|
var-202308-3129
|
D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20079. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
|
var-202308-3114
|
D-Link DAP-2622 DDP Reset Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20057. D-Link DAP-2622 is a wireless router from D-Link, a Chinese company |
|
var-202308-3113
|
D-Link DAP-2622 DDP Configuration Backup Server Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20067. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
|
var-202308-3105
|
D-Link DAP-2622 DDP Reset Factory Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20058. D-Link DAP-2622 is a wireless router from D-Link, a Chinese company |
|
var-202008-1238
|
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. runc is a CLI (command line interface) tool for building and running containers according to the OCI specification. Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x
3. Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.
Security Fix(es):
* bind: truncated TSIG response can lead to an assertion failure
(CVE-2020-8622)
* bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted
automatically. Bugs fixed (https://bugzilla.redhat.com/):
1869473 - CVE-2020-8622 bind: truncated TSIG response can lead to an assertion failure
1869477 - CVE-2020-8623 bind: remotely triggerable assertion failure in pk11.c
6. Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6):
Source:
bind-9.9.4-74.el7_6.5.src.rpm
noarch:
bind-license-9.9.4-74.el7_6.5.noarch.rpm
x86_64:
bind-debuginfo-9.9.4-74.el7_6.5.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm
bind-libs-9.9.4-74.el7_6.5.i686.rpm
bind-libs-9.9.4-74.el7_6.5.x86_64.rpm
bind-libs-lite-9.9.4-74.el7_6.5.i686.rpm
bind-libs-lite-9.9.4-74.el7_6.5.x86_64.rpm
bind-utils-9.9.4-74.el7_6.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6):
x86_64:
bind-9.9.4-74.el7_6.5.x86_64.rpm
bind-chroot-9.9.4-74.el7_6.5.x86_64.rpm
bind-debuginfo-9.9.4-74.el7_6.5.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm
bind-devel-9.9.4-74.el7_6.5.i686.rpm
bind-devel-9.9.4-74.el7_6.5.x86_64.rpm
bind-lite-devel-9.9.4-74.el7_6.5.i686.rpm
bind-lite-devel-9.9.4-74.el7_6.5.x86_64.rpm
bind-pkcs11-9.9.4-74.el7_6.5.x86_64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.i686.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.x86_64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.i686.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.x86_64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.5.x86_64.rpm
bind-sdb-9.9.4-74.el7_6.5.x86_64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.5.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.6):
Source:
bind-9.9.4-74.el7_6.5.src.rpm
noarch:
bind-license-9.9.4-74.el7_6.5.noarch.rpm
ppc64:
bind-9.9.4-74.el7_6.5.ppc64.rpm
bind-chroot-9.9.4-74.el7_6.5.ppc64.rpm
bind-debuginfo-9.9.4-74.el7_6.5.ppc.rpm
bind-debuginfo-9.9.4-74.el7_6.5.ppc64.rpm
bind-libs-9.9.4-74.el7_6.5.ppc.rpm
bind-libs-9.9.4-74.el7_6.5.ppc64.rpm
bind-libs-lite-9.9.4-74.el7_6.5.ppc.rpm
bind-libs-lite-9.9.4-74.el7_6.5.ppc64.rpm
bind-utils-9.9.4-74.el7_6.5.ppc64.rpm
ppc64le:
bind-9.9.4-74.el7_6.5.ppc64le.rpm
bind-chroot-9.9.4-74.el7_6.5.ppc64le.rpm
bind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm
bind-libs-9.9.4-74.el7_6.5.ppc64le.rpm
bind-libs-lite-9.9.4-74.el7_6.5.ppc64le.rpm
bind-pkcs11-9.9.4-74.el7_6.5.ppc64le.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64le.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64le.rpm
bind-utils-9.9.4-74.el7_6.5.ppc64le.rpm
s390x:
bind-9.9.4-74.el7_6.5.s390x.rpm
bind-chroot-9.9.4-74.el7_6.5.s390x.rpm
bind-debuginfo-9.9.4-74.el7_6.5.s390.rpm
bind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm
bind-libs-9.9.4-74.el7_6.5.s390.rpm
bind-libs-9.9.4-74.el7_6.5.s390x.rpm
bind-libs-lite-9.9.4-74.el7_6.5.s390.rpm
bind-libs-lite-9.9.4-74.el7_6.5.s390x.rpm
bind-utils-9.9.4-74.el7_6.5.s390x.rpm
x86_64:
bind-9.9.4-74.el7_6.5.x86_64.rpm
bind-chroot-9.9.4-74.el7_6.5.x86_64.rpm
bind-debuginfo-9.9.4-74.el7_6.5.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm
bind-libs-9.9.4-74.el7_6.5.i686.rpm
bind-libs-9.9.4-74.el7_6.5.x86_64.rpm
bind-libs-lite-9.9.4-74.el7_6.5.i686.rpm
bind-libs-lite-9.9.4-74.el7_6.5.x86_64.rpm
bind-pkcs11-9.9.4-74.el7_6.5.x86_64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.i686.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.x86_64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.5.x86_64.rpm
bind-utils-9.9.4-74.el7_6.5.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source:
bind-9.9.4-74.el7_6.5.src.rpm
aarch64:
bind-9.9.4-74.el7_6.5.aarch64.rpm
bind-chroot-9.9.4-74.el7_6.5.aarch64.rpm
bind-debuginfo-9.9.4-74.el7_6.5.aarch64.rpm
bind-libs-9.9.4-74.el7_6.5.aarch64.rpm
bind-libs-lite-9.9.4-74.el7_6.5.aarch64.rpm
bind-pkcs11-9.9.4-74.el7_6.5.aarch64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.aarch64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.5.aarch64.rpm
bind-utils-9.9.4-74.el7_6.5.aarch64.rpm
noarch:
bind-license-9.9.4-74.el7_6.5.noarch.rpm
ppc64le:
bind-9.9.4-74.el7_6.5.ppc64le.rpm
bind-chroot-9.9.4-74.el7_6.5.ppc64le.rpm
bind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm
bind-libs-9.9.4-74.el7_6.5.ppc64le.rpm
bind-libs-lite-9.9.4-74.el7_6.5.ppc64le.rpm
bind-pkcs11-9.9.4-74.el7_6.5.ppc64le.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64le.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64le.rpm
bind-utils-9.9.4-74.el7_6.5.ppc64le.rpm
s390x:
bind-9.9.4-74.el7_6.5.s390x.rpm
bind-chroot-9.9.4-74.el7_6.5.s390x.rpm
bind-debuginfo-9.9.4-74.el7_6.5.s390.rpm
bind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm
bind-libs-9.9.4-74.el7_6.5.s390.rpm
bind-libs-9.9.4-74.el7_6.5.s390x.rpm
bind-libs-lite-9.9.4-74.el7_6.5.s390.rpm
bind-libs-lite-9.9.4-74.el7_6.5.s390x.rpm
bind-utils-9.9.4-74.el7_6.5.s390x.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.6):
ppc64:
bind-debuginfo-9.9.4-74.el7_6.5.ppc.rpm
bind-debuginfo-9.9.4-74.el7_6.5.ppc64.rpm
bind-devel-9.9.4-74.el7_6.5.ppc.rpm
bind-devel-9.9.4-74.el7_6.5.ppc64.rpm
bind-lite-devel-9.9.4-74.el7_6.5.ppc.rpm
bind-lite-devel-9.9.4-74.el7_6.5.ppc64.rpm
bind-pkcs11-9.9.4-74.el7_6.5.ppc64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.ppc.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.ppc64.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.ppc.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64.rpm
bind-sdb-9.9.4-74.el7_6.5.ppc64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.5.ppc64.rpm
ppc64le:
bind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm
bind-devel-9.9.4-74.el7_6.5.ppc64le.rpm
bind-lite-devel-9.9.4-74.el7_6.5.ppc64le.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.ppc64le.rpm
bind-sdb-9.9.4-74.el7_6.5.ppc64le.rpm
bind-sdb-chroot-9.9.4-74.el7_6.5.ppc64le.rpm
s390x:
bind-debuginfo-9.9.4-74.el7_6.5.s390.rpm
bind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm
bind-devel-9.9.4-74.el7_6.5.s390.rpm
bind-devel-9.9.4-74.el7_6.5.s390x.rpm
bind-lite-devel-9.9.4-74.el7_6.5.s390.rpm
bind-lite-devel-9.9.4-74.el7_6.5.s390x.rpm
bind-pkcs11-9.9.4-74.el7_6.5.s390x.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.s390.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.s390x.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.s390.rpm
bind-pkcs11-libs-9.9.4-74.el7_6.5.s390x.rpm
bind-pkcs11-utils-9.9.4-74.el7_6.5.s390x.rpm
bind-sdb-9.9.4-74.el7_6.5.s390x.rpm
bind-sdb-chroot-9.9.4-74.el7_6.5.s390x.rpm
x86_64:
bind-debuginfo-9.9.4-74.el7_6.5.i686.rpm
bind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm
bind-devel-9.9.4-74.el7_6.5.i686.rpm
bind-devel-9.9.4-74.el7_6.5.x86_64.rpm
bind-lite-devel-9.9.4-74.el7_6.5.i686.rpm
bind-lite-devel-9.9.4-74.el7_6.5.x86_64.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.i686.rpm
bind-pkcs11-devel-9.9.4-74.el7_6.5.x86_64.rpm
bind-sdb-9.9.4-74.el7_6.5.x86_64.rpm
bind-sdb-chroot-9.9.4-74.el7_6.5.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:5633-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5633
Issue date: 2021-02-24
CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461
CVE-2018-14462 CVE-2018-14463 CVE-2018-14464
CVE-2018-14465 CVE-2018-14466 CVE-2018-14467
CVE-2018-14468 CVE-2018-14469 CVE-2018-14470
CVE-2018-14553 CVE-2018-14879 CVE-2018-14880
CVE-2018-14881 CVE-2018-14882 CVE-2018-16227
CVE-2018-16228 CVE-2018-16229 CVE-2018-16230
CVE-2018-16300 CVE-2018-16451 CVE-2018-16452
CVE-2018-20843 CVE-2019-3884 CVE-2019-5018
CVE-2019-6977 CVE-2019-6978 CVE-2019-8625
CVE-2019-8710 CVE-2019-8720 CVE-2019-8743
CVE-2019-8764 CVE-2019-8766 CVE-2019-8769
CVE-2019-8771 CVE-2019-8782 CVE-2019-8783
CVE-2019-8808 CVE-2019-8811 CVE-2019-8812
CVE-2019-8813 CVE-2019-8814 CVE-2019-8815
CVE-2019-8816 CVE-2019-8819 CVE-2019-8820
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-9455 CVE-2019-9458
CVE-2019-11068 CVE-2019-12614 CVE-2019-13050
CVE-2019-13225 CVE-2019-13627 CVE-2019-14889
CVE-2019-15165 CVE-2019-15166 CVE-2019-15903
CVE-2019-15917 CVE-2019-15925 CVE-2019-16167
CVE-2019-16168 CVE-2019-16231 CVE-2019-16233
CVE-2019-16935 CVE-2019-17450 CVE-2019-17546
CVE-2019-18197 CVE-2019-18808 CVE-2019-18809
CVE-2019-19046 CVE-2019-19056 CVE-2019-19062
CVE-2019-19063 CVE-2019-19068 CVE-2019-19072
CVE-2019-19221 CVE-2019-19319 CVE-2019-19332
CVE-2019-19447 CVE-2019-19524 CVE-2019-19533
CVE-2019-19537 CVE-2019-19543 CVE-2019-19602
CVE-2019-19767 CVE-2019-19770 CVE-2019-19906
CVE-2019-19956 CVE-2019-20054 CVE-2019-20218
CVE-2019-20386 CVE-2019-20387 CVE-2019-20388
CVE-2019-20454 CVE-2019-20636 CVE-2019-20807
CVE-2019-20812 CVE-2019-20907 CVE-2019-20916
CVE-2020-0305 CVE-2020-0444 CVE-2020-1716
CVE-2020-1730 CVE-2020-1751 CVE-2020-1752
CVE-2020-1971 CVE-2020-2574 CVE-2020-2752
CVE-2020-2922 CVE-2020-3862 CVE-2020-3864
CVE-2020-3865 CVE-2020-3867 CVE-2020-3868
CVE-2020-3885 CVE-2020-3894 CVE-2020-3895
CVE-2020-3897 CVE-2020-3898 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-6405 CVE-2020-7595 CVE-2020-7774
CVE-2020-8177 CVE-2020-8492 CVE-2020-8563
CVE-2020-8566 CVE-2020-8619 CVE-2020-8622
CVE-2020-8623 CVE-2020-8624 CVE-2020-8647
CVE-2020-8648 CVE-2020-8649 CVE-2020-9327
CVE-2020-9802 CVE-2020-9803 CVE-2020-9805
CVE-2020-9806 CVE-2020-9807 CVE-2020-9843
CVE-2020-9850 CVE-2020-9862 CVE-2020-9893
CVE-2020-9894 CVE-2020-9895 CVE-2020-9915
CVE-2020-9925 CVE-2020-10018 CVE-2020-10029
CVE-2020-10732 CVE-2020-10749 CVE-2020-10751
CVE-2020-10763 CVE-2020-10773 CVE-2020-10774
CVE-2020-10942 CVE-2020-11565 CVE-2020-11668
CVE-2020-11793 CVE-2020-12465 CVE-2020-12655
CVE-2020-12659 CVE-2020-12770 CVE-2020-12826
CVE-2020-13249 CVE-2020-13630 CVE-2020-13631
CVE-2020-13632 CVE-2020-14019 CVE-2020-14040
CVE-2020-14381 CVE-2020-14382 CVE-2020-14391
CVE-2020-14422 CVE-2020-15157 CVE-2020-15503
CVE-2020-15862 CVE-2020-15999 CVE-2020-16166
CVE-2020-24490 CVE-2020-24659 CVE-2020-25211
CVE-2020-25641 CVE-2020-25658 CVE-2020-25661
CVE-2020-25662 CVE-2020-25681 CVE-2020-25682
CVE-2020-25683 CVE-2020-25684 CVE-2020-25685
CVE-2020-25686 CVE-2020-25687 CVE-2020-25694
CVE-2020-25696 CVE-2020-26160 CVE-2020-27813
CVE-2020-27846 CVE-2020-28362 CVE-2020-29652
CVE-2021-2007 CVE-2021-3121
=====================================================================
1. Summary:
Red Hat OpenShift Container Platform release 4.7.0 is now available.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.7.0. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2020:5634
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel
ease-notes.html
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64
The image digest is
sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-s390x
The image digest is
sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le
The image digest is
sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6
All OpenShift Container Platform 4.7 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -between-minor.html#understanding-upgrade-channels_updating-cluster-between
- -minor.
Security Fix(es):
* crewjam/saml: authentication bypass in saml authentication
(CVE-2020-27846)
* golang: crypto/ssh: crafted authentication request can lead to nil
pointer dereference (CVE-2020-29652)
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index
validation (CVE-2021-3121)
* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)
* kubernetes: Secret leaks in kube-controller-manager when using vSphere
Provider (CVE-2020-8563)
* containernetworking/plugins: IPv6 router advertisements allow for MitM
attacks on IPv4 clusters (CVE-2020-10749)
* heketi: gluster-block volume password details available in logs
(CVE-2020-10763)
* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)
* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)
* golang-github-gorilla-websocket: integer overflow leads to denial of
service (CVE-2020-27813)
* golang: math/big: panic during recursive division of very large numbers
(CVE-2020-28362)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
For OpenShift Container Platform 4.7, see the following documentation,
which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel
ease-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
- -cli.html.
4. Bugs fixed (https://bugzilla.redhat.com/):
1620608 - Restoring deployment config with history leads to weird state
1752220 - [OVN] Network Policy fails to work when project label gets overwritten
1756096 - Local storage operator should implement must-gather spec
1756173 - /etc/udev/rules.d/66-azure-storage.rules missing from initramfs
1768255 - installer reports 100% complete but failing components
1770017 - Init containers restart when the exited container is removed from node.
1775057 - [MSTR-485] Cluster is abnormal after etcd backup/restore when the backup is conducted during etcd encryption is migrating
1775444 - RFE: k8s cpu manager does not restrict /usr/bin/pod cpuset
1777038 - Cluster scaled beyond host subnet limits does not fire alert or cleanly report why it cannot scale
1777224 - InfraID in metadata.json and .openshift_install_state.json is not consistent when repeating `create` commands
1784298 - "Displaying with reduced resolution due to large dataset." would show under some conditions
1785399 - Under condition of heavy pod creation, creation fails with 'error reserving pod name ...: name is reserved"
1797766 - Resource Requirements" specDescriptor fields - CPU and Memory injects empty string YAML editor
1801089 - [OVN] Installation failed and monitoring pod not created due to some network error.
1805025 - [OSP] Machine status doesn't become "Failed" when creating a machine with invalid image
1805639 - Machine status should be "Failed" when creating a machine with invalid machine configuration
1806000 - CRI-O failing with: error reserving ctr name
1806915 - openshift-service-ca: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be
1806917 - openshift-service-ca-operator: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be
1810438 - Installation logs are not gathered from OCP nodes
1812085 - kubernetes-networking-namespace-pods dashboard doesn't exist
1812412 - Monitoring Dashboard: on restricted cluster, query timed out in expression evaluation
1813012 - EtcdDiscoveryDomain no longer needed
1813949 - openshift-install doesn't use env variables for OS_* for some of API endpoints
1816812 - OpenShift test suites are not resilient to rate limited registries (like docker.io) and cannot control their dependencies for offline use
1819053 - loading OpenAPI spec for "v1beta1.metrics.k8s.io" failed with: OpenAPI spec does not exist
1819457 - Package Server is in 'Cannot update' status despite properly working
1820141 - [RFE] deploy qemu-quest-agent on the nodes
1822744 - OCS Installation CI test flaking
1824038 - Integration Tests: StaleElementReferenceError in OLM single-installmode scenario
1825892 - StorageClasses and PVs are not cleaned completely after running the csi verification tool
1826301 - Wrong NodeStatus reports in file-integrity scan when configuration error in aide.conf file
1829723 - User workload monitoring alerts fire out of the box
1832968 - oc adm catalog mirror does not mirror the index image itself
1833012 - Lower OVNKubernetes HTTP E/W performance compared with OpenShiftSDN
1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
1834995 - olmFull suite always fails once th suite is run on the same cluster
1836017 - vSphere UPI: Both Internal and External load balancers for kube-apiserver should use /readyz
1837953 - Replacing masters doesn't work for ovn-kubernetes 4.4
1838352 - OperatorExited, Pending marketplace-operator-... pod for several weeks
1838751 - [oVirt][Tracker] Re-enable skipped network tests
1839239 - csi-snapshot-controller flickers Degraded=True on etcd hiccups
1840759 - [aws-ebs-csi-driver] The volume created by aws ebs csi driver can not be deleted when the cluster is destroyed
1841039 - authentication-operator: Add e2e test for password grants to Keycloak being set as OIDC IdP
1841119 - Get rid of config patches and pass flags directly to kcm
1841175 - When an Install Plan gets deleted, OLM does not create a new one
1841381 - Issue with memoryMB validation
1841885 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option
1844727 - Etcd container leaves grep and lsof zombie processes
1845387 - CVE-2020-10763 heketi: gluster-block volume password details available in logs
1847074 - Filter bar layout issues at some screen widths on search page
1848358 - CRDs with preserveUnknownFields:true don't reflect in status that they are non-structural
1849543 - [4.5]kubeletconfig's description will show multiple lines for finalizers when upgrade from 4.4.8->4.5
1851103 - Use of NetworkManager-wait-online.service in rhcos-growpart.service
1851203 - [GSS] [RFE] Need a simpler representation of capactiy breakdown in total usage and per project breakdown in OCS 4 dashboard
1851351 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing
1851693 - The `oc apply` should return errors instead of hanging there when failing to create the CRD
1852289 - Upgrade testsuite fails on ppc64le environment - Unsupported LoadBalancer service
1853115 - the restriction of --cloud option should be shown in help text.
1853116 - `--to` option does not work with `--credentials-requests` flag.
1853352 - [v2v][UI] Storage Class fields Should Not be empty in VM disks view
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854567 - "Installed Operators" list showing "duplicated" entries during installation
1855325 - [Feature:Prometheus][Conformance] Prometheus when installed on the cluster [Top Level] [Feature:Prometheus][Conformance] Prometheus when installed on the cluster should report telemetry if a cloud.openshift.com token is present
1855351 - Inconsistent Installer reactions to Ctrl-C during user input process
1855408 - OVN cluster unstable after running minimal scale test
1856351 - Build page should show metrics for when the build ran, not the last 30 minutes
1856354 - New APIServices missing from OpenAPI definitions
1857446 - ARO/Azure: excessive pod memory allocation causes node lockup
1857877 - Operator upgrades can delete existing CSV before completion
1858578 - [v2v] [ui] VM import RHV to CNV Target VM Name longer than 63 chars should not be allowed
1859174 - [IPI][OSP] Having errors from 4.3 to 4.6 about Security group rule already created
1860136 - default ingress does not propagate annotations to route object on update
1860322 - [OCPv4.5.2] after unexpected shutdown one of RHV Hypervisors, OCP worker nodes machine are marked as "Failed"
1860518 - unable to stop a crio pod
1861383 - Route with `haproxy.router.openshift.io/timeout: 365d` kills the ingress controller
1862430 - LSO: PV creation lock should not be acquired in a loop
1862489 - LSO autoprovisioning should exclude top level disks that are part of LVM volume group.
1862608 - Virtual media does not work on hosts using BIOS, only UEFI
1862918 - [v2v] User should only select SRIOV network when importin vm with SRIOV network
1865743 - Some pods are stuck in ContainerCreating and some sdn pods are in CrashLoopBackOff
1865839 - rpm-ostree fails with "System transaction in progress" when moving to kernel-rt
1866043 - Configurable table column headers can be illegible
1866087 - Examining agones helm chart resources results in "Oh no!"
1866261 - Need to indicate the intentional behavior for Ansible in the `create api` help info
1866298 - [RHOCS Usability Study][Installation] Labeling the namespace should be a part of the installation flow or be clearer as a requirement
1866320 - [RHOCS Usability Study][Dashboard] Users were confused by Available Capacity and the Total Capacity
1866334 - [RHOCS Usability Study][Installation] On the Operator installation page, there’s no indication on which labels offer tooltip/help
1866340 - [RHOCS Usability Study][Dashboard] It was not clear why “No persistent storage alerts” was prominently displayed
1866343 - [RHOCS Usability Study][Dashboard] User wanted to know the time frame for Data Consumption, e.g I/O Operations
1866445 - kola --basic-qemu-scenarios scenario fail on ppc64le & s390x
1866482 - Few errors are seen when oc adm must-gather is run
1866605 - No metadata.generation set for build and buildconfig objects
1866873 - MCDDrainError "Drain failed on , updates may be blocked" missing rendered node name
1866901 - Deployment strategy for BMO allows multiple pods to run at the same time
1866925 - openshift-install destroy cluster should fail quickly when provided with invalid credentials on Azure.
1867165 - Cannot assign static address to baremetal install bootstrap vm
1867380 - When using webhooks in OCP 4.5 fails to rollout latest deploymentconfig
1867400 - [OCs 4.5]UI should not allow creation of second storagecluster of different mode in a single OCS
1867477 - HPA monitoring cpu utilization fails for deployments which have init containers
1867518 - [oc] oc should not print so many goroutines when ANY command fails
1867608 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster
1867965 - OpenShift Console Deployment Edit overwrites deployment yaml
1868004 - opm index add appears to produce image with wrong registry server binary
1868065 - oc -o jsonpath prints possible warning / bug "Unable to decode server response into a Table"
1868104 - Baremetal actuator should not delete Machine objects
1868125 - opm index add is not creating an index with valid images when --permissive flag is added, the index is empty instead
1868384 - CLI does not save login credentials as expected when using the same username in multiple clusters
1868527 - OpenShift Storage using VMWare vSAN receives error "Failed to add disk 'scsi0:2'" when mounted pod is created on separate node
1868645 - After a disaster recovery pods a stuck in "NodeAffinity" state and not running
1868748 - ClusterProvisioningIP in baremetal platform has wrong JSON annotation
1868765 - [vsphere][ci] could not reserve an IP address: no available addresses
1868770 - catalogSource named "redhat-operators" deleted in a disconnected cluster
1868976 - Prometheus error opening query log file on EBS backed PVC
1869293 - The configmap name looks confusing in aide-ds pod logs
1869606 - crio's failing to delete a network namespace
1870337 - [sig-storage] Managed cluster should have no crashlooping recycler pods over four minutes
1870342 - [sig-scheduling] SchedulerPredicates [Serial] validates resource limits of pods that are allowed to run [Conformance]
1870373 - Ingress Operator reports available when DNS fails to provision
1870467 - D/DC Part of Helm / Operator Backed should not have HPA
1870728 - openshift-install creates expired ignition files from stale .openshift_install_state.json
1870800 - [4.6] Managed Column not appearing on Pods Details page
1871170 - e2e tests are needed to validate the functionality of the etcdctl container
1872001 - EtcdDiscoveryDomain no longer needed
1872095 - content are expanded to the whole line when only one column in table on Resource Details page
1872124 - Could not choose device type as "disk" or "part" when create localvolumeset from web console
1872128 - Can't run container with hostPort on ipv6 cluster
1872166 - 'Silences' link redirects to unexpected 'Alerts' view after creating a silence in the Developer perspective
1872251 - [aws-ebs-csi-driver] Verify job in CI doesn't check for vendor dir sanity
1872786 - Rules in kube-apiserver.rules are taking too long and consuming too much memory for Prometheus to evaluate them
1872821 - [DOC] Typo in Ansible Operator Tutorial
1872907 - Fail to create CR from generated Helm Base Operator
1872923 - Click "Cancel" button on the "initialization-resource" creation form page should send users to the "Operator details" page instead of "Install Operator" page (previous page)
1873007 - [downstream] failed to read config when running the operator-sdk in the home path
1873030 - Subscriptions without any candidate operators should cause resolution to fail
1873043 - Bump to latest available 1.19.x k8s
1873114 - Nodes goes into NotReady state (VMware)
1873288 - Changing Cluster-Wide Pull Secret Does Not Trigger Updates In Kubelet Filesystem
1873305 - Failed to power on /inspect node when using Redfish protocol
1873326 - Accessibility - The symbols e.g checkmark in the overview page has no text description, label, or other accessible information
1873480 - Accessibility - No text description, alt text, label, or other accessible information associated with the help icon: “?” button/icon in Developer Console ->Navigation
1873556 - [Openstack] HTTP_PROXY setting for NetworkManager-resolv-prepender not working
1873593 - MCO fails to cope with ContainerRuntimeConfig thas has a name > 63 characters
1874057 - Pod stuck in CreateContainerError - error msg="container_linux.go:348: starting container process caused \"chdir to cwd (\\\"/mount-point\\\") set in config.json failed: permission denied\""
1874074 - [CNV] Windows 2019 Default Template Not Defaulting to Proper NIC/Storage Driver
1874192 - [RFE] "Create Backing Store" page doesn't allow to select already defined k8s secret as target bucket credentials when Google Cloud Storage is selected as a provider
1874240 - [vsphere] unable to deprovision - Runtime error list attached objects
1874248 - Include validation for vcenter host in the install-config
1874340 - vmware: NodeClockNotSynchronising alert is triggered in openshift cluster after upgrading form 4.4.16 to 4.5.6
1874583 - apiserver tries and fails to log an event when shutting down
1874584 - add retry for etcd errors in kube-apiserver
1874638 - Missing logging for nbctl daemon
1874736 - [downstream] no version info for the helm-operator
1874901 - add utm_source parameter to Red Hat Marketplace URLs for attribution
1874968 - Accessibility: The project selection drop down is a keyboard trap
1875247 - Dependency resolution error "found more than one head for channel" is unhelpful for users
1875516 - disabled scheduling is easy to miss in node page of OCP console
1875598 - machine status is Running for a master node which has been terminated from the console
1875806 - When creating a service of type "LoadBalancer" (Kuryr,OVN) communication through this loadbalancer failes after 2-5 minutes.
1876166 - need to be able to disable kube-apiserver connectivity checks
1876469 - Invalid doc link on yaml template schema description
1876701 - podCount specDescriptor change doesn't take effect on operand details page
1876815 - Installer uses the environment variable OS_CLOUD for manifest generation despite explicit prompt
1876935 - AWS volume snapshot is not deleted after the cluster is destroyed
1877071 - vSphere IPI - Nameserver limits were exceeded, some nameservers have been omitted
1877105 - add redfish to enabled_bios_interfaces
1877116 - e2e aws calico tests fail with `rpc error: code = ResourceExhausted`
1877273 - [OVN] EgressIP cannot fail over to available nodes after one egressIP node shutdown
1877648 - [sriov]VF from allocatable and capacity of node is incorrect when the policy is only 'rootDevices'
1877681 - Manually created PV can not be used
1877693 - dnsrecords specify recordTTL as 30 but the value is null in AWS Route 53
1877740 - RHCOS unable to get ip address during first boot
1877812 - [ROKS] IBM cloud failed to terminate OSDs when upgraded between internal builds of OCS 4.5
1877919 - panic in multus-admission-controller
1877924 - Cannot set BIOS config using Redfish with Dell iDracs
1878022 - Met imagestreamimport error when import the whole image repository
1878086 - OCP 4.6+OCS 4.6(multiple SC) Internal Mode- UI should populate the default "Filesystem Name" instead of providing a textbox, & the name should be validated
1878301 - [4.6] [UI] Unschedulable used to always be displayed when Node is Ready status
1878701 - After deleting and recreating a VM with same name, the VM events contain the events from the old VM
1878766 - CPU consumption on nodes is higher than the CPU count of the node.
1878772 - On the nodes there are up to 547 zombie processes caused by thanos and Prometheus.
1878823 - "oc adm release mirror" generating incomplete imageContentSources when using "--to" and "--to-release-image"
1878845 - 4.5 to 4.6.rc.4 upgrade failure: authentication operator health check connection refused for multitenant mode
1878900 - Installer complains about not enough vcpu for the baremetal flavor where generic bm flavor is being used
1878953 - RBAC error shows when normal user access pvc upload page
1878956 - `oc api-resources` does not include API version
1878972 - oc adm release mirror removes the architecture information
1879013 - [RFE]Improve CD-ROM interface selection
1879056 - UI should allow to change or unset the evictionStrategy
1879057 - [CSI Certificate Test] Test failed for CSI certification tests for CSIdriver openshift-storage.rbd.csi.ceph.com with RWX enabled
1879094 - RHCOS dhcp kernel parameters not working as expected
1879099 - Extra reboot during 4.5 -> 4.6 upgrade
1879244 - Error adding container to network "ipvlan-host-local": "master" field is required
1879248 - OLM Cert Dir for Webhooks does not align SDK/Kubebuilder
1879282 - Update OLM references to point to the OLM's new doc site
1879283 - panic after nil pointer dereference in pkg/daemon/update.go
1879365 - Overlapping, divergent openshift-cluster-storage-operator manifests
1879419 - [RFE]Improve boot source description for 'Container' and ‘URL’
1879430 - openshift-object-counts quota is not dynamically updating as the resource is deleted.
1879565 - IPv6 installation fails on node-valid-hostname
1879777 - Overlapping, divergent openshift-machine-api namespace manifests
1879878 - Messages flooded in thanos-querier pod- oauth-proxy container: Authorization header does not start with 'Basic', skipping basic authentication in Log message in thanos-querier pod the oauth-proxy
1879930 - Annotations shouldn't be removed during object reconciliation
1879976 - No other channel visible from console
1880068 - image pruner is not aware of image policy annotation, StatefulSets, etc.
1880148 - dns daemonset rolls out slowly in large clusters
1880161 - Actuator Update calls should have fixed retry time
1880259 - additional network + OVN network installation failed
1880389 - Pipeline Runs with skipped Tasks incorrectly show Tasks as "Failed"
1880410 - Convert Pipeline Visualization node to SVG
1880417 - [vmware] Fail to boot with Secure Boot enabled, kernel lockdown denies iopl access to afterburn
1880443 - broken machine pool management on OpenStack
1880450 - Host failed to install because its installation stage joined took longer than expected 20m0s.
1880473 - IBM Cloudpak operators installation stuck "UpgradePending" with InstallPlan status updates failing due to size limitation
1880680 - [4.3] [Tigera plugin] - openshift-kube-proxy fails - Failed to execute iptables-restore: exit status 4 (iptables-restore v1.8.4 (nf_tables)
1880785 - CredentialsRequest missing description in `oc explain`
1880787 - No description for Provisioning CRD for `oc explain`
1880902 - need dnsPlocy set in crd ingresscontrollers
1880913 - [DeScheduler] - change loglevel from Info to Error when priority class given in the descheduler params is not present in the cluster
1881027 - Cluster installation fails at with error : the container name \"assisted-installer\" is already in use
1881046 - [OSP] openstack-cinder-csi-driver-operator doesn't contain required manifests and assets
1881155 - operator install authentication: Authentication require functional ingress which requires at least one schedulable and ready node
1881268 - Image uploading failed but wizard claim the source is available
1881322 - kube-scheduler not scheduling pods for certificates not renewed automatically after nodes restoration
1881347 - [v2v][ui]VM Import Wizard does not call Import provider cleanup
1881881 - unable to specify target port manually resulting in application not reachable
1881898 - misalignment of sub-title in quick start headers
1882022 - [vsphere][ipi] directory path is incomplete, terraform can't find the cluster
1882057 - Not able to select access modes for snapshot and clone
1882140 - No description for spec.kubeletConfig
1882176 - Master recovery instructions don't handle IP change well
1882191 - Installation fails against external resources which lack DNS Subject Alternative Name
1882209 - [ BateMetal IPI ] local coredns resolution not working
1882210 - [release 4.7] insights-operator: Fix bug in reflector not recovering from "Too large resource version"
1882268 - [e2e][automation]Add Integration Test for Snapshots
1882361 - Retrieve and expose the latest report for the cluster
1882485 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use
1882556 - git:// protocol in origin tests is not currently proxied
1882569 - CNO: Replacing masters doesn't work for ovn-kubernetes 4.4
1882608 - Spot instance not getting created on AzureGovCloud
1882630 - Fstype is changed after deleting pv provisioned by localvolumeset instance
1882649 - IPI installer labels all images it uploads into glance as qcow2
1882653 - The Approval should display the Manual after the APPROVAL changed to Manual from the Automatic
1882658 - [RFE] Volume Snapshot is not listed under inventory in Project Details page
1882660 - Operators in a namespace should be installed together when approve one
1882667 - [ovn] br-ex Link not found when scale up RHEL worker
1882723 - [vsphere]Suggested mimimum value for providerspec not working
1882730 - z systems not reporting correct core count in recording rule
1882750 - [sig-api-machinery][Feature:APIServer][Late] kubelet terminates kube-apiserver gracefully
1882781 - nameserver= option to dracut creates extra NM connection profile
1882785 - Multi-Arch CI Jobs destroy libvirt network but occasionally leave it defined
1882844 - [IPI on vsphere] Executing 'openshift-installer destroy cluster' leaves installer tag categories in vsphere
1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability
1883388 - Bare Metal Hosts Details page doesn't show Mainitenance and Power On/Off status
1883422 - operator-sdk cleanup fail after installing operator with "run bundle" without installmode and og with ownnamespace
1883425 - Gather top installplans and their count
1883502 - Logging is broken due to mix of k8s.io/klog v1 and v2
1883523 - [sig-cli] oc adm must-gather runs successfully for audit logs [Suite:openshift/conformance/parallel]
1883538 - must gather report "cannot file manila/aws ebs/ovirt csi related namespaces and objects" error
1883560 - operator-registry image needs clean up in /tmp
1883563 - Creating duplicate namespace from create namespace modal breaks the UI
1883614 - [OCP 4.6] [UI] UI should not describe power cycle as "graceful"
1883642 - [sig-imageregistry][Feature:ImageTriggers][Serial] ImageStream admission TestImageStreamAdmitSpecUpdate
1883660 - e2e-metal-ipi CI job consistently failing on 4.4
1883765 - [user workload monitoring] improve latency of Thanos sidecar when streaming read requests
1883766 - [e2e][automation] Adjust tests for UI changes
1883768 - [user workload monitoring] The Prometheus operator should discard invalid TLS configurations
1883773 - opm alpha bundle build fails on win10 home
1883790 - revert "force cert rotation every couple days for development" in 4.7
1883803 - node pull secret feature is not working as expected
1883836 - Jenkins imagestream ubi8 and nodejs12 update
1883847 - The UI does not show checkbox for enable encryption at rest for OCS
1883853 - go list -m all does not work
1883905 - race condition in opm index add --overwrite-latest
1883946 - Understand why trident CSI pods are getting deleted by OCP
1884035 - Pods are illegally transitioning back to pending
1884041 - e2e should provide error info when minimum number of pods aren't ready in kube-system namespace
1884131 - oauth-proxy repository should run tests
1884165 - Repos should be disabled in -firstboot.service before OS extensions are applied
1884221 - IO becomes unhealthy due to a file change
1884258 - Node network alerts should work on ratio rather than absolute values
1884270 - Git clone does not support SCP-style ssh locations
1884334 - CVO marks an upgrade as failed when an operator takes more than 20 minutes to rollout
1884435 - vsphere - loopback is randomly not being added to resolver
1884565 - oauth-proxy crashes on invalid usage
1884584 - Kuryr controller continuously restarting due to unable to clean up Network Policy
1884613 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users
1884628 - ovs-configuration service fails when the external network is configured on a tagged vlan on top of a bond device on a baremetal IPI deployment
1884629 - Visusally impaired user using screen reader not able to select Admin/Developer console options in drop down menu.
