64:
libxml2-2.7.6-21.el6_8.1.i686.rpm
libxml2-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-devel-2.7.6-21.el6_8.1.i686.rpm
libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm
libxml2-static-2.7.6-21.el6_8.1.i686.rpm
x86_64:
libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm
libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source:
libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.3.i686.rpm
libxml2-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.3.i686.rpm
libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.3.i686.rpm
libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.3.i686.rpm
libxml2-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.3.i686.rpm
libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.3.i686.rpm
libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
libxml2-2.9.1-6.el7_2.3.src.rpm
ppc64:
libxml2-2.9.1-6.el7_2.3.ppc.rpm
libxml2-2.9.1-6.el7_2.3.ppc64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm
libxml2-devel-2.9.1-6.el7_2.3.ppc.rpm
libxml2-devel-2.9.1-6.el7_2.3.ppc64.rpm
libxml2-python-2.9.1-6.el7_2.3.ppc64.rpm
ppc64le:
libxml2-2.9.1-6.el7_2.3.ppc64le.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm
libxml2-devel-2.9.1-6.el7_2.3.ppc64le.rpm
libxml2-python-2.9.1-6.el7_2.3.ppc64le.rpm
s390x:
libxml2-2.9.1-6.el7_2.3.s390.rpm
libxml2-2.9.1-6.el7_2.3.s390x.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm
libxml2-devel-2.9.1-6.el7_2.3.s390.rpm
libxml2-devel-2.9.1-6.el7_2.3.s390x.rpm
libxml2-python-2.9.1-6.el7_2.3.s390x.rpm
x86_64:
libxml2-2.9.1-6.el7_2.3.i686.rpm
libxml2-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.3.i686.rpm
libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm
libxml2-static-2.9.1-6.el7_2.3.ppc.rpm
libxml2-static-2.9.1-6.el7_2.3.ppc64.rpm
ppc64le:
libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm
libxml2-static-2.9.1-6.el7_2.3.ppc64le.rpm
s390x:
libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm
libxml2-static-2.9.1-6.el7_2.3.s390.rpm
libxml2-static-2.9.1-6.el7_2.3.s390x.rpm
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.3.i686.rpm
libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
libxml2-2.9.1-6.el7_2.3.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.3.i686.rpm
libxml2-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.3.i686.rpm
libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.3.i686.rpm
libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-1762
https://access.redhat.com/security/cve/CVE-2016-1833
https://access.redhat.com/security/cve/CVE-2016-1834
https://access.redhat.com/security/cve/CVE-2016-1835
https://access.redhat.com/security/cve/CVE-2016-1836
https://access.redhat.com/security/cve/CVE-2016-1837
https://access.redhat.com/security/cve/CVE-2016-1838
https://access.redhat.com/security/cve/CVE-2016-1839
https://access.redhat.com/security/cve/CVE-2016-1840
https://access.redhat.com/security/cve/CVE-2016-3627
https://access.redhat.com/security/cve/CVE-2016-3705
https://access.redhat.com/security/cve/CVE-2016-4447
https://access.redhat.com/security/cve/CVE-2016-4448
https://access.redhat.com/security/cve/CVE-2016-4449
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFXa8B8XlSAg2UNWIIRAh9ZAJ99xgPhOaIopIxmynm+vlDcmw4jFACeLvTm
ZsVLEgJAF0Zt6xZVzqvVW7U=
=fREV
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2016-05-16-2 iOS 9.3.2
iOS 9.3.2 is now available and addresses the following:
Accessibility
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to determine kernel memory layout
Description: A buffer overflow was addressed through improved size
validation.
CVE-ID
CVE-2016-1790 : Rapelly Akhil
CFNetwork Proxies
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An information leak existed in the handling of HTTP and
HTTPS requests. This issue was addressed through improved URL
handling.
CVE-ID
CVE-2016-1801 : Alex Chapman and Paul Stone of Context Information
Security
CommonCrypto
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to leak sensitive user
information
Description: An issue existed in the handling of return values in
CCCrypt. This issue was addressed through improved key length
management.
CVE-ID
CVE-2016-1802 : Klaus Rodewig
CoreCapture
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1803 : Ian Beer of Google Project Zero, daybreaker working
with Trend Micro’s Zero Day Initiative
Disk Images
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A local attacker may be able to read kernel memory
Description: A race condition was addressed through improved
locking.
CVE-ID
CVE-2016-1807 : Ian Beer of Google Project Zero
Disk Images
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the parsing of
disk images. This issue was addressed through improved memory
handling.
CVE-ID
CVE-2016-1808 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro
ImageIO
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1811 : Lander Brandt (@landaire)
IOAcceleratorFamily
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1817 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro working with Trend Micro's Zero Day Initiative
CVE-2016-1818 : Juwei Lin of TrendMicro
CVE-2016-1819 : Ian Beer of Google Project Zero
IOAcceleratorFamily
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to cause a denial of service
Description: A null pointer dereference was addressed through
improved locking.
CVE-ID
CVE-2016-1814 : Juwei Lin of TrendMicro
IOAcceleratorFamily
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1813 : Ian Beer of Google Project Zero
IOHIDFamily
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1823 : Ian Beer of Google Project Zero
CVE-2016-1824 : Marco Grassi (@marcograss) of KeenLab (@keen_lab),
Tencent
Kernel
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1827 : Brandon Azad
CVE-2016-1828 : Brandon Azad
CVE-2016-1829 : CESG
CVE-2016-1830 : Brandon Azad
CVE-2016-1831 : Brandon Azad
libc
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A memory corruption issue was addressed through
improved input validation.
CVE-ID
CVE-2016-1832 : Karl Williamson
libxml2
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing maliciously crafted XML may lead to an unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1833 : Mateusz Jurczyk
CVE-2016-1834 : Apple
CVE-2016-1835 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1837 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1838 : Mateusz Jurczyk
CVE-2016-1839 : Mateusz Jurczyk
CVE-2016-1840 : Kostya Serebryany
libxslt
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1841 : Sebastian Apelt
MapKit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: Shared links were sent with HTTP rather than HTTPS.
This was addressed by enabling HTTPS for shared links.
CVE-ID
CVE-2016-1842 : Richard Shupak (https://www.linkedin.com/in/rshupak)
OpenGL
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto Networks
Safari
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A user may be unable to fully delete browsing history
Description: "Clear History and Website Data" did not clear the
history. The issue was addressed through improved data deletion.
CVE-ID
CVE-2016-1849 : Adham Ghrayeb
Siri
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A person with physical access to an iOS device may be able
to use Siri to access contacts and photos from the the lock screen
Description: A state management issue existed when accessing Siri
results on the lock screen. This issue was addressed by disabling
data detectors in Twitter results when the device is locked.
CVE-ID
CVE-2016-1852 : videosdebarraquito
WebKit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a malicious website may disclose data from another
website
Description: An insufficient taint tracking issue in the parsing of
svg images was addressed through improved taint tracking.
CVE-ID
CVE-2016-1858 : an anonymous researcher
WebKit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1854 : Anonymous working with Trend Micro's Zero Day
Initiative
CVE-2016-1855 : Tongbo Luo and Bo Qu of Palo Alto Networks
CVE-2016-1856 : lokihardt working with Trend Micro's Zero Day
Initiative
CVE-2016-1857 : Jeonghoon Shin@A.D.D, Liang Chen, Zhen Feng, wushi of
KeenLab, Tencent working with Trend Micro's Zero Day Initiative
WebKit Canvas
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1859 : Liang Chen, wushi of KeenLab, Tencent working with
Trend Micro's Zero Day Initiative
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "9.3.2". - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201701-37
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: libxml2: Multiple vulnerabilities
Date: January 16, 2017
Bugs: #564776, #566374, #572878, #573820, #577998, #582538,
#582540, #583888, #589816, #597112, #597114, #597116
ID: 201701-37
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in libxml2, the worst of which
could lead to the execution of arbitrary code.
Background
==========
libxml2 is the XML (eXtended Markup Language) C parser and toolkit
initially developed for the Gnome project.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/libxml2 < 2.9.4-r1 >= 2.9.4-r1
Description
===========
Multiple vulnerabilities have been discovered in libxml2. Please review
the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All libxml2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.4-r1"
References
==========
[ 1 ] CVE-2015-1819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1819
[ 2 ] CVE-2015-5312
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5312
[ 3 ] CVE-2015-7497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7497
[ 4 ] CVE-2015-7498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7498
[ 5 ] CVE-2015-7499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7499
[ 6 ] CVE-2015-7500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7500
[ 7 ] CVE-2015-7941
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7941
[ 8 ] CVE-2015-7942
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7942
[ 9 ] CVE-2015-8035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8035
[ 10 ] CVE-2015-8242
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8242
[ 11 ] CVE-2015-8806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8806
[ 12 ] CVE-2016-1836
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1836
[ 13 ] CVE-2016-1838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1838
[ 14 ] CVE-2016-1839
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1839
[ 15 ] CVE-2016-1840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1840
[ 16 ] CVE-2016-2073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2073
[ 17 ] CVE-2016-3627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3627
[ 18 ] CVE-2016-3705
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3705
[ 19 ] CVE-2016-4483
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4483
[ 20 ] CVE-2016-4658
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4658
[ 21 ] CVE-2016-5131
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5131
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201701-37
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <5755B7E3.5040103@canonical.com>
Subject: [USN-2994-1] libxml2 vulnerabilities
============================================================================
Ubuntu Security Notice USN-2994-1
June 06, 2016
libxml2 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in libxml2. (CVE-2015-8806, CVE-2016-2073,
CVE-2016-3627, CVE-2016-3705, CVE-2016-4447)
It was discovered that libxml2 incorrectly handled certain malformed
documents.
(CVE-2016-1762, CVE-2016-1834)
Mateusz Jurczyk discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2016-1833, CVE-2016-1838, CVE-2016-1839)
Wei Lei and Liu Yang discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2016-1835, CVE-2016-1837)
Wei Lei and Liu Yang discovered that libxml2 incorrectly handled certain
malformed documents. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and
Ubuntu 16.04 LTS. (CVE-2016-1836)
Kostya Serebryany discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2016-1840)
It was discovered that libxml2 would load certain XML external entities. (CVE-2016-4449)
Gustavo Grieco discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2016-4483)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
libxml2 2.9.3+dfsg1-1ubuntu0.1
Ubuntu 15.10:
libxml2 2.9.2+zdfsg1-4ubuntu0.4
Ubuntu 14.04 LTS:
libxml2 2.9.1+dfsg1-3ubuntu4.8
Ubuntu 12.04 LTS:
libxml2 2.7.8.dfsg-5.1ubuntu4.15
After a standard system update you need to reboot your computer to make
all the necessary changes.
For the stable distribution (jessie), these problems have been fixed in
version 2.9.1+dfsg1-5+deb8u2. Description:
This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a
replacement for JBoss Core Services Apache HTTP Server 2.4.6.
Security Fix(es):
* This update fixes several flaws in OpenSSL. (CVE-2016-1762,
CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,
CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705,
CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)
* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420,
CVE-2016-7141)
* This update fixes two flaws in httpd. (CVE-2016-4459,
CVE-2016-8612)
* A buffer overflow flaw when concatenating virtual host names and URIs was
fixed in mod_jk. (CVE-2016-6808)
* A memory leak flaw was fixed in expat. Upstream acknowledges Stephen Henson (OpenSSL development team)
as the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat),
Hanno BAPck, and David Benjamin (Google) as the original reporters of
CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105,
CVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj
Somorovsky as the original reporter of CVE-2016-2107; Yuval Yarom
(University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv
University), and Nadia Heninger (University of Pennsylvania) as the
original reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as
the original reporter of CVE-2016-0705.
See the corresponding CVE pages linked to in the References section for
more information about each of the flaws listed in this advisory. Solution:
The References section of this erratum contains a download link (you must
log in to download the update). Before applying the update, back up your
existing Red Hat JBoss Web Server installation (including all applications
and configuration files).
After installing the updated packages, the httpd daemon will be restarted
automatically. JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]
JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
6 |
|
var-201306-0147
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing.". This vulnerability CVE-2013-2463 , CVE-2013-2464 , CVE-2013-2465 , CVE-2013-2469 , CVE-2013-2471 , CVE-2013-2472 ,and CVE-2013-2473 Is a different vulnerability.Information is obtained by a third party, information is altered, and service operation is interrupted. (DoS) An attack may be carried out. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific vulnerability is an array indexing flaw inside the Java AWT imaging library allowing for memory corruption. An attacker could leverage this vulnerability into remote execution of arbitrary code as the current user. Failed exploit attempts will likely cause denial-of-service conditions.
This vulnerability affects the following supported versions:
7 Update 21 , 6 Update 45 , 5.0 Update 45.
This updates IcedTea6 to version 1.11.12, which fixes these issues,
as well as several other bugs.
Additionally, this OpenJDK update causes icedtea-web, the Java browser
plugin, to crash, so icedtea-web has been patched to fix this. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFR47+cmqjQ0CJFipgRAmnTAJ4lalit4V4VWsSE6KHeem9qtHb+9gCgmJ/U
GUelRnMi6Rq7d9NhnTCwrlg=
=rErU
-----END PGP SIGNATURE-----
.
For the stable distribution (wheezy), these problems have been fixed in
version 7u25-2.3.10-1~deb7u1. In addition icedtea-web needed to be
updated to 1.4-3~deb7u1.
For the unstable distribution (sid), these problems have been fixed in
version 7u25-2.3.10-1. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory pages, listed in the References section. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-openjdk security update
Advisory ID: RHSA-2013:0957-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0957.html
Issue date: 2013-06-19
CVE Names: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407
CVE-2013-2412 CVE-2013-2443 CVE-2013-2444
CVE-2013-2445 CVE-2013-2446 CVE-2013-2447
CVE-2013-2448 CVE-2013-2449 CVE-2013-2450
CVE-2013-2452 CVE-2013-2453 CVE-2013-2454
CVE-2013-2455 CVE-2013-2456 CVE-2013-2457
CVE-2013-2458 CVE-2013-2459 CVE-2013-2460
CVE-2013-2461 CVE-2013-2463 CVE-2013-2465
CVE-2013-2469 CVE-2013-2470 CVE-2013-2471
CVE-2013-2472 CVE-2013-2473
=====================================================================
1. Summary:
Updated java-1.7.0-openjdk packages that fix various security issues are
now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64
3. Description:
These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.
Multiple flaws were discovered in the ImagingLib and the image attribute,
channel, layout and raster processing in the 2D component. An untrusted
Java application or applet could possibly use these flaws to trigger Java
Virtual Machine memory corruption. (CVE-2013-2470, CVE-2013-2471,
CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469)
Integer overflow flaws were found in the way AWT processed certain input.
(CVE-2013-2459)
Multiple improper permission check issues were discovered in the Sound,
JDBC, Libraries, JMX, and Serviceability components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass Java
sandbox restrictions. (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458,
CVE-2013-2457, CVE-2013-2453, CVE-2013-2460)
Multiple flaws in the Serialization, Networking, Libraries and CORBA
components can be exploited by an untrusted Java application or applet to
gain access to potentially sensitive information. (CVE-2013-2456,
CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446)
It was discovered that the Hotspot component did not properly handle
out-of-memory errors. An untrusted Java application or applet could
possibly use these flaws to terminate the Java Virtual Machine.
(CVE-2013-2445)
It was discovered that the AWT component did not properly manage certain
resources and that the ObjectStreamClass of the Serialization component
did not properly handle circular references. An untrusted Java application
or applet could possibly use these flaws to cause a denial of service.
(CVE-2013-2444, CVE-2013-2450)
It was discovered that the Libraries component contained certain errors
related to XML security and the class loader. A remote attacker could
possibly exploit these flaws to bypass intended security mechanisms or
disclose potentially sensitive information and cause a denial of service.
(CVE-2013-2407, CVE-2013-2461)
It was discovered that JConsole did not properly inform the user when
establishing an SSL connection failed. An attacker could exploit this flaw
to gain access to potentially sensitive information. (CVE-2013-2412)
It was discovered that GnomeFileTypeDetector did not check for read
permissions when accessing files. An untrusted Java application or applet
could possibly use this flaw to disclose potentially sensitive information.
(CVE-2013-2449)
It was found that documentation generated by Javadoc was vulnerable to a
frame injection attack. If such documentation was accessible over a
network, and a remote attacker could trick a user into visiting a
specially-crafted URL, it would lead to arbitrary web content being
displayed next to the documentation. This could be used to perform a
phishing attack by providing frame content that spoofed a login form on
the site hosting the vulnerable documentation. (CVE-2013-1571)
It was discovered that the 2D component created shared memory segments with
insecure permissions. A local attacker could use this flaw to read or write
to the shared memory segment. (CVE-2013-1500)
Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and
US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the
original reporter of CVE-2013-1571.
Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.
After installing this update, users of icedtea-web must install
RHBA-2013:0959 for icedtea-web to continue functioning.
This erratum also upgrades the OpenJDK package to IcedTea7 2.3.10. Refer to
the NEWS file, linked to in the References, for further information.
4. Solution:
All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243)
975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248)
975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253)
975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257)
975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438)
975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597)
975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601)
975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071)
975122 - CVE-2013-2460 OpenJDK: tracing insufficient access checks (Serviceability, 8010209)
975124 - CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)
975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328)
975126 - CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)
975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)
975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554)
975130 - CVE-2013-2458 OpenJDK: Method handles (Libraries, 8009424)
975131 - CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038)
975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642)
975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120)
975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124)
975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330)
975138 - CVE-2013-2452 OpenJDK: Unique VMIDs(Libraries, 8001033)
975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812)
975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318)
975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703)
975145 - CVE-2013-2449 OpenJDK: GnomeFileTypeDetector path access check(Libraries, 8004288)
975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386:
java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386:
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm
noarch:
java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm
x86_64:
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
noarch:
java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm
x86_64:
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386:
java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386:
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm
noarch:
java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm
x86_64:
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386:
java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386:
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm
noarch:
java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm
x86_64:
java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-1500.html
https://www.redhat.com/security/data/cve/CVE-2013-1571.html
https://www.redhat.com/security/data/cve/CVE-2013-2407.html
https://www.redhat.com/security/data/cve/CVE-2013-2412.html
https://www.redhat.com/security/data/cve/CVE-2013-2443.html
https://www.redhat.com/security/data/cve/CVE-2013-2444.html
https://www.redhat.com/security/data/cve/CVE-2013-2445.html
https://www.redhat.com/security/data/cve/CVE-2013-2446.html
https://www.redhat.com/security/data/cve/CVE-2013-2447.html
https://www.redhat.com/security/data/cve/CVE-2013-2448.html
https://www.redhat.com/security/data/cve/CVE-2013-2449.html
https://www.redhat.com/security/data/cve/CVE-2013-2450.html
https://www.redhat.com/security/data/cve/CVE-2013-2452.html
https://www.redhat.com/security/data/cve/CVE-2013-2453.html
https://www.redhat.com/security/data/cve/CVE-2013-2454.html
https://www.redhat.com/security/data/cve/CVE-2013-2455.html
https://www.redhat.com/security/data/cve/CVE-2013-2456.html
https://www.redhat.com/security/data/cve/CVE-2013-2457.html
https://www.redhat.com/security/data/cve/CVE-2013-2458.html
https://www.redhat.com/security/data/cve/CVE-2013-2459.html
https://www.redhat.com/security/data/cve/CVE-2013-2460.html
https://www.redhat.com/security/data/cve/CVE-2013-2461.html
https://www.redhat.com/security/data/cve/CVE-2013-2463.html
https://www.redhat.com/security/data/cve/CVE-2013-2465.html
https://www.redhat.com/security/data/cve/CVE-2013-2469.html
https://www.redhat.com/security/data/cve/CVE-2013-2470.html
https://www.redhat.com/security/data/cve/CVE-2013-2471.html
https://www.redhat.com/security/data/cve/CVE-2013-2472.html
https://www.redhat.com/security/data/cve/CVE-2013-2473.html
https://access.redhat.com/security/updates/classification/#critical
http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/NEWS
https://rhn.redhat.com/errata/RHBA-2013-0959.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRwkhZXlSAg2UNWIIRAq8SAJ9tsW9PY39Aa6lmSLhOhlUi8hrnugCePCKO
NAdLLpJKlVulPXKONu/CudU=
=+H1U
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ============================================================================
Ubuntu Security Notice USN-1908-1
July 23, 2013
openjdk-6 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6.
Software Description:
- openjdk-6: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure and data integrity. (CVE-2013-1500, CVE-2013-2454,
CVE-2013-2458)
A vulnerability was discovered in the OpenJDK Javadoc related to data
integrity. (CVE-2013-1571)
A vulnerability was discovered in the OpenJDK JRE related to information
disclosure and availability.
(CVE-2013-2407)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure. (CVE-2013-2412, CVE-2013-2443, CVE-2013-2446,
CVE-2013-2447, CVE-2013-2449, CVE-2013-2452, CVE-2013-2456)
Several vulnerabilities were discovered in the OpenJDK JRE related to
availability.
(CVE-2013-2444, CVE-2013-2445, CVE-2013-2450)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. (CVE-2013-2448, CVE-2013-2451, CVE-2013-2459, CVE-2013-2461,
CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471,
CVE-2013-2472, CVE-2013-2473, CVE-2013-3743)
Several vulnerabilities were discovered in the OpenJDK JRE related to data
integrity. (CVE-2013-2453, CVE-2013-2455, CVE-2013-2457)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.12.04.2
icedtea-6-jre-jamvm 6b27-1.12.6-1ubuntu0.12.04.2
openjdk-6-doc 6b27-1.12.6-1ubuntu0.12.04.2
openjdk-6-jre 6b27-1.12.6-1ubuntu0.12.04.2
openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.12.04.2
openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.12.04.2
openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.12.04.2
Ubuntu 10.04 LTS:
icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.10.04.2
openjdk-6-doc 6b27-1.12.6-1ubuntu0.10.04.2
openjdk-6-jre 6b27-1.12.6-1ubuntu0.10.04.2
openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.10.04.2
openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.10.04.2
openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.10.04.2
This update uses a new upstream release, which includes additional bug
fixes |
|
var-202310-0175
|
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Description:
AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section.
Description:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
Description:
nghttp2 contains the Hypertext Transfer Protocol version 2 (HTTP/2) client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C.
The following data is constructed from data provided by Red Hat's json file at:
https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5710.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.
- Packet Storm Staff
====================================================================
Red Hat Security Advisory
Synopsis: Important: dotnet6.0 security update
Advisory ID: RHSA-2023:5710-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:5710
Issue date: 2023-10-16
Revision: 01
CVE Names: CVE-2023-44487
====================================================================
Summary:
An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description:
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23.
Security Fix(es):
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution:
https://access.redhat.com/articles/11258
CVEs:
CVE-2023-44487
References:
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
. ==========================================================================
Ubuntu Security Notice USN-6754-1
April 25, 2024
nghttp2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in nghttp2.
Software Description:
- nghttp2: HTTP/2 C Library and tools
Details:
It was discovered that nghttp2 incorrectly handled the HTTP/2
implementation. A remote attacker could possibly use this issue to cause
nghttp2 to consume resources, leading to a denial of service. This issue
only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511,
CVE-2019-9513)
It was discovered that nghttp2 incorrectly handled request cancellation. A
remote attacker could possibly use this issue to cause nghttp2 to consume
resources, leading to a denial of service. This issue only affected Ubuntu
16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487)
It was discovered that nghttp2 could be made to process an unlimited number
of HTTP/2 CONTINUATION frames. A remote attacker could possibly use this
issue to cause nghttp2 to consume resources, leading to a denial of
service. (CVE-2024-28182)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.10:
libnghttp2-14 1.55.1-1ubuntu0.2
nghttp2 1.55.1-1ubuntu0.2
nghttp2-client 1.55.1-1ubuntu0.2
nghttp2-proxy 1.55.1-1ubuntu0.2
nghttp2-server 1.55.1-1ubuntu0.2
Ubuntu 22.04 LTS:
libnghttp2-14 1.43.0-1ubuntu0.2
nghttp2 1.43.0-1ubuntu0.2
nghttp2-client 1.43.0-1ubuntu0.2
nghttp2-proxy 1.43.0-1ubuntu0.2
nghttp2-server 1.43.0-1ubuntu0.2
Ubuntu 20.04 LTS:
libnghttp2-14 1.40.0-1ubuntu0.3
nghttp2 1.40.0-1ubuntu0.3
nghttp2-client 1.40.0-1ubuntu0.3
nghttp2-proxy 1.40.0-1ubuntu0.3
nghttp2-server 1.40.0-1ubuntu0.3
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
libnghttp2-14 1.30.0-1ubuntu1+esm2
nghttp2 1.30.0-1ubuntu1+esm2
nghttp2-client 1.30.0-1ubuntu1+esm2
nghttp2-proxy 1.30.0-1ubuntu1+esm2
nghttp2-server 1.30.0-1ubuntu1+esm2
Ubuntu 16.04 LTS (Available with Ubuntu Pro):
libnghttp2-14 1.7.1-1ubuntu0.1~esm2
nghttp2 1.7.1-1ubuntu0.1~esm2
nghttp2-client 1.7.1-1ubuntu0.1~esm2
nghttp2-proxy 1.7.1-1ubuntu0.1~esm2
nghttp2-server 1.7.1-1ubuntu0.1~esm2
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5558-1 security@debian.org
https://www.debian.org/security/ Markus Koschany
November 18, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : netty
CVE ID : CVE-2023-34462 CVE-2023-44487
Debian Bug : 1038947 1054234
Two security vulnerabilities have been discovered in Netty, a Java NIO
client/server socket framework.
CVE-2023-34462
It might be possible for a remote peer to send a client hello packet during
a TLS handshake which lead the server to buffer up to 16 MB of data per
connection. This could lead to a OutOfMemoryError and so result in a denial
of service.
This problem is also known as Rapid Reset Attack.
For the oldstable distribution (bullseye), these problems have been fixed
in version 1:4.1.48-4+deb11u2.
For the stable distribution (bookworm), these problems have been fixed in
version 1:4.1.48-7+deb12u1.
We recommend that you upgrade your netty packages.
For the detailed security status of netty please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/netty
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVY5TZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeRHiBAAzFhW85Ho37J02wrSDVwhIMTsVjNO9lnA08Pswdohr9K1wxeCJ/hBAx97
UNIrjTxyOfCJWi1Kj5pITXEHBRu6w1fj/5y9yoMpAKEu+oGQroHbSf4CPmqP2Of0
eamkfbGx2Dh7Ug3qYxe+elcqRtU3gu8I8DYcWJnm2VpWq7/pbNJ+9iqtmMjhkPLH
1etLI/5HAkwpPimZSrHzcimn39gEVaIbZLc86ZBAoAPghc+iJR1JFHERmkEutWkB
eAnL3kD1mr6F711eZvDfPaRfEUVorW67ZEpPX68MJExuYHNXd268EhQOhf/ZYv8g
SUSBJuKw4w2OnL4fn8lhqnQgYHUVkcYBtfYii6E9bEVAIPoaT+4gvdSg9zkF6cza
Da8SXkEY2ysaX+A24iVnCNMpCMSOUOxWsFFvkCcfi8A4HxGGqWzVOsBbDJKjktS1
g6FyeqWsGh9QG/CPYeMN7LB7lW1l2XzO6GQ9QR1rzU/whgUVxprkye5wx2BaQmom
rrWVHBijH1cNWd1IbryAm+prduL1l/CNR0785ZPTjB3SsMFPCAtRHf9G976rqVs0
P3jGg+BdeDj+sd3EFHcHnNXQOaETgR07RWzngbjEkgmJYhB2B43hCQ2LwsNlHsmg
O6otUI2k274IF9KHh0T1h1hopbUTU8VPy3dpcLloCzk7KiAv1RI=
=4ExT
-----END PGP SIGNATURE-----
. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience |
|
var-201110-0479
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. plural Apple Product Webkit A similar vulnerability exists for. Detail is Apple See vendor information for.Denial of service by attacker (DoS) Or other unclear details may be affected. Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, steal cookie-based authentication credentials, bypass the cross-origin restrictions, perform spoofing attacks, and disclose potentially sensitive information, other attacks may also be possible.
Versions prior to Chrome 15.0.874.102 are vulnerable. Google Chrome is a web browser developed by Google (Google).
These could be used in a malicious web site to direct the user to a
spoofed site that visually appears to be a legitimate domain. This
issue is addressed through an improved domain name validity check.
This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies"
preference in Safari was set to the default setting of "From third
parties and advertisers".
CVE-ID
CVE-2012-0640 : nshah
WebKit
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista,
XP SP2 or later
Impact: HTTP authentication credentials may be inadvertently
disclosed to another site
Description: If a site uses HTTP authentication and redirects to
another site, the authentication credentials may be sent to the other
site. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
iOS 5.1 Software Update is now available and addresses the following:
CFNetwork
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in CFNetwork's handling of malformed
URLs. When accessing a maliciously crafted URL, CFNetwork could send
unexpected request headers.
CVE-ID
CVE-2012-0641 : Erling Ellingsen of Facebook
HFS
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Mounting a maliciously crafted disk image may lead to a
device shutdown or arbitrary code execution
Description: An integer underflow existed with the handling of HFS
catalog files.
CVE-ID
CVE-2012-0642 : pod2g
Kernel
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A malicious program could bypass sandbox restrictions
Description: A logic issue existed in the handling of debug system
calls. This may allow a malicious program to gain code execution in
other programs with the same user privileges.
CVE-ID
CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
libresolv
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Applications that use the libresolv library may be
vulnerable to an unexpected application termination or arbitrary code
execution
Description: An integer overflow existed in the handling of DNS
resource records, which may lead to heap memory corruption.
CVE-ID
CVE-2011-3453 : Ilja van Sprundel of IOActive
Passcode Lock
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A person with physical access to the device may be able to
bypass the screen lock
Description: A race condition issue existed in the handling of slide
to dial gestures. This may allow a person with physical access to the
device to bypass the Passcode Lock screen.
CVE-ID
CVE-2012-0644 : Roland Kohler of the German Federal Ministry of
Economics and Technology
Safari
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Web page visits may be recorded in browser history even when
Private Browsing is active
Description: Safari's Private Browsing is designed to prevent
recording of a browsing session. Pages visited as a result of a site
using the JavaScript methods pushState or replaceState were recorded
in the browser history even when Private Browsing mode was active.
This issue is addressed by not recording such visits when Private
Browsing is active.
CVE-ID
CVE-2012-0585 : Eric Melville of American Express
Siri
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: An attacker with physical access to a locked phone could get
access to frontmost email message
Description: A design issue existed in Siri's lock screen
restrictions. If Siri was enabled for use on the lock screen, and
Mail was open with a message selected behind the lock screen, a voice
command could be used to send that message to an arbitrary recipient.
This issue is addressed by disabling forwarding of active messages
from the lock screen.
CVE-ID
CVE-2012-0645
VPN
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A maliciously crafted system configuration file may lead to
arbitrary code execution with system privileges
Description: A format string vulnerability existed in the handling
of racoon configuration files.
CVE-ID
CVE-2012-0646 : pod2g
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of cookies
Description: A cross-origin issue existed in WebKit, which may allow
cookies to be disclosed across origins.
CVE-ID
CVE-2011-3887 : Sergey Glazunov
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website and dragging content
with the mouse may lead to a cross-site scripting attack
Description: A cross-origin issue existed in WebKit, which may allow
content to be dragged and dropped across origins.
CVE-ID
CVE-2012-0590 : Adam Barth of Google Chrome Security Team
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: Multiple cross-origin issues existed in WebKit.
CVE-ID
CVE-2011-3881 : Sergey Glazunov
CVE-2012-0586 : Sergey Glazunov
CVE-2012-0587 : Sergey Glazunov
CVE-2012-0588 : Jochen Eisinger of Google Chrome Team
CVE-2012-0589 : Alan Austin of polyvore.com
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
CVE-ID
CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-2833 : Apple
CVE-2011-2846 : Arthur Gerkis, miaubiz
CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome
Security Team using AddressSanitizer
CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense
VCP
CVE-2011-2857 : miaubiz
CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2867 : Dirk Schulze
CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using
AddressSanitizer
CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google
Chrome Security Team using AddressSanitizer
CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2877 : miaubiz
CVE-2011-3885 : miaubiz
CVE-2011-3888 : miaubiz
CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative
CVE-2011-3908 : Aki Helin of OUSPG
CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu
CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2012-0591 : miaubiz, and Martin Barbella
CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day
Initiative
CVE-2012-0593 : Lei Zhang of the Chromium development community
CVE-2012-0594 : Adam Klein of the Chromium development community
CVE-2012-0595 : Apple
CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0597 : miaubiz
CVE-2012-0598 : Sergey Glazunov
CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com
CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google
Chrome, miaubiz, Aki Helin of OUSPG, Apple
CVE-2012-0601 : Apple
CVE-2012-0602 : Apple
CVE-2012-0603 : Apple
CVE-2012-0604 : Apple
CVE-2012-0605 : Apple
CVE-2012-0606 : Apple
CVE-2012-0607 : Apple
CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer
CVE-2012-0611 : Martin Barbella using AddressSanitizer
CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer
CVE-2012-0615 : Martin Barbella using AddressSanitizer
CVE-2012-0616 : miaubiz
CVE-2012-0617 : Martin Barbella using AddressSanitizer
CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0621 : Martin Barbella using AddressSanitizer
CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome
Security Team
CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0624 : Martin Barbella using AddressSanitizer
CVE-2012-0625 : Martin Barbella
CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0627 : Apple
CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of
Google Chrome Security Team using AddressSanitizer
CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2012-0630 : Sergio Villar Senin of Igalia
CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using
AddressSanitizer
CVE-2012-0633 : Apple
CVE-2012-0635 : Julien Chaffraix of the Chromium development
community, Martin Barbella using AddressSanitizer
Installation note:
This update is only available through iTunes, and will not appear
in your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an Internet connection and have
installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When
the iPhone, iPod touch or iPad is docked, iTunes will present the
user with the option to install the update. We recommend applying
the update immediately if possible. Selecting Don't Install will
present the option the next time you connect your iPhone, iPod touch,
or iPad.
The automatic update process may take up to a week depending on the
day that iTunes checks for updates. You may manually obtain the
update via the Check for Updates button within iTunes. After doing
this, the update can be applied when your iPhone, iPod touch, or iPad
is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be "5.1".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq
4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM
bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY
RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90
HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6
7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY=
=qPeE
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Chromium, V8: Multiple vulnerabilities
Date: November 01, 2011
Bugs: #351525, #353626, #354121, #356933, #357963, #358581,
#360399, #363629, #365125, #366335, #367013, #368649,
#370481, #373451, #373469, #377475, #377629, #380311,
#380897, #381713, #383251, #385649, #388461
ID: 201111-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium and V8, some of
which may allow execution of arbitrary code and local root privilege
escalation.
Background
==========
Chromium is an open-source web browser project. V8 is Google's open
source JavaScript engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 15.0.874.102 >= 15.0.874.102
2 dev-lang/v8 < 3.5.10.22 >= 3.5.10.22
-------------------------------------------------------------------
2 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been discovered in Chromium and V8.
Please review the CVE identifiers and release notes referenced below
for details.
Impact
======
A local attacker could gain root privileges (CVE-2011-1444, fixed in
chromium-11.0.696.57).
A context-dependent attacker could entice a user to open a specially
crafted web site or JavaScript program using Chromium or V8, possibly
resulting in the execution of arbitrary code with the privileges of the
process, or a Denial of Service condition.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102"
All V8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22"
References
==========
[ 1 ] CVE-2011-2345
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345
[ 2 ] CVE-2011-2346
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346
[ 3 ] CVE-2011-2347
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347
[ 4 ] CVE-2011-2348
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348
[ 5 ] CVE-2011-2349
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349
[ 6 ] CVE-2011-2350
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350
[ 7 ] CVE-2011-2351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351
[ 8 ] CVE-2011-2834
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834
[ 9 ] CVE-2011-2835
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835
[ 10 ] CVE-2011-2837
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837
[ 11 ] CVE-2011-2838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838
[ 12 ] CVE-2011-2839
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839
[ 13 ] CVE-2011-2840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840
[ 14 ] CVE-2011-2841
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841
[ 15 ] CVE-2011-2843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843
[ 16 ] CVE-2011-2844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844
[ 17 ] CVE-2011-2845
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845
[ 18 ] CVE-2011-2846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846
[ 19 ] CVE-2011-2847
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847
[ 20 ] CVE-2011-2848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848
[ 21 ] CVE-2011-2849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849
[ 22 ] CVE-2011-2850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850
[ 23 ] CVE-2011-2851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851
[ 24 ] CVE-2011-2852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852
[ 25 ] CVE-2011-2853
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853
[ 26 ] CVE-2011-2854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854
[ 27 ] CVE-2011-2855
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855
[ 28 ] CVE-2011-2856
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856
[ 29 ] CVE-2011-2857
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857
[ 30 ] CVE-2011-2858
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858
[ 31 ] CVE-2011-2859
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859
[ 32 ] CVE-2011-2860
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860
[ 33 ] CVE-2011-2861
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861
[ 34 ] CVE-2011-2862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862
[ 35 ] CVE-2011-2864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864
[ 36 ] CVE-2011-2874
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874
[ 37 ] CVE-2011-3234
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234
[ 38 ] CVE-2011-3873
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873
[ 39 ] CVE-2011-3875
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875
[ 40 ] CVE-2011-3876
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876
[ 41 ] CVE-2011-3877
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877
[ 42 ] CVE-2011-3878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878
[ 43 ] CVE-2011-3879
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879
[ 44 ] CVE-2011-3880
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880
[ 45 ] CVE-2011-3881
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881
[ 46 ] CVE-2011-3882
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882
[ 47 ] CVE-2011-3883
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883
[ 48 ] CVE-2011-3884
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884
[ 49 ] CVE-2011-3885
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885
[ 50 ] CVE-2011-3886
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886
[ 51 ] CVE-2011-3887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887
[ 52 ] CVE-2011-3888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888
[ 53 ] CVE-2011-3889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889
[ 54 ] CVE-2011-3890
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890
[ 55 ] CVE-2011-3891
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891
[ 56 ] Release Notes 10.0.648.127
http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html
[ 57 ] Release Notes 10.0.648.133
http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
[ 58 ] Release Notes 10.0.648.205
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
[ 59 ] Release Notes 11.0.696.57
http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html
[ 60 ] Release Notes 11.0.696.65
http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html
[ 61 ] Release Notes 11.0.696.68
http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html
[ 62 ] Release Notes 11.0.696.71
http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html
[ 63 ] Release Notes 12.0.742.112
http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html
[ 64 ] Release Notes 12.0.742.91
http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html
[ 65 ] Release Notes 13.0.782.107
http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
[ 66 ] Release Notes 13.0.782.215
http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html
[ 67 ] Release Notes 13.0.782.220
http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html
[ 68 ] Release Notes 14.0.835.163
http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html
[ 69 ] Release Notes 14.0.835.202
http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html
[ 70 ] Release Notes 15.0.874.102
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
[ 71 ] Release Notes 8.0.552.237
http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html
[ 72 ] Release Notes 9.0.597.107
http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html
[ 73 ] Release Notes 9.0.597.84
http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html
[ 74 ] Release Notes 9.0.597.94
http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-01.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
|
|
var-201804-1181
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: August 22, 2018
Bugs: #652820, #658168, #662974
ID: 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
==========
[ 1 ] CVE-2018-11646
https://nvd.nist.gov/vuln/detail/CVE-2018-11646
[ 2 ] CVE-2018-11712
https://nvd.nist.gov/vuln/detail/CVE-2018-11712
[ 3 ] CVE-2018-11713
https://nvd.nist.gov/vuln/detail/CVE-2018-11713
[ 4 ] CVE-2018-12293
https://nvd.nist.gov/vuln/detail/CVE-2018-12293
[ 5 ] CVE-2018-12294
https://nvd.nist.gov/vuln/detail/CVE-2018-12294
[ 6 ] CVE-2018-4101
https://nvd.nist.gov/vuln/detail/CVE-2018-4101
[ 7 ] CVE-2018-4113
https://nvd.nist.gov/vuln/detail/CVE-2018-4113
[ 8 ] CVE-2018-4114
https://nvd.nist.gov/vuln/detail/CVE-2018-4114
[ 9 ] CVE-2018-4117
https://nvd.nist.gov/vuln/detail/CVE-2018-4117
[ 10 ] CVE-2018-4118
https://nvd.nist.gov/vuln/detail/CVE-2018-4118
[ 11 ] CVE-2018-4119
https://nvd.nist.gov/vuln/detail/CVE-2018-4119
[ 12 ] CVE-2018-4120
https://nvd.nist.gov/vuln/detail/CVE-2018-4120
[ 13 ] CVE-2018-4121
https://nvd.nist.gov/vuln/detail/CVE-2018-4121
[ 14 ] CVE-2018-4122
https://nvd.nist.gov/vuln/detail/CVE-2018-4122
[ 15 ] CVE-2018-4125
https://nvd.nist.gov/vuln/detail/CVE-2018-4125
[ 16 ] CVE-2018-4127
https://nvd.nist.gov/vuln/detail/CVE-2018-4127
[ 17 ] CVE-2018-4128
https://nvd.nist.gov/vuln/detail/CVE-2018-4128
[ 18 ] CVE-2018-4129
https://nvd.nist.gov/vuln/detail/CVE-2018-4129
[ 19 ] CVE-2018-4133
https://nvd.nist.gov/vuln/detail/CVE-2018-4133
[ 20 ] CVE-2018-4146
https://nvd.nist.gov/vuln/detail/CVE-2018-4146
[ 21 ] CVE-2018-4162
https://nvd.nist.gov/vuln/detail/CVE-2018-4162
[ 22 ] CVE-2018-4163
https://nvd.nist.gov/vuln/detail/CVE-2018-4163
[ 23 ] CVE-2018-4165
https://nvd.nist.gov/vuln/detail/CVE-2018-4165
[ 24 ] CVE-2018-4190
https://nvd.nist.gov/vuln/detail/CVE-2018-4190
[ 25 ] CVE-2018-4192
https://nvd.nist.gov/vuln/detail/CVE-2018-4192
[ 26 ] CVE-2018-4199
https://nvd.nist.gov/vuln/detail/CVE-2018-4199
[ 27 ] CVE-2018-4200
https://nvd.nist.gov/vuln/detail/CVE-2018-4200
[ 28 ] CVE-2018-4201
https://nvd.nist.gov/vuln/detail/CVE-2018-4201
[ 29 ] CVE-2018-4204
https://nvd.nist.gov/vuln/detail/CVE-2018-4204
[ 30 ] CVE-2018-4214
https://nvd.nist.gov/vuln/detail/CVE-2018-4214
[ 31 ] CVE-2018-4218
https://nvd.nist.gov/vuln/detail/CVE-2018-4218
[ 32 ] CVE-2018-4222
https://nvd.nist.gov/vuln/detail/CVE-2018-4222
[ 33 ] CVE-2018-4232
https://nvd.nist.gov/vuln/detail/CVE-2018-4232
[ 34 ] CVE-2018-4233
https://nvd.nist.gov/vuln/detail/CVE-2018-4233
[ 35 ] CVE-2018-4261
https://nvd.nist.gov/vuln/detail/CVE-2018-4261
[ 36 ] CVE-2018-4262
https://nvd.nist.gov/vuln/detail/CVE-2018-4262
[ 37 ] CVE-2018-4263
https://nvd.nist.gov/vuln/detail/CVE-2018-4263
[ 38 ] CVE-2018-4264
https://nvd.nist.gov/vuln/detail/CVE-2018-4264
[ 39 ] CVE-2018-4265
https://nvd.nist.gov/vuln/detail/CVE-2018-4265
[ 40 ] CVE-2018-4266
https://nvd.nist.gov/vuln/detail/CVE-2018-4266
[ 41 ] CVE-2018-4267
https://nvd.nist.gov/vuln/detail/CVE-2018-4267
[ 42 ] CVE-2018-4270
https://nvd.nist.gov/vuln/detail/CVE-2018-4270
[ 43 ] CVE-2018-4272
https://nvd.nist.gov/vuln/detail/CVE-2018-4272
[ 44 ] CVE-2018-4273
https://nvd.nist.gov/vuln/detail/CVE-2018-4273
[ 45 ] CVE-2018-4278
https://nvd.nist.gov/vuln/detail/CVE-2018-4278
[ 46 ] CVE-2018-4284
https://nvd.nist.gov/vuln/detail/CVE-2018-4284
[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003
https://webkitgtk.org/security/WSA-2018-0003.html
[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004
https://webkitgtk.org/security/WSA-2018-0004.html
[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005
https://webkitgtk.org/security/WSA-2018-0005.html
[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006
https://webkitgtk.org/security/WSA-2018-0006.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2018-3-29-1 iOS 11.3
iOS 11.3 is now available and addresses the following:
Clock
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
see the email address used for iTunes
Description: An information disclosure issue existed in the handling
of alarms and timers. This issue was addressed through improved
access restrictions.
CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer)
CoreFoundation
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4155: Samuel GroA (@5aelo)
CVE-2018-4158: Samuel GroA (@5aelo)
CoreText
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to a denial
of service
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
File System Events
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4167: Samuel GroA (@5aelo)
Files Widget
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: File Widget may display contents on a locked device
Description: The File Widget was displaying cached data when in the
locked state. This issue was addressed with improved state
management.
CVE-2018-4168: Brandon Moore
Find My iPhone
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to the device may be able to
disable Find My iPhone without entering an iCloud password
Description: A state management issue existed when restoring from a
back up. This issue was addressed through improved state checking
during restore.
CVE-2018-4172: Viljami VastamA$?ki
iCloud Drive
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4151: Samuel GroA (@5aelo)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4150: an anonymous researcher
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4143: derrek (@derrekr6)
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged network position may be able to
intercept the contents of S/MIME-encrypted e-mail
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4174: an anonymous researcher, an anonymous researcher
NSURLSession
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel GroA (@5aelo)
PluginKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4156: Samuel GroA (@5aelo)
Quick Look
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4157: Samuel GroA (@5aelo)
Safari
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang
Zeng (@Wester) of Tencent Security Platform Department
Safari Login AutoFill
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to exfiltrate autofilled data
in Safari without explicit user interaction.
Description: Safari autofill did not require explicit user
interaction before taking place. The issue was addressed through
improved autofill heuristics.
CVE-2018-4137:
SafariViewController
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to user interface
spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2018-4149: Abhinash Jain (@abhinashjain)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)
Storage
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4154: Samuel GroA (@5aelo)
System Preferences
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A configuration profile may incorrectly remain in effect
after removal
Description: An issue existed in CFPreferences. This issue was
addressed through improved preferences cleanup.
CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of
Wandera
Telephony
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker can cause a device to unexpectedly restart
Description: A null pointer dereference issue existed when handling
Class 0 SMS messages. This issue was addressed through improved
message validation.
CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV
Web App
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Cookies may unexpectedly persist in web app
Description: A cookie management issue was addressed through improved
state management.
CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab
CVE-2018-4114: found by OSS-Fuzz
CVE-2018-4118: Jun Kokatsu (@shhnjk)
CVE-2018-4119: an anonymous researcher working with Trend Micro's
Zero Day Initiative
CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
CVE-2018-4121: Natalie Silvanovich of Google Project Zero
CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4127: an anonymous researcher working with Trend Micro's
Zero Day Initiative
CVE-2018-4128: Zach Markley
CVE-2018-4129: likemeng of Baidu Security Lab working with Trend
Micro's Zero Day Initiative
CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative
CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Unexpected interaction with indexing types causing an ASSERT
failure
Description: An array indexing issue existed in the handling of a
function in javascript core. This issue was addressed through
improved checks.
CVE-2018-4113: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to a
denial of service
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4146: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may exfiltrate data cross-origin
Description: A cross-origin issue existed with the fetch API. This
was addressed through improved input validation.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
WindowServer
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An unprivileged application may be able to log keystrokes
entered into other applications even when secure input mode is
enabled
Description: By scanning key states, an unprivileged application
could log keystrokes entered into other applications even when secure
input mode was enabled. This issue was addressed by improved state
management.
CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH
Additional recognition
WebKit
We would like to acknowledge Johnny Nipper of Tinder Security Team
for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "11.3".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA
to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0
TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs
+Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq
g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z
oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU
0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi
+7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy
IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo
Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g
70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj
qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo=
=RJi8
-----END PGP SIGNATURE-----
.
Installation note:
Safari 11.1 may be obtained from the Mac App Store |
|
var-202210-1070
|
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. It is written in C language and can be called by many languages, such as C language, C++, XSH. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. JIRA issues fixed (https://issues.jboss.org/):
OSSM-1330 - Allow specifying secret as pilot server cert when using CertificateAuthority: Custom
OSSM-2342 - Run OSSM operator on infrastructure nodes
OSSM-2371 - Kiali in read-only mode still can change the log level of the envoy proxies
OSSM-2373 - Can't login to Kiali with "Error trying to get OAuth metadata"
OSSM-2374 - Deleting a SMM also deletes the SMMR in OpenShift Service Mesh
OSSM-2492 - Default tolerations in SMCP not passed to Jaeger
OSSM-2493 - Default nodeSelector and tolerations in SMCP not passed to Kiali
OSSM-3317 - Error: deployment.accessible_namespaces set to ['**']
6. ==========================================================================
Ubuntu Security Notice USN-5760-2
December 05, 2022
libxml2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in libxml2.
Software Description:
- libxml2: GNOME XML library
Details:
USN-5760-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libxml2 2.9.3+dfsg1-1ubuntu0.7+esm4
libxml2-utils 2.9.3+dfsg1-1ubuntu0.7+esm4
Ubuntu 14.04 ESM:
libxml2 2.9.1+dfsg1-3ubuntu4.13+esm4
libxml2-utils 2.9.1+dfsg1-3ubuntu4.13+esm4
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update
Advisory ID: RHSA-2022:8841-01
Product: Red Hat JBoss Core Services
Advisory URL: https://access.redhat.com/errata/RHSA-2022:8841
Issue date: 2022-12-08
CVE Names: CVE-2022-1292 CVE-2022-2068 CVE-2022-22721
CVE-2022-23943 CVE-2022-26377 CVE-2022-28330
CVE-2022-28614 CVE-2022-28615 CVE-2022-30522
CVE-2022-31813 CVE-2022-32206 CVE-2022-32207
CVE-2022-32208 CVE-2022-32221 CVE-2022-35252
CVE-2022-37434 CVE-2022-40303 CVE-2022-40304
CVE-2022-40674 CVE-2022-42915 CVE-2022-42916
====================================================================
1. Summary:
An update is now available for Red Hat JBoss Core Services.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Description:
Red Hat JBoss Core Services is a set of supplementary software for Red Hat
JBoss middleware products. This software, such as Apache HTTP Server, is
common to multiple JBoss middleware products, and is packaged under Red Hat
JBoss Core Services to allow for faster distribution of updates, and for a
more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51
Service Pack 1 serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which
are documented in the Release Notes document linked to in the References.
Security Fix(es):
* libxml2: integer overflows with XML_PARSE_HUGE (CVE-2022-40303)
* libxml2: dict corruption caused by entity reference cycles
(CVE-2022-40304)
* expat: a use-after-free in the doContent function in xmlparse.c
(CVE-2022-40674)
* zlib: a heap-based buffer over-read or buffer overflow in inflate in
inflate.c via a large gzip header extra field (CVE-2022-37434)
* curl: HSTS bypass via IDN (CVE-2022-42916)
* curl: HTTP proxy double-free (CVE-2022-42915)
* curl: POST following PUT confusion (CVE-2022-32221)
* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism
(CVE-2022-31813)
* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)
* httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)
* httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)
* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)
* curl: control code in cookie denial of service (CVE-2022-35252)
* zlib: a heap-based buffer over-read or buffer overflow in inflate in
inflate.c via a large gzip header extra field (CVE-2022-37434)
* jbcs-httpd24-httpd: httpd: mod_isapi: out-of-bounds read (CVE-2022-28330)
* curl: Unpreserved file permissions (CVE-2022-32207)
* curl: various flaws (CVE-2022-32206 CVE-2022-32208)
* openssl: the c_rehash script allows command injection (CVE-2022-2068)
* openssl: c_rehash script allows command injection (CVE-2022-1292)
* jbcs-httpd24-httpd: httpd: core: Possible buffer overflow with very large
or unlimited LimitXMLRequestBody (CVE-2022-22721)
* jbcs-httpd24-httpd: httpd: mod_sed: Read/write beyond bounds
(CVE-2022-23943)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
4. Bugs fixed (https://bugzilla.redhat.com/):
2064319 - CVE-2022-23943 httpd: mod_sed: Read/write beyond bounds
2064320 - CVE-2022-22721 httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
2081494 - CVE-2022-1292 openssl: c_rehash script allows command injection
2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling
2095000 - CVE-2022-28330 httpd: mod_isapi: out-of-bounds read
2095002 - CVE-2022-28614 httpd: Out-of-bounds read via ap_rwrite()
2095006 - CVE-2022-28615 httpd: Out-of-bounds read in ap_strcmp_match()
2095015 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability
2095020 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism
2097310 - CVE-2022-2068 openssl: the c_rehash script allows command injection
2099300 - CVE-2022-32206 curl: HTTP compression denial of service
2099305 - CVE-2022-32207 curl: Unpreserved file permissions
2099306 - CVE-2022-32208 curl: FTP-KRB bad message verification
2116639 - CVE-2022-37434 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
2120718 - CVE-2022-35252 curl: control code in cookie denial of service
2130769 - CVE-2022-40674 expat: a use-after-free in the doContent function in xmlparse.c
2135411 - CVE-2022-32221 curl: POST following PUT confusion
2135413 - CVE-2022-42915 curl: HTTP proxy double-free
2135416 - CVE-2022-42916 curl: HSTS bypass via IDN
2136266 - CVE-2022-40303 libxml2: integer overflows with XML_PARSE_HUGE
2136288 - CVE-2022-40304 libxml2: dict corruption caused by entity reference cycles
5. References:
https://access.redhat.com/security/cve/CVE-2022-1292
https://access.redhat.com/security/cve/CVE-2022-2068
https://access.redhat.com/security/cve/CVE-2022-22721
https://access.redhat.com/security/cve/CVE-2022-23943
https://access.redhat.com/security/cve/CVE-2022-26377
https://access.redhat.com/security/cve/CVE-2022-28330
https://access.redhat.com/security/cve/CVE-2022-28614
https://access.redhat.com/security/cve/CVE-2022-28615
https://access.redhat.com/security/cve/CVE-2022-30522
https://access.redhat.com/security/cve/CVE-2022-31813
https://access.redhat.com/security/cve/CVE-2022-32206
https://access.redhat.com/security/cve/CVE-2022-32207
https://access.redhat.com/security/cve/CVE-2022-32208
https://access.redhat.com/security/cve/CVE-2022-32221
https://access.redhat.com/security/cve/CVE-2022-35252
https://access.redhat.com/security/cve/CVE-2022-37434
https://access.redhat.com/security/cve/CVE-2022-40303
https://access.redhat.com/security/cve/CVE-2022-40304
https://access.redhat.com/security/cve/CVE-2022-40674
https://access.redhat.com/security/cve/CVE-2022-42915
https://access.redhat.com/security/cve/CVE-2022-42916
https://access.redhat.com/security/updates/classification/#important
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. JIRA issues fixed (https://issues.jboss.org/):
LOG-3533 - tls.cert, tls.key and passphrase are not passed to the fluentd configuration when forwarding logs using syslog over TLS
LOG-3534 - [release-5.5] [Administrator Console] Seeing "parse error" while using Severity filter for cluster view user
5. Description:
Submariner enables direct networking between pods and services on different
Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source
community website at: https://submariner.io/.
This advisory contains bug fixes and enhancements to the Submariner
container images.
Security fixes:
* CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage
takes a long time to parse complex tags
Bugs addressed:
* Build Submariner 0.13.3 (ACM-2226)
* Verify Submariner with OCP 4.12 (ACM-2435)
* Submariner does not support cluster "kube-proxy ipvs mode" (ACM-2821)
3. Bugs fixed (https://bugzilla.redhat.com/):
2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
5. JIRA issues fixed (https://issues.jboss.org/):
ACM-2226 - [ACM 2.6.4] Build Submariner 0.13.3
ACM-2435 - [ACM 2.6.4] Verify Submariner with OCP 4.12
ACM-2821 - [Submariner] - 0.13.3 - Submariner does not support cluster "kube-proxy ipvs mode"
6. Description:
Security Fix(es):
* archive/tar: unbounded memory consumption when reading headers
(CVE-2022-2879)
* regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* net/http: An attacker can cause excessive memory growth in a Go server
accepting HTTP/2 requests (CVE-2022-41717)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers
2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps
2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
5. JIRA issues fixed (https://issues.jboss.org/):
OSPK8-664 - Unexpected "unassigned" hostRefs in OSBMS halt further reconcile loops
6. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2022-12-13-7 tvOS 16.2
tvOS 16.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213535.
Accounts
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: A user may be able to view sensitive user information
Description: This issue was addressed with improved data protection.
CVE-2022-42843: Mickey Jin (@patch1t)
AppleAVD
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Parsing a maliciously crafted video file may lead to kernel
code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2022-46694: Andrey Labunets and Nikita Tarakanov
AppleMobileFileIntegrity
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed by enabling hardened runtime.
CVE-2022-42865: Wojciech Reguła (@_r3ggi) of SecuRing
AVEVideoEncoder
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A logic issue was addressed with improved checks.
CVE-2022-42848: ABC Research s.r.o
ImageIO
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2022-46693: Mickey Jin (@patch1t)
ImageIO
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Parsing a maliciously crafted TIFF file may lead to
disclosure of user information
Description: The issue was addressed with improved memory handling.
CVE-2022-42851: Mickey Jin (@patch1t)
IOHIDFamily
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A race condition was addressed with improved state
handling.
CVE-2022-42864: Tommy Muir (@Muirey03)
IOMobileFrameBuffer
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2022-46690: John Aakerblom (@jaakerblom)
Kernel
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A race condition was addressed with additional
validation.
CVE-2022-46689: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Connecting to a malicious NFS server may lead to arbitrary
code execution with kernel privileges
Description: The issue was addressed with improved bounds checks.
CVE-2022-46701: Felix Poulin-Belanger
Kernel
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
CVE-2022-42842: pattern-f (@pattern_F_) of Ant Security Light-Year
Lab
Kernel
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-42845: Adam Doupé of ASU SEFCOM
libxml2
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: A remote user may be able to cause unexpected app termination
or arbitrary code execution
Description: An integer overflow was addressed through improved input
validation.
CVE-2022-40303: Maddie Stone of Google Project Zero
libxml2
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: A remote user may be able to cause unexpected app termination
or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project
Zero
Preferences
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: An app may be able to use arbitrary entitlements
Description: A logic issue was addressed with improved state
management.
CVE-2022-42855: Ivan Fratric of Google Project Zero
Safari
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Visiting a website that frames malicious content may lead to
UI spoofing
Description: A spoofing issue existed in the handling of URLs. This
issue was addressed with improved input validation.
CVE-2022-46695: KirtiKumar Anandrao Ramchandani
Software Update
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: A user may be able to elevate privileges
Description: An access issue existed with privileged API calls. This
issue was addressed with additional restrictions.
CVE-2022-42849: Mickey Jin (@patch1t)
Weather
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: An app may be able to read sensitive location information
Description: The issue was addressed with improved handling of
caches.
CVE-2022-42866: an anonymous researcher
WebKit
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
WebKit Bugzilla: 245521
CVE-2022-42867: Maddie Stone of Google Project Zero
WebKit
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory consumption issue was addressed with improved
memory handling.
WebKit Bugzilla: 245466
CVE-2022-46691: an anonymous researcher
WebKit
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing maliciously crafted web content may bypass Same
Origin Policy
Description: A logic issue was addressed with improved state
management.
WebKit Bugzilla: 246783
CVE-2022-46692: KirtiKumar Anandrao Ramchandani
WebKit
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2022-42852: hazbinhotel working with Trend Micro Zero Day
Initiative
WebKit
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
WebKit Bugzilla: 246942
CVE-2022-46696: Samuel Groß of Google V8 Security
WebKit Bugzilla: 247562
CVE-2022-46700: Samuel Groß of Google V8 Security
WebKit
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A logic issue was addressed with improved checks.
CVE-2022-46698: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs
& DNSLab, Korea Univ.
WebKit
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
WebKit Bugzilla: 247420
CVE-2022-46699: Samuel Groß of Google V8 Security
WebKit Bugzilla: 244622
CVE-2022-42863: an anonymous researcher
WebKit
Available for: Apple TV 4K, Apple TV 4K (2nd generation and later),
and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited against versions of iOS released
before iOS 15.1.
Description: A type confusion issue was addressed with improved state
handling.
WebKit Bugzilla: 248266
CVE-2022-42856: Clément Lecigne of Google's Threat Analysis Group
Additional recognition
Kernel
We would like to acknowledge Zweig of Kunlun Lab for their
assistance.
Safari Extensions
We would like to acknowledge Oliver Dunk and Christian R. of
1Password for their assistance.
WebKit
We would like to acknowledge an anonymous researcher and scarlet for
their assistance.
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting "Settings ->
System -> Software Update -> Update Software." To check the current
version of software, select "Settings -> General -> About."
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmOZFX4ACgkQ4RjMIDke
NxkItA/+LIwJ66Odl7Uwp1N/qek5Z/TBuPKlbgTwRZGT3LBVMVmyHTBzebA88aNq
Pae1RKQ2Txw4w9Tb7a08eeqRQD51MBoSjTxf23tO1o0B1UR3Hgq3gsOSjh/dTq9V
Jvy4DpO15xdVHP3BH/li114JpgR+FoD5Du0rPffL01p6YtqeWMSvnRoCmwNcIqou
i2ZObfdrL2WJ+IiDIlMoJ3v+B1tDxOWR6Mn37iRdzl+QgrQMQtP9pSsiAPCntA+y
eFM5Hp0JlOMtCfA+xT+LRoZHCbjTCFMRlRbNffGvrNwwdTY4MXrSYlKcIo3yFT2m
KSHrQNvqzWhmSLAcHlUNo0lVvtPAlrgyilCYaeRNgRC1+x8KRf/AcErXr23oKknJ
lzIF6eVk1K3mxUmR+M+P8+cr14pbrUwJcQlm0In6/8fUulHtcElLE3fJ+HJVImx8
RtvNmuCng5iEK1zlwgDvAKO3EgMrMtduF8aygaCcBmt65GMkHwvOGCDXcIrKfH9U
sP4eY7V3t4CQd9TX3Vlmt47MwRTSVuUtMcQeQPhEUTdUbM7UlvtW8igrLvkz9uPn
CpuE2mzhd/dJANXvMFBR9A0ilAdJO1QD/uSWL+UbKq4BlyiW5etd8gObQfHqqW3C
sh0EwxLh4ATicRS9btAJMwIfK/ulYDWp4yuIsUamDj/sN9xWvXY=
=i2O9
-----END PGP SIGNATURE-----
. Bugs fixed (https://bugzilla.redhat.com/):
2156729 - CVE-2021-4238 goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be
2163037 - CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents
2167819 - CVE-2023-23947 ArgoCD: Users with any cluster secret update access may update out-of-bounds cluster secrets
5 |
|
var-200501-0287
|
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. Apple Mac OS X with Bluetooth support may unintentionally allow files to be exchanged with other systems by default. Apple Mac OS X Directory Service utilities use external programs insecurely, potentially allowing an attacker to execute arbitrary code. Multiple integer overflows in the LibTIFF library may allow an attacker to execute arbitrary code. Multiple integer overflows in the LibTIFF library may allow an attacker to execute arbitrary code. LibTIFF is affected by multiple buffer-overflow vulnerabilities because the software fails to properly perform boundary checks before copying user-supplied strings into finite process buffers.
An attacker may leverage these issues to execute arbitrary code on a vulnerable computer with the privileges of the user running a vulnerable application, facilitating unauthorized access. The attacker may also leverage these issues to crash the affected application. libtiff is an application library responsible for encoding/decoding the TIFF image format.
----------------------------------------------------------------------
Want a new IT Security job?
Vacant positions at Secunia:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
Mac OS X Security Update Fixes Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA15227
VERIFY ADVISORY:
http://secunia.com/advisories/15227/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, Spoofing, Exposure of sensitive information,
Privilege escalation, System access
WHERE:
>From remote
OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/
DESCRIPTION:
Apple has issued a security update for Mac OS X, which fixes various
vulnerabilities.
1) A boundary error in htdigest can be exploited to cause a buffer
overflow by passing an overly long realm argument.
NOTE: htdigest is by default only locally accessible and not setuid /
setgid.
2) An integer overflow error in the AppKit component when processing
TIFF files can be exploited by malicious people to compromise a
user's system.
For more information:
SA13607
3) An error in the AppKit component when parsing certain TIFF images
can result in an invalid call to the "NXSeek()" function, which will
crash an affected Cocoa application.
4) An error within the handling of AppleScript can be exploited to
display code to a user that is different than the code, which will
actually run.
5) An error in the Bluetooth support may cause Bluetooth-enabled
systems to share files via the Bluetooth file exchange service
without notifying the user properly.
6) An input validation error can be exploited to access arbitrary
files on a Bluetooth-enabled system using directory traversal attacks
via the Bluetooth file and object exchange services.
7) The chfn, chpass, and chsh utilities invoke certain external
helper programs insecurely, which can be exploited by malicious,
local users to gain escalated privileges.
8) A vulnerability in Finder can be exploited by malicious, local
users to perform certain actions on a vulnerable system with
escalated privileges due to insecure creation of ".DS_Store" files.
For more information:
SA14188
9) A boundary error within the Foundation framework when handling
environment variables can be exploited to cause a buffer overflow and
may allow execution of arbitrary code.
10) An error in Help Viewer can be exploited to run JavaScript
without the normally imposed security restrictions.
11) A security issue in the LDAP functionality may under certain
circumstances result in passwords initially being stored in plain
text.
12) Errors within the parsing of XPM files can potentially be
exploited by malicious people to compromise a vulnerable system.
For more information:
SA12549
13) An error in lukemftpd can be exploited by malicious users to
bypass chroot restrictions. In order to restrict users to their home
directory, both their full name and short name must be listed in the
"/etc/ftpchroot" file. However, the problem is that users can change
their full name and thereby bypass this restriction.
15) When enabling the HTTP proxy service in Server Admin, it is by
default possible for everyone (including users on the Internet) to
use the proxy service.
16) A vulnerability in sudo within the environment clearing can be
exploited by malicious, local users to gain escalated privileges.
For more information:
SA13199
17) An error in the Terminal utility can be exploited to inject data
via malicious input containing escape sequences in window titles.
18) An error in the Terminal utility can be exploited to inject
commands into a user's Terminal session via malicious input
containing escape characters in x-man-path URIs.
SOLUTION:
Apply Security Update 2005-005.
Security Update 2005-005 (Client):
http://www.apple.com/support/downloads/securityupdate2005005client.html
Security Update 2005-005 (Server):
http://www.apple.com/support/downloads/securityupdate2005005server.html
PROVIDED AND/OR DISCOVERED BY:
1) JxT
3) Henrik Dalgaard
4) David Remahl
5) Kevin Finisterre, digitalmunition.com.
6) Kevin Finisterre, digitalmunition.com.
10) David Remahl
13) Rob Griffiths
14) Nico
17) David Remahl
18) David Remahl
19) Pieter de Boer
ORIGINAL ADVISORY:
Apple:
http://docs.info.apple.com/article.html?artnum=301528
David Remahl:
http://remahl.se/david/vuln/004/
http://remahl.se/david/vuln/010/
http://remahl.se/david/vuln/011/
http://remahl.se/david/vuln/012/
digitalmunition.com:
http://www.digitalmunition.com/DMA[2005-0502a].txt
iDEFENSE:
http://www.idefense.com/application/poi/display?id=239&type=vulnerabilities
OTHER REFERENCES:
SA12549:
http://secunia.com/advisories/12549/
SA13199:
http://secunia.com/advisories/13199/
SA13607:
http://secunia.com/advisories/13607/
SA14188:
http://secunia.com/advisories/14188/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 567-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 15th, 2004 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : tiff
Vulnerability : heap overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0803 CAN-2004-0804 CAN-2004-0886
Several problems have been discovered in libtiff, the Tag Image File
Format library for processing TIFF graphics files. The Common Vulnerabilities and
Exposures Project has identified the following problems:
CAN-2004-0803
Chris Evans discovered several problems in the RLE (run length
encoding) decoders that could lead to arbitrary code execution.
CAN-2004-0804
Matthias Clasen discovered a division by zero through an integer
overflow.
CAN-2004-0886
Dmitry V.
For the stable distribution (woody) these problems have been fixed in
version 3.5.5-6woody1.
For the unstable distribution (sid) these problems have been fixed in
version 3.6.1-2.
We recommend that you upgrade your libtiff package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.dsc
Size/MD5 checksum: 635 11a374e916d818c05a373feb04cab6a0
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.diff.gz
Size/MD5 checksum: 36717 6f4d137f7c935d57757313a610dbd389
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz
Size/MD5 checksum: 693641 3b7199ba793dec6ca88f38bb0c8cc4d8
Alpha architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 141424 18b6e6b621178c1419de8a13a0a62366
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 105148 875257fb73ba05a575d06650c130a545
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 423194 9796f3e82553cedb237f1b574570f143
ARM architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 116928 5ed91b9586d830e8da9a5086fc5a6e76
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 90466 f04c381a418fd33602d1ba30158597d3
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 404262 30f13bfdf54cfca30ee5ca0f6c6d0e4e
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 112068 d15dfdf84f010be08799d456726e1d9d
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 81054 293f5c99f0a589917257ec7fee0b92fe
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 387052 9606adb1668decf5ac1ee02a94298e85
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 158774 80c1b7ad68ecc78091ea95414125e81c
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 135386 b17f87aa0ad98fc50aa8c137a6f5089c
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 446496 757f3b6cc9d3f1ec5a2dfb1c3485caf3
HP Precision architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 128298 46dece015f0282bca0af7f6e740e9d31
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 106788 b837005b41c54c341cbd61e8fdb581ff
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 420346 3a2b91ee22af99eec3ab42d81cf9d59f
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 107302 0c702a3e5c2ad7ad7bd96dae64fa2d61
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 79770 d67f4347d35bf898a6ab1914cb53a42f
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 380218 42e6f07cf2e70de01ca40ac4a97254bf
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 124048 85d8c8cbb62cc62c876bf4ed721027cf
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 87840 5f3312f22b0f345c7eae434f5b871993
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 410770 be817ddffa91c423b55fda3388d7ce48
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 123558 42594e9270de16ff802c11eccf7a0efb
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 88198 a8f0abe9205431caf94dce77d11ac477
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 410860 68a12ef6d37fc575105c4ceb9b766949
PowerPC architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 116042 2258da94549ae05ffae643bc40790487
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 89424 c8d782561a299ffb65ea84b59d88117a
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 402372 1eca24adda52b40c7a8d789fdeb3cb2e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 116870 dcddc86a0d96296c07076391adc9d754
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 91742 40c1de704b191e4abb65af8a4b7fd75d
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 395332 86d351b75f1f146ddad6d562ca77005c
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 132888 9ed9db78d727ba8bfbb25c1e68b03bf2
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 88556 a4069600bd9295a27d4eb6e9e0995495
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 397026 149e12055c5711129552fa938b5af431
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBcA4UW5ql+IAeqTIRAgMFAKC3Kbs2MxW5XlOa3aK9oo76W8wt9gCfXzyA
fD+15yHAK6bw15bB4ejaGV8=
=KPqY
-----END PGP SIGNATURE-----
|
|
var-202105-1311
|
A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity. Wildfly Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Red Hat Wildfly is a lightweight open source application server based on JavaEE from Red Hat.
Red Hat Wildfly versions prior to 23.0.2 have cross-site scripting vulnerabilities. An attacker can exploit this vulnerability by adding a payload in the name field to cause cross-site scripting.
The References section of this erratum contains a download link (you must
log in to download the update).
The JBoss server process must be restarted for the update to take effect. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat JBoss Enterprise Application Platform 7.3.8 on RHEL 7 security update
Advisory ID: RHSA-2021:2693-01
Product: Red Hat JBoss Enterprise Application Platform
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2693
Issue date: 2021-07-13
CVE Names: CVE-2021-3536 CVE-2021-21409
=====================================================================
1.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. See the Red Hat JBoss Enterprise
Application Platform 7.3.8 Release Notes for information about the most
significant bug fixes and enhancements included in this release.
Security Fix(es):
* netty: Request smuggling via content-length header (CVE-2021-21409)
* wildfly: XSS via admin console when creating roles in domain mode
(CVE-2021-3536)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
Before applying this update, back up your existing Red Hat JBoss Enterprise
Application Platform installation and deployed applications.
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-20264 - [GSS](7.3.z) ISPN-12787 - Non Transactional Cache needs to be invalidated after commit on JPQL update/delete operation
JBEAP-20503 - [GSS](7.3.z) WFCORE-5185 - Update ProviderDefinition to use optimised service loading API
JBEAP-20623 - [GSS](7.3.z) Upgrade Hibernate ORM from 5.3.20.Final-redhat-00001 to 5.3.20.SP1-redhat-00001
JBEAP-21179 - Tracker bug for the EAP 7.3.8 release for RHEL-7
JBEAP-21406 - [GSS](7.3.z) Upgrade Ironjacamar from 1.4.30.Final-redhat-00001 to 1.4.33.Final-redhat-00001
JBEAP-21421 - (7.3.z) Upgrade Infinispan from 9.4.22.Final-redhat-00001 to 9.4.23.Final-redhat-00001
JBEAP-21434 - (7.3.z) Upgrade wildfly-http-client from 1.0.26.Final-redhat-00001 to 1.0.28.Final-redhat-00001
JBEAP-21435 - (7.3.z) Upgrade Elytron from 1.10.12.Final-redhat-00001 to 1.10.13.Final-redhat-00001
JBEAP-21437 - (7.3.z) Upgrade netty from 4.1.60.Final to 4.1.63
JBEAP-21441 - (7.3.z) Upgrade Undertow from 2.0.35.SP1-redhat-00001 to 2.0.38.SP1-redhat-00001
JBEAP-21443 - (7.3.z) Upgrade jberet from 1.3.7.Final-redhat-00001 to 1.3.8.Final-redhat-00001
JBEAP-21444 - (7.3.z) Upgrade wf-core from 10.1.20.Final-redhat-00001 to 10.1.21.Final-redhat-00001
JBEAP-21567 - [GSS](7.3.z) Upgrade HAL from 3.2.14.Final-redhat-00001 to 3.2.15.Final-redhat-00001
JBEAP-21582 - (7.3.z) Upgrade remoting from 5.0.20.SP1-redhat-00001 to 5.0.23.Final-redhat-00001
JBEAP-21739 - (7.3.z) Upgrade elytron-web from 1.6.2.Final-redhat-00001 to 1.6.3.Final-redhat-00001
JBEAP-21977 - [SET](7.3.z) Update product CP branch github template
7. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
8. References:
https://access.redhat.com/security/cve/CVE-2021-3536
https://access.redhat.com/security/cve/CVE-2021-21409
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/
9.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYO2On9zjgjWX9erEAQhKOQ//afEATx0pRuRfFiXicDmjCwDz8CcXrDwf
8fgmVfpCRsDORqZJKVcQGKlN2aBagbnLfkLK2U5zbqYTT4iJBQgQmUuVWF7n6Trx
TGyiBrIlCiE6Horext2mmtnb96TRR0b43BGU2BBtEPcq/puwYbvJYiwvPfCx3+nF
oXm82ACKfqhP+2ErJC23/qBhN4WtL/bF5Md20nhHC2gXZka5YV2VM7/j+wzltnaH
t5gtESPQ074POF7jUvinbdrSDzbz+Q5FFaOVEZrpdpxVFTX/zpJxaPQnflkrArk0
P5hqKiUg4lhA/98pFdCOL4yFUAZ+dIpBaN3sMhd8Um1ovnegMb0sV4S0XPaJxUWg
BuMEO/f3H9T/YNX3RXNjA+iNY7W6CkGpfFjoMaDrd4ZKyR2HStMyqXBHylBNdyWS
IeMbcJnYAG+L1agV/dkbaqJFxa4dHIefKTRnxxM6fpHPp4JbDx62p4/qGLU39JwR
WQwwo6bQWefkytn/+tBAvjZHs59dvGGa9BSMukPgOs3pYFbLHNnRPBczTgRNP71h
do3Kyi0BMEuG1P+GkJpAqLJBS4pxZNmZeRvEMzTEepn+iL9pplfq2lffesH4JZ4Y
dG+0Ne+d1g3nM4QWdu/s64hfBt9cuYBXsnnpuG/Yt5yLYSrqfTcLpOQGfD8V6qwx
otJ1DTehKNw=
=tObI
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. The purpose of this text-only errata is to inform you about the
security issues fixed in this release.
Installation instructions are available from the Fuse 7.10.0 product
documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/
4. Bugs fixed (https://bugzilla.redhat.com/):
1937364 - CVE-2021-21295 netty: possible request smuggling in HTTP/2 due missing validation
1937440 - CVE-2020-13936 velocity: arbitrary code execution when attacker is able to modify templates
1944888 - CVE-2021-21409 netty: Request smuggling via content-length header
1948001 - CVE-2021-3536 wildfly: XSS via admin console when creating roles in domain mode
1948752 - CVE-2021-29425 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6
1965497 - CVE-2021-28170 jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate
1970930 - CVE-2021-3597 undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS
1976052 - CVE-2021-3644 wildfly-core: Invalid Sensitivity Classification of Vault Expression
1981407 - CVE-2021-3642 wildfly-elytron: possible timing attack in ScramServer
1991299 - CVE-2021-3690 undertow: buffer leak on incoming websocket PONG message may lead to DoS
5 |
|
var-201804-1180
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.3; Safari prior to 11.1; Windows-based iCloud prior to 7.4; Windows-based iTunes prior to 12.7.4; tvOS prior to 11.3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: August 22, 2018
Bugs: #652820, #658168, #662974
ID: 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
==========
[ 1 ] CVE-2018-11646
https://nvd.nist.gov/vuln/detail/CVE-2018-11646
[ 2 ] CVE-2018-11712
https://nvd.nist.gov/vuln/detail/CVE-2018-11712
[ 3 ] CVE-2018-11713
https://nvd.nist.gov/vuln/detail/CVE-2018-11713
[ 4 ] CVE-2018-12293
https://nvd.nist.gov/vuln/detail/CVE-2018-12293
[ 5 ] CVE-2018-12294
https://nvd.nist.gov/vuln/detail/CVE-2018-12294
[ 6 ] CVE-2018-4101
https://nvd.nist.gov/vuln/detail/CVE-2018-4101
[ 7 ] CVE-2018-4113
https://nvd.nist.gov/vuln/detail/CVE-2018-4113
[ 8 ] CVE-2018-4114
https://nvd.nist.gov/vuln/detail/CVE-2018-4114
[ 9 ] CVE-2018-4117
https://nvd.nist.gov/vuln/detail/CVE-2018-4117
[ 10 ] CVE-2018-4118
https://nvd.nist.gov/vuln/detail/CVE-2018-4118
[ 11 ] CVE-2018-4119
https://nvd.nist.gov/vuln/detail/CVE-2018-4119
[ 12 ] CVE-2018-4120
https://nvd.nist.gov/vuln/detail/CVE-2018-4120
[ 13 ] CVE-2018-4121
https://nvd.nist.gov/vuln/detail/CVE-2018-4121
[ 14 ] CVE-2018-4122
https://nvd.nist.gov/vuln/detail/CVE-2018-4122
[ 15 ] CVE-2018-4125
https://nvd.nist.gov/vuln/detail/CVE-2018-4125
[ 16 ] CVE-2018-4127
https://nvd.nist.gov/vuln/detail/CVE-2018-4127
[ 17 ] CVE-2018-4128
https://nvd.nist.gov/vuln/detail/CVE-2018-4128
[ 18 ] CVE-2018-4129
https://nvd.nist.gov/vuln/detail/CVE-2018-4129
[ 19 ] CVE-2018-4133
https://nvd.nist.gov/vuln/detail/CVE-2018-4133
[ 20 ] CVE-2018-4146
https://nvd.nist.gov/vuln/detail/CVE-2018-4146
[ 21 ] CVE-2018-4162
https://nvd.nist.gov/vuln/detail/CVE-2018-4162
[ 22 ] CVE-2018-4163
https://nvd.nist.gov/vuln/detail/CVE-2018-4163
[ 23 ] CVE-2018-4165
https://nvd.nist.gov/vuln/detail/CVE-2018-4165
[ 24 ] CVE-2018-4190
https://nvd.nist.gov/vuln/detail/CVE-2018-4190
[ 25 ] CVE-2018-4192
https://nvd.nist.gov/vuln/detail/CVE-2018-4192
[ 26 ] CVE-2018-4199
https://nvd.nist.gov/vuln/detail/CVE-2018-4199
[ 27 ] CVE-2018-4200
https://nvd.nist.gov/vuln/detail/CVE-2018-4200
[ 28 ] CVE-2018-4201
https://nvd.nist.gov/vuln/detail/CVE-2018-4201
[ 29 ] CVE-2018-4204
https://nvd.nist.gov/vuln/detail/CVE-2018-4204
[ 30 ] CVE-2018-4214
https://nvd.nist.gov/vuln/detail/CVE-2018-4214
[ 31 ] CVE-2018-4218
https://nvd.nist.gov/vuln/detail/CVE-2018-4218
[ 32 ] CVE-2018-4222
https://nvd.nist.gov/vuln/detail/CVE-2018-4222
[ 33 ] CVE-2018-4232
https://nvd.nist.gov/vuln/detail/CVE-2018-4232
[ 34 ] CVE-2018-4233
https://nvd.nist.gov/vuln/detail/CVE-2018-4233
[ 35 ] CVE-2018-4261
https://nvd.nist.gov/vuln/detail/CVE-2018-4261
[ 36 ] CVE-2018-4262
https://nvd.nist.gov/vuln/detail/CVE-2018-4262
[ 37 ] CVE-2018-4263
https://nvd.nist.gov/vuln/detail/CVE-2018-4263
[ 38 ] CVE-2018-4264
https://nvd.nist.gov/vuln/detail/CVE-2018-4264
[ 39 ] CVE-2018-4265
https://nvd.nist.gov/vuln/detail/CVE-2018-4265
[ 40 ] CVE-2018-4266
https://nvd.nist.gov/vuln/detail/CVE-2018-4266
[ 41 ] CVE-2018-4267
https://nvd.nist.gov/vuln/detail/CVE-2018-4267
[ 42 ] CVE-2018-4270
https://nvd.nist.gov/vuln/detail/CVE-2018-4270
[ 43 ] CVE-2018-4272
https://nvd.nist.gov/vuln/detail/CVE-2018-4272
[ 44 ] CVE-2018-4273
https://nvd.nist.gov/vuln/detail/CVE-2018-4273
[ 45 ] CVE-2018-4278
https://nvd.nist.gov/vuln/detail/CVE-2018-4278
[ 46 ] CVE-2018-4284
https://nvd.nist.gov/vuln/detail/CVE-2018-4284
[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003
https://webkitgtk.org/security/WSA-2018-0003.html
[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004
https://webkitgtk.org/security/WSA-2018-0004.html
[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005
https://webkitgtk.org/security/WSA-2018-0005.html
[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006
https://webkitgtk.org/security/WSA-2018-0006.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2018-0003
------------------------------------------------------------------------
Date reported : April 04, 2018
Advisory ID : WSA-2018-0003
Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html
CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114,
CVE-2018-4117, CVE-2018-4118, CVE-2018-4119,
CVE-2018-4120, CVE-2018-4122, CVE-2018-4125,
CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161,
CVE-2018-4162, CVE-2018-4163, CVE-2018-4165.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to OSS-Fuzz.
Impact: Unexpected interaction with indexing types causing an ASSERT
failure. Description: An array indexing issue existed in the
handling of a function in JavaScriptCore. This issue was addressed
through improved checks.
Credit to OSS-Fuzz. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher.
Impact: A malicious website may exfiltrate data cross-origin.
Description: A cross-origin issue existed with the fetch API. This
was addressed through improved input validation.
Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher working with Trend Microys Zero
Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher working with Trend Microys Zero
Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Zach Markley. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to likemeng of Baidu Security Lab working with Trend Micro's
Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify
(detectify.com), Yuji Tounai of NTT Communications Corporation.
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack. This issue was addressed with improved URL
validation.
Credit to OSS-Fuzz.
Impact: Processing maliciously crafted web content may lead to a
denial of service. Description: A memory corruption issue was
addressed through improved input validation.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
April 04, 2018
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2018-3-29-1 iOS 11.3
iOS 11.3 is now available and addresses the following:
Clock
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
see the email address used for iTunes
Description: An information disclosure issue existed in the handling
of alarms and timers.
CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer)
CoreFoundation
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4155: Samuel GroA (@5aelo)
CVE-2018-4158: Samuel GroA (@5aelo)
CoreText
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to a denial
of service
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
File System Events
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4167: Samuel GroA (@5aelo)
Files Widget
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: File Widget may display contents on a locked device
Description: The File Widget was displaying cached data when in the
locked state.
CVE-2018-4168: Brandon Moore
Find My iPhone
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to the device may be able to
disable Find My iPhone without entering an iCloud password
Description: A state management issue existed when restoring from a
back up.
CVE-2018-4172: Viljami VastamA$?ki
iCloud Drive
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4151: Samuel GroA (@5aelo)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4150: an anonymous researcher
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4143: derrek (@derrekr6)
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged network position may be able to
intercept the contents of S/MIME-encrypted e-mail
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4174: an anonymous researcher, an anonymous researcher
NSURLSession
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel GroA (@5aelo)
PluginKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4156: Samuel GroA (@5aelo)
Quick Look
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4157: Samuel GroA (@5aelo)
Safari
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang
Zeng (@Wester) of Tencent Security Platform Department
Safari Login AutoFill
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to exfiltrate autofilled data
in Safari without explicit user interaction.
Description: Safari autofill did not require explicit user
interaction before taking place.
CVE-2018-4137:
SafariViewController
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to user interface
spoofing
Description: A state management issue was addressed by disabling text
input until the destination page loads.
CVE-2018-4149: Abhinash Jain (@abhinashjain)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)
Storage
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4154: Samuel GroA (@5aelo)
System Preferences
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A configuration profile may incorrectly remain in effect
after removal
Description: An issue existed in CFPreferences.
CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of
Wandera
Telephony
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker can cause a device to unexpectedly restart
Description: A null pointer dereference issue existed when handling
Class 0 SMS messages.
CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV
Web App
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Cookies may unexpectedly persist in web app
Description: A cookie management issue was addressed through improved
state management.
CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4146: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may exfiltrate data cross-origin
Description: A cross-origin issue existed with the fetch API.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
WindowServer
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An unprivileged application may be able to log keystrokes
entered into other applications even when secure input mode is
enabled
Description: By scanning key states, an unprivileged application
could log keystrokes entered into other applications even when secure
input mode was enabled.
CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH
Additional recognition
WebKit
We would like to acknowledge Johnny Nipper of Tinder Security Team
for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA
to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0
TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs
+Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq
g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z
oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU
0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi
+7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy
IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo
Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g
70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj
qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo=
=RJi8
-----END PGP SIGNATURE-----
. ==========================================================================
Ubuntu Security Notice USN-3635-1
April 30, 2018
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3635-1
CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,
CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,
CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,
CVE-2018-4163, CVE-2018-4165
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1
.
Installation note:
Safari 11.1 may be obtained from the Mac App Store |
|
var-201304-0300
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code. Oracle Java SE is prone to a remote code execution vulnerability in Java Runtime Environment.
An attacker can exploit this issue to execute arbitrary code in the context of the current user.
This vulnerability affects the following supported versions:
7 Update 17 , 6 Update 43 , 5.0 Update 41. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201406-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: IcedTea JDK: Multiple vulnerabilities
Date: June 29, 2014
Bugs: #312297, #330205, #340819, #346799, #352035, #353418,
#354231, #355127, #370787, #387637, #404095, #421031,
#429522, #433389, #438750, #442478, #457206, #458410,
#461714, #466822, #477210, #489570, #508270
ID: 201406-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the IcedTea JDK, the worst
of which could lead to arbitrary code execution.
Background
==========
IcedTea is a distribution of the Java OpenJDK source code built with
free build tools.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
===========
Multiple vulnerabilities have been discovered in the IcedTea JDK.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information, bypass intended security policies, or have other
unspecified impact.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
==========
[ 1 ] CVE-2009-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555
[ 2 ] CVE-2010-2548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548
[ 3 ] CVE-2010-2783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783
[ 4 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 5 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 6 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 7 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 8 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 9 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 10 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 11 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 12 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 13 ] CVE-2010-3564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564
[ 14 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 15 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 16 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 17 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 18 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 19 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 20 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 21 ] CVE-2010-3860
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860
[ 22 ] CVE-2010-4351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351
[ 23 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 24 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 25 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 26 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 27 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 28 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 29 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 30 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 31 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 32 ] CVE-2011-0025
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025
[ 33 ] CVE-2011-0706
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706
[ 34 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 35 ] CVE-2011-0822
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822
[ 36 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 37 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 38 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 39 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 40 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 41 ] CVE-2011-0870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870
[ 42 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 43 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 44 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 45 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 46 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 47 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 48 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 49 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 50 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 51 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 52 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 53 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 54 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 55 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 56 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 57 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 58 ] CVE-2011-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571
[ 59 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 60 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 61 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 62 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 63 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 64 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 65 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 66 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 67 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 68 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 69 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 70 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 71 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 72 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 73 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 74 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 75 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 76 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 77 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 78 ] CVE-2012-3422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422
[ 79 ] CVE-2012-3423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423
[ 80 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 81 ] CVE-2012-4540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540
[ 82 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 83 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 84 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 85 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 86 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 87 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 88 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 89 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 90 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 91 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 92 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 93 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 94 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 95 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 96 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 97 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 98 ] CVE-2012-5979
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979
[ 99 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 100 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 101 ] CVE-2013-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424
[ 102 ] CVE-2013-0425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425
[ 103 ] CVE-2013-0426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426
[ 104 ] CVE-2013-0427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427
[ 105 ] CVE-2013-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428
[ 106 ] CVE-2013-0429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429
[ 107 ] CVE-2013-0431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431
[ 108 ] CVE-2013-0432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432
[ 109 ] CVE-2013-0433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433
[ 110 ] CVE-2013-0434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434
[ 111 ] CVE-2013-0435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435
[ 112 ] CVE-2013-0440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440
[ 113 ] CVE-2013-0441
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441
[ 114 ] CVE-2013-0442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442
[ 115 ] CVE-2013-0443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443
[ 116 ] CVE-2013-0444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444
[ 117 ] CVE-2013-0450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450
[ 118 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 119 ] CVE-2013-1475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475
[ 120 ] CVE-2013-1476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476
[ 121 ] CVE-2013-1478
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478
[ 122 ] CVE-2013-1480
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480
[ 123 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 124 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 125 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 126 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 127 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 128 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 129 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 130 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 131 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 132 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 133 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 134 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 135 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 136 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 137 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 138 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 139 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 140 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 141 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 142 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 143 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 144 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 145 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 146 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 147 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 148 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 149 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 150 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 151 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 152 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 153 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 154 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 155 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 156 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 157 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 158 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 159 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 160 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 161 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 162 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 163 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 164 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 165 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 166 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 167 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 168 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 169 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 170 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 171 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 172 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 173 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 174 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 175 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 176 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 177 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 178 ] CVE-2013-4002
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002
[ 179 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 180 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 181 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 182 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 183 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 184 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 185 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 186 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 187 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 188 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 189 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 190 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 191 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 192 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 193 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 194 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 195 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 196 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 197 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 198 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 199 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 200 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 201 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 202 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 203 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 204 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 205 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 206 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 207 ] CVE-2013-6629
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629
[ 208 ] CVE-2013-6954
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954
[ 209 ] CVE-2014-0429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429
[ 210 ] CVE-2014-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446
[ 211 ] CVE-2014-0451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451
[ 212 ] CVE-2014-0452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452
[ 213 ] CVE-2014-0453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453
[ 214 ] CVE-2014-0456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456
[ 215 ] CVE-2014-0457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457
[ 216 ] CVE-2014-0458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458
[ 217 ] CVE-2014-0459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459
[ 218 ] CVE-2014-0460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460
[ 219 ] CVE-2014-0461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461
[ 220 ] CVE-2014-1876
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876
[ 221 ] CVE-2014-2397
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397
[ 222 ] CVE-2014-2398
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398
[ 223 ] CVE-2014-2403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403
[ 224 ] CVE-2014-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412
[ 225 ] CVE-2014-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414
[ 226 ] CVE-2014-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421
[ 227 ] CVE-2014-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423
[ 228 ] CVE-2014-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-ibm security update
Advisory ID: RHSA-2013:0823-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0823.html
Issue date: 2013-05-14
CVE Names: CVE-2013-0169 CVE-2013-0401 CVE-2013-1491
CVE-2013-1537 CVE-2013-1540 CVE-2013-1557
CVE-2013-1563 CVE-2013-1569 CVE-2013-2383
CVE-2013-2384 CVE-2013-2394 CVE-2013-2417
CVE-2013-2418 CVE-2013-2419 CVE-2013-2420
CVE-2013-2422 CVE-2013-2424 CVE-2013-2429
CVE-2013-2430 CVE-2013-2432 CVE-2013-2433
CVE-2013-2435 CVE-2013-2440
=====================================================================
1. Summary:
Updated java-1.6.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Detailed
vulnerability descriptions are linked from the IBM Security alerts page,
listed in the References section. (CVE-2013-0169, CVE-2013-0401,
CVE-2013-1491, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563,
CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2417,
CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424,
CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435,
CVE-2013-2440)
All users of java-1.6.0-ibm are advised to upgrade to these updated
packages, containing the IBM Java SE 6 SR13-FP2 release. All running
instances of IBM Java must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)
920245 - CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)
920248 - CVE-2013-1491 Oracle JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)
952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)
952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)
952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)
952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)
952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)
952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)
952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
952656 - CVE-2013-2419 ICU: Layout Engine font processing errors (JDK 2D, 8001031)
952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)
952708 - CVE-2013-2383 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)
952709 - CVE-2013-2384 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)
952711 - CVE-2013-1569 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)
953166 - CVE-2013-1540 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953172 - CVE-2013-1563 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
953265 - CVE-2013-2394 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
953267 - CVE-2013-2418 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953269 - CVE-2013-2432 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
953270 - CVE-2013-2433 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953273 - CVE-2013-2435 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953275 - CVE-2013-2440 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
x86_64:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
ppc:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm
java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.ppc.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.ppc64.rpm
s390x:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.s390.rpm
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm
java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.s390.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.s390.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.s390.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.s390.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.s390x.rpm
x86_64:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-accessibility-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.i386.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el5_9.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
x86_64:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
ppc64:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.ppc.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.ppc64.rpm
s390x:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.s390.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.s390x.rpm
x86_64:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
x86_64:
java-1.6.0-ibm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.i686.rpm
java-1.6.0-ibm-devel-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.13.2-1jpp.1.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-0169.html
https://www.redhat.com/security/data/cve/CVE-2013-0401.html
https://www.redhat.com/security/data/cve/CVE-2013-1491.html
https://www.redhat.com/security/data/cve/CVE-2013-1537.html
https://www.redhat.com/security/data/cve/CVE-2013-1540.html
https://www.redhat.com/security/data/cve/CVE-2013-1557.html
https://www.redhat.com/security/data/cve/CVE-2013-1563.html
https://www.redhat.com/security/data/cve/CVE-2013-1569.html
https://www.redhat.com/security/data/cve/CVE-2013-2383.html
https://www.redhat.com/security/data/cve/CVE-2013-2384.html
https://www.redhat.com/security/data/cve/CVE-2013-2394.html
https://www.redhat.com/security/data/cve/CVE-2013-2417.html
https://www.redhat.com/security/data/cve/CVE-2013-2418.html
https://www.redhat.com/security/data/cve/CVE-2013-2419.html
https://www.redhat.com/security/data/cve/CVE-2013-2420.html
https://www.redhat.com/security/data/cve/CVE-2013-2422.html
https://www.redhat.com/security/data/cve/CVE-2013-2424.html
https://www.redhat.com/security/data/cve/CVE-2013-2429.html
https://www.redhat.com/security/data/cve/CVE-2013-2430.html
https://www.redhat.com/security/data/cve/CVE-2013-2432.html
https://www.redhat.com/security/data/cve/CVE-2013-2433.html
https://www.redhat.com/security/data/cve/CVE-2013-2435.html
https://www.redhat.com/security/data/cve/CVE-2013-2440.html
https://access.redhat.com/security/updates/classification/#critical
https://www.ibm.com/developerworks/java/jdk/alerts/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRkpsAXlSAg2UNWIIRArHgAJ99lN3GBaglvj3QTq7laft1RtttvQCgglIn
I8ZMWd5AhLgB1TqY/4MQYM0=
=wmpI
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ==========================================================================
Ubuntu Security Notice USN-1819-1
May 07, 2013
openjdk-6 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6.
Software Description:
- openjdk-6: Open Source Java implementation
Details:
Ben Murphy discovered a vulnerability in the OpenJDK JRE related to
information disclosure and data integrity. (CVE-2013-0401)
James Forshaw discovered a vulnerability in the OpenJDK JRE related to
information disclosure, data integrity and availability. (CVE-2013-1488)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1558,
CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2420, CVE-2013-2421,
CVE-2013-2422, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431,
CVE-2013-2436)
Two vulnerabilities were discovered in the OpenJDK JRE related to
confidentiality. An attacker could exploit these to expose sensitive data
over the network. (CVE-2013-2415, CVE-2013-2424)
Two vulnerabilities were discovered in the OpenJDK JRE related to
availability. An attacker could exploit these to cause a denial of service.
(CVE-2013-2417, CVE-2013-2419)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
icedtea-6-jre-cacao 6b27-1.12.5-0ubuntu0.12.04.1
icedtea-6-jre-jamvm 6b27-1.12.5-0ubuntu0.12.04.1
openjdk-6-jre 6b27-1.12.5-0ubuntu0.12.04.1
openjdk-6-jre-headless 6b27-1.12.5-0ubuntu0.12.04.1
openjdk-6-jre-lib 6b27-1.12.5-0ubuntu0.12.04.1
openjdk-6-jre-zero 6b27-1.12.5-0ubuntu0.12.04.1
Ubuntu 11.10:
icedtea-6-jre-cacao 6b27-1.12.5-0ubuntu0.11.10.1
icedtea-6-jre-jamvm 6b27-1.12.5-0ubuntu0.11.10.1
openjdk-6-jre 6b27-1.12.5-0ubuntu0.11.10.1
openjdk-6-jre-headless 6b27-1.12.5-0ubuntu0.11.10.1
openjdk-6-jre-lib 6b27-1.12.5-0ubuntu0.11.10.1
openjdk-6-jre-zero 6b27-1.12.5-0ubuntu0.11.10.1
Ubuntu 10.04 LTS:
icedtea-6-jre-cacao 6b27-1.12.5-0ubuntu0.10.04.1
openjdk-6-jre 6b27-1.12.5-0ubuntu0.10.04.1
openjdk-6-jre-headless 6b27-1.12.5-0ubuntu0.10.04.1
openjdk-6-jre-lib 6b27-1.12.5-0ubuntu0.10.04.1
openjdk-6-jre-zero 6b27-1.12.5-0ubuntu0.10.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes. An untrusted Java application or applet could possibly
use these flaws to trigger Java Virtual Machine memory corruption
(CVE-2013-1569, CVE-2013-2383, CVE-2013-2384).
Multiple improper permission check issues were discovered in the Beans,
Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java
application or applet could use these flaws to bypass Java sandbox
restrictions (CVE-2013-2422, CVE-2013-1518, CVE-2013-1557).
The previous default value of the java.rmi.server.useCodebaseOnly
property permitted the RMI implementation to automatically load
classes from remotely specified locations. Note: The
fix for CVE-2013-1537 changes the default value of the property to
true, restricting class loading to the local CLASSPATH and locations
specified in the java.rmi.server.codebase property.
The 2D component did not properly process certain images. An untrusted
Java application or applet could possibly use this flaw to trigger
Java Virtual Machine memory corruption (CVE-2013-2420).
It was discovered that the Hotspot component did not properly handle
certain intrinsic frames, and did not correctly perform access
checks and MethodHandle lookups. An untrusted Java application or
applet could use these flaws to bypass Java sandbox restrictions
(CVE-2013-2431, CVE-2013-2421).
It was discovered that JPEGImageReader and JPEGImageWriter in the
ImageIO component did not protect against modification of their state
while performing certain native code operations. An untrusted Java
application or applet could possibly use these flaws to trigger Java
Virtual Machine memory corruption (CVE-2013-2429, CVE-2013-2430).
The JDBC driver manager could incorrectly call the toString() method
in JDBC drivers, and the ConcurrentHashMap class could incorrectly
call the defaultReadObject() method. An untrusted Java application
or applet could possibly use these flaws to bypass Java sandbox
restrictions (CVE-2013-1488, CVE-2013-2426).
The sun.awt.datatransfer.ClassLoaderObjectInputStream class may
incorrectly invoke the system class loader. An untrusted Java
application or applet could possibly use this flaw to bypass certain
Java sandbox restrictions (CVE-2013-0401).
Flaws were discovered in the Network component's InetAddress
serialization, and the 2D component's font handling. An untrusted
Java application or applet could possibly use these flaws to crash
the Java Virtual Machine (CVE-2013-2417, CVE-2013-2419).
The MBeanInstantiator class implementation in the OpenJDK JMX component
did not properly check class access before creating new instances. An
untrusted Java application or applet could use this flaw to create
instances of non-public classes (CVE-2013-2424).
It was discovered that JAX-WS could possibly create temporary files
with insecure permissions. A local attacker could use this flaw
to access temporary files created by an application using JAX-WS
(CVE-2013-2415).
The updated packages provides icedtea6-1.11.10 which is not vulnerable
to these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1488
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2431
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124
https://bugzilla.redhat.com/show_bug.cgi?id=952387
_______________________________________________________________________
Updated Packages:
Mandriva Enterprise Server 5:
28320f10570a50ac08575480ee249aed mes5/i586/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
5a6bf000d48cb35a304f9ec7d4f83d6c mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
966a2d2681441d30ec9d86f3d93c5a32 mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
280aee290b6d68ab5e994f8a25a50ad9 mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
6893259a988e94df07274bf728cc7675 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
f3d20af548c84815b6c1636273293273 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
0b253fd82c86e16848eff6d5f9591ce6 mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm
08d1a5099ab26a89b1dae8008e0d98e6 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm
c0433e439964af42aa82371901aa07bc mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm
5e77c039c2d64220d1cf3fce44c86f24 mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm
4dd6c3dbabf6d29cf3ce751bda74f483 mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-35.b24.5mdvmes5.2.x86_64.rpm
f3d20af548c84815b6c1636273293273 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFRcSLkmqjQ0CJFipgRAsEgAJ4gHSUUcP7uDS3JIxzQZxnCLwXe1QCfTQXq
o4NG1rmFdAUfR4q/O/aHdtM=
=EXuM
-----END PGP SIGNATURE-----
|
|
var-201006-1169
|
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving fonts. WebKit is prone to a remote code-execution vulnerability.
An attacker can exploit this issue by enticing an unsuspecting user into viewing a malicious webpage.
Successful exploits can allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
NOTE: This issue was previously covered in BID 40620 (Apple Safari Prior to 5.0 and 4.1 Multiple Security Vulnerabilities) but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:039
http://www.mandriva.com/security/
_______________________________________________________________________
Package : webkit
Date : March 2, 2011
Affected: 2010.1
_______________________________________________________________________
Problem Description:
Multiple cross-site scripting, denial of service and arbitrary code
execution security flaws were discovered in webkit.
Please consult the CVE web links for further information.
The updated packages have been upgraded to the latest version (1.2.7)
to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0650
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2264
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2648
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3255
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4197
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4206
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
141f3cd181b875d1bb40b67a507b6db1 2010.1/i586/libwebkitgtk1.0_2-1.2.7-0.1mdv2010.2.i586.rpm
054886a3c645b3ce710b9b9daec1d5f9 2010.1/i586/libwebkitgtk1.0-devel-1.2.7-0.1mdv2010.2.i586.rpm
bef556ca3f281f6ef4086292c3b658d2 2010.1/i586/webkit1.0-1.2.7-0.1mdv2010.2.i586.rpm
a1ff7ac638646aeb64e3bbdca9bc945d 2010.1/i586/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.i586.rpm
3f40e3ebc62bad67097a9e102e0e79c2 2010.1/i586/webkit-1.2.7-0.1mdv2010.2.i586.rpm
50875cf1bc8718cedce1a45dc509b44b 2010.1/i586/webkit-gtklauncher-1.2.7-0.1mdv2010.2.i586.rpm
625d27780d1cc9edb935d4ac3521ae16 2010.1/i586/webkit-jsc-1.2.7-0.1mdv2010.2.i586.rpm
8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
5ce57cd6ab823f8084030033c7c230d7 2010.1/x86_64/lib64webkitgtk1.0_2-1.2.7-0.1mdv2010.2.x86_64.rpm
690d8718a97af93f58de3bb2357fbe9b 2010.1/x86_64/lib64webkitgtk1.0-devel-1.2.7-0.1mdv2010.2.x86_64.rpm
7cc1d4aa77e1901ccc92f27faf85c9ea 2010.1/x86_64/webkit1.0-1.2.7-0.1mdv2010.2.x86_64.rpm
2b77a77159529c55f64343aba98c15d9 2010.1/x86_64/webkit1.0-webinspector-1.2.7-0.1mdv2010.2.x86_64.rpm
475cf83c5ddd8f6809c2c73a1f5a71d1 2010.1/x86_64/webkit-1.2.7-0.1mdv2010.2.x86_64.rpm
b0f1c76107c3d54241daa7e61bfb29a9 2010.1/x86_64/webkit-gtklauncher-1.2.7-0.1mdv2010.2.x86_64.rpm
97deff5e94a625a79842b4c240b0b00d 2010.1/x86_64/webkit-jsc-1.2.7-0.1mdv2010.2.x86_64.rpm
8d02c28d8f21a022130be4c49f9d27be 2010.1/SRPMS/webkit-1.2.7-0.1mdv2010.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNbgbemqjQ0CJFipgRAs9YAJ92z2WSC2ijj34b/wr42OIYLtv65gCg7XgL
Yv/ButpYAcXsmnJWUG4ayxQ=
=GRM6
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
|
var-202105-0131
|
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. OpenLDAP Exists in a reachable assertion vulnerability.Denial of service (DoS) It may be put into a state. Summary:
Red Hat Advanced Cluster Management for Kubernetes 2.2.11 General
Availability release images, which provide one or more container updates
and bug fixes. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.2.11 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments.
Clusters and applications are all visible and managed from a single console
— with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which provide security fixes, bug fixes and
container upgrades. See the following Release Notes documentation, which
will be updated shortly for this release, for additional details about this
release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/
Security updates:
* object-path: Type confusion vulnerability can lead to a bypass of
CVE-2020-15256 (CVE-2021-23434)
* follow-redirects: Exposure of Private Personal Information to an
Unauthorized Actor (CVE-2022-0155)
Related bugs:
* RHACM 2.2.11 images (Bugzilla #2029508)
* ClusterImageSet has 4.5 which is not supported in ACM 2.2.10 (Bugzilla
#2030859)
3. Bugs fixed (https://bugzilla.redhat.com/):
1999810 - CVE-2021-23434 object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256
2029508 - RHACM 2.2.11 images
2030859 - ClusterImageSet has 4.5 which is not supported in ACM 2.2.10
2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor
5. Description:
Red Hat Openshift GitOps is a declarative way to implement continuous
deployment for cloud native applications. Bugs fixed (https://bugzilla.redhat.com/):
2062751 - CVE-2022-24730 argocd: path traversal and improper access control allows leaking out-of-bound files
2062755 - CVE-2022-24731 argocd: path traversal allows leaking out-of-bound files
2064682 - CVE-2022-1025 Openshift-Gitops: Improper access control allows admin privilege escalation
5. =========================================================================
Ubuntu Security Notice USN-4634-2
November 23, 2020
openldap vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
OpenLDAP could be made to crash if it received specially crafted network
traffic. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that OpenLDAP incorrectly handled certain malformed
inputs.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
slapd 2.4.31-1+nmu2ubuntu8.5+esm4
Ubuntu 12.04 ESM:
slapd 2.4.28-1.1ubuntu4.12
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001
Catalina, Security Update 2021-001 Mojave
macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security
Update 2021-001 Mojave addresses the following issues. Information
about the security content is also available at
https://support.apple.com/HT212147.
Analytics
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2021-1761: Cees Elzinga
APFS
Available for: macOS Big Sur 11.0.1
Impact: A local user may be able to read arbitrary files
Description: The issue was addressed with improved permissions logic.
CVE-2021-1797: Thomas Tempelmann
CFNetwork Cache
Available for: macOS Catalina 10.15.7 and macOS Mojave 10.14.6
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An integer overflow was addressed with improved input
validation.
CVE-2020-27945: Zhuo Liang of Qihoo 360 Vulcan Team
CoreAnimation
Available for: macOS Big Sur 11.0.1
Impact: A malicious application could execute arbitrary code leading
to compromise of user information
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-1760: @S0rryMybad of 360 Vulcan Team
CoreAudio
Available for: macOS Big Sur 11.0.1
Impact: Processing maliciously crafted web content may lead to code
execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1747: JunDong Xie of Ant Security Light-Year Lab
CoreGraphics
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-1776: Ivan Fratric of Google Project Zero
CoreMedia
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1759: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
CoreText
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A stack overflow was addressed with improved input
validation.
CVE-2021-1772: Mickey Jin of Trend Micro working with Trend Micro’s
Zero Day Initiative
CoreText
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1792: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative
Crash Reporter
Available for: macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2021-1761: Cees Elzinga
Crash Reporter
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A local attacker may be able to elevate their privileges
Description: Multiple issues were addressed with improved logic.
CVE-2021-1787: James Hutchins
Crash Reporter
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A local user may be able to create or modify system files
Description: A logic issue was addressed with improved state
management.
CVE-2021-1786: Csaba Fitzl (@theevilbit) of Offensive Security
Directory Utility
Available for: macOS Catalina 10.15.7
Impact: A malicious application may be able to access private
information
Description: A logic issue was addressed with improved state
management.
CVE-2020-27937: Wojciech Reguła (@_r3ggi) of SecuRing
Endpoint Security
Available for: macOS Catalina 10.15.7
Impact: A local attacker may be able to elevate their privileges
Description: A logic issue was addressed with improved state
management.
CVE-2021-1802: Zhongcheng Li (@CK01) from WPS Security Response
Center
FairPlay
Available for: macOS Big Sur 11.0.1
Impact: A malicious application may be able to disclose kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed with improved input
validation.
CVE-2021-1791: Junzhi Lu (@pwn0rz), Qi Sun & Mickey Jin of Trend
Micro working with Trend Micro’s Zero Day Initiative
FontParser
Available for: macOS Catalina 10.15.7
Impact: Processing a maliciously crafted font may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1790: Peter Nguyen Vu Hoang of STAR Labs
FontParser
Available for: macOS Mojave 10.14.6
Impact: Processing a maliciously crafted font may lead to arbitrary
code execution
Description: This issue was addressed by removing the vulnerable
code.
CVE-2021-1775: Mickey Jin and Qi Sun of Trend Micro
FontParser
Available for: macOS Mojave 10.14.6
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-29608: Xingwei Lin of Ant Security Light-Year Lab
FontParser
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1758: Peter Nguyen of STAR Labs
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An access issue was addressed with improved memory
management.
CVE-2021-1783: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1741: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1743: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative, Xingwei Lin of Ant Security Light-
Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A logic issue was addressed with improved state
management.
CVE-2021-1773: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An out-of-bounds read issue existed in the curl. This
issue was addressed with improved bounds checking.
CVE-2021-1778: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1736: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1785: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: This issue was addressed with improved checks.
CVE-2021-1766: Danny Rosseau of Carve Systems
ImageIO
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2021-1818: Xingwei Lin from Ant-Financial Light-Year Security Lab
ImageIO
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-1742: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1746: Mickey Jin & Qi Sun of Trend Micro, Xingwei Lin of Ant
Security Light-Year Lab
CVE-2021-1754: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1774: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1777: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1793: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1737: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1738: Lei Sun
CVE-2021-1744: Xingwei Lin of Ant Security Light-Year Lab
IOKit
Available for: macOS Big Sur 11.0.1
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A logic error in kext loading was addressed with
improved state handling.
CVE-2021-1779: Csaba Fitzl (@theevilbit) of Offensive Security
IOSkywalkFamily
Available for: macOS Big Sur 11.0.1
Impact: A local attacker may be able to elevate their privileges
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1757: Pan ZhenPeng (@Peterpan0927) of Alibaba Security,
Proteas
Kernel
Available for: macOS Catalina 10.15.7 and macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A logic issue existed resulting in memory corruption.