1884632 - Adding BYOK disk encryption through DES
1884654 - Utilization of a VMI is not populated
1884655 - KeyError on self._existing_vifs[port_id]
1884664 - Operator install page shows "installing..." instead of going to install status page
1884672 - Failed to inspect hardware. Reason: unable to start inspection: 'idrac'
1884691 - Installer blocks cloud-credential-operator manual mode on GCP and Azure
1884724 - Quick Start: Serverless quickstart doesn't match Operator install steps
1884739 - Node process segfaulted
1884824 - Update baremetal-operator libraries to k8s 1.19
1885002 - network kube-rbac-proxy scripts crashloop rather than non-crash looping
1885138 - Wrong detection of pending state in VM details
1885151 - [Cloud Team - Cluster API Provider Azure] Logging is broken due to mix of k8s.io/klog v1 and v2
1885165 - NoRunningOvnMaster alert falsely triggered
1885170 - Nil pointer when verifying images
1885173 - [e2e][automation] Add test for next run configuration feature
1885179 - oc image append fails on push (uploading a new layer)
1885213 - Vertical Pod Autoscaler (VPA) not working with DeploymentConfig
1885218 - [e2e][automation] Add virtctl to gating script
1885223 - Sync with upstream (fix panicking cluster-capacity binary)
1885235 - Prometheus: Logging is broken due to mix of k8s.io/klog v1 and v2
1885241 - kube-rbac-proxy: Logging is broken due to mix of k8s.io/klog v1 and v2
1885243 - prometheus-adapter: Logging is broken due to mix of k8s.io/klog v1 and v2
1885244 - prometheus-operator: Logging is broken due to mix of k8s.io/klog v1 and v2
1885246 - cluster-monitoring-operator: Logging is broken due to mix of k8s.io/klog v1 and v2
1885249 - openshift-state-metrics: Logging is broken due to mix of k8s.io/klog v1 and v2
1885308 - Supermicro nodes failed to boot via disk during installation when using IPMI and UEFI
1885315 - unit tests fail on slow disks
1885319 - Remove redundant use of group and kind of DataVolumeTemplate
1885343 - Console doesn't load in iOS Safari when using self-signed certificates
1885344 - 4.7 upgrade - dummy bug for 1880591
1885358 - add p&f configuration to protect openshift traffic
1885365 - MCO does not respect the install section of systemd files when enabling
1885376 - failed to initialize the cluster: Cluster operator marketplace is still updating
1885398 - CSV with only Webhook conversion can't be installed
1885403 - Some OLM events hide the underlying errors
1885414 - Need to disable HTX when not using HTTP/2 in order to preserve HTTP header name case
1885425 - opm index add cannot batch add multiple bundles that use skips
1885543 - node tuning operator builds and installs an unsigned RPM
1885644 - Panic output due to timeouts in openshift-apiserver
1885676 - [OCP 4.7]UI should fallback to minimal deployment only after total CPU < 30 || totalMemory < 72 GiB for initial deployment
1885702 - Cypress: Fix 'aria-hidden-focus' accesibility violations
1885706 - Cypress: Fix 'link-name' accesibility violation
1885761 - DNS fails to resolve in some pods
1885856 - Missing registry v1 protocol usage metric on telemetry
1885864 - Stalld service crashed under the worker node
1885930 - [release 4.7] Collect ServiceAccount statistics
1885940 - kuryr/demo image ping not working
1886007 - upgrade test with service type load balancer will never work
1886022 - Move range allocations to CRD's
1886028 - [BM][IPI] Failed to delete node after scale down
1886111 - UpdatingopenshiftStateMetricsFailed: DeploymentRollout of openshift-monitoring/openshift-state-metrics: got 1 unavailable replicas
1886134 - Need to set GODEBUG=x509ignoreCN=0 in initrd
1886154 - System roles are not present while trying to create new role binding through web console
1886166 - 1885517 Clone - Not needed for 4.7 - upgrade from 4.5->4.6 causes broadcast storm
1886168 - Remove Terminal Option for Windows Nodes
1886200 - greenwave / CVP is failing on bundle validations, cannot stage push
1886229 - Multipath support for RHCOS sysroot
1886294 - Unable to schedule a pod due to Insufficient ephemeral-storage
1886327 - Attempt to add a worker using bad roodDeviceHint: bmh and machine become Provisioned, no error in status
1886353 - [e2e][automation] kubevirt-gating job fails for a missing virtctl URL
1886397 - Move object-enum to console-shared
1886423 - New Affinities don't contain ID until saving
1886435 - Azure UPI uses deprecated command 'group deployment'
1886449 - p&f: add configuration to protect oauth server traffic
1886452 - layout options doesn't gets selected style on click i.e grey background
1886462 - IO doesn't recognize namespaces - 2 resources with the same name in 2 namespaces -> only 1 gets collected
1886488 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest
1886524 - Change default terminal command for Windows Pods
1886553 - i/o timeout experienced from build02 when targeting CI test cluster during test execution
1886600 - panic: assignment to entry in nil map
1886620 - Application behind service load balancer with PDB is not disrupted
1886627 - Kube-apiserver pods restarting/reinitializing periodically
1886635 - CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider
1886636 - Panic in machine-config-operator
1886749 - Removing network policy from namespace causes inability to access pods through loadbalancer.
1886751 - Gather MachineConfigPools
1886766 - PVC dropdown has 'Persistent Volume' Label
1886834 - ovn-cert is mandatory in both master and node daemonsets
1886848 - [OSP] machine instance-state annotation discrepancy with providerStatus.instanceState
1886861 - ordered-values.yaml not honored if values.schema.json provided
1886871 - Neutron ports created for hostNetworking pods
1886890 - Overwrite jenkins-agent-base imagestream
1886900 - Cluster-version operator fills logs with "Manifest: ..." spew
1886922 - [sig-network] pods should successfully create sandboxes by getting pod
1886973 - Local storage operator doesn't include correctly populate LocalVolumeDiscoveryResult in console
1886977 - [v2v]Incorrect VM Provider type displayed in UI while importing VMs through VMIO
1887010 - Imagepruner met error "Job has reached the specified backoff limit" which causes image registry degraded
1887026 - FC volume attach fails with “no fc disk found” error on OCP 4.6 PowerVM cluster
1887040 - [upgrade] ovs pod crash for rhel worker when upgarde from 4.5 to 4.6
1887046 - Event for LSO need update to avoid confusion
1887088 - cluster-node-tuning-operator refers to missing cluster-node-tuned image
1887375 - User should be able to specify volumeMode when creating pvc from web-console
1887380 - Unsupported access mode should not be available to select when creating pvc by aws-ebs-csi-driver(gp2-csi) from web-console
1887392 - openshift-apiserver: delegated authn/z should have ttl > metrics/healthz/readyz/openapi interval
1887428 - oauth-apiserver service should be monitored by prometheus
1887441 - ingress misconfiguration may break authentication but ingress operator keeps reporting "degraded: False"
1887454 - [sig-storage] In-tree Volumes [Driver: azure-disk] [Testpattern: Dynamic PV (ext4)] volumes should store data
1887456 - It is impossible to attach the default NIC to a bridge with the latest version of OVN Kubernetes
1887465 - Deleted project is still referenced
1887472 - unable to edit application group for KSVC via gestures (shift+Drag)
1887488 - OCP 4.6: Topology Manager OpenShift E2E test fails: gu workload attached to SRIOV networks should let resource-aligned PODs have working SRIOV network interface
1887509 - Openshift-tests conformance TopologyManager tests run when Machine Config Operator is not installed on cluster
1887525 - Failures to set master HardwareDetails cannot easily be debugged
1887545 - 4.5 to 4.6 upgrade fails when external network is configured on a bond device: ovs-configuration service fails and node becomes unreachable
1887585 - ovn-masters stuck in crashloop after scale test
1887651 - [Internal Mode] Object gateway (RGW) in unknown state after OCP upgrade.
1887737 - Test TestImageRegistryRemovedWithImages is failing on e2e-vsphere-operator
1887740 - cannot install descheduler operator after uninstalling it
1887745 - API server is throwing 5xx error code for 42.11% of requests for LIST events
1887750 - `oc explain localvolumediscovery` returns empty description
1887751 - `oc explain localvolumediscoveryresult` returns empty description
1887778 - Add ContainerRuntimeConfig gatherer
1887783 - PVC upload cannot continue after approve the certificate
1887797 - [CNV][V2V] Default network type is bridge for interface bound to POD network in VMWare migration wizard
1887799 - User workload monitoring prometheus-config-reloader OOM
1887850 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install test is flaky
1887863 - Installer panics on invalid flavor
1887864 - Clean up dependencies to avoid invalid scan flagging
1887934 - TestForwardedHeaderPolicyAppend, TestForwardedHeaderPolicyReplace, and TestForwardedHeaderPolicyIfNone consistently fail because of case-sensitive comparison
1887936 - Kube-scheduler should be able to parse v1beta1 KubeSchedulerConfig
1888015 - workaround kubelet graceful termination of static pods bug
1888028 - prevent extra cycle in aggregated apiservers
1888036 - Operator details shows old CRD versions
1888041 - non-terminating pods are going from running to pending
1888072 - Setting Supermicro node to PXE boot via Redfish doesn't take affect
1888073 - Operator controller continuously busy looping
1888118 - Memory requests not specified for image registry operator
1888150 - Install Operand Form on OperatorHub is displaying unformatted text
1888172 - PR 209 didn't update the sample archive, but machineset and pdbs are now namespaced
1888227 - Failed to deploy some of container image on the recent OCP 4.6 nightly build
1888292 - Fix CVE-2015-7501 affecting agent-maven-3.5
1888311 - p&f: make SAR traffic from oauth and openshift apiserver exempt
1888363 - namespaces crash in dev
1888378 - [IPI on Azure] errors destroying cluster when Azure resource group was never created
1888381 - instance:node_network_receive_bytes_excluding_lo:rate1m value twice expected
1888464 - installer missing permission definitions for TagResources and UntagResources when installing in existing VPC
1888494 - imagepruner pod is error when image registry storage is not configured
1888565 - [OSP] machine-config-daemon-firstboot.service failed with "error reading osImageURL from rpm-ostree"
1888595 - cluster-policy-controller logs shows error which reads initial monitor sync has error
1888601 - The poddisruptionbudgets is using the operator service account, instead of gather
1888657 - oc doesn't know its name
1888663 - sdn starts after kube-apiserver, delay readyz until oauth-apiserver is reachable
1888671 - Document the Cloud Provider's ignore-volume-az setting
1888738 - quay.io/openshift/origin-must-gather:latest is not a multi-arch, manifest-list image
1888763 - at least one of these parameters (Vendor, DeviceID or PfNames) has to be defined in nicSelector in CR %s", cr.GetName()
1888827 - ovnkube-master may segfault when trying to add IPs to a nil address set
1888861 - need to pass dual-stack service CIDRs to kube-apiserver in dual-stack cluster
1888866 - AggregatedAPIDown permanently firing after removing APIService
1888870 - JS error when using autocomplete in YAML editor
1888874 - hover message are not shown for some properties
1888900 - align plugins versions
1888985 - Cypress: Fix 'Ensures buttons have discernible text' accesibility violation
1889213 - The error message of uploading failure is not clear enough
1889267 - Increase the time out for creating template and upload image in the terraform
1889348 - Project link should be removed from Application Details page, since it is inaccurate (Application Stages)
1889374 - Kiali feature won't work on fresh 4.6 cluster
1889388 - ListBundles returns incorrect replaces/skips when bundles have been added via semver-skippatch mode
1889420 - OCP failed to add vsphere disk when pod moved to new node during cluster upgrade
1889515 - Accessibility - The symbols e.g checkmark in the Node > overview page has no text description, label, or other accessible information
1889529 - [Init-CR annotation] Inline alert shows operand instance was needed still appearing after creating an Operand instance
1889540 - [4.5 upgrade][alert]CloudCredentialOperatorDown
1889577 - Resources are not shown on project workloads page
1889620 - [Azure] - Machineset not scaling when publicIP:true in disconnected Azure enviroment
1889630 - Scheduling disabled popovers are missing for Node status in Node Overview and Details pages
1889692 - Selected Capacity is showing wrong size
1889694 - usbguard fails to install as RHCOS extension due to missing libprotobuf.so.15
1889698 - When the user clicked cancel at the Create Storage Class confirmation dialog all the data from the Local volume set goes off
1889710 - Prometheus metrics on disk take more space compared to OCP 4.5
1889721 - opm index add semver-skippatch mode does not respect prerelease versions
1889724 - When LocalVolumeDiscovery CR is created form the LSO page User doesn't see the Disk tab
1889767 - [vsphere] Remove certificate from upi-installer image
1889779 - error when destroying a vSphere installation that failed early
1889787 - OCP is flooding the oVirt engine with auth errors
1889838 - race in Operator update after fix from bz1888073
1889852 - support new AWS regions ap-east-1, af-south-1, eu-south-1
1889863 - Router prints incorrect log message for namespace label selector
1889891 - Backport timecache LRU fix
1889912 - Drains can cause high CPU usage
1889921 - Reported Degraded=False Available=False pair does not make sense
1889928 - [e2e][automation] Add more tests for golden os
1889943 - EgressNetworkPolicy does not work when setting Allow rule to a dnsName
1890038 - Infrastructure status.platform not migrated to status.platformStatus causes warnings
1890074 - MCO extension kernel-headers is invalid
1890104 - with Serverless 1.10 version of trigger/subscription/channel/IMC is V1 as latest
1890130 - multitenant mode consistently fails CI
1890141 - move off docker.io images for build/image-eco/templates/jenkins e2e
1890145 - The mismatched of font size for Status Ready and Health Check secondary text
1890180 - FieldDependency x-descriptor doesn't support non-sibling fields
1890182 - DaemonSet with existing owner garbage collected
1890228 - AWS: destroy stuck on route53 hosted zone not found
1890235 - e2e: update Protractor's checkErrors logging
1890250 - workers may fail to join the cluster during an update from 4.5
1890256 - Replacing a master node on a baremetal IPI deployment gets stuck when deleting the machine of the unhealthy member
1890270 - External IP doesn't work if the IP address is not assigned to a node
1890361 - s390x: Generate new ostree rpm with fix for rootfs immutability
1890456 - [vsphere] mapi_instance_create_failed doesn't work on vsphere
1890467 - unable to edit an application without a service
1890472 - [Kuryr] Bulk port creation exception not completely formatted
1890494 - Error assigning Egress IP on GCP
1890530 - cluster-policy-controller doesn't gracefully terminate
1890630 - [Kuryr] Available port count not correctly calculated for alerts
1890671 - [SA] verify-image-signature using service account does not work
1890677 - 'oc image info' claims 'does not exist' for application/vnd.oci.image.manifest.v1+json manifest
1890808 - New etcd alerts need to be added to the monitoring stack
1890951 - Mirror of multiarch images together with cluster logging case problems. It doesn't sync the "overall" sha it syncs only the sub arch sha.
1890984 - Rename operator-webhook-config to sriov-operator-webhook-config
1890995 - wew-app should provide more insight into why image deployment failed
1891023 - ovn-kubernetes rbac proxy never starts waiting for an incorrect API call
1891047 - Helm chart fails to install using developer console because of TLS certificate error
1891068 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't report any alerts in firing state apart from Watchdog and AlertmanagerReceiversNotConfigured [Early] failing due to TargetDown alert from kube-scheduler
1891080 - [LSO] When Localvolumeset and SC is already created before OCS install Creation of LVD and LVS is skipped when user click created storage cluster from UI
1891108 - p&f: Increase the concurrency share of workload-low priority level
1891143 - CVO deadlocked while shutting down, shortly after fresh cluster install (metrics goroutine)
1891189 - [LSO] max device limit is accepting negative values. PVC is not getting created and no error is shown
1891314 - Display incompatible helm charts for installation (kubeVersion of cluster doesn't meet requirements of chart)
1891362 - Wrong metrics count for openshift_build_result_total
1891368 - fync should be fsync for etcdHighFsyncDurations alert's annotations.message
1891374 - fync should be fsync for etcdHighFsyncDurations critical alert's annotations.message
1891376 - Extra text in Cluster Utilization charts
1891419 - Wrong detail head on network policy detail page.
1891459 - Snapshot tests should report stderr of failed commands
1891498 - Other machine config pools do not show during update
1891543 - OpenShift 4.6/OSP install fails when node flavor has less than 25GB, even with dedicated storage
1891551 - Clusterautoscaler doesn't scale up as expected
1891552 - Handle missing labels as empty.
1891555 - The windows oc.exe binary does not have version metadata
1891559 - kuryr-cni cannot start new thread
1891614 - [mlx] testpmd fails inside OpenShift pod using DevX version 19.11
1891625 - [Release 4.7] Mutable LoadBalancer Scope
1891702 - installer get pending when additionalTrustBundle is added into install-config.yaml
1891716 - OVN cluster upgrade from 4.6.1 to 4.7 fails
1891740 - OperatorStatusChanged is noisy
1891758 - the authentication operator may spam DeploymentUpdated event endlessly
1891759 - Dockerfile builds cannot change /etc/pki/ca-trust
1891816 - [UPI] [OSP] control-plane.yml provisioning playbook fails on OSP 16.1
1891825 - Error message not very informative in case of mode mismatch
1891898 - The ClusterServiceVersion can define Webhooks that cannot be created.
1891951 - UI should show warning while creating pools with compression on
1891952 - [Release 4.7] Apps Domain Enhancement
1891993 - 4.5 to 4.6 upgrade doesn't remove deployments created by marketplace
1891995 - OperatorHub displaying old content
1891999 - Storage efficiency card showing wrong compression ratio
1892004 - OCP 4.6 opm on Ubuntu 18.04.4 - error /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.28' not found (required by ./opm)
1892167 - [SR-IOV] SriovNetworkNodePolicies apply ignoring the spec.nodeSelector.
1892198 - TypeError in 'Performance Profile' tab displayed for 'Performance Addon Operator'
1892288 - assisted install workflow creates excessive control-plane disruption
1892338 - HAProxyReloadFail alert only briefly fires in the event of a broken HAProxy config
1892358 - [e2e][automation] update feature gate for kubevirt-gating job
1892376 - Deleted netnamespace could not be re-created
1892390 - TestOverwrite/OverwriteBundle/DefaultBehavior in operator-registry is flaky
1892393 - TestListPackages is flaky
1892448 - MCDPivotError alert/metric missing
1892457 - NTO-shipped stalld needs to use FIFO for boosting.
1892467 - linuxptp-daemon crash
1892521 - [AWS] Startup bootstrap machine failed due to ignition file is missing in disconnected UPI env
1892653 - User is unable to create KafkaSource with v1beta
1892724 - VFS added to the list of devices of the nodeptpdevice CRD
1892799 - Mounting additionalTrustBundle in the operator
1893117 - Maintenance mode on vSphere blocks installation.
1893351 - TLS secrets are not able to edit on console.
1893362 - The ovs-xxxxx_openshift-sdn container does not terminate gracefully, slowing down reboots
1893386 - false-positive ReadyIngressNodes_NoReadyIngressNodes: Auth operator makes risky "worker" assumption when guessing about ingress availability
1893546 - Deploy using virtual media fails on node cleaning step
1893601 - overview filesystem utilization of OCP is showing the wrong values
1893645 - oc describe route SIGSEGV
1893648 - Ironic image building process is not compatible with UEFI secure boot
1893724 - OperatorHub generates incorrect RBAC
1893739 - Force deletion doesn't work for snapshots if snapshotclass is already deleted
1893776 - No useful metrics for image pull time available, making debugging issues there impossible
1893798 - Lots of error messages starting with "get namespace to enqueue Alertmanager instances failed" in the logs of prometheus-operator
1893832 - ErrorCount field is missing in baremetalhosts.metal3.io CRD
1893889 - disabled dropdown items in the pf dropdown component are skipped over and unannounced by JAWS
1893926 - Some "Dynamic PV (block volmode)" pattern storage e2e tests are wrongly skipped
1893944 - Wrong product name for Multicloud Object Gateway
1893953 - (release-4.7) Gather default StatefulSet configs
1893956 - Installation always fails at "failed to initialize the cluster: Cluster operator image-registry is still updating"
1893963 - [Testday] Workloads-> Virtualization is not loading for Firefox browser
1893972 - Should skip e2e test cases as early as possible
1894013 - [v2v][Testday] VMware to CNV VM import]VMware URL: It is not clear that only the FQDN/IP address is required without 'https://'
1894020 - User with edit users cannot deploy images from their own namespace from the developer perspective
1894025 - OCP 4.5 to 4.6 upgrade for "aws-ebs-csi-driver-operator" fails when "defaultNodeSelector" is set
1894041 - [v2v][[Testday]VM import from VMware/RHV] VM import wizard: The target storage class name is not displayed if default storage class is used.
1894065 - tag new packages to enable TLS support
1894110 - Console shows wrong value for maxUnavailable and maxSurge when set to 0
1894144 - CI runs of baremetal IPI are failing due to newer libvirt libraries
1894146 - ironic-api used by metal3 is over provisioned and consumes a lot of RAM
1894194 - KuryrPorts leftovers from 4.6 GA need to be deleted
1894210 - Failed to encrypt OSDs on OCS4.6 installation (via UI)
1894216 - Improve OpenShift Web Console availability
1894275 - Fix CRO owners file to reflect node owner
1894278 - "database is locked" error when adding bundle to index image
1894330 - upgrade channels needs to be updated for 4.7
1894342 - oauth-apiserver logs many "[SHOULD NOT HAPPEN] failed to update managedFields for ... OAuthClient ... no corresponding type for oauth.openshift.io/v1, Kind=OAuthClient"
1894374 - Dont prevent the user from uploading a file with incorrect extension
1894432 - [oVirt] sometimes installer timeout on tmp_import_vm
1894477 - bash syntax error in nodeip-configuration.service
1894503 - add automated test for Polarion CNV-5045
1894519 - [OSP] External mode cluster creation disabled for Openstack and oVirt platform
1894539 - [on-prem] Unable to deploy additional machinesets on separate subnets
1894645 - Cinder volume provisioning crashes on nil cloud provider
1894677 - image-pruner job is panicking: klog stack
1894810 - Remove TechPreview Badge from Eventing in Serverless version 1.11.0
1894860 - 'backend' CI job passing despite failing tests
1894910 - Update the node to use the real-time kernel fails
1894992 - All nightly jobs for e2e-metal-ipi failing due to ipa image missing tenacity package
1895065 - Schema / Samples / Snippets Tabs are all selected at the same time
1895099 - vsphere-upi and vsphere-upi-serial jobs time out waiting for bootstrap to complete in CI
1895141 - panic in service-ca injector
1895147 - Remove memory limits on openshift-dns
1895169 - VM Template does not properly manage Mount Windows guest tools check box during VM creation
1895268 - The bundleAPIs should NOT be empty
1895309 - [OCP v47] The RHEL node scaleup fails due to "No package matching 'cri-o-1.19.*' found available" on OCP 4.7 cluster
1895329 - The infra index filled with warnings "WARNING: kubernetes.io/cinder built-in volume provider is now deprecated. The Cinder volume provider is deprecated and will be removed in a future release"
1895360 - Machine Config Daemon removes a file although its defined in the dropin
1895367 - Missing image in metadata DB index.db in disconnected Operator Hub installation. OCP 4.6.1
1895372 - Web console going blank after selecting any operator to install from OperatorHub
1895385 - Revert KUBELET_LOG_LEVEL back to level 3
1895423 - unable to edit an application with a custom builder image
1895430 - unable to edit custom template application
1895509 - Backup taken on one master cannot be restored on other masters
1895537 - [sig-imageregistry][Feature:ImageExtract] Image extract should extract content from an image
1895838 - oc explain description contains '/'
1895908 - "virtio" option is not available when modifying a CD-ROM to disk type
1895909 - e2e-metal-ipi-ovn-dualstack is failing
1895919 - NTO fails to load kernel modules
1895959 - configuring webhook token authentication should prevent cluster upgrades
1895979 - Unable to get coreos-installer with --copy-network to work
1896101 - [cnv][automation] Added negative tests for migration from VMWare and RHV
1896160 - CI: Some cluster operators are not ready: marketplace (missing: Degraded)
1896188 - [sig-cli] oc debug deployment configs from a build: local-busybox-1-build not completed
1896218 - Occasional GCP install failures: Error setting IAM policy for project ...: googleapi: Error 400: Service account ... does not exist., badRequest
1896229 - Current Rate of Bytes Received and Current Rate of Bytes Transmitted data can not be loaded
1896244 - Found a panic in storage e2e test
1896296 - Git links should avoid .git as part of the URL and should not link git:// urls in general
1896302 - [e2e][automation] Fix 4.6 test failures
1896365 - [Migration]The SDN migration cannot revert under some conditions
1896384 - [ovirt IPI]: local coredns resolution not working
1896446 - Git clone from private repository fails after upgrade OCP 4.5 to 4.6
1896529 - Incorrect instructions in the Serverless operator and application quick starts
1896645 - documentationBaseURL needs to be updated for 4.7
1896697 - [Descheduler] policy.yaml param in cluster configmap is empty
1896704 - Machine API components should honour cluster wide proxy settings
1896732 - "Attach to Virtual Machine OS" button should not be visible on old clusters
1896866 - File /etc/NetworkManager/system-connections/default_connection.nmconnection is incompatible with SR-IOV operator
1896898 - ovs-configuration.service fails when multiple IPv6 default routes are provided via RAs over the same interface and deployment bootstrap fails
1896918 - start creating new-style Secrets for AWS
1896923 - DNS pod /metrics exposed on anonymous http port
1896977 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters
1897003 - VNC console cannot be connected after visit it in new window
1897008 - Cypress: reenable check for 'aria-hidden-focus' rule & checkA11y test for modals
1897026 - [Migration] With updating optional network operator configuration, migration stucks on MCO
1897039 - router pod keeps printing log: template "msg"="router reloaded" "output"="[WARNING] 316/065823 (15) : parsing [/var/lib/haproxy/conf/haproxy.config:52]: option 'http-use-htx' is deprecated and ignored
1897050 - [IBM Power] LocalVolumeSet provisions boot partition as PV.
1897073 - [OCP 4.5] wrong netid assigned to Openshift projects/namespaces
1897138 - oVirt provider uses depricated cluster-api project
1897142 - When scaling replicas to zero, Octavia loadbalancer pool members are not updated accordingly
1897252 - Firing alerts are not showing up in console UI after cluster is up for some time
1897354 - Operator installation showing success, but Provided APIs are missing
1897361 - The MCO GCP-OP tests fail consistently on containerruntime tests with "connection refused"
1897412 - [sriov]disableDrain did not be updated in CRD of manifest
1897423 - Max unavailable and Max surge value are not shown on Deployment Config Details page
1897516 - Baremetal IPI deployment with IPv6 control plane fails when the nodes obtain both SLAAC and DHCPv6 addresses as they set their hostname to 'localhost'
1897520 - After restarting nodes the image-registry co is in degraded true state.
1897584 - Add casc plugins
1897603 - Cinder volume attachment detection failure in Kubelet
1897604 - Machine API deployment fails: Kube-Controller-Manager can't reach API: "Unauthorized"
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1897641 - Baremetal IPI with IPv6 control plane: nodes respond with duplicate packets to ICMP6 echo requests
1897676 - [CI] [Azure] [UPI] CI failing since 4.6 changes in ignition
1897830 - [GSS] Unable to deploy OCS 4.5.2 on OCP 4.6.1, cannot `Create OCS Cluster Service`
1897891 - [RFE][v2v][UI][CNV VM import] Providing error message or/and block migration when vddk-init-image is missing
1897897 - ptp lose sync openshift 4.6
1898036 - no network after reboot (IPI)
1898045 - AWS EBS CSI Driver can not get updated cloud credential secret automatically
1898097 - mDNS floods the baremetal network
1898118 - Lack of logs on some image stream tests make hard to find root cause of a problem
1898134 - Descheduler logs show absolute values instead of percentage when LowNodeUtilization strategy is applied
1898159 - kcm operator shall pass --allocate-node-cidrs=false to kcm for ovn-kube and openshift-sdn cluster
1898174 - [OVN] EgressIP does not guard against node IP assignment
1898194 - GCP: can't install on custom machine types
1898238 - Installer validations allow same floating IP for API and Ingress
1898268 - [OVN]: `make check` broken on 4.6
1898289 - E2E test: Use KUBEADM_PASSWORD_FILE by default
1898320 - Incorrect Apostrophe Translation of "it's" in Scheduling Disabled Popover
1898357 - Within the operatorhub details view, long unbroken text strings do not wrap cause breaking display.
1898407 - [Deployment timing regression] Deployment takes longer with 4.7
1898417 - GCP: the dns targets in Google Cloud DNS is not updated after recreating loadbalancer service
1898487 - [oVirt] Node is not removed when VM has been removed from oVirt engine
1898500 - Failure to upgrade operator when a Service is included in a Bundle
1898517 - Ironic auto-discovery may result in rogue nodes registered in ironic
1898532 - Display names defined in specDescriptors not respected
1898580 - When adding more than one node selector to the sriovnetworknodepolicy, the cni and the device plugin pods are constantly rebooted
1898613 - Whereabouts should exclude IPv6 ranges
1898655 - [oVirt] Node deleted in oVirt should cause the Machine to go into a Failed phase
1898679 - Operand creation form - Required "type: object" properties (Accordion component) are missing red asterisk
1898680 - CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability
1898745 - installation failing with CVO reporting openshift-samples not rolled out, samples not setting versions in its ClusterOperator
1898839 - Wrong YAML in operator metadata
1898851 - Multiple Pods access the same volume on the same node e2e test cases are missed from aws ebs csi driver e2e test job
1898873 - Remove TechPreview Badge from Monitoring
1898954 - Backup script does not take /etc/kubernetes/static-pod-resources on a reliable way
1899111 - [RFE] Update jenkins-maven-agen to maven36
1899128 - VMI details screen -> show the warning that it is preferable to have a VM only if the VM actually does not exist
1899175 - bump the RHCOS boot images for 4.7
1899198 - Use new packages for ipa ramdisks
1899200 - In Installed Operators page I cannot search for an Operator by it's name
1899220 - Support AWS IMDSv2
1899350 - configure-ovs.sh doesn't configure bonding options
1899433 - When Creating OCS from ocs wizard Step Discover Disks shows Error "An error occurred Not Found"
1899459 - Failed to start monitoring pods once the operator removed from override list of CVO
1899515 - Passthrough credentials are not immediately re-distributed on update
1899575 - update discovery burst to reflect lots of CRDs on openshift clusters
1899582 - update discovery burst to reflect lots of CRDs on openshift clusters
1899588 - Operator objects are re-created after all other associated resources have been deleted
1899600 - Increased etcd fsync latency as of OCP 4.6
1899603 - workers-rhel7 CI jobs failing: Failed to remove rollback: error running rpm-ostree cleanup
1899627 - Project dashboard Active status using small icon
1899725 - Pods table does not wrap well with quick start sidebar open
1899746 - [ovn] error while waiting on flows for pod: OVS sandbox port is no longer active (probably due to a subsequent CNI ADD)
1899760 - etcd_request_duration_seconds_bucket metric has excessive cardinality
1899835 - catalog-operator repeatedly crashes with "runtime error: index out of range [0] with length 0"
1899839 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap
1899853 - additionalSecurityGroupIDs not working for master nodes
1899922 - NP changes sometimes influence new pods.
1899949 - [Platform] Remove restriction on disk type selection for LocalVolumeSet
1900008 - Fix internationalized sentence fragments in ImageSearch.tsx
1900010 - Fix internationalized sentence fragments in BuildImageSelector.tsx
1900020 - Remove ' from internationalized keys
1900022 - Search Page - Top labels field is not applied to selected Pipeline resources
1900030 - disruption_tests: [sig-imageregistry] Image registry remain available failing consistently
1900126 - Creating a VM results in suggestion to create a default storage class when one already exists
1900138 - [OCP on RHV] Remove insecure mode from the installer
1900196 - stalld is not restarted after crash
1900239 - Skip "subPath should be able to unmount" NFS test
1900322 - metal3 pod's toleration for key: node-role.kubernetes.io/master currently matches on exact value matches but should match on Exists
1900377 - [e2e][automation] create new css selector for active users
1900496 - (release-4.7) Collect spec config for clusteroperator resources
1900672 - (s390x) Upgrade from old LUKS to new not working with DASD disks
1900699 - Impossible to add new Node on OCP 4.6 using large ECKD disks - fdasd issue
1900759 - include qemu-guest-agent by default
1900790 - Track all resource counts via telemetry
1900835 - Multus errors when cachefile is not found
1900935 - `oc adm release mirror` panic panic: runtime error
1900989 - accessing the route cannot wake up the idled resources
1901040 - When scaling down the status of the node is stuck on deleting
1901057 - authentication operator health check failed when installing a cluster behind proxy
1901107 - pod donut shows incorrect information
1901111 - Installer dependencies are broken
1901200 - linuxptp-daemon crash when enable debug log level
1901301 - CBO should handle platform=BM without provisioning CR
1901355 - [Azure][4.7] Invalid vm size from customized compute nodes does not fail properly
1901363 - High Podready Latency due to timed out waiting for annotations
1901373 - redundant bracket on snapshot restore button
1901376 - [on-prem] Upgrade from 4.6 to 4.7 failed with "timed out waiting for the condition during waitForControllerConfigToBeCompleted: controllerconfig is not completed: ControllerConfig has not completed: completed(false) running(false) failing(true"
1901395 - "Edit virtual machine template" action link should be removed
1901472 - [OSP] Bootstrap and master nodes use different keepalived unicast setting
1901517 - RHCOS 4.6.1 uses a single NetworkManager connection for multiple NICs when using default DHCP
1901531 - Console returns a blank page while trying to create an operator Custom CR with Invalid Schema
1901594 - Kubernetes resource CRUD operations.Kubernetes resource CRUD operations Pod "before all" hook for "creates the resource instance"
1901604 - CNO blocks editing Kuryr options
1901675 - [sig-network] multicast when using one of the plugins 'redhat/openshift-ovs-multitenant, redhat/openshift-ovs-networkpolicy' should allow multicast traffic in namespaces where it is enabled
1901909 - The device plugin pods / cni pod are restarted every 5 minutes
1901982 - [sig-builds][Feature:Builds] build can reference a cluster service with a build being created from new-build should be able to run a build that references a cluster service
1902019 - when podTopologySpreadConstraint strategy is enabled for descheduler it throws error
1902059 - Wire a real signer for service accout issuer
1902091 - `cluster-image-registry-operator` pod leaves connections open when fails connecting S3 storage
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1902157 - The DaemonSet machine-api-termination-handler couldn't allocate Pod
1902253 - MHC status doesnt set RemediationsAllowed = 0
1902299 - Failed to mirror operator catalog - error: destination registry required
1902545 - Cinder csi driver node pod should add nodeSelector for Linux
1902546 - Cinder csi driver node pod doesn't run on master node
1902547 - Cinder csi driver controller pod doesn't run on master node
1902552 - Cinder csi driver does not use the downstream images
1902595 - Project workloads list view doesn't show alert icon and hover message
1902600 - Container csi-snapshotter in Cinder csi driver needs to use ImagePullPolicy=IfNotPresent
1902601 - Cinder csi driver pods run as BestEffort qosClass
1902653 - [BM][IPI] Master deployment failed: No valid host was found. Reason: No conductor service registered which supports driver redfish for conductor group
1902702 - [sig-auth][Feature:LDAP][Serial] ldap group sync can sync groups from ldap: oc cp over non-existing directory/file fails
1902746 - [BM][IP] Master deployment failed - Base.1.0.GeneralError: database is locked
1902824 - failed to generate semver informed package manifest: unable to determine default channel
1902894 - hybrid-overlay-node crashing trying to get node object during initialization
1902969 - Cannot load vmi detail page
1902981 - It should default to current namespace when create vm from template
1902996 - [AWS] UPI on USGov, bootstrap machine can not fetch ignition file via s3:// URI
1903033 - duplicated lines of imageContentSources is seen when mirror release image to local registry
1903034 - OLM continuously printing debug logs
1903062 - [Cinder csi driver] Deployment mounted volume have no write access
1903078 - Deleting VolumeSnapshotClass makes VolumeSnapshot not Ready
1903107 - Enable vsphere-problem-detector e2e tests
1903164 - OpenShift YAML editor jumps to top every few seconds
1903165 - Improve Canary Status Condition handling for e2e tests
1903172 - Column Management: Fix sticky footer on scroll
1903186 - [Descheduler] cluster logs should report some info when PodTopologySpreadConstraints strategy is enabled
1903188 - [Descheduler] cluster log reports failed to validate server configuration" err="unsupported log format:
1903192 - Role name missing on create role binding form
1903196 - Popover positioning is misaligned for Overview Dashboard status items
1903206 - Ingress controller incorrectly routes traffic to non-ready pods/backends.
1903226 - MutatingWebhookConfiguration pod-identity-webhook does not exclude critical control-plane components
1903248 - Backport Upstream Static Pod UID patch
1903277 - Deprovisioning Not Deleting Security Groups [VpcLimitExceeded on e2e-aws tests]
1903290 - Kubelet repeatedly log the same log line from exited containers
1903346 - PV backed by FC lun is not being unmounted properly and this leads to IO errors / xfs corruption.