This was addressed with improved state management.
CVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
Kernel
Available for: macOS Big Sur 11.0.1
Impact: A remote attacker may be able to cause a denial of service
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-1764: @m00nbsd
Kernel
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A malicious application may be able to elevate privileges.
Apple is aware of a report that this issue may have been actively
exploited.
Description: A race condition was addressed with improved locking.
CVE-2021-1782: an anonymous researcher
Kernel
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple issues were addressed with improved logic.
CVE-2021-1750: @0xalsr
Login Window
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: An attacker in a privileged network position may be able to
bypass authentication policy
Description: An authentication issue was addressed with improved
state management.
CVE-2020-29633: Jewel Lambert of Original Spin, LLC.
Messages
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A user that is removed from an iMessage group could rejoin
the group
Description: This issue was addressed with improved checks.
CVE-2021-1771: Shreyas Ranganatha (@strawsnoceans)
Model I/O
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1762: Mickey Jin of Trend Micro
Model I/O
Available for: macOS Catalina 10.15.7
Impact: Processing a maliciously crafted file may lead to heap
corruption
Description: This issue was addressed with improved checks.
CVE-2020-29614: ZhiWei Sun (@5n1p3r0010) from Topsec Alpha Lab
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2021-1763: Mickey Jin of Trend Micro working with Trend Micro’s
Zero Day Initiative
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted image may lead to heap
corruption
Description: This issue was addressed with improved checks.
CVE-2021-1767: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1745: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1753: Mickey Jin of Trend Micro working with Trend Micro’s
Zero Day Initiative
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1768: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative
NetFSFramework
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2021-1751: Mikko Kenttälä (@Turmio_) of SensorFu
OpenLDAP
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-25709
Power Management
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved state
management.
CVE-2020-27938: Tim Michaud (@TimGMichaud) of Leviathan
Screen Sharing
Available for: macOS Big Sur 11.0.1
Impact: Multiple issues in pcre
Description: Multiple issues were addressed by updating to version
8.44.
CVE-2019-20838
CVE-2020-14155
SQLite
Available for: macOS Catalina 10.15.7
Impact: Multiple issues in SQLite
Description: Multiple issues were addressed by updating SQLite to
version 3.32.3.
CVE-2020-15358
Swift
Available for: macOS Big Sur 11.0.1
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: A logic issue was addressed with improved validation.
CVE-2021-1769: CodeColorist of Ant-Financial Light-Year Labs
WebKit
Available for: macOS Big Sur 11.0.1
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-1788: Francisco Alonso (@revskills)
WebKit
Available for: macOS Big Sur 11.0.1
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2021-1765: Eliya Stein of Confiant
CVE-2021-1801: Eliya Stein of Confiant
WebKit
Available for: macOS Big Sur 11.0.1
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-1789: @S0rryMybad of 360 Vulcan Team
WebKit
Available for: macOS Big Sur 11.0.1
Impact: A remote attacker may be able to cause arbitrary code
execution. Apple is aware of a report that this issue may have been
actively exploited.
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1871: an anonymous researcher
CVE-2021-1870: an anonymous researcher
WebRTC
Available for: macOS Big Sur 11.0.1
Impact: A malicious website may be able to access restricted ports on
arbitrary servers
Description: A port redirection issue was addressed with additional
port validation.
CVE-2021-1799: Gregory Vishnepolsky & Ben Seri of Armis Security, and
Samy Kamkar
Additional recognition
Kernel
We would like to acknowledge Junzhi Lu (@pwn0rz), Mickey Jin & Jesse
Change of Trend Micro for their assistance.
libpthread
We would like to acknowledge CodeColorist of Ant-Financial Light-Year
Labs for their assistance.
Login Window
We would like to acknowledge Jose Moises Romero-Villanueva of
CrySolve for their assistance.
Mail Drafts
We would like to acknowledge Jon Bottarini of HackerOne for their
assistance.
Screen Sharing Server
We would like to acknowledge @gorelics for their assistance.
WebRTC
We would like to acknowledge Philipp Hancke for their assistance.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmAYgrkACgkQZcsbuWJ6
jjATvhAAmcspGY8ZHJcSUGr9mysz5iT9oGkZcvFa8kcJsFAvFb9Wjz0M2eovBXQc
D9bD7LrUpodiqkSobB4bEevpD9P8E/T/eRSBxjomKLv5DKHPT4eh/K2EU6R6ubVi
GGNlT9DJrIxcTJIB2y/yfs8msV2w2/gZDLKJZP4Zh6t8G1sjI17iEaxpOph67aq2
X0d+P7+7q1mUBa47JEQ+HIUNlfHtBL825cnmHD2Vn1WELQLKZfXBl+nPM9l9naRc
3vYIvR7xJ5c4bqFx7N9xwGdQ5TRIoDijqADwggGwOZEiVZ7PWifj/iCLUz4Ks4hr
oGVE1UxN1oSX63D44ZQyfiyIWIiMtDV9V4J6mUoUnZ6RTTMoRRAF9DcSVF5/wmHk
odYnMeouHc543ZyVBtdtwJ/tbuBvTOjzpNn0+UgiyRL9wG/xxQq+gB4vwgSEviek
bBhyvdxLVWW0ULwFeN5rI5bCQBkv6BB9OSyhD6sMRrp59NAgBBS2nstZG1RAt7XL
2KZ1GpoNcuDRLj7ElxAfeJuPM1dFVTK48SH56M1FElz/QowZVOXyKgUoaeVTUyAC
3WOACmFAosFIclCbr8z8yGynX2bsCGBNKv4pKoHlyZCyFHCQw9L6uR2gRkOp86+M
iqHtE2L1WUZvUMCIKxfdixILEfoacSVCxr3+v4SSDOcEbSDYEIA=
=mUkG
-----END PGP SIGNATURE-----
. Summary:
An update for openldap is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
OpenLDAP is an open-source suite of Lightweight Directory Access Protocol
(LDAP) applications and development tools. LDAP is a set of protocols used
to access and maintain distributed directory information services over an
IP network.
Security Fix(es):
* openldap: assertion failure in Certificate List syntax validation
(CVE-2020-25709)
* openldap: assertion failure in CSN normalization with invalid input
(CVE-2020-25710)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1899675 - CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation
1899678 - CVE-2020-25710 openldap: assertion failure in CSN normalization with invalid input
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
openldap-2.4.44-25.el7_9.src.rpm
x86_64:
openldap-2.4.44-25.el7_9.i686.rpm
openldap-2.4.44-25.el7_9.x86_64.rpm
openldap-clients-2.4.44-25.el7_9.x86_64.rpm
openldap-debuginfo-2.4.44-25.el7_9.i686.rpm
openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
openldap-debuginfo-2.4.44-25.el7_9.i686.rpm
openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpm
openldap-devel-2.4.44-25.el7_9.i686.rpm
openldap-devel-2.4.44-25.el7_9.x86_64.rpm
openldap-servers-2.4.44-25.el7_9.x86_64.rpm
openldap-servers-sql-2.4.44-25.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
openldap-2.4.44-25.el7_9.src.rpm
x86_64:
openldap-2.4.44-25.el7_9.i686.rpm
openldap-2.4.44-25.el7_9.x86_64.rpm
openldap-clients-2.4.44-25.el7_9.x86_64.rpm
openldap-debuginfo-2.4.44-25.el7_9.i686.rpm
openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
openldap-debuginfo-2.4.44-25.el7_9.i686.rpm
openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpm
openldap-devel-2.4.44-25.el7_9.i686.rpm
openldap-devel-2.4.44-25.el7_9.x86_64.rpm
openldap-servers-2.4.44-25.el7_9.x86_64.rpm
openldap-servers-sql-2.4.44-25.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
openldap-2.4.44-25.el7_9.src.rpm
ppc64:
openldap-2.4.44-25.el7_9.ppc.rpm
openldap-2.4.44-25.el7_9.ppc64.rpm
openldap-clients-2.4.44-25.el7_9.ppc64.rpm
openldap-debuginfo-2.4.44-25.el7_9.ppc.rpm
openldap-debuginfo-2.4.44-25.el7_9.ppc64.rpm
openldap-devel-2.4.44-25.el7_9.ppc.rpm
openldap-devel-2.4.44-25.el7_9.ppc64.rpm
openldap-servers-2.4.44-25.el7_9.ppc64.rpm
ppc64le:
openldap-2.4.44-25.el7_9.ppc64le.rpm
openldap-clients-2.4.44-25.el7_9.ppc64le.rpm
openldap-debuginfo-2.4.44-25.el7_9.ppc64le.rpm
openldap-devel-2.4.44-25.el7_9.ppc64le.rpm
openldap-servers-2.4.44-25.el7_9.ppc64le.rpm
s390x:
openldap-2.4.44-25.el7_9.s390.rpm
openldap-2.4.44-25.el7_9.s390x.rpm
openldap-clients-2.4.44-25.el7_9.s390x.rpm
openldap-debuginfo-2.4.44-25.el7_9.s390.rpm
openldap-debuginfo-2.4.44-25.el7_9.s390x.rpm
openldap-devel-2.4.44-25.el7_9.s390.rpm
openldap-devel-2.4.44-25.el7_9.s390x.rpm
openldap-servers-2.4.44-25.el7_9.s390x.rpm
x86_64:
openldap-2.4.44-25.el7_9.i686.rpm
openldap-2.4.44-25.el7_9.x86_64.rpm
openldap-clients-2.4.44-25.el7_9.x86_64.rpm
openldap-debuginfo-2.4.44-25.el7_9.i686.rpm
openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpm
openldap-devel-2.4.44-25.el7_9.i686.rpm
openldap-devel-2.4.44-25.el7_9.x86_64.rpm
openldap-servers-2.4.44-25.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
openldap-debuginfo-2.4.44-25.el7_9.ppc64.rpm
openldap-servers-sql-2.4.44-25.el7_9.ppc64.rpm
ppc64le:
openldap-debuginfo-2.4.44-25.el7_9.ppc64le.rpm
openldap-servers-sql-2.4.44-25.el7_9.ppc64le.rpm
s390x:
openldap-debuginfo-2.4.44-25.el7_9.s390x.rpm
openldap-servers-sql-2.4.44-25.el7_9.s390x.rpm
x86_64:
openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpm
openldap-servers-sql-2.4.44-25.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
openldap-2.4.44-25.el7_9.src.rpm
x86_64:
openldap-2.4.44-25.el7_9.i686.rpm
openldap-2.4.44-25.el7_9.x86_64.rpm
openldap-clients-2.4.44-25.el7_9.x86_64.rpm
openldap-debuginfo-2.4.44-25.el7_9.i686.rpm
openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpm
openldap-devel-2.4.44-25.el7_9.i686.rpm
openldap-devel-2.4.44-25.el7_9.x86_64.rpm
openldap-servers-2.4.44-25.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpm
openldap-servers-sql-2.4.44-25.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-25709
https://access.redhat.com/security/cve/CVE-2020-25710
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
For the stable distribution (buster), these problems have been fixed in
version 2.4.47+dfsg-3+deb10u4.
We recommend that you upgrade your openldap packages |
|
var-201710-1404
|
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of RenderFlowThread elements. By manipulating a document's elements an attacker can trigger a memory access past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the current process. WebKit is prone to a same-origin policy security-bypass vulnerability and multiple memory-corruption vulnerabilities.
Successful exploits will allow attackers to execute arbitrary code in the context of the affected browser or bypass certain same-origin policy restrictions and obtain sensitive information; other attacks may also be possible.
These issues affect the following technologies and versions:
iCloud for Windows 7
Safari prior to 11
iOS prior to 11
tvOS prior to 11
iTunes for Windows prior to 12.7. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products.
Installation note:
Safari 11 may be obtained from the Mac App Store. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2017-0008
------------------------------------------------------------------------
Date reported : October 18, 2017
Advisory ID : WSA-2017-0008
Advisory URL : https://webkitgtk.org/security/WSA-2017-0008.html
CVE identifiers : CVE-2017-7081, CVE-2017-7087, CVE-2017-7089,
CVE-2017-7090, CVE-2017-7091, CVE-2017-7092,
CVE-2017-7093, CVE-2017-7094, CVE-2017-7095,
CVE-2017-7096, CVE-2017-7098, CVE-2017-7099,
CVE-2017-7100, CVE-2017-7102, CVE-2017-7104,
CVE-2017-7107, CVE-2017-7109, CVE-2017-7111,
CVE-2017-7117, CVE-2017-7120, CVE-2017-7142.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Apple. Description: A memory corruption issue was
addressed through improved input validation.
Credit to Apple. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Anton Lopanitsyn of ONSEC, Frans RosA(c)n of Detectify.
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting. Description: A logic issue existed
in the handling of the parent-tab. This issue was addressed with
improved state management.
Credit to Apple.
Impact: Cookies belonging to one origin may be sent to another
origin. Description: A permissions issue existed in the handling of
web browser cookies. This issue was addressed by no longer returning
cookies for custom URL schemes.
Credit to Wei Yuan of Baidu Security Lab working with Trend Microas
Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Qixun Zhao (@S0rryMybad) of Qihoo 360 Vulcan Team, Samuel
Gro and Niklas Baumstark working with Trend Micro's Zero Day
Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Samuel Gro and Niklas Baumstark working with Trend Microas
Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Tim Michaud (@TimGMichaud) of Leviathan Security Group. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang
Technological University working with Trend Microas Zero Day
Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Wei Yuan of Baidu Security Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Felipe Freitas of Instituto TecnolA3gico de AeronA!utica. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Apple. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Masato Kinugawa and Mario Heiderich of Cure53. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang
Technological University. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to likemeng of Baidu Secutity Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang
Technological University. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to avlidienbrunn.
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack. Description: Application Cache policy
may be unexpectedly applied.
Credit to likemeng of Baidu Security Lab (xlab.baidu.com) working
with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to lokihardt of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to chenqin (ee|) of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher.
Impact: Website data may persist after a Safari Private browsing
session. Description: An information leakage issue existed in the
handling of website data in Safari Private windows. This issue was
addressed with improved data handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
October 18, 2017
. ==========================================================================
Ubuntu Security Notice USN-3460-1
October 23, 2017
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.17.04.2
libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.17.04.2
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.16.04.2
libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.16.04.2
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3460-1
CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091,
CVE-2017-7092, CVE-2017-7093, CVE-2017-7095, CVE-2017-7096,
CVE-2017-7098, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104,
CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117,
CVE-2017-7120
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.0-0ubuntu0.17.04.2
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.0-0ubuntu0.16.04.2
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-09-25-4
Additional information for APPLE-SA-2017-09-19-1 iOS 11
iOS 11 addresses the following:
Bluetooth
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An application may be able to access restricted files
Description: A privacy issue existed in the handling of Contact
cards.
CVE-2017-7131: Dominik Conrads of Federal Office for Information
Security, an anonymous researcher, Elvis (@elvisimprsntr), an
anonymous researcher
Entry added September 25, 2017
CFNetwork Proxies
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An attacker in a privileged network position may be able to
cause a denial of service
Description: Multiple denial of service issues were addressed through
improved memory handling.
CVE-2017-7083: Abhinav Bansal of Zscaler Inc.
Entry added September 25, 2017
CoreAudio
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed by updating to Opus
version 1.1.4.
CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend
Micro
Entry added September 25, 2017
Exchange ActiveSync
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An attacker in a privileged network position may be able to
erase a device during Exchange account setup
Description: A validation issue existed in AutoDiscover V1. This was
addressed by requiring TLS for AutoDiscover V1. AutoDiscover V2 is
now supported.
CVE-2017-7088: Ilya Nesterov, Maxim Goncharov
Heimdal
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An attacker in a privileged network position may be able to
impersonate a service
Description: A validation issue existed in the handling of the KDC-
REP service name.
CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams
Entry added September 25, 2017
iBooks
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Parsing a maliciously crafted iBooks file may lead to a
persistent denial-of-service
Description: Multiple denial of service issues were addressed through
improved memory handling.
CVE-2017-7072: JAdrzej Krysztofiak
Entry added September 25, 2017
Kernel
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7114: Alex Plaskett of MWR InfoSecurity
Entry added September 25, 2017
Keyboard Suggestions
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Keyboard autocorrect suggestions may reveal sensitive
information
Description: The iOS keyboard was inadvertently caching sensitive
information.
CVE-2017-7140: an anonymous researcher
Entry added September 25, 2017
libc
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: A remote attacker may be able to cause a denial-of-service
Description: A resource exhaustion issue in glob() was addressed
through an improved algorithm.
CVE-2017-7086: Russ Cox of Google
Entry added September 25, 2017
libc
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An application may be able to cause a denial of service
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-1000373
Entry added September 25, 2017
libexpat
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Multiple issues in expat
Description: Multiple issues were addressed by updating to version
2.2.1
CVE-2016-9063
CVE-2017-9233
Entry added September 25, 2017
Location Framework
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An application may be able to read sensitive location
information
Description: A permissions issue existed in the handling of the
location variable. This was addressed with additional ownership
checks.
CVE-2017-7148: an anonymous researcher, an anonymous researcher
Entry added September 25, 2017
Mail Drafts
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An attacker with a privileged network position may be able to
intercept mail contents
Description: An encryption issue existed in the handling of mail
drafts.
CVE-2017-7078: an anonymous researcher, an anonymous researcher, an
anonymous researcher
Entry added September 25, 2017
Mail MessageUI
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A memory corruption issue was addressed with improved
validation.
CVE-2017-7097: Xinshu Dong and Jun Hao Tan of Anquan Capital
Messages
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A denial of service issue was addressed through improved
validation.
CVE-2017-7118: Kiki Jiang and Jason Tokoph
MobileBackup
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Backup may perform an unencrypted backup despite a
requirement to perform only encrypted backups
Description: A permissions issue existed.
CVE-2017-7133: Don Sparks of HackediOS.com
Phone
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: A screenshot of secure content may be taken when locking an
iOS device
Description: A timing issue existed in the handling of locking.
CVE-2017-7139: an anonymous researcher
Entry added September 25, 2017
Safari
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7085: xisigr of Tencent's Xuanwu Lab (tencent.com)
Security
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: A revoked certificate may be trusted
Description: A certificate validation issue existed in the handling
of revocation data.
CVE-2017-7080: an anonymous researcher, an anonymous researcher,
Sven Driemecker of adesso mobile solutions gmbh,
Rune Darrud (@theflyingcorpse) of BA|rum kommune
Entry added September 25, 2017
Security
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: A malicious app may be able to track users between installs
Description: A permission checking issue existed in the handling of
an app's Keychain data.
CVE-2017-7146: an anonymous researcher
Entry added September 25, 2017
SQLite
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Multiple issues in SQLite
Description: Multiple issues were addressed by updating to
version 3.19.3.
CVE-2017-10989: found by OSS-Fuzz
CVE-2017-7128: found by OSS-Fuzz
CVE-2017-7129: found by OSS-Fuzz
CVE-2017-7130: found by OSS-Fuzz
Entry added September 25, 2017
SQLite
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7127: an anonymous researcher
Entry added September 25, 2017
Time
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: "Setting Time Zone" may incorrectly indicate that it is using
location
Description: A permissions issue existed in the process that handles
time zone information. The issue was resolved by modifying
permissions.
CVE-2017-7145: an anonymous researcher
Entry added September 25, 2017
WebKit
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-7081: Apple
Entry added September 25, 2017
WebKit
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7089: Anton Lopanitsyn of ONSEC, Frans RosA(c)n of Detectify
Entry added September 25, 2017
WebKit
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Cookies belonging to one origin may be sent to another origin
Description: A permissions issue existed in the handling of web
browser cookies.
CVE-2017-7090: Apple
Entry added September 25, 2017
WebKit
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7109: avlidienbrunn
Entry added September 25, 2017
WebKit
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: A malicious website may be able to track users in Safari
private browsing mode
Description: A permissions issue existed in the handling of web
browser cookies.
CVE-2017-7144: an anonymous researcher
Entry added September 25, 2017
Wi-Fi
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An attacker within range may be able to execute arbitrary
code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-11120: Gal Beniamini of Google Project Zero
CVE-2017-11121: Gal Beniamini of Google Project Zero
Entry added September 25, 2017
Wi-Fi
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Malicious code executing on the Wi-Fi chip may be able to
execute arbitrary code with kernel privileges on the application
processor
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7103: Gal Beniamini of Google Project Zero
CVE-2017-7105: Gal Beniamini of Google Project Zero
CVE-2017-7108: Gal Beniamini of Google Project Zero
CVE-2017-7110: Gal Beniamini of Google Project Zero
CVE-2017-7112: Gal Beniamini of Google Project Zero
Wi-Fi
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Malicious code executing on the Wi-Fi chip may be able to
execute arbitrary code with kernel privileges on the application
processor
Description: Multiple race conditions were addressed through improved
validation.
CVE-2017-7115: Gal Beniamini of Google Project Zero
Wi-Fi
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Malicious code executing on the Wi-Fi chip may be able to
read restricted kernel memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-7116: Gal Beniamini of Google Project Zero
zlib
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Multiple issues in zlib
Description: Multiple issues were addressed by updating to version
1.2.11.
CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
Entry added September 25, 2017
Additional recognition
Security
We would like to acknowledge Abhinav Bansal of Zscaler, Inc.
for their assistance.
Webkit
We would like to acknowledge xisigr of Tencent's Xuanwu Lab
(tencent.com) for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJZyUQfAAoJEIOj74w0bLRGvBgQAJIF/+cKGy/7YWEugFrwr8A3
rNzHU/yZ3X976fmlYM8l+VUJEn2khu5huPsQzYUvEdbHOWkUGThKil+NzDr3YP6V
YYRIi+6i9KJEATGQAdR9YW6bcqJCu7S2xxNBnXtOxR/1TzO4LvVQsWJo0c5z91dD
Aid3uYhx1SPwcaF5O5CfRQcp1JSLOWKZOaxO+u+DmtYIM746jrz3FOrfEN8mQp0q
CwUSE/Vum7ImOsNUO308QnGmL7s/FGkp86/JtNTbAxJ47Rhqu5lcXj3q1ntrlLdX
VFC+K7mNdwNtc1vqB03W5gamyD1qVcTvvwJ3D9cpQAySTDyRFF9cGw+TrzaDl48B
8iiY7D/KkhHuY4jskCF6xyjzloK9RfgKg2FzEBndoESt7bEw4eufF9wnrfV/M1xw
6U4DSjZxgqUwV7YqMX/VnpcEuxg5q9emCQmBfudnVIPKuOITg8x1oyE1e036MDo5
zon/cRIxqaSt8K6rI7TafxQIwpM541N89O/VZbcVey5JFIu1kew4G/gMivMOyroE
+xqxLmeGgD10LMZOgoRsNBiKDy8JLJa2lO2dVTZMV4bdtCngeDikDNLqYUcW8lfa
5ZsQBceoCI6abj4PV35N7dHVATFudhrZmhY0epHt13xmRHUFTywOktu/TkOZM8HR
eU2TBtOsDF6N5SFunvAC
=s5yy
-----END PGP SIGNATURE-----
|
|
var-201711-0455
|
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.1; Safari prior to 11.0.1; Windows-based iCloud prior to 7.1; Windows-based iTunes prior to 12.7.1; tvOS prior to 11.1. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2017-0009
------------------------------------------------------------------------
Date reported : November 10, 2017
Advisory ID : WSA-2017-0009
Advisory URL : https://webkitgtk.org/security/WSA-2017-0009.html
CVE identifiers : CVE-2017-13783, CVE-2017-13784, CVE-2017-13785,
CVE-2017-13788, CVE-2017-13791, CVE-2017-13792,
CVE-2017-13793, CVE-2017-13794, CVE-2017-13795,
CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
CVE-2017-13803.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to xisigr of Tencent's Xuanwu Lab (tencent.com). Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanul Choi working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to chenqin (ee|) of Ant-financial Light-Year Security. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
November 10, 2017
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201712-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: December 14, 2017
Bugs: #637076
ID: 201712-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in WebKitGTK+, the worst
of which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.18.3 >= 2.18.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There are no known workarounds at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.18.3"
References
==========
[ 1 ] CVE-2017-13783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13783
[ 2 ] CVE-2017-13784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13784
[ 3 ] CVE-2017-13785
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13785
[ 4 ] CVE-2017-13788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13788
[ 5 ] CVE-2017-13791
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13791
[ 6 ] CVE-2017-13792
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13792
[ 7 ] CVE-2017-13793
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13793
[ 8 ] CVE-2017-13794
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13794
[ 9 ] CVE-2017-13795
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13795
[ 10 ] CVE-2017-13796
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13796
[ 11 ] CVE-2017-13798
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13798
[ 12 ] CVE-2017-13802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13802
[ 13 ] CVE-2017-13803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13803
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201712-01
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
===========================================================================
Ubuntu Security Notice USN-3481-1
November 16, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 17.04
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.17.10.1
Ubuntu 17.04:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.17.04.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.17.04.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3481-1
CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788,
CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794,
CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
CVE-2017-13803
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.17.04.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.16.04.1
--cAJSiv6PLl8jlntXfAr5kK8XnnPQvgKnJ--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-10-31-1 iOS 11.1
iOS 11.1 is now available and addresses the following:
CoreText
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to an
unexpected application termination
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2017-13849: Ro of SavSec
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13799: an anonymous researcher
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
access photos from the lock screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device. This issue was addressed with
improved state management.
CVE-2017-13844: Miguel Alvarado of iDeviceHelp INC
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2017-13805: Yiğit Can YILMAZ (@yilmazcanyigit)
StreamingZip
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious zip file may be able modify restricted areas of
the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L.
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Characters in a secure text field might be revealed
Description: The characters in a secure text field were revealed
during focus change events. This issue was addressed through improved
state management.
CVE-2017-7113: an anonymous researcher, Duraiamuthan Harikrishnan of
Tech Mahindra, Ricardo Sampayo of Bemo Ltd
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u7opHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbQiw//
bEkSQWlXTfpJ/9F2VKbMv+++td8sXozC3ICj9Ho+zhctxNY3MvIqXY8B4MrWB5+e
wgz1X/EQSCMItE2u20uISfApls/8/pBde6kKnca9rPGr7I2BKsuHTfCT3taSkhoj
EWMHEb64Se0hSiWKj99HJ80It9bDGSHz1cofpYDCNSMFBCiGWF2EbMgxUa55T5Vx
BtWZ91y2oU6gTsu4ZSR5NXG+Hi/vFYDnAFSr2/5Dgud4fl0tYk1KZ725g2YvXT7S
E3qV6shwcQtpf5ixm4G2cYalfiAmkYYjA/q2sgLClHDVXaPzahTS9ScMygKo4BsZ
RDboCM0q0ywPl+xnNJFuq2ZpZAfMefuXpcjTSxBDoNXliphzH2YOjk5YtHV47S+x
E8+b/bGDvBiKXJFo+yotJ07er0XtFPxfJKwgaYAi8VAfEXZrIv0uDQfYIZieMIRz
VznZvlaKXpA1Ms3R3rY2ukI9gdyPD0wk7r8zAGD0eTdl8E0bMI89UaSMWqDGf1Jm
9AWKOB7na2ElWNHeEMUAhReOL4jHqu/FLkRuoYVAiYKYUDWJGDlD79Yz8bTqnwtu
AWHqstzzcUVg1HXcwR5ngUDGFFOU2vVkqZRK6uwzCRzd/a7QQ/Lu+86GkfxPUB+p
9rtwIDGcTg0795ylrx8NLY/3BD8xcBMhfcZbpX5TF8s=
=qJV/
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/ |
|
var-201504-0478
|
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement. SQLite is prone to the following vulnerabilities:
1. A stack-based buffer-overflow vulnerability
2. An arbitrary code-execution vulnerability
3. A memory-corruption vulnerability
4. Multiple denial-of-service vulnerabilities
An attacker can exploit these issues to execute arbitrary code in the context of the affected application or cause denial-of-service conditions.
SQLite versions prior to 3.8.9 are vulnerable. SQLite is an open source embedded relational database management system based on C language developed by American software developer D.Richard Hipp. The system has the characteristics of independence, isolation, and cross-platform. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201507-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: SQLite: Multiple vulnerabilities
Date: July 07, 2015
Bugs: #546626
ID: 201507-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in SQLite, allowing
context-dependent attackers to cause a Denial of Service condition.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/sqlite < 3.8.9 >= 3.8.9
Description
===========
Multiple vulnerabilities have been discovered in SQLite. Please review
the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All SQLite users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/sqlite-3.8.9"
References
==========
[ 1 ] CVE-2015-3414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3414
[ 2 ] CVE-2015-3415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3415
[ 3 ] CVE-2015-3416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3416
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201507-05
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: sqlite security update
Advisory ID: RHSA-2015:1635-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1635.html
Issue date: 2015-08-17
CVE Names: CVE-2015-3414 CVE-2015-3415 CVE-2015-3416
=====================================================================
1. Summary:
An updated sqlite package that fixes three security issues is now available
for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
3. Description:
SQLite is a C library that implements an SQL database engine. A large
subset of SQL92 is supported. A complete database is stored in a single
disk file. The API is designed for convenience and ease of use.
Applications that link against SQLite can enjoy the power and flexibility
of an SQL database without the administrative hassles of supporting a
separate database server.
A flaw was found in the way SQLite handled dequoting of collation-sequence
names. A local attacker could submit a specially crafted COLLATE statement
that would crash the SQLite process, or have other unspecified impacts.
(CVE-2015-3414)
It was found that SQLite's sqlite3VdbeExec() function did not properly
implement comparison operators. A local attacker could submit a specially
crafted CHECK statement that would crash the SQLite process, or have other
unspecified impacts. (CVE-2015-3415)
It was found that SQLite's sqlite3VXPrintf() function did not properly
handle precision and width values during floating-point conversions.
A local attacker could submit a specially crafted SELECT statement that
would crash the SQLite process, or have other unspecified impacts.
(CVE-2015-3416)
All sqlite users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1212353 - CVE-2015-3414 sqlite: use of uninitialized memory when parsing collation sequences in src/where.c
1212356 - CVE-2015-3415 sqlite: invalid free() in src/vdbe.c
1212357 - CVE-2015-3416 sqlite: stack buffer overflow in src/printf.c
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
sqlite-3.7.17-6.el7_1.1.src.rpm
x86_64:
sqlite-3.7.17-6.el7_1.1.i686.rpm
sqlite-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.i686.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
sqlite-doc-3.7.17-6.el7_1.1.noarch.rpm
x86_64:
lemon-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.i686.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-devel-3.7.17-6.el7_1.1.i686.rpm
sqlite-devel-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-tcl-3.7.17-6.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
sqlite-3.7.17-6.el7_1.1.src.rpm
x86_64:
sqlite-3.7.17-6.el7_1.1.i686.rpm
sqlite-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.i686.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
sqlite-doc-3.7.17-6.el7_1.1.noarch.rpm
x86_64:
lemon-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.i686.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-devel-3.7.17-6.el7_1.1.i686.rpm
sqlite-devel-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-tcl-3.7.17-6.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
sqlite-3.7.17-6.el7_1.1.src.rpm
ppc64:
sqlite-3.7.17-6.el7_1.1.ppc.rpm
sqlite-3.7.17-6.el7_1.1.ppc64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.ppc.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.ppc64.rpm
sqlite-devel-3.7.17-6.el7_1.1.ppc.rpm
sqlite-devel-3.7.17-6.el7_1.1.ppc64.rpm
s390x:
sqlite-3.7.17-6.el7_1.1.s390.rpm
sqlite-3.7.17-6.el7_1.1.s390x.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.s390.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.s390x.rpm
sqlite-devel-3.7.17-6.el7_1.1.s390.rpm
sqlite-devel-3.7.17-6.el7_1.1.s390x.rpm
x86_64:
sqlite-3.7.17-6.el7_1.1.i686.rpm
sqlite-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.i686.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-devel-3.7.17-6.el7_1.1.i686.rpm
sqlite-devel-3.7.17-6.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
sqlite-3.7.17-6.ael7b_1.1.src.rpm
ppc64le:
sqlite-3.7.17-6.ael7b_1.1.ppc64le.rpm
sqlite-debuginfo-3.7.17-6.ael7b_1.1.ppc64le.rpm
sqlite-devel-3.7.17-6.ael7b_1.1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
sqlite-doc-3.7.17-6.el7_1.1.noarch.rpm
ppc64:
lemon-3.7.17-6.el7_1.1.ppc64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.ppc64.rpm
sqlite-tcl-3.7.17-6.el7_1.1.ppc64.rpm
s390x:
lemon-3.7.17-6.el7_1.1.s390x.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.s390x.rpm
sqlite-tcl-3.7.17-6.el7_1.1.s390x.rpm
x86_64:
lemon-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-tcl-3.7.17-6.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
sqlite-doc-3.7.17-6.ael7b_1.1.noarch.rpm
ppc64le:
lemon-3.7.17-6.ael7b_1.1.ppc64le.rpm
sqlite-debuginfo-3.7.17-6.ael7b_1.1.ppc64le.rpm
sqlite-tcl-3.7.17-6.ael7b_1.1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
sqlite-3.7.17-6.el7_1.1.src.rpm
x86_64:
sqlite-3.7.17-6.el7_1.1.i686.rpm
sqlite-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.i686.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-devel-3.7.17-6.el7_1.1.i686.rpm
sqlite-devel-3.7.17-6.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
sqlite-doc-3.7.17-6.el7_1.1.noarch.rpm
x86_64:
lemon-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-debuginfo-3.7.17-6.el7_1.1.x86_64.rpm
sqlite-tcl-3.7.17-6.el7_1.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-3414
https://access.redhat.com/security/cve/CVE-2015-3415
https://access.redhat.com/security/cve/CVE-2015-3416
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFV0c4vXlSAg2UNWIIRAk8jAJ9ya3aROVTX8RDQ+RlCcls0ddR6CACfaeH9
Q91hN45yeXgVnmom/HYSQRU=
=814S
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ============================================================================
Ubuntu Security Notice USN-2698-1
July 30, 2015
sqlite3 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
SQLite could be made to crash or run programs if it processed specially
crafted queries. This issue only affected Ubuntu 14.04 LTS. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 15.04. This issue only affected Ubuntu 15.04. (CVE-2015-3416)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.04:
libsqlite3-0 3.8.7.4-1ubuntu0.1
Ubuntu 14.04 LTS:
libsqlite3-0 3.8.2-1ubuntu2.1
Ubuntu 12.04 LTS:
libsqlite3-0 3.7.9-2ubuntu1.2
In general, a standard system update will make all the necessary changes.
For the stable distribution (jessie), these problems have been fixed in
version 3.8.7.1-1+deb8u1.
For the testing distribution (stretch), these problems have been fixed in
version 3.8.9-1.
For the unstable distribution (sid), these problems have been fixed in
version 3.8.9-1.
We recommend that you upgrade your sqlite3 packages. These issues were
addressed by updating SQLite to version 3.15.2.
CVE-2013-7443
CVE-2015-3414
CVE-2015-3415
CVE-2015-3416
CVE-2015-3717
CVE-2015-6607
CVE-2016-6153
iTunes
Available for: Windows 7 and later
Impact: Multiple issues in expat
Description: Multiple issues existed in expat. These issues were
addressed by updating expat to version 2.2.0.
The updated packages provides a solution for these security issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416
https://bugzilla.redhat.com/show_bug.cgi?id=1212353
https://bugzilla.redhat.com/show_bug.cgi?id=1212356
https://bugzilla.redhat.com/show_bug.cgi?id=1212357
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 1/X86_64:
adb7e2731d814af7948c8a65662e7c71 mbs1/x86_64/lemon-3.8.9-1.mbs1.x86_64.rpm
8c9620460c62d0f7d07bd5fee68ac038 mbs1/x86_64/lib64sqlite3_0-3.8.9-1.mbs1.x86_64.rpm
f060fd3ca68302f59e47e9bc1b336d4b mbs1/x86_64/lib64sqlite3-devel-3.8.9-1.mbs1.x86_64.rpm
0fdd2e8a7456b51773b2a131534b9867 mbs1/x86_64/lib64sqlite3-static-devel-3.8.9-1.mbs1.x86_64.rpm
14682c0d09a3dc73f4405ee136c6115d mbs1/x86_64/sqlite3-tcl-3.8.9-1.mbs1.x86_64.rpm
c2fc81b9162865ecdcef85aaa805507f mbs1/x86_64/sqlite3-tools-3.8.9-1.mbs1.x86_64.rpm
474e6b9bc6a7299f8ab34a90893bbd96 mbs1/SRPMS/sqlite3-3.8.9-1.mbs1.src.rpm
Mandriva Business Server 2/X86_64:
44c4a002a3480388751603981327a21d mbs2/x86_64/lemon-3.8.9-1.mbs2.x86_64.rpm
9d2ded51447e5f133c37257635ef4f22 mbs2/x86_64/lib64sqlite3_0-3.8.9-1.mbs2.x86_64.rpm
42c8fce0126487fa0a72b4f5f1b5e852 mbs2/x86_64/lib64sqlite3-devel-3.8.9-1.mbs2.x86_64.rpm
a93c0f348006f6675779bf7cd5c9f547 mbs2/x86_64/lib64sqlite3-static-devel-3.8.9-1.mbs2.x86_64.rpm
792f42a7a38d7947e7b5d0ea67510de2 mbs2/x86_64/sqlite3-tcl-3.8.9-1.mbs2.x86_64.rpm
947e30fcb8c4f19b1398d6e29adc29ac mbs2/x86_64/sqlite3-tools-3.8.9-1.mbs2.x86_64.rpm
150cb2acc870d5ca8a343f21edef4248 mbs2/SRPMS/sqlite3-3.8.9-1.mbs2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVQdZEmqjQ0CJFipgRAvj9AJ9qeo094/bpIyYh46OHXWO6W26qUACg4mCP
t5Ka/OioHfZ/AmIloxds0/s=
=X45P
-----END PGP SIGNATURE-----
.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.4.43-i486-1_slack14.1.txz: Upgraded.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.43-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.43-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.43-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.43-x86_64-1_slack14.1.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.11-i586-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.11-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 14.0 package:
f34f96584f242735830b866d3daf7cef php-5.4.43-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
8271dca3b5409ce7b73d30628aa0ace4 php-5.4.43-x86_64-1_slack14.0.txz
Slackware 14.1 package:
6eb81ab4a6f09e4a8b4d4d5e7cbbda57 php-5.4.43-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
3a4a3f2d94af2fafb2a624d4c83c9ca3 php-5.4.43-x86_64-1_slack14.1.txz
Slackware -current package:
020ea5fa030e4970859f79c598a1e9b5 n/php-5.6.11-i586-1.txz
Slackware x86_64 -current package:
681ed93dadf75420ca2ee5d03b369da0 n/php-5.6.11-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg php-5.4.43-i486-1_slack14.1.txz
Then, restart Apache httpd:
# /etc/rc.d/rc.httpd stop
# /etc/rc.d/rc.httpd start
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address |
|
var-200704-0215
|
Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory. A vulnerability exists in the Kerberos administration daemon that may allow a remote, unauthenticated user to free uninitialized pointers. Freeing uninitialized pointers corrupts memory in a way that could allow an attacker to execute code. Apple Mac OS X is prone to multiple security vulnerabilities.
These issues affect Mac OS X and various applications, including AFP Client, AirPortDriver module, CoreServices, Libinfo, Login Window, Natd, SMB, System Configuration, URLMount, VideoConference framework, WebDAV, and WebFoundation.
Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present.
Apple Mac OS X 10.4.9 and prior versions are vulnerable to these issues. In some cases Libinfo does not report errors to applications using it. By tricking a user into visiting a malicious web page, an attacker can cause access to previously deallocated objects, cause the application to terminate unexpectedly, or execute arbitrary instructions.
----------------------------------------------------------------------
Secunia is proud to announce the availability of the Secunia Software
Inspector.
The Secunia Software Inspector is a free service that detects insecure
versions of software that you may have installed in your system. When
insecure versions are detected, the Secunia Software Inspector also
provides thorough guidelines for updating the software to the latest
secure version from the vendor.
Try it out online:
http://secunia.com/software_inspector/
----------------------------------------------------------------------
TITLE:
Gentoo update for mit-krb5
SECUNIA ADVISORY ID:
SA23903
VERIFY ADVISORY:
http://secunia.com/advisories/23903/
CRITICAL:
Highly critical
IMPACT:
DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/
DESCRIPTION:
Gentoo has issued an update for krb5. This fixes some
vulnerabilities, which can potentially be exploited by malicious
people to cause a DoS (Denial of Service) or compromise a vulnerable
system.
For more information:
SA23690
SA23696
SOLUTION:
Update to "app-crypt/mit-krb5-1.5.2" or later.
ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200701-21.xml
OTHER REFERENCES:
SA23690:
http://secunia.com/advisories/23690/
SA235696:
http://secunia.com/advisories/23696/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-201912-0584
|
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Arbitrary code execution * Insufficient access restrictions * information leak * Service operation interruption (DoS) * Information falsification * Privilege escalation * Sandbox avoidance. Apple macOS, watchOS, iOS and tvOS are prone to the following security vulnerabilities:
1. Multiple denial-of-service vulnerabilities
2. Multiple information-disclosure vulnerabilities
3. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. Core Data is one of the frameworks for managing model layer objects in an application. A memory corruption vulnerability exists in the Core Data component of several Apple products.
CVE-2019-8693: Arash Tohidi of Solita
autofs
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS
Mojave 10.14.5
Impact: Extracting a zip file containing a symbolic link to an
endpoint in an NFS mount that is attacker controlled may bypass
Gatekeeper
Description: This was addressed with additional checks by Gatekeeper
on files mounted through a network share. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-8-13-2 Additional information for
APPLE-SA-2019-7-22-1 iOS 12.4
iOS 12.4 addresses the following:
Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)
Description: An input validation issue existed in Bluetooth.
CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole
Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of
University of Oxford, England
Entry added August 13, 2019
Core Data
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8647: Samuel Groß and Natalie Silvanovich of Google Project
Zero
Core Data
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project
Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu
Found in Apps
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to leak memory
Description: This issue was addressed with improved checks.
CVE-2019-8663: Natalie Silvanovich of Google Project Zero
Foundation
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
Heimdal
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: An issue existed in Samba that may allow attackers to perform
unauthorized actions by intercepting communications between services
Description: This issue was addressed with improved checks to prevent
unauthorized actions.
CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team
and Catalyst
libxslt
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to view sensitive information
Description: A stack overflow was addressed with improved input
validation.
CVE-2019-13118: found by OSS-Fuzz
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may cause an unexpected application
termination
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8665: Michael Hernandez of XYZ Marketing
Profiles
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A malicious application may be able to restrict access to
websites
Description: A validation issue existed in the entitlement
verification.
CVE-2019-8698: Luke Deshotels, Jordan Beichler, and William Enck of
North Carolina State University; Costin Carabaș and Răzvan Deaconescu
of University POLITEHNICA of Bucharest
Quick Look
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: An attacker may be able to trigger a use-after-free in an
application deserializing an untrusted NSDictionary
Description: This issue was addressed with improved checks.
CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Telephony
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: The initiator of a phone call may be able to cause the
recipient to answer a simultaneous Walkie-Talkie connection
Description: A logic issue existed in the answering of phone calls.
CVE-2019-8699: Marius Alexandru Boeru (@mboeru) and an anonymous
researcher
UIFoundation
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: Parsing a maliciously crafted office document may lead to an
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Wallet
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A user may inadvertently complete an in-app purchase while on
the lock screen
Description: The issue was addressed with improved UI handling.
CVE-2019-8682: Jeff Braswell (JeffBraswell.com)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of document loads.
CVE-2019-8690: Sergei Glazunov of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of synchronous
page loads.
CVE-2019-8649: Sergei Glazunov of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8644: G. Geshev working with Trend Micro's Zero Day
Initiative
CVE-2019-8666: Zongming Wang (王宗明) and Zhe Jin (金哲) from Chengdu
Security Response Center of Qihoo 360 Technology Co. Ltd.
CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative
CVE-2019-8671: Apple
CVE-2019-8672: Samuel Groß of Google Project Zero
CVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech
CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech
CVE-2019-8677: Jihui Lu of Tencent KeenLab
CVE-2019-8678: Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong
(@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu
(@straight_blast) of VX Browser Exploitation Group, Chris Chan
(@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok
(@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0)
of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of
Venustech
CVE-2019-8679: Jihui Lu of Tencent KeenLab
CVE-2019-8680: Jihui Lu of Tencent KeenLab
CVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8683: lokihardt of Google Project Zero
CVE-2019-8684: lokihardt of Google Project Zero
CVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech,
Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL,
and Eric Lung (@Khlung1) of VXRL
CVE-2019-8686: G. Geshev working with Trend Micro's Zero Day
Initiative
CVE-2019-8687: Apple
CVE-2019-8688: Insu Yun of SSLab at Georgia Tech
CVE-2019-8689: lokihardt of Google Project Zero
Additional recognition
Game Center
We would like to acknowledge Min (Spark) Zheng and Xiaolong Bai of
Alibaba Inc. for their assistance.
MobileInstallation
We would like to acknowledge Dany Lisiansky (@DanyL931) for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.4".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAl1S688pHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3H8AxAA
x7PkVYpHr8NsjIwvei5DcsiDtOTNCjfaFMpmfdwgCNvDOYj5L15F1QBDIrfUHkqi
D+1H/oJNzLI7cD1/UqbFz5ZhnPoFtjASCnVvDBBfCfOtL3sYRYjbtUEKWFQOx7i2
BLwiUJIkg9pxdrU0Gw7dd8IgII9pK5zPwRgFfrHuNZrBnOkG6JPC9QX+PjP8RUC9
eRFuRzDYBk5UydpwkhWI3RxVg+BcZRh17TRc2gu3osAqPL8sE9FqXhUWQIMEmY78
gDkDEUKht002PLGiBP6LK3r9UXR5OEAu64nMJLBoXXMUX3GK77mN8mroEGJf48l3
C7wKrRg3j0T9N+EDNX/avl3n4r70ixhsGhKqJjqJMBEAhrBfQ/8aMFb0FdrdC3f8
GAxm57MetIE65YzbWmTZoUX0CS9MmKIj9JJMFqcxyP2jNibLbouzAH08N7eTktF/
fsLYrisu3srFalLFr22la4fwaLPYKMZ8huBONGttLhvFs+jYjFZCyzEXCXjyXuZi
UjJ90aLnlqHKOQfeu865GAumDP5+9jVRDOpBTMFmR5pj86UCZttTDqMGmW2/EpQ/
LeOyNUGJlq5Lc35/R37YILE6FIjKcfwl3CDUsok1f8RUag5AtcU6s3LlNdzJ+szu
9SsbxcGzn+NbcDU4i53OHyNNkcECGdn86Y+MBPXYrek=
=Eo2f
-----END PGP SIGNATURE-----
.
Alternatively, on your watch, select "My Watch > General > About" |
|
var-201512-0007
|
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc. Description:
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
This release of Red Hat JBoss Web Server 3.0.3 serves as a replacement for
Red Hat JBoss Web Server 3.0.2, and includes bug fixes and enhancements,
which are documented in the Release Notes documented linked to in the
References. (CVE-2015-5312,
CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942,
CVE-2015-8035, CVE-2015-8710, CVE-2015-7941, CVE-2015-8241, CVE-2015-8242,
CVE-2015-8317)
* A session fixation flaw was found in the way Tomcat recycled the
requestedSessionSSL field. If at least one web application was configured
to use the SSL session ID as the HTTP session ID, an attacker could reuse a
previously used session ID for further requests. (CVE-2015-5346)
* A CSRF flaw was found in Tomcat's the index pages for the Manager and
Host Manager applications. These applications included a valid CSRF token
when issuing a redirect as a result of an unauthenticated request to the
root of the web application. This token could then be used by an attacker
to perform a CSRF attack. (CVE-2015-5351)
* It was found that several Tomcat session persistence mechanisms could
allow a remote, authenticated user to bypass intended SecurityManager
restrictions and execute arbitrary code in a privileged context via a web
application that placed a crafted object in a session. (CVE-2016-0714)
* A security manager bypass flaw was found in Tomcat that could allow
remote, authenticated users to access arbitrary application data,
potentially resulting in a denial of service. (CVE-2016-0763)
* A use-after-free flaw was found in the way OpenSSL imported malformed
Elliptic Curve private keys. (CVE-2015-0209)
* It was found that Tomcat could reveal the presence of a directory even
when that directory was protected by a security constraint. A user could
make a request to a directory via a URL not ending with a slash and,
depending on whether Tomcat redirected that request, could confirm whether
that directory existed. (CVE-2015-5345)
* It was found that Tomcat allowed the StatusManagerServlet to be loaded by
a web application when a security manager was configured. This allowed a
web application to list all deployed web applications and expose sensitive
information such as session IDs. Solution:
The References section of this erratum contains a download link (you must
log in to download the update). Before applying the update, back up your
existing Red Hat JBoss Web Server installation (including all applications
and configuration files).
After installing the updated packages, the httpd daemon will be restarted
automatically. JIRA issues fixed (https://issues.jboss.org/):
JWS-271 - User submitted session ID
JWS-272 - User submitted session ID
JWS-276 - Welcome File processing refactoring - CVE-2015-5345 low
JWS-277 - Welcome File processing refactoring - CVE-2015-5345 low
JWS-303 - Avoid useless session creation for manager webapps - CVE-2015-5351 moderate
JWS-304 - Restrict another manager servlet - CVE-2016-0706 low
JWS-349 - Session serialization safety - CVE-2016-0714 moderate
JWS-350 - Protect ResourceLinkFactory.setGlobalContext() - CVE-2016-0763 moderate
6. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04944172
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04944172
Version: 1
HPSBGN03537 rev.1 - HPE IceWall Federation Agent and IceWall File Manager
running libXML2, Remote or Local Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
References:
- CVE-2015-5312
- CVE-2015-7497
- CVE-2015-7498
- CVE-2015-7499
- CVE-2015-7500
- CVE-2015-7941
- CVE-2015-7942
- CVE-2015-8241
- CVE-2015-8242
- CVE-2015-8317
- PSRT110015
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- IceWall File Manager 3.0
- IceWall Federation Agent 3.0
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2015-5312 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1
CVE-2015-7497 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2015-7498 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2015-7499 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2015-7500 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2015-7941 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2015-7942 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2015-8241 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4
CVE-2015-8242 (AV:N/AC:M/Au:N/C:P/I:N/A:P) 5.8
CVE-2015-8317 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HPE recommends applying the latest OS vendor security patches for libXML2 to
resolve the vulnerabilities in the libXML2 library.
Please note that the HP IceWall product is only available in Japan.
HISTORY
Version:1 (rev.1) - 22 January 2016 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running Hewlett Packard Enterprise (HPE) software
products should be applied in accordance with the customer's patch management
policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HPE Services support channel.
Report: To report a potential security vulnerability with any HPE supported
product, send Email to: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin
alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is
available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HPE General Software
HF = HPE Hardware and Firmware
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PV = ProCurve
ST = Storage Software
UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial
errors or omissions contained herein. The information provided is provided
"as is" without warranty of any kind. To the extent permitted by law, neither
HP or its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice. Hewlett
Packard Enterprise and the names of Hewlett Packard Enterprise products
referenced herein are trademarks of Hewlett Packard Enterprise in the United
States and other countries. Other product and company names mentioned herein
may be trademarks of their respective owners.
CVE-ID
CVE-2016-1722 : Joshua J. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: libxml2 security update
Advisory ID: RHSA-2015:2550-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-2550.html
Issue date: 2015-12-07
CVE Names: CVE-2015-1819 CVE-2015-5312 CVE-2015-7497
CVE-2015-7498 CVE-2015-7499 CVE-2015-7500
CVE-2015-7941 CVE-2015-7942 CVE-2015-8241
CVE-2015-8242 CVE-2015-8317
=====================================================================
1. Summary:
Updated libxml2 packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
The libxml2 library is a development toolbox providing the implementation
of various XML standards.
Several denial of service flaws were found in libxml2, a library providing
support for reading, modifying, and writing XML and HTML files. A remote
attacker could provide a specially crafted XML or HTML file that, when
processed by an application using libxml2, would cause that application to
use an excessive amount of CPU, leak potentially sensitive information, or
in certain cases crash the application. (CVE-2015-1819, CVE-2015-5312,
CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941,
CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957,
BZ#1281955)
Red Hat would like to thank the GNOME project for reporting CVE-2015-7497,
CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242,
and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the
original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and
CVE-2015-7500; Hugh Davenport as the original reporter of CVE-2015-8241 and
CVE-2015-8242; and Hanno Boeck as the original reporter of CVE-2015-8317.
All libxml2 users are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues. The desktop must be
restarted (log out, then log back in) for this update to take effect.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
libxml2-2.9.1-6.el7_2.2.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.2.i686.rpm
libxml2-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.2.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.2.i686.rpm
libxml2-devel-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.2.i686.rpm
libxml2-static-2.9.1-6.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
libxml2-2.9.1-6.el7_2.2.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.2.i686.rpm
libxml2-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.2.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.2.i686.rpm
libxml2-devel-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.2.i686.rpm
libxml2-static-2.9.1-6.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
libxml2-2.9.1-6.el7_2.2.src.rpm
aarch64:
libxml2-2.9.1-6.el7_2.2.aarch64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.aarch64.rpm
libxml2-devel-2.9.1-6.el7_2.2.aarch64.rpm
libxml2-python-2.9.1-6.el7_2.2.aarch64.rpm
ppc64:
libxml2-2.9.1-6.el7_2.2.ppc.rpm
libxml2-2.9.1-6.el7_2.2.ppc64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.ppc.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.ppc64.rpm
libxml2-devel-2.9.1-6.el7_2.2.ppc.rpm
libxml2-devel-2.9.1-6.el7_2.2.ppc64.rpm
libxml2-python-2.9.1-6.el7_2.2.ppc64.rpm
ppc64le:
libxml2-2.9.1-6.el7_2.2.ppc64le.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.ppc64le.rpm
libxml2-devel-2.9.1-6.el7_2.2.ppc64le.rpm
libxml2-python-2.9.1-6.el7_2.2.ppc64le.rpm
s390x:
libxml2-2.9.1-6.el7_2.2.s390.rpm
libxml2-2.9.1-6.el7_2.2.s390x.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.s390.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.s390x.rpm
libxml2-devel-2.9.1-6.el7_2.2.s390.rpm
libxml2-devel-2.9.1-6.el7_2.2.s390x.rpm
libxml2-python-2.9.1-6.el7_2.2.s390x.rpm
x86_64:
libxml2-2.9.1-6.el7_2.2.i686.rpm
libxml2-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.2.i686.rpm
libxml2-devel-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
aarch64:
libxml2-debuginfo-2.9.1-6.el7_2.2.aarch64.rpm
libxml2-static-2.9.1-6.el7_2.2.aarch64.rpm
ppc64:
libxml2-debuginfo-2.9.1-6.el7_2.2.ppc.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.ppc64.rpm
libxml2-static-2.9.1-6.el7_2.2.ppc.rpm
libxml2-static-2.9.1-6.el7_2.2.ppc64.rpm
ppc64le:
libxml2-debuginfo-2.9.1-6.el7_2.2.ppc64le.rpm
libxml2-static-2.9.1-6.el7_2.2.ppc64le.rpm
s390x:
libxml2-debuginfo-2.9.1-6.el7_2.2.s390.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.s390x.rpm
libxml2-static-2.9.1-6.el7_2.2.s390.rpm
libxml2-static-2.9.1-6.el7_2.2.s390x.rpm
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.2.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.2.i686.rpm
libxml2-static-2.9.1-6.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
libxml2-2.9.1-6.el7_2.2.src.rpm
x86_64:
libxml2-2.9.1-6.el7_2.2.i686.rpm
libxml2-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-devel-2.9.1-6.el7_2.2.i686.rpm
libxml2-devel-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-python-2.9.1-6.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
libxml2-debuginfo-2.9.1-6.el7_2.2.i686.rpm
libxml2-debuginfo-2.9.1-6.el7_2.2.x86_64.rpm
libxml2-static-2.9.1-6.el7_2.2.i686.rpm
libxml2-static-2.9.1-6.el7_2.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-1819
https://access.redhat.com/security/cve/CVE-2015-5312
https://access.redhat.com/security/cve/CVE-2015-7497
https://access.redhat.com/security/cve/CVE-2015-7498
https://access.redhat.com/security/cve/CVE-2015-7499
https://access.redhat.com/security/cve/CVE-2015-7500
https://access.redhat.com/security/cve/CVE-2015-7941
https://access.redhat.com/security/cve/CVE-2015-7942
https://access.redhat.com/security/cve/CVE-2015-8241
https://access.redhat.com/security/cve/CVE-2015-8242
https://access.redhat.com/security/cve/CVE-2015-8317
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFWZZK6XlSAg2UNWIIRAlx5AKCfIxP9TLM+V/vmQq6MVeUpjiGltgCgnOgZ
IOmptwborGrgz5fLqra3STg=
=bVgd
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ============================================================================
Ubuntu Security Notice USN-2834-1
December 14, 2015
libxml2 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
libxml2 could be made to crash if it opened a specially crafted file. (CVE-2015-5312,
CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,CVE-2015-7500)
Hugh Davenport discovered that libxml2 incorrectly handled certain
malformed documents. (CVE-2015-8241,
CVE-2015-8242)
Hanno Boeck discovered that libxml2 incorrectly handled certain
malformed documents. This issue only applied
to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-8317)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.10:
libxml2 2.9.2+zdfsg1-4ubuntu0.2
Ubuntu 15.04:
libxml2 2.9.2+dfsg1-3ubuntu0.2
Ubuntu 14.04 LTS:
libxml2 2.9.1+dfsg1-3ubuntu4.6
Ubuntu 12.04 LTS:
libxml2 2.7.8.dfsg-5.1ubuntu4.13
After a standard system update you need to reboot your computer to make
all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update
2016-002
OS X El Capitan 10.11.4 and Security Update 2016-002 is now available
and addresses the following:
apache_mod_php
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted .png file may lead to
arbitrary code execution
Description: Multiple vulnerabilities existed in libpng versions
prior to 1.6.20. These were addressed by updating libpng to version
1.6.20.
CVE-ID
CVE-2015-8126 : Adam Mariš
CVE-2015-8472 : Adam Mariš
AppleRAID
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved input validation.
CVE-ID
CVE-2016-1733 : Proteas of Qihoo 360 Nirvan Team
AppleRAID
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A local user may be able to determine kernel memory layout
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed through improved
input validation.
CVE-ID
CVE-2016-1732 : Proteas of Qihoo 360 Nirvan Team
AppleUSBNetworking
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the parsing of
data from USB devices. This issue was addressed through improved
input validation.
CVE-ID
CVE-2016-1734 : Andrea Barisani and Andrej Rosano of Inverse Path
Bluetooth
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1735 : Jeonghoon Shin@A.D.D
CVE-2016-1736 : beist and ABH of BoB
Carbon
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted .dfont file may lead to
arbitrary code execution
Description: Multiple memory corruption issues existed in the
handling of font files. These issues were addressed through improved
bounds checking.
CVE-ID
CVE-2016-1737 : an anonymous researcher
dyld
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An attacker may tamper with code-signed applications to
execute arbitrary code in the application's context
Description: A code signing verification issue existed in dyld. This
issue was addressed with improved validation.
CVE-ID
CVE-2016-1738 : beist and ABH of BoB
FontParser
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1740 : HappilyCoded (ant4g0nist and r3dsm0k3) working with
Trend Micro's Zero Day Initiative (ZDI)
HTTPProtocol
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple vulnerabilities existed in nghttp2 versions
prior to 1.6.0, the most serious of which may have led to remote code
execution. These were addressed by updating nghttp2 to version 1.6.0.
CVE-ID
CVE-2015-8659
Intel Graphics Driver
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1743 : Piotr Bania of Cisco Talos
CVE-2016-1744 : Ian Beer of Google Project Zero
IOFireWireFamily
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A local user may be able to cause a denial of service
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1745 : sweetchip of Grayhash
IOGraphics
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved input validation.
CVE-ID
CVE-2016-1746 : Peter Pi of Trend Micro working with Trend Micro's
Zero Day Initiative (ZDI)
CVE-2016-1747 : Juwei Lin of Trend Micro working with Trend Micro's
Zero Day Initiative (ZDI)
IOHIDFamily
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to determine kernel memory layout
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1748 : Brandon Azad
IOUSBFamily
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1749 : Ian Beer of Google Project Zero and Juwei Lin of
Trend Micro working with Trend Micro's Zero Day Initiative (ZDI)
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-ID
CVE-2016-1750 : CESG
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition existed during the creation of new
processes. This was addressed through improved state handling.
CVE-ID
CVE-2016-1757 : Ian Beer of Google Project Zero and Pedro Vilaca
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved input validation.
CVE-ID
CVE-2016-1756 : Lufeng Li of Qihoo 360 Vulcan Team
Kernel
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1754 : Lufeng Li of Qihoo 360 Vulcan Team
CVE-2016-1755 : Ian Beer of Google Project Zero
CVE-2016-1759 : lokihardt
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to determine kernel memory layout
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed through improved
input validation.
CVE-ID
CVE-2016-1758 : Brandon Azad
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple integer overflows were addressed through
improved input validation.
CVE-ID
CVE-2016-1753 : Juwei Lin Trend Micro working with Trend Micro's Zero
Day Initiative (ZDI)
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to cause a denial of service
Description: A denial of service issue was addressed through
improved validation.
CVE-ID
CVE-2016-1752 : CESG
libxml2
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: Processing maliciously crafted XML may lead to unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2015-1819
CVE-2015-5312 : David Drysdale of Google
CVE-2015-7499
CVE-2015-7500 : Kostya Serebryany of Google
CVE-2015-7942 : Kostya Serebryany of Google
CVE-2015-8035 : gustavo.grieco
CVE-2015-8242 : Hugh Davenport
CVE-2016-1761 : wol0xff working with Trend Micro's Zero Day
Initiative (ZDI)
CVE-2016-1762
Messages
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An attacker who is able to bypass Apple's certificate
pinning, intercept TLS connections, inject messages, and record
encrypted attachment-type messages may be able to read attachments
Description: A cryptographic issue was addressed by rejecting
duplicate messages on the client.
CVE-ID
CVE-2016-1788 : Christina Garman, Matthew Green, Gabriel Kaptchuk,
Ian Miers, and Michael Rushanan of Johns Hopkins University
Messages
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Clicking a JavaScript link can reveal sensitive user
information
Description: An issue existed in the processing of JavaScript links.
This issue was addressed through improved content security policy
checks.
CVE-ID
CVE-2016-1764 : Matthew Bryan of the Uber Security Team (formerly of
Bishop Fox), Joe DeMesy and Shubham Shah of Bishop Fox
NVIDIA Graphics Drivers
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1741 : Ian Beer of Google Project Zero
OpenSSH
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: Connecting to a server may leak sensitive user information,
such as a client's private keys
Description: Roaming, which was on by default in the OpenSSH client,
exposed an information leak and a buffer overflow. These issues were
addressed by disabling roaming in the client.
CVE-ID
CVE-2016-0777 : Qualys
CVE-2016-0778 : Qualys
OpenSSH
Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5
Impact: Multiple vulnerabilities in LibreSSL
Description: Multiple vulnerabilities existed in LibreSSL versions
prior to 2.1.8. These were addressed by updating LibreSSL to version
2.1.8.
CVE-ID
CVE-2015-5333 : Qualys
CVE-2015-5334 : Qualys
OpenSSL
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A remote attacker may be able to cause a denial of service
Description: A memory leak existed in OpenSSL versions prior to
0.9.8zh. This issue was addressed by updating OpenSSL to version
0.9.8zh.
CVE-ID
CVE-2015-3195
Python
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted .png file may lead to
arbitrary code execution
Description: Multiple vulnerabilities existed in libpng versions
prior to 1.6.20. These were addressed by updating libpng to version
1.6.20.
CVE-ID
CVE-2014-9495
CVE-2015-0973
CVE-2015-8126 : Adam Mariš
CVE-2015-8472 : Adam Mariš
QuickTime
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted FlashPix Bitmap Image may
lead to unexpected application termination or arbitrary code
execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1767 : Francis Provencher from COSIG
CVE-2016-1768 : Francis Provencher from COSIG
QuickTime
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted Photoshop document may lead
to unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1769 : Francis Provencher from COSIG
Reminders
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Clicking a tel link can make a call without prompting the
user
Description: A user was not prompted before invoking a call. This
was addressed through improved entitlement checks.
CVE-ID
CVE-2016-1770 : Guillaume Ross of Rapid7 and Laurent Chouinard of
Laurent.ca
Ruby
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An unsafe tainted string usage vulnerability existed in
versions prior to 2.0.0-p648. This issue was addressed by updating to
version 2.0.0-p648.
CVE-ID
CVE-2015-7551
Security
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A permissions issue existed in code signing tools. This
was addressed though additional ownership checks.
CVE-ID
CVE-2016-1773 : Mark Mentovai of Google Inc.
Security
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the ASN.1 decoder.
This issue was addressed through improved input validation.
CVE-ID
CVE-2016-1950 : Francis Gabriel of Quarkslab
Tcl
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted .png file may lead to
arbitrary code execution
Description: Multiple vulnerabilities existed in libpng versions
prior to 1.6.20. These were addressed by removing libpng.
CVE-ID
CVE-2015-8126 : Adam Mariš
TrueTypeScaler
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue existed in the processing of
font files. This issue was addressed through improved input
validation.
CVE-ID
CVE-2016-1775 : 0x1byte working with Trend Micro's Zero Day
Initiative (ZDI)
Wi-Fi
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An attacker with a privileged network position may be able
to execute arbitrary code
Description: A frame validation and memory corruption issue existed
for a given ethertype. This issue was addressed through additional
ethertype validation and improved memory handling.
CVE-ID
CVE-2016-0801 : an anonymous researcher
CVE-2016-0802 : an anonymous researcher
OS X El Capitan 10.11.4 includes the security content of Safari 9.1.
https://support.apple.com/kb/HT206171
OS X El Capitan v10.11.4 and Security Update 2016-002 may be obtained
from the Mac App Store or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJW8JQFAAoJEBcWfLTuOo7tZSYP/1bHFA1qemkD37uu7nYpk/q6
ARVsPgME1I1+5tOxX0TQJgzMBmdQsKYdsTiLpDk5HTuv+dAMsFfasaUItGk8Sz1w
HiYjSfVsxL+Pjz3vK8/4/fsi2lX6472MElRw8gudITOhXtniGcKo/vuA5dB+vM3l
Jy1NLHHhZ6BD2t0bBmlz41mZMG3AMxal2wfqE+5LkjUwASzcvC/3B1sh7Fntwyau
/71vIgMQ5AaETdgQJAuQivxPyTlFduBRgLjqvPiB9eSK4Ctu5t/hErFIrP2NiDCi
UhfZC48XbiRjJfkUsUD/5TIKnI+jkZxOnch9ny32dw2kUIkbIAbqufTkzsMXOpng
O+rI93Ni7nfzgI3EkI2bq+C+arOoRiveWuJvc3SMPD5RQHo4NCQVs0ekQJKNHF78
juPnY29n8WMjwLS6Zfm+bH+n8ELIXrmmEscRztK2efa9S7vJe+AgIxx7JE/f8OHF
i9K7UQBXFXcpMjXi1aTby/IUnpL5Ny4NVwYwIhctj0Mf6wTH7uf/FMWYIQOXcIfP
Izo+GXxNeLd4H2ypZ+UpkZg/Sn2mtCd88wLc96+owlZPBlSqWl3X1wTlp8i5FP2X
qlQ7RcTHJDv8jPT/MOfzxEK1n/azp45ahHA0o6nohUdxlA7PLci9vPiJxqKPo/0q
VZmOKa8qMxB1L/JmdCqy
=mZR+
-----END PGP SIGNATURE-----
|
|
var-202005-0397
|
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. Summary:
An update is now available for OpenShift Logging 5.1. Solution:
For OpenShift Container Platform 4.8 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this errata update:
https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html
For Red Hat OpenShift Logging 5.1, see the following instructions to apply
this update:
https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html
4. Bugs fixed (https://bugzilla.redhat.com/):
1944888 - CVE-2021-21409 netty: Request smuggling via content-length header
2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data
2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
5. JIRA issues fixed (https://issues.jboss.org/):
LOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable
6. Solution:
OSP 16.2.z Release - OSP Director Operator Containers
4. Bugs fixed (https://bugzilla.redhat.com/):
2025995 - Rebase tech preview on latest upstream v1.2.x branch
2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
2036784 - osp controller (fencing enabled) in downed state after system manual crash test
5. Bugs fixed (https://bugzilla.redhat.com/):
1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic
5. Summary:
Red Hat OpenShift Virtualization release 4.8.3 is now available with
updates to packages and images that fix several bugs and add enhancements. Description:
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform. Bugs fixed (https://bugzilla.redhat.com/):
1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic
1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
1997017 - unprivileged client fails to get guest agent data
1998855 - Node drain: Sometimes source virt-launcher pod status is Failed and not Completed
2000251 - RoleBinding and ClusterRoleBinding brought in by kubevirt does not get reconciled when kind is ServiceAccount
2001270 - [VMIO] [Warm from Vmware] Snapshot files are not deleted after Successful Import
2001281 - [VMIO] [Warm from VMware] Source VM should not be turned ON if vmio import is removed
2001901 - [4.8.3] NNCP creation failures after nmstate-handler pod deletion
2007336 - 4.8.3 containers
2007776 - Failed to Migrate Windows VM with CDROM (readonly)
2008511 - [CNV-4.8.3] VMI is in LiveMigrate loop when Upgrading Cluster from 2.6.7/4.7.32 to OCP 4.8.13
2012890 - With descheduler during multiple VMIs migrations, some VMs are restarted
2025475 - [4.8.3] Upgrade from 2.6 to 4.x versions failed due to vlan-filtering issues
2026881 - [4.8.3] vlan-filtering is getting applied on veth ports
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Migration Toolkit for Containers (MTC) 1.5.2 security update and bugfix advisory
Advisory ID: RHSA-2021:4848-01
Product: Red Hat Migration Toolkit
Advisory URL: https://access.redhat.com/errata/RHSA-2021:4848
Issue date: 2021-11-29
CVE Names: CVE-2018-20673 CVE-2019-5827 CVE-2019-13750
CVE-2019-13751 CVE-2019-17594 CVE-2019-17595
CVE-2019-18218 CVE-2019-19603 CVE-2019-20838
CVE-2020-12762 CVE-2020-13435 CVE-2020-14145
CVE-2020-14155 CVE-2020-16135 CVE-2020-24370
CVE-2021-3200 CVE-2021-3445 CVE-2021-3580
CVE-2021-3620 CVE-2021-3733 CVE-2021-3757
CVE-2021-3778 CVE-2021-3796 CVE-2021-3800
CVE-2021-3948 CVE-2021-20231 CVE-2021-20232
CVE-2021-20266 CVE-2021-22876 CVE-2021-22898
CVE-2021-22925 CVE-2021-22946 CVE-2021-22947
CVE-2021-23840 CVE-2021-23841 CVE-2021-27218
CVE-2021-27645 CVE-2021-28153 CVE-2021-33560
CVE-2021-33574 CVE-2021-33928 CVE-2021-33929
CVE-2021-33930 CVE-2021-33938 CVE-2021-35942
CVE-2021-36084 CVE-2021-36085 CVE-2021-36086
CVE-2021-36087 CVE-2021-36222 CVE-2021-37750
====================================================================
1. Summary:
The Migration Toolkit for Containers (MTC) 1.5.2 is now available.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API.
Security Fix(es):
* nodejs-immer: prototype pollution may lead to DoS or remote code
execution (CVE-2021-3757)
* mig-controller: incorrect namespaces handling may lead to not authorized
usage of Migration Toolkit for Containers (MTC) (CVE-2021-3948)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
For details on how to install and use MTC, refer to:
https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html
4. Bugs fixed (https://bugzilla.redhat.com/):
2000734 - CVE-2021-3757 nodejs-immer: prototype pollution may lead to DoS or remote code execution
2005438 - Combining Rsync and Stunnel in a single pod can degrade performance (1.5 backport)
2006842 - MigCluster CR remains in "unready" state and source registry is inaccessible after temporary shutdown of source cluster
2007429 - "oc describe" and "oc log" commands on "Migration resources" tree cannot be copied after failed migration
2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC)
5. References:
https://access.redhat.com/security/cve/CVE-2018-20673
https://access.redhat.com/security/cve/CVE-2019-5827
https://access.redhat.com/security/cve/CVE-2019-13750
https://access.redhat.com/security/cve/CVE-2019-13751
https://access.redhat.com/security/cve/CVE-2019-17594
https://access.redhat.com/security/cve/CVE-2019-17595
https://access.redhat.com/security/cve/CVE-2019-18218
https://access.redhat.com/security/cve/CVE-2019-19603
https://access.redhat.com/security/cve/CVE-2019-20838
https://access.redhat.com/security/cve/CVE-2020-12762
https://access.redhat.com/security/cve/CVE-2020-13435
https://access.redhat.com/security/cve/CVE-2020-14145
https://access.redhat.com/security/cve/CVE-2020-14155
https://access.redhat.com/security/cve/CVE-2020-16135
https://access.redhat.com/security/cve/CVE-2020-24370
https://access.redhat.com/security/cve/CVE-2021-3200
https://access.redhat.com/security/cve/CVE-2021-3445
https://access.redhat.com/security/cve/CVE-2021-3580
https://access.redhat.com/security/cve/CVE-2021-3620
https://access.redhat.com/security/cve/CVE-2021-3733
https://access.redhat.com/security/cve/CVE-2021-3757
https://access.redhat.com/security/cve/CVE-2021-3778
https://access.redhat.com/security/cve/CVE-2021-3796
https://access.redhat.com/security/cve/CVE-2021-3800
https://access.redhat.com/security/cve/CVE-2021-3948
https://access.redhat.com/security/cve/CVE-2021-20231
https://access.redhat.com/security/cve/CVE-2021-20232
https://access.redhat.com/security/cve/CVE-2021-20266
https://access.redhat.com/security/cve/CVE-2021-22876
https://access.redhat.com/security/cve/CVE-2021-22898
https://access.redhat.com/security/cve/CVE-2021-22925
https://access.redhat.com/security/cve/CVE-2021-22946
https://access.redhat.com/security/cve/CVE-2021-22947
https://access.redhat.com/security/cve/CVE-2021-23840
https://access.redhat.com/security/cve/CVE-2021-23841
https://access.redhat.com/security/cve/CVE-2021-27218
https://access.redhat.com/security/cve/CVE-2021-27645
https://access.redhat.com/security/cve/CVE-2021-28153
https://access.redhat.com/security/cve/CVE-2021-33560
https://access.redhat.com/security/cve/CVE-2021-33574
https://access.redhat.com/security/cve/CVE-2021-33928
https://access.redhat.com/security/cve/CVE-2021-33929
https://access.redhat.com/security/cve/CVE-2021-33930
https://access.redhat.com/security/cve/CVE-2021-33938
https://access.redhat.com/security/cve/CVE-2021-35942
https://access.redhat.com/security/cve/CVE-2021-36084
https://access.redhat.com/security/cve/CVE-2021-36085
https://access.redhat.com/security/cve/CVE-2021-36086
https://access.redhat.com/security/cve/CVE-2021-36087
https://access.redhat.com/security/cve/CVE-2021-36222
https://access.redhat.com/security/cve/CVE-2021-37750
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYaU7CNzjgjWX9erEAQi5qxAAi3QQYaLAZJEIsb+WHT9YHKG3jMM6xLtl
2TpkFYEcW+sCSi7MfKUnjpuXgZtu23cM5QHPWcEd0WhvPNtPX9Z7PqKlixPoPRvv
36cH/uIGluB8h9U4NUdvYuuv/z748mpLKRI/8tRyEe4bFiL/lwn9T9OqvK296KEU
Ua6SwzLUyDgwqpICh2fopfebTF80BnjhAs1t1R9eWEQrq28FxZUEBsAtla4hAR3p
89hXXYgg/b7HjBz5XJBVKgUIhs2zYTy/9R1D/FClLyu+ZkZfNspZGMQ1PpdV8nUs
/g/u4KrR0tgYs9M5UQVHPHl5FiCf+9yeNt91biCxoidWp5qH6M+fGQ2EPOoATCBv
yTau8U82gjxnRrSEn5Tp+r8i7Ra7k6GJ0n3Vt3x5LFIVTzZgsHAQKzhYnMiQmrgQ
qZLLIvJ3BY9jTtMp2MXh4tNiuMk8kWOHzKvw10M93HaUSaSBEW19mljxnpvtbn8F
6XFCGHp7VtVwd8SYW1Epqiyex1NkXE/D/7G5L1rfi+x1LAAHEGrGMFMKijnuaWCA
TfHt/Jklzuy7S23cnBQsxOVCtmav54nOWikhNyEMJ3q8Nd5ddXzhoZqWiVZJ2Vyu
R4MUojb+mhzX3nG1+9Qd5AzTLs/SctmVd1gMtiv8LE0fsKisNT/LYreZ/7FFypNW
vLrDSONMTWU\xe7ia
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
.
The following data is constructed from data provided by Red Hat's json file at:
https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6431.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.
Description:
The libfastjson library provides essential JavaScript Object Notation (JSON) handling functions. The library enables users to construct JSON objects in C, output them as JSON-formatted strings, and convert JSON-formatted strings back to the C representation of JSON objects.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section |
|
var-200909-0801
|
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The Apache 'mod_proxy_ftp' module is prone to a denial-of-service vulnerability because of a NULL-pointer dereference.
Successful exploits may allow remote attackers to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. ===========================================================
Ubuntu Security Notice USN-860-1 November 19, 2009
apache2 vulnerabilities
CVE-2009-3094, CVE-2009-3095, CVE-2009-3555
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
apache2-common 2.0.55-4ubuntu2.9
Ubuntu 8.04 LTS:
apache2.2-common 2.2.8-1ubuntu0.14
Ubuntu 8.10:
apache2.2-common 2.2.9-7ubuntu3.5
Ubuntu 9.04:
apache2.2-common 2.2.11-2ubuntu2.5
Ubuntu 9.10:
apache2.2-common 2.2.12-1ubuntu2.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3
protocols. If an attacker could perform a man in the middle attack at the
start of a TLS connection, the attacker could inject arbitrary content at
the beginning of the user's session. The flaw is with TLS renegotiation and
potentially affects any software that supports this feature. Attacks
against the HTTPS protocol are known, with the severity of the issue
depending on the safeguards used in the web application. Until the TLS
protocol and underlying libraries are adjusted to defend against this
vulnerability, a partial, temporary workaround has been applied to Apache
that disables client initiated TLS renegotiation. This update does not
protect against server initiated TLS renegotiation when using
SSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. (CVE-2009-3555)
It was discovered that mod_proxy_ftp in Apache did not properly sanitize
its input when processing replies to EPASV and PASV commands.
(CVE-2009-3094)
Another flaw was discovered in mod_proxy_ftp.
(CVE-2009-3095)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz
Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc
Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb
Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 834492 818915da9848657833480b1ead6b4a12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 224594 85a4480344a072868758c466f6a98747
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 229128 446b52088b9744fb776e53155403a474
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 142730 d43356422176ca29440f3e0572678093
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 269070 bf585dec777b0306cd80663c11b020df
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz
Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc
Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz
Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 141660 958585d6391847cd5a618464054f7d37
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 206386 06402188459de8dab5279b5bfef768fa
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 233152 1165607c64c57c84212b6b106254e885
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 143838 28e9c3811feeac70b846279e82c23430
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz
Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc
Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz
Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 209550 496d387e315370c0cd83489db663a356
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 778564 ffd7752394933004094c13b00113b263
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 208528 6672fb116e108687669c89197732fbb0
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 261510 d3e1155682726cc28859156e647d97b3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 84558 68452b686e89320007e9c5367ce36345
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 926240 8282583e86e84bd256959540f39a515d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 241280 1eea25472875056e34cd2c3283c60171
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 246024 5709e7421814ecfb83fff5804d429971
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz
Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc
Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz
Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 258414 8ef063026de9790bac1965427ce1b584
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 213294 09701d434bd102e4205e551b4525afd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 87818 670c62615e107920c45893b3377ab2a0
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 244914 955bb5121da808d44aa994386d90723f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 214286 a378e2e0418631cec0f398379a446172
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz
Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc
Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz
Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2336 009d381342b0be5280835a46c91f01d9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2314 17719223d92d46821098ce178b5947d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 155166 4347806710edff47fc051b4a68d5b448
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 90316 add7f446f6b524343c0066a486dd299a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2
. Note
that this security issue does not really apply as zlib compression
is not enabled in the openssl build provided by Mandriva, but apache
is patched to address this issue anyway (conserns 2008.1 only).
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the
mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c
in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions,
allows remote attackers to inject arbitrary web script or HTML via
wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this
security issue was initially addressed with MDVSA-2008:195 but the
patch fixing the issue was added but not applied in 2009.0.
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not
properly handle Options=IncludesNOEXEC in the AllowOverride directive,
which allows local users to gain privileges by configuring (1) Options
Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a
.htaccess file, and then inserting an exec element in a .shtml file
(CVE-2009-1195).
Fix a potential Denial-of-Service attack against mod_deflate or other
modules, by forcing the server to consume CPU time in compressing a
large file after a client disconnects (CVE-2009-1891). NOTE: as of 20090903,
this disclosure has no actionable information. However, because the
VulnDisco Pack author is a reliable researcher, the issue is being
assigned a CVE identifier for tracking purposes (CVE-2009-3095).
Apache is affected by SSL injection or man-in-the-middle attacks
due to a design flaw in the SSL and/or TLS protocols. A short term
solution was released Sat Nov 07 2009 by the ASF team to mitigate
these problems. Apache will now reject in-session renegotiation
(CVE-2009-3555).
Packages for 2008.0 are being provided due to extended support for
Corporate products.
This update provides a solution to these vulnerabilities.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
dd2bebdd6726d2d865331d37068a90b7 2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm
6de9d36a91b125cc03bafe911b7a38a2 2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm
ab7963efad1b7951c94a24075a2070e7 2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm
42a53b597d5547fb88b7427cacd617a1 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm
1dff9d313e93c94e907d8c72348ed2e0 2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm
b575ede2978ad47e41d355bd8b192725 2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm
8ff3dee24d2d2d9a8d13e567cf1eaced 2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm
7bae541dfec14b21700878514750de83 2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm
19cab766a26ce53bd7e7973ed92f0db4 2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm
a1336e4ab4f282c388d7565bde4557fd 2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm
6b2f2eb949977349390fa3b06cf257e7 2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm
3640bbef5262ec0407126e31dd5ddde3 2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm
98793747365606baabc08f22e36a0a04 2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm
d7fe4d88f25d2a01b0809ab5292b0999 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm
4c9f48adbd0b1d45a874f06b9275ebe3 2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm
e5a1d9476316ccc9f183cb1ae5bbcf31 2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm
44f7810695a40519c68930695829f124 2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm
d6f666e9954422664d1f029fc147b591 2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm
75e205ddbc9313b8d02519e57919923a 2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm
6d68e8fa7baccc2ad090c703fb33458e 2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm
331f18ce48403472fc7f8af6d5daee8e 2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm
c75e69bcabc104938cb9033e591d1de8 2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm
23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
3d4afe3f8da8369d80b6c195e132c5c0 2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm
37034ee7c7eb813de2a00a6945a10248 2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm
ba296f9aa229a616a2c406d1a16912c3 2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm
77fa75d36e7a4bbe154c846e3271e7a3 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm
ca29e2db08b29e319f2392b46ea4c3fe 2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm
3fbf5a0276adaa2d887a92482d81313f 2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm
9c66e471c2d2d3e43462302d0cc6f1c9 2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm
05020102a26a28b96319b23e3b6e43d6 2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm
7191542417b30ed77334f1b8366628aa 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm
f4177dbdcfd2e3dc8e66be731ad731c4 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm
fea417664f0a2689fa12308bd80c2fe4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm
9cf956fa426e6bdf6497337b6e26a2ab 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm
0d9d04ca878bb3f19f4764152da42d82 2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm
dbbcd75dd83779f54f98fa3e16b59f13 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm
dce8db6742ba28a71e18b86bb38688c8 2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm
2ff69d6e9c2cd3250f6746d4a7d921fd 2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm
f298827d4dfa631a77907f7f5733fa29 2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm
6f02fb080e308ca0826fdb1ef00a1489 2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm
b886d30d73c60a515b3ed36d7f186378 2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm
62d7754a5aa7af596cc06cd540d4025f 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm
d3438e0967978e580be896bd85f1d953 2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm
e72af335ec7c3c02b5a494fbd6e99e0e 2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm
23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu
MUj4lK2Wsb+qzbv2V+Ih30U=
=VdZS
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1934-1 security@debian.org
http://www.debian.org/security/ Stefan Fritsch
November 16, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : apache2
Vulnerability : multiple issues
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555
A design flaw has been found in the TLS and SSL protocol that allows
an attacker to inject arbitrary content at the beginning of a TLS/SSL
connection. The attack is related to the way how TLS and SSL handle
session renegotiations. CVE-2009-3555 has been assigned to this
vulnerability.
As a partial mitigation against this attack, this apache2 update
disables client-initiated renegotiations. This should fix the
vulnerability for the majority of Apache configurations in use.
NOTE: This is not a complete fix for the problem. The attack is
still possible in configurations where the server initiates the
renegotiation. This is the case for the following configurations
(the information in the changelog of the updated packages is
slightly inaccurate):
- - The "SSLVerifyClient" directive is used in a Directory or Location
context.
- - The "SSLCipherSuite" directive is used in a Directory or Location
context.
As a workaround, you may rearrange your configuration in a way that
SSLVerifyClient and SSLCipherSuite are only used on the server or
virtual host level.
A complete fix for the problem will require a protocol change. Further
information will be included in a separate announcement about this
issue.
CVE-2009-3095: Insufficient input validation in the mod_proxy_ftp
module allowed remote authenticated attackers to bypass intended access
restrictions and send arbitrary FTP commands to an FTP server.
For the stable distribution (lenny), these problems have been fixed in
version 2.2.9-10+lenny6. This version also includes some non-security
bug fixes that were scheduled for inclusion in the next stable point
release (Debian 5.0.4).
The oldstable distribution (etch), these problems have been fixed in
version 2.2.3-4+etch11.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems will be fixed in version 2.2.14-2.
This advisory also provides updated apache2-mpm-itk packages which
have been recompiled against the new apache2 packages.
Updated apache2-mpm-itk packages for the armel architecture are not
included yet. They will be released as soon as they become available.
We recommend that you upgrade your apache2 and apache2-mpm-itk packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch (oldstable)
- -------------------------------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc
Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz
Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614
Architecture independent packages:
http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb
Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258
http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb
Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb
Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb
Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb
Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb
Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb
Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb
Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb
Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb
Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb
Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb
Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb
Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb
Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb
Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb
Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb
Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb
Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb
Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb
Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb
Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb
Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb
Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb
Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb
Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb
Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb
Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb
Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb
Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb
Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb
Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb
Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb
Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb
Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb
Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb
Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb
Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb
Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb
Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb
Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb
Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb
Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb
Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb
Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb
Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb
Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb
Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb
Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb
Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb
Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb
Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb
Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb
Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb
Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb
Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb
Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb
Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb
Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb
Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb
Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb
Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb
Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb
Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb
Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb
Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb
Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb
Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb
Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb
Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb
Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb
Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb
Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb
Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb
Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb
Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb
Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb
Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb
Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb
Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb
Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb
Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb
Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb
Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb
Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb
Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb
Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb
Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb
Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb
Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb
Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb
Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb
Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874
Debian GNU/Linux 5.0 alias lenny (stable)
- -----------------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz
Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc
Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz
Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db
Architecture independent packages:
http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb
Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870
http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb
Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb
Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb
Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb
Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb
Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb
Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb
Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb
Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb
Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb
Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb
Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb
Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb
Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb
Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb
Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb
Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb
Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb
Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb
Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb
Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb
Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb
Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb
Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb
Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb
Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e
These files will probably be moved into the stable distribution on
its next update.
Patch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt .
The patch kits and installation instructions are available from the following location using ftp:
Host Account Password
ftp.usa.hp.com ewt01 Welcome1
CSWS version 2.1-1 patch kits are available for both ALPHA and ITANIUM platforms.
Itanium Images
mod_proxy.exe_ia64
mod_proxy_ftp.exe_ia64
Alpha Images
mod_proxy.exe_axp
mod_proxy_ftp.exe_axp
The patch images will be provided in the next regularly scheduled update of CSWS 2.1-1. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02160663
Version: 1
HPSBUX02531 SSRT100108 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-06-02
Last Updated: 2010-06-02
- -----------------------------------------------------------------------------
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
References: CVE-2009-3094, CVE-2009-3095, CVE-2010-0408, CVE-2010-0740, CVE-2010-0433, CVE-2010-0434
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.09
HP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.15
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2009-3094 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4
CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2010-0408 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2010-0434 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
Note: CVE-2009-3094, CVE-2009-3095 and 2010-0740 affect only HP-UX Web Server Suite v2.30;
CVE-2010-0408, CVE-2010-0433 and CVE-2010-0434 affect only HP-UX Web Server Suite v3.09.
RESOLUTION
HP has provided the following upgrades to resolve these vulnerabilities.
The upgrades are available from the following location:
URL http://software.hp.com
Note: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09
Note: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15
Web Server Suite Version / HP-UX Release / Depot name
Web Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot
Web Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot
Web Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot
Web Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot
Web Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot
Web Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot
Web Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent
or
Install Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For Web Server Suite before v3.09
HP-UX B.11.23
==================
hpuxws22APACHE.APACHE
hpuxws22APACHE.APACHE2
hpuxws22APACHE.AUTH_LDAP
hpuxws22APACHE.AUTH_LDAP2
hpuxws22APACHE.MOD_JK
hpuxws22APACHE.MOD_JK2
hpuxws22APACHE.MOD_PERL
hpuxws22APACHE.MOD_PERL2
hpuxws22APACHE.PHP
hpuxws22APACHE.PHP2
action: install revision B.2.2.8.09 or subsequent
HP-UX B.11.31
==================
hpuxws22APCH32.APACHE
hpuxws22APCH32.APACHE2
hpuxws22APCH32.AUTH_LDAP
hpuxws22APCH32.AUTH_LDAP2
hpuxws22APCH32.MOD_JK
hpuxws22APCH32.MOD_JK2
hpuxws22APCH32.MOD_PERL
hpuxws22APCH32.MOD_PERL2
hpuxws22APCH32.PHP
hpuxws22APCH32.PHP2
hpuxws22APCH32.WEBPROXY
hpuxws22APCH32.WEBPROXY2
action: install revision B.2.2.8.09 or subsequent
For Web Server Suite before v2.30
HP-UX B.11.11
==================
hpuxwsAPACHE.APACHE
hpuxwsAPACHE.APACHE2
hpuxwsAPACHE.AUTH_LDAP
hpuxwsAPACHE.AUTH_LDAP2
hpuxwsAPACHE.MOD_JK
hpuxwsAPACHE.MOD_JK2
hpuxwsAPACHE.MOD_PERL
hpuxwsAPACHE.MOD_PERL2
hpuxwsAPACHE.PHP
hpuxwsAPACHE.PHP2
hpuxwsAPACHE.WEBPROXY
action: install revision B.2.0.59.15 or subsequent
HP-UX B.11.23
==================
hpuxwsAPCH32.APACHE
hpuxwsAPCH32.APACHE2
hpuxwsAPCH32.AUTH_LDAP
hpuxwsAPCH32.AUTH_LDAP2
hpuxwsAPCH32.MOD_JK
hpuxwsAPCH32.MOD_JK2
hpuxwsAPCH32.MOD_PERL
hpuxwsAPCH32.MOD_PERL2
hpuxwsAPCH32.PHP
hpuxwsAPCH32.PHP2
hpuxwsAPCH32.WEBPROXY
action: install revision B.2.0.59.15 or subsequent
HP-UX B.11.31
==================
hpuxwsAPACHE.APACHE
hpuxwsAPACHE.APACHE2
hpuxwsAPACHE.AUTH_LDAP
hpuxwsAPACHE.AUTH_LDAP2
hpuxwsAPACHE.MOD_JK
hpuxwsAPACHE.MOD_JK2
hpuxwsAPACHE.MOD_PERL
hpuxwsAPACHE.MOD_PERL2
hpuxwsAPACHE.PHP
hpuxwsAPACHE.PHP2
hpuxwsAPACHE.WEBPROXY
action: install revision B.2.0.59.15 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 2 June 2010 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
* The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters
of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwG2+IACgkQ4B86/C0qfVm3LACfZ2twc1MNibwpLscDC7giyJJv
nksAnR0xfycsdI9Z5RyDC/o+Dnt4Q100
=/Gfl
-----END PGP SIGNATURE-----
.
BAC v8.07 supplies Apache 2.2.17. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com |
|
var-201105-0094
|
The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419. This vulnerability CVE-2011-0419 Vulnerability due to incomplete fix.Does not match wildcard pattern type by a third party URI Through service disruption ( infinite loop ) There is a possibility of being put into a state. Apache APR is prone to a denial-of-service vulnerability.
Successful exploits may allow the attacker to cause excessive CPU usage, resulting in denial-of-service conditions.
Apache APR 1.4.4 is affected. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Low: apr security update
Advisory ID: RHSA-2011:0844-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0844.html
Issue date: 2011-05-31
CVE Names: CVE-2011-1928
=====================================================================
1. Summary:
Updated apr packages that fix one security issue are now available for
Red Hat Enterprise Linux 4, 5, and 6.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
2. Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
3. It provides a free library of C data
structures and routines.
The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an
infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME
matching flag was used. A remote attacker could possibly use this flaw to
cause a denial of service on an application using the apr_fnmatch()
function. (CVE-2011-1928)
Note: This problem affected httpd configurations using the "Location"
directive with wildcard URLs. The denial of service could have been
triggered during normal operation; it did not specifically require a
malicious HTTP request.
This update also addresses additional problems introduced by the rewrite of
the apr_fnmatch() function, which was necessary to address the
CVE-2011-0419 flaw.
All apr users should upgrade to these updated packages, which contain a
backported patch to correct this issue. Applications using the apr library,
such as httpd, must be restarted for this update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
706203 - CVE-2011-1928 apr: DoS flaw in apr_fnmatch() due to fix for CVE-2011-0419
6. Package List:
Red Hat Enterprise Linux AS version 4:
Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm
i386:
apr-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-devel-0.9.4-26.el4.i386.rpm
ia64:
apr-0.9.4-26.el4.i386.rpm
apr-0.9.4-26.el4.ia64.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.ia64.rpm
apr-devel-0.9.4-26.el4.ia64.rpm
ppc:
apr-0.9.4-26.el4.ppc.rpm
apr-0.9.4-26.el4.ppc64.rpm
apr-debuginfo-0.9.4-26.el4.ppc.rpm
apr-debuginfo-0.9.4-26.el4.ppc64.rpm
apr-devel-0.9.4-26.el4.ppc.rpm
s390:
apr-0.9.4-26.el4.s390.rpm
apr-debuginfo-0.9.4-26.el4.s390.rpm
apr-devel-0.9.4-26.el4.s390.rpm
s390x:
apr-0.9.4-26.el4.s390.rpm
apr-0.9.4-26.el4.s390x.rpm
apr-debuginfo-0.9.4-26.el4.s390.rpm
apr-debuginfo-0.9.4-26.el4.s390x.rpm
apr-devel-0.9.4-26.el4.s390x.rpm
x86_64:
apr-0.9.4-26.el4.i386.rpm
apr-0.9.4-26.el4.x86_64.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.x86_64.rpm
apr-devel-0.9.4-26.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm
i386:
apr-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-devel-0.9.4-26.el4.i386.rpm
x86_64:
apr-0.9.4-26.el4.i386.rpm
apr-0.9.4-26.el4.x86_64.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.x86_64.rpm
apr-devel-0.9.4-26.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm
i386:
apr-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-devel-0.9.4-26.el4.i386.rpm
ia64:
apr-0.9.4-26.el4.i386.rpm
apr-0.9.4-26.el4.ia64.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.ia64.rpm
apr-devel-0.9.4-26.el4.ia64.rpm
x86_64:
apr-0.9.4-26.el4.i386.rpm
apr-0.9.4-26.el4.x86_64.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.x86_64.rpm
apr-devel-0.9.4-26.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm
i386:
apr-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-devel-0.9.4-26.el4.i386.rpm
ia64:
apr-0.9.4-26.el4.i386.rpm
apr-0.9.4-26.el4.ia64.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.ia64.rpm
apr-devel-0.9.4-26.el4.ia64.rpm
x86_64:
apr-0.9.4-26.el4.i386.rpm
apr-0.9.4-26.el4.x86_64.rpm
apr-debuginfo-0.9.4-26.el4.i386.rpm
apr-debuginfo-0.9.4-26.el4.x86_64.rpm
apr-devel-0.9.4-26.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm
i386:
apr-1.2.7-11.el5_6.5.i386.rpm
apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm
apr-docs-1.2.7-11.el5_6.5.i386.rpm
x86_64:
apr-1.2.7-11.el5_6.5.i386.rpm
apr-1.2.7-11.el5_6.5.x86_64.rpm
apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm
apr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm
apr-docs-1.2.7-11.el5_6.5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm
i386:
apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm
apr-devel-1.2.7-11.el5_6.5.i386.rpm
x86_64:
apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm
apr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm
apr-devel-1.2.7-11.el5_6.5.i386.rpm
apr-devel-1.2.7-11.el5_6.5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm
i386:
apr-1.2.7-11.el5_6.5.i386.rpm
apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm
apr-devel-1.2.7-11.el5_6.5.i386.rpm
apr-docs-1.2.7-11.el5_6.5.i386.rpm
ia64:
apr-1.2.7-11.el5_6.5.ia64.rpm
apr-debuginfo-1.2.7-11.el5_6.5.ia64.rpm
apr-devel-1.2.7-11.el5_6.5.ia64.rpm
apr-docs-1.2.7-11.el5_6.5.ia64.rpm
ppc:
apr-1.2.7-11.el5_6.5.ppc.rpm
apr-1.2.7-11.el5_6.5.ppc64.rpm
apr-debuginfo-1.2.7-11.el5_6.5.ppc.rpm
apr-debuginfo-1.2.7-11.el5_6.5.ppc64.rpm
apr-devel-1.2.7-11.el5_6.5.ppc.rpm
apr-devel-1.2.7-11.el5_6.5.ppc64.rpm
apr-docs-1.2.7-11.el5_6.5.ppc.rpm
s390x:
apr-1.2.7-11.el5_6.5.s390.rpm
apr-1.2.7-11.el5_6.5.s390x.rpm
apr-debuginfo-1.2.7-11.el5_6.5.s390.rpm
apr-debuginfo-1.2.7-11.el5_6.5.s390x.rpm
apr-devel-1.2.7-11.el5_6.5.s390.rpm
apr-devel-1.2.7-11.el5_6.5.s390x.rpm
apr-docs-1.2.7-11.el5_6.5.s390x.rpm
x86_64:
apr-1.2.7-11.el5_6.5.i386.rpm
apr-1.2.7-11.el5_6.5.x86_64.rpm
apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm
apr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm
apr-devel-1.2.7-11.el5_6.5.i386.rpm
apr-devel-1.2.7-11.el5_6.5.x86_64.rpm
apr-docs-1.2.7-11.el5_6.5.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
i386:
apr-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
x86_64:
apr-1.3.9-3.el6_1.2.i686.rpm
apr-1.3.9-3.el6_1.2.x86_64.rpm
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
i386:
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-devel-1.3.9-3.el6_1.2.i686.rpm
x86_64:
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm
apr-devel-1.3.9-3.el6_1.2.i686.rpm
apr-devel-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
x86_64:
apr-1.3.9-3.el6_1.2.i686.rpm
apr-1.3.9-3.el6_1.2.x86_64.rpm
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
x86_64:
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm
apr-devel-1.3.9-3.el6_1.2.i686.rpm
apr-devel-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
i386:
apr-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-devel-1.3.9-3.el6_1.2.i686.rpm
ppc64:
apr-1.3.9-3.el6_1.2.ppc.rpm
apr-1.3.9-3.el6_1.2.ppc64.rpm
apr-debuginfo-1.3.9-3.el6_1.2.ppc.rpm
apr-debuginfo-1.3.9-3.el6_1.2.ppc64.rpm
apr-devel-1.3.9-3.el6_1.2.ppc.rpm
apr-devel-1.3.9-3.el6_1.2.ppc64.rpm
s390x:
apr-1.3.9-3.el6_1.2.s390.rpm
apr-1.3.9-3.el6_1.2.s390x.rpm
apr-debuginfo-1.3.9-3.el6_1.2.s390.rpm
apr-debuginfo-1.3.9-3.el6_1.2.s390x.rpm
apr-devel-1.3.9-3.el6_1.2.s390.rpm
apr-devel-1.3.9-3.el6_1.2.s390x.rpm
x86_64:
apr-1.3.9-3.el6_1.2.i686.rpm
apr-1.3.9-3.el6_1.2.x86_64.rpm
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm
apr-devel-1.3.9-3.el6_1.2.i686.rpm
apr-devel-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
i386:
apr-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-devel-1.3.9-3.el6_1.2.i686.rpm
x86_64:
apr-1.3.9-3.el6_1.2.i686.rpm
apr-1.3.9-3.el6_1.2.x86_64.rpm
apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm
apr-devel-1.3.9-3.el6_1.2.i686.rpm
apr-devel-1.3.9-3.el6_1.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-1928.html
https://access.redhat.com/security/updates/classification/#low
https://rhn.redhat.com/errata/RHSA-2011-0507.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFN5RAiXlSAg2UNWIIRAuwdAJ9vddMlxPWoOqzsNz37JmvVmqSKfgCfchI5
R4u+hsr+KDZ1nnC2K8wCJ9c=
=e0/T
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. The Apache Portable Runtime
Utility Library (aka APR-Util) provides an interface to functionality
such as XML parsing, string matching and database connections. Please review the CVE identifiers
referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Apache Portable Runtime users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/apr-1.4.8-r1"
All users of the APR Utility Library should upgrade to the latest
version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/apr-util-1.3.10"
Packages which depend on these libraries may need to be recompiled.
Tools such as revdep-rebuild may assist in identifying some of these
packages.
References
==========
[ 1 ] CVE-2010-1623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1623
[ 2 ] CVE-2011-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0419
[ 3 ] CVE-2011-1928
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1928
[ 4 ] CVE-2012-0840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0840
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201405-24.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03280632
Version: 2
HPSBMU02764 SSRT100827 rev.2 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-04-16
Last Updated: 2012-04-19
Potential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities.
References: CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192, CVE-2011-3267, CVE-2011-3268, CVE-2011-3207, CVE-2011-3210, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639, CVE-2011-3846, SSRT100376, CVE-2012-0135, SSRT100609, CVE-2012-1993, SSRT10043
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP System Management Homepage (SMH) before v7.0 running on Linux and Windows.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2009-0037 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2010-0734 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2010-1452 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2010-1623 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2010-2791 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2010-3436 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2010-4409 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2010-4645 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-0195 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2011-1148 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-1153 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-1464 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2011-1467 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-1468 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2011-1470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2011-1471 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2011-1928 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2011-1938 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-1945 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6
CVE-2011-2192 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-2202 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4
CVE-2011-2483 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3182 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-3189 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8
CVE-2011-3267 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-3268 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3207 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-3348 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2011-3368 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3639 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2011-3846 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2012-0135 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5
CVE-2012-1993 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com.
The Hewlett-Packard Company thanks Silent Dream for reporting CVE-2012-0135 to security-alert@hp.com
RESOLUTION
HP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities.
SMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html
HISTORY
Version:1 (rev.1) 16 April 2012 Initial release
Version:2 (rev.2) 19 April 2012 Remove CVE-2011-4317
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
HP Secure Web Server (SWS) for OpenVMS V2.2 and earlier.
Packages for 2010.0 are provided as of the Extended Maintenance
Program.
Update:
Packages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095
advisory. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD4DBQFN2iiWmqjQ0CJFipgRAtwkAKCAjiWeDSCpeBz8IzxMtpi8XrxLcwCY33lA
S7AiWmam6ERQZeIA3TBbYw==
=b6Io
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
|
var-201805-0950
|
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. Some operating systems and hypervisors Intel There is a problem that does not expect a debug exception in the hardware architecture, or does not handle it properly. Inappropriate checking or handling for exceptional situations (CWE-703) - CVE-2018-8897 Intel Software Developer Manual (SDM) Vol. SDM Vol 3A section 2.3 According to the debug exception EFLAGS Register IF flag (Interrupt Enable Flag) Is not prohibited. So in certain situations, certain Intel x86-64 Ring level after using architecture-specific instructions 3 Running on OS From component , Higher ring level ( many OS In the ring level 0) Debug exceptions pointing to the data in are enabled. This allows the attacker to API May be used to access sensitive memory information or manipulate high privileged operating system functions.An authenticated attacker could obtain sensitive data in memory and manipulate higher privileged operating system functions. Microsoft Windows is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with elevated privileges. Intel Architecture (processor architecture) is a CPU specification developed by Intel Corporation for its processor. There are security vulnerabilities in the operating systems of multiple vendors. Systems from the following vendors are affected: Apple; DragonFly BSD Project; FreeBSD Project; Linux Kernel; Microsoft; Red Hat; SUSE Linux; Ubuntu; Vmware; Xen. 7.2) - noarch, x86_64
3. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2018:1319-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2018:1319
Issue date: 2018-05-08
CVE Names: CVE-2017-7645 CVE-2017-8824 CVE-2017-13166
CVE-2017-18017 CVE-2017-1000410 CVE-2018-8897
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* hw: cpu: speculative execution permission faults handling (CVE-2017-5754)
* Kernel: error in exception handling leads to DoS (CVE-2018-8897)
* kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645)
* kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824)
* kernel: v4l2: disabled memory access protection mechanism allowing
privilege escalation (CVE-2017-13166)
* kernel: netfilter: use-after-free in tcpmss_mangle_packet function in
net/netfilter/xt_TCPMSS.c (CVE-2017-18017)
* kernel: Stack information leak in the EFS element (CVE-2017-1000410)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Red Hat would like to thank Google Project Zero for reporting
CVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for
reporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and
Armis Labs for reporting CVE-2017-1000410.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space
precludes documenting all of these bug fixes in this advisory. See the bug
fix descriptions in the related Knowledge Article:
https://access.redhat.com/articles/3431591
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies
1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element
1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket
1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling
1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c
1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation
1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
kernel-2.6.32-696.28.1.el6.src.rpm
i386:
kernel-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
kernel-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-headers-2.6.32-696.28.1.el6.i686.rpm
perf-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm
kernel-doc-2.6.32-696.28.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm
kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm
perf-2.6.32-696.28.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
kernel-2.6.32-696.28.1.el6.src.rpm
noarch:
kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm
kernel-doc-2.6.32-696.28.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm
kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm
perf-2.6.32-696.28.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
kernel-2.6.32-696.28.1.el6.src.rpm
i386:
kernel-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
kernel-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-headers-2.6.32-696.28.1.el6.i686.rpm
perf-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm
kernel-doc-2.6.32-696.28.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
ppc64:
kernel-2.6.32-696.28.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-696.28.1.el6.ppc64.rpm
kernel-debug-2.6.32-696.28.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm
kernel-devel-2.6.32-696.28.1.el6.ppc64.rpm
kernel-headers-2.6.32-696.28.1.el6.ppc64.rpm
perf-2.6.32-696.28.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
s390x:
kernel-2.6.32-696.28.1.el6.s390x.rpm
kernel-debug-2.6.32-696.28.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm
kernel-devel-2.6.32-696.28.1.el6.s390x.rpm
kernel-headers-2.6.32-696.28.1.el6.s390x.rpm
kernel-kdump-2.6.32-696.28.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-696.28.1.el6.s390x.rpm
perf-2.6.32-696.28.1.el6.s390x.rpm
perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
x86_64:
kernel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm
kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm
perf-2.6.32-696.28.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
ppc64:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
python-perf-2.6.32-696.28.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
s390x:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
python-perf-2.6.32-696.28.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
kernel-2.6.32-696.28.1.el6.src.rpm
i386:
kernel-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
kernel-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-headers-2.6.32-696.28.1.el6.i686.rpm
perf-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm
kernel-doc-2.6.32-696.28.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm
kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm
kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm
perf-2.6.32-696.28.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm
perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
python-perf-2.6.32-696.28.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-2.6.32-696.28.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2017-7645
https://access.redhat.com/security/cve/CVE-2017-8824
https://access.redhat.com/security/cve/CVE-2017-13166
https://access.redhat.com/security/cve/CVE-2017-18017
https://access.redhat.com/security/cve/CVE-2017-1000410
https://access.redhat.com/security/cve/CVE-2018-8897
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/articles/3431591
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFa8fO8XlSAg2UNWIIRAnN0AKCBdjdw1bC12xju0GwoOedA1L8osACaA1Ze
4IKrbiFeHd+C9bqCjUFX4pw=
=3psi
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ==========================================================================
Kernel Live Patch Security Notice LSN-0038-1
May 8, 2018
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu:
| Series | Base kernel | Arch | flavors |
|------------------+--------------+----------+------------------|
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency |
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |
Summary:
On May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linux
kernel version 4.4.0-124.148. These CVEs are both related to the way that
the linux kernel handles certain interrupt and exception instructions. The issue
can be triggered by an unprivileged user.
The fix for this problem requires modification of the interrupt descriptor
tables (IDT), and modification of the interrupt handlers. Livepatch is
unable to safely modify these areas, so upgrading to a corrected kernel
and rebooting is required to fix the problem.
References:
CVE-2018-1087, CVE-2018-8897
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
(BZ#1549768)
4.
CVE-2018-10471
An error was discovered in the mitigations against Meltdown which
could result in denial of service.
CVE-2018-10472
Anthony Perard discovered that incorrect parsing of CDROM images
can result in information disclosure.
CVE-2018-10981
Jan Beulich discovered that malformed device models could result
in denial of service.
CVE-2018-10982
Roger Pau Monne discovered that incorrect handling of high precision
event timers could result in denial of service and potentially
privilege escalation.
For the stable distribution (stretch), these problems have been fixed in
version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlr7PHoACgkQEMKTtsN8
TjbvyBAAqSJFsDcTo75hggE1faIttXR3UKOwJ4eSKbkf3G6/JnvotuO5z4bQXDBC
XZfkL6kOTl579vmCGgCvBv/SrrPrJ1ibhrw+Dz1MIcjX4Yt9mb6NriWuMTObknca
uw6qJakWZTB3tFcp3LlmN80B8lY/67XR8mQaZ4f0yHhGEfqIunEtSgLelmp5lLu2
M/m1iH9zQon3muhQiXiHJeMg1ghJ3xvFKbuEU9prih4NNinxquv0pmAzfbPCCBN6
E4cuEjArzdnwLydeWfCoLrFOZh5rvoMTmmK8gj2/KVlbC5YgJ5/xVlc89B4PaJKL
m3oUV2dnLEpubC7uuXSOoejMnfbPcOGM4VYrmuIuxEfZZVNYE/NxvmNCZ+JDzQV7
Z939vOgyqyuojFFt7lgvoCWM2Q3xDRMrE9akK1KyAGmvyRzoczblw8N6dzL8sain
gs5LUE/5dCJWQWv4IPz/V/nl50Lh+tYjbdVuZaiXxKYiqiWuCY0Ea+8QIb2UWGrk
rC2BUYaoYBEo0vQhzBIi91E2hyQ+2Y6+zP6zTVTEA8PDw2YnfdffzydQ3Z9l4OSN
IoTOojXPpMdcCSVzBC5OkvzBuQ6qzkVh3vftxajYazuiSrPJl8KenLJ6jFlpCzA3
p+140rFiElDCUkHacCmfs4zWQ+/ZLcoAppIxvxDEZYWyRJp3qgU=
=KAUD
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2018-05-08-1 Additional information for
APPLE-SA-2018-04-24-2 Security Update 2018-001
Security Update 2018-001 addresses the following:
Crash Reporter
Available for: macOS High Sierra 10.13.4
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
error handling.
CVE-2018-4206: Ian Beer of Google Project Zero
Kernel
Available for: macOS High Sierra 10.13.4
Impact: A malicious application may be able to execute arbitrary
code with kernel privileges
Description: In some circumstances, some operating systems may not
expect or properly handle an Intel architecture debug exception
after certain instructions. The issue appears to be from an
undocumented side effect of the instructions.
CVE-2018-8897: Andy Lutomirski, Nick Peterson
(linkedin.com/in/everdox) of Everdox Tech LLC
Entry added May 8, 2018
LinkPresentation
Available for: macOS High Sierra 10.13.4
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: A spoofing issue existed in the handling of URLs. This
issue was addressed with improved input validation. These packages include redhat-release-virtualization-host,
ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user
interface for monitoring the host's resources and performing administrative
tasks.
Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111,
kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897.