1903382 - Panic when task-graph is canceled with a TaskNode with no tasks
1903400 - Migrate a VM which is not running goes to pending state
1903402 - Nic/Disk on VMI overview should link to VMI's nic/disk page
1903414 - NodePort is not working when configuring an egress IP address
1903424 - mapi_machine_phase_transition_seconds_sum doesn't work
1903464 - "Evaluating rule failed" for "record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum" and "record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum"
1903639 - Hostsubnet gatherer produces wrong output
1903651 - Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service
1903660 - Cannot install with Assisted Installer on top of IPv6 since network provider is not started
1903674 - [sig-apps] ReplicationController should serve a basic image on each replica with a private image
1903717 - Handle different Pod selectors for metal3 Deployment
1903733 - Scale up followed by scale down can delete all running workers
1903917 - Failed to load "Developer Catalog" page
1903999 - Httplog response code is always zero
1904026 - The quota controllers should resync on new resources and make progress
1904064 - Automated cleaning is disabled by default
1904124 - DHCP to static lease script doesn't work correctly if starting with infinite leases
1904125 - Boostrap VM .ign image gets added into 'default' pool instead of <cluster-name>-<id>-bootstrap
1904131 - kuryr tempest plugin test test_ipblock_network_policy_sg_rules fails
1904133 - KubeletConfig flooded with failure conditions
1904161 - AlertmanagerReceiversNotConfigured fires unconditionally on alertmanager restart
1904243 - RHCOS 4.6.1 missing ISCSI initiatorname.iscsi !
1904244 - MissingKey errors for two plugins using i18next.t
1904262 - clusterresourceoverride-operator has version: 1.0.0 every build
1904296 - VPA-operator has version: 1.0.0 every build
1904297 - The index image generated by "opm index prune" leaves unrelated images
1904305 - Should have scroll-down bar for the field which the values list has too many results under dashboards
1904385 - [oVirt] registry cannot mount volume on 4.6.4 -> 4.6.6 upgrade
1904497 - vsphere-problem-detector: Run on vSphere cloud only
1904501 - [Descheduler] descheduler does not evict any pod when PodTopologySpreadConstraint strategy is set
1904502 - vsphere-problem-detector: allow longer timeouts for some operations
1904503 - vsphere-problem-detector: emit alerts
1904538 - [sig-arch][Early] Managed cluster should start all core operators: monitoring: container has runAsNonRoot and image has non-numeric user (nobody)
1904578 - metric scraping for vsphere problem detector is not configured
1904582 - All application traffic broken due to unexpected load balancer change on 4.6.4 -> 4.6.6 upgrade
1904663 - IPI pointer customization MachineConfig always generated
1904679 - [Feature:ImageInfo] Image info should display information about images
1904683 - `[sig-builds][Feature:Builds] s2i build with a root user image` tests use docker.io image
1904684 - [sig-cli] oc debug ensure it works with image streams
1904713 - Helm charts with kubeVersion restriction are filtered incorrectly
1904776 - Snapshot modal alert is not pluralized
1904824 - Set vSphere hostname from guestinfo before NM starts
1904941 - Insights status is always showing a loading icon
1904973 - KeyError: 'nodeName' on NP deletion
1904985 - Prometheus and thanos sidecar targets are down
1904993 - Many ampersand special characters are found in strings
1905066 - QE - Monitoring test cases - smoke test suite automation
1905074 - QE -Gherkin linter to maintain standards
1905100 - Too many haproxy processes in default-router pod causing high load average
1905104 - Snapshot modal disk items missing keys
1905115 - CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm
1905119 - Race in AWS EBS determining whether custom CA bundle is used
1905128 - [e2e][automation] e2e tests succeed without actually execute
1905133 - operator conditions special-resource-operator
1905141 - vsphere-problem-detector: report metrics through telemetry
1905146 - Backend Tests: TestHelmRepoGetter_SkipDisabled failures
1905194 - Detecting broken connections to the Kube API takes up to 15 minutes
1905221 - CVO transitions from "Initializing" to "Updating" despite not attempting many manifests
1905232 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them failing due to inconsistent images between CI and OCP
1905253 - Inaccurate text at bottom of Events page
1905298 - openshift-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory
1905299 - OLM fails to update operator
1905307 - Provisioning CR is missing from must-gather
1905319 - cluster-samples-operator containers are not requesting required memory resource
1905320 - csi-snapshot-webhook is not requesting required memory resource
1905323 - dns-operator is not requesting required memory resource
1905324 - ingress-operator is not requesting required memory resource
1905327 - openshift-kube-scheduler initContainer wait-for-host-port is not requesting required resources: cpu, memory
1905328 - Changing the bound token service account issuer invalids previously issued bound tokens
1905329 - openshift-oauth-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory
1905330 - openshift-monitoring init-textfile is not requesting required resources: cpu, memory
1905338 - QE -Cypress Automation for Add Flow - Database, Yaml, OperatorBacked, PageDetails
1905347 - QE - Design Gherkin Scenarios
1905348 - QE - Design Gherkin Scenarios
1905362 - [sriov] Error message 'Fail to update DaemonSet' always shown in sriov operator pod
1905368 - [sriov] net-attach-def generated from sriovnetwork cannot be restored once it was deleted
1905370 - A-Z/Z-A sorting dropdown on Developer Catalog page is not aligned with filter text input
1905380 - Default to Red Hat/KubeVirt provider if common template does not have provider annotation
1905393 - CMO uses rbac.authorization.k8s.io/v1beta1 instead of rbac.authorization.k8s.io/v1
1905404 - The example of "Remove the entrypoint on the mysql:latest image" for `oc image append` does not work
1905416 - Hyperlink not working from Operator Description
1905430 - usbguard extension fails to install because of missing correct protobuf dependency version
1905492 - The stalld service has a higher scheduler priority than ksoftirq and rcu{b, c} threads
1905502 - Test flake - unable to get https transport for ephemeral-registry
1905542 - [GSS] The "External" mode option is not available when the OCP cluster is deployed using Redhat Cluster Assisted Installer 4.6.
1905599 - Errant change to lastupdatetime in copied CSV status can trigger runaway csv syncs
1905610 - Fix typo in export script
1905621 - Protractor login test fails against a 4.7 (nightly) Power cluster
1905640 - Subscription manual approval test is flaky
1905647 - Report physical core valid-for-subscription min/max/cumulative use to telemetry
1905696 - ClusterMoreUpdatesModal component did not get internationalized
1905748 - with sharded ingresscontrollers, all shards reload when any endpoint changes
1905761 - NetworkPolicy with Egress policyType is resulting in SDN errors and improper communication within Project
1905778 - inconsistent ingresscontroller between fresh installed cluster and upgraded cluster
1905792 - [OVN]Cannot create egressfirewalll with dnsName
1905889 - Should create SA for each namespace that the operator scoped
1905920 - Quickstart exit and restart
1905941 - Page goes to error after create catalogsource
1905977 - QE ghaekin design scenaio-pipeline metrics ODC-3711
1906032 - Canary Controller: Canary daemonset rolls out slowly in large clusters
1906100 - Disconnected cluster upgrades are failing from the cli, when signature retrieval is being blackholed instead of quickly rejected
1906105 - CBO annotates an existing Metal3 deployment resource to indicate that it is managing it
1906118 - OCS feature detection constantly polls storageclusters and storageclasses
1906120 - 'Create Role Binding' form not setting user or group value when created from a user or group resource
1906121 - [oc] After new-project creation, the kubeconfig file does not set the project
1906134 - OLM should not create OperatorConditions for copied CSVs
1906143 - CBO supports log levels
1906186 - i18n: Translators are not able to translate `this` without context for alert manager config
1906228 - tuned and openshift-tuned sometimes do not terminate gracefully, slowing reboots
1906274 - StorageClass installed by Cinder csi driver operator should enable the allowVolumeExpansion to support volume resize.
1906276 - `oc image append` can't work with multi-arch image with --filter-by-os='.*'
1906318 - use proper term for Authorized SSH Keys
1906335 - The lastTransitionTime, message, reason field of operatorcondition should be optional
1906356 - Unify Clone PVC boot source flow with URL/Container boot source
1906397 - IPA has incorrect kernel command line arguments
1906441 - HorizontalNav and NavBar have invalid keys
1906448 - Deploy using virtualmedia with provisioning network disabled fails - 'Failed to connect to the agent' in ironic-conductor log
1906459 - openstack: Quota Validation fails if unlimited quotas are given to a project
1906496 - [BUG] Thanos having possible memory leak consuming huge amounts of node's memory and killing them
1906508 - TestHeaderNameCaseAdjust outputs nil error message on some failures
1906511 - Root reprovisioning tests flaking often in CI
1906517 - Validation is not robust enough and may prevent to generate install-confing.
1906518 - Update snapshot API CRDs to v1
1906519 - Update LSO CRDs to use v1
1906570 - Number of disruptions caused by reboots on a cluster cannot be measured
1906588 - [ci][sig-builds] nodes is forbidden: User "e2e-test-jenkins-pipeline-xfghs-user" cannot list resource "nodes" in API group "" at the cluster scope
1906650 - Cannot collect network policy, EgressFirewall, egressip logs with gather_network_logs
1906655 - [SDN]Cannot colloect ovsdb-server.log and ovs-vswitchd.log with gather_network_logs
1906679 - quick start panel styles are not loaded
1906683 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber
1906684 - Event Source creation fails if user selects no app group and switch to yaml and then to form
1906685 - SinkBinding is shown in topology view if underlying resource along with actual source created
1906689 - user can pin to nav configmaps and secrets multiple times
1906691 - Add doc which describes disabling helm chart repository
1906713 - Quick starts not accesible for a developer user
1906718 - helm chart "provided by Redhat" is misspelled
1906732 - Machine API proxy support should be tested
1906745 - Update Helm endpoints to use Helm 3.4.x
1906760 - performance issues with topology constantly re-rendering
1906766 - localized `Autoscaled` & `Autoscaling` pod texts overlap with the pod ring
1906768 - Virtualization nav item is incorrectly placed in the Admin Workloads section
1906769 - topology fails to load with non-kubeadmin user
1906770 - shortcuts on mobiles view occupies a lot of space
1906798 - Dev catalog customization doesn't update console-config ConfigMap
1906806 - Allow installing extra packages in ironic container images
1906808 - [test-disabled] ServiceAccounts should support OIDC discovery of service account issuer
1906835 - Topology view shows add page before then showing full project workloads
1906840 - ClusterOperator should not have status "Updating" if operator version is the same as the release version
1906844 - EndpointSlice and EndpointSliceProxying feature gates should be disabled for openshift-sdn kube-proxy
1906860 - Bump kube dependencies to v1.20 for Net Edge components
1906864 - Quick Starts Tour: Need to adjust vertical spacing
1906866 - Translations of Sample-Utils
1906871 - White screen when sort by name in monitoring alerts page
1906872 - Pipeline Tech Preview Badge Alignment
1906875 - Provide an option to force backup even when API is not available.
1906877 - Placeholder' value in search filter do not match column heading in Vulnerabilities
1906879 - Add missing i18n keys
1906880 - oidcdiscoveryendpoint controller invalidates all TokenRequest API tokens during install
1906896 - No Alerts causes odd empty Table (Need no content message)
1906898 - Missing User RoleBindings in the Project Access Web UI
1906899 - Quick Start - Highlight Bounding Box Issue
1906916 - Teach CVO about flowcontrol.apiserver.k8s.io/v1beta1
1906933 - Cluster Autoscaler should have improved mechanisms for group identifiers
1906935 - Delete resources when Provisioning CR is deleted
1906968 - Must-gather should support collecting kubernetes-nmstate resources
1906986 - Ensure failed pod adds are retried even if the pod object doesn't change
1907199 - Need to upgrade machine-api-operator module version under cluster-api-provider-kubevirt
1907202 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change
1907211 - beta promotion of p&f switched storage version to v1beta1, making downgrades impossible.
1907269 - Tooltips data are different when checking stack or not checking stack for the same time
1907280 - Install tour of OCS not available.
1907282 - Topology page breaks with white screen
1907286 - The default mhc machine-api-termination-handler couldn't watch spot instance
1907287 - [csi-snapshot-webhook] should support both v1beta1 and v1 version when creating volumesnapshot/volumesnapshotcontent
1907293 - Increase timeouts in e2e tests
1907295 - Gherkin script for improve management for helm
1907299 - Advanced Subscription Badge for KMS and Arbiter not present
1907303 - Align VM template list items by baseline
1907304 - Use PF styles for selected template card in VM Wizard
1907305 - Drop 'ISO' from CDROM boot source message
1907307 - Support and provider labels should be passed on between templates and sources
1907310 - Pin action should be renamed to favorite
1907312 - VM Template source popover is missing info about added date
1907313 - ClusterOperator objects cannot be overriden with cvo-overrides
1907328 - iproute-tc package is missing in ovn-kube image
1907329 - CLUSTER_PROFILE env. variable is not used by the CVO
1907333 - Node stuck in degraded state, mcp reports "Failed to remove rollback: error running rpm-ostree cleanup -r: error: Timeout was reached"
1907373 - Rebase to kube 1.20.0
1907375 - Bump to latest available 1.20.x k8s - workloads team
1907378 - Gather netnamespaces networking info
1907380 - kube-rbac-proxy exposes tokens, has excessive verbosity
1907381 - OLM fails to deploy an operator if its deployment template contains a description annotation that doesn't match the CSV one
1907390 - prometheus-adapter: panic after k8s 1.20 bump
1907399 - build log icon link on topology nodes cause app to reload
1907407 - Buildah version not accessible
1907421 - [4.6.1]oc-image-mirror command failed on "error: unable to copy layer"
1907453 - Dev Perspective -> running vm details -> resources -> no data
1907454 - Install PodConnectivityCheck CRD with CNO
1907459 - "The Boot source is also maintained by Red Hat." is always shown for all boot sources
1907475 - Unable to estimate the error rate of ingress across the connected fleet
1907480 - `Active alerts` section throwing forbidden error for users.
1907518 - Kamelets/Eventsource should be shown to user if they have create access
1907543 - Korean timestamps are shown when users' language preferences are set to German-en-en-US
1907610 - Update kubernetes deps to 1.20
1907612 - Update kubernetes deps to 1.20
1907621 - openshift/installer: bump cluster-api-provider-kubevirt version
1907628 - Installer does not set primary subnet consistently
1907632 - Operator Registry should update its kubernetes dependencies to 1.20
1907639 - pass dual-stack node IPs to kubelet in dual-stack clusters
1907644 - fix up handling of non-critical annotations on daemonsets/deployments
1907660 - Pod list does not render cell height correctly when pod names are too long (dynamic table rerendering issue?)
1907670 - CVE-2020-27846 crewjam/saml: authentication bypass in saml authentication
1907671 - Ingress VIP assigned to two infra nodes simultaneously - keepalived process running in pods seems to fail
1907767 - [e2e][automation]update test suite for kubevirt plugin
1907770 - Recent RHCOS 47.83 builds (from rhcos-47.83.202012072210-0 on) don't allow master and worker nodes to boot
1907792 - The `overrides` of the OperatorCondition cannot block the operator upgrade
1907793 - Surface support info in VM template details
1907812 - 4.7 to 4.6 downgrade stuck in clusteroperator storage
1907822 - [OCP on OSP] openshift-install panic when checking quota with install-config have no flavor set
1907863 - Quickstarts status not updating when starting the tour
1907872 - dual stack with an ipv6 network fails on bootstrap phase
1907874 - QE - Design Gherkin Scenarios for epic ODC-5057
1907875 - No response when try to expand pvc with an invalid size
1907876 - Refactoring record package to make gatherer configurable
1907877 - QE - Automation- pipelines builder scripts
1907883 - Fix Pipleine creation without namespace issue
1907888 - Fix pipeline list page loader
1907890 - Misleading and incomplete alert message shown in pipeline-parameters and pipeline-resources form
1907892 - Unable to edit application deployed using "From Devfile" option
1907893 - navSortUtils.spec.ts unit test failure
1907896 - When a workload is added, Topology does not place the new items well
1907908 - VM Wizard always uses VirtIO for the VM rootdisk regardless what is defined in common-template
1907924 - Enable madvdontneed in OpenShift Images
1907929 - Enable madvdontneed in OpenShift System Components Part 2
1907936 - NTO is not reporting nto_profile_set_total metrics correctly after reboot
1907947 - The kubeconfig saved in tenantcluster shouldn't include anything that is not related to the current context
1907948 - OCM-O bump to k8s 1.20
1907952 - bump to k8s 1.20
1907972 - Update OCM link to open Insights tab
1907989 - DataVolumes was intorduced in common templates - VM creation fails in the UI
1907998 - Gather kube_pod_resource_request/limit metrics as exposed in upstream KEP 1916
1908001 - [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in egress-router-cni
1908014 - e2e-aws-ansible and e2e-aws-helm are broken in ocp-release-operator-sdk
1908035 - dynamic-demo-plugin build does not generate dist directory
1908135 - quick search modal is not centered over topology
1908145 - kube-scheduler-recovery-controller container crash loop when router pod is co-scheduled
1908159 - [AWS C2S] MCO fails to sync cloud config
1908171 - GCP: Installation fails when installing cluster with n1-custom-4-16384custom type (n1-custom-4-16384)
1908180 - Add source for template is stucking in preparing pvc
1908217 - CI: Server-Side Apply should work for oauth.openshift.io/v1: has no tokens
1908231 - [Migration] The pods ovnkube-node are in CrashLoopBackOff after SDN to OVN
1908277 - QE - Automation- pipelines actions scripts
1908280 - Documentation describing `ignore-volume-az` is incorrect
1908296 - Fix pipeline builder form yaml switcher validation issue
1908303 - [CVE-2020-28367 CVE-2020-28366] Remove CGO flag from rhel Dockerfile in Egress-Router-CNI
1908323 - Create button missing for PLR in the search page
1908342 - The new pv_collector_total_pv_count is not reported via telemetry
1908344 - [vsphere-problem-detector] CheckNodeProviderID and CheckNodeDiskUUID have the same name
1908347 - CVO overwrites ValidatingWebhookConfiguration for snapshots
1908349 - Volume snapshot tests are failing after 1.20 rebase
1908353 - QE - Automation- pipelines runs scripts
1908361 - bump to k8s 1.20
1908367 - QE - Automation- pipelines triggers scripts
1908370 - QE - Automation- pipelines secrets scripts
1908375 - QE - Automation- pipelines workspaces scripts
1908381 - Go Dependency Fixes for Devfile Lib
1908389 - Loadbalancer Sync failing on Azure
1908400 - Tests-e2e, increase timeouts, re-add TestArchiveUploadedAndResultsReceived
1908407 - Backport Upstream 95269 to fix potential crash in kubelet
1908410 - Exclude Yarn from VSCode search
1908425 - Create Role Binding form subject type and name are undefined when All Project is selected
1908431 - When the marketplace-operator pod get's restarted, the custom catalogsources are gone, as well as the pods
1908434 - Remove &apos from metal3-plugin internationalized strings
1908437 - Operator backed with no icon has no badge associated with the CSV tag
1908459 - bump to k8s 1.20
1908461 - Add bugzilla component to OWNERS file
1908462 - RHCOS 4.6 ostree removed dhclient
1908466 - CAPO AZ Screening/Validating
1908467 - Zoom in and zoom out in topology package should be sentence case
1908468 - [Azure][4.7] Installer can't properly parse instance type with non integer memory size
1908469 - nbdb failed to come up while bringing up OVNKubernetes cluster
1908471 - OLM should bump k8s dependencies to 1.20
1908484 - oc adm release extract --cloud=aws --credentials-requests dumps all manifests
1908493 - 4.7-e2e-metal-ipi-ovn-dualstack intermittent test failures, worker hostname is overwritten by NM
1908545 - VM clone dialog does not open
1908557 - [e2e][automation]Miss css id on bootsource and reviewcreate step on wizard
1908562 - Pod readiness is not being observed in real world cases
1908565 - [4.6] Cannot filter the platform/arch of the index image
1908573 - Align the style of flavor
1908583 - bootstrap does not run on additional networks if configured for master in install-config
1908596 - Race condition on operator installation
1908598 - Persistent Dashboard shows events for all provisioners
1908641 - Go back to Catalog Page link on Virtual Machine page vanishes on empty state
1908648 - Skip TestKernelType test on OKD, adjust TestExtensions
1908650 - The title of customize wizard is inconsistent
1908654 - cluster-api-provider: volumes and disks names shouldn't change by machine-api-operator
1908675 - Reenable [sig-storage] CSI mock volume CSI FSGroupPolicy [LinuxOnly] should modify fsGroup if fsGroupPolicy=default [Suite:openshift/conformance/parallel] [Suite:k8s]
1908687 - Option to save user settings separate when using local bridge (affects console developers only)
1908697 - Show `kubectl diff ` command in the oc diff help page
1908715 - Pressing the arrow up key when on topmost quick-search list item it should loop back to bottom
1908716 - UI breaks on click of sidebar of ksvc (if revisions not up) in topology on 4.7 builds
1908717 - "missing unit character in duration" error in some network dashboards
1908746 - [Safari] Drop Shadow doesn't works as expected on hover on workload
1908747 - stale S3 CredentialsRequest in CCO manifest
1908758 - AWS: NLB timeout value is rejected by AWS cloud provider after 1.20 rebase
1908830 - RHCOS 4.6 - Missing Initiatorname
1908868 - Update empty state message for EventSources and Channels tab
1908880 - 4.7 aws-serial CI: NoExecuteTaintManager Single Pod [Serial] eventually evict pod with finite tolerations from tainted nodes
1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
1908888 - Dualstack does not work with multiple gateways
1908889 - Bump CNO to k8s 1.20
1908891 - TestDNSForwarding DNS operator e2e test is failing frequently
1908914 - CNO: upgrade nodes before masters
1908918 - Pipeline builder yaml view sidebar is not responsive
1908960 - QE - Design Gherkin Scenarios
1908971 - Gherkin Script for pipeline debt 4.7
1908983 - i18n: Add Horizontal Pod Autoscaler action menu is not translated
1908997 - Unsupported access mode should not be available when creating pvc by cinder-csi-driver/gcp-pd-csi-driver from web-console
1908998 - [cinder-csi-driver] doesn't detect the credentials change
1909004 - "No datapoints found" for RHEL node's filesystem graph
1909005 - i18n: workloads list view heading is not translated
1909012 - csi snapshot webhook does not block any invalid update for volumesnapshot and volumesnapshotcontent objects
1909027 - Disks option of Sectected capacity chart shows HDD disk even on selection of SDD disk type
1909043 - OCP + OCS 4.7 Internal - Storage cluster creation throws warning when zone=0 in VMware
1909067 - Web terminal should keep latest output when connection closes
1909070 - PLR and TR Logs component is not streaming as fast as tkn
1909092 - Error Message should not confuse user on Channel form
1909096 - OCP 4.7+OCS 4.7 - The Requested Cluster Capacity field needs to include the selected capacity in calculation in Review and Create Page
1909108 - Machine API components should use 1.20 dependencies
1909116 - Catalog Sort Items dropdown is not aligned on Firefox
1909198 - Move Sink action option is not working
1909207 - Accessibility Issue on monitoring page
1909236 - Remove pinned icon overlap on resource name
1909249 - Intermittent packet drop from pod to pod
1909276 - Accessibility Issue on create project modal
1909289 - oc debug of an init container no longer works
1909290 - Logging may be broken due to mix of k8s.io/klog v1 and v2
1909358 - registry.redhat.io/redhat/community-operator-index:latest only have hyperfoil-bundle
1909453 - Boot disk RAID can corrupt ESP if UEFI firmware writes to it
1909455 - Boot disk RAID will not boot if the primary disk enumerates but fails I/O
1909464 - Build operator-registry with golang-1.15
1909502 - NO_PROXY is not matched between bootstrap and global cluster setting which lead to desired master machineconfig is not found
1909521 - Add kubevirt cluster type for e2e-test workflow
1909527 - [IPI Baremetal] After upgrade from 4.6 to 4.7 metal3 pod does not get created
1909587 - [OCP4] all of the OCP master nodes with soft-anti-affinity run on the same OSP node
1909610 - Fix available capacity when no storage class selected
1909678 - scale up / down buttons available on pod details side panel
1909723 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART
1909730 - unbound variable error if EXTRA_PKGS_LIST is not defined
1909739 - Arbiter request data changes
1909744 - cluster-api-provider-openstack: Bump gophercloud
1909790 - PipelineBuilder yaml view cannot be used for editing a pipeline
1909791 - Update standalone kube-proxy config for EndpointSlice
1909792 - Empty states for some details page subcomponents are not i18ned
1909815 - Perspective switcher is only half-i18ned
1909821 - OCS 4.7 LSO installation blocked because of Error "Invalid value: "integer": spec.flexibleScaling in body
1909836 - operator-install-global Cypress test was failing in OLM as it depends on an operator that isn't installed in CI
1909864 - promote-release-openshift-machine-os-content-e2e-aws-4.5 is perm failing
1909911 - [OVN]EgressFirewall caused a segfault
1909943 - Upgrade from 4.6 to 4.7 stuck due to write /sys/devices/xxxx/block/sda/queue/scheduler: invalid argument
1909958 - Support Quick Start Highlights Properly
1909978 - ignore-volume-az = yes not working on standard storageClass
1909981 - Improve statement in template select step
1909992 - Fail to pull the bundle image when using the private index image
1910024 - Reload issue in latest(4.7) UI code on 4.6 cluster locally in dev
1910036 - QE - Design Gherkin Scenarios ODC-4504
1910049 - UPI: ansible-galaxy is not supported
1910127 - [UPI on oVirt]: Improve UPI Documentation
1910140 - fix the api dashboard with changes in upstream kube 1.20
1910160 - If two OperatorConditions include the same deployments they will keep updating the deployment's containers with the OPERATOR_CONDITION_NAME Environment Variable
1910165 - DHCP to static lease script doesn't handle multiple addresses
1910305 - [Descheduler] - The minKubeVersion should be 1.20.0
1910409 - Notification drawer is not localized for i18n
1910459 - Could not provision gcp volume if delete secret gcp-pd-cloud-credentials
1910492 - KMS details are auto-populated on the screen in next attempt at Storage cluster creation
1910501 - Installed Operators->Operand required: Clicking on cancel in Storage cluster page takes back to the Install Operator page
1910533 - [OVN] It takes about 5 minutes for EgressIP failover to work
1910581 - library-go: proxy ENV is not injected into csi-driver-controller which lead to storage operator never get ready
1910666 - Creating a Source Secret from type SSH-Key should use monospace font for better usability
1910738 - OCP 4.7 Installation fails on VMWare due to 1 worker that is degraded
1910739 - Redfish-virtualmedia (idrac) deploy fails on "The Virtual Media image server is already connected"
1910753 - Support Directory Path to Devfile
1910805 - Missing translation for Pipeline status and breadcrumb text
1910829 - Cannot delete a PVC if the dv's phase is WaitForFirstConsumer
1910840 - Show Nonexistent command info in the `oc rollback -h` help page
1910859 - breadcrumbs doesn't use last namespace
1910866 - Unify templates string
1910870 - Unify template dropdown action
1911016 - Prometheus unable to mount NFS volumes after upgrading to 4.6
1911129 - Monitoring charts renders nothing when switching from a Deployment to "All workloads"
1911176 - [MSTR-998] Wrong text shown when hovering on lines of charts in API Performance dashboard
1911212 - [MSTR-998] API Performance Dashboard "Period" drop-down has a choice "$__auto_interval_period" which can bring "1:154: parse error: missing unit character in duration"
1911213 - Wrong and misleading warning for VMs that were created manually (not from template)
1911257 - [aws-c2s] failed to create cluster, kube-cloud-config was not created
1911269 - waiting for the build message present when build exists
1911280 - Builder images are not detected for Dotnet, Httpd, NGINX
1911307 - Pod Scale-up requires extra privileges in OpenShift web-console
1911381 - "Select Persistent Volume Claim project" shows in customize wizard when select a source available template
1911382 - "source volumeMode (Block) and target volumeMode (Filesystem) do not match" shows in VM Error
1911387 - Hit error - "Cannot read property 'value' of undefined" while creating VM from template
1911408 - [e2e][automation] Add auto-clone cli tests and new flow of VM creation
1911418 - [v2v] The target storage class name is not displayed if default storage class is used
1911434 - git ops empty state page displays icon with watermark
1911443 - SSH Cretifiaction field should be validated
1911465 - IOPS display wrong unit
1911474 - Devfile Application Group Does Not Delete Cleanly (errors)
1911487 - Pruning Deployments should use ReplicaSets instead of ReplicationController
1911574 - Expose volume mode on Upload Data form
1911617 - [CNV][UI] Failure to add source to VM template when no default storage class is defined
1911632 - rpm-ostree command fail due to wrong options when updating ocp-4.6 to 4.7 on worker nodes with rt-kernel
1911656 - using 'operator-sdk run bundle' to install operator successfully, but the command output said 'Failed to run bundle''
1911664 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state
1911782 - Descheduler should not evict pod used local storage by the PVC
1911796 - uploading flow being displayed before submitting the form
1912066 - The ansible type operator's manager container is not stable when managing the CR
1912077 - helm operator's default rbac forbidden
1912115 - [automation] Analyze job keep failing because of 'JavaScript heap out of memory'
1912237 - Rebase CSI sidecars for 4.7
1912381 - [e2e][automation] Miss css ID on Create Network Attachment Definition page
1912409 - Fix flow schema deployment
1912434 - Update guided tour modal title
1912522 - DNS Operator e2e test: TestCoreDNSImageUpgrade is fundamentally broken
1912523 - Standalone pod status not updating in topology graph
1912536 - Console Plugin CR for console-demo-plugin has wrong apiVersion
1912558 - TaskRun list and detail screen doesn't show Pending status
1912563 - p&f: carry 97206: clean up executing request on panic
1912565 - OLM macOS local build broken by moby/term dependency
1912567 - [OCP on RHV] Node becomes to 'NotReady' status when shutdown vm from RHV UI only on the second deletion
1912577 - 4.1/4.2->4.3->...-> 4.7 upgrade is stuck during 4.6->4.7 with co/openshift-apiserver Degraded, co/network not Available and several other components pods CrashLoopBackOff
1912590 - publicImageRepository not being populated
1912640 - Go operator's controller pods is forbidden
1912701 - Handle dual-stack configuration for NIC IP
1912703 - multiple queries can't be plotted in the same graph under some conditons
1912730 - Operator backed: In-context should support visual connector if SBO is not installed
1912828 - Align High Performance VMs with High Performance in RHV-UI
1912849 - VM from wizard - default flavor does not match the actual flavor set by common templates
1912852 - VM from wizard - available VM templates - "storage" field is "0 B"
1912888 - recycler template should be moved to KCM operator
1912907 - Helm chart repository index can contain unresolvable relative URL's
1912916 - Set external traffic policy to cluster for IBM platform
1912922 - Explicitly specifying the operator generated default certificate for an ingress controller breaks the ingress controller
1912938 - Update confirmation modal for quick starts
1912942 - cluster-storage-operator: proxy ENV is not injected into vsphere-problem-detector deployment
1912944 - cluster-storage-operator: proxy ENV is not injected into Manila CSI driver operator deployment
1912945 - aws-ebs-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912946 - gcp-pd-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912947 - openstack-cinder-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912948 - csi-driver-manila-operator: proxy ENV is not injected into the CSI driver
1912949 - ovirt-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912977 - rebase upstream static-provisioner
1913006 - Remove etcd v2 specific alerts with etcd_http* metrics
1913011 - [OVN] Pod's external traffic not use egressrouter macvlan ip as a source ip
1913037 - update static-provisioner base image
1913047 - baremetal clusteroperator progressing status toggles between true and false when cluster is in a steady state
1913085 - Regression OLM uses scoped client for CRD installation
1913096 - backport: cadvisor machine metrics are missing in k8s 1.19
1913132 - The installation of Openshift Virtualization reports success early before it 's succeeded eventually
1913154 - Upgrading to 4.6.10 nightly failed with RHEL worker nodes: Failed to find /dev/disk/by-label/root
1913196 - Guided Tour doesn't handle resizing of browser
1913209 - Support modal should be shown for community supported templates
1913226 - [Migration] The SDN migration rollback failed if customize vxlanPort
1913249 - update info alert this template is not aditable
1913285 - VM list empty state should link to virtualization quick starts
1913289 - Rebase AWS EBS CSI driver for 4.7
1913292 - OCS 4.7 Installation failed over vmware when arbiter was enabled, as flexibleScaling is also getting enabled
1913297 - Remove restriction of taints for arbiter node
1913306 - unnecessary scroll bar is present on quick starts panel
1913325 - 1.20 rebase for openshift-apiserver
1913331 - Import from git: Fails to detect Java builder
1913332 - Pipeline visualization breaks the UI when multiple taskspecs are used
1913343 - (release-4.7) Added changelog file for insights-operator
1913356 - (release-4.7) Implemented gathering specific logs from openshift apiserver operator
1913371 - Missing i18n key "Administrator" in namespace "console-app" and language "en."
1913386 - users can see metrics of namespaces for which they don't have rights when monitoring own services with prometheus user workloads
1913420 - Time duration setting of resources is not being displayed
1913536 - 4.6.9 -> 4.7 upgrade hangs. RHEL 7.9 worker stuck on "error enabling unit: Failed to execute operation: File exists\\n\"
1913554 - Recording rule for ingress error fraction SLI is incorrect, uses irate instead of increase
1913560 - Normal user cannot load template on the new wizard
1913563 - "Virtual Machine" is not on the same line in create button when logged with normal user
1913567 - Tooltip data should be same for line chart or stacked chart, display data value same as the table
1913568 - Normal user cannot create template
1913582 - [Migration]SDN to OVN migration stucks on MCO for rhel worker
1913585 - Topology descriptive text fixes
1913608 - Table data contains data value None after change time range in graph and change back
1913651 - Improved Red Hat image and crashlooping OpenShift pod collection
1913660 - Change location and text of Pipeline edit flow alert
1913685 - OS field not disabled when creating a VM from a template
1913716 - Include additional use of existing libraries
1913725 - Refactor Insights Operator Plugin states
1913736 - Regression: fails to deploy computes when using root volumes
1913747 - Update operator to kubernetes 1.20.1 to pickup upstream fixes
1913751 - add third-party network plugin test suite to openshift-tests
1913783 - QE-To fix the merging pr issue, commenting the afterEach() block
1913807 - Template support badge should not be shown for community supported templates
1913821 - Need definitive steps about uninstalling descheduler operator
1913851 - Cluster Tasks are not sorted in pipeline builder
1913864 - BuildConfig YAML template references ruby ImageStreamTag that no longer exists
1913951 - Update the Devfile Sample Repo to an Official Repo Host
1913960 - Cluster Autoscaler should use 1.20 dependencies
1913969 - Field dependency descriptor can sometimes cause an exception
1914060 - Disk created from 'Import via Registry' cannot be used as boot disk
1914066 - [sriov] sriov dp pod crash when delete ovs HW offload policy
1914090 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks)
1914119 - vsphere problem detector operator has no permission to update storages.operator.openshift.io instances
1914125 - Still using /dev/vde as default device path when create localvolume
1914183 - Empty NAD page is missing link to quickstarts
1914196 - target port in `from dockerfile` flow does nothing
1914204 - Creating VM from dev perspective may fail with template not found error
1914209 - Associate image secret name to pipeline serviceaccount imagePullSecrets
1914212 - [e2e][automation] Add test to validate bootable disk souce
1914250 - ovnkube-node fails on master nodes when both DHCPv6 and SLAAC addresses are configured on nodes
1914284 - Upgrade to OCP 4.6.9 results in cluster-wide DNS and connectivity issues due to bad NetworkPolicy flows
1914287 - Bring back selfLink
1914301 - User VM Template source should show the same provider as template itself
1914303 - linuxptp-daemon is not forwarding ptp4l stderr output to openshift logs
1914309 - /terminal page when WTO not installed shows nonsensical error
1914334 - order of getting started samples is arbitrary
1914343 - [sig-imageregistry][Feature:ImageTriggers] Annotation trigger reconciles after the image is overwritten [Suite:openshift/conformance/parallel] timeout on s390x
1914349 - Increase and decrease buttons in max and min pods in HPA page has distorted UI
1914405 - Quick search modal should be opened when coming back from a selection
1914407 - Its not clear that node-ca is running as non-root
1914427 - Count of pods on the dashboard is incorrect
1914439 - Typo in SRIOV port create command example
1914451 - cluster-storage-operator pod running as root
1914452 - oc image append, oc image extract outputs wrong suggestion to use --keep-manifest-list=true
1914642 - Customize Wizard Storage tab does not pass validation
1914723 - SamplesTBRInaccessibleOnBoot Alert has a misspelling
1914793 - device names should not be translated
1914894 - Warn about using non-groupified api version
1914926 - webdriver-manager pulls incorrect version of ChomeDriver due to a bug
1914932 - Put correct resource name in relatedObjects
1914938 - PVC disk is not shown on customization wizard general tab
1914941 - VM Template rootdisk is not deleted after fetching default disk bus
1914975 - Collect logs from openshift-sdn namespace
1915003 - No estimate of average node readiness during lifetime of a cluster
1915027 - fix MCS blocking iptables rules
1915041 - s3:ListMultipartUploadParts is relied on implicitly
1915079 - Canary controller should not periodically rotate the canary route endpoint for performance reasons
1915080 - Large number of tcp connections with shiftstack ocp cluster in about 24 hours
1915085 - Pods created and rapidly terminated get stuck
1915114 - [aws-c2s] worker machines are not create during install
1915133 - Missing default pinned nav items in dev perspective
1915176 - Update snapshot API CRDs to v1 in web-console when creating volumesnapshot related resource
1915187 - Remove the "Tech preview" tag in web-console for volumesnapshot
1915188 - Remove HostSubnet anonymization
1915200 - [OCP 4.7+ OCS 4.6]Arbiter related Note should not show up during UI deployment
1915217 - OKD payloads expect to be signed with production keys
1915220 - Remove dropdown workaround for user settings
1915235 - Failed to upgrade to 4.7 from 4.6 due to the machine-config failure
1915262 - When deploying with assisted install the CBO operator is installed and enabled without metal3 pod
1915277 - [e2e][automation]fix cdi upload form test
1915295 - [BM][IP][Dualstack] Installation failed - operators report dial tcp 172.30.0.1:443: i/o timeout
1915304 - Updating scheduling component builder & base images to be consistent with ART
1915312 - Prevent schedule Linux openshift-network-diagnostics pod on Windows node
1915318 - [Metal] bareMetal IPI - cannot interact with toolbox container after first execution only in parallel from different connection
1915348 - [RFE] linuxptp operator needs to expose the uds_address_socket to be used by an application pod
1915357 - Dev Catalog doesn't load anything if virtualization operator is installed
1915379 - New template wizard should require provider and make support input a dropdown type
1915408 - Failure in operator-registry kind e2e test
1915416 - [Descheduler] descheduler evicts pod which does not have any ownerRef or descheduler evict annotation
1915460 - Cluster name size might affect installations
1915500 - [aws c2s] kube-controller-manager crash loops trying to fetch the AWS instance
1915540 - Silent 4.7 RHCOS install failure on ppc64le
1915579 - [Metal] redhat-support-tool became unavailable after tcpdump usage (BareMetal IPI)
1915582 - p&f: carry upstream pr 97860
1915594 - [e2e][automation] Improve test for disk validation
1915617 - Bump bootimage for various fixes
1915624 - "Please fill in the following field: Template provider" blocks customize wizard
1915627 - Translate Guided Tour text.
1915643 - OCP4.6 to 4.7 upgrade failed due to manila csi driver operator sync error
1915647 - Intermittent White screen when the connector dragged to revision
1915649 - "Template support" pop up is not a warning; checkbox text should be rephrased
1915654 - [e2e][automation] Add a verification for Afinity modal should hint "Matching node found"
1915661 - Can't run the 'oc adm prune' command in a pod
1915672 - Kuryr doesn't work with selfLink disabled.
1915674 - Golden image PVC creation - storage size should be taken from the template
1915685 - Message for not supported template is not clear enough
1915760 - Need to increase timeout to wait rhel worker get ready
1915793 - quick starts panel syncs incorrectly across browser windows
1915798 - oauth connection errors for openshift console pods on an OVNKube OCP 4.7 cluster
1915818 - vsphere-problem-detector: use "_totals" in metrics
1915828 - Latest Dell firmware (04.40.00.00) fails to install IPI on BM using idrac-virtualmedia protocol
1915859 - vsphere-problem-detector: does not report ESXi host version nor VM HW version
1915871 - operator-sdk version in new downstream image should be v1.2.0-ocp not v4.7.0
1915879 - Pipeline Dashboard tab Rename to Pipeline Metrics
1915885 - Kuryr doesn't support workers running on multiple subnets
1915898 - TaskRun log output shows "undefined" in streaming
1915907 - test/cmd/builds.sh uses docker.io
1915912 - sig-storage-csi-snapshotter image not available
1915926 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART
1915929 - A11y Violation: svg-img-alt for time axis of Utilization Card on Cluster Dashboard
1915939 - Resizing the browser window removes Web Terminal Icon
1915945 - [sig-scheduling] SchedulerPreemption [Serial] validates basic preemption works [Conformance]
1915959 - Baremetal cluster operator is included in a ROKS installation of 4.7
1915962 - ROKS: manifest with machine health check fails to apply in 4.7
1915972 - Global configuration breadcrumbs do not work as expected
1915981 - Install ethtool and conntrack in container for debugging
1915995 - "Edit RoleBinding Subject" action under RoleBinding list page kebab actions causes unhandled exception
1915998 - Installer bootstrap node setting of additional subnets inconsistent with additional security groups
1916021 - OLM enters infinite loop if Pending CSV replaces itself
1916056 - Need Visual Web Terminal metric enabled for OCP monitoring telemetry
1916081 - non-existant should be non-existent in CloudCredentialOperatorTargetNamespaceMissing alert's annotations
1916099 - VM creation - customization wizard - user should be allowed to delete and re-create root disk
1916126 - [e2e][automation] Help fix tests for vm guest-agent and next-run-configuration
1916145 - Explicitly set minimum versions of python libraries
1916164 - Update csi-driver-nfs builder & base images to be consistent with ART
1916221 - csi-snapshot-controller-operator: bump dependencies for 4.7
1916271 - Known issues should mention failure to apply soft-anti-affinity to masters beyond the third
1916363 - [OVN] ovs-configuration.service reports as failed within all nodes using version 4.7.0-fc.2
1916379 - error metrics from vsphere-problem-detector should be gauge
1916382 - Can't create ext4 filesystems with Ignition
1916384 - 4.5.15 and later cluster-version operator does not sync ClusterVersion status before exiting, leaving 'verified: false' even for verified updates
1916401 - Deleting an ingress controller with a bad DNS Record hangs
1916417 - [Kuryr] Must-gather does not have all Custom Resources information
1916419 - [sig-devex][Feature:ImageEcosystem][Slow] openshift images should be SCL enabled returning s2i usage when running the image
1916454 - teach CCO about upgradeability from 4.6 to 4.7
1916486 - [OCP RHV] [Docs] Update RHV CSI provisioning section in OCP documenation
1916502 - Boot disk mirroring fails with mdadm error
1916524 - Two rootdisk shows on storage step
1916580 - Default yaml is broken for VM and VM template
1916621 - oc adm node-logs examples are wrong
1916642 - [zh_CN] Redundant period in Secrets - Create drop down menu - Key value secret.
1916692 - Possibly fails to destroy LB and thus cluster
1916711 - Update Kube dependencies in MCO to 1.20.0
1916747 - remove links to quick starts if virtualization operator isn't updated to 2.6
1916764 - editing a workload with no application applied, will auto fill the app
1916834 - Pipeline Metrics - Text Updates
1916843 - collect logs from openshift-sdn-controller pod
1916853 - cluster will not gracefully recover if openshift-etcd namespace is removed
1916882 - OCS 4.7 LSO : wizard (Discover disks and create storageclass) does not show zone when topology.kubernetes.io/zone are added manually
1916888 - OCS wizard Donor chart does not get updated when `Device Type` is edited
1916938 - Using 4.6 install-config.yaml file with lbFloatingIP results in validation error "Forbidden: cannot specify lbFloatingIP and apiFloatingIP together"
1916949 - ROKS: manifests in openshift-oauth-apiserver ns fails to create with non-existent namespace
1917101 - [UPI on oVirt] - 'RHCOS image' topic isn't located in the right place in UPI document
1917114 - Upgrade from 4.5.9 to 4.7 fails as authentication operator is Degraded due to '"ProxyConfigController" controller failed to sync "key"' error
1917117 - Common templates - disks screen: invalid disk name
1917124 - Custom template - clone existing PVC - the name of the target VM's data volume is hard-coded; only one VM can be created
1917146 - [oVirt] Consume 23-10 ovirt sdk- csi operator
1917147 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable.
1917148 - [oVirt] Consume 23-10 ovirt sdk
1917239 - Monitoring time options overlaps monitoring tab navigation when Quickstart panel is opened
1917272 - Should update the default minSize to 1Gi when create localvolumeset on web console
1917303 - [automation][e2e] make kubevirt-plugin gating job mandatory
1917315 - localvolumeset-local-provisoner-xxx pods are not killed after upgrading from 4.6 to 4.7
1917327 - annotations.message maybe wrong for NTOPodsNotReady alert
1917367 - Refactor periodic.go
1917371 - Add docs on how to use the built-in profiler
1917372 - Application metrics are shown on Metrics dashboard but not in linked Prometheus UI in OCP management console
1917395 - pv-pool backing store name restriction should be at 43 characters from the ocs ui
1917484 - [BM][IPI] Failed to scale down machineset
1917522 - Deprecate --filter-by-os in oc adm catalog mirror
1917537 - controllers continuously busy reconciling operator
1917551 - use min_over_time for vsphere prometheus alerts
1917585 - OLM Operator install page missing i18n
1917587 - Manila CSI operator becomes degraded if user doesn't have permissions to list share types
1917605 - Deleting an exgw causes pods to no longer route to other exgws
1917614 - [aws c2s] ingress operator uses unavailable resourcegrouptaggings API
1917656 - Add to Project/application for eventSources from topology shows 404
1917658 - Show TP badge for sources powered by camel connectors in create flow
1917660 - Editing parallelism of job get error info
1917678 - Could not provision pv when no symlink and target found on rhel worker
1917679 - Hide double CTA in admin pipelineruns tab
1917683 - `NodeTextFileCollectorScrapeError` alert in OCP 4.6 cluster.
1917759 - Console operator panics after setting plugin that does not exists to the console-operator config
1917765 - ansible-operator version in downstream image should be v1.3.0 not v4.7.0
1917770 - helm-operator version in downstream image should be v1.3.0 not v4.7.0
1917799 - Gather s list of names and versions of installed OLM operators
1917803 - [sig-storage] Pod Disks should be able to delete a non-existent PD without error
1917814 - Show Broker create option in eventing under admin perspective
1917838 - MachineSet scaling from 0 is not available or evaluated incorrectly for the new or changed instance types
1917872 - [oVirt] rebase on latest SDK 2021-01-12
1917911 - network-tools needs ovnkube-trace binary from ovn-kubernetes image
1917938 - upgrade version of dnsmasq package
1917942 - Canary controller causes panic in ingress-operator
1918019 - Undesired scrollbars in markdown area of QuickStart
1918068 - Flaky olm integration tests
1918085 - reversed name of job and namespace in cvo log
1918112 - Flavor is not editable if a customize VM is created from cli
1918129 - Update IO sample archive with missing resources & remove IP anonymization from clusteroperator resources
1918132 - i18n: Volume Snapshot Contents menu is not translated
1918133 - [e2e][automation] Fix ocp 4.7 existing tests - part2
1918140 - Deployment openstack-cinder-csi-driver-controller and openstack-manila-csi-controllerplugin doesn't be installed on OSP
1918153 - When `&` character is set as an environment variable in a build config it is getting converted as `\u0026`
1918185 - Capitalization on PLR details page
1918287 - [ovirt] ovirt csi driver is flooding RHV with API calls and spam the event UI with new connections
1918318 - Kamelet connector's are not shown in eventing section under Admin perspective
1918351 - Gather SAP configuration (SCC & ClusterRoleBinding)
1918375 - [calico] rbac-proxy container in kube-proxy fails to create tokenreviews
1918395 - [ovirt] increase livenessProbe period
1918415 - MCD nil pointer on dropins
1918438 - [ja_JP, zh_CN] Serverless i18n misses
1918440 - Kernel Arguments get reapplied even when no new kargs has been added in MachineConfig
1918471 - CustomNoUpgrade Feature gates are not working correctly
1918558 - Supermicro nodes boot to PXE upon reboot after successful deployment to disk
1918622 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART
1918623 - Updating ose-jenkins-agent-nodejs-12 builder & base images to be consistent with ART
1918625 - Updating ose-jenkins-agent-nodejs-10 builder & base images to be consistent with ART
1918635 - Updating openshift-jenkins-2 builder & base images to be consistent with ART #1197
1918639 - Event listener with triggerRef crashes the console
1918648 - Subscription page doesn't show InstallPlan correctly
1918716 - Manilacsi becomes degraded even though it is not available with the underlying Openstack
1918748 - helmchartrepo is not http(s)_proxy-aware
1918757 - Consistant fallures of features/project-creation.feature Cypress test in CI
1918803 - Need dedicated details page w/ global config breadcrumbs for 'KnativeServing' plugin
1918826 - Insights popover icons are not horizontally aligned
1918879 - need better debug for bad pull secrets
1918958 - The default NMstate instance from the operator is incorrect
1919097 - Close bracket ")" missing at the end of the sentence in the UI
1919231 - quick search modal cut off on smaller screens
1919259 - Make "Add x" singular in Pipeline Builder
1919260 - VM Template list actions should not wrap
1919271 - NM prepender script doesn't support systemd-resolved
1919341 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART
1919360 - Need managed-cluster-info metric enabled for OCP monitoring telemetry
1919379 - dotnet logo out of date
1919387 - Console login fails with no error when it can't write to localStorage
1919396 - A11y Violation: svg-img-alt on Pod Status ring
1919407 - OpenStack IPI has three-node control plane limitation, but InstallConfigs aren't verified
1919750 - Search InstallPlans got Minified React error
1919778 - Upgrade is stuck in insights operator Degraded with "Source clusterconfig could not be retrieved" until insights operator pod is manually deleted
1919823 - OCP 4.7 Internationalization Chinese tranlate issue
1919851 - Visualization does not render when Pipeline & Task share same name
1919862 - The tip information for `oc new-project --skip-config-write` is wrong
1919876 - VM created via customize wizard cannot inherit template's PVC attributes
1919877 - Click on KSVC breaks with white screen
1919879 - The toolbox container name is changed from 'toolbox-root' to 'toolbox-' in a chroot environment
1919945 - user entered name value overridden by default value when selecting a git repository
1919968 - [release-4.7] Undiagnosed panic detected in pod runtime.go:76: invalid memory address or nil pointer dereference
1919970 - NTO does not update when the tuned profile is updated.
1919999 - Bump Cluster Resource Operator Golang Versions
1920027 - machine-config-operator consistently failing during 4.6 to 4.7 upgrades and clusters do not install successfully with proxy configuration
1920200 - user-settings network error results in infinite loop of requests
1920205 - operator-registry e2e tests not working properly
1920214 - Bump golang to 1.15 in cluster-resource-override-admission
1920248 - re-running the pipelinerun with pipelinespec crashes the UI
1920320 - VM template field is "Not available" if it's created from common template
1920367 - When creating localvolumeset instance from the web console, the title for setting volumeMode is `Disk Mode`
1920368 - Fix containers creation issue resulting in runc running on Guaranteed Pod CPUs
1920390 - Monitoring > Metrics graph shifts to the left when clicking the "Stacked" option and when toggling data series lines on / off
1920426 - Egress Router CNI OWNERS file should have ovn-k team members
1920427 - Need to update `oc login` help page since we don't support prompt interactively for the username
1920430 - [V2V] [UI] Browser window becomes empty when running import wizard for the first time
1920438 - openshift-tuned panics on turning debugging on/off.
1920445 - e2e-gcp-ovn-upgrade job is actually using openshift-sdn
1920481 - kuryr-cni pods using unreasonable amount of CPU
1920509 - wait for port 6443 to be open in the kube-scheduler container; use ss instead of lsof
1920524 - Topology graph crashes adding Open Data Hub operator
1920526 - catalog operator causing CPU spikes and bad etcd performance
1920551 - Boot Order is not editable for Templates in "openshift" namespace
1920555 - bump cluster-resource-override-admission api dependencies
1920571 - fcp multipath will not recover failed paths automatically
1920619 - Remove default scheduler profile value
1920655 - Console should not show the Create Autoscaler link in cluster settings when the CRD is not present
1920674 - MissingKey errors in bindings namespace
1920684 - Text in language preferences modal is misleading
1920695 - CI is broken because of bad image registry reference in the Makefile
1920756 - update generic-admission-server library to get the system:masters authorization optimization
1920769 - [Upgrade] OCP upgrade from 4.6.13 to 4.7.0-fc.4 for "network-check-target" failed when "defaultNodeSelector" is set
1920771 - i18n: Delete persistent volume claim drop down is not translated
1920806 - [OVN]Nodes lost network connection after reboot on the vSphere UPI
1920912 - Unable to power off BMH from console
1920981 - When OCS was deployed with arbiter mode enable add capacity is increasing the count by "2"
1920984 - [e2e][automation] some menu items names are out dated
1921013 - Gather PersistentVolume definition (if any) used in image registry config
1921023 - Do not enable Flexible Scaling to true for Internal mode clusters(revert to 4.6 behavior)
1921087 - 'start next quick start' link doesn't work and is unintuitive
1921088 - test-cmd is failing on volumes.sh pretty consistently
1921248 - Clarify the kubelet configuration cr description
1921253 - Text filter default placeholder text not internationalized
1921258 - User Preferences: Active perspective and project change in the current window when selected in a different window
1921275 - Panic in authentication-operator in (*deploymentController).updateOperatorDeploymentInfo
1921277 - Fix Warning and Info log statements to handle arguments
1921281 - oc get -o yaml --export returns "error: unknown flag: --export"
1921458 - [SDK] Gracefully handle the `run bundle-upgrade` if the lower version operator doesn't exist
1921556 - [OCS with Vault]: OCS pods didn't comeup after deploying with Vault details from UI
1921572 - For external source (i.e GitHub Source) form view as well shows yaml
1921580 - [e2e][automation]Test VM detail view actions dropdown does not pass
1921610 - Pipeline metrics font size inconsistency
1921644 - [e2e][automation] tests errors with wrong cloudInit new line syntax
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1921655 - [OSP] Incorrect error handling during cloudinfo generation
1921713 - [e2e][automation] fix failing VM migration tests
1921762 - Serving and Eventing breadcrumbs should direct users back to tabbed page view
1921774 - delete application modal errors when a resource cannot be found
1921806 - Explore page APIResourceLinks aren't i18ned
1921823 - CheckBoxControls not internationalized
1921836 - AccessTableRows don't internationalize "User" or "Group"
1921857 - Test flake when hitting router in e2e tests due to one router not being up to date
1921880 - Dynamic plugins are not initialized on console load in production mode
1921911 - Installer PR #4589 is causing leak of IAM role policy bindings
1921921 - "Global Configuration" breadcrumb does not use sentence case
1921949 - Console bug - source code URL broken for gitlab self-hosted repositories
1921954 - Subscription-related constraints in ResolutionFailed events are misleading
1922015 - buttons in modal header are invisible on Safari
1922021 - Nodes terminal page 'Expand' 'Collapse' button not translated
1922050 - [e2e][automation] Improve vm clone tests
1922066 - Cannot create VM from custom template which has extra disk
1922098 - Namespace selection dialog is not closed after select a namespace
1922099 - Updated Readme documentation for QE code review and setup
1922146 - Egress Router CNI doesn't have logging support.
1922267 - Collect specific ADFS error
1922292 - Bump RHCOS boot images for 4.7
1922454 - CRI-O doesn't enable pprof by default
1922473 - reconcile LSO images for 4.8
1922573 - oc returns an error while using -o jsonpath when there is no resource found in the namespace
1922782 - Source registry missing docker:// in yaml
1922907 - Interop UI Tests - step implementation for updating feature files
1922911 - Page crash when click the "Stacked" checkbox after clicking the data series toggle buttons
1922991 - "verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build" test fails on OKD
1923003 - WebConsole Insights widget showing "Issues pending" when the cluster doesn't report anything
1923098 - [vsphere-problem-detector-operator] Need permission to access replicasets.apps resources
1923102 - [vsphere-problem-detector-operator] pod's version is not correct
1923245 - [Assisted-4.7] [Staging][Minimal-ISO] nodes fails to boot
1923674 - k8s 1.20 vendor dependencies
1923721 - PipelineRun running status icon is not rotating
1923753 - Increase initialDelaySeconds for ovs-daemons container in the ovs-node daemonset for upgrade scenarios
1923774 - Docker builds failing for openshift/cluster-resource-override-admission-operator
1923802 - ci/prow/e2e-aws-olm build failing for openshift/cluster-resource-override-admission-operator
1923874 - Unable to specify values with % in kubeletconfig
1923888 - Fixes error metadata gathering
1923892 - Update arch.md after refactor.
1923894 - "installed" operator status in operatorhub page does not reflect the real status of operator
1923895 - Changelog generation.
1923911 - [e2e][automation] Improve tests for vm details page and list filter
1923945 - PVC Name and Namespace resets when user changes os/flavor/workload
1923951 - EventSources shows `undefined` in project
1923973 - Dynamic plugin demo README does not contain info how to enable the ConsolePlugins
1924046 - Localhost: Refreshing on a Project removes it from nav item urls
1924078 - Topology quick search View all results footer should be sticky.
1924081 - NTO should ship the latest Tuned daemon release 2.15
1924084 - backend tests incorrectly hard-code artifacts dir
1924128 - [sig-builds][Feature:Builds] verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build
1924135 - Under sufficient load, CRI-O may segfault
1924143 - Code Editor Decorator url is broken for Bitbucket repos
1924188 - Language selector dropdown doesn't always pre-select the language
1924365 - Add extra disk for VM which use boot source PXE
1924383 - Degraded network operator during upgrade to 4.7.z
1924387 - [ja_JP][zh_CN] Incorrect warning message for deleting namespace on Delete Pod dialog box.
1924480 - non cluster admin can not take VM snapshot: An error occurred, cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on
1924583 - Deprectaed templates are listed in the Templates screen
1924870 - pick upstream pr#96901: plumb context with request deadline
1924955 - Images from Private external registry not working in deploy Image
1924961 - k8sutil.TrimDNS1123Label creates invalid values
1924985 - Build egress-router-cni for both RHEL 7 and 8
1925020 - Console demo plugin deployment image shoult not point to dockerhub
1925024 - Remove extra validations on kafka source form view net section
1925039 - [e2e] Fix Test - ID(CNV-5327) Change Custom Flavor while VM is running
1925072 - NTO needs to ship the current latest stalld v1.7.0
1925163 - Missing info about dev catalog in boot source template column
1925200 - Monitoring Alert icon is missing on the workload in Topology view
1925262 - apiserver getting 2 SIGTERM signals which was immediately making it exit code 1
1925319 - bash syntax error in configure-ovs.sh script
1925408 - Remove StatefulSet gatherer and replace it with gathering corresponding config map data
1925516 - Pipeline Metrics Tooltips are overlapping data
1925562 - Add new ArgoCD link from GitOps application environments page
1925596 - Gitops details page image and commit id text overflows past card boundary
1926556 - 'excessive etcd leader changes' test case failing in serial job because prometheus data is wiped by machine set test
1926588 - The tarball of operator-sdk is not ready for ocp4.7
1927456 - 4.7 still points to 4.6 catalog images
1927500 - API server exits non-zero on 2 SIGTERM signals
1929278 - Monitoring workloads using too high a priorityclass
1929645 - Remove openshift:kubevirt-machine-controllers decleration from machine-api
1929920 - Cluster monitoring documentation link is broken - 404 not found
5. References:
https://access.redhat.com/security/cve/CVE-2018-10103
https://access.redhat.com/security/cve/CVE-2018-10105
https://access.redhat.com/security/cve/CVE-2018-14461
https://access.redhat.com/security/cve/CVE-2018-14462
https://access.redhat.com/security/cve/CVE-2018-14463
https://access.redhat.com/security/cve/CVE-2018-14464
https://access.redhat.com/security/cve/CVE-2018-14465
https://access.redhat.com/security/cve/CVE-2018-14466
https://access.redhat.com/security/cve/CVE-2018-14467
https://access.redhat.com/security/cve/CVE-2018-14468
https://access.redhat.com/security/cve/CVE-2018-14469
https://access.redhat.com/security/cve/CVE-2018-14470
https://access.redhat.com/security/cve/CVE-2018-14553
https://access.redhat.com/security/cve/CVE-2018-14879
https://access.redhat.com/security/cve/CVE-2018-14880
https://access.redhat.com/security/cve/CVE-2018-14881
https://access.redhat.com/security/cve/CVE-2018-14882
https://access.redhat.com/security/cve/CVE-2018-16227
https://access.redhat.com/security/cve/CVE-2018-16228
https://access.redhat.com/security/cve/CVE-2018-16229
https://access.redhat.com/security/cve/CVE-2018-16230
https://access.redhat.com/security/cve/CVE-2018-16300
https://access.redhat.com/security/cve/CVE-2018-16451
https://access.redhat.com/security/cve/CVE-2018-16452
https://access.redhat.com/security/cve/CVE-2018-20843
https://access.redhat.com/security/cve/CVE-2019-3884
https://access.redhat.com/security/cve/CVE-2019-5018
https://access.redhat.com/security/cve/CVE-2019-6977
https://access.redhat.com/security/cve/CVE-2019-6978
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-9455
https://access.redhat.com/security/cve/CVE-2019-9458
https://access.redhat.com/security/cve/CVE-2019-11068
https://access.redhat.com/security/cve/CVE-2019-12614
https://access.redhat.com/security/cve/CVE-2019-13050
https://access.redhat.com/security/cve/CVE-2019-13225
https://access.redhat.com/security/cve/CVE-2019-13627
https://access.redhat.com/security/cve/CVE-2019-14889
https://access.redhat.com/security/cve/CVE-2019-15165
https://access.redhat.com/security/cve/CVE-2019-15166
https://access.redhat.com/security/cve/CVE-2019-15903
https://access.redhat.com/security/cve/CVE-2019-15917
https://access.redhat.com/security/cve/CVE-2019-15925
https://access.redhat.com/security/cve/CVE-2019-16167
https://access.redhat.com/security/cve/CVE-2019-16168
https://access.redhat.com/security/cve/CVE-2019-16231
https://access.redhat.com/security/cve/CVE-2019-16233
https://access.redhat.com/security/cve/CVE-2019-16935
https://access.redhat.com/security/cve/CVE-2019-17450
https://access.redhat.com/security/cve/CVE-2019-17546
https://access.redhat.com/security/cve/CVE-2019-18197
https://access.redhat.com/security/cve/CVE-2019-18808
https://access.redhat.com/security/cve/CVE-2019-18809
https://access.redhat.com/security/cve/CVE-2019-19046
https://access.redhat.com/security/cve/CVE-2019-19056
https://access.redhat.com/security/cve/CVE-2019-19062
https://access.redhat.com/security/cve/CVE-2019-19063
https://access.redhat.com/security/cve/CVE-2019-19068
https://access.redhat.com/security/cve/CVE-2019-19072
https://access.redhat.com/security/cve/CVE-2019-19221
https://access.redhat.com/security/cve/CVE-2019-19319
https://access.redhat.com/security/cve/CVE-2019-19332
https://access.redhat.com/security/cve/CVE-2019-19447
https://access.redhat.com/security/cve/CVE-2019-19524
https://access.redhat.com/security/cve/CVE-2019-19533
https://access.redhat.com/security/cve/CVE-2019-19537
https://access.redhat.com/security/cve/CVE-2019-19543
https://access.redhat.com/security/cve/CVE-2019-19602
https://access.redhat.com/security/cve/CVE-2019-19767
https://access.redhat.com/security/cve/CVE-2019-19770
https://access.redhat.com/security/cve/CVE-2019-19906
https://access.redhat.com/security/cve/CVE-2019-19956
https://access.redhat.com/security/cve/CVE-2019-20054
https://access.redhat.com/security/cve/CVE-2019-20218
https://access.redhat.com/security/cve/CVE-2019-20386
https://access.redhat.com/security/cve/CVE-2019-20387
https://access.redhat.com/security/cve/CVE-2019-20388
https://access.redhat.com/security/cve/CVE-2019-20454
https://access.redhat.com/security/cve/CVE-2019-20636
https://access.redhat.com/security/cve/CVE-2019-20807
https://access.redhat.com/security/cve/CVE-2019-20812
https://access.redhat.com/security/cve/CVE-2019-20907
https://access.redhat.com/security/cve/CVE-2019-20916
https://access.redhat.com/security/cve/CVE-2020-0305
https://access.redhat.com/security/cve/CVE-2020-0444
https://access.redhat.com/security/cve/CVE-2020-1716
https://access.redhat.com/security/cve/CVE-2020-1730
https://access.redhat.com/security/cve/CVE-2020-1751
https://access.redhat.com/security/cve/CVE-2020-1752
https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/cve/CVE-2020-2574
https://access.redhat.com/security/cve/CVE-2020-2752
https://access.redhat.com/security/cve/CVE-2020-2922
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3898
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-6405
https://access.redhat.com/security/cve/CVE-2020-7595
https://access.redhat.com/security/cve/CVE-2020-7774
https://access.redhat.com/security/cve/CVE-2020-8177
https://access.redhat.com/security/cve/CVE-2020-8492
https://access.redhat.com/security/cve/CVE-2020-8563
https://access.redhat.com/security/cve/CVE-2020-8566
https://access.redhat.com/security/cve/CVE-2020-8619
https://access.redhat.com/security/cve/CVE-2020-8622
https://access.redhat.com/security/cve/CVE-2020-8623
https://access.redhat.com/security/cve/CVE-2020-8624
https://access.redhat.com/security/cve/CVE-2020-8647
https://access.redhat.com/security/cve/CVE-2020-8648
https://access.redhat.com/security/cve/CVE-2020-8649
https://access.redhat.com/security/cve/CVE-2020-9327
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-10029
https://access.redhat.com/security/cve/CVE-2020-10732
https://access.redhat.com/security/cve/CVE-2020-10749
https://access.redhat.com/security/cve/CVE-2020-10751
https://access.redhat.com/security/cve/CVE-2020-10763
https://access.redhat.com/security/cve/CVE-2020-10773
https://access.redhat.com/security/cve/CVE-2020-10774
https://access.redhat.com/security/cve/CVE-2020-10942
https://access.redhat.com/security/cve/CVE-2020-11565
https://access.redhat.com/security/cve/CVE-2020-11668
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-12465
https://access.redhat.com/security/cve/CVE-2020-12655
https://access.redhat.com/security/cve/CVE-2020-12659
https://access.redhat.com/security/cve/CVE-2020-12770
https://access.redhat.com/security/cve/CVE-2020-12826
https://access.redhat.com/security/cve/CVE-2020-13249
https://access.redhat.com/security/cve/CVE-2020-13630
https://access.redhat.com/security/cve/CVE-2020-13631
https://access.redhat.com/security/cve/CVE-2020-13632
https://access.redhat.com/security/cve/CVE-2020-14019
https://access.redhat.com/security/cve/CVE-2020-14040
https://access.redhat.com/security/cve/CVE-2020-14381
https://access.redhat.com/security/cve/CVE-2020-14382
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-14422
https://access.redhat.com/security/cve/CVE-2020-15157
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/cve/CVE-2020-15862
https://access.redhat.com/security/cve/CVE-2020-15999
https://access.redhat.com/security/cve/CVE-2020-16166
https://access.redhat.com/security/cve/CVE-2020-24490
https://access.redhat.com/security/cve/CVE-2020-24659
https://access.redhat.com/security/cve/CVE-2020-25211
https://access.redhat.com/security/cve/CVE-2020-25641
https://access.redhat.com/security/cve/CVE-2020-25658
https://access.redhat.com/security/cve/CVE-2020-25661
https://access.redhat.com/security/cve/CVE-2020-25662
https://access.redhat.com/security/cve/CVE-2020-25681
https://access.redhat.com/security/cve/CVE-2020-25682
https://access.redhat.com/security/cve/CVE-2020-25683
https://access.redhat.com/security/cve/CVE-2020-25684
https://access.redhat.com/security/cve/CVE-2020-25685
https://access.redhat.com/security/cve/CVE-2020-25686
https://access.redhat.com/security/cve/CVE-2020-25687
https://access.redhat.com/security/cve/CVE-2020-25694
https://access.redhat.com/security/cve/CVE-2020-25696
https://access.redhat.com/security/cve/CVE-2020-26160
https://access.redhat.com/security/cve/CVE-2020-27813
https://access.redhat.com/security/cve/CVE-2020-27846
https://access.redhat.com/security/cve/CVE-2020-28362
https://access.redhat.com/security/cve/CVE-2020-29652
https://access.redhat.com/security/cve/CVE-2021-2007
https://access.redhat.com/security/cve/CVE-2021-3121
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYDZ+bNzjgjWX9erEAQghXg//awGwjQxJ5LEZWBTdgyuCa8mHEi2rop5T
lmebolBMNRSbo9gI8LMSHlvIBBFiV4CuFvfxE0AVLNentfzOTH11TxNWe1KQYt4H
EmcGHPeHWTxKDkvAHtVcWXy9WN3y5d4lHSaq6AR1nHRPcj/k1upyx22kotpnYxN8
4d49PjFTO3YbmdYpNLVJ9nY8izqUpTfM7YSyj6ANZSlaYc5Z215o6TPo6e3wobf4
mWu+VfDS0v+/AbGhQhO2sQ7r2ysJ85MB7c62cxck4a51KiA0NKd4xr0TAA4KHnNL
ISHFzi5QYXu+meE+9wYRo1ZjJ5fbPj41+1TJbR6O4CbP0xQiFpcUSipNju3rGSGy
Ae5G/QGT8J7HzOjlKVvY3SFu/odENR6c+xUIr7IB/FBlu7DdPF2XxMZDQD4DKHEk
4aiDbuiEL3Yf78Ic1RqPPmrj9plIwprVFQz+k3JaQXKD+1dBxO6tk+nVu2/5xNbM
uR03hrthYYIpdXLSWU4lzq8j3kQ9wZ4j/m2o6/K6eHNl9PyqAG5jfQv9bVf8E3oG
krzc/JLvOfHNEQ/oJs/v/DFDmnAxshCCtGWlpLJ5J0pcD3EePsrPNs1QtQurVrMv
RjfBCWKOij53+BinrMKHdsHxfur7GCFCIQCVaLIv6GUjX2NWI0voIVA8JkrFNNp6
McvuEaxco7U=
=sw8i
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. This caused a runtime error to occur when
using the Prometheus operand creation form. This was fixed by adding a
`definitions` property to schema returned by the `definitionFor` helper
function so that the `$ref` property can resolve. There are no longer
runtime errors when using the Prometheus operand creation form. Bugs fixed (https://bugzilla.redhat.com/):
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1883268 - remove erroneously specified label drop rules
1885228 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users
1892585 - [release 4.5] cluster-monitoring-operator: Fix bug in reflector not recovering from "Too large resource version"
1893202 - e2e-operator flakes with "TestMetricsAccessible: prometheus returned unexpected results: timed out waiting for the condition"
1893742 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest
1894763 - Undiagnosed panic detected in pod
1894782 - OperatorHub generates incorrect RBAC
1895057 - Deleted netnamespace could not be re-created
1896990 - Console shows wrong value for maxUnavailable and maxSurge when set to 0
5. ==========================================================================
Ubuntu Security Notice USN-4468-1
August 21, 2020
bind9 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Bind.
Software Description:
- bind9: Internet Domain Name Server
Details:
Emanuel Almeida discovered that Bind incorrectly handled certain TCP
payloads. A remote attacker could possibly use this issue to cause Bind to
crash, resulting in a denial of service. This issue only affected Ubuntu
20.04 LTS. (CVE-2020-8620)
Joseph Gullo discovered that Bind incorrectly handled QNAME minimization
when used in certain configurations. A remote attacker could possibly use
this issue to cause Bind to crash, resulting in a denial of service. This
issue only affected Ubuntu 20.04 LTS. (CVE-2020-8621)
Dave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind
incorrectly handled certain truncated responses to a TSIG-signed request. A
remote attacker could possibly use this issue to cause Bind to crash,
resulting in a denial of service. (CVE-2020-8622)
Lyu Chiy discovered that Bind incorrectly handled certain queries. A remote
attacker could possibly use this issue to cause Bind to crash, resulting in
a denial of service. (CVE-2020-8623)
Joop Boonen discovered that Bind incorrectly handled certain subdomain
update-policy rules. A remote attacker granted privileges to change certain
parts of a zone could use this issue to change other contents of the zone,
contrary to expectations. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-8624)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
bind9 1:9.16.1-0ubuntu2.3
Ubuntu 18.04 LTS:
bind9 1:9.11.3+dfsg-1ubuntu1.13
Ubuntu 16.04 LTS:
bind9 1:9.10.3.dfsg.P4-8ubuntu1.17
In general, a standard system update will make all the necessary changes. 8) - aarch64, ppc64le, s390x, x86_64
3.
The following packages have been upgraded to a later upstream version: bind
(9.11.20). Bugs fixed (https://bugzilla.redhat.com/):
1693395 - Remove revoked KSK from trusted keys
1749505 - internal test suite failures
1814158 - bind internal testsuite, random failure in autosign
1817870 - /usr/bin/nsupdate -g segfault when connect to AD
1847244 - CVE-2020-8619 bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c
1848169 - named-checkconf fails to validate configuration file with CIDRs with host bits set
1859454 - named-pkcs11.service: (named-pkcs11) of user 25 dumped core. Bugs fixed (https://bugzilla.redhat.com/):
1823765 - nfd-workers crash under an ipv6 environment
1838802 - mysql8 connector from operatorhub does not work with metering operator
1838845 - Metering operator can't connect to postgres DB from Operator Hub
1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1868294 - NFD operator does not allow customisation of nfd-worker.conf
1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration
1890672 - NFD is missing a build flag to build correctly
1890741 - path to the CA trust bundle ConfigMap is broken in report operator
1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster
1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel
1900125 - FIPS error while generating RSA private key for CA
1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub
1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub
1913837 - The CI and ART 4.7 metering images are not mirrored
1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le
1916010 - olm skip range is set to the wrong range
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1923998 - NFD Operator is failing to update and remains in Replacing state
5.
For the stable distribution (buster), these problems have been fixed in
version 1:9.11.5.P4+dfsg-5.1+deb10u2.
We recommend that you upgrade your bind9 packages.