A list of bugs fixed in this update is available in the Technical Notes
book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht
ml/technical_notes/
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1357247 - rhvh 4: reboot after install shows "4m[terminated]" and takes long to reboot
1374007 - [RFE] RHV-H does not default to LVM Thin Provisioning
1420068 - [RFE] RHV-H should meet NIST 800-53 partitioning requirements by default
1422676 - [Test Only] Test Ansible playbook for registration
1429485 - [RFE] Imgbased layers should be named with '%{name}-%{version}-%{release}' instead of %{name}-%{version}
1433394 - kdump could fill up /var filesystem while writing to /var/crash
1443965 - Libvirt is disabled on RHVH host
1454536 - HostedEngine setup fails if RHV-H timezone < UTC set during installation
1474268 - RHVH host displays "upgrade available" information on the engine after registering until an update is released
1489567 - Host Software tab does not show exact RHVH version anymore
1501161 - The version displays as "4.1" for subscribed product with RHVH 4.2
1502920 - File missing after upgrade of RHVH node from version RHVH-4.1-20170925.0 to latest.
1503148 - [RFE] translate between basic ntp configurations and chrony configurations
1516123 - tuned-adm timeout while adding the host in manager and the deployment will fail/take time to complete
1534855 - RHVH brand is missing on cockpit login screen.
Bug Fix(es):
* The kernel build requirements have been updated to the GNU Compiler
Collection (GCC) compiler version that has the support for Retpolines. The
Retpolines mechanism is a software construct that leverages specific
knowledge of the underlying hardware to mitigate the branch target
injection, also known as Spectre variant 2 vulnerability described in
CVE-2017-5715. (BZ#1554253)
4. 6.5) - x86_64
3. (BZ#1554256)
4 |
|
var-201707-1188
|
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit is prone to multiple memory-corruption vulnerabilities. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A memory corruption vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple Safari prior to 10.1.2; tvOS prior to 10.2.2; iOS prior to 10.3.3; Windows-based iCloud prior to 6.2.2; Windows-based iTunes 12.6 Versions prior to .2.
===========================================================================
Ubuntu Security Notice USN-3376-1
August 02, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.17.04.1
libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.17.04.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.16.6-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.16.6-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-07-19-1 iOS 10.3.3
iOS 10.3.3 is now available and addresses the following:
Contacts
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-7062: Shashank (@cyberboyIndia)
CoreAudio
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing a maliciously crafted movie file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
bounds checking.
CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team
EventKitUI
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: A remote attacker may cause an unexpected application
termination
Description: A resource exhaustion issue was addressed through
improved input validation.
CVE-2017-7007: JosA(c) Antonio Esteban (@Erratum_) of Sapsi Consultores
IOUSBFamily
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team
Kernel
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7022: an anonymous researcher
CVE-2017-7024: an anonymous researcher
CVE-2017-7026: an anonymous researcher
Kernel
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7023: an anonymous researcher
CVE-2017-7025: an anonymous researcher
CVE-2017-7027: an anonymous researcher
CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team
Kernel
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-7028: an anonymous researcher
CVE-2017-7029: an anonymous researcher
libarchive
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-7068: found by OSS-Fuzz
libxml2
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Parsing a maliciously crafted XML document may lead to
disclosure of user information
Description: An out-of-bounds read was addressed through improved
bounds checking.
CVE-2017-7010: Apple
CVE-2017-7013: found by OSS-Fuzz
libxpc
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7047: Ian Beer of Google Project Zero
Messages
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: A remote attacker may cause an unexpected application
termination
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-7063: Shashank (@cyberboyIndia)
Notifications
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Notifications may appear on the lock screen when disabled
Description: A lock screen issue was addressed with improved state
management.
CVE-2017-7058: Beyza SevinASS of SA1/4leyman Demirel Aniversitesi
Safari
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-2517: xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
infinite number of print dialogs
Description: An issue existed where a malicious or compromised
website could show infinite print dialogs and make users believe
their browser was locked. The issue was addressed through throttling
of print dialogs.
CVE-2017-7060: Travis Kelley of City of Mishawaka, Indiana
Telephony
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An attacker in a privileged network position may be able to
execute arbitrary code
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-8248
WebKit
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: A malicious website may exfiltrate data cross-origin
Description: Processing maliciously crafted web content may allow
cross-origin data to be exfiltrated by using SVG filters to conduct a
timing side-channel attack. This issue was addressed by not painting
the cross-origin buffer into the frame that gets filtered.
CVE-2017-7006: David Kohlbrenner of UC San Diego, an anonymous
researcher
WebKit
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A state management issue was addressed with improved
frame handling.
CVE-2017-7011: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7018: lokihardt of Google Project Zero
CVE-2017-7020: likemeng of Baidu Security Lab
CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab
(eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?)
CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab
(eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?)
CVE-2017-7037: lokihardt of Google Project Zero
CVE-2017-7039: Ivan Fratric of Google Project Zero
CVE-2017-7040: Ivan Fratric of Google Project Zero
CVE-2017-7041: Ivan Fratric of Google Project Zero
CVE-2017-7042: Ivan Fratric of Google Project Zero
CVE-2017-7043: Ivan Fratric of Google Project Zero
CVE-2017-7046: Ivan Fratric of Google Project Zero
CVE-2017-7048: Ivan Fratric of Google Project Zero
CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative
CVE-2017-7055: The UK's National Cyber Security Centre (NCSC)
CVE-2017-7056: lokihardt of Google Project Zero
CVE-2017-7061: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed through
improved memory handling.
CVE-2017-7064: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content with DOMParser may
lead to cross site scripting
Description: A logic issue existed in the handling of DOMParser. This
issue was addressed with improved state management.
CVE-2017-7038: Egor Karbutov (@ShikariSenpai) of Digital Security and
Egor Saltykov (@ansjdnakjdnajkd) of Digital Security, Neil Jenkins of
FastMail Pty Ltd
CVE-2017-7059: an anonymous researcher
WebKit
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-7049: Ivan Fratric of Google Project Zero
WebKit Page Loading
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department
WebKit Web Inspector
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7012: Apple
Wi-Fi
Available for: iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An attacker within range may be able to execute arbitrary
code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-9417: Nitay Artenstein of Exodus Intelligence
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "10.3.3".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGpo4QAJ2hfs2yF+Iia3g7giHDBfd2
j8FJ8HvENOOaKGn1RkF6AR7l5QJI25LvnO0pjQh7pzUUCDLXg3e/eb0DNiVtVg5J
shJOVSRGR7tq3V+OUZ1QNwsG6YRjxE+vseThHalVy1loox072N6qilEHvGY4RWIr
yFPLCvSDKERldls2cVsaOiNo9VTPCj1tJyLHbqShFDzuR4jYgIgnS6kb8nvgbjIo
Cnl+VwDClj7aMBG2Hq4QkEq6zUW261fU8DN4VM/qtISV2H4VkrOxrTwDQCKihQ+l
qa+ylvg+PTQ2dvjgBxxm+znmiB6gpa2kPJcU9VgujjEUAoaZgE2Hopay65JPw9G0
nrtBvyMPtv+StxgD/UCm2J5PiIZfMrzHxt+GlauUwrGXdRJYJ6FsJla55wVygxd4
WsrUj03qS/jc6B2wkF1smOsHPgUUVlK05PvuK6bTmDwRPH9/ybIIIlUFx5mXj4jS
wSiVHe0DRaJkWxcLx6p2HJaY2OnUJAFGfOfLBcTkxCoPkt/Wdain8k2eAtrIGCs1
AFCOqXxOo30aaUD9qUkX42fr6bE1N8gfMN36f8VGyv5e4gz5snljQ8arAD1+eFyh
vE+N3JdR/rfM4KnCTAmOQcyEIZXB48rEwWOVnHVqYf6qyyw2W5+pseKEkU5+4R/a
GcaYRxNitIzBC6tAXWPF
=LiU+
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201710-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple Vulnerabilities
Date: October 13, 2017
Bugs: #626142
ID: 201710-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which may allow remote attackers to execute arbitrary code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, offers
Webkitas full functionality and is used on a wide range of systems.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.6:4 >= 2.16.6:4
Description
===========
Multiple vulnerabilities have been discovered in WebkitGTK+. Please
review the references below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.6"
Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.
References
==========
[ 1 ] CVE-2017-7006
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7006
[ 2 ] CVE-2017-7011
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7011
[ 3 ] CVE-2017-7012
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7012
[ 4 ] CVE-2017-7018
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7018
[ 5 ] CVE-2017-7019
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7019
[ 6 ] CVE-2017-7020
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7020
[ 7 ] CVE-2017-7030
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7030
[ 8 ] CVE-2017-7034
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7034
[ 9 ] CVE-2017-7037
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7037
[ 10 ] CVE-2017-7038
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7038
[ 11 ] CVE-2017-7039
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7039
[ 12 ] CVE-2017-7040
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7040
[ 13 ] CVE-2017-7041
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7041
[ 14 ] CVE-2017-7042
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7042
[ 15 ] CVE-2017-7043
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7043
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201710-14
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
CVE-2017-7012: Apple
Installation note:
Safari 10.1.2 may be obtained from the Mac App Store |
|
var-201007-0318
|
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. WebKit is prone to a remote memory corruption vulnerability.
An attacker can exploit this issue by tricking an unsuspecting victim into viewing a web page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the user running the affected application.
This issue has been addressed in Apple Safari 5.0.1 and 4.1.1.
NOTE: This issue was previously covered in BID 42020 (Apple Safari Prior to 5.0.1 and 4.1.1 Multiple Security Vulnerabilities) but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems.
Please consult the CVE web links for further information.
The updated packages have been upgraded to the latest version (1.2.7)
to correct these issues. The verification
of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2188-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
March 10, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : webkit
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2010-1783 CVE-2010-2901 CVE-2010-4199 CVE-2010-4040 CVE-2010-4492 CVE-2010-4493 CVE-2010-4577 CVE-2010-4578 CVE-2010-0474 CVE-2011-0482 CVE-2011-0778
Several vulnerabilities have been discovered in webkit, a Web content engine
library for Gtk+.
CVE-2010-2901
The rendering implementation in WebKit allows
remote attackers to cause a denial of service (memory corruption) or possibly
have unspecified other impact via unknown vectors.
CVE-2010-4492
Use-after-free vulnerability in WebKit allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors involving SVG animations.
CVE-2010-4493
Use-after-free vulnerability in Webkit allows remote attackers to cause a
denial of service via vectors related to the handling of mouse dragging events
CVE-2010-4577
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in
WebKit does not properly parse Cascading Style Sheets (CSS) token sequences,
which allows remote attackers to cause a denial of service
(out-of-bounds read) via a crafted local font, related to "Type Confusion."
CVE-2010-4578
WebKit does not properly perform cursor handling, which allows remote
attackers to cause a denial of service or possibly have unspecified other
impact via unknown vectors that lead to "stale pointers."
CVE-2011-0482
WebKit does not properly perform a cast of an unspecified variable during
handling of anchors, which allows remote attackers to cause a denial of
service or possibly have unspecified other impact via a crafted HTML document
CVE-2011-0778
WebKit does not properly restrict drag and drop operations, which might allow
remote attackers to bypass the Same Origin Policy via unspecified vectors.
For the stable distribution (squeeze), these problems have been fixed
in version 1.2.7-0+squeeze1
For the testing distribution (wheezy), and the unstable distribution (sid),
these problems have been fixed in version 1.2.7-1
Security support for WebKit has been discontinued for the oldstable
distribution (lenny).
The current version in oldstable is not supported by upstream anymore
and is affected by several security issues. Backporting fixes for these
and any future issues has become unfeasible and therefore we need to
drop our security support for the version in oldstable.
We recommend that you upgrade your webkit packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk14wQsACgkQNxpp46476aoXmwCeKgjoeW/tk75Uh9AwrLtl/FHh
GkwAn1jIKnQkWAe61ANCesQGGMK2BAuB
=saVN
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201412-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Multiple packages, Multiple vulnerabilities fixed in 2011
Date: December 11, 2014
Bugs: #194151, #294253, #294256, #334087, #344059, #346897,
#350598, #352608, #354209, #355207, #356893, #358611,
#358785, #358789, #360891, #361397, #362185, #366697,
#366699, #369069, #370839, #372971, #376793, #381169,
#386321, #386361
ID: 201412-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
This GLSA contains notification of vulnerabilities found in several
Gentoo packages which have been fixed prior to January 1, 2012. The
worst of these vulnerabilities could lead to local privilege escalation
and remote code execution. Please see the package list and CVE
identifiers below for more information.
Background
==========
For more information on the packages listed in this GLSA, please see
their homepage referenced in the ebuild.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 games-sports/racer-bin >= 0.5.0-r1 Vulnerable!
2 media-libs/fmod < 4.38.00 >= 4.38.00
3 dev-php/PEAR-Mail < 1.2.0 >= 1.2.0
4 sys-fs/lvm2 < 2.02.72 >= 2.02.72
5 app-office/gnucash < 2.4.4 >= 2.4.4
6 media-libs/xine-lib < 1.1.19 >= 1.1.19
7 media-sound/lastfmplayer
< 1.5.4.26862-r3 >= 1.5.4.26862-r3
8 net-libs/webkit-gtk < 1.2.7 >= 1.2.7
9 sys-apps/shadow < 4.1.4.3 >= 4.1.4.3
10 dev-php/PEAR-PEAR < 1.9.2-r1 >= 1.9.2-r1
11 dev-db/unixODBC < 2.3.0-r1 >= 2.3.0-r1
12 sys-cluster/resource-agents
< 1.0.4-r1 >= 1.0.4-r1
13 net-misc/mrouted < 3.9.5 >= 3.9.5
14 net-misc/rsync < 3.0.8 >= 3.0.8
15 dev-libs/xmlsec < 1.2.17 >= 1.2.17
16 x11-apps/xrdb < 1.0.9 >= 1.0.9
17 net-misc/vino < 2.32.2 >= 2.32.2
18 dev-util/oprofile < 0.9.6-r1 >= 0.9.6-r1
19 app-admin/syslog-ng < 3.2.4 >= 3.2.4
20 net-analyzer/sflowtool < 3.20 >= 3.20
21 gnome-base/gdm < 3.8.4-r3 >= 3.8.4-r3
22 net-libs/libsoup < 2.34.3 >= 2.34.3
23 app-misc/ca-certificates
< 20110502-r1 >= 20110502-r1
24 dev-vcs/gitolite < 1.5.9.1 >= 1.5.9.1
25 dev-util/qt-creator < 2.1.0 >= 2.1.0
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
25 affected packages
Description
===========
Vulnerabilities have been discovered in the packages listed below.
Please review the CVE identifiers in the Reference section for details.
* FMOD Studio
* PEAR Mail
* LVM2
* GnuCash
* xine-lib
* Last.fm Scrobbler
* WebKitGTK+
* shadow tool suite
* PEAR
* unixODBC
* Resource Agents
* mrouted
* rsync
* XML Security Library
* xrdb
* Vino
* OProfile
* syslog-ng
* sFlow Toolkit
* GNOME Display Manager
* libsoup
* CA Certificates
* Gitolite
* QtCreator
* Racer
Impact
======
A context-dependent attacker may be able to gain escalated privileges,
execute arbitrary code, cause Denial of Service, obtain sensitive
information, or otherwise bypass security restrictions.
Workaround
==========
There are no known workarounds at this time.
Resolution
==========
All FMOD Studio users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/fmod-4.38.00"
All PEAR Mail users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/PEAR-Mail-1.2.0"
All LVM2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-fs/lvm2-2.02.72"
All GnuCash users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-office/gnucash-2.4.4"
All xine-lib users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/xine-lib-1.1.19"
All Last.fm Scrobbler users should upgrade to the latest version:
# emerge --sync
# emerge -a --oneshot -v ">=media-sound/lastfmplayer-1.5.4.26862-r3"
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-1.2.7"
All shadow tool suite users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/shadow-4.1.4.3"
All PEAR users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-php/PEAR-PEAR-1.9.2-r1"
All unixODBC users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/unixODBC-2.3.0-r1"
All Resource Agents users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=sys-cluster/resource-agents-1.0.4-r1"
All mrouted users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/mrouted-3.9.5"
All rsync users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/rsync-3.0.8"
All XML Security Library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/xmlsec-1.2.17"
All xrdb users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-apps/xrdb-1.0.9"
All Vino users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/vino-2.32.2"
All OProfile users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-util/oprofile-0.9.6-r1"
All syslog-ng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/syslog-ng-3.2.4"
All sFlow Toolkit users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/sflowtool-3.20"
All GNOME Display Manager users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=gnome-base/gdm-3.8.4-r3"
All libsoup users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/libsoup-2.34.3"
All CA Certificates users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-misc/ca-certificates-20110502-r1"
All Gitolite users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-vcs/gitolite-1.5.9.1"
All QtCreator users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-util/qt-creator-2.1.0"
Gentoo has discontinued support for Racer. We recommend that users
unmerge Racer:
# emerge --unmerge "games-sports/racer-bin"
NOTE: This is a legacy GLSA. Updates for all affected architectures
have been available since 2012. It is likely that your system is
already no longer affected by these issues.
References
==========
[ 1 ] CVE-2007-4370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4370
[ 2 ] CVE-2009-4023
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4023
[ 3 ] CVE-2009-4111
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4111
[ 4 ] CVE-2010-0778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0778
[ 5 ] CVE-2010-1780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1780
[ 6 ] CVE-2010-1782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1782
[ 7 ] CVE-2010-1783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1783
[ 8 ] CVE-2010-1784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1784
[ 9 ] CVE-2010-1785
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1785
[ 10 ] CVE-2010-1786
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1786
[ 11 ] CVE-2010-1787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1787
[ 12 ] CVE-2010-1788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1788
[ 13 ] CVE-2010-1790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1790
[ 14 ] CVE-2010-1791
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1791
[ 15 ] CVE-2010-1792
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1792
[ 16 ] CVE-2010-1793
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1793
[ 17 ] CVE-2010-1807
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1807
[ 18 ] CVE-2010-1812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1812
[ 19 ] CVE-2010-1814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1814
[ 20 ] CVE-2010-1815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1815
[ 21 ] CVE-2010-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2526
[ 22 ] CVE-2010-2901
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2901
[ 23 ] CVE-2010-3255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3255
[ 24 ] CVE-2010-3257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3257
[ 25 ] CVE-2010-3259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3259
[ 26 ] CVE-2010-3362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3362
[ 27 ] CVE-2010-3374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3374
[ 28 ] CVE-2010-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3389
[ 29 ] CVE-2010-3812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3812
[ 30 ] CVE-2010-3813
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3813
[ 31 ] CVE-2010-3999
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3999
[ 32 ] CVE-2010-4042
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4042
[ 33 ] CVE-2010-4197
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4197
[ 34 ] CVE-2010-4198
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4198
[ 35 ] CVE-2010-4204
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4204
[ 36 ] CVE-2010-4206
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4206
[ 37 ] CVE-2010-4492
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4492
[ 38 ] CVE-2010-4493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4493
[ 39 ] CVE-2010-4577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4577
[ 40 ] CVE-2010-4578
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4578
[ 41 ] CVE-2011-0007
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0007
[ 42 ] CVE-2011-0465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0465
[ 43 ] CVE-2011-0482
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0482
[ 44 ] CVE-2011-0721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0721
[ 45 ] CVE-2011-0727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0727
[ 46 ] CVE-2011-0904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0904
[ 47 ] CVE-2011-0905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0905
[ 48 ] CVE-2011-1072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1072
[ 49 ] CVE-2011-1097
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1097
[ 50 ] CVE-2011-1144
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1144
[ 51 ] CVE-2011-1425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1425
[ 52 ] CVE-2011-1572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1572
[ 53 ] CVE-2011-1760
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1760
[ 54 ] CVE-2011-1951
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1951
[ 55 ] CVE-2011-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2471
[ 56 ] CVE-2011-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2472
[ 57 ] CVE-2011-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2473
[ 58 ] CVE-2011-2524
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2524
[ 59 ] CVE-2011-3365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3365
[ 60 ] CVE-2011-3366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3366
[ 61 ] CVE-2011-3367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3367
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-09.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
|
|
var-202010-1327
|
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. WebKitGTK is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google). An attacker could exploit this vulnerability to interact with objects in other domains. In addition to persistent storage, Red Hat
OpenShift Container Storage provisions a multicloud data management service
with an S3 compatible API.
These updated images include numerous security fixes, bug fixes, and
enhancements. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume
1813506 - Dockerfile not compatible with docker and buildah
1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup
1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement
1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance
1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https)
1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node.
1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default
1842254 - [NooBaa] Compression stats do not add up when compression id disabled
1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster
1849771 - [RFE] Account created by OBC should have same permissions as bucket owner
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot
1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume
1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount
1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params)
1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14)
1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage
1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards
1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found
1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining
1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script
1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases.
1865938 - CSIDrivers missing in OCS 4.6
1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found)
1868703 - [rbd] After volume expansion, the new size is not reflected on the pod
1869411 - capture full crash information from ceph
1870061 - [RHEL][IBM] OCS un-install should make the devices raw
1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn't find key admin-secret)
1870631 - OCS 4.6 Deployment : RGW pods went into 'CrashLoopBackOff' state on Z Platform
1872119 - Updates don't work on StorageClass which will keep PV expansion disabled for upgraded cluster
1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store
1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError
1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function
1875476 - Change noobaa logo in the noobaa UI
1877339 - Incorrect use of logr
1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect
1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory
1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket
1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW
1879008 - ocs-osd-removal job fails because it can't find admin-secret in rook-ceph-mon secret
1879072 - Deployment with encryption at rest is failing to bring up OSD pods
1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1880255 - Collect rbd info and subvolume info and snapshot info command output
1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS
1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1882397 - MCG decompression problem with snappy on s390x arch
1883253 - CSV doesn't contain values required for UI to enable minimal deployment and cluster encryption
1883398 - Update csi sidecar containers in rook
1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash
1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6
1883927 - Deployment with encryption at rest is failing to bring up OSD pods
1885175 - Handle disappeared underlying device for encrypted OSD
1885428 - panic seen in rook-ceph during uninstall - "close of closed channel"
1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall
1885971 - ocs-storagecluster-cephobjectstore doesn't report true state of RGW
1886308 - Default VolumeSnapshot Classes not created in External Mode
1886348 - osd removal job failed with status "Error"
1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB)
1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6
1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall
1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, "failed to delete object store", remaining users: [noobaa-ceph-objectstore-user]
1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state
1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script
1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash
1889441 - Traceback error message while running OCS 4.6 must-gather
1889683 - [GSS] Noobaa Problem when setting public access to a bucket
1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster
1890183 - [External] ocs-operator logs are filled with "failed to reconcile metrics exporter"
1890638 - must-gather helper pod should be deleted after collecting ceph crash info
1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port
1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint
1892206 - [GSS] Ceph image/version mismatch
1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test
1893624 - Must Gather is not collecting the tar file from NooBaa diagnose
1893691 - OCS4.6 must_gather failes to complete in 600sec
1893714 - Bad response for upload an object with encryption
1895402 - Mon pods didn't get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6
1896298 - [RFE] Monitoring for Namespace buckets and resources
1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs
1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC
1902627 - must-gather should wait for debug pods to be in ready state
1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6
5. Solution:
Download the release images via:
quay.io/redhat/quay:v3.3.3
quay.io/redhat/clair-jwt:v3.3.3
quay.io/redhat/quay-builder:v3.3.3
quay.io/redhat/clair:v3.3.3
4. Bugs fixed (https://bugzilla.redhat.com/):
1905758 - CVE-2020-27831 quay: email notifications authorization bypass
1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display
5. JIRA issues fixed (https://issues.jboss.org/):
PROJQUAY-1124 - NVD feed is broken for latest Clair v2 version
6.
This advisory provides the following updates among others:
* Enhances profile parsing time.
* Fixes excessive resource consumption from the Operator.
* Fixes default content image.
* Fixes outdated remediation handling. Bugs fixed (https://bugzilla.redhat.com/):
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1918990 - ComplianceSuite scans use quay content image for initContainer
1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present
1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules
1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console.
Bug Fix(es):
* Aggregator pod tries to parse ConfigMaps without results (BZ#1899479)
* The compliancesuite object returns error with ocp4-cis tailored profile
(BZ#1902251)
* The compliancesuite does not trigger when there are multiple rhcos4
profiles added in scansettingbinding object (BZ#1902634)
* [OCP v46] Not all remediations get applied through machineConfig although
the status of all rules shows Applied in ComplianceRemediations object
(BZ#1907414)
* The profile parser pod deployment and associated profiles should get
removed after upgrade the compliance operator (BZ#1908991)
* Applying the "rhcos4-moderate" compliance profile leads to Ignition error
"something else exists at that path" (BZ#1909081)
* [OCP v46] Always update the default profilebundles on Compliance operator
startup (BZ#1909122)
3. Bugs fixed (https://bugzilla.redhat.com/):
1899479 - Aggregator pod tries to parse ConfigMaps without results
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1902251 - The compliancesuite object returns error with ocp4-cis tailored profile
1902634 - The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object
1907414 - [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object
1908991 - The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator
1909081 - Applying the "rhcos4-moderate" compliance profile leads to Ignition error "something else exists at that path"
1909122 - [OCP v46] Always update the default profilebundles on Compliance operator startup
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Container Platform 4.10.3 security update
Advisory ID: RHSA-2022:0056-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2022:0056
Issue date: 2022-03-10
CVE Names: CVE-2014-3577 CVE-2016-10228 CVE-2017-14502
CVE-2018-20843 CVE-2018-1000858 CVE-2019-8625
CVE-2019-8710 CVE-2019-8720 CVE-2019-8743
CVE-2019-8764 CVE-2019-8766 CVE-2019-8769
CVE-2019-8771 CVE-2019-8782 CVE-2019-8783
CVE-2019-8808 CVE-2019-8811 CVE-2019-8812
CVE-2019-8813 CVE-2019-8814 CVE-2019-8815
CVE-2019-8816 CVE-2019-8819 CVE-2019-8820
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-9169 CVE-2019-13050
CVE-2019-13627 CVE-2019-14889 CVE-2019-15903
CVE-2019-19906 CVE-2019-20454 CVE-2019-20807
CVE-2019-25013 CVE-2020-1730 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-8927 CVE-2020-9802 CVE-2020-9803
CVE-2020-9805 CVE-2020-9806 CVE-2020-9807
CVE-2020-9843 CVE-2020-9850 CVE-2020-9862
CVE-2020-9893 CVE-2020-9894 CVE-2020-9895
CVE-2020-9915 CVE-2020-9925 CVE-2020-9952
CVE-2020-10018 CVE-2020-11793 CVE-2020-13434
CVE-2020-14391 CVE-2020-15358 CVE-2020-15503
CVE-2020-25660 CVE-2020-25677 CVE-2020-27618
CVE-2020-27781 CVE-2020-29361 CVE-2020-29362
CVE-2020-29363 CVE-2021-3121 CVE-2021-3326
CVE-2021-3449 CVE-2021-3450 CVE-2021-3516
CVE-2021-3517 CVE-2021-3518 CVE-2021-3520
CVE-2021-3521 CVE-2021-3537 CVE-2021-3541
CVE-2021-3733 CVE-2021-3749 CVE-2021-20305
CVE-2021-21684 CVE-2021-22946 CVE-2021-22947
CVE-2021-25215 CVE-2021-27218 CVE-2021-30666
CVE-2021-30761 CVE-2021-30762 CVE-2021-33928
CVE-2021-33929 CVE-2021-33930 CVE-2021-33938
CVE-2021-36222 CVE-2021-37750 CVE-2021-39226
CVE-2021-41190 CVE-2021-43813 CVE-2021-44716
CVE-2021-44717 CVE-2022-0532 CVE-2022-21673
CVE-2022-24407
=====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.10.3 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.10.3. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2022:0055
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Security Fix(es):
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index
validation (CVE-2021-3121)
* grafana: Snapshot authentication bypass (CVE-2021-39226)
* golang: net/http: limit growth of header canonicalization cache
(CVE-2021-44716)
* nodejs-axios: Regular expression denial of service in trim function
(CVE-2021-3749)
* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)
* grafana: Forward OAuth Identity Token can allow users to access some data
sources (CVE-2022-21673)
* grafana: directory traversal vulnerability (CVE-2021-43813)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.3-x86_64
The image digest is
sha256:7ffe4cd612be27e355a640e5eec5cd8f923c1400d969fd590f806cffdaabcc56
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.3-s390x
The image digest is
sha256:4cf21a9399da1ce8427246f251ae5dedacfc8c746d2345f9cfe039ed9eda3e69
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.3-ppc64le
The image digest is
sha256:4ee571da1edf59dfee4473aa4604aba63c224bf8e6bcf57d048305babbbde93c
All OpenShift Container Platform 4.10 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html
3. Solution:
For OpenShift Container Platform 4.10 see the following documentation,
which will be updated shortly for this release, for moderate instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html
4. Bugs fixed (https://bugzilla.redhat.com/):
1808240 - Always return metrics value for pods under the user's namespace
1815189 - feature flagged UI does not always become available after operator installation
1825034 - e2e: Mock CSI tests fail on IBM ROKS clusters
1826225 - edge terminated h2 (gRPC) connections need a haproxy template change to work correctly
1860774 - csr for vSphere egress nodes were not approved automatically during cert renewal
1878106 - token inactivity timeout is not shortened after oauthclient/oauth config values are lowered
1878925 - 'oc adm upgrade --to ...' rejects versions which occur only in history, while the cluster-version operator supports history fallback
1880738 - origin e2e test deletes original worker
1882983 - oVirt csi driver should refuse to provision RWX and ROX PV
1886450 - Keepalived router id check not documented for RHV/VMware IPI
1889488 - The metrics endpoint for the Scheduler is not protected by RBAC
1894431 - Router pods fail to boot if the SSL certificate applied is missing an empty line at the bottom
1896474 - Path based routing is broken for some combinations
1897431 - CIDR support for additional network attachment with the bridge CNI plug-in
1903408 - NodePort externalTrafficPolicy does not work for ovn-kubernetes
1907433 - Excessive logging in image operator
1909906 - The router fails with PANIC error when stats port already in use
1911173 - [MSTR-998] Many charts' legend names show {{}} instead of words
1914053 - pods assigned with Multus whereabouts IP get stuck in ContainerCreating state after node rebooting.
1916169 - a reboot while MCO is applying changes leaves the node in undesirable state and MCP looks fine (UPDATED=true)
1917893 - [ovirt] install fails: due to terraform error "Cannot attach Virtual Disk: Disk is locked" on vm resource
1921627 - GCP UPI installation failed due to exceeding gcp limitation of instance group name
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1926522 - oc adm catalog does not clean temporary files
1927478 - Default CatalogSources deployed by marketplace do not have toleration for tainted nodes.
1928141 - kube-storage-version-migrator constantly reporting type "Upgradeable" status Unknown
1928285 - [LSO][OCS][arbiter] OCP Console shows no results while in fact underlying setup of LSO localvolumeset and it's storageclass is not yet finished, confusing users
1931594 - [sig-cli] oc --request-timeout works as expected fails frequently on s390x
1933847 - Prometheus goes unavailable (both instances down) during 4.8 upgrade
1937085 - RHV UPI inventory playbook missing guarantee_memory
1937196 - [aws ebs csi driver] events for block volume expansion may cause confusion
1938236 - vsphere-problem-detector does not support overriding log levels via storage CR
1939401 - missed labels for CMO/openshift-state-metric/telemeter-client/thanos-querier pods
1939435 - Setting an IPv6 address in noProxy field causes error in openshift installer
1939552 - [sig-api-machinery] CustomResourcePublishOpenAPI [Privileged:ClusterAdmin] works for CRD preserving unknown fields in an embedded object [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s]
1942913 - ThanosSidecarUnhealthy isn't resilient to WAL replays.
1943363 - [ovn] CNO should gracefully terminate ovn-northd
1945274 - ostree-finalize-staged.service failed while upgrading a rhcos node to 4.6.17
1948080 - authentication should not set Available=False APIServices_Error with 503s
1949262 - Prometheus Statefulsets should have 2 replicas and hard affinity set
1949672 - [GCP] Update 4.8 UPI template to match ignition version: 3.2.0
1950827 - [LSO] localvolumediscoveryresult name is not friendly to customer
1952576 - csv_succeeded metric not present in olm-operator for all successful CSVs
1953264 - "remote error: tls: bad certificate" logs in prometheus-operator container
1955300 - Machine config operator reports unavailable for 23m during upgrade
1955489 - Alertmanager Statefulsets should have 2 replicas and hard affinity set
1955490 - Thanos ruler Statefulsets should have 2 replicas and hard affinity set
1955544 - [IPI][OSP] densed master-only installation with 0 workers fails due to missing worker security group on masters
1956496 - Needs SR-IOV Docs Upstream
1956739 - Permission for authorized_keys for core user changes from core user to root when changed the pull secret
1956776 - [vSphere] Installer should do pre-check to ensure user-provided network name is valid
1956964 - upload a boot-source to OpenShift virtualization using the console
1957547 - [RFE]VM name is not auto filled in dev console
1958349 - ovn-controller doesn't release the memory after cluster-density run
1959352 - [scale] failed to get pod annotation: timed out waiting for annotations
1960378 - icsp allows mirroring of registry root - install-config imageContentSources does not
1960674 - Broken test: [sig-imageregistry][Serial][Suite:openshift/registry/serial] Image signature workflow can push a signed image to openshift registry and verify it [Suite:openshift/conformance/serial]
1961317 - storage ClusterOperator does not declare ClusterRoleBindings in relatedObjects
1961391 - String updates
1961509 - DHCP daemon pod should have CPU and memory requests set but not limits
1962066 - Edit machine/machineset specs not working
1962206 - openshift-multus/dhcp-daemon set should meet platform requirements for update strategy that have maxUnavailable update of 10 or 33 percent
1963053 - `oc whoami --show-console` should show the web console URL, not the server api URL
1964112 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters
1964327 - Support containers with name:tag@digest
1964789 - Send keys and disconnect does not work for VNC console
1965368 - ClusterQuotaAdmission received non-meta object - message constantly reported in OpenShift Container Platform 4.7
1966445 - Unmasking a service doesn't work if it masked using MCO
1966477 - Use GA version in KAS/OAS/OauthAS to avoid: "audit.k8s.io/v1beta1" is deprecated and will be removed in a future release, use "audit.k8s.io/v1" instead
1966521 - kube-proxy's userspace implementation consumes excessive CPU
1968364 - [Azure] when using ssh type ed25519 bootstrap fails to come up
1970021 - nmstate does not persist its configuration due to overlay systemd-connections-merged mount
1970218 - MCO writes incorrect file contents if compression field is specified
1970331 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install [Suite:openshift/conformance/parallel]
1970805 - Cannot create build when docker image url contains dir structure
1972033 - [azure] PV region node affinity is failure-domain.beta.kubernetes.io instead of topology.kubernetes.io
1972827 - image registry does not remain available during upgrade
1972962 - Should set the minimum value for the `--max-icsp-size` flag of `oc adm catalog mirror`
1973447 - ovn-dbchecker peak memory spikes to ~500MiB during cluster-density run
1975826 - ovn-kubernetes host directed traffic cannot be offloaded as CT zone 64000 is not established
1976301 - [ci] e2e-azure-upi is permafailing
1976399 - During the upgrade from OpenShift 4.5 to OpenShift 4.6 the election timers for the OVN north and south databases did not change.
1976674 - CCO didn't set Upgradeable to False when cco mode is configured to Manual on azure platform
1976894 - Unidling a StatefulSet does not work as expected
1977319 - [Hive] Remove stale cruft installed by CVO in earlier releases
1977414 - Build Config timed out waiting for condition 400: Bad Request
1977929 - [RFE] Display Network Attachment Definitions from openshift-multus namespace during OCS deployment via UI using Multus
1978528 - systemd-coredump started and failed intermittently for unknown reasons
1978581 - machine-config-operator: remove runlevel from mco namespace
1979562 - Cluster operators: don't show messages when neither progressing, degraded or unavailable
1979962 - AWS SDN Network Stress tests have not passed in 4.9 release-openshift-origin-installer-e2e-aws-sdn-network-stress-4.9
1979966 - OCP builds always fail when run on RHEL7 nodes
1981396 - Deleting pool inside pool page the pool stays in Ready phase in the heading
1981549 - Machine-config daemon does not recover from broken Proxy configuration
1981867 - [sig-cli] oc explain should contain proper fields description for special types [Suite:openshift/conformance/parallel]
1981941 - Terraform upgrade required in openshift-installer to resolve multiple issues
1982063 - 'Control Plane' is not translated in Simplified Chinese language in Home->Overview page
1982498 - Default registry credential path should be adjusted to use containers/auth.json for oc commands
1982662 - Workloads - DaemonSets - Add storage: i18n misses
1982726 - kube-apiserver audit logs show a lot of 404 errors for DELETE "*/secrets/encryption-config" on single node clusters
1983758 - upgrades are failing on disruptive tests
1983964 - Need Device plugin configuration for the NIC "needVhostNet" & "isRdma"
1984592 - global pull secret not working in OCP4.7.4+ for additional private registries
1985073 - new-in-4.8 ExtremelyHighIndividualControlPlaneCPU fires on some GCP update jobs
1985486 - Cluster Proxy not used during installation on OSP with Kuryr
1985724 - VM Details Page missing translations
1985838 - [OVN] CNO exportNetworkFlows does not clear collectors when deleted
1985933 - Downstream image registry recommendation
1985965 - oVirt CSI driver does not report volume stats
1986216 - [scale] SNO: Slow Pod recovery due to "timed out waiting for OVS port binding"
1986237 - "MachineNotYetDeleted" in Pending state , alert not fired
1986239 - crictl create fails with "PID namespace requested, but sandbox infra container invalid"
1986302 - console continues to fetch prometheus alert and silences for normal user
1986314 - Current MTV installation for KubeVirt import flow creates unusable Forklift UI
1986338 - error creating list of resources in Import YAML
1986502 - yaml multi file dnd duplicates previous dragged files
1986819 - fix string typos for hot-plug disks
1987044 - [OCPV48] Shutoff VM is being shown as "Starting" in WebUI when using spec.runStrategy Manual/RerunOnFailure
1987136 - Declare operatorframework.io/arch.* labels for all operators
1987257 - Go-http-client user-agent being used for oc adm mirror requests
1987263 - fsSpaceFillingUpWarningThreshold not aligned to Kubernetes Garbage Collection Threshold
1987445 - MetalLB integration: All gateway routers in the cluster answer ARP requests for LoadBalancer services IP
1988406 - SSH key dropped when selecting "Customize virtual machine" in UI
1988440 - Network operator changes ovnkube-config too early causing ovnkube-master pods to crashloop during cluster upgrade
1988483 - Azure drop ICMP need to frag FRAG when using OVN: openshift-apiserver becomes False after env runs some time due to communication between one master to pods on another master fails with "Unable to connect to the server"
1988879 - Virtual media based deployment fails on Dell servers due to pending Lifecycle Controller jobs
1989438 - expected replicas is wrong
1989502 - Developer Catalog is disappearing after short time
1989843 - 'More' and 'Show Less' functions are not translated on several page
1990014 - oc debug <pod-name> does not work for Windows pods
1990190 - e2e testing failed with basic manifest: reason/ExternalProvisioning waiting for a volume to be created
1990193 - 'more' and 'Show Less' is not being translated on Home -> Search page
1990255 - Partial or all of the Nodes/StorageClasses don't appear back on UI after text is removed from search bar
1990489 - etcdHighNumberOfFailedGRPCRequests fires only on metal env in CI
1990506 - Missing udev rules in initramfs for /dev/disk/by-id/scsi-* symlinks
1990556 - get-resources.sh doesn't honor the no_proxy settings even with no_proxy var
1990625 - Ironic agent registers with SLAAC address with privacy-stable
1990635 - CVO does not recognize the channel change if desired version and channel changed at the same time
1991067 - github.com can not be resolved inside pods where cluster is running on openstack.
1991573 - Enable typescript strictNullCheck on network-policies files
1991641 - Baremetal Cluster Operator still Available After Delete Provisioning
1991770 - The logLevel and operatorLogLevel values do not work with Cloud Credential Operator
1991819 - Misspelled word "ocurred" in oc inspect cmd
1991942 - Alignment and spacing fixes
1992414 - Two rootdisks show on storage step if 'This is a CD-ROM boot source' is checked
1992453 - The configMap failed to save on VM environment tab
1992466 - The button 'Save' and 'Reload' are not translated on vm environment tab
1992475 - The button 'Open console in New Window' and 'Disconnect' are not translated on vm console tab
1992509 - Could not customize boot source due to source PVC not found
1992541 - all the alert rules' annotations "summary" and "description" should comply with the OpenShift alerting guidelines
1992580 - storageProfile should stay with the same value by check/uncheck the apply button
1992592 - list-type missing in oauth.config.openshift.io for identityProviders breaking Server Side Apply
1992777 - [IBMCLOUD] Default "ibm_iam_authorization_policy" is not working as expected in all scenarios
1993364 - cluster destruction fails to remove router in BYON with Kuryr as primary network (even after BZ 1940159 got fixed)
1993376 - periodic-ci-openshift-release-master-ci-4.6-upgrade-from-stable-4.5-e2e-azure-upgrade is permfailing
1994094 - Some hardcodes are detected at the code level in OpenShift console components
1994142 - Missing required cloud config fields for IBM Cloud
1994733 - MetalLB: IP address is not assigned to service if there is duplicate IP address in two address pools
1995021 - resolv.conf and corefile sync slows down/stops after keepalived container restart
1995335 - [SCALE] ovnkube CNI: remove ovs flows check
1995493 - Add Secret to workload button and Actions button are not aligned on secret details page
1995531 - Create RDO-based Ironic image to be promoted to OKD
1995545 - Project drop-down amalgamates inside main screen while creating storage system for odf-operator
1995887 - [OVN]After reboot egress node, lr-policy-list was not correct, some duplicate records or missed internal IPs
1995924 - CMO should report `Upgradeable: false` when HA workload is incorrectly spread
1996023 - kubernetes.io/hostname values are larger than filter when create localvolumeset from webconsole
1996108 - Allow backwards compatibility of shared gateway mode to inject host-based routes into OVN
1996624 - 100% of the cco-metrics/cco-metrics targets in openshift-cloud-credential-operator namespace are down
1996630 - Fail to delete the first Authorized SSH Key input box on Advanced page
1996647 - Provide more useful degraded message in auth operator on DNS errors
1996736 - Large number of 501 lr-policies in INCI2 env
1996886 - timedout waiting for flows during pod creation and ovn-controller pegged on worker nodes
1996916 - Special Resource Operator(SRO) - Fail to deploy simple-kmod on GCP
1996928 - Enable default operator indexes on ARM
1997028 - prometheus-operator update removes env var support for thanos-sidecar
1997059 - Failed to create cluster in AWS us-east-1 region due to a local zone is used
1997226 - Ingresscontroller reconcilations failing but not shown in operator logs or status of ingresscontroller.
1997245 - "Subscription already exists in openshift-storage namespace" error message is seen while installing odf-operator via UI
1997269 - Have to refresh console to install kube-descheduler
1997478 - Storage operator is not available after reboot cluster instances
1997509 - flake: [sig-cli] oc builds new-build [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
1997967 - storageClass is not reserved from default wizard to customize wizard
1998035 - openstack IPI CI: custom var-lib-etcd.mount (ramdisk) unit is racing due to incomplete After/Before order
1998038 - [e2e][automation] add tests for UI for VM disk hot-plug
1998087 - Fix CephHealthCheck wrapping contents and add data-tests for HealthItem and SecondaryStatus
1998174 - Create storageclass gp3-csi after install ocp cluster on aws
1998183 - "r: Bad Gateway" info is improper
1998235 - Firefox warning: Cookie “csrf-token” will be soon rejected
1998377 - Filesystem table head is not full displayed in disk tab
1998378 - Virtual Machine is 'Not available' in Home -> Overview -> Cluster inventory
1998519 - Add fstype when create localvolumeset instance on web console
1998951 - Keepalived conf ingress peer on in Dual stack cluster contains both IPv6 and IPv4 addresses
1999076 - [UI] Page Not Found error when clicking on Storage link provided in Overview page
1999079 - creating pods before sriovnetworknodepolicy sync up succeed will cause node unschedulable
1999091 - Console update toast notification can appear multiple times
1999133 - removing and recreating static pod manifest leaves pod in error state
1999246 - .indexignore is not ingore when oc command load dc configuration
1999250 - ArgoCD in GitOps operator can't manage namespaces
1999255 - ovnkube-node always crashes out the first time it starts
1999261 - ovnkube-node log spam (and security token leak?)
1999309 - While installing odf-operator via UI, web console update pop-up navigates to OperatorHub -> Operator Installation page
1999314 - console-operator is slow to mark Degraded as False once console starts working
1999425 - kube-apiserver with "[SHOULD NOT HAPPEN] failed to update managedFields" err="failed to convert new object (machine.openshift.io/v1beta1, Kind=MachineHealthCheck)
1999556 - "master" pool should be updated before the CVO reports available at the new version occurred
1999578 - AWS EFS CSI tests are constantly failing
1999603 - Memory Manager allows Guaranteed QoS Pod with hugepages requested is exactly equal to the left over Hugepages
1999619 - cloudinit is malformatted if a user sets a password during VM creation flow
1999621 - Empty ssh_authorized_keys entry is added to VM's cloudinit if created from a customize flow
1999649 - MetalLB: Only one type of IP address can be assigned to service on dual stack cluster from a address pool that have both IPv4 and IPv6 addresses defined
1999668 - openshift-install destroy cluster panic's when given invalid credentials to cloud provider (Azure Stack Hub)
1999734 - IBM Cloud CIS Instance CRN missing in infrastructure manifest/resource
1999771 - revert "force cert rotation every couple days for development" in 4.10
1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function
1999796 - Openshift Console `Helm` tab is not showing helm releases in a namespace when there is high number of deployments in the same namespace.
1999836 - Admin web-console inconsistent status summary of sparse ClusterOperator conditions
1999903 - Click "This is a CD-ROM boot source" ticking "Use template size PVC" on pvc upload form
1999983 - No way to clear upload error from template boot source
2000081 - [IPI baremetal] The metal3 pod failed to restart when switching from Disabled to Managed provisioning without specifying provisioningInterface parameter
2000096 - Git URL is not re-validated on edit build-config form reload
2000216 - Successfully imported ImageStreams are not resolved in DeploymentConfig
2000236 - Confusing usage message from dynkeepalived CLI
2000268 - Mark cluster unupgradable if vcenter, esxi versions or HW versions are unsupported
2000430 - bump cluster-api-provider-ovirt version in installer
2000450 - 4.10: Enable static PV multi-az test
2000490 - All critical alerts shipped by CMO should have links to a runbook
2000521 - Kube-apiserver CO degraded due to failed conditional check (ConfigObservationDegraded)
2000573 - Incorrect StorageCluster CR created and ODF cluster getting installed with 2 Zone OCP cluster
2000628 - ibm-flashsystem-storage-storagesystem got created without any warning even when the attempt was cancelled
2000651 - ImageStreamTag alias results in wrong tag and invalid link in Web Console
2000754 - IPerf2 tests should be lower
2000846 - Structure logs in the entire codebase of Local Storage Operator
2000872 - [tracker] container is not able to list on some directories within the nfs after upgrade to 4.7.24
2000877 - OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM
2000938 - CVO does not respect changes to a Deployment strategy
2000963 - 'Inline-volume (default fs)] volumes should store data' tests are failing on OKD with updated selinux-policy
2001008 - [MachineSets] CloneMode defaults to linkedClone, but I don't have snapshot and should be fullClone
2001240 - Remove response headers for downloads of binaries from OpenShift WebConsole
2001295 - Remove openshift:kubevirt-machine-controllers decleration from machine-api
2001317 - OCP Platform Quota Check - Inaccurate MissingQuota error
2001337 - Details Card in ODF Dashboard mentions OCS
2001339 - fix text content hotplug
2001413 - [e2e][automation] add/delete nic and disk to template
2001441 - Test: oc adm must-gather runs successfully for audit logs - fail due to startup log
2001442 - Empty termination.log file for the kube-apiserver has too permissive mode
2001479 - IBM Cloud DNS unable to create/update records
2001566 - Enable alerts for prometheus operator in UWM
2001575 - Clicking on the perspective switcher shows a white page with loader
2001577 - Quick search placeholder is not displayed properly when the search string is removed
2001578 - [e2e][automation] add tests for vm dashboard tab
2001605 - PVs remain in Released state for a long time after the claim is deleted
2001617 - BucketClass Creation is restricted on 1st page but enabled using side navigation options
2001620 - Cluster becomes degraded if it can't talk to Manila
2001760 - While creating 'Backing Store', 'Bucket Class', 'Namespace Store' user is navigated to 'Installed Operators' page after clicking on ODF
2001761 - Unable to apply cluster operator storage for SNO on GCP platform.
2001765 - Some error message in the log of diskmaker-manager caused confusion
2001784 - show loading page before final results instead of showing a transient message No log files exist
2001804 - Reload feature on Environment section in Build Config form does not work properly
2001810 - cluster admin unable to view BuildConfigs in all namespaces
2001817 - Failed to load RoleBindings list that will lead to ‘Role name’ is not able to be selected on Create RoleBinding page as well
2001823 - OCM controller must update operator status
2001825 - [SNO]ingress/authentication clusteroperator degraded when enable ccm from start
2001835 - Could not select image tag version when create app from dev console
2001855 - Add capacity is disabled for ocs-storagecluster
2001856 - Repeating event: MissingVersion no image found for operand pod
2001959 - Side nav list borders don't extend to edges of container
2002007 - Layout issue on "Something went wrong" page
2002010 - ovn-kube may never attempt to retry a pod creation
2002012 - Cannot change volume mode when cloning a VM from a template
2002027 - Two instances of Dotnet helm chart show as one in topology
2002075 - opm render does not automatically pulling in the image(s) used in the deployments
2002121 - [OVN] upgrades failed for IPI OSP16 OVN IPSec cluster
2002125 - Network policy details page heading should be updated to Network Policy details
2002133 - [e2e][automation] add support/virtualization and improve deleteResource
2002134 - [e2e][automation] add test to verify vm details tab
2002215 - Multipath day1 not working on s390x
2002238 - Image stream tag is not persisted when switching from yaml to form editor
2002262 - [vSphere] Incorrect user agent in vCenter sessions list
2002266 - SinkBinding create form doesn't allow to use subject name, instead of label selector
2002276 - OLM fails to upgrade operators immediately
2002300 - Altering the Schedule Profile configurations doesn't affect the placement of the pods
2002354 - Missing DU configuration "Done" status reporting during ZTP flow
2002362 - Dynamic Plugin - ConsoleRemotePlugin for webpack doesn't use commonjs
2002368 - samples should not go degraded when image allowedRegistries blocks imagestream creation
2002372 - Pod creation failed due to mismatched pod IP address in CNI and OVN
2002397 - Resources search is inconsistent
2002434 - CRI-O leaks some children PIDs
2002443 - Getting undefined error on create local volume set page
2002461 - DNS operator performs spurious updates in response to API's defaulting of service's internalTrafficPolicy
2002504 - When the openshift-cluster-storage-operator is degraded because of "VSphereProblemDetectorController_SyncError", the insights operator is not sending the logs from all pods.
2002559 - User preference for topology list view does not follow when a new namespace is created
2002567 - Upstream SR-IOV worker doc has broken links
2002588 - Change text to be sentence case to align with PF
2002657 - ovn-kube egress IP monitoring is using a random port over the node network
2002713 - CNO: OVN logs should have millisecond resolution
2002748 - [ICNI2] 'ErrorAddingLogicalPort' failed to handle external GW check: timeout waiting for namespace event
2002759 - Custom profile should not allow not including at least one required HTTP2 ciphersuite
2002763 - Two storage systems getting created with external mode RHCS
2002808 - KCM does not use web identity credentials
2002834 - Cluster-version operator does not remove unrecognized volume mounts
2002896 - Incorrect result return when user filter data by name on search page
2002950 - Why spec.containers.command is not created with "oc create deploymentconfig <dc-name> --image=<image> -- <command>"
2003096 - [e2e][automation] check bootsource URL is displaying on review step
2003113 - OpenShift Baremetal IPI installer uses first three defined nodes under hosts in install-config for master nodes instead of filtering the hosts with the master role
2003120 - CI: Uncaught error with ResizeObserver on operand details page
2003145 - Duplicate operand tab titles causes "two children with the same key" warning
2003164 - OLM, fatal error: concurrent map writes
2003178 - [FLAKE][knative] The UI doesn't show updated traffic distribution after accepting the form
2003193 - Kubelet/crio leaks netns and veth ports in the host
2003195 - OVN CNI should ensure host veths are removed
2003204 - Jenkins all new container images (openshift4/ose-jenkins) not supporting '-e JENKINS_PASSWORD=password' ENV which was working for old container images
2003206 - Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace
2003239 - "[sig-builds][Feature:Builds][Slow] can use private repositories as build input" tests fail outside of CI
2003244 - Revert libovsdb client code
2003251 - Patternfly components with list element has list item bullet when they should not.
2003252 - "[sig-builds][Feature:Builds][Slow] starting a build using CLI start-build test context override environment BUILD_LOGLEVEL in buildconfig" tests do not work as expected outside of CI
2003269 - Rejected pods should be filtered from admission regression
2003357 - QE- Removing the epic tags for gherkin tags related to 4.9 Release
2003426 - [e2e][automation] add test for vm details bootorder
2003496 - [e2e][automation] add test for vm resources requirment settings
2003641 - All metal ipi jobs are failing in 4.10
2003651 - ODF4.9+LSO4.8 installation via UI, StorageCluster move to error state
2003655 - [IPI ON-PREM] Keepalived chk_default_ingress track script failed even though default router pod runs on node
2003683 - Samples operator is panicking in CI
2003711 - [UI] Empty file ceph-external-cluster-details-exporter.py downloaded from external cluster "Connection Details" page
2003715 - Error on creating local volume set after selection of the volume mode
2003743 - Remove workaround keeping /boot RW for kdump support
2003775 - etcd pod on CrashLoopBackOff after master replacement procedure
2003788 - CSR reconciler report error constantly when BYOH CSR approved by other Approver
2003792 - Monitoring metrics query graph flyover panel is useless
2003808 - Add Sprint 207 translations
2003845 - Project admin cannot access image vulnerabilities view
2003859 - sdn emits events with garbage messages
2003896 - (release-4.10) ApiRequestCounts conditional gatherer
2004009 - 4.10: Fix multi-az zone scheduling e2e for 5 control plane replicas
2004051 - CMO can report as being Degraded while node-exporter is deployed on all nodes
2004059 - [e2e][automation] fix current tests for downstream
2004060 - Trying to use basic spring boot sample causes crash on Firefox
2004101 - [UI] When creating storageSystem deployment type dropdown under advanced setting doesn't close after selection
2004127 - [flake] openshift-controller-manager event reason/SuccessfulDelete occurs too frequently
2004203 - build config's created prior to 4.8 with image change triggers can result in trigger storm in OCM/openshift-apiserver
2004313 - [RHOCP 4.9.0-rc.0] Failing to deploy Azure cluster from the macOS installer - ignition_bootstrap.ign: no such file or directory
2004449 - Boot option recovery menu prevents image boot
2004451 - The backup filename displayed in the RecentBackup message is incorrect
2004459 - QE - Modified the AddFlow gherkin scripts and automation scripts
2004508 - TuneD issues with the recent ConfigParser changes.