For the detailed security status of bind9 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/bind9
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9H9LBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Riow//eYx52gDQkiERYSEFJbSK34AzF5Ee3W8JYh1BG4PFagvR/y3hwddyFEkR
pHlq/t78TPWi9oQ3j8uuQL0VLMA+8jyaNXA0h6BMs/3VKzGktFyINdKPBPIghT2w
2tugfgjK1MR0LZ27rcE86I1QoyFy+jHMmd03R0B0AQPWYkjp+2sp5nxskFVM9jXO
8emXIzT3IZns8WSS7xCZOqE6D40Vk/3hP5IXDXIbHHFUgl6jCEpPHJBHCgrtw9HZ
Or/EQgy4y+QUZNqsPw93kxc7cwVWhauW/PX9VZ1HWnfMIWEZX9K8fmYPHlj4dJUa
1G45uTtYT7VaLvs+N7j1UulII+f1ZT9rrljasVKfbmALt+mp28/LzzcCCBMYohkK
Ka30MmBu5yZnn36LNWGwaOO5D+cCHsc58awKu3C5wUG/QMBjT+dYlhkbUbllpZVj
vMMXjnrefdkCLy7LEDAul1NLgxWcSWzcQ0SyNEfu9IajtA94unFMwNzFmQb7ykql
WMkHTg+7mSdPCxOI+0g9+w+pKZFdBGZxXu76cV8FB1BmRitsM8XYrtBGO9uWvkI9
hIm7pHhyJB0E008qo+cKutpnvruLZLBUCutUuNHZAirq+zaHjoVDSxiqPWEJ9jdR
Sx85bc7+6f1daR04r5ay/mCuWPTQYrM1VyBsFnAvGxWoznHnmbk=
=kUyE
-----END PGP SIGNATURE-----
|
|
var-201302-0307
|
Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code.
Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2013:0254-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html
Issue date: 2013-02-13
CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639
CVE-2013-0642 CVE-2013-0644 CVE-2013-0645
CVE-2013-0647 CVE-2013-0649 CVE-2013-1365
CVE-2013-1366 CVE-2013-1367 CVE-2013-1368
CVE-2013-1369 CVE-2013-1370 CVE-2013-1372
CVE-2013-1373 CVE-2013-1374
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes several security issues is
now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security bulletin APSB13-05,
listed in the References section. Specially-crafted SWF content could cause
flash-plugin to crash or, potentially, execute arbitrary code when a victim
loads a page containing the malicious SWF content. (CVE-2013-0638,
CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,
CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,
CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive
information if a victim were tricked into visiting a specially-crafted web
page.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05)
910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html
https://www.redhat.com/security/data/cve/CVE-2013-0638.html
https://www.redhat.com/security/data/cve/CVE-2013-0639.html
https://www.redhat.com/security/data/cve/CVE-2013-0642.html
https://www.redhat.com/security/data/cve/CVE-2013-0644.html
https://www.redhat.com/security/data/cve/CVE-2013-0645.html
https://www.redhat.com/security/data/cve/CVE-2013-0647.html
https://www.redhat.com/security/data/cve/CVE-2013-0649.html
https://www.redhat.com/security/data/cve/CVE-2013-1365.html
https://www.redhat.com/security/data/cve/CVE-2013-1366.html
https://www.redhat.com/security/data/cve/CVE-2013-1367.html
https://www.redhat.com/security/data/cve/CVE-2013-1368.html
https://www.redhat.com/security/data/cve/CVE-2013-1369.html
https://www.redhat.com/security/data/cve/CVE-2013-1370.html
https://www.redhat.com/security/data/cve/CVE-2013-1372.html
https://www.redhat.com/security/data/cve/CVE-2013-1373.html
https://www.redhat.com/security/data/cve/CVE-2013-1374.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb13-05.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs
pnyD10c/hdKGIm0b1Kjv3eY=
=+cgh
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
SOLUTION:
Update to version 24.0.1312.70.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites. Please review the CVE identifiers referenced below for
details.
Impact
======
A remote attacker could entice a user to open specially crafted SWF
content, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to bypass access
restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
==========
[ 1 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 2 ] CVE-2012-5248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[ 3 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 4 ] CVE-2012-5249
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[ 5 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 6 ] CVE-2012-5250
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[ 7 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 8 ] CVE-2012-5251
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[ 9 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 10 ] CVE-2012-5252
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[ 11 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 12 ] CVE-2012-5253
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[ 13 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 14 ] CVE-2012-5254
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[ 15 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 16 ] CVE-2012-5255
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[ 17 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 18 ] CVE-2012-5256
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[ 19 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 20 ] CVE-2012-5257
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[ 21 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 22 ] CVE-2012-5258
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[ 23 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 24 ] CVE-2012-5259
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[ 25 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 26 ] CVE-2012-5260
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[ 27 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 28 ] CVE-2012-5261
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[ 29 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 30 ] CVE-2012-5262
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[ 31 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 32 ] CVE-2012-5263
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[ 33 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 34 ] CVE-2012-5264
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[ 35 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 36 ] CVE-2012-5265
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[ 37 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 38 ] CVE-2012-5266
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[ 39 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 40 ] CVE-2012-5267
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[ 41 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 42 ] CVE-2012-5268
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[ 43 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 44 ] CVE-2012-5269
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[ 45 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 46 ] CVE-2012-5270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[ 47 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 48 ] CVE-2012-5271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[ 49 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 50 ] CVE-2012-5272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[ 51 ] CVE-2012-5274
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274
[ 52 ] CVE-2012-5275
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275
[ 53 ] CVE-2012-5276
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276
[ 54 ] CVE-2012-5277
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277
[ 55 ] CVE-2012-5278
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278
[ 56 ] CVE-2012-5279
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279
[ 57 ] CVE-2012-5280
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280
[ 58 ] CVE-2012-5676
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676
[ 59 ] CVE-2012-5677
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677
[ 60 ] CVE-2012-5678
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678
[ 61 ] CVE-2013-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504
[ 62 ] CVE-2013-0630
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630
[ 63 ] CVE-2013-0633
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633
[ 64 ] CVE-2013-0634
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634
[ 65 ] CVE-2013-0637
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637
[ 66 ] CVE-2013-0638
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638
[ 67 ] CVE-2013-0639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639
[ 68 ] CVE-2013-0642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642
[ 69 ] CVE-2013-0643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643
[ 70 ] CVE-2013-0644
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644
[ 71 ] CVE-2013-0645
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645
[ 72 ] CVE-2013-0646
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646
[ 73 ] CVE-2013-0647
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647
[ 74 ] CVE-2013-0648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648
[ 75 ] CVE-2013-0649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649
[ 76 ] CVE-2013-0650
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650
[ 77 ] CVE-2013-1365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365
[ 78 ] CVE-2013-1366
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366
[ 79 ] CVE-2013-1367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367
[ 80 ] CVE-2013-1368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368
[ 81 ] CVE-2013-1369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369
[ 82 ] CVE-2013-1370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370
[ 83 ] CVE-2013-1371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371
[ 84 ] CVE-2013-1372
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372
[ 85 ] CVE-2013-1373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373
[ 86 ] CVE-2013-1374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374
[ 87 ] CVE-2013-1375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375
[ 88 ] CVE-2013-1378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378
[ 89 ] CVE-2013-1379
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379
[ 90 ] CVE-2013-1380
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380
[ 91 ] CVE-2013-2555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555
[ 92 ] CVE-2013-2728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728
[ 93 ] CVE-2013-3343
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343
[ 94 ] CVE-2013-3344
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344
[ 95 ] CVE-2013-3345
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345
[ 96 ] CVE-2013-3347
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347
[ 97 ] CVE-2013-3361
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361
[ 98 ] CVE-2013-3362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362
[ 99 ] CVE-2013-3363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363
[ 100 ] CVE-2013-5324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Please send
email to <cert@cert.org> with "TA13-043A Feedback VU#689711" in
the subject.
____________________________________________________________________
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released.
Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA52166
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/52166/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE:
2013-02-12
DISCUSS ADVISORY:
http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player and
AIR, which can be exploited by malicious people to disclose certain
sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer
overflows.
2) Some use-after-free errors can be exploited to dereference already
freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain
sensitive information.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and
Fermin Serna, Google
3) The vendor credits Natalie Silvanovich, BlackBerry Security,
Research in Motion
4) The vendor credits Damian Put via iDefense
6) Reported by the vendor.
ORIGINAL ADVISORY:
Adobe (APSB13-05):
http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-201804-1162
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of comparison operators in JIT. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: August 22, 2018
Bugs: #652820, #658168, #662974
ID: 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
==========
[ 1 ] CVE-2018-11646
https://nvd.nist.gov/vuln/detail/CVE-2018-11646
[ 2 ] CVE-2018-11712
https://nvd.nist.gov/vuln/detail/CVE-2018-11712
[ 3 ] CVE-2018-11713
https://nvd.nist.gov/vuln/detail/CVE-2018-11713
[ 4 ] CVE-2018-12293
https://nvd.nist.gov/vuln/detail/CVE-2018-12293
[ 5 ] CVE-2018-12294
https://nvd.nist.gov/vuln/detail/CVE-2018-12294
[ 6 ] CVE-2018-4101
https://nvd.nist.gov/vuln/detail/CVE-2018-4101
[ 7 ] CVE-2018-4113
https://nvd.nist.gov/vuln/detail/CVE-2018-4113
[ 8 ] CVE-2018-4114
https://nvd.nist.gov/vuln/detail/CVE-2018-4114
[ 9 ] CVE-2018-4117
https://nvd.nist.gov/vuln/detail/CVE-2018-4117
[ 10 ] CVE-2018-4118
https://nvd.nist.gov/vuln/detail/CVE-2018-4118
[ 11 ] CVE-2018-4119
https://nvd.nist.gov/vuln/detail/CVE-2018-4119
[ 12 ] CVE-2018-4120
https://nvd.nist.gov/vuln/detail/CVE-2018-4120
[ 13 ] CVE-2018-4121
https://nvd.nist.gov/vuln/detail/CVE-2018-4121
[ 14 ] CVE-2018-4122
https://nvd.nist.gov/vuln/detail/CVE-2018-4122
[ 15 ] CVE-2018-4125
https://nvd.nist.gov/vuln/detail/CVE-2018-4125
[ 16 ] CVE-2018-4127
https://nvd.nist.gov/vuln/detail/CVE-2018-4127
[ 17 ] CVE-2018-4128
https://nvd.nist.gov/vuln/detail/CVE-2018-4128
[ 18 ] CVE-2018-4129
https://nvd.nist.gov/vuln/detail/CVE-2018-4129
[ 19 ] CVE-2018-4133
https://nvd.nist.gov/vuln/detail/CVE-2018-4133
[ 20 ] CVE-2018-4146
https://nvd.nist.gov/vuln/detail/CVE-2018-4146
[ 21 ] CVE-2018-4162
https://nvd.nist.gov/vuln/detail/CVE-2018-4162
[ 22 ] CVE-2018-4163
https://nvd.nist.gov/vuln/detail/CVE-2018-4163
[ 23 ] CVE-2018-4165
https://nvd.nist.gov/vuln/detail/CVE-2018-4165
[ 24 ] CVE-2018-4190
https://nvd.nist.gov/vuln/detail/CVE-2018-4190
[ 25 ] CVE-2018-4192
https://nvd.nist.gov/vuln/detail/CVE-2018-4192
[ 26 ] CVE-2018-4199
https://nvd.nist.gov/vuln/detail/CVE-2018-4199
[ 27 ] CVE-2018-4200
https://nvd.nist.gov/vuln/detail/CVE-2018-4200
[ 28 ] CVE-2018-4201
https://nvd.nist.gov/vuln/detail/CVE-2018-4201
[ 29 ] CVE-2018-4204
https://nvd.nist.gov/vuln/detail/CVE-2018-4204
[ 30 ] CVE-2018-4214
https://nvd.nist.gov/vuln/detail/CVE-2018-4214
[ 31 ] CVE-2018-4218
https://nvd.nist.gov/vuln/detail/CVE-2018-4218
[ 32 ] CVE-2018-4222
https://nvd.nist.gov/vuln/detail/CVE-2018-4222
[ 33 ] CVE-2018-4232
https://nvd.nist.gov/vuln/detail/CVE-2018-4232
[ 34 ] CVE-2018-4233
https://nvd.nist.gov/vuln/detail/CVE-2018-4233
[ 35 ] CVE-2018-4261
https://nvd.nist.gov/vuln/detail/CVE-2018-4261
[ 36 ] CVE-2018-4262
https://nvd.nist.gov/vuln/detail/CVE-2018-4262
[ 37 ] CVE-2018-4263
https://nvd.nist.gov/vuln/detail/CVE-2018-4263
[ 38 ] CVE-2018-4264
https://nvd.nist.gov/vuln/detail/CVE-2018-4264
[ 39 ] CVE-2018-4265
https://nvd.nist.gov/vuln/detail/CVE-2018-4265
[ 40 ] CVE-2018-4266
https://nvd.nist.gov/vuln/detail/CVE-2018-4266
[ 41 ] CVE-2018-4267
https://nvd.nist.gov/vuln/detail/CVE-2018-4267
[ 42 ] CVE-2018-4270
https://nvd.nist.gov/vuln/detail/CVE-2018-4270
[ 43 ] CVE-2018-4272
https://nvd.nist.gov/vuln/detail/CVE-2018-4272
[ 44 ] CVE-2018-4273
https://nvd.nist.gov/vuln/detail/CVE-2018-4273
[ 45 ] CVE-2018-4278
https://nvd.nist.gov/vuln/detail/CVE-2018-4278
[ 46 ] CVE-2018-4284
https://nvd.nist.gov/vuln/detail/CVE-2018-4284
[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003
https://webkitgtk.org/security/WSA-2018-0003.html
[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004
https://webkitgtk.org/security/WSA-2018-0004.html
[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005
https://webkitgtk.org/security/WSA-2018-0005.html
[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006
https://webkitgtk.org/security/WSA-2018-0006.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2018-0003
------------------------------------------------------------------------
Date reported : April 04, 2018
Advisory ID : WSA-2018-0003
Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html
CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114,
CVE-2018-4117, CVE-2018-4118, CVE-2018-4119,
CVE-2018-4120, CVE-2018-4122, CVE-2018-4125,
CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161,
CVE-2018-4162, CVE-2018-4163, CVE-2018-4165.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to OSS-Fuzz.
Impact: Unexpected interaction with indexing types causing an ASSERT
failure. Description: An array indexing issue existed in the
handling of a function in JavaScriptCore. This issue was addressed
through improved checks.
Credit to OSS-Fuzz. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher.
Impact: A malicious website may exfiltrate data cross-origin.
Description: A cross-origin issue existed with the fetch API. This
was addressed through improved input validation.
Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher working with Trend Microys Zero
Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to an anonymous researcher working with Trend Microys Zero
Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Zach Markley. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to likemeng of Baidu Security Lab working with Trend Micro's
Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify
(detectify.com), Yuji Tounai of NTT Communications Corporation.
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack. This issue was addressed with improved URL
validation.
Credit to OSS-Fuzz.
Impact: Processing maliciously crafted web content may lead to a
denial of service. Description: A memory corruption issue was
addressed through improved input validation.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
April 04, 2018
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2018-3-29-2 watchOS 4.3
watchOS 4.3 is now available and addresses the following:
CoreFoundation
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
File System Events
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4143: derrek (@derrekr6)
NSURLSession
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel GroA (@5aelo)
Quick Look
Available for: All Apple Watch models
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4157: Samuel GroA (@5aelo)
Security
Available for: All Apple Watch models
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)
System Preferences
Available for: All Apple Watch models
Impact: A configuration profile may incorrectly remain in effect
after removal
Description: An issue existed in CFPreferences.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlspHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZhfA//
QhXriKk82GO1fdVRi/k9EQEVNpin8cU62yjgBF3nLEoZeLKRkaZMLsoEzBZ/sOtY
v4VEJzRFcrVbDmmFtrA1ECEHe3w7tEydO9CjQsfesZ6TZRSO08ZD5fwE1Q0Jzqq7
43Dlt9/9Y+Fai48wYatj6yKfrjsF1yTnRr83M3C9mrbNJGgZ7yQeMyZ2iu+NcSry
XnsK5xoESTH3dmc9+3MCj7h8Fw5MYaWCLPD/jS7iTQDJ9tpJhB+Rw0Z6cQxBNvYn
/Sd3XiGvg0aOf3VJW/uodQFEBbBt9V2huCMsaKCLdcdTU+xZ6agmAQ9O5a/rpebP
Qa844Ug+CjHT3p8UdldRO/RTjtWhO4s1n/eK1uaJUajqv557qJni+c3GNYtjIk/U
TMb+5A7y5f3mVLIgEXaKiK8LwfXPKFXgXIWQk/Nsxda2fYHFupAm54uDx3flor2Z
ec7/7yyE7hQJ3BdalRMOTRz8+ZTKN+YZcnls6XstNWp2w+vhqj8Uo16RQG7ga5Uw
+tKm/eUe5AdHtjqFzcSfmOrS7XHXEjvqCTCDLIyoP3eWaxsxdfsN3oKOCpjRbYqU
jGZjPUVxBzx+/evM1irbtlF4GHXuGdryDvbtFMt2l7t5/gnvsZkrt0Ij93XEC79i
ARG0K0zkbtxBQF7qrn2cu/5e+LC217rBLtgO5HpxNEU=
=FEXo
-----END PGP SIGNATURE-----
. ==========================================================================
Ubuntu Security Notice USN-3635-1
April 30, 2018
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3635-1
CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,
CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,
CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,
CVE-2018-4163, CVE-2018-4165
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1
.
CVE-2018-4102: Kai Zhao of 3H security team
CVE-2018-4116: @littlelailo, xisigr of Tencent's Xuanwu Lab
(tencent.com)
Safari Login AutoFill
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.4
Impact: A malicious website may be able to exfiltrate autofilled data
in Safari without explicit user interaction.
Description: Safari autofill did not require explicit user
interaction before taking place.
CVE-2018-4146: found by OSS-Fuzz
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.4
Impact: A malicious website may exfiltrate data cross-origin
Description: A cross-origin issue existed with the fetch API.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
Additional recognition
WebKit
We would like to acknowledge Johnny Nipper of Tinder Security Team
for their assistance.
Installation note:
Safari 11.1 may be obtained from the Mac App Store |
|
var-201912-0592
|
An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges. Apple From iCloud for Windows An update for has been released.The expected impact depends on each vulnerability, but can be affected as follows: * Arbitrary code execution * Privilege escalation * information leak. plural Apple The product contains an input validation vulnerability due to a flaw in memory handling.You may be able to elevate privileges through the application. SQLite is prone to the following security vulnerabilities.
1. Multiple privilege-escalation vulnerabilities
2. A memory corruption vulnerability
3. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. SQLite is one of the C-language-based open source embedded relational database management components developed by American software developer D.Richard Hipp. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Apple iOS prior to 12.3; macOS Mojave prior to 10.14.5; tvOS prior to 12.3; Windows-based iCloud prior to 10.4, prior to 7.12; Windows-based iTunes prior to 12.9.5; versions earlier than watchOS 5.2.1.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-5-13-1 iOS 12.3
iOS 12.3 is now available and addresses the following:
AppleFileConduit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8593: Dany Lisiansky (@DanyL931)
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to read restricted memory
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8598: Omer Gull of Checkpoint Research
CoreAudio
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted movie file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Disk Images
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological
University
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8576: Brandon Azad of Google Project Zero, unho Jang and
Hanul Choi of LINE Security Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to cause unexpected system
termination or write kernel memory
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2019-8591: Ned Williamson working with Google Project Zero
Lock Screen
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
see the email address used for iTunes
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8599: Jeremy Peña-Lopez (aka Radio) of the University of
North Florida
Mail
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted message may lead to a denial
of service
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8626: Natalie Silvanovich of Google Project Zero
Mail Message Framework
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8613: Natalie Silvanovich of Google Project Zero
MobileInstallation
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to modify protected parts of the
file system
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8568: Dany Lisiansky (@DanyL931)
MobileLockdown
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to gain root privileges
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8637: Dany Lisiansky (@DanyL931)
Photos Storage
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2019-8617: an anonymous researcher
SQLite
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An input validation issue was addressed with improved
memory handling.
CVE-2019-8577: Omer Gull of Checkpoint Research
SQLite
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-8600: Omer Gull of Checkpoint Research
SQLite
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to read restricted memory
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8598: Omer Gull of Checkpoint Research
SQLite
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2019-8602: Omer Gull of Checkpoint Research
Status Bar
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: The lock screen may show a locked icon after unlocking
Description: The issue was addressed with improved UI handling.
CVE-2019-8630: Jon M. Morlan
StreamingZip
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to modify protected parts of the
file system
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8568: Dany Lisiansky (@DanyL931)
sysdiagnose
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-6237: G. Geshev working with Trend Micro Zero Day
Initiative, Liu Long of Qihoo 360 Vulcan Team
CVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative
CVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_)
of Tencent Keen Lab, and dwfault working at ADLab of Venustech
CVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero
Day Initiative
CVE-2019-8586: an anonymous researcher
CVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &
Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab
CVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero
Day Initiative
CVE-2019-8596: Wen Xu of SSLab at Georgia Tech
CVE-2019-8597: 01 working with Trend Micro Zero Day Initiative
CVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day
Initiative
CVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8609: Wen Xu of SSLab, Georgia Tech
CVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative
CVE-2019-8611: Samuel Groß of Google Project Zero
CVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's
Zero Day Initiative
CVE-2019-8619: Wen Xu of SSLab at Georgia Tech and
Hanqing Zhao of Chaitin Security Research Lab
CVE-2019-8622: Samuel Groß of Google Project Zero
CVE-2019-8623: Samuel Groß of Google Project Zero
CVE-2019-8628: Wen Xu of SSLab at Georgia Tech and
Hanqing Zhao of Chaitin Security Research Lab
Wi-Fi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A device may be passively tracked by its WiFi MAC address
Description: A user privacy issue was addressed by removing the
broadcast MAC address.
CVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile
Networking Lab at Technische Universität Darmstadt
Additional recognition
Clang
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
CoreFoundation
We would like to acknowledge Vozzie and Rami and m4bln, Xiangqian
Zhang, Huiming Liu of Tencent's Xuanwu Lab for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero and
an anonymous researcher for their assistance.
MediaLibrary
We would like to acknowledge Angel Ramirez and Min (Spark) Zheng,
Xiaolong Bai of Alibaba Inc. for their assistance.
MobileInstallation
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Safari
We would like to acknowledge Ben Guild (@benguild) for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.3".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlzZrUopHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3FJJxAA
hLu4GEYEBPNLxDWhh49P7k7pe33N8cguJw2iPt6sYkF9swBwzL1AC1y0WiNJejGT
Y0PPMG7evpaEVGQwCZvHarNT4g35OUeHdHy4gYAIPfTY15G25jmELL4YTJutWQ0O
z6KseXhEq9EqpHKlsT5Q6QOEoUyXVHan33d+H9+4t/jQHFvDqMmwHWO7bKlYyhWW
ctG8jbXSgy/OFjSrmbPhfbBfDXQHah8GsFGJAFtlWk+UtQhXNifJT1tj9XAKDtGK
V5EQ/hYkYRyyeNPXLiZ/wn6Jesbg8QIrmZB2RHAl1w8XZZY2Gsd1//dTXqn1LkqK
gwOV0+Vs//LJwIqix435KKc0ULMwJjIfKy9whzPyf+4lqcD4kx4OdQrakZz4+L7g
4ZZeeyJ0LFFnO4eavtn6lVrYcTXVhJlRkJ6cWZcf9Dfr28bPTSSHda1Nd9quZFJn
QPFt7CHRPL1MelgfDKZNeTy7WUDnoTwbdMZCyd0MszCxCeaSahny7066jmfKyXGI
OoQQyyz96OmBABcqG3WeCRSeJ3ymmoy2d+JzjA4boIHo4k+nq5ifKikyI8qiHIBB
uS3K3DEzMSj/0u2vNcDMjQ6vogbxeWnK8fxCCxkfedYZEdHg4Oj4lK1HStbhweoJ
cB3S2pWUIPt8HRcnbUYgypZ0ZJgtnTom+0mgi3a0+64=
=fsAj
-----END PGP SIGNATURE-----
|
|
var-201302-0224
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. This vulnerability February 2013 CPU This is a different vulnerability than the other vulnerabilities listed on the list.Information is obtained by a third party, information is altered, or service operation is interrupted. (DoS) An attack may be carried out.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component.
Note: This issue was previously discussed in BID 57670 (Oracle Java Runtime Environment Multiple Security Vulnerabilities) but has been given its own record to better document it.
This vulnerability affects the following supported versions:
7 Update 11, 6 Update 38. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6
Update 13
Java for OS X 2013-001 and Mac OS X v10.6 Update 13 is now available
and addresses the following:
Java
Available for: OS X Lion v10.7 or later,
OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later
Impact: Multiple vulnerabilities in Java 1.6.0_37
Description: Multiple vulnerabilities existed in Java 1.6.0_37, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues were addressed by updating to Java version 1.6.0_41. For
Mac OS X v10.6 systems, these issues were addressed in Java for Mac
OS X v10.6 Update 13. Further information is available via the Java
website at http://www.oracle.com/technetwork/java/javase/
releasenotes-136954.html
CVE-ID
CVE-2012-3213
CVE-2012-3342
CVE-2013-0351
CVE-2013-0409
CVE-2013-0419
CVE-2013-0423
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0438
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0445
CVE-2013-0446
CVE-2013-0450
CVE-2013-1473
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
CVE-2013-1481
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Impact: Multiple vulnerabilities in Java
Description: Multiple vulnerabilities existed in Java, the most
serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues were addressed by updating to Java version 1.6.0_41.
Further information is available via the Java website at http://www.o
racle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2013-1486
CVE-2013-1487
CVE-2013-1488
Malware removal
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Description: This update runs a malware removal tool that will
remove the most common variants of malware. If malware is found, it
presents a dialog notifying the user that malware was removed. There
is no indication to the user if malware is not found.
Java for OS X 2013-001 and Java for Mac OS X 10.6 Update 13
may be obtained from the Software Update pane in System Preferences,
Mac App Store, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.Update13.dmg
Its SHA-1 digest is: 5327984bc0b300c237fe69cecf69513624f56b0e
For OS X Lion and Mountain Lion systems
The download file is named: JavaForOSX2013-001.dmg
Its SHA-1 digest is: 145d74354241cf2f567d2768bbd0a7185e7d308a
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJRI/A/AAoJEPefwLHPlZEwDp4QAKz9nfo397KaudpFDey26bsb
GNR8HQ3Z5Ln0ArgwBcc2XabzIYXsjmY7nPdZgq1m0sWgFGWtfQ7qslRooUyNLOsB
WUddu+hQYvPn3CJOZsaPfTA2mfK6Qk9LeyqzUUkZrRNltHnIFMO7uXLEIdrFdnnx
exFMPjbIq+xM5UZgvd/2grtF4DaZHnbcK+t/tDwH09/hGRQ+l+3a/3FB2S1Av85c
FSuiieyrz2NNnDwFCj5NeSFQuK7hr52TiSOEPYI2eiTepyBHrUy03wAe8uwIzQII
RjkY3Nbc8AZt0Q6lq5TgsQbH+vrwVE07nty36uMKmE2vJXyOAIZjfrrwv9SetLwd
QnU5NYMbeHAHmSN5JQfuvDxEfL15/7Jafw2noJGotdrMzs6XQACFIHKqLORdwNkp
sltj3LwykpcyoCR8Dq7NPafqhp2wySaHX8DFSohcq1aa1w+SLDgPCZUAzknwokCL
f/hVQzP6hD0uHP/2jsLjh5g6TgHmCRdR+CKCs7QZaYAUketelRX9YOcgcXzqf5sy
EcbDvJ+rd3KsQ9gIByGwVhHD87NSZDJAyG0ROjMMS9w/7l7nhGxedzGzlyK3oNl/
VpewgZ8FpUrvY80HOPz5XyFmX+HQoSnJ8er6OI5AvHBPn+Z1yHDLS5zpLeDD/wO9
rmbzMJjZUnlCDXoLEVQ9
=qlVo
-----END PGP SIGNATURE-----
. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: January 27, 2014
Bugs: #404071, #421073, #433094, #438706, #451206, #455174,
#458444, #460360, #466212, #473830, #473980, #488210, #498148
ID: 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable!
2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 *
3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable!
4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 *
5 app-emulation/emul-linux-x86-java
< 1.7.0.51 >= 1.7.0.51 *
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers. Please review the CVE identifiers referenced below for
details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the
latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one
of the newer Oracle packages like dev-java/oracle-jdk-bin or
dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.
References
==========
[ 1 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update
Advisory ID: RHSA-2013:0236-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0236.html
Issue date: 2013-02-04
CVE Names: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342
CVE-2013-0351 CVE-2013-0409 CVE-2013-0419
CVE-2013-0423 CVE-2013-0424 CVE-2013-0425
CVE-2013-0426 CVE-2013-0427 CVE-2013-0428
CVE-2013-0429 CVE-2013-0430 CVE-2013-0432
CVE-2013-0433 CVE-2013-0434 CVE-2013-0435
CVE-2013-0438 CVE-2013-0440 CVE-2013-0441
CVE-2013-0442 CVE-2013-0443 CVE-2013-0445
CVE-2013-0446 CVE-2013-0450 CVE-2013-1473
CVE-2013-1475 CVE-2013-1476 CVE-2013-1478
CVE-2013-1480 CVE-2013-1481
=====================================================================
1. Summary:
Updated java-1.6.0-sun packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3.
(CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409,
CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426,
CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432,
CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440,
CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446,
CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478,
CVE-2013-1480, CVE-2013-1481)
All users of java-1.6.0-sun are advised to upgrade to these updated
packages, which provide Oracle Java 6 Update 39. All running instances of
Oracle Java must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393)
860652 - CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50)
906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318)
906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)
906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972)
906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977)
906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057)
906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325)
906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537)
906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
906930 - CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install)
906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)
907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29)
907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952)
907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting)
907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound)
907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX)
907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)
907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509)
907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528)
907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)
907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941)
907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071)
907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)
907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066)
907460 - CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm
java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-1541.html
https://www.redhat.com/security/data/cve/CVE-2012-3213.html
https://www.redhat.com/security/data/cve/CVE-2012-3342.html
https://www.redhat.com/security/data/cve/CVE-2013-0351.html
https://www.redhat.com/security/data/cve/CVE-2013-0409.html
https://www.redhat.com/security/data/cve/CVE-2013-0419.html
https://www.redhat.com/security/data/cve/CVE-2013-0423.html
https://www.redhat.com/security/data/cve/CVE-2013-0424.html
https://www.redhat.com/security/data/cve/CVE-2013-0425.html
https://www.redhat.com/security/data/cve/CVE-2013-0426.html
https://www.redhat.com/security/data/cve/CVE-2013-0427.html
https://www.redhat.com/security/data/cve/CVE-2013-0428.html
https://www.redhat.com/security/data/cve/CVE-2013-0429.html
https://www.redhat.com/security/data/cve/CVE-2013-0430.html
https://www.redhat.com/security/data/cve/CVE-2013-0432.html
https://www.redhat.com/security/data/cve/CVE-2013-0433.html
https://www.redhat.com/security/data/cve/CVE-2013-0434.html
https://www.redhat.com/security/data/cve/CVE-2013-0435.html
https://www.redhat.com/security/data/cve/CVE-2013-0438.html
https://www.redhat.com/security/data/cve/CVE-2013-0440.html
https://www.redhat.com/security/data/cve/CVE-2013-0441.html
https://www.redhat.com/security/data/cve/CVE-2013-0442.html
https://www.redhat.com/security/data/cve/CVE-2013-0443.html
https://www.redhat.com/security/data/cve/CVE-2013-0445.html
https://www.redhat.com/security/data/cve/CVE-2013-0446.html
https://www.redhat.com/security/data/cve/CVE-2013-0450.html
https://www.redhat.com/security/data/cve/CVE-2013-1473.html
https://www.redhat.com/security/data/cve/CVE-2013-1475.html
https://www.redhat.com/security/data/cve/CVE-2013-1476.html
https://www.redhat.com/security/data/cve/CVE-2013-1478.html
https://www.redhat.com/security/data/cve/CVE-2013-1480.html
https://www.redhat.com/security/data/cve/CVE-2013-1481.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFREE7WXlSAg2UNWIIRAuWTAJ4g2iIk0XnUEpbIXz6nDgDjaHxz7ACbBcjy
gqkoqFew2BZDYA/n817qYO8=
=m5pJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released.
Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
----------------------------------------------------------------------
TITLE:
Oracle Java Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA52064
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/52064/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=52064
RELEASE DATE:
2013-02-02
DISCUSS ADVISORY:
http://secunia.com/advisories/52064/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/52064/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52064
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Oracle Java, which can
be exploited by malicious local users to gain escalated privileges and
by malicious people to disclose certain sensitive information,
manipulate certain data, cause a DoS (Denial of Service), and
compromise a vulnerable system.
1) An unspecified error in the 2D component of the client and server
deployment can be exploited to potentially execute arbitrary code.
2) An unspecified error in the 2D component of the client and server
deployment can be exploited to potentially execute arbitrary code.
3) An unspecified error in the AWT component of the client deployment
can be exploited to potentially execute arbitrary code.
4) An unspecified error in the AWT component of the client deployment
can be exploited to potentially execute arbitrary code.
5) An unspecified error in the AWT component of the client and server
deployment can be exploited to potentially execute arbitrary code.
6) An unspecified error in the CORBA component of the client
deployment can be exploited to potentially execute arbitrary code.
7) An unspecified error in the CORBA component of the client
deployment can be exploited to potentially execute arbitrary code.
8) An unspecified error in the CORBA component of the client
deployment can be exploited to potentially execute arbitrary code.
9) An unspecified error in the Deployment component of the client
deployment can be exploited to potentially execute arbitrary code.
10) An unspecified error in the Deployment component of the client
deployment can be exploited to potentially execute arbitrary code.
11) An unspecified error in the Deployment component of the client
deployment can be exploited to potentially execute arbitrary code.
12) An unspecified error in the JMX component of the client
deployment can be exploited to potentially execute arbitrary code.
13) An unspecified error in the JavaFX component of the client
deployment can be exploited to potentially execute arbitrary code.
14) An unspecified error in the Libraries component of the client
deployment can be exploited to potentially execute arbitrary code.
15) An unspecified error in the Libraries component of the client
deployment can be exploited to potentially execute arbitrary code.
16) An unspecified error in the Libraries component of the client
deployment can be exploited to potentially execute arbitrary code.
17) An unspecified error in the Scripting component of the client
deployment can be exploited to potentially execute arbitrary code.
18) An unspecified error in the Sound component of the client
deployment can be exploited to potentially execute arbitrary code.
19) An unspecified error in the Beans component of the client
deployment can be exploited to potentially execute arbitrary code.
20) An unspecified error in the CORBA component of the client
deployment can be exploited to potentially execute arbitrary code.
21) An unspecified error in the Deployment component of the client
deployment can be exploited to potentially execute arbitrary code.
22) An unspecified error in the Deployment component of the client
deployment can be exploited to potentially execute arbitrary code.
23) An unspecified error in the Deployment component of the client
deployment can be exploited to disclose and manipulate certain data
and cause a DoS.
24) An unspecified error in the Install component of the client
deployment can be exploited by a local user to gain escalated
privileges.
25) An unspecified error in the AWT component of the client
deployment can be exploited to disclose and manipulate certain data.
26) An unspecified error in the Deployment component of the client
deployment can be exploited to disclose certain data.
27) An unspecified error in the Deployment component of the client
deployment can be exploited to manipulate certain data.
28) An unspecified error in the JAX-WS component of the client
deployment can be exploited to disclose certain data.
29) An unspecified error in the JAXP component of the client
deployment can be exploited to disclose certain data.
30) An unspecified error in the JMX component of the client
deployment can be exploited to disclose certain data.
31) An unspecified error in the JMX component of the client
deployment can be exploited to disclose certain data.
32) An unspecified error in the Libraries component of the client
deployment can be exploited to manipulate certain data.
33) An unspecified error in the Libraries component of the client
deployment can be exploited to manipulate certain data.
34) An unspecified error in the Networking component of the client
deployment can be exploited to manipulate certain data.
35) An unspecified error in the RMI component of the client
deployment can be exploited to manipulate certain data.
36) An unspecified error in the JSSE component of the server
deployment can be exploited via SSL/TLS to cause a DoS.
37) An unspecified error in the Deployment component of the client
deployment can be exploited to disclose certain data.
38) An unspecified error in the JSSE component of the client
deployment can be exploited via SSL/TLS to disclose and manipulate
certain data.
The vulnerabilities are reported in the following products:
* JDK and JRE 7 Update 11 and earlier.
* JDK and JRE 6 Update 38 and earlier.
* JDK and JRE 5.0 Update 38 and earlier.
* SDK and JRE 1.4.2_40 and earlier.
SOLUTION:
Apply updates.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
One of the vulnerabilities is reported as a 0-day. It is currently
unclear who reported the remaining vulnerabilities as the Oracle Jave
SE Critical Patch Update for February 2013 only provides a bundled
list of credits. This section will be updated when/if the original
reporter provides more information.
ORIGINAL ADVISORY:
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-201711-0476
|
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.1; Safari prior to 11.0.1; Windows-based iCloud prior to 7.1; Windows-based iTunes prior to 12.7.1; tvOS prior to 11.1. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2017-0009
------------------------------------------------------------------------
Date reported : November 10, 2017
Advisory ID : WSA-2017-0009
Advisory URL : https://webkitgtk.org/security/WSA-2017-0009.html
CVE identifiers : CVE-2017-13783, CVE-2017-13784, CVE-2017-13785,
CVE-2017-13788, CVE-2017-13791, CVE-2017-13792,
CVE-2017-13793, CVE-2017-13794, CVE-2017-13795,
CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
CVE-2017-13803.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to xisigr of Tencent's Xuanwu Lab (tencent.com). Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanul Choi working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to chenqin (ee|) of Ant-financial Light-Year Security. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
November 10, 2017
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201712-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: December 14, 2017
Bugs: #637076
ID: 201712-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in WebKitGTK+, the worst
of which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.18.3 >= 2.18.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There are no known workarounds at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.18.3"
References
==========
[ 1 ] CVE-2017-13783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13783
[ 2 ] CVE-2017-13784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13784
[ 3 ] CVE-2017-13785
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13785
[ 4 ] CVE-2017-13788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13788
[ 5 ] CVE-2017-13791
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13791
[ 6 ] CVE-2017-13792
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13792
[ 7 ] CVE-2017-13793
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13793
[ 8 ] CVE-2017-13794
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13794
[ 9 ] CVE-2017-13795
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13795
[ 10 ] CVE-2017-13796
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13796
[ 11 ] CVE-2017-13798
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13798
[ 12 ] CVE-2017-13802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13802
[ 13 ] CVE-2017-13803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13803
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201712-01
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
===========================================================================
Ubuntu Security Notice USN-3481-1
November 16, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 17.04
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.17.10.1
Ubuntu 17.04:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.17.04.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.17.04.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3481-1
CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788,
CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794,
CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
CVE-2017-13803
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.17.04.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.16.04.1
--cAJSiv6PLl8jlntXfAr5kK8XnnPQvgKnJ--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-10-31-1 iOS 11.1
iOS 11.1 is now available and addresses the following:
CoreText
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to an
unexpected application termination
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2017-13849: Ro of SavSec
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13799: an anonymous researcher
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
access photos from the lock screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device. This issue was addressed with
improved state management.
CVE-2017-13844: Miguel Alvarado of iDeviceHelp INC
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2017-13805: Yiğit Can YILMAZ (@yilmazcanyigit)
StreamingZip
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious zip file may be able modify restricted areas of
the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L.
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Characters in a secure text field might be revealed
Description: The characters in a secure text field were revealed
during focus change events. This issue was addressed through improved
state management.
CVE-2017-7113: an anonymous researcher, Duraiamuthan Harikrishnan of
Tech Mahindra, Ricardo Sampayo of Bemo Ltd
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u7opHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbQiw//
bEkSQWlXTfpJ/9F2VKbMv+++td8sXozC3ICj9Ho+zhctxNY3MvIqXY8B4MrWB5+e
wgz1X/EQSCMItE2u20uISfApls/8/pBde6kKnca9rPGr7I2BKsuHTfCT3taSkhoj
EWMHEb64Se0hSiWKj99HJ80It9bDGSHz1cofpYDCNSMFBCiGWF2EbMgxUa55T5Vx
BtWZ91y2oU6gTsu4ZSR5NXG+Hi/vFYDnAFSr2/5Dgud4fl0tYk1KZ725g2YvXT7S
E3qV6shwcQtpf5ixm4G2cYalfiAmkYYjA/q2sgLClHDVXaPzahTS9ScMygKo4BsZ
RDboCM0q0ywPl+xnNJFuq2ZpZAfMefuXpcjTSxBDoNXliphzH2YOjk5YtHV47S+x
E8+b/bGDvBiKXJFo+yotJ07er0XtFPxfJKwgaYAi8VAfEXZrIv0uDQfYIZieMIRz
VznZvlaKXpA1Ms3R3rY2ukI9gdyPD0wk7r8zAGD0eTdl8E0bMI89UaSMWqDGf1Jm
9AWKOB7na2ElWNHeEMUAhReOL4jHqu/FLkRuoYVAiYKYUDWJGDlD79Yz8bTqnwtu
AWHqstzzcUVg1HXcwR5ngUDGFFOU2vVkqZRK6uwzCRzd/a7QQ/Lu+86GkfxPUB+p
9rtwIDGcTg0795ylrx8NLY/3BD8xcBMhfcZbpX5TF8s=
=qJV/
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/ |
|
var-202108-1141
|
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.1. A device may be passively tracked via BSSIDs. apple's macOS Exists in a fraudulent authentication vulnerability.Information may be obtained. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2021-12-15-1 iOS 15.2 and iPadOS 15.2
iOS 15.2 and iPadOS 15.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212976.
Audio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Parsing a maliciously crafted audio file may lead to
disclosure of user information
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2021-30960: JunDong Xie of Ant Security Light-Year Lab
CFNetwork Proxies
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: User traffic might unexpectedly be leaked to a proxy server
despite PAC configurations
Description: A logic issue was addressed with improved state
management.
CVE-2021-30966: Michal Rajcan of Jamf, Matt Vlasach of Jamf (Wandera)
ColorSync
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue in the processing of ICC
profiles was addressed with improved input validation.
CVE-2021-30926: Jeremy Brown
CVE-2021-30942: Mateusz Jurczyk of Google Project Zero
CoreAudio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2021-30957: JunDong Xie of Ant Security Light-Year Lab
CoreAudio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Playing a malicious audio file may lead to arbitrary code
execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-30958: JunDong Xie of Ant Security Light-Year Lab
Crash Reporter
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed with improved checks.
CVE-2021-30945: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)
of Tencent Security Xuanwu Lab (xlab.tencent.com)
FaceTime
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A user in a FaceTime call may unexpectedly leak sensitive
user information through Live Photos metadata
Description: This issue was addressed with improved handling of file
metadata.
CVE-2021-30992: Aaron Raimist
ImageIO
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30939: Rui Yang and Xingwei Lin of Ant Security Light-Year
Lab, Mickey Jin (@patch1t) of Trend Micro
IOMobileFrameBuffer
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A race condition was addressed with improved state
handling.
CVE-2021-30996: Saar Amar (@AmarSaar)
IOMobileFrameBuffer
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2021-30983: Pangu
IOMobileFrameBuffer
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-30985: Tielei Wang of Pangu Lab
IOMobileFrameBuffer
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30991: Tielei Wang of Pangu Lab
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2021-30937: Sergei Glazunov of Google Project Zero
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30927: Xinru Chi of Pangu Lab
CVE-2021-30980: Xinru Chi of Pangu Lab
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-30949: Ian Beer of Google Project Zero
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An attacker in a privileged network position may be able to
execute arbitrary code
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2021-30993: OSS-Fuzz, Ned Williamson of Google Project Zero
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A race condition was addressed with improved state
handling.
CVE-2021-30955: Zweig of Kunlun Lab
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-30971: Ye Zhang (@co0py_Cat) of Baidu Security
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted file may disclose user
information
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-30973: Ye Zhang (@co0py_Cat) of Baidu Security
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may disclose memory
contents
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-30929: Rui Yang and Xingwei Lin of Ant Security Light-Year
Lab
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2021-30979: Mickey Jin (@patch1t) of Trend Micro
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may disclose memory
contents
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2021-30940: Rui Yang and Xingwei Lin of Ant Security Light-Year
Lab
CVE-2021-30941: Rui Yang and Xingwei Lin of Ant Security Light-Year
Lab
NetworkExtension
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local attacker may be able to read sensitive information
Description: A permissions issue was addressed with improved
validation.
CVE-2021-30967: Denis Tokarev (@illusionofcha0s)
NetworkExtension
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to identify what other
applications a user has installed
Description: A permissions issue was addressed with improved
validation.
CVE-2021-30988: Denis Tokarev (@illusionofcha0s)
Notes
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed with improved permissions logic.
CVE-2021-30932: Kevin Böttcher
Password Manager
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A person with physical access to an iOS device may be able to
access stored passwords without authentication
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2021-30948: Patrick Glogner
Preferences
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to elevate privileges
Description: A race condition was addressed with improved state
handling.
CVE-2021-30995: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin
(@patch1t)
Sandbox
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to bypass certain Privacy
preferences
Description: A validation issue related to hard link behavior was
addressed with improved sandbox restrictions.
CVE-2021-30968: Csaba Fitzl (@theevilbit) of Offensive Security
Sandbox
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to bypass certain Privacy
preferences
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30946: @gorelics
Sandbox
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to access a user's files
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2021-30947: Csaba Fitzl (@theevilbit) of Offensive Security
TCC
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local user may be able to modify protected parts of the
file system
Description: A logic issue was addressed with improved state
management.
CVE-2021-30767: @gorelics
TCC
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to bypass Privacy
preferences
Description: An inherited permissions issue was addressed with
additional restrictions.
CVE-2021-30964: Andy Grant of Zoom Video Communications
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2021-30934: Dani Biro
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30936: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua
wingtecher lab
CVE-2021-30951: Pangu
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An integer overflow was addressed with improved input
validation.
CVE-2021-30952: WeBin
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A race condition was addressed with improved state
handling.
CVE-2021-30984: Kunlun Lab
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30953: VRIJ
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2021-30954: Kunlun Lab
Additional recognition
Bluetooth
We would like to acknowledge Haram Park, Korea University for their
assistance.
CloudKit
We would like to acknowledge Ryan Pickren (ryanpickren.com) for their
assistance.
ColorSync
We would like to acknowledge Mateusz Jurczyk of Google Project Zero
for their assistance.
Contacts
We would like to acknowledge Minchan Park (03stin) for their
assistance.
CoreText
We would like to acknowledge Yuto Sakata of Osaka Institute of
Technology, an anonymous researcher for their assistance.
Kernel
We would like to acknowledge Amit Klein of Bar-Ilan University's
Center for Research in Applied Cryptography and Cyber Security for
their assistance.
Model I/O
We would like to acknowledge Rui Yang and Xingwei Lin of Ant Security
Light-Year Lab for their assistance.
WebKit
We would like to acknowledge Peter Snyder of Brave and Soroush Karami
for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About
* The version after applying this update will be "15.2"
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmG6UlcACgkQeC9qKD1p
rhiG7Q//QAlwYO3POlhNzv+lp++7j1r5DklzW3HpKgiSZ/6BEIK3mrUlfL5uzLL6
Z802CRYyVw1cbZT789t9NX3Ai4XrLDAv2cSRdim7TEID4ElM3+bJP+UcSwsIO822
M093OFzR4VmYhMoKbWYb6VPxUl9kLqgrD/k7ps6qbZJJVlLHblS1xS/MEyh3go/G
pey2+qSOuEiuODaUWnUpEicfI3pCMDqoALJPqYNq6EOhDDcTc3XztOkIRBOY3AU3
VdqLn+FkTXn5WxGqUNDBOQEJzu0v5ZBw4H+7dz+SNvq0v7xWuLpPQm5WeDv4u3gy
9KBCu5YFDYaix4K4pA6N4oZ3D3A+ildx8D5PtfGK0gpRUbnsjf7fhvQwjG58TO7G
yoBKMFWCbyDvBqT6wNXYkb9CTNwxs3KzpRAVuww6+tFkBIVeg/2d5IK5d/oVQGNW
QbATKirLNYq5kHRNKtv506QGCazeEk7dhxlVB31fDavr4cmf533zrrlLNrIdYREA
y2yYuCOsQZTEC2R74ljTf4BJ9zDlaAE/NVFtvZrSNOpYfoJ7ps6VdSCS7Z/4+GvS
2cF8IIscQ24Ovlfd6YTP7V5jL3JYuI/4W4Wx7/FLFpHbAt0+2CcaVf+V6rQrlyLr
0WJNv9KTxKL9JbqJ04bMVu/qcxcRShGHKeSeBD804FlPjoaN9Vw=
=eZuK
-----END PGP SIGNATURE-----
.
CVE-2021-30987: Jason Meller, Fritz Ifert-Miller, and Joseph Sokol-
Margolis of Kolide
Archive Utility
Available for: macOS Monterey
Impact: A malicious application may bypass Gatekeeper checks
Description: A logic issue was addressed with improved state
management.
CVE-2021-30960: JunDong Xie of Ant Security Light-Year Lab
Bluetooth
Available for: macOS Monterey
Impact: A device may be passively tracked by its Bluetooth MAC
address
Description: A device configuration issue was addressed with an
updated configuration.
CVE-2021-30986: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc.
CVE-2021-30977: Jack Dates of RET2 Systems, Inc.
CVE-2021-30996: Saar Amar (@AmarSaar)
IOUSBHostFamily
Available for: macOS Monterey
Impact: A remote attacker may be able to cause unexpected application
termination or heap corruption
Description: A race condition was addressed with improved locking.
CVE-2021-30955: Zweig of Kunlun Lab
LaunchServices
Available for: macOS Monterey
Impact: A malicious application may bypass Gatekeeper checks
Description: A logic issue was addressed with improved state
management.
CVE-2021-30976: chenyuwang (@mzzzz__) and Kirin (@Pwnrin) of Tencent
Security Xuanwu Lab
LaunchServices
Available for: macOS Monterey
Impact: A malicious application may bypass Gatekeeper checks
Description: A logic issue was addressed with improved validation.
CVE-2021-30947: Csaba Fitzl (@theevilbit) of Offensive Security
Script Editor
Available for: macOS Monterey
Impact: A malicious OSAX scripting addition may bypass Gatekeeper
checks and circumvent sandbox restrictions
Description: This issue was addressed by disabling execution of
JavaScript when viewing a scripting dictionary.
CVE-2021-30954: Kunlun Lab
Wi-Fi
Available for: macOS Monterey
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: This issue was addressed with improved checks |
|
var-200609-0314
|
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file. Apple QuickTime fails to properly handle SGI images. Successful exploits may facilitate a remote compromise of affected computers. Apple QuickTime is a multimedia playback software developed by Apple (Apple). The software is capable of handling multiple sources such as digital video, media segments, and more.
McAfee, Inc. QuickTime is used by the Mac OS X operating system and
by the QuickTime media player for Microsoft Windows.
Seven code execution vulnerabilities are present in QuickTime support
for various multimedia formats including: MOV, H.264, FLC, FPX and SGI.
Exploitation could lead to execution of arbitrary code. User interaction
is required for an attack to succeed.
The risk rating for these issues is medium.
_________________________________________________
* Vulnerable Systems
QuickTime 7.1.2 and below for Mac OS X
QuickTime for Windows 7.1.2 and below
_________________________________________________
* Vulnerability Information
CVE-2006-4382
Two buffer overflow vulnerabilities are present in QuickTime MOV format
support.
CVE-2006-4384
On heap overflow vulnerability is present in QuickTime FLC format
support.
CVE-2006-4385
One buffer overflow vulnerability is present in QuickTime SGI format
support.
CVE-2006-4386
One buffer overflow vulnerability is present in QuickTime MOV H.264
format support.
CVE-2006-4388
One buffer overflow vulnerability is present in QuickTime FlashPix (FPX)
format support.
CVE-2006-4389
One uninitialized memory access vulnerability is present in QuickTime
FlashPix (FPX) format support.
_________________________________________________
* Resolution
Apple has included fixes for the QuickTime issues in QuickTime version
7.1.3 for Mac OS X and for Microsoft Windows.
Further information is available at:
http://docs.info.apple.com/article.html?artnum=304357
_________________________________________________
* Credits
These vulnerabilities were discovered by Mike Price of McAfee Avert
Labs.
_________________________________________________
* Legal Notice
Copyright (C) 2006 McAfee, Inc.
The information contained within this advisory is provided for the
convenience of McAfee's customers, and may be redistributed provided
that no fee is charged for distribution and that the advisory is not
modified in any way. McAfee makes no representations or warranties
regarding the accuracy of the information referenced in this document,
or the suitability of that information for your purposes.
McAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee,
Inc. and/or its affiliated companies in the United States and/or other
Countries. All other registered and unregistered trademarks in this
document are the sole property of their respective owners.
Best regards,
Dave Marcus, B.A., CCNA, MCSE
Security Research and Communications Manager
McAfee(r) Avert(r) Labs
.
I. Since QuickTime configures most web browsers to
handle QuickTime media files, an attacker could exploit these
vulnerabilities using a web page.
Note that QuickTime ships with Apple iTunes.
For more information, please refer to the Vulnerability Notes.
II. For further information, please see
the Vulnerability Notes.
III. Solution
Upgrade QuickTime
Upgrade to QuickTime 7.1.3.
Disable QuickTime in your web browser
An attacker may be able to exploit this vulnerability by persuading
a user to access a specially crafted file with a web
browser. Disabling QuickTime in your web browser will defend
against this attack vector. For more information, refer to the
Securing Your Web Browser document. Please send
email to <cert@cert.org> with "TA06-256A Feedback VU#540348" in the
subject.
____________________________________________________________________
Produced 2006 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
September 13, 2006: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRQg23exOF3G+ig+rAQK7LggAt0RUIz3jewgQYrRYp9bMDBkS61Bvh2OO
8Gp2H472UXA0ucElK/1hAXtPXU2Pmf/EjrCqSImO+srV4i0x5QIFJDo41HtbDo9s
FzQC/rmJ3YWl15L+uIjG0S1wxWwH5GyzQj4xaZCMdNLYEN7LVe31ETDsXJ3kEMMa
m19M4GLOXAFfmjyGgky4Nux0RJU1UE/0w9pZESOXg+7WXFY8skOZ8YfqBvunjqtE
pZa3LWoOcDtP/ORoEn7GY83v/uQqkX8uoAxwe9nuGXbyssvj7BQxDPvnwSWrXzUG
R59/r1NA4i/EtYNV1ONW2Pntqc5/vv0OGcs1JFM9tazV3aRbgHfCVg==
=nQVd
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Win32 binary codecs: Multiple vulnerabilities
Date: March 04, 2008
Bugs: #150288
ID: 200803-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities in the Win32 codecs for Linux may result in
the remote execution of arbitrary code.
Background
==========
Win32 binary codecs provide support for video and audio playback.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Win32 binary codecs users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
">=media-libs/win32codecs-20071007-r2"
Note: Since no updated binary versions have been released, the
Quicktime libraries have been removed from the package. Please use the
free alternative Quicktime implementations within VLC, MPlayer or Xine
for playback.
References
==========
[ 1 ] CVE-2006-4382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382
[ 2 ] CVE-2006-4384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384
[ 3 ] CVE-2006-4385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385
[ 4 ] CVE-2006-4386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386
[ 5 ] CVE-2006-4388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388
[ 6 ] CVE-2006-4389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389
[ 7 ] CVE-2007-4674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674
[ 8 ] CVE-2007-6166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-08.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.
License
=======
Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
|
var-202005-0222
|
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. SQLite Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. SQLite is an open source embedded relational database management system based on C language developed by American D.Richard Hipp software developer. The system has the characteristics of independence, isolation and cross-platform. A resource management error vulnerability exists in the 'snippet()' function of the ext/fts3/fts3.c file in versions prior to SQLite 3.32.0. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update
Advisory ID: RHSA-2020:5605-01
Product: Red Hat OpenShift Container Storage
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5605
Issue date: 2020-12-17
CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461
CVE-2018-14462 CVE-2018-14463 CVE-2018-14464
CVE-2018-14465 CVE-2018-14466 CVE-2018-14467
CVE-2018-14468 CVE-2018-14469 CVE-2018-14470
CVE-2018-14879 CVE-2018-14880 CVE-2018-14881
CVE-2018-14882 CVE-2018-16227 CVE-2018-16228
CVE-2018-16229 CVE-2018-16230 CVE-2018-16300
CVE-2018-16451 CVE-2018-16452 CVE-2018-20843
CVE-2019-1551 CVE-2019-5018 CVE-2019-8625
CVE-2019-8710 CVE-2019-8720 CVE-2019-8743
CVE-2019-8764 CVE-2019-8766 CVE-2019-8769
CVE-2019-8771 CVE-2019-8782 CVE-2019-8783
CVE-2019-8808 CVE-2019-8811 CVE-2019-8812
CVE-2019-8813 CVE-2019-8814 CVE-2019-8815
CVE-2019-8816 CVE-2019-8819 CVE-2019-8820
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11068 CVE-2019-13050
CVE-2019-13627 CVE-2019-14889 CVE-2019-15165
CVE-2019-15166 CVE-2019-15903 CVE-2019-16168
CVE-2019-16935 CVE-2019-18197 CVE-2019-18609
CVE-2019-19221 CVE-2019-19906 CVE-2019-19956
CVE-2019-20218 CVE-2019-20387 CVE-2019-20388
CVE-2019-20454 CVE-2019-20807 CVE-2019-20907
CVE-2019-20916 CVE-2020-1730 CVE-2020-1751
CVE-2020-1752 CVE-2020-3862 CVE-2020-3864
CVE-2020-3865 CVE-2020-3867 CVE-2020-3868
CVE-2020-3885 CVE-2020-3894 CVE-2020-3895
CVE-2020-3897 CVE-2020-3899 CVE-2020-3900
CVE-2020-3901 CVE-2020-3902 CVE-2020-6405
CVE-2020-7595 CVE-2020-7720 CVE-2020-8177
CVE-2020-8237 CVE-2020-8492 CVE-2020-9327
CVE-2020-9802 CVE-2020-9803 CVE-2020-9805
CVE-2020-9806 CVE-2020-9807 CVE-2020-9843
CVE-2020-9850 CVE-2020-9862 CVE-2020-9893
CVE-2020-9894 CVE-2020-9895 CVE-2020-9915
CVE-2020-9925 CVE-2020-10018 CVE-2020-10029
CVE-2020-11793 CVE-2020-13630 CVE-2020-13631
CVE-2020-13632 CVE-2020-14019 CVE-2020-14040
CVE-2020-14382 CVE-2020-14391 CVE-2020-14422
CVE-2020-15503 CVE-2020-15586 CVE-2020-16845
CVE-2020-25660
=====================================================================
1. Summary:
Updated images are now available for Red Hat OpenShift Container Storage
4.6.0 on Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section. Description:
Red Hat OpenShift Container Storage is software-defined storage integrated
with and optimized for the Red Hat OpenShift Container Platform. Red Hat
OpenShift Container Storage is a highly scalable, production-grade
persistent storage for stateful applications running in the Red Hat
OpenShift Container Platform. In addition to persistent storage, Red Hat
OpenShift Container Storage provisions a multicloud data management service
with an S3 compatible API.
These updated images include numerous security fixes, bug fixes, and
enhancements.
Security Fix(es):
* nodejs-node-forge: prototype pollution via the util.setPath function
(CVE-2020-7720)
* nodejs-json-bigint: Prototype pollution via `__proto__` assignment could
result in DoS (CVE-2020-8237)
* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)
* golang: data race in certain net/http servers including ReverseProxy can
lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes
from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Users are directed to the Red Hat OpenShift Container Storage Release Notes
for information on the most significant of these changes:
https://access.redhat.com/documentation/en-us/red_hat_openshift_container_s
torage/4.6/html/4.6_release_notes/index
All Red Hat OpenShift Container Storage users are advised to upgrade to
these updated images. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
4. Bugs fixed (https://bugzilla.redhat.com/):
1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume
1813506 - Dockerfile not compatible with docker and buildah
1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup
1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement
1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance
1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https)
1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node.
1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default
1842254 - [NooBaa] Compression stats do not add up when compression id disabled
1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster
1849771 - [RFE] Account created by OBC should have same permissions as bucket owner
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot
1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume
1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount
1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params)
1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14)
1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage
1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards
1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found
1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining
1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script
1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases.
1865938 - CSIDrivers missing in OCS 4.6
1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found)
1868703 - [rbd] After volume expansion, the new size is not reflected on the pod
1869411 - capture full crash information from ceph
1870061 - [RHEL][IBM] OCS un-install should make the devices raw
1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn't find key admin-secret)
1870631 - OCS 4.6 Deployment : RGW pods went into 'CrashLoopBackOff' state on Z Platform
1872119 - Updates don't work on StorageClass which will keep PV expansion disabled for upgraded cluster
1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store
1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError
1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function
1875476 - Change noobaa logo in the noobaa UI
1877339 - Incorrect use of logr
1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect
1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory
1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket
1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW
1879008 - ocs-osd-removal job fails because it can't find admin-secret in rook-ceph-mon secret
1879072 - Deployment with encryption at rest is failing to bring up OSD pods
1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1880255 - Collect rbd info and subvolume info and snapshot info command output
1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS
1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1882397 - MCG decompression problem with snappy on s390x arch
1883253 - CSV doesn't contain values required for UI to enable minimal deployment and cluster encryption
1883398 - Update csi sidecar containers in rook
1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash
1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6
1883927 - Deployment with encryption at rest is failing to bring up OSD pods
1885175 - Handle disappeared underlying device for encrypted OSD
1885428 - panic seen in rook-ceph during uninstall - "close of closed channel"
1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall
1885971 - ocs-storagecluster-cephobjectstore doesn't report true state of RGW
1886308 - Default VolumeSnapshot Classes not created in External Mode
1886348 - osd removal job failed with status "Error"
1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB)
1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6
1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall
1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, "failed to delete object store", remaining users: [noobaa-ceph-objectstore-user]
1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state
1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script
1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash
1889441 - Traceback error message while running OCS 4.6 must-gather
1889683 - [GSS] Noobaa Problem when setting public access to a bucket
1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster
1890183 - [External] ocs-operator logs are filled with "failed to reconcile metrics exporter"
1890638 - must-gather helper pod should be deleted after collecting ceph crash info
1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port
1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint
1892206 - [GSS] Ceph image/version mismatch
1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test
1893624 - Must Gather is not collecting the tar file from NooBaa diagnose
1893691 - OCS4.6 must_gather failes to complete in 600sec
1893714 - Bad response for upload an object with encryption
1895402 - Mon pods didn't get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6
1896298 - [RFE] Monitoring for Namespace buckets and resources
1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs
1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC
1902627 - must-gather should wait for debug pods to be in ready state
1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6
5. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2020-12-14-4 Additional information for
APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1
macOS Big Sur 11.0.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT211931.
AMD
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-27914: Yu Wang of Didi Research America
CVE-2020-27915: Yu Wang of Didi Research America
Entry added December 14, 2020
App Store
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to gain elevated privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2020-27903: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
Audio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-27910: JunDong Xie and XingWei Lin of Ant Security Light-
Year Lab
Audio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27916: JunDong Xie of Ant Security Light-Year Lab
Audio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9943: JunDong Xie of Ant Group Light-Year Security Lab
Audio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9944: JunDong Xie of Ant Group Light-Year Security Lab
Bluetooth
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause unexpected application
termination or heap corruption
Description: Multiple integer overflows were addressed with improved
input validation.
CVE-2020-27906: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
CoreAudio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-27908: JunDong Xie and XingWei Lin of Ant Security Light-
Year Lab
CVE-2020-27909: Anonymous working with Trend Micro Zero Day
Initiative, JunDong Xie and XingWei Lin of Ant Security Light-Year
Lab
CVE-2020-9960: JunDong Xie and XingWei Lin of Ant Security Light-Year
Lab
Entry added December 14, 2020
CoreAudio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-10017: Francis working with Trend Micro Zero Day Initiative,
JunDong Xie of Ant Security Light-Year Lab
CoreCapture
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9949: Proteas
CoreGraphics
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro
Crash Reporter
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local attacker may be able to elevate their privileges
Description: An issue existed within the path validation logic for
symlinks. This issue was addressed with improved path sanitization.
CVE-2020-10003: Tim Michaud (@TimGMichaud) of Leviathan
CoreText
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2020-27922: Mickey Jin of Trend Micro
Entry added December 14, 2020
CoreText
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-9999: Apple
Entry updated December 14, 2020
Disk Images
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9965: Proteas
CVE-2020-9966: Proteas
Finder
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Users may be unable to remove metadata indicating where files
were downloaded from
Description: The issue was addressed with additional user controls.
CVE-2020-27894: Manuel Trezza of Shuggr (shuggr.com)
FontParser
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A buffer overflow was addressed with improved size
validation.
CVE-2020-9962: Yiğit Can YILMAZ (@yilmazcanyigit)
Entry added December 14, 2020
FontParser
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27952: an anonymous researcher, Mickey Jin and Junzhi Lu of
Trend Micro
Entry added December 14, 2020
FontParser
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9956: Mickey Jin and Junzhi Lu of Trend Micro Mobile
Security Research Team working with Trend Micro’s Zero Day Initiative
Entry added December 14, 2020
FontParser
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue existed in the processing of
font files. This issue was addressed with improved input validation.
CVE-2020-27931: Apple
Entry added December 14, 2020
FontParser
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted font may lead to arbitrary
code execution. Apple is aware of reports that an exploit for this
issue exists in the wild.
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-27930: Google Project Zero
FontParser
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-27927: Xingwei Lin of Ant Security Light-Year Lab
Foundation
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local user may be able to read arbitrary files
Description: A logic issue was addressed with improved state
management.
CVE-2020-10002: James Hutchins
HomeKit
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An attacker in a privileged network position may be able to
unexpectedly alter application state
Description: This issue was addressed with improved setting
propagation.
CVE-2020-9978: Luyi Xing, Dongfang Zhao, and Xiaofeng Wang of Indiana
University Bloomington, Yan Jia of Xidian University and University
of Chinese Academy of Sciences, and Bin Yuan of HuaZhong University
of Science and Technology
Entry added December 14, 2020
ImageIO
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9955: Mickey Jin of Trend Micro, Xingwei Lin of Ant Security
Light-Year Lab
Entry added December 14, 2020
ImageIO
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-27924: Lei Sun
Entry added December 14, 2020
ImageIO
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27912: Xingwei Lin of Ant Security Light-Year Lab
CVE-2020-27923: Lei Sun
Entry updated December 14, 2020
ImageIO
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9876: Mickey Jin of Trend Micro
Intel Graphics Driver
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-10015: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
CVE-2020-27897: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc.,
and Luyi Xing of Indiana University Bloomington
Entry added December 14, 2020
Intel Graphics Driver
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-27907: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
Entry added December 14, 2020
Image Processing
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27919: Hou JingYi (@hjy79425575) of Qihoo 360 CERT, Xingwei
Lin of Ant Security Light-Year Lab
Entry added December 14, 2020
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2020-9967: Alex Plaskett (@alexjplaskett)
Entry added December 14, 2020
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9975: Tielei Wang of Pangu Lab
Entry added December 14, 2020
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed with improved state
handling.
CVE-2020-27921: Linus Henze (pinauten.de)
Entry added December 14, 2020
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A logic issue existed resulting in memory corruption.
This was addressed with improved state management.
CVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqong
Security Lab
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An attacker in a privileged network position may be able to
inject into active connections within a VPN tunnel
Description: A routing issue was addressed with improved
restrictions.
CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R.
Crandall
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to disclose kernel
memory. Apple is aware of reports that an exploit for this issue
exists in the wild.
Description: A memory initialization issue was addressed.
CVE-2020-27950: Google Project Zero
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved state
management.
CVE-2020-9974: Tommy Muir (@Muirey03)
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-10016: Alex Helie
Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges. Apple is aware of reports that an exploit for
this issue exists in the wild.
Description: A type confusion issue was addressed with improved state
handling.
CVE-2020-27932: Google Project Zero
libxml2
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-27917: found by OSS-Fuzz
CVE-2020-27920: found by OSS-Fuzz
Entry updated December 14, 2020
libxml2
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An integer overflow was addressed through improved input
validation.
CVE-2020-27911: found by OSS-Fuzz
libxpc
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved validation.
CVE-2020-9971: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
Entry added December 14, 2020
libxpc
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to break out of its
sandbox
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2020-10014: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
Logging
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local attacker may be able to elevate their privileges
Description: A path handling issue was addressed with improved
validation.
CVE-2020-10010: Tommy Muir (@Muirey03)
Mail
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to unexpectedly alter
application state
Description: This issue was addressed with improved checks.
CVE-2020-9941: Fabian Ising of FH Münster University of Applied
Sciences and Damian Poddebniak of FH Münster University of Applied
Sciences
Messages
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local user may be able to discover a user’s deleted
messages
Description: The issue was addressed with improved deletion.
CVE-2020-9988: William Breuer of the Netherlands
CVE-2020-9989: von Brunn Media
Model I/O
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-10011: Aleksandar Nikolic of Cisco Talos
Entry added December 14, 2020
Model I/O
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-13524: Aleksandar Nikolic of Cisco Talos
Model I/O
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Opening a maliciously crafted file may lead to unexpected
application termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2020-10004: Aleksandar Nikolic of Cisco Talos
NetworkExtension
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to elevate privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9996: Zhiwei Yuan of Trend Micro iCore Team, Junzhi Lu and
Mickey Jin of Trend Micro
NSRemoteView
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved restrictions.
CVE-2020-27901: Thijs Alkemade of Computest Research Division
Entry added December 14, 2020
NSRemoteView
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to preview files it does
not have access to
Description: An issue existed in the handling of snapshots. The issue
was resolved with improved permissions logic.
CVE-2020-27900: Thijs Alkemade of Computest Research Division
PCRE
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Multiple issues in pcre
Description: Multiple issues were addressed by updating to version
8.44.
CVE-2019-20838
CVE-2020-14155
Power Management
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved state
management.
CVE-2020-10007: singi@theori working with Trend Micro Zero Day
Initiative
python
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Cookies belonging to one origin may be sent to another origin
Description: Multiple issues were addressed with improved logic.
CVE-2020-27896: an anonymous researcher
Quick Look
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious app may be able to determine the existence of
files on the computer
Description: The issue was addressed with improved handling of icon
caches.
CVE-2020-9963: Csaba Fitzl (@theevilbit) of Offensive Security
Quick Look
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted document may lead to a cross
site scripting attack
Description: An access issue was addressed with improved access
restrictions.
CVE-2020-10012: Heige of KnownSec 404 Team
(https://www.knownsec.com/) and Bo Qu of Palo Alto Networks
(https://www.paloaltonetworks.com/)
Ruby
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to modify the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2020-27896: an anonymous researcher
Ruby
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: When parsing certain JSON documents, the json gem can be
coerced into creating arbitrary objects in the target system
Description: This issue was addressed with improved checks.
CVE-2020-10663: Jeremy Evans
Safari
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs. This
issue was addressed with improved input validation.
CVE-2020-9945: Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India)
@imnarendrabhati
Safari
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to determine a user's
open tabs in Safari
Description: A validation issue existed in the entitlement
verification. This issue was addressed with improved validation of
the process entitlement.
CVE-2020-9977: Josh Parnham (@joshparnham)
Safari
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2020-9942: an anonymous researcher, Rahul d Kankrale
(servicenger.com), Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter, Ruilin Yang of Tencent Security Xuanwu Lab, YoKo Kho
(@YoKoAcc) of PT Telekomunikasi Indonesia (Persero) Tbk, Zhiyang
Zeng(@Wester) of OPPO ZIWU Security Lab
Sandbox
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local user may be able to view senstive user information
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2020-9969: Wojciech Reguła of SecuRing (wojciechregula.blog)
SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-9991
SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to leak memory
Description: An information disclosure issue was addressed with
improved state management.
CVE-2020-9849
SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Multiple issues in SQLite
Description: Multiple issues were addressed by updating SQLite to
version 3.32.3.
CVE-2020-15358
SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A maliciously crafted SQL query may lead to data corruption
Description: This issue was addressed with improved checks.
CVE-2020-13631
SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-13434
CVE-2020-13435
CVE-2020-9991
SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-13630
Symptom Framework
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local attacker may be able to elevate their privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-27899: 08Tc3wBB working with ZecOps
Entry added December 14, 2020
System Preferences
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved state
management.
CVE-2020-10009: Thijs Alkemade of Computest Research Division
TCC
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application with root privileges may be able to
access private information
Description: A logic issue was addressed with improved restrictions.
CVE-2020-10008: Wojciech Reguła of SecuRing (wojciechregula.blog)
Entry added December 14, 2020
WebKit
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-27918: Liu Long of Ant Security Light-Year Lab
Entry updated December 14, 2020
Wi-Fi
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An attacker may be able to bypass Managed Frame Protection
Description: A denial of service issue was addressed with improved
state handling.
CVE-2020-27898: Stephan Marais of University of Johannesburg
Xsan
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to access restricted
files
Description: This issue was addressed with improved entitlements.
CVE-2020-10006: Wojciech Reguła (@_r3ggi) of SecuRing
Additional recognition
802.1X
We would like to acknowledge Kenana Dalle of Hamad bin Khalifa
University and Ryan Riley of Carnegie Mellon University in Qatar for
their assistance.
Entry added December 14, 2020
Audio
We would like to acknowledge JunDong Xie and XingWei Lin of Ant-
financial Light-Year Security Lab, an anonymous researcher for their
assistance.
Bluetooth
We would like to acknowledge Andy Davis of NCC Group, Dennis Heinze
(@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
Entry updated December 14, 2020
Clang
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Core Location
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Crash Reporter
We would like to acknowledge Artur Byszko of AFINE for their
assistance.
Entry added December 14, 2020
Directory Utility
We would like to acknowledge Wojciech Reguła (@_r3ggi) of SecuRing
for their assistance.
iAP
We would like to acknowledge Andy Davis of NCC Group for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero,
Stephen Röttger of Google for their assistance.
libxml2
We would like to acknowledge an anonymous researcher for their
assistance.
Entry added December 14, 2020
Login Window
We would like to acknowledge Rob Morton of Leidos for their
assistance.
Photos Storage
We would like to acknowledge Paulos Yibelo of LimeHats for their
assistance.
Quick Look
We would like to acknowledge Csaba Fitzl (@theevilbit) and Wojciech
Reguła of SecuRing (wojciechregula.blog) for their assistance.
Safari
We would like to acknowledge Gabriel Corona and Narendra Bhati From
Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati for their
assistance.
Security
We would like to acknowledge Christian Starkjohann of Objective
Development Software GmbH for their assistance.