2004510 - openshift-gitops operator hooks gets unauthorized (401) errors during jobs executions
2004542 - [osp][octavia lb] cannot create LoadBalancer type svcs
2004578 - Monitoring and node labels missing for an external storage platform
2004585 - prometheus-k8s-0 cpu usage keeps increasing for the first 3 days
2004596 - [4.10] Bootimage bump tracker
2004597 - Duplicate ramdisk log containers running
2004600 - Duplicate ramdisk log containers running
2004609 - output of "crictl inspectp" is not complete
2004625 - BMC credentials could be logged if they change
2004632 - When LE takes a large amount of time, multiple whereabouts are seen
2004721 - ptp/worker custom threshold doesn't change ptp events threshold
2004736 - [knative] Create button on new Broker form is inactive despite form being filled
2004796 - [e2e][automation] add test for vm scheduling policy
2004814 - (release-4.10) OCM controller - change type of the etc-pki-entitlement secret to opaque
2004870 - [External Mode] Insufficient spacing along y-axis in RGW Latency Performance Card
2004901 - [e2e][automation] improve kubevirt devconsole tests
2004962 - Console frontend job consuming too much CPU in CI
2005014 - state of ODF StorageSystem is misreported during installation or uninstallation
2005052 - Adding a MachineSet selector matchLabel causes orphaned Machines
2005179 - pods status filter is not taking effect
2005182 - sync list of deprecated apis about to be removed
2005282 - Storage cluster name is given as title in StorageSystem details page
2005355 - setuptools 58 makes Kuryr CI fail
2005407 - ClusterNotUpgradeable Alert should be set to Severity Info
2005415 - PTP operator with sidecar api configured throws bind: address already in use
2005507 - SNO spoke cluster failing to reach coreos.live.rootfs_url is missing url in console
2005554 - The switch status of the button "Show default project" is not revealed correctly in code
2005581 - 4.8.12 to 4.9 upgrade hung due to cluster-version-operator pod CrashLoopBackOff: error creating clients: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2005761 - QE - Implementing crw-basic feature file
2005783 - Fix accessibility issues in the "Internal" and "Internal - Attached Mode" Installation Flow
2005811 - vSphere Problem Detector operator - ServerFaultCode: InvalidProperty
2005854 - SSH NodePort service is created for each VM
2005901 - KS, KCM and KA going Degraded during master nodes upgrade
2005902 - Current UI flow for MCG only deployment is confusing and doesn't reciprocate any message to the end-user
2005926 - PTP operator NodeOutOfPTPSync rule is using max offset from the master instead of openshift_ptp_clock_state metrics
2005971 - Change telemeter to report the Application Services product usage metrics
2005997 - SELinux domain container_logreader_t does not have a policy to follow sym links for log files
2006025 - Description to use an existing StorageClass while creating StorageSystem needs to be re-phrased
2006060 - ocs-storagecluster-storagesystem details are missing on UI for MCG Only and MCG only in LSO mode deployment types
2006101 - Power off fails for drivers that don't support Soft power off
2006243 - Metal IPI upgrade jobs are running out of disk space
2006291 - bootstrapProvisioningIP set incorrectly when provisioningNetworkCIDR doesn't use the 0th address
2006308 - Backing Store YAML tab on click displays a blank screen on UI
2006325 - Multicast is broken across nodes
2006329 - Console only allows Web Terminal Operator to be installed in OpenShift Operators
2006364 - IBM Cloud: Set resourceGroupId for resourceGroups, not simply resource
2006561 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't have failing rules evaluation [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2006690 - OS boot failure "x64 Exception Type 06 - Invalid Opcode Exception"
2006714 - add retry for etcd errors in kube-apiserver
2006767 - KubePodCrashLooping may not fire
2006803 - Set CoreDNS cache entries for forwarded zones
2006861 - Add Sprint 207 part 2 translations
2006945 - race condition can cause crashlooping bootstrap kube-apiserver in cluster-bootstrap
2006947 - e2e-aws-proxy for 4.10 is permafailing with samples operator errors
2006975 - clusteroperator/etcd status condition should not change reasons frequently due to EtcdEndpointsDegraded
2007085 - Intermittent failure mounting /run/media/iso when booting live ISO from USB stick
2007136 - Creation of BackingStore, BucketClass, NamespaceStore fails
2007271 - CI Integration for Knative test cases
2007289 - kubevirt tests are failing in CI
2007322 - Devfile/Dockerfile import does not work for unsupported git host
2007328 - Updated patternfly to v4.125.3 and pf.quickstarts to v1.2.3.
2007379 - Events are not generated for master offset for ordinary clock
2007443 - [ICNI 2.0] Loadbalancer pods do not establish BFD sessions with all workers that host pods for the routed namespace
2007455 - cluster-etcd-operator: render command should fail if machineCidr contains reserved address
2007495 - Large label value for the metric kubelet_started_pods_errors_total with label message when there is a error
2007522 - No new local-storage-operator-metadata-container is build for 4.10
2007551 - No new ose-aws-efs-csi-driver-operator-bundle-container is build for 4.10
2007580 - Azure cilium installs are failing e2e tests
2007581 - Too many haproxy processes in default-router pod causing high load average after upgrade from v4.8.3 to v4.8.10
2007677 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes
2007692 - 4.9 "old-rhcos" jobs are permafailing with storage test failures
2007710 - ci/prow/e2e-agnostic-cmd job is failing on prow
2007757 - must-gather extracts imagestreams in the "openshift" namespace, but not Templates
2007802 - AWS machine actuator get stuck if machine is completely missing
2008096 - TestAWSFinalizerDeleteS3Bucket sometimes fails to teardown operator
2008119 - The serviceAccountIssuer field on Authentication CR is reseted to “” when installation process
2008151 - Topology breaks on clicking in empty state
2008185 - Console operator go.mod should use go 1.16.version
2008201 - openstack-az job is failing on haproxy idle test
2008207 - vsphere CSI driver doesn't set resource limits
2008223 - gather_audit_logs: fix oc command line to get the current audit profile
2008235 - The Save button in the Edit DC form remains disabled
2008256 - Update Internationalization README with scope info
2008321 - Add correct documentation link for MON_DISK_LOW
2008462 - Disable PodSecurity feature gate for 4.10
2008490 - Backing store details page does not contain all the kebab actions.
2008521 - gcp-hostname service should correct invalid search entries in resolv.conf
2008532 - CreateContainerConfigError:: failed to prepare subPath for volumeMount
2008539 - Registry doesn't fall back to secondary ImageContentSourcePolicy Mirror
2008540 - HighlyAvailableWorkloadIncorrectlySpread always fires on upgrade on cluster with two workers
2008599 - Azure Stack UPI does not have Internal Load Balancer
2008612 - Plugin asset proxy does not pass through browser cache headers
2008712 - VPA webhook timeout prevents all pods from starting
2008733 - kube-scheduler: exposed /debug/pprof port
2008911 - Prometheus repeatedly scaling prometheus-operator replica set
2008926 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial]
2008987 - OpenShift SDN Hosted Egress IP's are not being scheduled to nodes after upgrade to 4.8.12
2009055 - Instances of OCS to be replaced with ODF on UI
2009078 - NetworkPodsCrashLooping alerts in upgrade CI jobs
2009083 - opm blocks pruning of existing bundles during add
2009111 - [IPI-on-GCP] 'Install a cluster with nested virtualization enabled' failed due to unable to launch compute instances
2009131 - [e2e][automation] add more test about vmi
2009148 - [e2e][automation] test vm nic presets and options
2009233 - ACM policy object generated by PolicyGen conflicting with OLM Operator
2009253 - [BM] [IPI] [DualStack] apiVIP and ingressVIP should be of the same primary IP family
2009298 - Service created for VM SSH access is not owned by the VM and thus is not deleted if the VM is deleted
2009384 - UI changes to support BindableKinds CRD changes
2009404 - ovnkube-node pod enters CrashLoopBackOff after OVN_IMAGE is swapped
2009424 - Deployment upgrade is failing availability check
2009454 - Change web terminal subscription permissions from get to list
2009465 - container-selinux should come from rhel8-appstream
2009514 - Bump OVS to 2.16-15
2009555 - Supermicro X11 system not booting from vMedia with AI
2009623 - Console: Observe > Metrics page: Table pagination menu shows bullet points
2009664 - Git Import: Edit of knative service doesn't work as expected for git import flow
2009699 - Failure to validate flavor RAM
2009754 - Footer is not sticky anymore in import forms
2009785 - CRI-O's version file should be pinned by MCO
2009791 - Installer: ibmcloud ignores install-config values
2009823 - [sig-arch] events should not repeat pathologically - reason/VSphereOlderVersionDetected Marking cluster un-upgradeable because one or more VMs are on hardware version vmx-13
2009840 - cannot build extensions on aarch64 because of unavailability of rhel-8-advanced-virt repo
2009859 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests
2009873 - Stale Logical Router Policies and Annotations for a given node
2009879 - There should be test-suite coverage to ensure admin-acks work as expected
2009888 - SRO package name collision between official and community version
2010073 - uninstalling and then reinstalling sriov-network-operator is not working
2010174 - 2 PVs get created unexpectedly with different paths that actually refer to the same device on the node.
2010181 - Environment variables not getting reset on reload on deployment edit form
2010310 - [sig-instrumentation][Late] OpenShift alerting rules should have description and summary annotations [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2010341 - OpenShift Alerting Rules Style-Guide Compliance
2010342 - Local console builds can have out of memory errors
2010345 - OpenShift Alerting Rules Style-Guide Compliance
2010348 - Reverts PIE build mode for K8S components
2010352 - OpenShift Alerting Rules Style-Guide Compliance
2010354 - OpenShift Alerting Rules Style-Guide Compliance
2010359 - OpenShift Alerting Rules Style-Guide Compliance
2010368 - OpenShift Alerting Rules Style-Guide Compliance
2010376 - OpenShift Alerting Rules Style-Guide Compliance
2010662 - Cluster is unhealthy after image-registry-operator tests
2010663 - OpenShift Alerting Rules Style-Guide Compliance (ovn-kubernetes subcomponent)
2010665 - Bootkube tries to use oc after cluster bootstrap is done and there is no API
2010698 - [BM] [IPI] [Dual Stack] Installer must ensure ipv6 short forms too if clusterprovisioning IP is specified as ipv6 address
2010719 - etcdHighNumberOfFailedGRPCRequests runbook is missing
2010864 - Failure building EFS operator
2010910 - ptp worker events unable to identify interface for multiple interfaces
2010911 - RenderOperatingSystem() returns wrong OS version on OCP 4.7.24
2010921 - Azure Stack Hub does not handle additionalTrustBundle
2010931 - SRO CSV uses non default category "Drivers and plugins"
2010946 - concurrent CRD from ovirt-csi-driver-operator gets reconciled by CVO after deployment, changing CR as well.
2011038 - optional operator conditions are confusing
2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass
2011171 - diskmaker-manager constantly redeployed by LSO when creating LV's
2011293 - Build pod are not pulling images if we are not explicitly giving the registry name with the image
2011368 - Tooltip in pipeline visualization shows misleading data
2011386 - [sig-arch] Check if alerts are firing during or after upgrade success --- alert KubePodNotReady fired for 60 seconds with labels
2011411 - Managed Service's Cluster overview page contains link to missing Storage dashboards
2011443 - Cypress tests assuming Admin Perspective could fail on shared/reference cluster
2011513 - Kubelet rejects pods that use resources that should be freed by completed pods
2011668 - Machine stuck in deleting phase in VMware "reconciler failed to Delete machine"
2011693 - (release-4.10) "insightsclient_request_recvreport_total" metric is always incremented
2011698 - After upgrading cluster to 4.8 the kube-state-metrics service doesn't export namespace labels anymore
2011733 - Repository README points to broken documentarion link
2011753 - Ironic resumes clean before raid configuration job is actually completed
2011809 - The nodes page in the openshift console doesn't work. You just get a blank page
2011822 - Obfuscation doesn't work at clusters with OVN
2011882 - SRO helm charts not synced with templates
2011893 - Validation: BMC driver ipmi is not supported for secure UEFI boot
2011896 - [4.10] ClusterVersion Upgradeable=False MultipleReasons should include all messages
2011903 - vsphere-problem-detector: session leak
2011927 - OLM should allow users to specify a proxy for GRPC connections
2011956 - [tracker] Kubelet rejects pods that use resources that should be freed by completed pods
2011960 - [tracker] Storage operator is not available after reboot cluster instances
2011971 - ICNI2 pods are stuck in ContainerCreating state
2011972 - Ingress operator not creating wildcard route for hypershift clusters
2011977 - SRO bundle references non-existent image
2012069 - Refactoring Status controller
2012177 - [OCP 4.9 + OCS 4.8.3] Overview tab is missing under Storage after successful deployment on UI
2012228 - ibmcloud: credentialsrequests invalid for machine-api-operator: resource-group
2012233 - [IBMCLOUD] IPI: "Exceeded limit of remote rules per security group (the limit is 5 remote rules per security group)"
2012235 - [IBMCLOUD] IPI: IBM cloud provider requires ResourceGroupName in cloudproviderconfig
2012317 - Dynamic Plugins: ListPageCreateDropdown items cut off
2012407 - [e2e][automation] improve vm tab console tests
2012426 - ThanosSidecarBucketOperationsFailed/ThanosSidecarUnhealthy alerts don't have namespace label
2012562 - migration condition is not detected in list view
2012770 - when using expression metric openshift_apps_deploymentconfigs_last_failed_rollout_time namespace label is re-written
2012780 - The port 50936 used by haproxy is occupied by kube-apiserver
2012838 - Setting the default maximum container root partition size for Overlay with CRI-O stop working
2012902 - Neutron Ports assigned to Completed Pods are not reused Edit
2012915 - kube_persistentvolumeclaim_labels and kube_persistentvolume_labels are missing in OCP 4.8 monitoring stack
2012971 - Disable operands deletes
2013034 - Cannot install to openshift-nmstate namespace
2013127 - OperatorHub links could not be opened in a new tabs (sharing and open a deep link works fine)
2013199 - post reboot of node SRIOV policy taking huge time
2013203 - UI breaks when trying to create block pool before storage cluster/system creation
2013222 - Full breakage for nightly payload promotion
2013273 - Nil pointer exception when phc2sys options are missing
2013321 - TuneD: high CPU utilization of the TuneD daemon.
2013416 - Multiple assets emit different content to the same filename
2013431 - Application selector dropdown has incorrect font-size and positioning
2013528 - mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8
2013545 - Service binding created outside topology is not visible
2013599 - Scorecard support storage is not included in ocp4.9
2013632 - Correction/Changes in Quick Start Guides for ODF 4.9 (Install ODF guide)
2013646 - fsync controller will show false positive if gaps in metrics are observed.
2013710 - ZTP Operator subscriptions for 4.9 release branch should point to 4.9 by default
2013751 - Service details page is showing wrong in-cluster hostname
2013787 - There are two tittle 'Network Attachment Definition Details' on NAD details page
2013871 - Resource table headings are not aligned with their column data
2013895 - Cannot enable accelerated network via MachineSets on Azure
2013920 - "--collector.filesystem.ignored-mount-points is DEPRECATED and will be removed in 2.0.0, use --collector.filesystem.mount-points-exclude"
2013930 - Create Buttons enabled for Bucket Class, Backingstore and Namespace Store in the absence of Storagesystem(or MCG)
2013969 - oVIrt CSI driver fails on creating PVCs on hosted engine storage domain
2013990 - Observe dashboard crashs on reload when perspective has changed (in another tab)
2013996 - Project detail page: Action "Delete Project" does nothing for the default project
2014071 - Payload imagestream new tags not properly updated during cluster upgrade
2014153 - SRIOV exclusive pooling
2014202 - [OCP-4.8.10] OVN-Kubernetes: service IP is not responding when egressIP set to the namespace
2014238 - AWS console test is failing on importing duplicate YAML definitions
2014245 - Several aria-labels, external links, and labels aren't internationalized
2014248 - Several files aren't internationalized
2014352 - Could not filter out machine by using node name on machines page
2014464 - Unexpected spacing/padding below navigation groups in developer perspective
2014471 - Helm Release notes tab is not automatically open after installing a chart for other languages
2014486 - Integration Tests: OLM single namespace operator tests failing
2014488 - Custom operator cannot change orders of condition tables
2014497 - Regex slows down different forms and creates too much recursion errors in the log
2014538 - Kuryr controller crash looping on self._get_vip_port(loadbalancer).id 'NoneType' object has no attribute 'id'
2014614 - Metrics scraping requests should be assigned to exempt priority level
2014710 - TestIngressStatus test is broken on Azure
2014954 - The prometheus-k8s-{0,1} pods are CrashLoopBackoff repeatedly
2014995 - oc adm must-gather cannot gather audit logs with 'None' audit profile
2015115 - [RFE] PCI passthrough
2015133 - [IBMCLOUD] ServiceID API key credentials seems to be insufficient for ccoctl '--resource-group-name' parameter
2015154 - Support ports defined networks and primarySubnet
2015274 - Yarn dev fails after updates to dynamic plugin JSON schema logic
2015337 - 4.9.0 GA MetalLB operator image references need to be adjusted to match production
2015386 - Possibility to add labels to the built-in OCP alerts
2015395 - Table head on Affinity Rules modal is not fully expanded
2015416 - CI implementation for Topology plugin
2015418 - Project Filesystem query returns No datapoints found
2015420 - No vm resource in project view's inventory
2015422 - No conflict checking on snapshot name
2015472 - Form and YAML view switch button should have distinguishable status
2015481 - [4.10] sriov-network-operator daemon pods are failing to start
2015493 - Cloud Controller Manager Operator does not respect 'additionalTrustBundle' setting
2015496 - Storage - PersistentVolumes : Claim colum value 'No Claim' in English
2015498 - [UI] Add capacity when not applicable (for MCG only deployment and External mode cluster) fails to pass any info. to user and tries to just load a blank screen on 'Add Capacity' button click
2015506 - Home - Search - Resources - APIRequestCount : hard to select an item from ellipsis menu
2015515 - Kubelet checks all providers even if one is configured: NoCredentialProviders: no valid providers in chain.
2015535 - Administration - ResourceQuotas - ResourceQuota details: Inside Pie chart 'x% used' is in English
2015549 - Observe - Metrics: Column heading and pagination text is in English
2015557 - Workloads - DeploymentConfigs : Error message is in English
2015568 - Compute - Nodes : CPU column's values are in English
2015635 - Storage operator fails causing installation to fail on ASH
2015660 - "Finishing boot source customization" screen should not use term "patched"
2015793 - [hypershift] The collect-profiles job's pods should run on the control-plane node
2015806 - Metrics view in Deployment reports "Forbidden" when not cluster-admin
2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning
2015837 - OS_CLOUD overwrites install-config's platform.openstack.cloud
2015950 - update from 4.7.22 to 4.8.11 is failing due to large amount of secrets to watch
2015952 - RH CodeReady Workspaces Operator in e2e testing will soon fail
2016004 - [RFE] RHCOS: help determining whether a user-provided image was already booted (Ignition provisioning already performed)
2016008 - [4.10] Bootimage bump tracker
2016052 - No e2e CI presubmit configured for release component azure-file-csi-driver
2016053 - No e2e CI presubmit configured for release component azure-file-csi-driver-operator
2016054 - No e2e CI presubmit configured for release component cluster-autoscaler
2016055 - No e2e CI presubmit configured for release component console
2016058 - openshift-sync does not synchronise in "ose-jenkins:v4.8"
2016064 - No e2e CI presubmit configured for release component ibm-cloud-controller-manager
2016065 - No e2e CI presubmit configured for release component ibmcloud-machine-controllers
2016175 - Pods get stuck in ContainerCreating state when attaching volumes fails on SNO clusters.
2016179 - Add Sprint 208 translations
2016228 - Collect Profiles pprof secret is hardcoded to openshift-operator-lifecycle-manager
2016235 - should update to 7.5.11 for grafana resources version label
2016296 - Openshift virtualization : Create Windows Server 2019 VM using template : Fails
2016334 - shiftstack: SRIOV nic reported as not supported
2016352 - Some pods start before CA resources are present
2016367 - Empty task box is getting created for a pipeline without finally task
2016435 - Duplicate AlertmanagerClusterFailedToSendAlerts alerts
2016438 - Feature flag gating is missing in few extensions contributed via knative plugin
2016442 - OCPonRHV: pvc should be in Bound state and without error when choosing default sc
2016446 - [OVN-Kubernetes] Egress Networkpolicy is failing Intermittently for statefulsets
2016453 - Complete i18n for GaugeChart defaults
2016479 - iface-id-ver is not getting updated for existing lsp
2016925 - Dashboards with All filter, change to a specific value and change back to All, data will disappear
2016951 - dynamic actions list is not disabling "open console" for stopped vms
2016955 - m5.large instance type for bootstrap node is hardcoded causing deployments to fail if instance type is not available
2016988 - NTO does not set io_timeout and max_retries for AWS Nitro instances
2017016 - [REF] Virtualization menu
2017036 - [sig-network-edge][Feature:Idling] Unidling should handle many TCP connections fails in periodic-ci-openshift-release-master-ci-4.9-e2e-openstack-ovn
2017050 - Dynamic Plugins: Shared modules loaded multiple times, breaking use of PatternFly
2017130 - t is not a function error navigating to details page
2017141 - Project dropdown has a dynamic inline width added which can cause min-width issue
2017244 - ovirt csi operator static files creation is in the wrong order
2017276 - [4.10] Volume mounts not created with the correct security context
2017327 - When run opm index prune failed with error removing operator package cic-operator FOREIGN KEY constraint failed.
2017427 - NTO does not restart TuneD daemon when profile application is taking too long
2017535 - Broken Argo CD link image on GitOps Details Page
2017547 - Siteconfig application sync fails with The AgentClusterInstall is invalid: spec.provisionRequirements.controlPlaneAgents: Required value when updating images references
2017564 - On-prem prepender dispatcher script overwrites DNS search settings
2017565 - CCMO does not handle additionalTrustBundle on Azure Stack
2017566 - MetalLB: Web Console -Create Address pool form shows address pool name twice
2017606 - [e2e][automation] add test to verify send key for VNC console
2017650 - [OVN]EgressFirewall cannot be applied correctly if cluster has windows nodes
2017656 - VM IP address is "undefined" under VM details -> ssh field
2017663 - SSH password authentication is disabled when public key is not supplied
2017680 - [gcp] Couldn’t enable support for instances with GPUs on GCP
2017732 - [KMS] Prevent creation of encryption enabled storageclass without KMS connection set
2017752 - (release-4.10) obfuscate identity provider attributes in collected authentication.operator.openshift.io resource
2017756 - overlaySize setting on containerruntimeconfig is ignored due to cri-o defaults
2017761 - [e2e][automation] dummy bug for 4.9 test dependency
2017872 - Add Sprint 209 translations
2017874 - The installer is incorrectly checking the quota for X instances instead of G and VT instances
2017879 - Add Chinese translation for "alternate"
2017882 - multus: add handling of pod UIDs passed from runtime
2017909 - [ICNI 2.0] ovnkube-masters stop processing add/del events for pods
2018042 - HorizontalPodAutoscaler CPU averageValue did not show up in HPA metrics GUI
2018093 - Managed cluster should ensure control plane pods do not run in best-effort QoS
2018094 - the tooltip length is limited
2018152 - CNI pod is not restarted when It cannot start servers due to ports being used
2018208 - e2e-metal-ipi-ovn-ipv6 are failing 75% of the time
2018234 - user settings are saved in local storage instead of on cluster
2018264 - Delete Export button doesn't work in topology sidebar (general issue with unknown CSV?)
2018272 - Deployment managed by link and topology sidebar links to invalid resource page (at least for Exports)
2018275 - Topology graph doesn't show context menu for Export CSV
2018279 - Edit and Delete confirmation modals for managed resource should close when the managed resource is clicked
2018380 - Migrate docs links to access.redhat.com
2018413 - Error: context deadline exceeded, OCP 4.8.9
2018428 - PVC is deleted along with VM even with "Delete Disks" unchecked
2018445 - [e2e][automation] enhance tests for downstream
2018446 - [e2e][automation] move tests to different level
2018449 - [e2e][automation] add test about create/delete network attachment definition
2018490 - [4.10] Image provisioning fails with file name too long
2018495 - Fix typo in internationalization README
2018542 - Kernel upgrade does not reconcile DaemonSet
2018880 - Get 'No datapoints found.' when query metrics about alert rule KubeCPUQuotaOvercommit and KubeMemoryQuotaOvercommit
2018884 - QE - Adapt crw-basic feature file to OCP 4.9/4.10 changes
2018935 - go.sum not updated, that ART extracts version string from, WAS: Missing backport from 4.9 for Kube bump PR#950
2018965 - e2e-metal-ipi-upgrade is permafailing in 4.10
2018985 - The rootdisk size is 15Gi of windows VM in customize wizard
2019001 - AWS: Operator degraded (CredentialsFailing): 1 of 6 credentials requests are failing to sync.
2019096 - Update SRO leader election timeout to support SNO
2019129 - SRO in operator hub points to wrong repo for README
2019181 - Performance profile does not apply
2019198 - ptp offset metrics are not named according to the log output
2019219 - [IBMCLOUD]: cloud-provider-ibm missing IAM permissions in CCCMO CredentialRequest
2019284 - Stop action should not in the action list while VMI is not running
2019346 - zombie processes accumulation and Argument list too long
2019360 - [RFE] Virtualization Overview page
2019452 - Logger object in LSO appends to existing logger recursively
2019591 - Operator install modal body that scrolls has incorrect padding causing shadow position to be incorrect
2019634 - Pause and migration is enabled in action list for a user who has view only permission
2019636 - Actions in VM tabs should be disabled when user has view only permission
2019639 - "Take snapshot" should be disabled while VM image is still been importing
2019645 - Create button is not removed on "Virtual Machines" page for view only user
2019646 - Permission error should pop-up immediately while clicking "Create VM" button on template page for view only user
2019647 - "Remove favorite" and "Create new Template" should be disabled in template action list for view only user
2019717 - cant delete VM with un-owned pvc attached
2019722 - The shared-resource-csi-driver-node pod runs as “BestEffort” qosClass
2019739 - The shared-resource-csi-driver-node uses imagePullPolicy as "Always"
2019744 - [RFE] Suggest users to download newest RHEL 8 version
2019809 - [OVN][Upgrade] After upgrade to 4.7.34 ovnkube-master pods are in CrashLoopBackOff/ContainerCreating and other multiple issues at OVS/OVN level
2019827 - Display issue with top-level menu items running demo plugin
2019832 - 4.10 Nightlies blocked: Failed to upgrade authentication, operator was degraded
2019886 - Kuryr unable to finish ports recovery upon controller restart
2019948 - [RFE] Restructring Virtualization links
2019972 - The Nodes section doesn't display the csr of the nodes that are trying to join the cluster
2019977 - Installer doesn't validate region causing binary to hang with a 60 minute timeout
2019986 - Dynamic demo plugin fails to build
2019992 - instance:node_memory_utilisation:ratio metric is incorrect
2020001 - Update dockerfile for demo dynamic plugin to reflect dir change
2020003 - MCD does not regard "dangling" symlinks as a files, attempts to write through them on next backup, resulting in "not writing through dangling symlink" error and degradation.
2020107 - cluster-version-operator: remove runlevel from CVO namespace
2020153 - Creation of Windows high performance VM fails
2020216 - installer: Azure storage container blob where is stored bootstrap.ign file shouldn't be public
2020250 - Replacing deprecated ioutil
2020257 - Dynamic plugin with multiple webpack compilation passes may fail to build
2020275 - ClusterOperators link in console returns blank page during upgrades
2020377 - permissions error while using tcpdump option with must-gather
2020489 - coredns_dns metrics don't include the custom zone metrics data due to CoreDNS prometheus plugin is not defined
2020498 - "Show PromQL" button is disabled
2020625 - [AUTH-52] User fails to login from web console with keycloak OpenID IDP after enable group membership sync feature
2020638 - [4.7] CI conformance test failures related to CustomResourcePublishOpenAPI
2020664 - DOWN subports are not cleaned up
2020904 - When trying to create a connection from the Developer view between VMs, it fails
2021016 - 'Prometheus Stats' of dashboard 'Prometheus Overview' miss data on console compared with Grafana
2021017 - 404 page not found error on knative eventing page
2021031 - QE - Fix the topology CI scripts
2021048 - [RFE] Added MAC Spoof check
2021053 - Metallb operator presented as community operator
2021067 - Extensive number of requests from storage version operator in cluster
2021081 - Missing PolicyGenTemplate for configuring Local Storage Operator LocalVolumes
2021135 - [azure-file-csi-driver] "make unit-test" returns non-zero code, but tests pass
2021141 - Cluster should allow a fast rollout of kube-apiserver is failing on single node
2021151 - Sometimes the DU node does not get the performance profile configuration applied and MachineConfigPool stays stuck in Updating
2021152 - imagePullPolicy is "Always" for ptp operator images
2021191 - Project admins should be able to list available network attachment defintions
2021205 - Invalid URL in git import form causes validation to not happen on URL change
2021322 - cluster-api-provider-azure should populate purchase plan information
2021337 - Dynamic Plugins: ResourceLink doesn't render when passed a groupVersionKind
2021364 - Installer requires invalid AWS permission s3:GetBucketReplication
2021400 - Bump documentationBaseURL to 4.10
2021405 - [e2e][automation] VM creation wizard Cloud Init editor
2021433 - "[sig-builds][Feature:Builds][pullsearch] docker build where the registry is not specified" test fail permanently on disconnected
2021466 - [e2e][automation] Windows guest tool mount
2021544 - OCP 4.6.44 - Ingress VIP assigned as secondary IP in ovs-if-br-ex and added to resolv.conf as nameserver
2021551 - Build is not recognizing the USER group from an s2i image
2021607 - Unable to run openshift-install with a vcenter hostname that begins with a numeric character
2021629 - api request counts for current hour are incorrect
2021632 - [UI] Clicking on odf-operator breadcrumb from StorageCluster details page displays empty page
2021693 - Modals assigned modal-lg class are no longer the correct width
2021724 - Observe > Dashboards: Graph lines are not visible when obscured by other lines
2021731 - CCO occasionally down, reporting networksecurity.googleapis.com API as disabled
2021936 - Kubelet version in RPMs should be using Dockerfile label instead of git tags
2022050 - [BM][IPI] Failed during bootstrap - unable to read client-key /var/lib/kubelet/pki/kubelet-client-current.pem
2022053 - dpdk application with vhost-net is not able to start
2022114 - Console logging every proxy request
2022144 - 1 of 3 ovnkube-master pods stuck in clbo after ipi bm deployment - dualstack (Intermittent)
2022251 - wait interval in case of a failed upload due to 403 is unnecessarily long
2022399 - MON_DISK_LOW troubleshooting guide link when clicked, gives 404 error .
2022447 - ServiceAccount in manifests conflicts with OLM
2022502 - Patternfly tables with a checkbox column are not displaying correctly because of conflicting css rules.
2022509 - getOverrideForManifest does not check manifest.GVK.Group
2022536 - WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache
2022612 - no namespace field for "Kubernetes / Compute Resources / Namespace (Pods)" admin console dashboard
2022627 - Machine object not picking up external FIP added to an openstack vm
2022646 - configure-ovs.sh failure - Error: unknown connection 'WARN:'
2022707 - Observe / monitoring dashboard shows forbidden errors on Dev Sandbox
2022801 - Add Sprint 210 translations
2022811 - Fix kubelet log rotation file handle leak
2022812 - [SCALE] ovn-kube service controller executes unnecessary load balancer operations
2022824 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests
2022880 - Pipeline renders with minor visual artifact with certain task dependencies
2022886 - Incorrect URL in operator description
2023042 - CRI-O filters custom runtime allowed annotation when both custom workload and custom runtime sections specified under the config
2023060 - [e2e][automation] Windows VM with CDROM migration
2023077 - [e2e][automation] Home Overview Virtualization status
2023090 - [e2e][automation] Examples of Import URL for VM templates
2023102 - [e2e][automation] Cloudinit disk of VM from custom template
2023216 - ACL for a deleted egressfirewall still present on node join switch
2023228 - Remove Tech preview badge on Trigger components 1.6 OSP on OCP 4.9
2023238 - [sig-devex][Feature:ImageEcosystem][python][Slow] hot deploy for openshift python image Django example should work with hot deploy
2023342 - SCC admission should take ephemeralContainers into account
2023356 - Devfiles can't be loaded in Safari on macOS (403 - Forbidden)
2023434 - Update Azure Machine Spec API to accept Marketplace Images
2023500 - Latency experienced while waiting for volumes to attach to node
2023522 - can't remove package from index: database is locked
2023560 - "Network Attachment Definitions" has no project field on the top in the list view
2023592 - [e2e][automation] add mac spoof check for nad
2023604 - ACL violation when deleting a provisioning-configuration resource
2023607 - console returns blank page when normal user without any projects visit Installed Operators page
2023638 - Downgrade support level for extended control plane integration to Dev Preview
2023657 - inconsistent behaviours of adding ssh key on rhel node between 4.9 and 4.10
2023675 - Changing CNV Namespace
2023779 - Fix Patch 104847 in 4.9
2023781 - initial hardware devices is not loading in wizard
2023832 - CCO updates lastTransitionTime for non-Status changes
2023839 - Bump recommended FCOS to 34.20211031.3.0
2023865 - Console css overrides prevent dynamic plug-in PatternFly tables from displaying correctly
2023950 - make test-e2e-operator on kubernetes-nmstate results in failure to pull image from "registry:5000" repository
2023985 - [4.10] OVN idle service cannot be accessed after upgrade from 4.8
2024055 - External DNS added extra prefix for the TXT record
2024108 - Occasionally node remains in SchedulingDisabled state even after update has been completed sucessfully
2024190 - e2e-metal UPI is permafailing with inability to find rhcos.json
2024199 - 400 Bad Request error for some queries for the non admin user
2024220 - Cluster monitoring checkbox flickers when installing Operator in all-namespace mode
2024262 - Sample catalog is not displayed when one API call to the backend fails
2024309 - cluster-etcd-operator: defrag controller needs to provide proper observability
2024316 - modal about support displays wrong annotation
2024328 - [oVirt / RHV] PV disks are lost when machine deleted while node is disconnected
2024399 - Extra space is in the translated text of "Add/Remove alternate service" on Create Route page
2024448 - When ssh_authorized_keys is empty in form view it should not appear in yaml view
2024493 - Observe > Alerting > Alerting rules page throws error trying to destructure undefined
2024515 - test-blocker: Ceph-storage-plugin tests failing
2024535 - hotplug disk missing OwnerReference
2024537 - WINDOWS_IMAGE_LINK does not refer to windows cloud image
2024547 - Detail page is breaking for namespace store , backing store and bucket class.
2024551 - KMS resources not getting created for IBM FlashSystem storage
2024586 - Special Resource Operator(SRO) - Empty image in BuildConfig when using RT kernel
2024613 - pod-identity-webhook starts without tls
2024617 - vSphere CSI tests constantly failing with Rollout of the monitoring stack failed and is degraded
2024665 - Bindable services are not shown on topology
2024731 - linuxptp container: unnecessary checking of interfaces
2024750 - i18n some remaining OLM items
2024804 - gcp-pd-csi-driver does not use trusted-ca-bundle when cluster proxy configured
2024826 - [RHOS/IPI] Masters are not joining a clusters when installing on OpenStack
2024841 - test Keycloak with latest tag
2024859 - Not able to deploy an existing image from private image registry using developer console
2024880 - Egress IP breaks when network policies are applied
2024900 - Operator upgrade kube-apiserver
2024932 - console throws "Unauthorized" error after logging out
2024933 - openshift-sync plugin does not sync existing secrets/configMaps on start up
2025093 - Installer does not honour diskformat specified in storage policy and defaults to zeroedthick
2025230 - ClusterAutoscalerUnschedulablePods should not be a warning
2025266 - CreateResource route has exact prop which need to be removed
2025301 - [e2e][automation] VM actions availability in different VM states
2025304 - overwrite storage section of the DV spec instead of the pvc section
2025431 - [RFE]Provide specific windows source link
2025458 - [IPI-AWS] cluster-baremetal-operator pod in a crashloop state after patching from 4.7.21 to 4.7.36
2025464 - [aws] openshift-install gather bootstrap collects logs for bootstrap and only one master node
2025467 - [OVN-K][ETP=local] Host to service backed by ovn pods doesn't work for ExternalTrafficPolicy=local
2025481 - Update VM Snapshots UI
2025488 - [DOCS] Update the doc for nmstate operator installation
2025592 - ODC 4.9 supports invalid devfiles only
2025765 - It should not try to load from storageProfile after unchecking"Apply optimized StorageProfile settings"
2025767 - VMs orphaned during machineset scaleup
2025770 - [e2e] non-priv seems looking for v2v-vmware configMap in ns "kubevirt-hyperconverged" while using customize wizard
2025788 - [IPI on azure]Pre-check on IPI Azure, should check VM Size’s vCPUsAvailable instead of vCPUs for the sku.
2025821 - Make "Network Attachment Definitions" available to regular user
2025823 - The console nav bar ignores plugin separator in existing sections
2025830 - CentOS capitalizaion is wrong
2025837 - Warn users that the RHEL URL expire
2025884 - External CCM deploys openstack-cloud-controller-manager from quay.io/openshift/origin-*
2025903 - [UI] RoleBindings tab doesn't show correct rolebindings
2026104 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2026178 - OpenShift Alerting Rules Style-Guide Compliance
2026209 - Updation of task is getting failed (tekton hub integration)
2026223 - Internal error occurred: failed calling webhook "ptpconfigvalidationwebhook.openshift.io"
2026321 - [UPI on Azure] Shall we remove allowedValue about VMSize in ARM templates
2026343 - [upgrade from 4.5 to 4.6] .status.connectionState.address of catsrc community-operators is not correct
2026352 - Kube-Scheduler revision-pruner fail during install of new cluster
2026374 - aws-pod-identity-webhook go.mod version out of sync with build environment
2026383 - Error when rendering custom Grafana dashboard through ConfigMap
2026387 - node tuning operator metrics endpoint serving old certificates after certificate rotation
2026396 - Cachito Issues: sriov-network-operator Image build failure
2026488 - openshift-controller-manager - delete event is repeating pathologically
2026489 - ThanosRuleRuleEvaluationLatencyHigh alerts when a big quantity of alerts defined.
2026560 - Cluster-version operator does not remove unrecognized volume mounts
2026699 - fixed a bug with missing metadata
2026813 - add Mellanox CX-6 Lx DeviceID 101f NIC support in SR-IOV Operator
2026898 - Description/details are missing for Local Storage Operator
2027132 - Use the specific icon for Fedora and CentOS template
2027238 - "Node Exporter / USE Method / Cluster" CPU utilization graph shows incorrect legend
2027272 - KubeMemoryOvercommit alert should be human readable
2027281 - [Azure] External-DNS cannot find the private DNS zone in the resource group
2027288 - Devfile samples can't be loaded after fixing it on Safari (redirect caching issue)
2027299 - The status of checkbox component is not revealed correctly in code
2027311 - K8s watch hooks do not work when fetching core resources
2027342 - Alert ClusterVersionOperatorDown is firing on OpenShift Container Platform after ca certificate rotation
2027363 - The azure-file-csi-driver and azure-file-csi-driver-operator don't use the downstream images
2027387 - [IBMCLOUD] Terraform ibmcloud-provider buffers entirely the qcow2 image causing spikes of 5GB of RAM during installation
2027498 - [IBMCloud] SG Name character length limitation
2027501 - [4.10] Bootimage bump tracker
2027524 - Delete Application doesn't delete Channels or Brokers
2027563 - e2e/add-flow-ci.feature fix accessibility violations
2027585 - CVO crashes when changing spec.upstream to a cincinnati graph which includes invalid conditional edges
2027629 - Gather ValidatingWebhookConfiguration and MutatingWebhookConfiguration resource definitions
2027685 - openshift-cluster-csi-drivers pods crashing on PSI
2027745 - default samplesRegistry prevents the creation of imagestreams when registrySources.allowedRegistries is enforced
2027824 - ovnkube-master CrashLoopBackoff: panic: Expected slice or struct but got string
2027917 - No settings in hostfirmwaresettings and schema objects for masters
2027927 - sandbox creation fails due to obsolete option in /etc/containers/storage.conf
2027982 - nncp stucked at ConfigurationProgressing
2028019 - Max pending serving CSRs allowed in cluster machine approver is not right for UPI clusters
2028024 - After deleting a SpecialResource, the node is still tagged although the driver is removed
2028030 - Panic detected in cluster-image-registry-operator pod
2028042 - Desktop viewer for Windows VM shows "no Service for the RDP (Remote Desktop Protocol) can be found"
2028054 - Cloud controller manager operator can't get leader lease when upgrading from 4.8 up to 4.9
2028106 - [RFE] Use dynamic plugin actions for kubevirt plugin
2028141 - Console tests doesn't pass on Node.js 15 and 16
2028160 - Remove i18nKey in network-policy-peer-selectors.tsx
2028162 - Add Sprint 210 translations
2028170 - Remove leading and trailing whitespace
2028174 - Add Sprint 210 part 2 translations
2028187 - Console build doesn't pass on Node.js 16 because node-sass doesn't support it
2028217 - Cluster-version operator does not default Deployment replicas to one
2028240 - Multiple CatalogSources causing higher CPU use than necessary
2028268 - Password parameters are listed in FirmwareSchema in spite that cannot and shouldn't be set in HostFirmwareSettings
2028325 - disableDrain should be set automatically on SNO
2028484 - AWS EBS CSI driver's livenessprobe does not respect operator's loglevel
2028531 - Missing netFilter to the list of parameters when platform is OpenStack
2028610 - Installer doesn't retry on GCP rate limiting
2028685 - LSO repeatedly reports errors while diskmaker-discovery pod is starting
2028695 - destroy cluster does not prune bootstrap instance profile
2028731 - The containerruntimeconfig controller has wrong assumption regarding the number of containerruntimeconfigs
2028802 - CRI-O panic due to invalid memory address or nil pointer dereference
2028816 - VLAN IDs not released on failures
2028881 - Override not working for the PerformanceProfile template
2028885 - Console should show an error context if it logs an error object
2028949 - Masthead dropdown item hover text color is incorrect
2028963 - Whereabouts should reconcile stranded IP addresses
2029034 - enabling ExternalCloudProvider leads to inoperative cluster
2029178 - Create VM with wizard - page is not displayed
2029181 - Missing CR from PGT
2029273 - wizard is not able to use if project field is "All Projects"
2029369 - Cypress tests github rate limit errors
2029371 - patch pipeline--worker nodes unexpectedly reboot during scale out
2029394 - missing empty text for hardware devices at wizard review
2029414 - Alibaba Disk snapshots with XFS filesystem cannot be used
2029416 - Alibaba Disk CSI driver does not use credentials provided by CCO / ccoctl
2029521 - EFS CSI driver cannot delete volumes under load
2029570 - Azure Stack Hub: CSI Driver does not use user-ca-bundle
2029579 - Clicking on an Application which has a Helm Release in it causes an error
2029644 - New resource FirmwareSchema - reset_required exists for Dell machines and doesn't for HPE
2029645 - Sync upstream 1.15.0 downstream
2029671 - VM action "pause" and "clone" should be disabled while VM disk is still being importing
2029742 - [ovn] Stale lr-policy-list and snat rules left for egressip
2029750 - cvo keep restart due to it fail to get feature gate value during the initial start stage
2029785 - CVO panic when an edge is included in both edges and conditionaledges
2029843 - Downstream ztp-site-generate-rhel8 4.10 container image missing content(/home/ztp)
2030003 - HFS CRD: Attempt to set Integer parameter to not-numeric string value - no error
2030029 - [4.10][goroutine]Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace
2030228 - Fix StorageSpec resources field to use correct API
2030229 - Mirroring status card reflect wrong data
2030240 - Hide overview page for non-privileged user
2030305 - Export App job do not completes
2030347 - kube-state-metrics exposes metrics about resource annotations
2030364 - Shared resource CSI driver monitoring is not setup correctly
2030488 - Numerous Azure CI jobs are Failing with Partially Rendered machinesets
2030534 - Node selector/tolerations rules are evaluated too early
2030539 - Prometheus is not highly available
2030556 - Don't display Description or Message fields for alerting rules if those annotations are missing
2030568 - Operator installation fails to parse operatorframework.io/initialization-resource annotation
2030574 - console service uses older "service.alpha.openshift.io" for the service serving certificates.
2030677 - BOND CNI: There is no option to configure MTU on a Bond interface
2030692 - NPE in PipelineJobListener.upsertWorkflowJob
2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
2030806 - CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error
2030847 - PerformanceProfile API version should be v2
2030961 - Customizing the OAuth server URL does not apply to upgraded cluster
2031006 - Application name input field is not autofocused when user selects "Create application"
2031012 - Services of type loadbalancer do not work if the traffic reaches the node from an interface different from br-ex
2031040 - Error screen when open topology sidebar for a Serverless / knative service which couldn't be started
2031049 - [vsphere upi] pod machine-config-operator cannot be started due to panic issue
2031057 - Topology sidebar for Knative services shows a small pod ring with "0 undefined" as tooltip
2031060 - Failing CSR Unit test due to expired test certificate
2031085 - ovs-vswitchd running more threads than expected
2031141 - Some pods not able to reach k8s api svc IP 198.223.0.1
2031228 - CVE-2021-43813 grafana: directory traversal vulnerability
2031502 - [RFE] New common templates crash the ui
2031685 - Duplicated forward upstreams should be removed from the dns operator
2031699 - The displayed ipv6 address of a dns upstream should be case sensitive
2031797 - [RFE] Order and text of Boot source type input are wrong
2031826 - CI tests needed to confirm driver-toolkit image contents
2031831 - OCP Console - Global CSS overrides affecting dynamic plugins
2031839 - Starting from Go 1.17 invalid certificates will render a cluster dysfunctional
2031858 - GCP beta-level Role (was: CCO occasionally down, reporting networksecurity.googleapis.com API as disabled)
2031875 - [RFE]: Provide online documentation for the SRO CRD (via oc explain)
2031926 - [ipv6dualstack] After SVC conversion from single stack only to RequireDualStack, cannot curl NodePort from the node itself
2032006 - openshift-gitops-application-controller-0 failed to schedule with sufficient node allocatable resource
2032111 - arm64 cluster, create project and deploy the example deployment, pod is CrashLoopBackOff due to the image is built on linux+amd64
2032141 - open the alertrule link in new tab, got empty page
2032179 - [PROXY] external dns pod cannot reach to cloud API in the cluster behind a proxy
2032296 - Cannot create machine with ephemeral disk on Azure
2032407 - UI will show the default openshift template wizard for HANA template
2032415 - Templates page - remove "support level" badge and add "support level" column which should not be hard coded
2032421 - [RFE] UI integration with automatic updated images
2032516 - Not able to import git repo with .devfile.yaml
2032521 - openshift-installer intermittent failure on AWS with "Error: Provider produced inconsistent result after apply" when creating the aws_vpc_dhcp_options_association resource
2032547 - hardware devices table have filter when table is empty
2032565 - Deploying compressed files with a MachineConfig resource degrades the MachineConfigPool
2032566 - Cluster-ingress-router does not support Azure Stack
2032573 - Adopting enforces deploy_kernel/ramdisk which does not work with deploy_iso
2032589 - DeploymentConfigs ignore resolve-names annotation
2032732 - Fix styling conflicts due to recent console-wide CSS changes
2032831 - Knative Services and Revisions are not shown when Service has no ownerReference
2032851 - Networking is "not available" in Virtualization Overview
2032926 - Machine API components should use K8s 1.23 dependencies
2032994 - AddressPool IP is not allocated to service external IP wtih aggregationLength 24
2032998 - Can not achieve 250 pods/node with OVNKubernetes in a multiple worker node cluster
2033013 - Project dropdown in user preferences page is broken
2033044 - Unable to change import strategy if devfile is invalid
2033098 - Conjunction in ProgressiveListFooter.tsx is not translatable
2033111 - IBM VPC operator library bump removed global CLI args
2033138 - "No model registered for Templates" shows on customize wizard
2033215 - Flaky CI: crud/other-routes.spec.ts fails sometimes with an cypress ace/a11y AssertionError: 1 accessibility violation was detected
2033239 - [IPI on Alibabacloud] 'openshift-install' gets the wrong region (‘cn-hangzhou’) selected
2033257 - unable to use configmap for helm charts
2033271 - [IPI on Alibabacloud] destroying cluster succeeded, but the resource group deletion wasn’t triggered
2033290 - Product builds for console are failing
2033382 - MAPO is missing machine annotations
2033391 - csi-driver-shared-resource-operator sets unused CVO-manifest annotations
2033403 - Devfile catalog does not show provider information
2033404 - Cloud event schema is missing source type and resource field is using wrong value
2033407 - Secure route data is not pre-filled in edit flow form
2033422 - CNO not allowing LGW conversion from SGW in runtime
2033434 - Offer darwin/arm64 oc in clidownloads
2033489 - CCM operator failing on baremetal platform
2033518 - [aws-efs-csi-driver]Should not accept invalid FSType in sc for AWS EFS driver
2033524 - [IPI on Alibabacloud] interactive installer cannot list existing base domains
2033536 - [IPI on Alibabacloud] bootstrap complains invalid value for alibabaCloud.resourceGroupID when updating "cluster-infrastructure-02-config.yml" status, which leads to bootstrap failed and all master nodes NotReady
2033538 - Gather Cost Management Metrics Custom Resource
2033579 - SRO cannot update the special-resource-lifecycle ConfigMap if the data field is undefined
2033587 - Flaky CI test project-dashboard.scenario.ts: Resource Quotas Card was not found on project detail page
2033634 - list-style-type: disc is applied to the modal dropdowns
2033720 - Update samples in 4.10
2033728 - Bump OVS to 2.16.0-33
2033729 - remove runtime request timeout restriction for azure
2033745 - Cluster-version operator makes upstream update service / Cincinnati requests more frequently than intended
2033749 - Azure Stack Terraform fails without Local Provider
2033750 - Local volume should pull multi-arch image for kube-rbac-proxy
2033751 - Bump kubernetes to 1.23
2033752 - make verify fails due to missing yaml-patch
2033784 - set kube-apiserver degraded=true if webhook matches a virtual resource
2034004 - [e2e][automation] add tests for VM snapshot improvements
2034068 - [e2e][automation] Enhance tests for 4.10 downstream
2034087 - [OVN] EgressIP was assigned to the node which is not egress node anymore
2034097 - [OVN] After edit EgressIP object, the status is not correct
2034102 - [OVN] Recreate the deleted EgressIP object got InvalidEgressIP warning
2034129 - blank page returned when clicking 'Get started' button
2034144 - [OVN AWS] ovn-kube egress IP monitoring cannot detect the failure on ovn-k8s-mp0
2034153 - CNO does not verify MTU migration for OpenShiftSDN
2034155 - [OVN-K] [Multiple External Gateways] Per pod SNAT is disabled
2034170 - Use function.knative.dev for Knative Functions related labels
2034190 - unable to add new VirtIO disks to VMs
2034192 - Prometheus fails to insert reporting metrics when the sample limit is met
2034243 - regular user cant load template list
2034245 - installing a cluster on aws, gcp always fails with "Error: Incompatible provider version"
2034248 - GPU/Host device modal is too small
2034257 - regular user `Create VM` missing permissions alert
2034285 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial]
2034287 - do not block upgrades if we can't create storageclass in 4.10 in vsphere
2034300 - Du validator policy is NonCompliant after DU configuration completed
2034319 - Negation constraint is not validating packages
2034322 - CNO doesn't pick up settings required when ExternalControlPlane topology
2034350 - The CNO should implement the Whereabouts IP reconciliation cron job
2034362 - update description of disk interface
2034398 - The Whereabouts IPPools CRD should include the podref field
2034409 - Default CatalogSources should be pointing to 4.10 index images
2034410 - Metallb BGP, BFD: prometheus is not scraping the frr metrics
2034413 - cloud-network-config-controller fails to init with secret "cloud-credentials" not found in manual credential mode
2034460 - Summary: cloud-network-config-controller does not account for different environment
2034474 - Template's boot source is "Unknown source" before and after set enableCommonBootImageImport to true
2034477 - [OVN] Multiple EgressIP objects configured, EgressIPs weren't working properly
2034493 - Change cluster version operator log level
2034513 - [OVN] After update one EgressIP in EgressIP object, one internal IP lost from lr-policy-list
2034527 - IPI deployment fails 'timeout reached while inspecting the node' when provisioning network ipv6
2034528 - [IBM VPC] volumeBindingMode should be WaitForFirstConsumer
2034534 - Update ose-machine-api-provider-openstack images to be consistent with ART
2034537 - Update team
2034559 - KubeAPIErrorBudgetBurn firing outside recommended latency thresholds
2034563 - [Azure] create machine with wrong ephemeralStorageLocation value success
2034577 - Current OVN gateway mode should be reflected on node annotation as well
2034621 - context menu not popping up for application group
2034622 - Allow volume expansion by default in vsphere CSI storageclass 4.10
2034624 - Warn about unsupported CSI driver in vsphere operator
2034647 - missing volumes list in snapshot modal
2034648 - Rebase openshift-controller-manager to 1.23
2034650 - Rebase openshift/builder to 1.23
2034705 - vSphere: storage e2e tests logging configuration data
2034743 - EgressIP: assigning the same egress IP to a second EgressIP object after a ovnkube-master restart does not fail.
2034766 - Special Resource Operator(SRO) - no cert-manager pod created in dual stack environment
2034785 - ptpconfig with summary_interval cannot be applied
2034823 - RHEL9 should be starred in template list
2034838 - An external router can inject routes if no service is added
2034839 - Jenkins sync plugin does not synchronize ConfigMap having label role=jenkins-agent
2034879 - Lifecycle hook's name and owner shouldn't be allowed to be empty
2034881 - Cloud providers components should use K8s 1.23 dependencies
2034884 - ART cannot build the image because it tries to download controller-gen
2034889 - `oc adm prune deployments` does not work
2034898 - Regression in recently added Events feature
2034957 - update openshift-apiserver to kube 1.23.1
2035015 - ClusterLogForwarding CR remains stuck remediating forever
2035093 - openshift-cloud-network-config-controller never runs on Hypershift cluster
2035141 - [RFE] Show GPU/Host devices in template's details tab
2035146 - "kubevirt-plugin~PVC cannot be empty" shows on add-disk modal while adding existing PVC
2035167 - [cloud-network-config-controller] unable to deleted cloudprivateipconfig when deleting
2035199 - IPv6 support in mtu-migration-dispatcher.yaml
2035239 - e2e-metal-ipi-virtualmedia tests are permanently failing
2035250 - Peering with ebgp peer over multi-hops doesn't work
2035264 - [RFE] Provide a proper message for nonpriv user who not able to add PCI devices
2035315 - invalid test cases for AWS passthrough mode
2035318 - Upgrade management workflow needs to allow custom upgrade graph path for disconnected env
2035321 - Add Sprint 211 translations
2035326 - [ExternalCloudProvider] installation with additional network on workers fails
2035328 - Ccoctl does not ignore credentials request manifest marked for deletion
2035333 - Kuryr orphans ports on 504 errors from Neutron
2035348 - Fix two grammar issues in kubevirt-plugin.json strings
2035393 - oc set data --dry-run=server makes persistent changes to configmaps and secrets
2035409 - OLM E2E test depends on operator package that's no longer published
2035439 - SDN Automatic assignment EgressIP on GCP returned node IP adress not egressIP address
2035453 - [IPI on Alibabacloud] 2 worker machines stuck in Failed phase due to connection to 'ecs-cn-hangzhou.aliyuncs.com' timeout, although the specified region is 'us-east-1'
2035454 - [IPI on Alibabacloud] the OSS bucket created during installation for image registry is not deleted after destroying the cluster
2035467 - UI: Queried metrics can't be ordered on Oberve->Metrics page
2035494 - [SDN Migration]ovnkube-node pods CrashLoopBackOff after sdn migrated to ovn for RHEL workers
2035515 - [IBMCLOUD] allowVolumeExpansion should be true in storage class
2035602 - [e2e][automation] add tests for Virtualization Overview page cards
2035703 - Roles -> RoleBindings tab doesn't show RoleBindings correctly
2035704 - RoleBindings list page filter doesn't apply
2035705 - Azure 'Destroy cluster' get stuck when the cluster resource group is already not existing.
2035757 - [IPI on Alibabacloud] one master node turned NotReady which leads to installation failed
2035772 - AccessMode and VolumeMode is not reserved for customize wizard
2035847 - Two dashes in the Cronjob / Job pod name
2035859 - the output of opm render doesn't contain olm.constraint which is defined in dependencies.yaml
2035882 - [BIOS setting values] Create events for all invalid settings in spec
2035903 - One redundant capi-operator credential requests in “oc adm extract --credentials-requests”
2035910 - [UI] Manual approval options are missing after ODF 4.10 installation starts when Manual Update approval is chosen
2035927 - Cannot enable HighNodeUtilization scheduler profile
2035933 - volume mode and access mode are empty in customize wizard review tab
2035969 - "ip a " shows "Error: Peer netns reference is invalid" after create test pods
2035986 - Some pods under kube-scheduler/kube-controller-manager are using the deprecated annotation
2036006 - [BIOS setting values] Attempt to set Integer parameter results in preparation error
2036029 - New added cloud-network-config operator doesn’t supported aws sts format credential
2036096 - [azure-file-csi-driver] there are no e2e tests for NFS backend
2036113 - cluster scaling new nodes ovs-configuration fails on all new nodes
2036567 - [csi-driver-nfs] Upstream merge: Bump k8s libraries to 1.23
2036569 - [cloud-provider-openstack] Upstream merge: Bump k8s libraries to 1.23
2036577 - OCP 4.10 nightly builds from 4.10.0-0.nightly-s390x-2021-12-18-034912 to 4.10.0-0.nightly-s390x-2022-01-11-233015 fail to upgrade from OCP 4.9.11 and 4.9.12 for network type OVNKubernetes for zVM hypervisor environments
2036622 - sdn-controller crashes when restarted while a previous egress IP assignment exists
2036717 - Valid AlertmanagerConfig custom resource with valid a mute time interval definition is rejected
2036826 - `oc adm prune deployments` can prune the RC/RS
2036827 - The ccoctl still accepts CredentialsRequests without ServiceAccounts on GCP platform
2036861 - kube-apiserver is degraded while enable multitenant
2036937 - Command line tools page shows wrong download ODO link
2036940 - oc registry login fails if the file is empty or stdout
2036951 - [cluster-csi-snapshot-controller-operator] proxy settings is being injected in container
2036989 - Route URL copy to clipboard button wraps to a separate line by itself
2036990 - ZTP "DU Done inform policy" never becomes compliant on multi-node clusters
2036993 - Machine API components should use Go lang version 1.17
2037036 - The tuned profile goes into degraded status and ksm.service is displayed in the log.
2037061 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cluster-api
2037073 - Alertmanager container fails to start because of startup probe never being successful
2037075 - Builds do not support CSI volumes
2037167 - Some log level in ibm-vpc-block-csi-controller are hard code
2037168 - IBM-specific Deployment manifest for package-server-manager should be excluded on non-IBM cluster-profiles
2037182 - PingSource badge color is not matched with knativeEventing color
2037203 - "Running VMs" card is too small in Virtualization Overview
2037209 - [IPI on Alibabacloud] worker nodes are put in the default resource group unexpectedly
2037237 - Add "This is a CD-ROM boot source" to customize wizard
2037241 - default TTL for noobaa cache buckets should be 0
2037246 - Cannot customize auto-update boot source
2037276 - [IBMCLOUD] vpc-node-label-updater may fail to label nodes appropriately
2037288 - Remove stale image reference
2037331 - Ensure the ccoctl behaviors are similar between aws and gcp on the existing resources
2037483 - Rbacs for Pods within the CBO should be more restrictive
2037484 - Bump dependencies to k8s 1.23
2037554 - Mismatched wave number error message should include the wave numbers that are in conflict
2037622 - [4.10-Alibaba CSI driver][Restore size for volumesnapshot/volumesnapshotcontent is showing as 0 in Snapshot feature for Alibaba platform]
2037635 - impossible to configure custom certs for default console route in ingress config
2037637 - configure custom certificate for default console route doesn't take effect for OCP >= 4.8
2037638 - Builds do not support CSI volumes as volume sources
2037664 - text formatting issue in Installed Operators list table
2037680 - [IPI on Alibabacloud] sometimes operator 'cloud-controller-manager' tells empty VERSION, due to conflicts on listening tcp :8080
2037689 - [IPI on Alibabacloud] sometimes operator 'cloud-controller-manager' tells empty VERSION, due to conflicts on listening tcp :8080
2037801 - Serverless installation is failing on CI jobs for e2e tests
2037813 - Metal Day 1 Networking - networkConfig Field Only Accepts String Format
2037856 - use lease for leader election
2037891 - 403 Forbidden error shows for all the graphs in each grafana dashboard after upgrade from 4.9 to 4.10
2037903 - Alibaba Cloud: delete-ram-user requires the credentials-requests
2037904 - upgrade operator deployment failed due to memory limit too low for manager container
2038021 - [4.10-Alibaba CSI driver][Default volumesnapshot class is not added/present after successful cluster installation]
2038034 - non-privileged user cannot see auto-update boot source
2038053 - Bump dependencies to k8s 1.23
2038088 - Remove ipa-downloader references
2038160 - The `default` project missed the annotation : openshift.io/node-selector: ""
2038166 - Starting from Go 1.17 invalid certificates will render a cluster non-functional
2038196 - must-gather is missing collecting some metal3 resources
2038240 - Error when configuring a file using permissions bigger than decimal 511 (octal 0777)
2038253 - Validator Policies are long lived
2038272 - Failures to build a PreprovisioningImage are not reported
2038384 - Azure Default Instance Types are Incorrect
2038389 - Failing test: [sig-arch] events should not repeat pathologically
2038412 - Import page calls the git file list unnecessarily twice from GitHub/GitLab/Bitbucket
2038465 - Upgrade chromedriver to 90.x to support Mac M1 chips
2038481 - kube-controller-manager-guard and openshift-kube-scheduler-guard pods being deleted and restarted on a cordoned node when drained
2038596 - Auto egressIP for OVN cluster on GCP: After egressIP object is deleted, egressIP still takes effect
2038663 - update kubevirt-plugin OWNERS
2038691 - [AUTH-8] Panic on user login when the user belongs to a group in the IdP side and the group already exists via "oc adm groups new"
2038705 - Update ptp reviewers
2038761 - Open Observe->Targets page, wait for a while, page become blank
2038768 - All the filters on the Observe->Targets page can't work
2038772 - Some monitors failed to display on Observe->Targets page
2038793 - [SDN EgressIP] After reboot egress node, the egressip was lost from egress node
2038827 - should add user containers in /etc/subuid and /etc/subgid to support run pods in user namespaces
2038832 - New templates for centos stream8 are missing registry suggestions in create vm wizard
2038840 - [SDN EgressIP]cloud-network-config-controller pod was CrashLoopBackOff after some operation
2038864 - E2E tests fail because multi-hop-net was not created
2038879 - All Builds are getting listed in DeploymentConfig under workloads on OpenShift Console
2038934 - CSI driver operators should use the trusted CA bundle when cluster proxy is configured
2038968 - Move feature gates from a carry patch to openshift/api
2039056 - Layout issue with breadcrumbs on API explorer page
2039057 - Kind column is not wide enough in API explorer page
2039064 - Bulk Import e2e test flaking at a high rate
2039065 - Diagnose and fix Bulk Import e2e test that was previously disabled
2039085 - Cloud credential operator configuration failing to apply in hypershift/ROKS clusters
2039099 - [OVN EgressIP GCP] After reboot egress node, egressip that was previously assigned got lost
2039109 - [FJ OCP4.10 Bug]: startironic.sh failed to pull the image of image-customization container when behind a proxy
2039119 - CVO hotloops on Service openshift-monitoring/cluster-monitoring-operator
2039170 - [upgrade]Error shown on registry operator "missing the cloud-provider-config configmap" after upgrade
2039227 - Improve image customization server parameter passing during installation
2039241 - Improve image customization server parameter passing during installation
2039244 - Helm Release revision history page crashes the UI
2039294 - SDN controller metrics cannot be consumed correctly by prometheus
2039311 - oc Does Not Describe Build CSI Volumes
2039315 - Helm release list page should only fetch secrets for deployed charts
2039321 - SDN controller metrics are not being consumed by prometheus
2039330 - Create NMState button doesn't work in OperatorHub web console
2039339 - cluster-ingress-operator should report Unupgradeable if user has modified the aws resources annotations
2039345 - CNO does not verify the minimum MTU value for IPv6/dual-stack clusters.
2039359 - `oc adm prune deployments` can't prune the RS where the associated Deployment no longer exists
2039382 - gather_metallb_logs does not have execution permission
2039406 - logout from rest session after vsphere operator sync is finished
2039408 - Add GCP region northamerica-northeast2 to allowed regions
2039414 - Cannot see the weights increased for NodeAffinity, InterPodAffinity, TaintandToleration
2039425 - No need to set KlusterletAddonConfig CR applicationManager->enabled: true in RAN ztp deployment
2039491 - oc - git:// protocol used in unit tests
2039516 - Bump OVN to ovn21.12-21.12.0-25
2039529 - Project Dashboard Resource Quotas Card empty state test flaking at a high rate
2039534 - Diagnose and fix Project Dashboard Resource Quotas Card test that was previously disabled
2039541 - Resolv-prepender script duplicating entries
2039586 - [e2e] update centos8 to centos stream8
2039618 - VM created from SAP HANA template leads to 404 page if leave one network parameter empty
2039619 - [AWS] In tree provisioner storageclass aws disk type should contain 'gp3' and csi provisioner storageclass default aws disk type should be 'gp3'
2039670 - Create PDBs for control plane components
2039678 - Page goes blank when create image pull secret
2039689 - [IPI on Alibabacloud] Pay-by-specification NAT is no longer supported
2039743 - React missing key warning when open operator hub detail page (and maybe others as well)
2039756 - React missing key warning when open KnativeServing details
2039770 - Observe dashboard doesn't react on time-range changes after browser reload when perspective is changed in another tab
2039776 - Observe dashboard shows nothing if the URL links to an non existing dashboard
2039781 - [GSS] OBC is not visible by admin of a Project on Console
2039798 - Contextual binding with Operator backed service creates visual connector instead of Service binding connector
2039868 - Insights Advisor widget is not in the disabled state when the Insights Operator is disabled
2039880 - Log level too low for control plane metrics
2039919 - Add E2E test for router compression feature
2039981 - ZTP for standard clusters installs stalld on master nodes
2040132 - Flag --port has been deprecated, This flag has no effect now and will be removed in v1.24. You can use --secure-port instead
2040136 - external-dns-operator pod keeps restarting and reports error: timed out waiting for cache to be synced
2040143 - [IPI on Alibabacloud] suggest to remove region "cn-nanjing" or provide better error message
2040150 - Update ConfigMap keys for IBM HPCS
2040160 - [IPI on Alibabacloud] installation fails when region does not support pay-by-bandwidth
2040285 - Bump build-machinery-go for console-operator to pickup change in yaml-patch repository
2040357 - bump OVN to ovn-2021-21.12.0-11.el8fdp
2040376 - "unknown instance type" error for supported m6i.xlarge instance
2040394 - Controller: enqueue the failed configmap till services update
2040467 - Cannot build ztp-site-generator container image
2040504 - Change AWS EBS GP3 IOPS in MachineSet doesn't take affect in OpenShift 4
2040521 - RouterCertsDegraded certificate could not validate route hostname v4-0-config-system-custom-router-certs.apps
2040535 - Auto-update boot source is not available in customize wizard
2040540 - ovs hardware offload: ovsargs format error when adding vf netdev name
2040603 - rhel worker scaleup playbook failed because missing some dependency of podman
2040616 - rolebindings page doesn't load for normal users
2040620 - [MAPO] Error pulling MAPO image on installation
2040653 - Topology sidebar warns that another component is updated while rendering
2040655 - User settings update fails when selecting application in topology sidebar
2040661 - Different react warnings about updating state on unmounted components when leaving topology
2040670 - Permafailing CI job: periodic-ci-openshift-release-master-nightly-4.10-e2e-gcp-libvirt-cert-rotation
2040671 - [Feature:IPv6DualStack] most tests are failing in dualstack ipi
2040694 - Three upstream HTTPClientConfig struct fields missing in the operator
2040705 - Du policy for standard cluster runs the PTP daemon on masters and workers
2040710 - cluster-baremetal-operator cannot update BMC subscription CR
2040741 - Add CI test(s) to ensure that metal3 components are deployed in vSphere, OpenStack and None platforms
2040782 - Import YAML page blocks input with more then one generateName attribute
2040783 - The Import from YAML summary page doesn't show the resource name if created via generateName attribute
2040791 - Default PGT policies must be 'inform' to integrate with the Lifecycle Operator
2040793 - Fix snapshot e2e failures
2040880 - do not block upgrades if we can't connect to vcenter
2041087 - MetalLB: MetalLB CR is not upgraded automatically from 4.9 to 4.10
2041093 - autounattend.xml missing
2041204 - link to templates in virtualization-cluster-overview inventory card is to all templates
2041319 - [IPI on Alibabacloud] installation in region "cn-shanghai" failed, due to "Resource alicloud_vswitch CreateVSwitch Failed...InvalidCidrBlock.Overlapped"
2041326 - Should bump cluster-kube-descheduler-operator to kubernetes version V1.23
2041329 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cloud-network-config-controller
2041361 - [IPI on Alibabacloud] Disable session persistence and removebBandwidth peak of listener
2041441 - Provision volume with size 3000Gi even if sizeRange: '[10-2000]GiB' in storageclass on IBM cloud
2041466 - Kubedescheduler version is missing from the operator logs
2041475 - React components should have a (mostly) unique name in react dev tools to simplify code analyses
2041483 - MetallB: quay.io/openshift/origin-kube-rbac-proxy:4.10 deploy Metallb CR is missing (controller and speaker pods)
2041492 - Spacing between resources in inventory card is too small
2041509 - GCP Cloud provider components should use K8s 1.23 dependencies
2041510 - cluster-baremetal-operator doesn't run baremetal-operator's subscription webhook
2041541 - audit: ManagedFields are dropped using API not annotation
2041546 - ovnkube: set election timer at RAFT cluster creation time
2041554 - use lease for leader election
2041581 - KubeDescheduler operator log shows "Use of insecure cipher detected"
2041583 - etcd and api server cpu mask interferes with a guaranteed workload
2041598 - Including CA bundle in Azure Stack cloud config causes MCO failure
2041605 - Dynamic Plugins: discrepancy in proxy alias documentation/implementation
2041620 - bundle CSV alm-examples does not parse
2041641 - Fix inotify leak and kubelet retaining memory
2041671 - Delete templates leads to 404 page
2041694 - [IPI on Alibabacloud] installation fails when region does not support the cloud_essd disk category
2041734 - ovs hwol: VFs are unbind when switchdev mode is enabled
2041750 - [IPI on Alibabacloud] trying "create install-config" with region "cn-wulanchabu (China (Ulanqab))" (or "ap-southeast-6 (Philippines (Manila))", "cn-guangzhou (China (Guangzhou))") failed due to invalid endpoint
2041763 - The Observe > Alerting pages no longer have their default sort order applied
2041830 - CI: ovn-kubernetes-master-e2e-aws-ovn-windows is broken
2041854 - Communities / Local prefs are applied to all the services regardless of the pool, and only one community is applied
2041882 - cloud-network-config operator can't work normal on GCP workload identity cluster
2041888 - Intermittent incorrect build to run correlation, leading to run status updates applied to wrong build, builds stuck in non-terminal phases
2041926 - [IPI on Alibabacloud] Installer ignores public zone when it does not exist
2041971 - [vsphere] Reconciliation of mutating webhooks didn't happen
2041989 - CredentialsRequest manifests being installed for ibm-cloud-managed profile
2041999 - [PROXY] external dns pod cannot recognize custom proxy CA
2042001 - unexpectedly found multiple load balancers
2042029 - kubedescheduler fails to install completely
2042036 - [IBMCLOUD] "openshift-install explain installconfig.platform.ibmcloud" contains not yet supported custom vpc parameters
2042049 - Seeing warning related to unrecognized feature gate in kubescheduler & KCM logs
2042059 - update discovery burst to reflect lots of CRDs on openshift clusters
2042069 - Revert toolbox to rhcos-toolbox
2042169 - Can not delete egressnetworkpolicy in Foreground propagation
2042181 - MetalLB: User should not be allowed add same bgp advertisement twice in BGP address pool
2042265 - [IBM]"--scale-down-utilization-threshold" doesn't work on IBMCloud
2042274 - Storage API should be used when creating a PVC
2042315 - Baremetal IPI deployment with IPv6 control plane and disabled provisioning network fails as the nodes do not pass introspection
2042366 - Lifecycle hooks should be independently managed
2042370 - [IPI on Alibabacloud] installer panics when the zone does not have an enhanced NAT gateway
2042382 - [e2e][automation] CI takes more then 2 hours to run
2042395 - Add prerequisites for active health checks test
2042438 - Missing rpms in openstack-installer image
2042466 - Selection does not happen when switching from Topology Graph to List View
2042493 - No way to verify if IPs with leading zeros are still valid in the apiserver
2042567 - insufficient info on CodeReady Containers configuration
2042600 - Alone, the io.kubernetes.cri-o.Devices option poses a security risk
2042619 - Overview page of the console is broken for hypershift clusters
2042655 - [IPI on Alibabacloud] cluster becomes unusable if there is only one kube-apiserver pod running
2042711 - [IBMCloud] Machine Deletion Hook cannot work on IBMCloud
2042715 - [AliCloud] Machine Deletion Hook cannot work on AliCloud
2042770 - [IPI on Alibabacloud] with vpcID & vswitchIDs specified, the installer would still try creating NAT gateway unexpectedly
2042829 - Topology performance: HPA was fetched for each Deployment (Pod Ring)
2042851 - Create template from SAP HANA template flow - VM is created instead of a new template
2042906 - Edit machineset with same machine deletion hook name succeed
2042960 - azure-file CI fails with "gid(0) in storageClass and pod fsgroup(1000) are not equal"
2043003 - [IPI on Alibabacloud] 'destroy cluster' of a failed installation (bug2041694) stuck after 'stage=Nat gateways'
2043042 - [Serial] [sig-auth][Feature:OAuthServer] [RequestHeaders] [IdP] test RequestHeaders IdP [Suite:openshift/conformance/serial]
2043043 - Cluster Autoscaler should use K8s 1.23 dependencies
2043064 - Topology performance: Unnecessary rerenderings in topology nodes (unchanged mobx props)
2043078 - Favorite system projects not visible in the project selector after toggling "Show default projects".
2043117 - Recommended operators links are erroneously treated as external
2043130 - Update CSI sidecars to the latest release for 4.10
2043234 - Missing validation when creating several BGPPeers with the same peerAddress
2043240 - Sync openshift/descheduler with sigs.k8s.io/descheduler
2043254 - crio does not bind the security profiles directory
2043296 - Ignition fails when reusing existing statically-keyed LUKS volume
2043297 - [4.10] Bootimage bump tracker
2043316 - RHCOS VM fails to boot on Nutanix AOS
2043446 - Rebase aws-efs-utils to the latest upstream version.
2043556 - Add proper ci-operator configuration to ironic and ironic-agent images
2043577 - DPU network operator
2043651 - Fix bug with exp. backoff working correcly when setting nextCheck in vsphere operator
2043675 - Too many machines deleted by cluster autoscaler when scaling down
2043683 - Revert bug 2039344 Ignoring IPv6 addresses against etcd cert validation
2043709 - Logging flags no longer being bound to command line
2043721 - Installer bootstrap hosts using outdated kubelet containing bugs
2043731 - [IBMCloud] terraform outputs missing for ibmcloud bootstrap and worker ips for must-gather
2043759 - Bump cluster-ingress-operator to k8s.io/api 1.23
2043780 - Bump router to k8s.io/api 1.23
2043787 - Bump cluster-dns-operator to k8s.io/api 1.23
2043801 - Bump CoreDNS to k8s.io/api 1.23
2043802 - EgressIP stopped working after single egressIP for a netnamespace is switched to the other node of HA pair after the first egress node is shutdown
2043961 - [OVN-K] If pod creation fails, retry doesn't work as expected.
2044201 - Templates golden image parameters names should be supported
2044244 - Builds are failing after upgrading the cluster with builder image [jboss-webserver-5/jws56-openjdk8-openshift-rhel8]
2044248 - [IBMCloud][vpc.block.csi.ibm.io]Cluster common user use the storageclass without parameter “csi.storage.k8s.io/fstype” create pvc,pod successfully but write data to the pod's volume failed of "Permission denied"
2044303 - [ovn][cloud-network-config-controller] cloudprivateipconfigs ips were left after deleting egressip objects
2044347 - Bump to kubernetes 1.23.3
2044481 - collect sharedresource cluster scoped instances with must-gather
2044496 - Unable to create hardware events subscription - failed to add finalizers
2044628 - CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
2044680 - Additional libovsdb performance and resource consumption fixes
2044704 - Observe > Alerting pages should not show runbook links in 4.10
2044717 - [e2e] improve tests for upstream test environment
2044724 - Remove namespace column on VM list page when a project is selected
2044745 - Upgrading cluster from 4.9 to 4.10 on Azure (ARO) causes the cloud-network-config-controller pod to CrashLoopBackOff
2044808 - machine-config-daemon-pull.service: use `cp` instead of `cat` when extracting MCD in OKD
2045024 - CustomNoUpgrade alerts should be ignored
2045112 - vsphere-problem-detector has missing rbac rules for leases
2045199 - SnapShot with Disk Hot-plug hangs
2045561 - Cluster Autoscaler should use the same default Group value as Cluster API
2045591 - Reconciliation of aws pod identity mutating webhook did not happen
2045849 - Add Sprint 212 translations
2045866 - MCO Operator pod spam "Error creating event" warning messages in 4.10
2045878 - Sync upstream 1.16.0 downstream; includes hybrid helm plugin
2045916 - [IBMCloud] Default machine profile in installer is unreliable
2045927 - [FJ OCP4.10 Bug]: Podman failed to pull the IPA image due to the loss of proxy environment
2046025 - [IPI on Alibabacloud] pre-configured alicloud DNS private zone is deleted after destroying cluster, please clarify
2046137 - oc output for unknown commands is not human readable
2046296 - When creating multiple consecutive egressIPs on GCP not all of them get assigned to the instance
2046297 - Bump DB reconnect timeout
2046517 - In Notification drawer, the "Recommendations" header shows when there isn't any recommendations
2046597 - Observe > Targets page may show the wrong service monitor is multiple monitors have the same namespace & label selectors
2046626 - Allow setting custom metrics for Ansible-based Operators
2046683 - [AliCloud]"--scale-down-utilization-threshold" doesn't work on AliCloud
2047025 - Installation fails because of Alibaba CSI driver operator is degraded
2047190 - Bump Alibaba CSI driver for 4.10
2047238 - When using communities and localpreferences together, only localpreference gets applied
2047255 - alibaba: resourceGroupID not found
2047258 - [aws-usgov] fatal error occurred if AMI is not provided for AWS GovCloud regions
2047317 - Update HELM OWNERS files under Dev Console
2047455 - [IBM Cloud] Update custom image os type
2047496 - Add image digest feature
2047779 - do not degrade cluster if storagepolicy creation fails
2047927 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used
2047929 - use lease for leader election
2047975 - [sig-network][Feature:Router] The HAProxy router should override the route host for overridden domains with a custom value [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
2048046 - New route annotation to show another URL or hide topology URL decorator doesn't work for Knative Services
2048048 - Application tab in User Preferences dropdown menus are too wide.
2048050 - Topology list view items are not highlighted on keyboard navigation
2048117 - [IBM]Shouldn't change status.storage.bucket and status.storage.resourceKeyCRN when update sepc.stroage,ibmcos with invalid value
2048413 - Bond CNI: Failed to attach Bond NAD to pod
2048443 - Image registry operator panics when finalizes config deletion
2048478 - [alicloud] CCM deploys alibaba-cloud-controller-manager from quay.io/openshift/origin-*
2048484 - SNO: cluster-policy-controller failed to start due to missing serving-cert/tls.crt
2048598 - Web terminal view is broken
2048836 - ovs-configure mis-detecting the ipv6 status on IPv4 only cluster causing Deployment failure
2048891 - Topology page is crashed
2049003 - 4.10: [IBMCloud] ibm-vpc-block-csi-node does not specify an update strategy, only resource requests, or priority class
2049043 - Cannot create VM from template
2049156 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used
2049886 - Placeholder bug for OCP 4.10.0 metadata release
2049890 - Warning annotation for pods with cpu requests or limits on single-node OpenShift cluster without workload partitioning
2050189 - [aws-efs-csi-driver] Merge upstream changes since v1.3.2
2050190 - [aws-ebs-csi-driver] Merge upstream changes since v1.2.0
2050227 - Installation on PSI fails with: 'openstack platform does not have the required standard-attr-tag network extension'
2050247 - Failing test in periodics: [sig-network] Services should respect internalTrafficPolicy=Local Pod and Node, to Pod (hostNetwork: true) [Feature:ServiceInternalTrafficPolicy] [Skipped:Network/OVNKubernetes] [Suite:openshift/conformance/parallel] [Suite:k8s]
2050250 - Install fails to bootstrap, complaining about DefragControllerDegraded and sad members
2050310 - ContainerCreateError when trying to launch large (>500) numbers of pods across nodes
2050370 - alert data for burn budget needs to be updated to prevent regression
2050393 - ZTP missing support for local image registry and custom machine config
2050557 - Can not push images to image-registry when enabling KMS encryption in AlibabaCloud
2050737 - Remove metrics and events for master port offsets
2050801 - Vsphere upi tries to access vsphere during manifests generation phase
2050883 - Logger object in LSO does not log source location accurately
2051692 - co/image-registry is degrade because ImagePrunerDegraded: Job has reached the specified backoff limit
2052062 - Whereabouts should implement client-go 1.22+
2052125 - [4.10] Crio appears to be coredumping in some scenarios
2052210 - [aws-c2s] kube-apiserver crashloops due to missing cloud config
2052339 - Failing webhooks will block an upgrade to 4.10 mid-way through the upgrade.
2052458 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests
2052598 - kube-scheduler should use configmap lease
2052599 - kube-controller-manger should use configmap lease
2052600 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh
2052609 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid
2052611 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop
2052612 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set.
2052644 - Infinite OAuth redirect loop post-upgrade to 4.10.0-rc.1
2052666 - [4.10.z] change gitmodules to rhcos-4.10 branch
2052756 - [4.10] PVs are not being cleaned up after PVC deletion
2053175 - oc adm catalog mirror throws 'missing signature key' error when using file://local/index
2053218 - ImagePull fails with error "unable to pull manifest from example.com/busy.box:v5 invalid reference format"
2053252 - Sidepanel for Connectors/workloads in topology shows invalid tabs
2053268 - inability to detect static lifecycle failure
2053314 - requestheader IDP test doesn't wait for cleanup, causing high failure rates
2053323 - OpenShift-Ansible BYOH Unit Tests are Broken
2053339 - Remove dev preview badge from IBM FlashSystem deployment windows
2053751 - ztp-site-generate container is missing convenience entrypoint
2053945 - [4.10] Failed to apply sriov policy on intel nics
2054109 - Missing "app" label
2054154 - RoleBinding in project without subject is causing "Project access" page to fail
2054244 - Latest pipeline run should be listed on the top of the pipeline run list
2054288 - console-master-e2e-gcp-console is broken
2054562 - DPU network operator 4.10 branch need to sync with master
2054897 - Unable to deploy hw-event-proxy operator
2055193 - e2e-metal-ipi-serial-ovn-ipv6 is failing frequently
2055358 - Summary Interval Hardcoded in PTP Operator if Set in the Global Body Instead of Command Line
2055371 - Remove Check which enforces summary_interval must match logSyncInterval
2055689 - [ibm]Operator storage PROGRESSING and DEGRADED is true during fresh install for ocp4.11
2055894 - CCO mint mode will not work for Azure after sunsetting of Active Directory Graph API
2056441 - AWS EFS CSI driver should use the trusted CA bundle when cluster proxy is configured
2056479 - ovirt-csi-driver-node pods are crashing intermittently
2056572 - reconcilePrecaching error: cannot list resource "clusterserviceversions" in API group "operators.coreos.com" at the cluster scope"
2056629 - [4.10] EFS CSI driver can't unmount volumes with "wait: no child processes"
2056878 - (dummy bug) ovn-kubernetes ExternalTrafficPolicy still SNATs
2056928 - Ingresscontroller LB scope change behaviour differs for different values of aws-load-balancer-internal annotation
2056948 - post 1.23 rebase: regression in service-load balancer reliability
2057438 - Service Level Agreement (SLA) always show 'Unknown'
2057721 - Fix Proxy support in RHACM 2.4.2
2057724 - Image creation fails when NMstateConfig CR is empty
2058641 - [4.10] Pod density test causing problems when using kube-burner
2059761 - 4.9.23-s390x-machine-os-content manifest invalid when mirroring content for disconnected install
2060610 - Broken access to public images: Unable to connect to the server: no basic auth credentials
2060956 - service domain can't be resolved when networkpolicy is used in OCP 4.10-rc
5. References:
https://access.redhat.com/security/cve/CVE-2014-3577
https://access.redhat.com/security/cve/CVE-2016-10228
https://access.redhat.com/security/cve/CVE-2017-14502
https://access.redhat.com/security/cve/CVE-2018-20843
https://access.redhat.com/security/cve/CVE-2018-1000858
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-9169
https://access.redhat.com/security/cve/CVE-2019-13050
https://access.redhat.com/security/cve/CVE-2019-13627
https://access.redhat.com/security/cve/CVE-2019-14889
https://access.redhat.com/security/cve/CVE-2019-15903
https://access.redhat.com/security/cve/CVE-2019-19906
https://access.redhat.com/security/cve/CVE-2019-20454
https://access.redhat.com/security/cve/CVE-2019-20807
https://access.redhat.com/security/cve/CVE-2019-25013
https://access.redhat.com/security/cve/CVE-2020-1730
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-8927
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-9952
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-13434
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-15358
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/cve/CVE-2020-25660
https://access.redhat.com/security/cve/CVE-2020-25677
https://access.redhat.com/security/cve/CVE-2020-27618
https://access.redhat.com/security/cve/CVE-2020-27781
https://access.redhat.com/security/cve/CVE-2020-29361
https://access.redhat.com/security/cve/CVE-2020-29362
https://access.redhat.com/security/cve/CVE-2020-29363
https://access.redhat.com/security/cve/CVE-2021-3121
https://access.redhat.com/security/cve/CVE-2021-3326
https://access.redhat.com/security/cve/CVE-2021-3449
https://access.redhat.com/security/cve/CVE-2021-3450
https://access.redhat.com/security/cve/CVE-2021-3516
https://access.redhat.com/security/cve/CVE-2021-3517
https://access.redhat.com/security/cve/CVE-2021-3518
https://access.redhat.com/security/cve/CVE-2021-3520
https://access.redhat.com/security/cve/CVE-2021-3521
https://access.redhat.com/security/cve/CVE-2021-3537
https://access.redhat.com/security/cve/CVE-2021-3541
https://access.redhat.com/security/cve/CVE-2021-3733
https://access.redhat.com/security/cve/CVE-2021-3749
https://access.redhat.com/security/cve/CVE-2021-20305
https://access.redhat.com/security/cve/CVE-2021-21684
https://access.redhat.com/security/cve/CVE-2021-22946
https://access.redhat.com/security/cve/CVE-2021-22947
https://access.redhat.com/security/cve/CVE-2021-25215
https://access.redhat.com/security/cve/CVE-2021-27218
https://access.redhat.com/security/cve/CVE-2021-30666
https://access.redhat.com/security/cve/CVE-2021-30761
https://access.redhat.com/security/cve/CVE-2021-30762
https://access.redhat.com/security/cve/CVE-2021-33928
https://access.redhat.com/security/cve/CVE-2021-33929
https://access.redhat.com/security/cve/CVE-2021-33930
https://access.redhat.com/security/cve/CVE-2021-33938
https://access.redhat.com/security/cve/CVE-2021-36222
https://access.redhat.com/security/cve/CVE-2021-37750
https://access.redhat.com/security/cve/CVE-2021-39226
https://access.redhat.com/security/cve/CVE-2021-41190
https://access.redhat.com/security/cve/CVE-2021-43813
https://access.redhat.com/security/cve/CVE-2021-44716
https://access.redhat.com/security/cve/CVE-2021-44717
https://access.redhat.com/security/cve/CVE-2022-0532
https://access.redhat.com/security/cve/CVE-2022-21673
https://access.redhat.com/security/cve/CVE-2022-24407
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYipqONzjgjWX9erEAQjQcBAAgWTjA6Q2NgqfVf63ZpJF1jPurZLPqxDL
0in/5+/wqWaiQ6yk7wM3YBZgviyKnAMCVdrLsaR7R77BvfJcTE3W/fzogxpp6Rne
eGT1PTgQRecrSIn+WG4gGSteavTULWOIoPvUiNpiy3Y7fFgjFdah+Nyx3Xd+xehM
CEswylOd6Hr03KZ1tS3XL3kGL2botha48Yls7FzDFbNcy6TBAuycmQZifKu8mHaF
aDAupVJinDnnVgACeS6CnZTAD+Vrx5W7NIisteXv4x5Hy+jBIUHr8Yge3oxYoFnC
Y/XmuOw2KilLZuqFe+KHig45qT+FmNU8E1egcGpNWvmS8hGZfiG1jEQAqDPbZHxp
sQAQZLQyz3TvXa29vp4QcsUuMxndIOi+QaK75JmqE06MqMIlFDYpr6eQOIgIZvFO
RDZU/qvBjh56ypInoqInBf8KOQMy6eO+r6nFbMGcAfucXmz0EVcSP1oFHAoA1nWN
rs1Qz/SO4CvdPERxcr1MLuBLggZ6iqGmHKk5IN0SwcndBHaVJ3j/LBv9m7wBYVry
bSvojBDYx5ricbTwB5sGzu7oH5yVl813FA9cjkFpEhBiMtTfI+DKC8ssoRYNHd5Z
7gLW6KWPUIDuCIiiioPZAJMyvJ0IMrNDoQ0lhqPeV7PFdlRhT95M/DagUZOpPVuT
b5PUYUBIZLc=
=GUDA
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
GNOME is the default desktop environment of Red Hat Enterprise Linux.
The following packages have been upgraded to a later upstream version:
gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4),
webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk
(1.6.0).
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
GDM must be restarted for this update to take effect. Bugs fixed (https://bugzilla.redhat.com/):
1207179 - Select items matching non existing pattern does not unselect already selected
1566027 - can't correctly compute contents size if hidden files are included
1569868 - Browsing samba shares using gvfs is very slow
1652178 - [RFE] perf-tool run on wayland
1656262 - The terminal's character display is unclear on rhel8 guest after installing gnome
1668895 - [RHEL8] Timedlogin Fails when Userlist is Disabled
1692536 - login screen shows after gnome-initial-setup
1706008 - Sound Effect sometimes fails to change to selected option.
1706076 - Automatic suspend for 90 minutes is set for 80 minutes instead.
1715845 - JS ERROR: TypeError: this._workspacesViews[i] is undefined
1719937 - GNOME Extension: Auto-Move-Windows Not Working Properly
1758891 - tracker-devel subpackage missing from el8 repos
1775345 - Rebase xdg-desktop-portal to 1.6
1778579 - Nautilus does not respect umask settings.
1779691 - Rebase xdg-desktop-portal-gtk to 1.6
1794045 - There are two different high contrast versions of desktop icons
1804719 - Update vte291 to 0.52.4
1805929 - RHEL 8.1 gnome-shell-extension errors
1811721 - CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp
1814820 - No checkbox to install updates in the shutdown dialog
1816070 - "search for an application to open this file" dialog broken
1816678 - CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution
1816684 - CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1816686 - CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1817143 - Rebase WebKitGTK to 2.28
1820759 - Include IO stall fixes
1820760 - Include IO fixes
1824362 - [BZ] Setting in gnome-tweak-tool Window List will reset upon opening
1827030 - gnome-settings-daemon: subscription notification on CentOS Stream
1829369 - CVE-2020-11793 webkitgtk: use-after-free via crafted web content
1832347 - [Rebase] Rebase pipewire to 0.3.x
1833158 - gdm-related dconf folders and keyfiles are not found in fresh 8.2 install
1837381 - Backport screen cast improvements to 8.3
1837406 - Rebase gnome-remote-desktop to PipeWire 0.3 version
1837413 - Backport changes needed by xdg-desktop-portal-gtk-1.6
1837648 - Vendor.conf should point to https://access.redhat.com/site/solutions/537113
1840080 - Can not control top bar menus via keys in Wayland
1840788 - [flatpak][rhel8] unable to build potrace as dependency
1843486 - Software crash after clicking Updates tab
1844578 - anaconda very rarely crashes at startup with a pygobject traceback
1846191 - usb adapters hotplug crashes gnome-shell
1847051 - JS ERROR: TypeError: area is null
1847061 - File search doesn't work under certain locales
1847062 - gnome-remote-desktop crash on QXL graphics
1847203 - gnome-shell: get_top_visible_window_actor(): gnome-shell killed by SIGSEGV
1853477 - CVE-2020-15503 LibRaw: lack of thumbnail size range check can lead to buffer overflow
1854734 - PipeWire 0.2 should be required by xdg-desktop-portal
1866332 - Remove obsolete libusb-devel dependency
1868260 - [Hyper-V][RHEL8] VM starts GUI failed on Hyper-V 2019/2016, hangs at "Started GNOME Display Manager" - GDM regression issue.
1872270 - WebKit renderer hangs on Cockpit
1873093 - CVE-2020-14391 gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center
1873963 - Failed to start session: org.gnome.Mutter.ScreenCast API version 2 lower than minimum supported version 3
1876462 - CVE-2020-3885 webkitgtk: Incorrect processing of file URLs
1876463 - CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory
1876465 - CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content
1876468 - CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution
1876470 - CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution
1876472 - CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content
1876473 - CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution
1876476 - CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack
1876516 - CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling
1876518 - CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts
1876521 - CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context
1876522 - CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876523 - CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876536 - CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876537 - CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876540 - CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876543 - CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876545 - CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876548 - CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876549 - CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876550 - CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876552 - CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876553 - CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876554 - CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876555 - CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876556 - CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876590 - CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876591 - CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876594 - CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876607 - CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876611 - CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876617 - CVE-2019-8769 webkitgtk: Websites could reveal browsing history
1876619 - CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy
1877853 - File descriptors are being left behind on logout of RHEL 8 session
1879532 - CVE-2020-9862 webkitgtk: Command injection in web inspector
1879535 - CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution
1879536 - CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution
1879538 - CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution
1879540 - CVE-2020-9915 webkitgtk: Access issue in content security policy
1879541 - CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting
1879545 - CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution
1879557 - CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution
1879559 - CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting
1879563 - CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution
1879564 - CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution
1879566 - CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting
1879568 - CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution
1880339 - Right GLX stereo texture is potentially leaked for each closed window
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
LibRaw-0.19.5-2.el8.src.rpm
PackageKit-1.1.12-6.el8.src.rpm
dleyna-renderer-0.6.0-3.el8.src.rpm
frei0r-plugins-1.6.1-7.el8.src.rpm
gdm-3.28.3-34.el8.src.rpm
gnome-control-center-3.28.2-22.el8.src.rpm
gnome-photos-3.28.1-3.el8.src.rpm
gnome-remote-desktop-0.1.8-3.el8.src.rpm
gnome-session-3.28.1-10.el8.src.rpm
gnome-settings-daemon-3.32.0-11.el8.src.rpm
gnome-shell-3.32.2-20.el8.src.rpm
gnome-shell-extensions-3.32.1-11.el8.src.rpm
gnome-terminal-3.28.3-2.el8.src.rpm
gtk3-3.22.30-6.el8.src.rpm
gvfs-1.36.2-10.el8.src.rpm
mutter-3.32.2-48.el8.src.rpm
nautilus-3.28.1-14.el8.src.rpm
pipewire-0.3.6-1.el8.src.rpm
pipewire0.2-0.2.7-6.el8.src.rpm
potrace-1.15-3.el8.src.rpm
tracker-2.1.5-2.el8.src.rpm
vte291-0.52.4-2.el8.src.rpm
webkit2gtk3-2.28.4-1.el8.src.rpm
webrtc-audio-processing-0.3-9.el8.src.rpm
xdg-desktop-portal-1.6.0-2.el8.src.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.src.rpm
aarch64:
PackageKit-1.1.12-6.el8.aarch64.rpm
PackageKit-command-not-found-1.1.12-6.el8.aarch64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-cron-1.1.12-6.el8.aarch64.rpm
PackageKit-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-debugsource-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.aarch64.rpm
frei0r-plugins-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.aarch64.rpm
gdm-3.28.3-34.el8.aarch64.rpm
gdm-debuginfo-3.28.3-34.el8.aarch64.rpm
gdm-debugsource-3.28.3-34.el8.aarch64.rpm
gnome-control-center-3.28.2-22.el8.aarch64.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.aarch64.rpm
gnome-control-center-debugsource-3.28.2-22.el8.aarch64.rpm
gnome-remote-desktop-0.1.8-3.el8.aarch64.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.aarch64.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.aarch64.rpm
gnome-session-3.28.1-10.el8.aarch64.rpm
gnome-session-debuginfo-3.28.1-10.el8.aarch64.rpm
gnome-session-debugsource-3.28.1-10.el8.aarch64.rpm
gnome-session-wayland-session-3.28.1-10.el8.aarch64.rpm
gnome-session-xsession-3.28.1-10.el8.aarch64.rpm
gnome-settings-daemon-3.32.0-11.el8.aarch64.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.aarch64.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.aarch64.rpm
gnome-shell-3.32.2-20.el8.aarch64.rpm
gnome-shell-debuginfo-3.32.2-20.el8.aarch64.rpm
gnome-shell-debugsource-3.32.2-20.el8.aarch64.rpm
gnome-terminal-3.28.3-2.el8.aarch64.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.aarch64.rpm
gnome-terminal-debugsource-3.28.3-2.el8.aarch64.rpm
gnome-terminal-nautilus-3.28.3-2.el8.aarch64.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.aarch64.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.aarch64.rpm
gtk-update-icon-cache-3.22.30-6.el8.aarch64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-3.22.30-6.el8.aarch64.rpm
gtk3-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-debugsource-3.22.30-6.el8.aarch64.rpm
gtk3-devel-3.22.30-6.el8.aarch64.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-immodule-xim-3.22.30-6.el8.aarch64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.aarch64.rpm
gvfs-1.36.2-10.el8.aarch64.rpm
gvfs-afc-1.36.2-10.el8.aarch64.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-afp-1.36.2-10.el8.aarch64.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-archive-1.36.2-10.el8.aarch64.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-client-1.36.2-10.el8.aarch64.rpm
gvfs-client-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-debugsource-1.36.2-10.el8.aarch64.rpm
gvfs-devel-1.36.2-10.el8.aarch64.rpm
gvfs-fuse-1.36.2-10.el8.aarch64.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-goa-1.36.2-10.el8.aarch64.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-gphoto2-1.36.2-10.el8.aarch64.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-mtp-1.36.2-10.el8.aarch64.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-smb-1.36.2-10.el8.aarch64.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.aarch64.rpm
libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm
libsoup-debugsource-2.62.3-2.el8.aarch64.rpm
libsoup-devel-2.62.3-2.el8.aarch64.rpm
mutter-3.32.2-48.el8.aarch64.rpm
mutter-debuginfo-3.32.2-48.el8.aarch64.rpm
mutter-debugsource-3.32.2-48.el8.aarch64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.aarch64.rpm
nautilus-3.28.1-14.el8.aarch64.rpm
nautilus-debuginfo-3.28.1-14.el8.aarch64.rpm
nautilus-debugsource-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.aarch64.rpm
pipewire-0.3.6-1.el8.aarch64.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-debugsource-0.3.6-1.el8.aarch64.rpm
pipewire-devel-0.3.6-1.el8.aarch64.rpm
pipewire-doc-0.3.6-1.el8.aarch64.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-libs-0.3.6-1.el8.aarch64.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-utils-0.3.6-1.el8.aarch64.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire0.2-debugsource-0.2.7-6.el8.aarch64.rpm
pipewire0.2-devel-0.2.7-6.el8.aarch64.rpm
pipewire0.2-libs-0.2.7-6.el8.aarch64.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.aarch64.rpm
potrace-1.15-3.el8.aarch64.rpm
potrace-debuginfo-1.15-3.el8.aarch64.rpm
potrace-debugsource-1.15-3.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
python3-gobject-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
tracker-2.1.5-2.el8.aarch64.rpm
tracker-debuginfo-2.1.5-2.el8.aarch64.rpm
tracker-debugsource-2.1.5-2.el8.aarch64.rpm
vte-profile-0.52.4-2.el8.aarch64.rpm
vte291-0.52.4-2.el8.aarch64.rpm
vte291-debuginfo-0.52.4-2.el8.aarch64.rpm
vte291-debugsource-0.52.4-2.el8.aarch64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.aarch64.rpm
webkit2gtk3-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-devel-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.aarch64.rpm
webrtc-audio-processing-0.3-9.el8.aarch64.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.aarch64.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.aarch64.rpm
xdg-desktop-portal-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.aarch64.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.aarch64.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.aarch64.rpm
noarch:
gnome-classic-session-3.32.1-11.el8.noarch.rpm
gnome-control-center-filesystem-3.28.2-22.el8.noarch.rpm
gnome-shell-extension-apps-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-auto-move-windows-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-common-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-dash-to-dock-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-desktop-icons-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-disable-screenshield-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-drive-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-horizontal-workspaces-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-launch-new-instance-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-native-window-placement-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-no-hot-corner-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-panel-favorites-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-places-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-screenshot-window-sizer-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-systemMonitor-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-top-icons-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-updates-dialog-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-user-theme-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-window-grouper-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-window-list-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-windowsNavigator-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-workspace-indicator-3.32.1-11.el8.noarch.rpm
ppc64le:
LibRaw-0.19.5-2.el8.ppc64le.rpm
LibRaw-debuginfo-0.19.5-2.el8.ppc64le.rpm
LibRaw-debugsource-0.19.5-2.el8.ppc64le.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.ppc64le.rpm
PackageKit-1.1.12-6.el8.ppc64le.rpm
PackageKit-command-not-found-1.1.12-6.el8.ppc64le.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-cron-1.1.12-6.el8.ppc64le.rpm
PackageKit-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-debugsource-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.ppc64le.rpm
dleyna-renderer-0.6.0-3.el8.ppc64le.rpm
dleyna-renderer-debuginfo-0.6.0-3.el8.ppc64le.rpm
dleyna-renderer-debugsource-0.6.0-3.el8.ppc64le.rpm
frei0r-plugins-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.ppc64le.rpm
gdm-3.28.3-34.el8.ppc64le.rpm
gdm-debuginfo-3.28.3-34.el8.ppc64le.rpm
gdm-debugsource-3.28.3-34.el8.ppc64le.rpm
gnome-control-center-3.28.2-22.el8.ppc64le.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.ppc64le.rpm
gnome-control-center-debugsource-3.28.2-22.el8.ppc64le.rpm
gnome-photos-3.28.1-3.el8.ppc64le.rpm
gnome-photos-debuginfo-3.28.1-3.el8.ppc64le.rpm
gnome-photos-debugsource-3.28.1-3.el8.ppc64le.rpm
gnome-photos-tests-3.28.1-3.el8.ppc64le.rpm
gnome-remote-desktop-0.1.8-3.el8.ppc64le.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.ppc64le.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.ppc64le.rpm
gnome-session-3.28.1-10.el8.ppc64le.rpm
gnome-session-debuginfo-3.28.1-10.el8.ppc64le.rpm
gnome-session-debugsource-3.28.1-10.el8.ppc64le.rpm
gnome-session-wayland-session-3.28.1-10.el8.ppc64le.rpm
gnome-session-xsession-3.28.1-10.el8.ppc64le.rpm
gnome-settings-daemon-3.32.0-11.el8.ppc64le.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.ppc64le.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.ppc64le.rpm
gnome-shell-3.32.2-20.el8.ppc64le.rpm
gnome-shell-debuginfo-3.32.2-20.el8.ppc64le.rpm
gnome-shell-debugsource-3.32.2-20.el8.ppc64le.rpm
gnome-terminal-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-debugsource-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-nautilus-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.ppc64le.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.ppc64le.rpm
gtk-update-icon-cache-3.22.30-6.el8.ppc64le.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-3.22.30-6.el8.ppc64le.rpm
gtk3-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-debugsource-3.22.30-6.el8.ppc64le.rpm
gtk3-devel-3.22.30-6.el8.ppc64le.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-immodule-xim-3.22.30-6.el8.ppc64le.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.ppc64le.rpm
gvfs-1.36.2-10.el8.ppc64le.rpm
gvfs-afc-1.36.2-10.el8.ppc64le.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-afp-1.36.2-10.el8.ppc64le.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-archive-1.36.2-10.el8.ppc64le.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-client-1.36.2-10.el8.ppc64le.rpm
gvfs-client-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-debugsource-1.36.2-10.el8.ppc64le.rpm
gvfs-devel-1.36.2-10.el8.ppc64le.rpm
gvfs-fuse-1.36.2-10.el8.ppc64le.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-goa-1.36.2-10.el8.ppc64le.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-gphoto2-1.36.2-10.el8.ppc64le.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-mtp-1.36.2-10.el8.ppc64le.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-smb-1.36.2-10.el8.ppc64le.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.ppc64le.rpm
libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm
libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm
libsoup-devel-2.62.3-2.el8.ppc64le.rpm
mutter-3.32.2-48.el8.ppc64le.rpm
mutter-debuginfo-3.32.2-48.el8.ppc64le.rpm
mutter-debugsource-3.32.2-48.el8.ppc64le.rpm
mutter-tests-debuginfo-3.32.2-48.el8.ppc64le.rpm
nautilus-3.28.1-14.el8.ppc64le.rpm
nautilus-debuginfo-3.28.1-14.el8.ppc64le.rpm
nautilus-debugsource-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.ppc64le.rpm
pipewire-0.3.6-1.el8.ppc64le.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-debugsource-0.3.6-1.el8.ppc64le.rpm
pipewire-devel-0.3.6-1.el8.ppc64le.rpm
pipewire-doc-0.3.6-1.el8.ppc64le.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-libs-0.3.6-1.el8.ppc64le.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-utils-0.3.6-1.el8.ppc64le.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire0.2-debugsource-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-devel-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-libs-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.ppc64le.rpm
potrace-1.15-3.el8.ppc64le.rpm
potrace-debuginfo-1.15-3.el8.ppc64le.rpm
potrace-debugsource-1.15-3.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
python3-gobject-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
tracker-2.1.5-2.el8.ppc64le.rpm
tracker-debuginfo-2.1.5-2.el8.ppc64le.rpm
tracker-debugsource-2.1.5-2.el8.ppc64le.rpm
vte-profile-0.52.4-2.el8.ppc64le.rpm
vte291-0.52.4-2.el8.ppc64le.rpm
vte291-debuginfo-0.52.4-2.el8.ppc64le.rpm
vte291-debugsource-0.52.4-2.el8.ppc64le.rpm
vte291-devel-debuginfo-0.52.4-2.el8.ppc64le.rpm
webkit2gtk3-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-devel-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm
webrtc-audio-processing-0.3-9.el8.ppc64le.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.ppc64le.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.ppc64le.rpm
xdg-desktop-portal-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.ppc64le.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.ppc64le.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.ppc64le.rpm
s390x:
PackageKit-1.1.12-6.el8.s390x.rpm
PackageKit-command-not-found-1.1.12-6.el8.s390x.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-cron-1.1.12-6.el8.s390x.rpm
PackageKit-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-debugsource-1.1.12-6.el8.s390x.rpm
PackageKit-glib-1.1.12-6.el8.s390x.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.s390x.rpm
frei0r-plugins-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.s390x.rpm
gdm-3.28.3-34.el8.s390x.rpm
gdm-debuginfo-3.28.3-34.el8.s390x.rpm
gdm-debugsource-3.28.3-34.el8.s390x.rpm
gnome-control-center-3.28.2-22.el8.s390x.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.s390x.rpm
gnome-control-center-debugsource-3.28.2-22.el8.s390x.rpm
gnome-remote-desktop-0.1.8-3.el8.s390x.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.s390x.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.s390x.rpm
gnome-session-3.28.1-10.el8.s390x.rpm
gnome-session-debuginfo-3.28.1-10.el8.s390x.rpm
gnome-session-debugsource-3.28.1-10.el8.s390x.rpm
gnome-session-wayland-session-3.28.1-10.el8.s390x.rpm
gnome-session-xsession-3.28.1-10.el8.s390x.rpm
gnome-settings-daemon-3.32.0-11.el8.s390x.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.s390x.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.s390x.rpm
gnome-shell-3.32.2-20.el8.s390x.rpm
gnome-shell-debuginfo-3.32.2-20.el8.s390x.rpm
gnome-shell-debugsource-3.32.2-20.el8.s390x.rpm
gnome-terminal-3.28.3-2.el8.s390x.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.s390x.rpm
gnome-terminal-debugsource-3.28.3-2.el8.s390x.rpm
gnome-terminal-nautilus-3.28.3-2.el8.s390x.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.s390x.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.s390x.rpm
gtk-update-icon-cache-3.22.30-6.el8.s390x.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-3.22.30-6.el8.s390x.rpm
gtk3-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-debugsource-3.22.30-6.el8.s390x.rpm
gtk3-devel-3.22.30-6.el8.s390x.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-immodule-xim-3.22.30-6.el8.s390x.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.s390x.rpm
gvfs-1.36.2-10.el8.s390x.rpm
gvfs-afp-1.36.2-10.el8.s390x.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-archive-1.36.2-10.el8.s390x.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-client-1.36.2-10.el8.s390x.rpm
gvfs-client-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-debugsource-1.36.2-10.el8.s390x.rpm
gvfs-devel-1.36.2-10.el8.s390x.rpm
gvfs-fuse-1.36.2-10.el8.s390x.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-goa-1.36.2-10.el8.s390x.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-gphoto2-1.36.2-10.el8.s390x.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-mtp-1.36.2-10.el8.s390x.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-smb-1.36.2-10.el8.s390x.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.s390x.rpm
libsoup-debuginfo-2.62.3-2.el8.s390x.rpm
libsoup-debugsource-2.62.3-2.el8.s390x.rpm
libsoup-devel-2.62.3-2.el8.s390x.rpm
mutter-3.32.2-48.el8.s390x.rpm
mutter-debuginfo-3.32.2-48.el8.s390x.rpm
mutter-debugsource-3.32.2-48.el8.s390x.rpm
mutter-tests-debuginfo-3.32.2-48.el8.s390x.rpm
nautilus-3.28.1-14.el8.s390x.rpm
nautilus-debuginfo-3.28.1-14.el8.s390x.rpm
nautilus-debugsource-3.28.1-14.el8.s390x.rpm
nautilus-extensions-3.28.1-14.el8.s390x.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.s390x.rpm
pipewire-0.3.6-1.el8.s390x.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-debugsource-0.3.6-1.el8.s390x.rpm
pipewire-devel-0.3.6-1.el8.s390x.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-libs-0.3.6-1.el8.s390x.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-utils-0.3.6-1.el8.s390x.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire0.2-debugsource-0.2.7-6.el8.s390x.rpm
pipewire0.2-devel-0.2.7-6.el8.s390x.rpm
pipewire0.2-libs-0.2.7-6.el8.s390x.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.s390x.rpm
potrace-1.15-3.el8.s390x.rpm
potrace-debuginfo-1.15-3.el8.s390x.rpm
potrace-debugsource-1.15-3.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
python3-gobject-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
tracker-2.1.5-2.el8.s390x.rpm
tracker-debuginfo-2.1.5-2.el8.s390x.rpm
tracker-debugsource-2.1.5-2.el8.s390x.rpm
vte-profile-0.52.4-2.el8.s390x.rpm
vte291-0.52.4-2.el8.s390x.rpm
vte291-debuginfo-0.52.4-2.el8.s390x.rpm
vte291-debugsource-0.52.4-2.el8.s390x.rpm
vte291-devel-debuginfo-0.52.4-2.el8.s390x.rpm
webkit2gtk3-2.28.4-1.el8.s390x.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.s390x.rpm
webkit2gtk3-devel-2.28.4-1.el8.s390x.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.s390x.rpm
webrtc-audio-processing-0.3-9.el8.s390x.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.s390x.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.s390x.rpm
xdg-desktop-portal-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.s390x.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.s390x.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.s390x.rpm
x86_64:
LibRaw-0.19.5-2.el8.i686.rpm
LibRaw-0.19.5-2.el8.x86_64.rpm
LibRaw-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-debuginfo-0.19.5-2.el8.x86_64.rpm
LibRaw-debugsource-0.19.5-2.el8.i686.rpm
LibRaw-debugsource-0.19.5-2.el8.x86_64.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.x86_64.rpm
PackageKit-1.1.12-6.el8.x86_64.rpm
PackageKit-command-not-found-1.1.12-6.el8.x86_64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-cron-1.1.12-6.el8.x86_64.rpm
PackageKit-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-debugsource-1.1.12-6.el8.i686.rpm
PackageKit-debugsource-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-1.1.12-6.el8.i686.rpm
PackageKit-glib-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.x86_64.rpm
dleyna-renderer-0.6.0-3.el8.x86_64.rpm
dleyna-renderer-debuginfo-0.6.0-3.el8.x86_64.rpm
dleyna-renderer-debugsource-0.6.0-3.el8.x86_64.rpm
frei0r-plugins-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.x86_64.rpm
gdm-3.28.3-34.el8.i686.rpm
gdm-3.28.3-34.el8.x86_64.rpm
gdm-debuginfo-3.28.3-34.el8.i686.rpm
gdm-debuginfo-3.28.3-34.el8.x86_64.rpm
gdm-debugsource-3.28.3-34.el8.i686.rpm
gdm-debugsource-3.28.3-34.el8.x86_64.rpm
gnome-control-center-3.28.2-22.el8.x86_64.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.x86_64.rpm
gnome-control-center-debugsource-3.28.2-22.el8.x86_64.rpm
gnome-photos-3.28.1-3.el8.x86_64.rpm
gnome-photos-debuginfo-3.28.1-3.el8.x86_64.rpm
gnome-photos-debugsource-3.28.1-3.el8.x86_64.rpm
gnome-photos-tests-3.28.1-3.el8.x86_64.rpm
gnome-remote-desktop-0.1.8-3.el8.x86_64.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.x86_64.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.x86_64.rpm
gnome-session-3.28.1-10.el8.x86_64.rpm
gnome-session-debuginfo-3.28.1-10.el8.x86_64.rpm
gnome-session-debugsource-3.28.1-10.el8.x86_64.rpm
gnome-session-wayland-session-3.28.1-10.el8.x86_64.rpm
gnome-session-xsession-3.28.1-10.el8.x86_64.rpm
gnome-settings-daemon-3.32.0-11.el8.x86_64.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.x86_64.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.x86_64.rpm
gnome-shell-3.32.2-20.el8.x86_64.rpm
gnome-shell-debuginfo-3.32.2-20.el8.x86_64.rpm
gnome-shell-debugsource-3.32.2-20.el8.x86_64.rpm
gnome-terminal-3.28.3-2.el8.x86_64.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.x86_64.rpm
gnome-terminal-debugsource-3.28.3-2.el8.x86_64.rpm
gnome-terminal-nautilus-3.28.3-2.el8.x86_64.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.x86_64.rpm
gsettings-desktop-schemas-3.32.0-5.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.x86_64.rpm
gtk-update-icon-cache-3.22.30-6.el8.x86_64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.i686.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-3.22.30-6.el8.i686.rpm
gtk3-3.22.30-6.el8.x86_64.rpm
gtk3-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-debugsource-3.22.30-6.el8.i686.rpm
gtk3-debugsource-3.22.30-6.el8.x86_64.rpm
gtk3-devel-3.22.30-6.el8.i686.rpm
gtk3-devel-3.22.30-6.el8.x86_64.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-immodule-xim-3.22.30-6.el8.x86_64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.x86_64.rpm
gvfs-1.36.2-10.el8.x86_64.rpm
gvfs-afc-1.36.2-10.el8.x86_64.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-afp-1.36.2-10.el8.x86_64.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-archive-1.36.2-10.el8.x86_64.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-client-1.36.2-10.el8.i686.rpm
gvfs-client-1.36.2-10.el8.x86_64.rpm
gvfs-client-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-client-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-debugsource-1.36.2-10.el8.i686.rpm
gvfs-debugsource-1.36.2-10.el8.x86_64.rpm
gvfs-devel-1.36.2-10.el8.i686.rpm
gvfs-devel-1.36.2-10.el8.x86_64.rpm
gvfs-fuse-1.36.2-10.el8.x86_64.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-goa-1.36.2-10.el8.x86_64.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-gphoto2-1.36.2-10.el8.x86_64.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-mtp-1.36.2-10.el8.x86_64.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-smb-1.36.2-10.el8.x86_64.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.x86_64.rpm
libsoup-debuginfo-2.62.3-2.el8.i686.rpm
libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm
libsoup-debugsource-2.62.3-2.el8.i686.rpm
libsoup-debugsource-2.62.3-2.el8.x86_64.rpm
libsoup-devel-2.62.3-2.el8.i686.rpm
libsoup-devel-2.62.3-2.el8.x86_64.rpm
mutter-3.32.2-48.el8.i686.rpm
mutter-3.32.2-48.el8.x86_64.rpm
mutter-debuginfo-3.32.2-48.el8.i686.rpm
mutter-debuginfo-3.32.2-48.el8.x86_64.rpm
mutter-debugsource-3.32.2-48.el8.i686.rpm
mutter-debugsource-3.32.2-48.el8.x86_64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.i686.rpm
mutter-tests-debuginfo-3.32.2-48.el8.x86_64.rpm
nautilus-3.28.1-14.el8.x86_64.rpm
nautilus-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-debuginfo-3.28.1-14.el8.x86_64.rpm
nautilus-debugsource-3.28.1-14.el8.i686.rpm
nautilus-debugsource-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-3.28.1-14.el8.i686.rpm
nautilus-extensions-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.x86_64.rpm
pipewire-0.3.6-1.el8.i686.rpm
pipewire-0.3.6-1.el8.x86_64.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-debugsource-0.3.6-1.el8.i686.rpm
pipewire-debugsource-0.3.6-1.el8.x86_64.rpm
pipewire-devel-0.3.6-1.el8.i686.rpm
pipewire-devel-0.3.6-1.el8.x86_64.rpm
pipewire-doc-0.3.6-1.el8.x86_64.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-libs-0.3.6-1.el8.i686.rpm
pipewire-libs-0.3.6-1.el8.x86_64.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-utils-0.3.6-1.el8.x86_64.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire0.2-debugsource-0.2.7-6.el8.i686.rpm
pipewire0.2-debugsource-0.2.7-6.el8.x86_64.rpm
pipewire0.2-devel-0.2.7-6.el8.i686.rpm
pipewire0.2-devel-0.2.7-6.el8.x86_64.rpm
pipewire0.2-libs-0.2.7-6.el8.i686.rpm
pipewire0.2-libs-0.2.7-6.el8.x86_64.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.i686.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.x86_64.rpm
potrace-1.15-3.el8.i686.rpm
potrace-1.15-3.el8.x86_64.rpm
potrace-debuginfo-1.15-3.el8.i686.rpm
potrace-debuginfo-1.15-3.el8.x86_64.rpm
potrace-debugsource-1.15-3.el8.i686.rpm
potrace-debugsource-1.15-3.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.i686.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.i686.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
python3-gobject-3.28.3-2.el8.i686.rpm
python3-gobject-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
tracker-2.1.5-2.el8.i686.rpm
tracker-2.1.5-2.el8.x86_64.rpm
tracker-debuginfo-2.1.5-2.el8.i686.rpm
tracker-debuginfo-2.1.5-2.el8.x86_64.rpm
tracker-debugsource-2.1.5-2.el8.i686.rpm
tracker-debugsource-2.1.5-2.el8.x86_64.rpm
vte-profile-0.52.4-2.el8.x86_64.rpm
vte291-0.52.4-2.el8.i686.rpm
vte291-0.52.4-2.el8.x86_64.rpm
vte291-debuginfo-0.52.4-2.el8.i686.rpm
vte291-debuginfo-0.52.4-2.el8.x86_64.rpm
vte291-debugsource-0.52.4-2.el8.i686.rpm
vte291-debugsource-0.52.4-2.el8.x86_64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.i686.rpm
vte291-devel-debuginfo-0.52.4-2.el8.x86_64.rpm
webkit2gtk3-2.28.4-1.el8.i686.rpm
webkit2gtk3-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.i686.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-devel-2.28.4-1.el8.i686.rpm
webkit2gtk3-devel-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.x86_64.rpm
webrtc-audio-processing-0.3-9.el8.i686.rpm
webrtc-audio-processing-0.3-9.el8.x86_64.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.i686.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.x86_64.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.i686.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.x86_64.rpm
xdg-desktop-portal-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.x86_64.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.x86_64.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
gsettings-desktop-schemas-3.32.0-5.el8.src.rpm
libsoup-2.62.3-2.el8.src.rpm
pygobject3-3.28.3-2.el8.src.rpm
aarch64:
gsettings-desktop-schemas-3.32.0-5.el8.aarch64.rpm
libsoup-2.62.3-2.el8.aarch64.rpm
libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm
libsoup-debugsource-2.62.3-2.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
ppc64le:
gsettings-desktop-schemas-3.32.0-5.el8.ppc64le.rpm
libsoup-2.62.3-2.el8.ppc64le.rpm
libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm
libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
s390x:
gsettings-desktop-schemas-3.32.0-5.el8.s390x.rpm
libsoup-2.62.3-2.el8.s390x.rpm
libsoup-debuginfo-2.62.3-2.el8.s390x.rpm
libsoup-debugsource-2.62.3-2.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
python3-gobject-base-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
x86_64:
gsettings-desktop-schemas-3.32.0-5.el8.x86_64.rpm
libsoup-2.62.3-2.el8.i686.rpm
libsoup-2.62.3-2.el8.x86_64.rpm
libsoup-debuginfo-2.62.3-2.el8.i686.rpm
libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm
libsoup-debugsource-2.62.3-2.el8.i686.rpm
libsoup-debugsource-2.62.3-2.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. ------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2020-0002
------------------------------------------------------------------------
Date reported : February 14, 2020
Advisory ID : WSA-2020-0002
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2020-0002.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2020-0002.html
CVE identifiers : CVE-2020-3862, CVE-2020-3864, CVE-2020-3865,
CVE-2020-3867, CVE-2020-3868.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2020-3862
Versions affected: WebKitGTK before 2.26.4 and WPE WebKit before
2.26.4.