System Preferences
We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive
Security for their assistance.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl/YDPwACgkQZcsbuWJ6
jjANmhAAoj+ZHNnH2pGDFl2/jrAtvWBtXg8mqw6NtNbGqWDZFhnY5q7Lp8WTx/Pi
x64A4F8bU5xcybnmaDpK5PMwAAIiAg4g1BhpOq3pGyeHEasNx7D9damfqFGKiivS
p8nl62XE74ayfxdZGa+2tOVFTFwqixfr0aALVoQUhAWNeYuvVSgJXlgdGjj+QSL+
9vW86kbQypOqT5TPDg6tpJy3g5s4hotkfzCfxA9mIKOg5e/nnoRNhw0c1dzfeTRO
INzGxnajKGGYy2C3MH6t0cKG0B6cH7aePZCHYJ1jmuAVd0SD3PfmoT76DeRGC4Ri
c8fGD+5pvSF6/+5E+MbH3t3D6bLiCGRFJtYNMpr46gUKKt27EonSiheYCP9xR6lU
ChpYdcgHMOHX4a07/Oo8vEwQrtJ4JryhI9tfBel1ewdSoxk2iCFKzLLYkDMihD6B
1x/9MlaqEpLYBnuKkrRzFINW23TzFPTI/+i2SbUscRQtK0qE7Up5C+IUkRvBGhEs
MuEmEnn5spnVG2EBcKeLtJxtf/h5WaRFrev72EvSVR+Ko8Cj0MgK6IATu6saq8bV
kURL5empvpexFAvVQWRDaLgGBHKM+uArBz2OP6t7wFvD2p1Vq5M+dMrEPna1JO/S
AXZYC9Y9bBRZfYQAv7nxa+uIXy2rGTuQKQY8ldu4eEHtJ0OhaB8=
=T5Y8
-----END PGP SIGNATURE-----
.
Bug Fix(es):
* Configuring the system with non-RT kernel will hang the system
(BZ#1923220)
3. Solution:
For OpenShift Container Platform 4.7 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel
ease-notes.html
4. Bugs fixed (https://bugzilla.redhat.com/):
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
5. JIRA issues fixed (https://issues.jboss.org/):
CNF-802 - Infrastructure-provided enablement/disablement of interrupt processing for guaranteed pod CPUs
CNF-854 - Performance tests in CNF Tests
6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202007-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: SQLite: Multiple vulnerabilities
Date: July 27, 2020
Bugs: #716748
ID: 202007-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in SQLite, the worst of which
could result in the arbitrary execution of code.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/sqlite < 3.32.3 >= 3.32.3
Description
==========
Multiple vulnerabilities have been discovered in SQLite. Please review
the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All SQLite users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">\xdev-db/sqlite-3.32.3"
References
=========
[ 1 ] CVE-2019-20218
https://nvd.nist.gov/vuln/detail/CVE-2019-20218
[ 2 ] CVE-2020-11655
https://nvd.nist.gov/vuln/detail/CVE-2020-11655
[ 3 ] CVE-2020-11656
https://nvd.nist.gov/vuln/detail/CVE-2020-11656
[ 4 ] CVE-2020-13434
https://nvd.nist.gov/vuln/detail/CVE-2020-13434
[ 5 ] CVE-2020-13435
https://nvd.nist.gov/vuln/detail/CVE-2020-13435
[ 6 ] CVE-2020-13630
https://nvd.nist.gov/vuln/detail/CVE-2020-13630
[ 7 ] CVE-2020-13631
https://nvd.nist.gov/vuln/detail/CVE-2020-13631
[ 8 ] CVE-2020-13632
https://nvd.nist.gov/vuln/detail/CVE-2020-13632
[ 9 ] CVE-2020-13871
https://nvd.nist.gov/vuln/detail/CVE-2020-13871
[ 10 ] CVE-2020-15358
https://nvd.nist.gov/vuln/detail/CVE-2020-15358
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-26
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
.
Assets
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker may be able to misuse a trust relationship to
download malicious content
Description: A trust issue was addressed by removing a legacy API.
CVE-2020-9976: Rias A.
Entry added November 12, 2020
Installation note:
Apple TV will periodically check for software updates. ==========================================================================
Ubuntu Security Notice USN-4394-1
June 10, 2020
sqlite3 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 19.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in SQLite.
Software Description:
- sqlite3: C library that implements an SQL database engine
Details:
It was discovered that SQLite incorrectly handled certain corruped schemas.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740)
It was discovered that SQLite incorrectly handled certain SELECT
statements. An attacker could possibly use this issue to cause a denial of
service. (CVE-2019-19603)
It was discovered that SQLite incorrectly handled certain self-referential
views. An attacker could possibly use this issue to cause a denial of
service. (CVE-2019-19645)
Henry Liu discovered that SQLite incorrectly handled certain malformed
window-function queries. An attacker could possibly use this issue to cause
a denial of service. This issue only affected Ubuntu 19.10 and Ubuntu 20.04
LTS. (CVE-2020-11655)
It was discovered that SQLite incorrectly handled certain string
operations. An attacker could use this issue to cause SQLite to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2020-13434)
It was discovered that SQLite incorrectly handled certain expressions. An
attacker could use this issue to cause SQLite to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13435)
It was discovered that SQLite incorrectly handled certain fts3 queries. An
attacker could use this issue to cause SQLite to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2020-13630)
It was discovered that SQLite incorrectly handled certain virtual table
names. An attacker could possibly use this issue to cause a denial of
service. This issue was only addressed in Ubuntu 19.10 and Ubuntu 20.04
LTS. (CVE-2020-13631)
It was discovered that SQLite incorrectly handled certain fts3 queries. An
attacker could use this issue to cause SQLite to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2020-13632)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
libsqlite3-0 3.31.1-4ubuntu0.1
sqlite3 3.31.1-4ubuntu0.1
Ubuntu 19.10:
libsqlite3-0 3.29.0-2ubuntu0.3
sqlite3 3.29.0-2ubuntu0.3
Ubuntu 18.04 LTS:
libsqlite3-0 3.22.0-1ubuntu0.4
sqlite3 3.22.0-1ubuntu0.4
Ubuntu 16.04 LTS:
libsqlite3-0 3.11.0-1ubuntu1.5
sqlite3 3.11.0-1ubuntu1.5
In general, a standard system update will make all the necessary changes |
|
var-202006-1653
|
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple iPadOS is an operating system for iPad tablets. WebKit is one of the web browser engine components. An attacker can exploit this vulnerability by using a specially crafted URL to execute scripts in the user's browser. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202007-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: July 26, 2020
Bugs: #732104
ID: 202007-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which could result in the arbitrary execution of code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.28.3 >= 2.28.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Impact
======
Please review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.28.3"
References
==========
[ 1 ] CVE-2020-13753
https://nvd.nist.gov/vuln/detail/CVE-2020-13753
[ 2 ] CVE-2020-9802
https://nvd.nist.gov/vuln/detail/CVE-2020-9802
[ 3 ] CVE-2020-9803
https://nvd.nist.gov/vuln/detail/CVE-2020-9803
[ 4 ] CVE-2020-9805
https://nvd.nist.gov/vuln/detail/CVE-2020-9805
[ 5 ] CVE-2020-9806
https://nvd.nist.gov/vuln/detail/CVE-2020-9806
[ 6 ] CVE-2020-9807
https://nvd.nist.gov/vuln/detail/CVE-2020-9807
[ 7 ] CVE-2020-9843
https://nvd.nist.gov/vuln/detail/CVE-2020-9843
[ 8 ] CVE-2020-9850
https://nvd.nist.gov/vuln/detail/CVE-2020-9850
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-11
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5
iOS 13.5 and iPadOS 13.5 address the following:
Accounts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt
AirDrop
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2020-9826: Dor Hadad of Palo Alto Networks
AppleMobileFileIntegrity
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to use arbitrary entitlements
Description: This issue was addressed with improved checks.
CVE-2020-9842: Linus Henze (pinauten.de)
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero
Day Initiative
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero
Day Initiative
Bluetooth
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An issue existed with the use of a PRNG with low
entropy.
CVE-2020-6616: Jörn Tillmanns (@matedealer) and Jiska Classen
(@naehrdine) of Secure Mobile Networking Lab
Bluetooth
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9838: Dennis Heinze (@ttdennis) of TU Darmstadt, Secure
Mobile Networking Lab
CoreText
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted text message may lead to
application denial of service
Description: A validation issue was addressed with improved input
sanitization.
CVE-2020-9829: Aaron Perris (@aaronp613), an anonymous researcher, an
anonymous researcher, Carlos S Tech, Sam Menzies of Sam’s Lounge,
Sufiyan Gouri of Lovely Professional University, India, Suleman Hasan
Rathor of Arabic-Classroom.com
FaceTime
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A user’s video may not be paused in a FaceTime call if they
exit the FaceTime app while the call is ringing
Description: An issue existed in the pausing of FaceTime video.
CVE-2020-9835: Olivier Levesque (@olilevesque)
File System
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to modify the file system
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9820: Thijs Alkemade of Computest
FontParser
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend
Micro Zero Day Initiative
ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3878: Samuel Groß of Google Project Zero
ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9789: Wenchao Li of VARAS@IIE
CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab
IPSec
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9837: Thijs Alkemade of Computest
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to determine another
application's memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2020-9797: an anonymous researcher
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: An integer overflow was addressed through improved input
validation.
CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to cause unexpected system
termination or write kernel memory
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to read kernel memory
Description: An information disclosure issue was addressed with
improved state management.
CVE-2020-9811: Tielei Wang of Pangu Lab
CVE-2020-9812: Derrek (@derrekr6)
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A logic issue existed resulting in memory corruption.
CVE-2020-9813: Xinru Chi of Pangu Lab
CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to determine kernel
memory layout
Description: An information disclosure issue was addressed with
improved state management.
CVE-2020-9809: Benjamin Randazzo (@____benjamin)
Mail
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted mail message may lead to
heap corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2020-9819: ZecOps.com
Mail
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted mail message may lead to
unexpected memory modification or application termination
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9818: ZecOps.com
Messages
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Users removed from an iMessage conversation may still be able
to alter state
Description: This issue was addressed with improved checks.
CVE-2020-9823: Suryansh Mansharamani, student of Community Middle
School, Plainsboro, New
Jersey
Notifications
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A person with physical access to an iOS device may be able to
view notification contents from the lockscreen
Description: An authorization issue was addressed with improved state
management.
CVE-2020-9848: Nima
Python
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-9793
Sandbox
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to bypass Privacy
preferences
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0)
SQLite
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may cause a denial of service or
potentially disclose memory contents
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9794
System Preferences
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with improved state
handling.
CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of
@SSLab_Gatech working with Trend Micro’s Zero Day Initiative
USB Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A USB device may be able to cause a denial of service
Description: A validation issue was addressed with improved input
sanitization.
CVE-2020-9792: Andy Davis of NCC Group
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9805: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9802: Samuel Groß of Google Project Zero
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9850: @jinmo123, @setuid0x0_, and @insu_yun_en of
@SSLab_Gatech working with Trend Micro’s Zero Day Initiative
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: An input validation issue was addressed with improved
input validation.
CVE-2020-9843: Ryan Pickren (ryanpickren.com)
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2020-9803: Wen Xu of SSLab at Georgia Tech
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-9806: Wen Xu of SSLab at Georgia Tech
CVE-2020-9807: Wen Xu of SSLab at Georgia Tech
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2020-9800: Brendan Draper (@6r3nd4n) working with Trend Micro
Zero Day Initiative
WebRTC
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An access issue was addressed with improved memory
management.
CVE-2019-20503: Natalie Silvanovich of Google Project Zero
Wi-Fi
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: A double free issue was addressed with improved memory
management.
CVE-2020-9844: Ian Beer of Google Project Zero
zsh
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local attacker may be able to elevate their privileges
Description: An authorization issue was addressed with improved state
management.
CVE-2019-20044: Sam Foxman
Additional recognition
Bluetooth
We would like to acknowledge Maximilian von Tschitschnitz of
Technical University Munich and Ludwig Peuckert of Technical
University Munich for their assistance.
CoreText
We would like to acknowledge Jiska Classen (@naehrdine) and Dennis
Heinze (@ttdennis) of Secure Mobile Networking Lab for their
assistance.
Device Analytics
We would like to acknowledge Mohamed Ghannam (@_simo36) for their
assistance.
ImageIO
We would like to acknowledge Lei Sun for their assistance.
IOHIDFamily
We would like to acknowledge Andy Davis of NCC Group for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Safari
We would like to acknowledge Jeffball of GRIMM and Luke Walker of
Manchester Metropolitan University for their assistance.
WebKit
We would like to acknowledge Aidan Dunlap of UT Austin for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.5 and iPadOS 13.5".
-----BEGIN PGP SIGNATURE-----
Version: BCPG v1.64
iQIcBAEDCAAGBQJezV7MAAoJEAc+Lhnt8tDNdWwP/2NnLRWvziY/ilvylDEczut+
xbSNg719ckFBtvkuXirQdsjfTmW3M/RJXUtjOmRDDEQB0IfmIRkrL49moDLeY0rB
tjrsoVQESwYwbnb0xNzC3Oqr0tP3hitxFUpkKd7L0opo5vWhshBwqzWEtLTPxI1X
T81DCpYiKDMB57bXgRV26QIFgQpHGXV/bMDCksVc12phempeEldP7t4dueDZy526
kWinK9jlwzViWwSmm5VK0t9IbemAZ56Ca829ZmrkT7XfLRyxw0rb+2f9VcQz/kNe
RziJ3RwF2WZTe7yJpz6LV5h3RMo+MoHdVbPCYmcYNPiaHGTMl1POZXkjDHBHCSBY
etboXOyZNOsnTMIVNwwXK/aGsKBz6kkfbWODS2omtz5oZjzGdZJLC/nFZC2GG13E
Pnb0E5ULmA95poi07gWTy31APilQXfAzGJEOebsvH5s2EZ9HcANqrwtonfHSjeOU
ZFH8xfnCTgO37ZgevrjdreD8SYRJR3QfEEf/DDNx2xXgr4wzydgvdyNCI1QpEz5s
PS3JQECoBM9SsgXv02mCkNlK1crEqoxYURjcN3UIPGx8GVxtyiWJoEByxAgTtqv8
RPSqKGvPrznR1SxVNrXB2o08X3LUqK0LREABpuD/wbp8Qj8ma2fo3hLpvdoc9+De
fSLSaEAmjBkF5c4r1O3P
=zOSS
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: GNOME security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4451-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4451
Issue date: 2020-11-03
CVE Names: CVE-2019-8625 CVE-2019-8710 CVE-2019-8720
CVE-2019-8743 CVE-2019-8764 CVE-2019-8766
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8823 CVE-2019-8835
CVE-2019-8844 CVE-2019-8846 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-9802 CVE-2020-9803 CVE-2020-9805
CVE-2020-9806 CVE-2020-9807 CVE-2020-9843
CVE-2020-9850 CVE-2020-9862 CVE-2020-9893
CVE-2020-9894 CVE-2020-9895 CVE-2020-9915
CVE-2020-9925 CVE-2020-10018 CVE-2020-11793
CVE-2020-14391 CVE-2020-15503
====================================================================
1. Summary:
An update for GNOME is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
GNOME is the default desktop environment of Red Hat Enterprise Linux.
The following packages have been upgraded to a later upstream version:
gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4),
webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk
(1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710,
CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844,
CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867,
CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897,
CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802,
CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843,
CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,
CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793)
* gnome-settings-daemon: Red Hat Customer Portal password logged and passed
as command line argument when user registers through GNOME control center
(CVE-2020-14391)
* LibRaw: lack of thumbnail size range check can lead to buffer overflow
(CVE-2020-15503)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
GDM must be restarted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1207179 - Select items matching non existing pattern does not unselect already selected
1566027 - can't correctly compute contents size if hidden files are included
1569868 - Browsing samba shares using gvfs is very slow
1652178 - [RFE] perf-tool run on wayland
1656262 - The terminal's character display is unclear on rhel8 guest after installing gnome
1668895 - [RHEL8] Timedlogin Fails when Userlist is Disabled
1692536 - login screen shows after gnome-initial-setup
1706008 - Sound Effect sometimes fails to change to selected option.
1706076 - Automatic suspend for 90 minutes is set for 80 minutes instead.
1715845 - JS ERROR: TypeError: this._workspacesViews[i] is undefined
1719937 - GNOME Extension: Auto-Move-Windows Not Working Properly
1758891 - tracker-devel subpackage missing from el8 repos
1775345 - Rebase xdg-desktop-portal to 1.6
1778579 - Nautilus does not respect umask settings.
1779691 - Rebase xdg-desktop-portal-gtk to 1.6
1794045 - There are two different high contrast versions of desktop icons
1804719 - Update vte291 to 0.52.4
1805929 - RHEL 8.1 gnome-shell-extension errors
1811721 - CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp
1814820 - No checkbox to install updates in the shutdown dialog
1816070 - "search for an application to open this file" dialog broken
1816678 - CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution
1816684 - CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1816686 - CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1817143 - Rebase WebKitGTK to 2.28
1820759 - Include IO stall fixes
1820760 - Include IO fixes
1824362 - [BZ] Setting in gnome-tweak-tool Window List will reset upon opening
1827030 - gnome-settings-daemon: subscription notification on CentOS Stream
1829369 - CVE-2020-11793 webkitgtk: use-after-free via crafted web content
1832347 - [Rebase] Rebase pipewire to 0.3.x
1833158 - gdm-related dconf folders and keyfiles are not found in fresh 8.2 install
1837381 - Backport screen cast improvements to 8.3
1837406 - Rebase gnome-remote-desktop to PipeWire 0.3 version
1837413 - Backport changes needed by xdg-desktop-portal-gtk-1.6
1837648 - Vendor.conf should point to https://access.redhat.com/site/solutions/537113
1840080 - Can not control top bar menus via keys in Wayland
1840788 - [flatpak][rhel8] unable to build potrace as dependency
1843486 - Software crash after clicking Updates tab
1844578 - anaconda very rarely crashes at startup with a pygobject traceback
1846191 - usb adapters hotplug crashes gnome-shell
1847051 - JS ERROR: TypeError: area is null
1847061 - File search doesn't work under certain locales
1847062 - gnome-remote-desktop crash on QXL graphics
1847203 - gnome-shell: get_top_visible_window_actor(): gnome-shell killed by SIGSEGV
1853477 - CVE-2020-15503 LibRaw: lack of thumbnail size range check can lead to buffer overflow
1854734 - PipeWire 0.2 should be required by xdg-desktop-portal
1866332 - Remove obsolete libusb-devel dependency
1868260 - [Hyper-V][RHEL8] VM starts GUI failed on Hyper-V 2019/2016, hangs at "Started GNOME Display Manager" - GDM regression issue. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
LibRaw-0.19.5-2.el8.src.rpm
PackageKit-1.1.12-6.el8.src.rpm
dleyna-renderer-0.6.0-3.el8.src.rpm
frei0r-plugins-1.6.1-7.el8.src.rpm
gdm-3.28.3-34.el8.src.rpm
gnome-control-center-3.28.2-22.el8.src.rpm
gnome-photos-3.28.1-3.el8.src.rpm
gnome-remote-desktop-0.1.8-3.el8.src.rpm
gnome-session-3.28.1-10.el8.src.rpm
gnome-settings-daemon-3.32.0-11.el8.src.rpm
gnome-shell-3.32.2-20.el8.src.rpm
gnome-shell-extensions-3.32.1-11.el8.src.rpm
gnome-terminal-3.28.3-2.el8.src.rpm
gtk3-3.22.30-6.el8.src.rpm
gvfs-1.36.2-10.el8.src.rpm
mutter-3.32.2-48.el8.src.rpm
nautilus-3.28.1-14.el8.src.rpm
pipewire-0.3.6-1.el8.src.rpm
pipewire0.2-0.2.7-6.el8.src.rpm
potrace-1.15-3.el8.src.rpm
tracker-2.1.5-2.el8.src.rpm
vte291-0.52.4-2.el8.src.rpm
webkit2gtk3-2.28.4-1.el8.src.rpm
webrtc-audio-processing-0.3-9.el8.src.rpm
xdg-desktop-portal-1.6.0-2.el8.src.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.src.rpm
aarch64:
PackageKit-1.1.12-6.el8.aarch64.rpm
PackageKit-command-not-found-1.1.12-6.el8.aarch64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-cron-1.1.12-6.el8.aarch64.rpm
PackageKit-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-debugsource-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.aarch64.rpm
frei0r-plugins-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.aarch64.rpm
gdm-3.28.3-34.el8.aarch64.rpm
gdm-debuginfo-3.28.3-34.el8.aarch64.rpm
gdm-debugsource-3.28.3-34.el8.aarch64.rpm
gnome-control-center-3.28.2-22.el8.aarch64.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.aarch64.rpm
gnome-control-center-debugsource-3.28.2-22.el8.aarch64.rpm
gnome-remote-desktop-0.1.8-3.el8.aarch64.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.aarch64.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.aarch64.rpm
gnome-session-3.28.1-10.el8.aarch64.rpm
gnome-session-debuginfo-3.28.1-10.el8.aarch64.rpm
gnome-session-debugsource-3.28.1-10.el8.aarch64.rpm
gnome-session-wayland-session-3.28.1-10.el8.aarch64.rpm
gnome-session-xsession-3.28.1-10.el8.aarch64.rpm
gnome-settings-daemon-3.32.0-11.el8.aarch64.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.aarch64.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.aarch64.rpm
gnome-shell-3.32.2-20.el8.aarch64.rpm
gnome-shell-debuginfo-3.32.2-20.el8.aarch64.rpm
gnome-shell-debugsource-3.32.2-20.el8.aarch64.rpm
gnome-terminal-3.28.3-2.el8.aarch64.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.aarch64.rpm
gnome-terminal-debugsource-3.28.3-2.el8.aarch64.rpm
gnome-terminal-nautilus-3.28.3-2.el8.aarch64.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.aarch64.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.aarch64.rpm
gtk-update-icon-cache-3.22.30-6.el8.aarch64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-3.22.30-6.el8.aarch64.rpm
gtk3-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-debugsource-3.22.30-6.el8.aarch64.rpm
gtk3-devel-3.22.30-6.el8.aarch64.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-immodule-xim-3.22.30-6.el8.aarch64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.aarch64.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.aarch64.rpm
gvfs-1.36.2-10.el8.aarch64.rpm
gvfs-afc-1.36.2-10.el8.aarch64.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-afp-1.36.2-10.el8.aarch64.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-archive-1.36.2-10.el8.aarch64.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-client-1.36.2-10.el8.aarch64.rpm
gvfs-client-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-debugsource-1.36.2-10.el8.aarch64.rpm
gvfs-devel-1.36.2-10.el8.aarch64.rpm
gvfs-fuse-1.36.2-10.el8.aarch64.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-goa-1.36.2-10.el8.aarch64.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-gphoto2-1.36.2-10.el8.aarch64.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-mtp-1.36.2-10.el8.aarch64.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.aarch64.rpm
gvfs-smb-1.36.2-10.el8.aarch64.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.aarch64.rpm
libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm
libsoup-debugsource-2.62.3-2.el8.aarch64.rpm
libsoup-devel-2.62.3-2.el8.aarch64.rpm
mutter-3.32.2-48.el8.aarch64.rpm
mutter-debuginfo-3.32.2-48.el8.aarch64.rpm
mutter-debugsource-3.32.2-48.el8.aarch64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.aarch64.rpm
nautilus-3.28.1-14.el8.aarch64.rpm
nautilus-debuginfo-3.28.1-14.el8.aarch64.rpm
nautilus-debugsource-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.aarch64.rpm
pipewire-0.3.6-1.el8.aarch64.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-debugsource-0.3.6-1.el8.aarch64.rpm
pipewire-devel-0.3.6-1.el8.aarch64.rpm
pipewire-doc-0.3.6-1.el8.aarch64.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-libs-0.3.6-1.el8.aarch64.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire-utils-0.3.6-1.el8.aarch64.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.aarch64.rpm
pipewire0.2-debugsource-0.2.7-6.el8.aarch64.rpm
pipewire0.2-devel-0.2.7-6.el8.aarch64.rpm
pipewire0.2-libs-0.2.7-6.el8.aarch64.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.aarch64.rpm
potrace-1.15-3.el8.aarch64.rpm
potrace-debuginfo-1.15-3.el8.aarch64.rpm
potrace-debugsource-1.15-3.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
python3-gobject-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
tracker-2.1.5-2.el8.aarch64.rpm
tracker-debuginfo-2.1.5-2.el8.aarch64.rpm
tracker-debugsource-2.1.5-2.el8.aarch64.rpm
vte-profile-0.52.4-2.el8.aarch64.rpm
vte291-0.52.4-2.el8.aarch64.rpm
vte291-debuginfo-0.52.4-2.el8.aarch64.rpm
vte291-debugsource-0.52.4-2.el8.aarch64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.aarch64.rpm
webkit2gtk3-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-devel-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.aarch64.rpm
webrtc-audio-processing-0.3-9.el8.aarch64.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.aarch64.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.aarch64.rpm
xdg-desktop-portal-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.aarch64.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.aarch64.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.aarch64.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.aarch64.rpm
noarch:
gnome-classic-session-3.32.1-11.el8.noarch.rpm
gnome-control-center-filesystem-3.28.2-22.el8.noarch.rpm
gnome-shell-extension-apps-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-auto-move-windows-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-common-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-dash-to-dock-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-desktop-icons-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-disable-screenshield-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-drive-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-horizontal-workspaces-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-launch-new-instance-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-native-window-placement-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-no-hot-corner-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-panel-favorites-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-places-menu-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-screenshot-window-sizer-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-systemMonitor-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-top-icons-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-updates-dialog-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-user-theme-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-window-grouper-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-window-list-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-windowsNavigator-3.32.1-11.el8.noarch.rpm
gnome-shell-extension-workspace-indicator-3.32.1-11.el8.noarch.rpm
ppc64le:
LibRaw-0.19.5-2.el8.ppc64le.rpm
LibRaw-debuginfo-0.19.5-2.el8.ppc64le.rpm
LibRaw-debugsource-0.19.5-2.el8.ppc64le.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.ppc64le.rpm
PackageKit-1.1.12-6.el8.ppc64le.rpm
PackageKit-command-not-found-1.1.12-6.el8.ppc64le.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-cron-1.1.12-6.el8.ppc64le.rpm
PackageKit-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-debugsource-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.ppc64le.rpm
dleyna-renderer-0.6.0-3.el8.ppc64le.rpm
dleyna-renderer-debuginfo-0.6.0-3.el8.ppc64le.rpm
dleyna-renderer-debugsource-0.6.0-3.el8.ppc64le.rpm
frei0r-plugins-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.ppc64le.rpm
gdm-3.28.3-34.el8.ppc64le.rpm
gdm-debuginfo-3.28.3-34.el8.ppc64le.rpm
gdm-debugsource-3.28.3-34.el8.ppc64le.rpm
gnome-control-center-3.28.2-22.el8.ppc64le.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.ppc64le.rpm
gnome-control-center-debugsource-3.28.2-22.el8.ppc64le.rpm
gnome-photos-3.28.1-3.el8.ppc64le.rpm
gnome-photos-debuginfo-3.28.1-3.el8.ppc64le.rpm
gnome-photos-debugsource-3.28.1-3.el8.ppc64le.rpm
gnome-photos-tests-3.28.1-3.el8.ppc64le.rpm
gnome-remote-desktop-0.1.8-3.el8.ppc64le.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.ppc64le.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.ppc64le.rpm
gnome-session-3.28.1-10.el8.ppc64le.rpm
gnome-session-debuginfo-3.28.1-10.el8.ppc64le.rpm
gnome-session-debugsource-3.28.1-10.el8.ppc64le.rpm
gnome-session-wayland-session-3.28.1-10.el8.ppc64le.rpm
gnome-session-xsession-3.28.1-10.el8.ppc64le.rpm
gnome-settings-daemon-3.32.0-11.el8.ppc64le.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.ppc64le.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.ppc64le.rpm
gnome-shell-3.32.2-20.el8.ppc64le.rpm
gnome-shell-debuginfo-3.32.2-20.el8.ppc64le.rpm
gnome-shell-debugsource-3.32.2-20.el8.ppc64le.rpm
gnome-terminal-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-debugsource-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-nautilus-3.28.3-2.el8.ppc64le.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.ppc64le.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.ppc64le.rpm
gtk-update-icon-cache-3.22.30-6.el8.ppc64le.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-3.22.30-6.el8.ppc64le.rpm
gtk3-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-debugsource-3.22.30-6.el8.ppc64le.rpm
gtk3-devel-3.22.30-6.el8.ppc64le.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-immodule-xim-3.22.30-6.el8.ppc64le.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.ppc64le.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.ppc64le.rpm
gvfs-1.36.2-10.el8.ppc64le.rpm
gvfs-afc-1.36.2-10.el8.ppc64le.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-afp-1.36.2-10.el8.ppc64le.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-archive-1.36.2-10.el8.ppc64le.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-client-1.36.2-10.el8.ppc64le.rpm
gvfs-client-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-debugsource-1.36.2-10.el8.ppc64le.rpm
gvfs-devel-1.36.2-10.el8.ppc64le.rpm
gvfs-fuse-1.36.2-10.el8.ppc64le.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-goa-1.36.2-10.el8.ppc64le.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-gphoto2-1.36.2-10.el8.ppc64le.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-mtp-1.36.2-10.el8.ppc64le.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.ppc64le.rpm
gvfs-smb-1.36.2-10.el8.ppc64le.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.ppc64le.rpm
libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm
libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm
libsoup-devel-2.62.3-2.el8.ppc64le.rpm
mutter-3.32.2-48.el8.ppc64le.rpm
mutter-debuginfo-3.32.2-48.el8.ppc64le.rpm
mutter-debugsource-3.32.2-48.el8.ppc64le.rpm
mutter-tests-debuginfo-3.32.2-48.el8.ppc64le.rpm
nautilus-3.28.1-14.el8.ppc64le.rpm
nautilus-debuginfo-3.28.1-14.el8.ppc64le.rpm
nautilus-debugsource-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.ppc64le.rpm
pipewire-0.3.6-1.el8.ppc64le.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-debugsource-0.3.6-1.el8.ppc64le.rpm
pipewire-devel-0.3.6-1.el8.ppc64le.rpm
pipewire-doc-0.3.6-1.el8.ppc64le.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-libs-0.3.6-1.el8.ppc64le.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire-utils-0.3.6-1.el8.ppc64le.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.ppc64le.rpm
pipewire0.2-debugsource-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-devel-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-libs-0.2.7-6.el8.ppc64le.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.ppc64le.rpm
potrace-1.15-3.el8.ppc64le.rpm
potrace-debuginfo-1.15-3.el8.ppc64le.rpm
potrace-debugsource-1.15-3.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
python3-gobject-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
tracker-2.1.5-2.el8.ppc64le.rpm
tracker-debuginfo-2.1.5-2.el8.ppc64le.rpm
tracker-debugsource-2.1.5-2.el8.ppc64le.rpm
vte-profile-0.52.4-2.el8.ppc64le.rpm
vte291-0.52.4-2.el8.ppc64le.rpm
vte291-debuginfo-0.52.4-2.el8.ppc64le.rpm
vte291-debugsource-0.52.4-2.el8.ppc64le.rpm
vte291-devel-debuginfo-0.52.4-2.el8.ppc64le.rpm
webkit2gtk3-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-devel-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.ppc64le.rpm
webrtc-audio-processing-0.3-9.el8.ppc64le.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.ppc64le.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.ppc64le.rpm
xdg-desktop-portal-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.ppc64le.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.ppc64le.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.ppc64le.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.ppc64le.rpm
s390x:
PackageKit-1.1.12-6.el8.s390x.rpm
PackageKit-command-not-found-1.1.12-6.el8.s390x.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-cron-1.1.12-6.el8.s390x.rpm
PackageKit-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-debugsource-1.1.12-6.el8.s390x.rpm
PackageKit-glib-1.1.12-6.el8.s390x.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.s390x.rpm
frei0r-plugins-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.s390x.rpm
gdm-3.28.3-34.el8.s390x.rpm
gdm-debuginfo-3.28.3-34.el8.s390x.rpm
gdm-debugsource-3.28.3-34.el8.s390x.rpm
gnome-control-center-3.28.2-22.el8.s390x.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.s390x.rpm
gnome-control-center-debugsource-3.28.2-22.el8.s390x.rpm
gnome-remote-desktop-0.1.8-3.el8.s390x.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.s390x.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.s390x.rpm
gnome-session-3.28.1-10.el8.s390x.rpm
gnome-session-debuginfo-3.28.1-10.el8.s390x.rpm
gnome-session-debugsource-3.28.1-10.el8.s390x.rpm