Credit to Srikanth Gatta of Google Chrome.
Impact: A malicious website may be able to cause a denial of
service.
CVE-2020-3864
Versions affected: WebKitGTK before 2.26.4 and WPE WebKit before
2.26.4.
Credit to Ryan Pickren (ryanpickren.com).
CVE-2020-3865
Versions affected: WebKitGTK before 2.26.4 and WPE WebKit before
2.26.4.
Credit to Ryan Pickren (ryanpickren.com).
CVE-2020-3867
Versions affected: WebKitGTK before 2.26.4 and WPE WebKit before
2.26.4.
Credit to an anonymous researcher.
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting.
CVE-2020-3868
Versions affected: WebKitGTK before 2.26.4 and WPE WebKit before
2.26.4.
Credit to Marcin Towalski of Cisco Talos. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK and WPE WebKit team,
February 14, 2020
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 15, 2020
Bugs: #699156, #706374, #709612
ID: 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.26.4 >= 2.26.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Impact
======
A remote attacker could execute arbitrary code, cause a Denial of
Service condition, bypass intended memory-read restrictions, conduct a
timing side-channel attack to bypass the Same Origin Policy or obtain
sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.26.4"
References
==========
[ 1 ] CVE-2019-8625
https://nvd.nist.gov/vuln/detail/CVE-2019-8625
[ 2 ] CVE-2019-8674
https://nvd.nist.gov/vuln/detail/CVE-2019-8674
[ 3 ] CVE-2019-8707
https://nvd.nist.gov/vuln/detail/CVE-2019-8707
[ 4 ] CVE-2019-8710
https://nvd.nist.gov/vuln/detail/CVE-2019-8710
[ 5 ] CVE-2019-8719
https://nvd.nist.gov/vuln/detail/CVE-2019-8719
[ 6 ] CVE-2019-8720
https://nvd.nist.gov/vuln/detail/CVE-2019-8720
[ 7 ] CVE-2019-8726
https://nvd.nist.gov/vuln/detail/CVE-2019-8726
[ 8 ] CVE-2019-8733
https://nvd.nist.gov/vuln/detail/CVE-2019-8733
[ 9 ] CVE-2019-8735
https://nvd.nist.gov/vuln/detail/CVE-2019-8735
[ 10 ] CVE-2019-8743
https://nvd.nist.gov/vuln/detail/CVE-2019-8743
[ 11 ] CVE-2019-8763
https://nvd.nist.gov/vuln/detail/CVE-2019-8763
[ 12 ] CVE-2019-8764
https://nvd.nist.gov/vuln/detail/CVE-2019-8764
[ 13 ] CVE-2019-8765
https://nvd.nist.gov/vuln/detail/CVE-2019-8765
[ 14 ] CVE-2019-8766
https://nvd.nist.gov/vuln/detail/CVE-2019-8766
[ 15 ] CVE-2019-8768
https://nvd.nist.gov/vuln/detail/CVE-2019-8768
[ 16 ] CVE-2019-8769
https://nvd.nist.gov/vuln/detail/CVE-2019-8769
[ 17 ] CVE-2019-8771
https://nvd.nist.gov/vuln/detail/CVE-2019-8771
[ 18 ] CVE-2019-8782
https://nvd.nist.gov/vuln/detail/CVE-2019-8782
[ 19 ] CVE-2019-8783
https://nvd.nist.gov/vuln/detail/CVE-2019-8783
[ 20 ] CVE-2019-8808
https://nvd.nist.gov/vuln/detail/CVE-2019-8808
[ 21 ] CVE-2019-8811
https://nvd.nist.gov/vuln/detail/CVE-2019-8811
[ 22 ] CVE-2019-8812
https://nvd.nist.gov/vuln/detail/CVE-2019-8812
[ 23 ] CVE-2019-8813
https://nvd.nist.gov/vuln/detail/CVE-2019-8813
[ 24 ] CVE-2019-8814
https://nvd.nist.gov/vuln/detail/CVE-2019-8814
[ 25 ] CVE-2019-8815
https://nvd.nist.gov/vuln/detail/CVE-2019-8815
[ 26 ] CVE-2019-8816
https://nvd.nist.gov/vuln/detail/CVE-2019-8816
[ 27 ] CVE-2019-8819
https://nvd.nist.gov/vuln/detail/CVE-2019-8819
[ 28 ] CVE-2019-8820
https://nvd.nist.gov/vuln/detail/CVE-2019-8820
[ 29 ] CVE-2019-8821
https://nvd.nist.gov/vuln/detail/CVE-2019-8821
[ 30 ] CVE-2019-8822
https://nvd.nist.gov/vuln/detail/CVE-2019-8822
[ 31 ] CVE-2019-8823
https://nvd.nist.gov/vuln/detail/CVE-2019-8823
[ 32 ] CVE-2019-8835
https://nvd.nist.gov/vuln/detail/CVE-2019-8835
[ 33 ] CVE-2019-8844
https://nvd.nist.gov/vuln/detail/CVE-2019-8844
[ 34 ] CVE-2019-8846
https://nvd.nist.gov/vuln/detail/CVE-2019-8846
[ 35 ] CVE-2020-3862
https://nvd.nist.gov/vuln/detail/CVE-2020-3862
[ 36 ] CVE-2020-3864
https://nvd.nist.gov/vuln/detail/CVE-2020-3864
[ 37 ] CVE-2020-3865
https://nvd.nist.gov/vuln/detail/CVE-2020-3865
[ 38 ] CVE-2020-3867
https://nvd.nist.gov/vuln/detail/CVE-2020-3867
[ 39 ] CVE-2020-3868
https://nvd.nist.gov/vuln/detail/CVE-2020-3868
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-22
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
|
|
var-201711-0448
|
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2017-0009
------------------------------------------------------------------------
Date reported : November 10, 2017
Advisory ID : WSA-2017-0009
Advisory URL : https://webkitgtk.org/security/WSA-2017-0009.html
CVE identifiers : CVE-2017-13783, CVE-2017-13784, CVE-2017-13785,
CVE-2017-13788, CVE-2017-13791, CVE-2017-13792,
CVE-2017-13793, CVE-2017-13794, CVE-2017-13795,
CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
CVE-2017-13803.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to xisigr of Tencent's Xuanwu Lab (tencent.com). Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanul Choi working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to chenqin (ee|) of Ant-financial Light-Year Security. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
November 10, 2017
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201712-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: December 14, 2017
Bugs: #637076
ID: 201712-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in WebKitGTK+, the worst
of which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.18.3 >= 2.18.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There are no known workarounds at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.18.3"
References
==========
[ 1 ] CVE-2017-13783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13783
[ 2 ] CVE-2017-13784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13784
[ 3 ] CVE-2017-13785
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13785
[ 4 ] CVE-2017-13788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13788
[ 5 ] CVE-2017-13791
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13791
[ 6 ] CVE-2017-13792
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13792
[ 7 ] CVE-2017-13793
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13793
[ 8 ] CVE-2017-13794
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13794
[ 9 ] CVE-2017-13795
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13795
[ 10 ] CVE-2017-13796
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13796
[ 11 ] CVE-2017-13798
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13798
[ 12 ] CVE-2017-13802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13802
[ 13 ] CVE-2017-13803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13803
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201712-01
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
===========================================================================
Ubuntu Security Notice USN-3481-1
November 16, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 17.04
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.17.10.1
Ubuntu 17.04:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.17.04.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.17.04.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3481-1
CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788,
CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794,
CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
CVE-2017-13803
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.17.04.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.16.04.1
--cAJSiv6PLl8jlntXfAr5kK8XnnPQvgKnJ--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-10-31-1 iOS 11.1
iOS 11.1 is now available and addresses the following:
CoreText
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to an
unexpected application termination
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2017-13849: Ro of SavSec
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13799: an anonymous researcher
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
access photos from the lock screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device. This issue was addressed with
improved state management.
CVE-2017-13844: Miguel Alvarado of iDeviceHelp INC
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2017-13805: Yiğit Can YILMAZ (@yilmazcanyigit)
StreamingZip
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious zip file may be able modify restricted areas of
the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L.
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Characters in a secure text field might be revealed
Description: The characters in a secure text field were revealed
during focus change events. This issue was addressed through improved
state management.
CVE-2017-7113: an anonymous researcher, Duraiamuthan Harikrishnan of
Tech Mahindra, Ricardo Sampayo of Bemo Ltd
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u7opHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbQiw//
bEkSQWlXTfpJ/9F2VKbMv+++td8sXozC3ICj9Ho+zhctxNY3MvIqXY8B4MrWB5+e
wgz1X/EQSCMItE2u20uISfApls/8/pBde6kKnca9rPGr7I2BKsuHTfCT3taSkhoj
EWMHEb64Se0hSiWKj99HJ80It9bDGSHz1cofpYDCNSMFBCiGWF2EbMgxUa55T5Vx
BtWZ91y2oU6gTsu4ZSR5NXG+Hi/vFYDnAFSr2/5Dgud4fl0tYk1KZ725g2YvXT7S
E3qV6shwcQtpf5ixm4G2cYalfiAmkYYjA/q2sgLClHDVXaPzahTS9ScMygKo4BsZ
RDboCM0q0ywPl+xnNJFuq2ZpZAfMefuXpcjTSxBDoNXliphzH2YOjk5YtHV47S+x
E8+b/bGDvBiKXJFo+yotJ07er0XtFPxfJKwgaYAi8VAfEXZrIv0uDQfYIZieMIRz
VznZvlaKXpA1Ms3R3rY2ukI9gdyPD0wk7r8zAGD0eTdl8E0bMI89UaSMWqDGf1Jm
9AWKOB7na2ElWNHeEMUAhReOL4jHqu/FLkRuoYVAiYKYUDWJGDlD79Yz8bTqnwtu
AWHqstzzcUVg1HXcwR5ngUDGFFOU2vVkqZRK6uwzCRzd/a7QQ/Lu+86GkfxPUB+p
9rtwIDGcTg0795ylrx8NLY/3BD8xcBMhfcZbpX5TF8s=
=qJV/
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/ |
|
var-201710-1402
|
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing. Apple iOS , Safari ,and iCloud Used in etc. WebKit is prone to multiple security vulnerabilities.
An attacker may leverage this issue to spoof the originating URL of a trusted web site or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to carry out phishing-style attacks, and steal cookie-based authentication credentials. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of Apple iOS versions prior to 11, Safari versions prior to 11, and iCloud versions 7.0 on Windows.
CVE-2017-7109: avlidienbrunn
Entry added September 25, 2017
WebKit
Available for: OS X El Capitan 10.11.6, and macOS Sierra 10.12.6,
macOS High Sierra 10.13
Impact: A malicious website may be able to track users in
Safari private browsing mode
Description: A permissions issue existed in the handling of web
browser cookies.
Installation note:
Safari 11 may be obtained from the Mac App Store. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2017-0008
------------------------------------------------------------------------
Date reported : October 18, 2017
Advisory ID : WSA-2017-0008
Advisory URL : https://webkitgtk.org/security/WSA-2017-0008.html
CVE identifiers : CVE-2017-7081, CVE-2017-7087, CVE-2017-7089,
CVE-2017-7090, CVE-2017-7091, CVE-2017-7092,
CVE-2017-7093, CVE-2017-7094, CVE-2017-7095,
CVE-2017-7096, CVE-2017-7098, CVE-2017-7099,
CVE-2017-7100, CVE-2017-7102, CVE-2017-7104,
CVE-2017-7107, CVE-2017-7109, CVE-2017-7111,
CVE-2017-7117, CVE-2017-7120, CVE-2017-7142.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Apple. Description: A memory corruption issue was
addressed through improved input validation.
Credit to Apple. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Anton Lopanitsyn of ONSEC, Frans RosA(c)n of Detectify. Description: A logic issue existed
in the handling of the parent-tab. This issue was addressed with
improved state management.
Credit to Apple.
Impact: Cookies belonging to one origin may be sent to another
origin. Description: A permissions issue existed in the handling of
web browser cookies. This issue was addressed by no longer returning
cookies for custom URL schemes.
Credit to Wei Yuan of Baidu Security Lab working with Trend Microas
Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Qixun Zhao (@S0rryMybad) of Qihoo 360 Vulcan Team, Samuel
Gro and Niklas Baumstark working with Trend Micro's Zero Day
Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Samuel Gro and Niklas Baumstark working with Trend Microas
Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Tim Michaud (@TimGMichaud) of Leviathan Security Group. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang
Technological University working with Trend Microas Zero Day
Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Wei Yuan of Baidu Security Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Felipe Freitas of Instituto TecnolA3gico de AeronA!utica. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Apple. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Masato Kinugawa and Mario Heiderich of Cure53. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang
Technological University. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to likemeng of Baidu Secutity Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Wang Junjie, Wei Lei, and Liu Yang of Nanyang
Technological University. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to avlidienbrunn. Description: Application Cache policy
may be unexpectedly applied.
Credit to likemeng of Baidu Security Lab (xlab.baidu.com) working
with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to lokihardt of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to chenqin (ee|) of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher.
Impact: Website data may persist after a Safari Private browsing
session. Description: An information leakage issue existed in the
handling of website data in Safari Private windows. This issue was
addressed with improved data handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
October 18, 2017
. ==========================================================================
Ubuntu Security Notice USN-3460-1
October 23, 2017
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.17.04.2
libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.17.04.2
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.16.04.2
libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.16.04.2
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3460-1
CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091,
CVE-2017-7092, CVE-2017-7093, CVE-2017-7095, CVE-2017-7096,
CVE-2017-7098, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104,
CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117,
CVE-2017-7120
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.0-0ubuntu0.17.04.2
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.0-0ubuntu0.16.04.2
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-09-19-1 iOS 11
iOS 11 is now available and addresses the following:
Exchange ActiveSync
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An attacker in a privileged network position may be able to
erase a device during Exchange account setup
Description: A validation issue existed in AutoDiscover V1.
CVE-2017-7088: Ilya Nesterov, Maxim Goncharov
iBooks
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Parsing a maliciously crafted iBooks file may lead to a
persistent denial-of-service
Description: Multiple denial of service issues were addressed through
improved memory handling.
CVE-2017-7072: JAdrzej Krysztofiak
Mail MessageUI
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A memory corruption issue was addressed with improved
validation.
CVE-2017-7097: Xinshu Dong and Jun Hao Tan of Anquan Capital
Messages
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A denial of service issue was addressed through improved
validation.
CVE-2017-7118: Kiki Jiang and Jason Tokoph
MobileBackup
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Backup may perform an unencrypted backup despite a
requirement to perform only encrypted backups
Description: A permissions issue existed.
CVE-2017-7133: Don Sparks of HackediOS.com
Safari
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7089: Anton Lopanitsyn of ONSEC, Frans RosA(c)n of Detectify
WebKit
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7106: Oliver Paukstadt of Thinking Objects GmbH (to.com)
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJZwVI3AAoJEIOj74w0bLRGSncQAMxcG5XB4dncEVU3cTFGO0e/
LVQJzWpK50Lwr7kM+1CV3Nh9oa9b6+3f2hh9vYJ34OHPJbUEasqrZmAFiDjbJoZn
46e34Rxwk7+oGXSFUS15SEAxAsctTCG3redczoZy/7k75q1z/lq1KZPD9WKCoieP
m30OuTsEy3x9UZpJ5xcGJXTCy1LE6kFeGtcNBc7T2JBDXR2Y/4inQvIqhhj15Cg+
o6kvRVcUIysDTbeEB2WNRWQn6uKWw/Gl0eg9wei2dMzkbNUIEOSVhPoOCrnLLkQb
Ud/YpIYCDn8Uy9on9bnVRa8ZOg0Yx52tuZJ920vu4+8xnSyBvkmSy7AtSU9IZ5SW
QLHYuDSECo+nW7xPuFHce2KkUHcZrzAHKpJBGpruq2IX7Vfz5/1w0YJU93pwj5Sy
A68JREYoThj/Ath+nPZAvUXUHR0sLXgRlBWUfwo1UsXt4lsVy+b7b0wQP/wX1atz
6/c72oChTp5c8VWlfajHadC6EmLRuBYoLW8HxlemyWU+RZDNjMMb11ytL/vg+VOL
51u+BjCs/6BIJI6+mirfG+XK/DVjStgy5W3atup5yEJXy8ouWyBT4vi1PJgjqQOh
0s4G3yE0J38pvtbCFtSb7VOJBh4ocFz7ggeZ5Z3tSQsawtSlcTfl3+93rJ87yRQG
4UIRwN/cWfzukSyrDAis
=ufig
-----END PGP SIGNATURE-----
|
|
var-202106-0345
|
Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: microcode_ctl security, bug fix and enhancement update
Advisory ID: RHSA-2021:2305-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2305
Issue date: 2021-06-08
CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512
CVE-2020-24513
====================================================================
1. Summary:
An update for microcode_ctl is now available for Red Hat Enterprise Linux
7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
3. Description:
The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors
(CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors
(CVE-2020-24512)
* hw: information disclosure on some Intel Atom processors (CVE-2020-24513)
Bug Fix(es) and Enhancement(s):
* Update Intel CPU microcode to microcode-20210525 release
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1962650 - CVE-2020-24489 hw: vt-d related privilege escalation
1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors
1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors
1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
microcode_ctl-2.1-73.9.el7_9.src.rpm
x86_64:
microcode_ctl-2.1-73.9.el7_9.x86_64.rpm
microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
microcode_ctl-2.1-73.9.el7_9.src.rpm
x86_64:
microcode_ctl-2.1-73.9.el7_9.x86_64.rpm
microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
microcode_ctl-2.1-73.9.el7_9.src.rpm
x86_64:
microcode_ctl-2.1-73.9.el7_9.x86_64.rpm
microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
microcode_ctl-2.1-73.9.el7_9.src.rpm
x86_64:
microcode_ctl-2.1-73.9.el7_9.x86_64.rpm
microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-24489
https://access.redhat.com/security/cve/CVE-2020-24511
https://access.redhat.com/security/cve/CVE-2020-24512
https://access.redhat.com/security/cve/CVE-2020-24513
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYMAkjNzjgjWX9erEAQj9Rw//aAXwJWN2Q/e3KJ6n+bdhBXSWxMI+ro7r
86Elrmw3BY2uTNbkjEorxQfON15ZawMJn0eNprNGA4gxRJ1/OlV+bMXcXsHcxdwt
2ndTxSL9G3xd+B3j6L8N2YQAXzCSzJT2ohbFPntZeMDpd6hILbNO+XDmnPu0uEsh
E1Rl1BNsQJGoJ9yrrk9hqae2erlB2nTuDwYcNN6YWANkpWxPnzrJBRt115hBL/Xm
Gh9vsxTC98/V+TWn0o0gLDUr0sM21KhD2U8F3byxBQB4Kr4Y0X34U12whwHkG95b
m+HKj38OHmwhm+JZV68AsVBbnaa4TM3ilccuAVujxcW10IyXZBsmBFoEnIQ5Y7mm
X8Bc5goFlKet/cDqwwUDBvjFfXfC61+2N4gRnWp48b8+vojs+T6JsurrCJbRhXjL
gy8adoRwG3zNj+0xh7sHjX7XkIYFwrWMxiFHUaJWMV8pfx6NvGJJTiRR6n1+nKJt
scM4MX7RUnLlcmRMbN4HpU4Kg7CLqI3dgiJ1XAgIUyB4Xvsb+Ckp/M8EB9I+GLDP
Z4feYJ/cplYpSCcRG0xxHsnqrDFgAI0P/KVy9GQeAaXWWVwQzP5vHr+tauLSaEae
q4MCBAMQQ69TX2rSLhnwtH1fpVuBsZibIN3QAikZM///peIXrNcmR4jPBVRPU6p+
ulH8AIb5GRA=sYI9
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. =========================================================================
Ubuntu Security Notice USN-4985-1
June 09, 2021
intel-microcode vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Intel Microcode. This may allow a local user to perform a privilege escalation
attack. (CVE-2021-24489)
Joseph Nuzman discovered that some Intel processors may not properly apply
EIBRS mitigations (originally developed for CVE-2017-5715) and hence may
allow unauthorized memory reads via sidechannel attacks. A local attacker
could use this to expose sensitive information, including kernel
memory. (CVE-2020-24511)
Travis Downs discovered that some Intel processors did not properly flush
cache-lines for trivial-data values. This may allow an unauthorized user to
infer the presence of these trivial-data-cache-lines via timing sidechannel
attacks. A local attacker could use this to expose sensitive
information. (CVE-2020-24512)
It was discovered that certain Intel Atom processors could expose memory
contents stored in microarchitectural buffers. A local attacker could use
this to expose sensitive information. (CVE-2020-24513)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
intel-microcode 3.20210608.0ubuntu0.21.04.1
Ubuntu 20.10:
intel-microcode 3.20210608.0ubuntu0.20.10.1
Ubuntu 20.04 LTS:
intel-microcode 3.20210608.0ubuntu0.20.04.1
Ubuntu 18.04 LTS:
intel-microcode 3.20210608.0ubuntu0.18.04.1
Ubuntu 16.04 ESM:
intel-microcode 3.20210608.0ubuntu0.16.04.1+esm1
Ubuntu 14.04 ESM:
intel-microcode 3.20210608.0ubuntu0.14.04.1+esm1
After a standard system update you need to reboot your computer to make
all the necessary changes.
For the stable distribution (buster), these problems have been fixed in
version 3.20210608.2~deb10u1.
Note that there are two reported regressions; for some CoffeeLake CPUs
this update may break iwlwifi
(https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/56)
and some for Skylake R0/D0 CPUs on systems using a very outdated firmware/BIOS,
the system may hang on boot:
(https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31)
If you are affected by those issues, you can recover by disabling microcode
loading on boot (as documented in README.Debian (also available online at
https://salsa.debian.org/hmh/intel-microcode/-/blob/master/debian/README.Debian))
We recommend that you upgrade your intel-microcode packages.
For the detailed security status of intel-microcode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDXan0ACgkQEMKTtsN8
Tja9aQ//f1dHsEghQsedGnkMCIa2qLi12UFtb4yW7TYV6uwloqbYZMbymvoXYOAB
haasn+yCaGUkXuAHxcGvZuN41EkRhdG4LfS5qoZxPMsw84ETjpV2Ohwhuqwf9P20
9pqV1QLjVPCMiCqvHatkzyRNPtRhIh0uCRx5HtIeOEyKTwhVnUJrrljUXCzMDviD
3As0n0yVUPDIcJdaVxp5mxyebf1NyIYMR+7wmzTBOhK6i+rEE4NkKGkcsYBIM1ch
AdTQNHv78QZld6ixL8iCUe1NsSugZ2QjbVL1BLW45fJv3f0BIF5uo6LBzbiJlN/6
xWwOdFTfqW1ORyr0k6JQ+yKz3oSE+jfUStwf+zegWOjYes5gGaA/nATzzNwwFfCQ
qDqMmnN26qMI3MswP50ESkNs2JTK3955cIJjnscp5DeFArDuCFKh9wcqSZ46/QCE
GVRi+F/Dh3JQxv/jP8jfLhCvkBptuendGo9qK5v22QoeCRoHS16dLu7HHP34hRrw
k//EgtP35pD9eTNiIsxhmx3qTPD0gbQbcMG/5NTVtpNqsffAxYtqTy8+/4lfPkNn
AYtYrrG6tjEHe1gasLkjthB7c0YLzPLdNyZkNIk6XZ2YIhx18N80c7gTBERSJ1Sh
9lmsnX3+5GWM7Fx2NN2vL5xIEo0einMJCyTlNMRDLim2ix1vpZg=
=RVf2
-----END PGP SIGNATURE-----
|
|
var-201004-1006
|
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The vmnc.dll library lacks input checking when processing HexTile encoded video blocks. The user is tricked into opening a malformed AVI file to trigger a heap overflow, causing arbitrary code execution. Multiple VMware products are prone to a heap-based buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote Vulnerabilities) but has been assigned its own record to better document it. VMware's enterprise
software, VMware ESX Server, runs directly on server hardware
without requiring an additional underlying operating system".
from wikipedia
II.
III. Binary Analysis & Proof-fo-concept
---------------------------------------
In-depth binary analysis of the vulnerability and a PoC
have been released by VUPEN through the VUPEN Binary Analysis
& Exploits Service :
http://www.vupen.com/exploits/
V. CREDIT
--------------
The vulnerability was discovered by Sebastien Renaud of VUPEN Security
VII. ABOUT VUPEN Security
---------------------------
VUPEN is a leading IT security research company providing vulnerability
management and security intelligence solutions which enable enterprises
and institutions to eliminate vulnerabilities before they can be exploited,
ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial
services, insurance, manufacturing and technology industries rely on VUPEN
to improve their security, prioritize resources, cut time and costs, and
stay ahead of the latest threats.
* VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services/
* VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
VIII. DISCLOSURE TIMELINE
-----------------------------------
2009-09-14 - Vendor notified
2009-09-14 - Vendor response
2009-10-09 - Status update received
2009-10-27 - Status update received
2010-01-29 - Status update received
2010-03-05 - Status update received
2010-03-31 - Status update received
2010-04-09 - Coordinated public Disclosure
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2010-0007
Synopsis: VMware hosted products, vCenter Server and ESX
patches resolve multiple security issues
Issue date: 2010-04-09
Updated on: 2010-04-09 (initial release of advisory)
CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042
CVE-2009-1564 CVE-2009-1565 CVE-2009-3732
CVE-2009-3707 CVE-2010-1138 CVE-2010-1139
CVE-2010-1141
- -------------------------------------------------------------------------
1.
2.
Notes:
Effective May 2010, VMware's patch and update release program during
Extended Support will be continued with the condition that all
subsequent patch and update releases will be based on the latest
baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,
ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section
"End of Product Availability FAQs" at
http://www.vmware.com/support/policies/lifecycle/vi/faq.html for
details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan
to upgrade to at least ESX 3.0.3 and preferably to the newest
release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan
to upgrade to at least ESX 3.5 and preferably to the newest release
available.
End of General Support for VMware Workstation 6.x is 2011-04-27,
users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users
should plan to upgrade to the newest release of either ESXi or
VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users
should plan to upgrade to the newest release of vCenter Server.
3. Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
This vulnerability is present only on Windows Guest Operating
Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any not affected
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x any 2.5.4 build 246459 or later
ACE 2.6.x Windows not affected
ACE 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any 2.0.2 build 203138 or later
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.6 build 246742 or later
ESXi 4.0 ESXi ESXi400-201002402-BG
ESXi 3.5 ESXi ESXe350-200912401-T-BG or later
ESX 4.0 ESX ESX400-201002401-BG
ESX 3.5 ESX ESX350-200912401-BG
ESX 3.0.3 ESX ESX303-201002203-UG
ESX 2.5.5 ESX Upgrade Patch 15
b. This
vulnerability is present only on Windows Guest Operating Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege
escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x any 2.5.4 build 246459 or later
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion any any Mac OS/X not affected
ESXi any ESXi not applicable
ESX any ESX not applicable
e.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f. VMware Remote Console format string vulnerability
VMware Remote Console (VMrc) contains a format string vulnerability.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.x Linux not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x Windows not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any any not affected
ESX any any not affected
h. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
i. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
4. Solution
Please review the patch/release notes for your product and version
and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
--------------------------------------------------
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe
md5sum: ea2ac5907ae4c5c323147fe155443ab8
sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
------------------------
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN
Release notes:
http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: fc8502a748de3b8f94c5c9571c1f17d2
sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 6a18ea3847cb727b03f7890f5643db79
sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX
Release notes:
http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools
md5sum: a896f7aaedde8799f21b52b89f5fc9ef
sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools
md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874
sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools
md5sum: 808682eaa6b202fa29172821f7378768
sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools
md5sum: 5116e27e7b13a76693402577bd9fda58
sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
------------------------
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN
Release Notes:
http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit
Windows 32-bit and 64-bit .exe
md5sum: 2dc393fcc4e78dcf2165098a4938699a
sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX
Release Notes:
http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit
Linux 32-bit .rpm
md5sum: 9efb43a604d50e541eb3be7081b8b198
sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit
Linux 32-bit .bundle
md5sum: 38760682ad3b2f6bfb4e40f424c95c2a
sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit
Linux 64-bit .rpm
md5sum: 24311492bc515e9bc98eff9b2e7d33a2
sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit
Linux 64-bit .bundle
md5sum: ed24296705ad48442549d9cb2b3c0d8d
sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
-------------------
http://downloads.vmware.com/tryvmware/?p=player&lp=default
Release notes:
http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit
md5sum: 78c92c0242c9540f68a629d4ac49c516
sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle)
md5sum: e7cd19d39c7bbd1aee582743d76a7863
sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle)
md5sum: 88b08537c6eea705883dc1755b97738c
sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit
md5sum: 2c46fc7e2516f331eb4dd23154d00a54
sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux
md5sum: 8b0994a26363246b5e954f97bd5a088d
sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux
md5sum: ef7b9890c52b1e333f2357760a7fff85
sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
-------------------
http://downloads.vmware.com/download/player/player_reg.html
Release notes:
http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe)
md5sum: 531140a1eeed7d8b71f726b3d32a9174
sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm)
md5sum: 1905f61af490f9760bef54450747e708
sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle)
md5sum: 74f539005687a4efce7971f7ef019af5
sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm)
md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39
sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle)
md5sum: 175ce2f9656ff10a1327c0d48f80c65f
sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
----------------
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN
Release notes:
http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools
md5sum: fc8502a748de3b8f94c5c9571c1f17d2
sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools
md5sum: 6a18ea3847cb727b03f7890f5643db79
sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance
md5sum: e26d258c511572064e99774fbac9184c
sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows
md5sum: e970828f2a5a62ac108879033a70f4b6
sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9
md5sum: 59b3ad5964daef2844e72fd1765590fc
sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4
md5sum: 6623f6a8a645402a1c8c351ec99a1889
sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
----------------
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN
Release notes:
http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit
Windows 32-bit and 64-bit .exe
md5sum: 2dc393fcc4e78dcf2165098a4938699a
sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance
AMS Virtual Appliance .zip
md5sum: 3935f23d4a074e7a3429a1c80cfd2155
sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows
Windows .exe
md5sum: 1173bd7da6ed330a262ed4e2eff6562c
sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9
SLES 9 .rpm
md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208
sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4
RHEL 4 .rpm
md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5
sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
-------------------
http://www.vmware.com/download/server/
Release notes:
http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2
Version 2.0.2 | 203138 - 10/26/09
507 MB EXE image VMware Server 2 for Windows Operating Systems. A
master installer file containing all Windows components of VMware
Server.
md5sum: a6430bcc16ff7b3a29bb8da1704fc38a
sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows
Version 2.0.2 | 203138 - 10/26/09
37 MB image
md5sum: 827e65e70803ec65ade62dd27a74407a
sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems.
Version 2.0.2 | 203138 - 10/26/09
37 MB TAR image
md5sum: 95ddea5a0579a35887bd15b083ffea20
sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version.
Version 2.0.2 | 203138 - 10/26/09
452 MB RPM image
md5sum: 35c8b176601133749e4055e0034f8be6
sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version.
Version 2.0.2 | 203138 - 10/26/09
451 MB TAR image
md5sum: cc7aef813008eeb7150c21547d431b39
sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
-------------------
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302
Release notes:
http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs)
md5sum: aa17278a4a668eeb9f9467e4e3111ccc
sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)
md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896
sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
-------------------
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207
Release notes:
http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs)
md5sum: a293f5ce6ccc227760640753386e9da6
sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs)
md5sum: d4772d118fb90323f598849e70c21189
sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
----------------------------------------------
VIX API for Window 32-bit and 64-bit
Main installation file for Windows 32-bit and 64-bit host
md5sum:b494fc3092f07d0f29cc06a19fe61306
sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit
md5sum:6b0ed8872d8b714363cddc68b6a77008
sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit
md5sum:d57aa9f98058d5a386c18e14cc05bf4d
sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
---------------------------------------------
VIX API for Windows 32-bit and 64-bit
md5sum:4f21e4cb518767bc08045f5a39f5d41f
sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit
md5sum:f347e94d907c26754540d59956ee5d53
sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit
md5sum:b8a3982072d0d42c0c37dd7eb49d686c
sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
----------------------------------------------
VIX API for Windows 32-bit and 64-bit
md5sum:ac5b6e9197cb68c302bfac9ed683e3af
sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit
md5sum:07d1989d042e317eb9d2b3daf269dda7
sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit
md5sum:9b345008e0adec3c044988307294944b
sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
----
ESXi 4.0 bulletin ESXi400-201002402-BG
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip
md5sum: e5aa2968d389594abdc59cbac7b0183d
sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2
http://kb.vmware.com/kb/1018404
ESXi 3.5
--------
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in
ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in
ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also
included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update)
http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the
VI Client "C" are contained in a single offline "O" download file.
ESX
---
ESX 4.0 bulletin ESX400-201002401-BG
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip
md5sum: de62cbccaffa4b2b6831617f18c1ccb4
sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab
http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix,
ESX400-201002401-BG
To install an individual bulletin use esxupdate with the -b option.
esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip
md5sum: 99c1fcafbf0ca105ce73840d686e9914
sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb
http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix,
ESX400-200911223-UG
To install an individual bulletin use esxupdate with the -b option.
esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG
http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip
md5sum: f1d3589745b4ae933554785aef22bacc
sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47
http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG
http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip
md5sum: 49ee56b687707cbe6999836c315f081a
http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15
http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz
md5sum: c346fe510b6e51145570e03083f77357
sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4
http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
5. References
http://www.acrossecurity.com/advisories.htm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
6. Change log
2010-04-09 VMSA-2010-0007
Initial security advisory after release of Workstation 6.5.4 and Fusion
2.0.7 on 2010-04-08.
- ------------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
* security-announce at lists.vmware.com
* bugtraq at securityfocus.com
* full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center
http://www.vmware.com/security
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT
d58bjKG6Ic7m/TsoJP4M2tw=
=Q1zv
-----END PGP SIGNATURE-----
.
NOTE: Other products and versions may also be affected.
======================================================================
2) Severity
Rating: Highly critical
Impact: System access
Where: Remote
======================================================================
3) Vendor's Description of Software
"VMware Workstation makes it simple to create and run multiple virtual
machines on your desktop or laptop computer.
The vulnerability is caused by a boundary error in vmnc.dll when
processing HexTile encoded video chunks and can be exploited to cause
a heap-based buffer overflow.
======================================================================
6) Time Table
14/09/2009 - Vendor notified.
14/09/2009 - Vendor response.
09/04/2010 - Public disclosure.
======================================================================
9) About Secunia
Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
======================================================================
10) Verification
Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2009-36/
Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/
======================================================================
|
|
var-201404-0377
|
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. (DoS) An attack may be carried out. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the usage of System.arraycopy. With the usage of this method, it is possible to disable the security manager and run code as privileged. This allows a malicious applet to execute attacker-supplied code resulting in remote code execution under the context of the current user. Java SE (Java Platform Standard Edition) is used to develop and deploy Java applications on desktops, servers, and embedded devices and real-time environments; Java SE Embedded is a powerful, reliable, and portable application for embedded systems. Java platform. (CVE-2014-1876)
Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website. ============================================================================
Ubuntu Security Notice USN-2187-1
April 30, 2014
openjdk-7 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.10
Summary:
Several security issues were fixed in OpenJDK 7. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. An attacker could exploit these
to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)
A vulnerability was discovered in the OpenJDK JRE related to availability.
An attacker could exploit this to cause a denial of service.
(CVE-2014-0459)
Jakub Wilk discovered that the OpenJDK JRE incorrectly handled temporary
files. In the default installation of Ubuntu, this should be
prevented by the Yama link restrictions. (CVE-2014-1876)
Two vulnerabilities were discovered in the OpenJDK JRE related to data
integrity. (CVE-2014-2398, CVE-2014-2413)
A vulnerability was discovered in the OpenJDK JRE related to information
disclosure. An attacker could exploit this to expose sensitive data over
the network. (CVE-2014-2403)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1
openjdk-7-jre 7u55-2.4.7-1ubuntu1
openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1
openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1
openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1
Ubuntu 13.10:
icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1~0.13.10.1
openjdk-7-jre 7u55-2.4.7-1ubuntu1~0.13.10.1
openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1~0.13.10.1
openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1~0.13.10.1
openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1~0.13.10.1
Ubuntu 12.10:
icedtea-7-jre-cacao 7u55-2.4.7-1ubuntu1~0.12.10.1
icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1~0.12.10.1
openjdk-7-jre 7u55-2.4.7-1ubuntu1~0.12.10.1
openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1~0.12.10.1
openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1~0.12.10.1
openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1~0.12.10.1
This update uses a new upstream release, which includes additional bug
fixes. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory pages, listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):
973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243)
975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248)
975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253)
975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257)
975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438)
975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597)
975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601)
975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071)
975124 - CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)
975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328)
975126 - CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)
975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)
975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554)
975131 - CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038)
975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642)
975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120)
975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124)
975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330)
975138 - CVE-2013-2452 OpenJDK: Unique VMIDs (Libraries, 8001033)
975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812)
975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318)
975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703)
975146 - CVE-2013-2451 OpenJDK: exclusive port binding (Networking, 7170730)
975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034)
975757 - CVE-2013-2464 Oracle JDK: unspecified vulnerability fixed in 7u25 (2D)
975761 - CVE-2013-2468 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975764 - CVE-2013-2466 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975767 - CVE-2013-3743 Oracle JDK: unspecified vulnerability fixed in 6u51 and 5u51 (AWT)
975770 - CVE-2013-2442 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975773 - CVE-2013-2437 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
1018713 - CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)
1018717 - CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081)
1018720 - CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)
1018727 - CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)
1018736 - CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071)
1018750 - CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)
1018785 - CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071)
1018831 - CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)
1018972 - CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505)
1018984 - CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102)
1019108 - CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)
1019110 - CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)
1019113 - CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)
1019115 - CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287)
1019117 - CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)
1019118 - CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)
1019123 - CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)
1019127 - CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196)
1019130 - CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)
1019131 - CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)
1019133 - CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)
1019137 - CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)
1019139 - CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530)
1019145 - CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)
1019147 - CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)
1019176 - CVE-2013-4002 OpenJDK: XML parsing Denial of Service (JAXP, 8017298)
1019691 - CVE-2013-5824 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019693 - CVE-2013-5787 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019697 - CVE-2013-5789 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019701 - CVE-2013-5843 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)
1019702 - CVE-2013-5832 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019705 - CVE-2013-5852 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019706 - CVE-2013-5812 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019710 - CVE-2013-5801 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)
1019712 - CVE-2013-5776 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019713 - CVE-2013-5818 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019715 - CVE-2013-5819 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019716 - CVE-2013-5831 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019720 - CVE-2013-5848 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1031734 - CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)
1045561 - CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette
1051519 - CVE-2014-0428 OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)
1051528 - CVE-2014-0422 OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)
1051699 - CVE-2014-0373 OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)
1051823 - CVE-2013-5878 OpenJDK: null xmlns handling issue (Security, 8025026)
1051911 - CVE-2013-5884 OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)
1051912 - CVE-2014-0416 OpenJDK: insecure subject principals set handling (JAAS, 8024306)
1051923 - CVE-2014-0376 OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)
1052915 - CVE-2013-5907 ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)
1052919 - CVE-2014-0368 OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)
1052942 - CVE-2013-5910 OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
1053010 - CVE-2014-0411 OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)
1053066 - CVE-2014-0423 OpenJDK: XXE issue in decoder (Beans, 8023245)
1053266 - CVE-2013-5896 OpenJDK: com.sun.corba.se.
Release Date: 2014-08-19
Last Updated: 2014-08-19
Potential Security Impact: Remote unauthorized access, disclosure of
information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime
Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These
vulnerabilities could allow remote unauthorized access, disclosure of
information, and other vulnerabilities.
References:
CVE-2013-6629
CVE-2013-6954
CVE-2014-0432
CVE-2014-0446
CVE-2014-0448
CVE-2014-0449
CVE-2014-0451
CVE-2014-0452
CVE-2014-0453
CVE-2014-0454
CVE-2014-0455
CVE-2014-0456
CVE-2014-0458
CVE-2014-0459
CVE-2014-0460
CVE-2014-0461
CVE-2014-1876
CVE-2014-2397
CVE-2014-2398
CVE-2014-2401
CVE-2014-2402
CVE-2014-2403
CVE-2014-2409
CVE-2014-2412
CVE-2014-2413
CVE-2014-2414
CVE-2014-2420
CVE-2014-2421
CVE-2014-2422
CVE-2014-2423
CVE-2014-2427
CVE-2014-2428
CVE-2014-2483
CVE-2014-2490
CVE-2014-4208
CVE-2014-4209
CVE-2014-4216
CVE-2014-4218
CVE-2014-4220
CVE-2014-4221
CVE-2014-4223
CVE-2014-4244
CVE-2014-4252
CVE-2014-4262
CVE-2014-4263
CVE-2014-4264
CVE-2014-4265
CVE-2014-4266
CVE-2014-4268
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23, and B.11.31 running HP JDK and JRE v7.0.09 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2013-6629 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2013-6954 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2014-0432 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-0446 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-0448 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2014-0449 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2014-0451 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-0452 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-0453 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0
CVE-2014-0454 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-0455 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-0456 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2014-0458 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-0459 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2014-0460 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2014-0461 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-1876 (AV:L/AC:M/Au:N/C:P/I:P/A:P) 4.4
CVE-2014-2397 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-2398 (AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.5
CVE-2014-2401 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2014-2402 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-2403 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2014-2409 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2014-2412 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-2413 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2014-2414 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-2420 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2014-2421 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2014-2422 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2014-2423 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-2427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2014-2428 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2014-2483 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-2490 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-4208 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2014-4209 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2014-4216 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-4218 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2014-4220 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2014-4221 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2014-4223 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-4244 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0
CVE-2014-4252 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2014-4262 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2014-4263 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0
CVE-2014-4264 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2014-4265 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2014-4266 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0
CVE-2014-4268 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these
vulnerabilities.
The upgrade is available from the following location: http://www.hp.com/java
OS Version
Release Version
Depot Name
HP-UX B.11.23, B.11.31
JDK and JRE v7.0.10 or subsequent
Itanium_JDK_JRE_7.0.10_Aug_2014_Java70_1.7.0.10.00_HP-UX_B.11.31_IA.depot
MANUAL ACTIONS: Yes - Update
For Java v7.0 update to Java v7.0.10 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.23
HP-UX B.11.31
===========
Jdk70.JDK70-COM
Jdk70.JDK70-DEMO
Jdk70.JDK70-IPF32
Jdk70.JDK70-IPF64
Jre70.JRE70-COM
Jre70.JRE70-IPF32
Jre70.JRE70-IPF32-HS
Jre70.JRE70-IPF64
Jre70.JRE70-IPF64-HS
action: install revision 1.7.0.10.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 19 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
Note that the CVE-2014-0459 issue is in the lcms2 library, which has
been patched to correct this flaw. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFTdfckmqjQ0CJFipgRArKEAKCIiAR2WkLo3Vb0gzzQ5RDz7hQZ3gCcDC6A
5xOtKkhOvonpLXoqBiAcXWQ=
=qBk5
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: java-1.6.0-openjdk security and bug fix update
Advisory ID: RHSA-2014:0408-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0408.html
Issue date: 2014-04-16
CVE Names: CVE-2014-0429 CVE-2014-0446 CVE-2014-0451
CVE-2014-0452 CVE-2014-0453 CVE-2014-0456
CVE-2014-0457 CVE-2014-0458 CVE-2014-0460
CVE-2014-0461 CVE-2014-1876 CVE-2014-2397
CVE-2014-2398 CVE-2014-2403 CVE-2014-2412
CVE-2014-2414 CVE-2014-2421 CVE-2014-2423
CVE-2014-2427
=====================================================================
1. Summary:
Updated java-1.6.0-openjdk packages that fix various security issues and
one bug are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime
Environment and the OpenJDK 6 Java Software Development Kit.
An input validation flaw was discovered in the medialib library in the 2D
component. A specially crafted image could trigger Java Virtual Machine
memory corruption when processed.
(CVE-2014-0429)
Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK.
An untrusted Java application or applet could use these flaws to trigger
Java Virtual Machine memory corruption and possibly bypass Java sandbox
restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421)
Multiple improper permission check issues were discovered in the Libraries
component in OpenJDK. An untrusted Java application or applet could use
these flaws to bypass Java sandbox restrictions. (CVE-2014-0457,
CVE-2014-0461)
Multiple improper permission check issues were discovered in the AWT,
JAX-WS, JAXB, Libraries, and Sound components in OpenJDK. An untrusted Java
application or applet could use these flaws to bypass certain Java sandbox
restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423,
CVE-2014-0452, CVE-2014-2414, CVE-2014-0446, CVE-2014-2427)
Multiple flaws were identified in the Java Naming and Directory Interface
(JNDI) DNS client. These flaws could make it easier for a remote attacker
to perform DNS spoofing attacks. (CVE-2014-0460)
It was discovered that the JAXP component did not properly prevent access
to arbitrary files when a SecurityManager was present. This flaw could
cause a Java application using JAXP to leak sensitive information, or
affect application availability. (CVE-2014-2403)
It was discovered that the Security component in OpenJDK could leak some
timing information when performing PKCS#1 unpadding. This could possibly
lead to the disclosure of some information that was meant to be protected
by encryption. (CVE-2014-0453)
It was discovered that the fix for CVE-2013-5797 did not properly resolve
input sanitization flaws in javadoc. When javadoc documentation was
generated from an untrusted Java source code and hosted on a domain not
controlled by the code author, these issues could make it easier to perform
cross-site scripting (XSS) attacks. (CVE-2014-2398)
An insecure temporary file use flaw was found in the way the unpack200
utility created log files. A local attacker could possibly use this flaw to
perform a symbolic link attack and overwrite arbitrary files with the
privileges of the user running unpack200. (CVE-2014-1876)
This update also fixes the following bug:
* The OpenJDK update to IcedTea version 1.13 introduced a regression
related to the handling of the jdk_version_info variable. This variable was
not properly zeroed out before being passed to the Java Virtual Machine,
resulting in a memory leak in the java.lang.ref.Finalizer class.
This update fixes this issue, and memory leaks no longer occur.
(BZ#1085373)
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1060907 - CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)
1085373 - java.lang.ref.Finalizer leak when upgrading from 1.62 to 1.66
1086632 - CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)
1086645 - CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766)
1087409 - CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)
1087411 - CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)
1087413 - CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858)
1087417 - CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854)
1087423 - CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926)
1087426 - CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)
1087427 - CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010)
1087428 - CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)
1087430 - CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)
1087431 - CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)
1087434 - CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)
1087436 - CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)
1087439 - CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740)
1087441 - CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)
1087442 - CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)
1087443 - CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2014-0429.html
https://www.redhat.com/security/data/cve/CVE-2014-0446.html
https://www.redhat.com/security/data/cve/CVE-2014-0451.html
https://www.redhat.com/security/data/cve/CVE-2014-0452.html
https://www.redhat.com/security/data/cve/CVE-2014-0453.html
https://www.redhat.com/security/data/cve/CVE-2014-0456.html
https://www.redhat.com/security/data/cve/CVE-2014-0457.html
https://www.redhat.com/security/data/cve/CVE-2014-0458.html
https://www.redhat.com/security/data/cve/CVE-2014-0460.html
https://www.redhat.com/security/data/cve/CVE-2014-0461.html
https://www.redhat.com/security/data/cve/CVE-2014-1876.html
https://www.redhat.com/security/data/cve/CVE-2014-2397.html
https://www.redhat.com/security/data/cve/CVE-2014-2398.html
https://www.redhat.com/security/data/cve/CVE-2014-2403.html
https://www.redhat.com/security/data/cve/CVE-2014-2412.html
https://www.redhat.com/security/data/cve/CVE-2014-2414.html
https://www.redhat.com/security/data/cve/CVE-2014-2421.html
https://www.redhat.com/security/data/cve/CVE-2014-2423.html
https://www.redhat.com/security/data/cve/CVE-2014-2427.html
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTTm2zXlSAg2UNWIIRAkZ8AJ4tQFSY3KSdfOiDJA5KJWO9IJa1BACeMLJ6
PQHHIgiQ5K7Q4/GEJAHNU94=
=9aj6
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|