gnome-session-wayland-session-3.28.1-10.el8.s390x.rpm
gnome-session-xsession-3.28.1-10.el8.s390x.rpm
gnome-settings-daemon-3.32.0-11.el8.s390x.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.s390x.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.s390x.rpm
gnome-shell-3.32.2-20.el8.s390x.rpm
gnome-shell-debuginfo-3.32.2-20.el8.s390x.rpm
gnome-shell-debugsource-3.32.2-20.el8.s390x.rpm
gnome-terminal-3.28.3-2.el8.s390x.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.s390x.rpm
gnome-terminal-debugsource-3.28.3-2.el8.s390x.rpm
gnome-terminal-nautilus-3.28.3-2.el8.s390x.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.s390x.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.s390x.rpm
gtk-update-icon-cache-3.22.30-6.el8.s390x.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-3.22.30-6.el8.s390x.rpm
gtk3-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-debugsource-3.22.30-6.el8.s390x.rpm
gtk3-devel-3.22.30-6.el8.s390x.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-immodule-xim-3.22.30-6.el8.s390x.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.s390x.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.s390x.rpm
gvfs-1.36.2-10.el8.s390x.rpm
gvfs-afp-1.36.2-10.el8.s390x.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-archive-1.36.2-10.el8.s390x.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-client-1.36.2-10.el8.s390x.rpm
gvfs-client-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-debugsource-1.36.2-10.el8.s390x.rpm
gvfs-devel-1.36.2-10.el8.s390x.rpm
gvfs-fuse-1.36.2-10.el8.s390x.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-goa-1.36.2-10.el8.s390x.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-gphoto2-1.36.2-10.el8.s390x.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-mtp-1.36.2-10.el8.s390x.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.s390x.rpm
gvfs-smb-1.36.2-10.el8.s390x.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.s390x.rpm
libsoup-debuginfo-2.62.3-2.el8.s390x.rpm
libsoup-debugsource-2.62.3-2.el8.s390x.rpm
libsoup-devel-2.62.3-2.el8.s390x.rpm
mutter-3.32.2-48.el8.s390x.rpm
mutter-debuginfo-3.32.2-48.el8.s390x.rpm
mutter-debugsource-3.32.2-48.el8.s390x.rpm
mutter-tests-debuginfo-3.32.2-48.el8.s390x.rpm
nautilus-3.28.1-14.el8.s390x.rpm
nautilus-debuginfo-3.28.1-14.el8.s390x.rpm
nautilus-debugsource-3.28.1-14.el8.s390x.rpm
nautilus-extensions-3.28.1-14.el8.s390x.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.s390x.rpm
pipewire-0.3.6-1.el8.s390x.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-debugsource-0.3.6-1.el8.s390x.rpm
pipewire-devel-0.3.6-1.el8.s390x.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-libs-0.3.6-1.el8.s390x.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire-utils-0.3.6-1.el8.s390x.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.s390x.rpm
pipewire0.2-debugsource-0.2.7-6.el8.s390x.rpm
pipewire0.2-devel-0.2.7-6.el8.s390x.rpm
pipewire0.2-libs-0.2.7-6.el8.s390x.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.s390x.rpm
potrace-1.15-3.el8.s390x.rpm
potrace-debuginfo-1.15-3.el8.s390x.rpm
potrace-debugsource-1.15-3.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
python3-gobject-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
tracker-2.1.5-2.el8.s390x.rpm
tracker-debuginfo-2.1.5-2.el8.s390x.rpm
tracker-debugsource-2.1.5-2.el8.s390x.rpm
vte-profile-0.52.4-2.el8.s390x.rpm
vte291-0.52.4-2.el8.s390x.rpm
vte291-debuginfo-0.52.4-2.el8.s390x.rpm
vte291-debugsource-0.52.4-2.el8.s390x.rpm
vte291-devel-debuginfo-0.52.4-2.el8.s390x.rpm
webkit2gtk3-2.28.4-1.el8.s390x.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.s390x.rpm
webkit2gtk3-devel-2.28.4-1.el8.s390x.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.s390x.rpm
webrtc-audio-processing-0.3-9.el8.s390x.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.s390x.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.s390x.rpm
xdg-desktop-portal-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.s390x.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.s390x.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.s390x.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.s390x.rpm
x86_64:
LibRaw-0.19.5-2.el8.i686.rpm
LibRaw-0.19.5-2.el8.x86_64.rpm
LibRaw-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-debuginfo-0.19.5-2.el8.x86_64.rpm
LibRaw-debugsource-0.19.5-2.el8.i686.rpm
LibRaw-debugsource-0.19.5-2.el8.x86_64.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.x86_64.rpm
PackageKit-1.1.12-6.el8.x86_64.rpm
PackageKit-command-not-found-1.1.12-6.el8.x86_64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-cron-1.1.12-6.el8.x86_64.rpm
PackageKit-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-debugsource-1.1.12-6.el8.i686.rpm
PackageKit-debugsource-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-1.1.12-6.el8.i686.rpm
PackageKit-glib-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.x86_64.rpm
dleyna-renderer-0.6.0-3.el8.x86_64.rpm
dleyna-renderer-debuginfo-0.6.0-3.el8.x86_64.rpm
dleyna-renderer-debugsource-0.6.0-3.el8.x86_64.rpm
frei0r-plugins-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.x86_64.rpm
gdm-3.28.3-34.el8.i686.rpm
gdm-3.28.3-34.el8.x86_64.rpm
gdm-debuginfo-3.28.3-34.el8.i686.rpm
gdm-debuginfo-3.28.3-34.el8.x86_64.rpm
gdm-debugsource-3.28.3-34.el8.i686.rpm
gdm-debugsource-3.28.3-34.el8.x86_64.rpm
gnome-control-center-3.28.2-22.el8.x86_64.rpm
gnome-control-center-debuginfo-3.28.2-22.el8.x86_64.rpm
gnome-control-center-debugsource-3.28.2-22.el8.x86_64.rpm
gnome-photos-3.28.1-3.el8.x86_64.rpm
gnome-photos-debuginfo-3.28.1-3.el8.x86_64.rpm
gnome-photos-debugsource-3.28.1-3.el8.x86_64.rpm
gnome-photos-tests-3.28.1-3.el8.x86_64.rpm
gnome-remote-desktop-0.1.8-3.el8.x86_64.rpm
gnome-remote-desktop-debuginfo-0.1.8-3.el8.x86_64.rpm
gnome-remote-desktop-debugsource-0.1.8-3.el8.x86_64.rpm
gnome-session-3.28.1-10.el8.x86_64.rpm
gnome-session-debuginfo-3.28.1-10.el8.x86_64.rpm
gnome-session-debugsource-3.28.1-10.el8.x86_64.rpm
gnome-session-wayland-session-3.28.1-10.el8.x86_64.rpm
gnome-session-xsession-3.28.1-10.el8.x86_64.rpm
gnome-settings-daemon-3.32.0-11.el8.x86_64.rpm
gnome-settings-daemon-debuginfo-3.32.0-11.el8.x86_64.rpm
gnome-settings-daemon-debugsource-3.32.0-11.el8.x86_64.rpm
gnome-shell-3.32.2-20.el8.x86_64.rpm
gnome-shell-debuginfo-3.32.2-20.el8.x86_64.rpm
gnome-shell-debugsource-3.32.2-20.el8.x86_64.rpm
gnome-terminal-3.28.3-2.el8.x86_64.rpm
gnome-terminal-debuginfo-3.28.3-2.el8.x86_64.rpm
gnome-terminal-debugsource-3.28.3-2.el8.x86_64.rpm
gnome-terminal-nautilus-3.28.3-2.el8.x86_64.rpm
gnome-terminal-nautilus-debuginfo-3.28.3-2.el8.x86_64.rpm
gsettings-desktop-schemas-3.32.0-5.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.i686.rpm
gsettings-desktop-schemas-devel-3.32.0-5.el8.x86_64.rpm
gtk-update-icon-cache-3.22.30-6.el8.x86_64.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.i686.rpm
gtk-update-icon-cache-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-3.22.30-6.el8.i686.rpm
gtk3-3.22.30-6.el8.x86_64.rpm
gtk3-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-debugsource-3.22.30-6.el8.i686.rpm
gtk3-debugsource-3.22.30-6.el8.x86_64.rpm
gtk3-devel-3.22.30-6.el8.i686.rpm
gtk3-devel-3.22.30-6.el8.x86_64.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-devel-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-immodule-xim-3.22.30-6.el8.x86_64.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-immodule-xim-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-immodules-debuginfo-3.22.30-6.el8.x86_64.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.i686.rpm
gtk3-tests-debuginfo-3.22.30-6.el8.x86_64.rpm
gvfs-1.36.2-10.el8.x86_64.rpm
gvfs-afc-1.36.2-10.el8.x86_64.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-afp-1.36.2-10.el8.x86_64.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-archive-1.36.2-10.el8.x86_64.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-client-1.36.2-10.el8.i686.rpm
gvfs-client-1.36.2-10.el8.x86_64.rpm
gvfs-client-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-client-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-debugsource-1.36.2-10.el8.i686.rpm
gvfs-debugsource-1.36.2-10.el8.x86_64.rpm
gvfs-devel-1.36.2-10.el8.i686.rpm
gvfs-devel-1.36.2-10.el8.x86_64.rpm
gvfs-fuse-1.36.2-10.el8.x86_64.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-goa-1.36.2-10.el8.x86_64.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-gphoto2-1.36.2-10.el8.x86_64.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-mtp-1.36.2-10.el8.x86_64.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.x86_64.rpm
gvfs-smb-1.36.2-10.el8.x86_64.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.x86_64.rpm
libsoup-debuginfo-2.62.3-2.el8.i686.rpm
libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm
libsoup-debugsource-2.62.3-2.el8.i686.rpm
libsoup-debugsource-2.62.3-2.el8.x86_64.rpm
libsoup-devel-2.62.3-2.el8.i686.rpm
libsoup-devel-2.62.3-2.el8.x86_64.rpm
mutter-3.32.2-48.el8.i686.rpm
mutter-3.32.2-48.el8.x86_64.rpm
mutter-debuginfo-3.32.2-48.el8.i686.rpm
mutter-debuginfo-3.32.2-48.el8.x86_64.rpm
mutter-debugsource-3.32.2-48.el8.i686.rpm
mutter-debugsource-3.32.2-48.el8.x86_64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.i686.rpm
mutter-tests-debuginfo-3.32.2-48.el8.x86_64.rpm
nautilus-3.28.1-14.el8.x86_64.rpm
nautilus-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-debuginfo-3.28.1-14.el8.x86_64.rpm
nautilus-debugsource-3.28.1-14.el8.i686.rpm
nautilus-debugsource-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-3.28.1-14.el8.i686.rpm
nautilus-extensions-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.x86_64.rpm
pipewire-0.3.6-1.el8.i686.rpm
pipewire-0.3.6-1.el8.x86_64.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-alsa-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-debugsource-0.3.6-1.el8.i686.rpm
pipewire-debugsource-0.3.6-1.el8.x86_64.rpm
pipewire-devel-0.3.6-1.el8.i686.rpm
pipewire-devel-0.3.6-1.el8.x86_64.rpm
pipewire-doc-0.3.6-1.el8.x86_64.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-gstreamer-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-libs-0.3.6-1.el8.i686.rpm
pipewire-libs-0.3.6-1.el8.x86_64.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-libs-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire-utils-0.3.6-1.el8.x86_64.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.i686.rpm
pipewire-utils-debuginfo-0.3.6-1.el8.x86_64.rpm
pipewire0.2-debugsource-0.2.7-6.el8.i686.rpm
pipewire0.2-debugsource-0.2.7-6.el8.x86_64.rpm
pipewire0.2-devel-0.2.7-6.el8.i686.rpm
pipewire0.2-devel-0.2.7-6.el8.x86_64.rpm
pipewire0.2-libs-0.2.7-6.el8.i686.rpm
pipewire0.2-libs-0.2.7-6.el8.x86_64.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.i686.rpm
pipewire0.2-libs-debuginfo-0.2.7-6.el8.x86_64.rpm
potrace-1.15-3.el8.i686.rpm
potrace-1.15-3.el8.x86_64.rpm
potrace-debuginfo-1.15-3.el8.i686.rpm
potrace-debuginfo-1.15-3.el8.x86_64.rpm
potrace-debugsource-1.15-3.el8.i686.rpm
potrace-debugsource-1.15-3.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.i686.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.i686.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
python3-gobject-3.28.3-2.el8.i686.rpm
python3-gobject-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
tracker-2.1.5-2.el8.i686.rpm
tracker-2.1.5-2.el8.x86_64.rpm
tracker-debuginfo-2.1.5-2.el8.i686.rpm
tracker-debuginfo-2.1.5-2.el8.x86_64.rpm
tracker-debugsource-2.1.5-2.el8.i686.rpm
tracker-debugsource-2.1.5-2.el8.x86_64.rpm
vte-profile-0.52.4-2.el8.x86_64.rpm
vte291-0.52.4-2.el8.i686.rpm
vte291-0.52.4-2.el8.x86_64.rpm
vte291-debuginfo-0.52.4-2.el8.i686.rpm
vte291-debuginfo-0.52.4-2.el8.x86_64.rpm
vte291-debugsource-0.52.4-2.el8.i686.rpm
vte291-debugsource-0.52.4-2.el8.x86_64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.i686.rpm
vte291-devel-debuginfo-0.52.4-2.el8.x86_64.rpm
webkit2gtk3-2.28.4-1.el8.i686.rpm
webkit2gtk3-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.i686.rpm
webkit2gtk3-debugsource-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-devel-2.28.4-1.el8.i686.rpm
webkit2gtk3-devel-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-devel-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-debuginfo-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-devel-2.28.4-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8.x86_64.rpm
webrtc-audio-processing-0.3-9.el8.i686.rpm
webrtc-audio-processing-0.3-9.el8.x86_64.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.i686.rpm
webrtc-audio-processing-debuginfo-0.3-9.el8.x86_64.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.i686.rpm
webrtc-audio-processing-debugsource-0.3-9.el8.x86_64.rpm
xdg-desktop-portal-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-debuginfo-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-debugsource-1.6.0-2.el8.x86_64.rpm
xdg-desktop-portal-gtk-1.6.0-1.el8.x86_64.rpm
xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8.x86_64.rpm
xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
gsettings-desktop-schemas-3.32.0-5.el8.src.rpm
libsoup-2.62.3-2.el8.src.rpm
pygobject3-3.28.3-2.el8.src.rpm
aarch64:
gsettings-desktop-schemas-3.32.0-5.el8.aarch64.rpm
libsoup-2.62.3-2.el8.aarch64.rpm
libsoup-debuginfo-2.62.3-2.el8.aarch64.rpm
libsoup-debugsource-2.62.3-2.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
ppc64le:
gsettings-desktop-schemas-3.32.0-5.el8.ppc64le.rpm
libsoup-2.62.3-2.el8.ppc64le.rpm
libsoup-debuginfo-2.62.3-2.el8.ppc64le.rpm
libsoup-debugsource-2.62.3-2.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
s390x:
gsettings-desktop-schemas-3.32.0-5.el8.s390x.rpm
libsoup-2.62.3-2.el8.s390x.rpm
libsoup-debuginfo-2.62.3-2.el8.s390x.rpm
libsoup-debugsource-2.62.3-2.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
python3-gobject-base-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
x86_64:
gsettings-desktop-schemas-3.32.0-5.el8.x86_64.rpm
libsoup-2.62.3-2.el8.i686.rpm
libsoup-2.62.3-2.el8.x86_64.rpm
libsoup-debuginfo-2.62.3-2.el8.i686.rpm
libsoup-debuginfo-2.62.3-2.el8.x86_64.rpm
libsoup-debugsource-2.62.3-2.el8.i686.rpm
libsoup-debugsource-2.62.3-2.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
Source:
gtk-doc-1.28-2.el8.src.rpm
aarch64:
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-debugsource-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-glib-devel-1.1.12-6.el8.aarch64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.aarch64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.aarch64.rpm
frei0r-devel-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.aarch64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.aarch64.rpm
gtk-doc-1.28-2.el8.aarch64.rpm
mutter-debuginfo-3.32.2-48.el8.aarch64.rpm
mutter-debugsource-3.32.2-48.el8.aarch64.rpm
mutter-devel-3.32.2-48.el8.aarch64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.aarch64.rpm
nautilus-debuginfo-3.28.1-14.el8.aarch64.rpm
nautilus-debugsource-3.28.1-14.el8.aarch64.rpm
nautilus-devel-3.28.1-14.el8.aarch64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.aarch64.rpm
pygobject3-debuginfo-3.28.3-2.el8.aarch64.rpm
pygobject3-debugsource-3.28.3-2.el8.aarch64.rpm
pygobject3-devel-3.28.3-2.el8.aarch64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.aarch64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.aarch64.rpm
tracker-debuginfo-2.1.5-2.el8.aarch64.rpm
tracker-debugsource-2.1.5-2.el8.aarch64.rpm
tracker-devel-2.1.5-2.el8.aarch64.rpm
vte291-debuginfo-0.52.4-2.el8.aarch64.rpm
vte291-debugsource-0.52.4-2.el8.aarch64.rpm
vte291-devel-0.52.4-2.el8.aarch64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.aarch64.rpm
ppc64le:
LibRaw-debuginfo-0.19.5-2.el8.ppc64le.rpm
LibRaw-debugsource-0.19.5-2.el8.ppc64le.rpm
LibRaw-devel-0.19.5-2.el8.ppc64le.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.ppc64le.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-debugsource-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-glib-devel-1.1.12-6.el8.ppc64le.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.ppc64le.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.ppc64le.rpm
frei0r-devel-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.ppc64le.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.ppc64le.rpm
gtk-doc-1.28-2.el8.ppc64le.rpm
mutter-debuginfo-3.32.2-48.el8.ppc64le.rpm
mutter-debugsource-3.32.2-48.el8.ppc64le.rpm
mutter-devel-3.32.2-48.el8.ppc64le.rpm
mutter-tests-debuginfo-3.32.2-48.el8.ppc64le.rpm
nautilus-debuginfo-3.28.1-14.el8.ppc64le.rpm
nautilus-debugsource-3.28.1-14.el8.ppc64le.rpm
nautilus-devel-3.28.1-14.el8.ppc64le.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.ppc64le.rpm
pygobject3-debuginfo-3.28.3-2.el8.ppc64le.rpm
pygobject3-debugsource-3.28.3-2.el8.ppc64le.rpm
pygobject3-devel-3.28.3-2.el8.ppc64le.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.ppc64le.rpm
python3-gobject-debuginfo-3.28.3-2.el8.ppc64le.rpm
tracker-debuginfo-2.1.5-2.el8.ppc64le.rpm
tracker-debugsource-2.1.5-2.el8.ppc64le.rpm
tracker-devel-2.1.5-2.el8.ppc64le.rpm
vte291-debuginfo-0.52.4-2.el8.ppc64le.rpm
vte291-debugsource-0.52.4-2.el8.ppc64le.rpm
vte291-devel-0.52.4-2.el8.ppc64le.rpm
vte291-devel-debuginfo-0.52.4-2.el8.ppc64le.rpm
s390x:
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-debugsource-1.1.12-6.el8.s390x.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-glib-devel-1.1.12-6.el8.s390x.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.s390x.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.s390x.rpm
frei0r-devel-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.s390x.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.s390x.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.s390x.rpm
gtk-doc-1.28-2.el8.s390x.rpm
mutter-debuginfo-3.32.2-48.el8.s390x.rpm
mutter-debugsource-3.32.2-48.el8.s390x.rpm
mutter-devel-3.32.2-48.el8.s390x.rpm
mutter-tests-debuginfo-3.32.2-48.el8.s390x.rpm
nautilus-debuginfo-3.28.1-14.el8.s390x.rpm
nautilus-debugsource-3.28.1-14.el8.s390x.rpm
nautilus-devel-3.28.1-14.el8.s390x.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.s390x.rpm
pygobject3-debuginfo-3.28.3-2.el8.s390x.rpm
pygobject3-debugsource-3.28.3-2.el8.s390x.rpm
pygobject3-devel-3.28.3-2.el8.s390x.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.s390x.rpm
python3-gobject-debuginfo-3.28.3-2.el8.s390x.rpm
tracker-debuginfo-2.1.5-2.el8.s390x.rpm
tracker-debugsource-2.1.5-2.el8.s390x.rpm
tracker-devel-2.1.5-2.el8.s390x.rpm
vte291-debuginfo-0.52.4-2.el8.s390x.rpm
vte291-debugsource-0.52.4-2.el8.s390x.rpm
vte291-devel-0.52.4-2.el8.s390x.rpm
vte291-devel-debuginfo-0.52.4-2.el8.s390x.rpm
x86_64:
LibRaw-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-debuginfo-0.19.5-2.el8.x86_64.rpm
LibRaw-debugsource-0.19.5-2.el8.i686.rpm
LibRaw-debugsource-0.19.5-2.el8.x86_64.rpm
LibRaw-devel-0.19.5-2.el8.i686.rpm
LibRaw-devel-0.19.5-2.el8.x86_64.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.i686.rpm
LibRaw-samples-debuginfo-0.19.5-2.el8.x86_64.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-command-not-found-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-debugsource-1.1.12-6.el8.i686.rpm
PackageKit-debugsource-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-glib-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-glib-devel-1.1.12-6.el8.i686.rpm
PackageKit-glib-devel-1.1.12-6.el8.x86_64.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.x86_64.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.i686.rpm
PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.x86_64.rpm
frei0r-devel-1.6.1-7.el8.i686.rpm
frei0r-devel-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-1.6.1-7.el8.i686.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.i686.rpm
frei0r-plugins-debuginfo-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.i686.rpm
frei0r-plugins-debugsource-1.6.1-7.el8.x86_64.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.i686.rpm
frei0r-plugins-opencv-debuginfo-1.6.1-7.el8.x86_64.rpm
gtk-doc-1.28-2.el8.x86_64.rpm
gvfs-1.36.2-10.el8.i686.rpm
gvfs-afc-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-afp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-archive-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-client-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-debugsource-1.36.2-10.el8.i686.rpm
gvfs-fuse-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-goa-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-gphoto2-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-mtp-debuginfo-1.36.2-10.el8.i686.rpm
gvfs-smb-debuginfo-1.36.2-10.el8.i686.rpm
mutter-debuginfo-3.32.2-48.el8.i686.rpm
mutter-debuginfo-3.32.2-48.el8.x86_64.rpm
mutter-debugsource-3.32.2-48.el8.i686.rpm
mutter-debugsource-3.32.2-48.el8.x86_64.rpm
mutter-devel-3.32.2-48.el8.i686.rpm
mutter-devel-3.32.2-48.el8.x86_64.rpm
mutter-tests-debuginfo-3.32.2-48.el8.i686.rpm
mutter-tests-debuginfo-3.32.2-48.el8.x86_64.rpm
nautilus-3.28.1-14.el8.i686.rpm
nautilus-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-debuginfo-3.28.1-14.el8.x86_64.rpm
nautilus-debugsource-3.28.1-14.el8.i686.rpm
nautilus-debugsource-3.28.1-14.el8.x86_64.rpm
nautilus-devel-3.28.1-14.el8.i686.rpm
nautilus-devel-3.28.1-14.el8.x86_64.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.i686.rpm
nautilus-extensions-debuginfo-3.28.1-14.el8.x86_64.rpm
pygobject3-debuginfo-3.28.3-2.el8.i686.rpm
pygobject3-debuginfo-3.28.3-2.el8.x86_64.rpm
pygobject3-debugsource-3.28.3-2.el8.i686.rpm
pygobject3-debugsource-3.28.3-2.el8.x86_64.rpm
pygobject3-devel-3.28.3-2.el8.i686.rpm
pygobject3-devel-3.28.3-2.el8.x86_64.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-base-debuginfo-3.28.3-2.el8.x86_64.rpm
python3-gobject-debuginfo-3.28.3-2.el8.i686.rpm
python3-gobject-debuginfo-3.28.3-2.el8.x86_64.rpm
tracker-debuginfo-2.1.5-2.el8.i686.rpm
tracker-debuginfo-2.1.5-2.el8.x86_64.rpm
tracker-debugsource-2.1.5-2.el8.i686.rpm
tracker-debugsource-2.1.5-2.el8.x86_64.rpm
tracker-devel-2.1.5-2.el8.i686.rpm
tracker-devel-2.1.5-2.el8.x86_64.rpm
vte291-debuginfo-0.52.4-2.el8.i686.rpm
vte291-debuginfo-0.52.4-2.el8.x86_64.rpm
vte291-debugsource-0.52.4-2.el8.i686.rpm
vte291-debugsource-0.52.4-2.el8.x86_64.rpm
vte291-devel-0.52.4-2.el8.i686.rpm
vte291-devel-0.52.4-2.el8.x86_64.rpm
vte291-devel-debuginfo-0.52.4-2.el8.i686.rpm
vte291-devel-debuginfo-0.52.4-2.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
Installation note:
Safari 13.1.1 may be obtained from the Mac App Store.
CVE-2020-13753
Milan Crha discovered that an attacker may be able to execute
commands outside the bubblewrap sandbox.
For the stable distribution (buster), these problems have been fixed in
version 2.28.3-2~deb10u1.
We recommend that you upgrade your webkit2gtk packages.
For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8PaKUACgkQEMKTtsN8
Tjaf3hAAjZCKrikC4P1I/xiuL6kRepTjURi3zeZl3YywPCFLi/irWXX+5U+ejZoM
kek3wtdJc1thN8w9BbXhOVyLferb/xfnt5jUVtZ6JBNDKKWGXoTY0Qfdu2lH0vw5
IV1lf5bvOdawrw/tVS9Uy3dTN1kXEBZ3q3XCpRXrBWEkrXtWG/yznGy0duebnI5h
PM7D6R4PIKiCB3HBe9rszCIQrYcGQ/U3x8a/FPnPUO2TCRfVZG918M9yO1fN1v2R
+08h0DcOU8ggIJQwJA9hm/V3mJWpTayHh/ouTI8PrIcwG0T2/qbtUm/9cj0wvmXW
Id+RgXtQAyKeXQoXD5oP9jzVDgmm7rn03Rn2FX5hzAdTJAqdvT/Mr4IDNcOgdS8O
wXmGprdRvMzx0gXO5YpeTuhjQiCZS1fB9ByIOMq/7lIjpiBctrhTZQvlSMMyauIQ
P7tTTT8zCZo0DIQc/c2KyCXlD9/ORZm801U5wpXwPXT9Zq8wRAp5PodK/4plOzKc
JyJiPI6BR41+31C438nl3wifO/wLh8+6nHAb2rkRQSe6Tu9SKyqOmYT9Ev6JZi/1
R8NMBFSmTYM/XUv5ECsTeL3uLvDnCpKAR0EnWz5z1Cqy2AYzEthEf+1dwXAooYvO
2johOWMaUrSWJMsYdZjTFEahaCSO5oPTDlbZCB2yIgpc6P70irU=
=L5lA
-----END PGP SIGNATURE-----
|
|
var-201205-0312
|
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823. PHP is prone to an information-disclosure vulnerability.
Exploiting this issue allows remote attackers to view the source code of files in the context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code on the affected computer; other attacks are also possible. Please refer to the following Mandriva
advisories for further information:
MDVA-2012:004, MDVSA-2011:165, MDVSA-2011:166, MDVSA-2011:180,
MDVSA-2011:197, MDVSA-2012:065, MDVSA-2012:068, MDVSA-2012:068-1. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: php security update
Advisory ID: RHSA-2012:1046-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1046.html
Issue date: 2012-06-27
CVE Names: CVE-2010-2950 CVE-2011-4153 CVE-2012-0057
CVE-2012-0781 CVE-2012-0789 CVE-2012-1172
CVE-2012-2143 CVE-2012-2336 CVE-2012-2386
=====================================================================
1. Summary:
Updated php packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.
It was discovered that the PHP XSL extension did not restrict the file
writing capability of libxslt. A remote attacker could use this flaw to
create or overwrite an arbitrary file that is writable by the user running
PHP, if a PHP script processed untrusted eXtensible Style Sheet Language
Transformations (XSLT) content. (CVE-2012-0057)
Note: This update disables file writing by default. A new PHP configuration
directive, "xsl.security_prefs", can be used to enable file writing in
XSLT.
A flaw was found in the way PHP validated file names in file upload
requests. A remote attacker could possibly use this flaw to bypass the
sanitization of the uploaded file names, and cause a PHP script to store
the uploaded file in an unexpected directory, by using a directory
traversal attack. (CVE-2012-1172)
Multiple integer overflow flaws, leading to heap-based buffer overflows,
were found in the way the PHP phar extension processed certain fields of
tar archive files. A remote attacker could provide a specially-crafted tar
archive file that, when processed by a PHP application using the phar
extension, could cause the application to crash or, potentially, execute
arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)
A format string flaw was found in the way the PHP phar extension processed
certain PHAR files. A remote attacker could provide a specially-crafted
PHAR file, which once processed in a PHP application using the phar
extension, could lead to information disclosure and possibly arbitrary code
execution via a crafted phar:// URI. (CVE-2010-2950)
A flaw was found in the DES algorithm implementation in the crypt()
password hashing function in PHP. If the password string to be hashed
contained certain characters, the remainder of the string was ignored when
calculating the hash, significantly reducing the password strength.
(CVE-2012-2143)
Note: With this update, passwords are no longer truncated when performing
DES hashing. Therefore, new hashes of the affected passwords will not match
stored hashes generated using vulnerable PHP versions, and will need to be
updated.
It was discovered that the fix for CVE-2012-1823, released via
RHSA-2012:0546, did not properly filter all php-cgi command line arguments.
A specially-crafted request to a PHP script could cause the PHP interpreter
to execute the script in a loop, or output usage information that triggers
an Internal Server Error. (CVE-2012-2336)
A memory leak flaw was found in the PHP strtotime() function call. A remote
attacker could possibly use this flaw to cause excessive memory consumption
by triggering many strtotime() function calls. (CVE-2012-0789)
A NULL pointer dereference flaw was found in the PHP tidy_diagnose()
function. A remote attacker could use specially-crafted input to crash an
application that uses tidy::diagnose. (CVE-2012-0781)
It was found that PHP did not check the zend_strndup() function's return
value in certain cases. A remote attacker could possibly use this flaw to
crash a PHP application. (CVE-2011-4153)
Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters
of CVE-2012-2143.
All php users should upgrade to these updated packages, which contain
backported patches to resolve these issues. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
782657 - CVE-2012-0057 php: XSLT file writing vulnerability
782943 - CVE-2011-4153 php: zend_strndup() NULL pointer dereference may cause DoS
782951 - CVE-2012-0781 php: tidy_diagnose() NULL pointer dereference may cause DoS
783609 - CVE-2012-0789 php: strtotime timezone memory leak
799187 - CVE-2012-1172 php: $_FILES array indexes corruption
816956 - CVE-2012-2143 BSD crypt(): DES encrypted password weakness
820708 - CVE-2012-2336 php: incomplete CVE-2012-1823 fix - missing filtering of -T and -h
823594 - CVE-2012-2386 php: Integer overflow leading to heap-buffer overflow in the Phar extension
835024 - CVE-2010-2950 php: Format string flaw in phar extension via phar_stream_flush() (MOPS-2010-024)
6. Package List:
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/php-5.3.3-14.el6_3.src.rpm
i386:
php-5.3.3-14.el6_3.i686.rpm
php-bcmath-5.3.3-14.el6_3.i686.rpm
php-cli-5.3.3-14.el6_3.i686.rpm
php-common-5.3.3-14.el6_3.i686.rpm
php-dba-5.3.3-14.el6_3.i686.rpm
php-debuginfo-5.3.3-14.el6_3.i686.rpm
php-devel-5.3.3-14.el6_3.i686.rpm
php-embedded-5.3.3-14.el6_3.i686.rpm
php-enchant-5.3.3-14.el6_3.i686.rpm
php-gd-5.3.3-14.el6_3.i686.rpm
php-imap-5.3.3-14.el6_3.i686.rpm
php-intl-5.3.3-14.el6_3.i686.rpm
php-ldap-5.3.3-14.el6_3.i686.rpm
php-mbstring-5.3.3-14.el6_3.i686.rpm
php-mysql-5.3.3-14.el6_3.i686.rpm
php-odbc-5.3.3-14.el6_3.i686.rpm
php-pdo-5.3.3-14.el6_3.i686.rpm
php-pgsql-5.3.3-14.el6_3.i686.rpm
php-process-5.3.3-14.el6_3.i686.rpm
php-pspell-5.3.3-14.el6_3.i686.rpm
php-recode-5.3.3-14.el6_3.i686.rpm
php-snmp-5.3.3-14.el6_3.i686.rpm
php-soap-5.3.3-14.el6_3.i686.rpm
php-tidy-5.3.3-14.el6_3.i686.rpm
php-xml-5.3.3-14.el6_3.i686.rpm
php-xmlrpc-5.3.3-14.el6_3.i686.rpm
php-zts-5.3.3-14.el6_3.i686.rpm
x86_64:
php-5.3.3-14.el6_3.x86_64.rpm
php-bcmath-5.3.3-14.el6_3.x86_64.rpm
php-cli-5.3.3-14.el6_3.x86_64.rpm
php-common-5.3.3-14.el6_3.x86_64.rpm
php-dba-5.3.3-14.el6_3.x86_64.rpm
php-debuginfo-5.3.3-14.el6_3.x86_64.rpm
php-devel-5.3.3-14.el6_3.x86_64.rpm
php-embedded-5.3.3-14.el6_3.x86_64.rpm
php-enchant-5.3.3-14.el6_3.x86_64.rpm
php-gd-5.3.3-14.el6_3.x86_64.rpm
php-imap-5.3.3-14.el6_3.x86_64.rpm
php-intl-5.3.3-14.el6_3.x86_64.rpm
php-ldap-5.3.3-14.el6_3.x86_64.rpm
php-mbstring-5.3.3-14.el6_3.x86_64.rpm
php-mysql-5.3.3-14.el6_3.x86_64.rpm
php-odbc-5.3.3-14.el6_3.x86_64.rpm
php-pdo-5.3.3-14.el6_3.x86_64.rpm
php-pgsql-5.3.3-14.el6_3.x86_64.rpm
php-process-5.3.3-14.el6_3.x86_64.rpm
php-pspell-5.3.3-14.el6_3.x86_64.rpm
php-recode-5.3.3-14.el6_3.x86_64.rpm
php-snmp-5.3.3-14.el6_3.x86_64.rpm
php-soap-5.3.3-14.el6_3.x86_64.rpm
php-tidy-5.3.3-14.el6_3.x86_64.rpm
php-xml-5.3.3-14.el6_3.x86_64.rpm
php-xmlrpc-5.3.3-14.el6_3.x86_64.rpm
php-zts-5.3.3-14.el6_3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/php-5.3.3-14.el6_3.src.rpm
x86_64:
php-cli-5.3.3-14.el6_3.x86_64.rpm
php-common-5.3.3-14.el6_3.x86_64.rpm
php-debuginfo-5.3.3-14.el6_3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/php-5.3.3-14.el6_3.src.rpm
x86_64:
php-5.3.3-14.el6_3.x86_64.rpm
php-bcmath-5.3.3-14.el6_3.x86_64.rpm
php-dba-5.3.3-14.el6_3.x86_64.rpm
php-debuginfo-5.3.3-14.el6_3.x86_64.rpm
php-devel-5.3.3-14.el6_3.x86_64.rpm
php-embedded-5.3.3-14.el6_3.x86_64.rpm
php-enchant-5.3.3-14.el6_3.x86_64.rpm
php-gd-5.3.3-14.el6_3.x86_64.rpm
php-imap-5.3.3-14.el6_3.x86_64.rpm
php-intl-5.3.3-14.el6_3.x86_64.rpm
php-ldap-5.3.3-14.el6_3.x86_64.rpm
php-mbstring-5.3.3-14.el6_3.x86_64.rpm
php-mysql-5.3.3-14.el6_3.x86_64.rpm
php-odbc-5.3.3-14.el6_3.x86_64.rpm
php-pdo-5.3.3-14.el6_3.x86_64.rpm
php-pgsql-5.3.3-14.el6_3.x86_64.rpm
php-process-5.3.3-14.el6_3.x86_64.rpm
php-pspell-5.3.3-14.el6_3.x86_64.rpm
php-recode-5.3.3-14.el6_3.x86_64.rpm
php-snmp-5.3.3-14.el6_3.x86_64.rpm
php-soap-5.3.3-14.el6_3.x86_64.rpm
php-tidy-5.3.3-14.el6_3.x86_64.rpm
php-xml-5.3.3-14.el6_3.x86_64.rpm
php-xmlrpc-5.3.3-14.el6_3.x86_64.rpm
php-zts-5.3.3-14.el6_3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/php-5.3.3-14.el6_3.src.rpm
i386:
php-5.3.3-14.el6_3.i686.rpm
php-cli-5.3.3-14.el6_3.i686.rpm
php-common-5.3.3-14.el6_3.i686.rpm
php-debuginfo-5.3.3-14.el6_3.i686.rpm
php-gd-5.3.3-14.el6_3.i686.rpm
php-ldap-5.3.3-14.el6_3.i686.rpm
php-mysql-5.3.3-14.el6_3.i686.rpm
php-odbc-5.3.3-14.el6_3.i686.rpm
php-pdo-5.3.3-14.el6_3.i686.rpm
php-pgsql-5.3.3-14.el6_3.i686.rpm
php-soap-5.3.3-14.el6_3.i686.rpm
php-xml-5.3.3-14.el6_3.i686.rpm
php-xmlrpc-5.3.3-14.el6_3.i686.rpm
ppc64:
php-5.3.3-14.el6_3.ppc64.rpm
php-cli-5.3.3-14.el6_3.ppc64.rpm
php-common-5.3.3-14.el6_3.ppc64.rpm
php-debuginfo-5.3.3-14.el6_3.ppc64.rpm
php-gd-5.3.3-14.el6_3.ppc64.rpm
php-ldap-5.3.3-14.el6_3.ppc64.rpm
php-mysql-5.3.3-14.el6_3.ppc64.rpm
php-odbc-5.3.3-14.el6_3.ppc64.rpm
php-pdo-5.3.3-14.el6_3.ppc64.rpm
php-pgsql-5.3.3-14.el6_3.ppc64.rpm
php-soap-5.3.3-14.el6_3.ppc64.rpm
php-xml-5.3.3-14.el6_3.ppc64.rpm
php-xmlrpc-5.3.3-14.el6_3.ppc64.rpm
s390x:
php-5.3.3-14.el6_3.s390x.rpm
php-cli-5.3.3-14.el6_3.s390x.rpm
php-common-5.3.3-14.el6_3.s390x.rpm
php-debuginfo-5.3.3-14.el6_3.s390x.rpm
php-gd-5.3.3-14.el6_3.s390x.rpm
php-ldap-5.3.3-14.el6_3.s390x.rpm
php-mysql-5.3.3-14.el6_3.s390x.rpm
php-odbc-5.3.3-14.el6_3.s390x.rpm
php-pdo-5.3.3-14.el6_3.s390x.rpm
php-pgsql-5.3.3-14.el6_3.s390x.rpm
php-soap-5.3.3-14.el6_3.s390x.rpm
php-xml-5.3.3-14.el6_3.s390x.rpm
php-xmlrpc-5.3.3-14.el6_3.s390x.rpm
x86_64:
php-5.3.3-14.el6_3.x86_64.rpm
php-cli-5.3.3-14.el6_3.x86_64.rpm
php-common-5.3.3-14.el6_3.x86_64.rpm
php-debuginfo-5.3.3-14.el6_3.x86_64.rpm
php-gd-5.3.3-14.el6_3.x86_64.rpm
php-ldap-5.3.3-14.el6_3.x86_64.rpm
php-mysql-5.3.3-14.el6_3.x86_64.rpm
php-odbc-5.3.3-14.el6_3.x86_64.rpm
php-pdo-5.3.3-14.el6_3.x86_64.rpm
php-pgsql-5.3.3-14.el6_3.x86_64.rpm
php-soap-5.3.3-14.el6_3.x86_64.rpm
php-xml-5.3.3-14.el6_3.x86_64.rpm
php-xmlrpc-5.3.3-14.el6_3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/php-5.3.3-14.el6_3.src.rpm
i386:
php-bcmath-5.3.3-14.el6_3.i686.rpm
php-dba-5.3.3-14.el6_3.i686.rpm
php-debuginfo-5.3.3-14.el6_3.i686.rpm
php-devel-5.3.3-14.el6_3.i686.rpm
php-embedded-5.3.3-14.el6_3.i686.rpm
php-enchant-5.3.3-14.el6_3.i686.rpm
php-imap-5.3.3-14.el6_3.i686.rpm
php-intl-5.3.3-14.el6_3.i686.rpm
php-mbstring-5.3.3-14.el6_3.i686.rpm
php-process-5.3.3-14.el6_3.i686.rpm
php-pspell-5.3.3-14.el6_3.i686.rpm
php-recode-5.3.3-14.el6_3.i686.rpm
php-snmp-5.3.3-14.el6_3.i686.rpm
php-tidy-5.3.3-14.el6_3.i686.rpm
php-zts-5.3.3-14.el6_3.i686.rpm
ppc64:
php-bcmath-5.3.3-14.el6_3.ppc64.rpm
php-dba-5.3.3-14.el6_3.ppc64.rpm
php-debuginfo-5.3.3-14.el6_3.ppc64.rpm
php-devel-5.3.3-14.el6_3.ppc64.rpm
php-embedded-5.3.3-14.el6_3.ppc64.rpm
php-enchant-5.3.3-14.el6_3.ppc64.rpm
php-imap-5.3.3-14.el6_3.ppc64.rpm
php-intl-5.3.3-14.el6_3.ppc64.rpm
php-mbstring-5.3.3-14.el6_3.ppc64.rpm
php-process-5.3.3-14.el6_3.ppc64.rpm
php-pspell-5.3.3-14.el6_3.ppc64.rpm
php-recode-5.3.3-14.el6_3.ppc64.rpm
php-snmp-5.3.3-14.el6_3.ppc64.rpm
php-tidy-5.3.3-14.el6_3.ppc64.rpm
php-zts-5.3.3-14.el6_3.ppc64.rpm
s390x:
php-bcmath-5.3.3-14.el6_3.s390x.rpm
php-dba-5.3.3-14.el6_3.s390x.rpm
php-debuginfo-5.3.3-14.el6_3.s390x.rpm
php-devel-5.3.3-14.el6_3.s390x.rpm
php-embedded-5.3.3-14.el6_3.s390x.rpm
php-enchant-5.3.3-14.el6_3.s390x.rpm
php-imap-5.3.3-14.el6_3.s390x.rpm
php-intl-5.3.3-14.el6_3.s390x.rpm
php-mbstring-5.3.3-14.el6_3.s390x.rpm
php-process-5.3.3-14.el6_3.s390x.rpm
php-pspell-5.3.3-14.el6_3.s390x.rpm
php-recode-5.3.3-14.el6_3.s390x.rpm
php-snmp-5.3.3-14.el6_3.s390x.rpm
php-tidy-5.3.3-14.el6_3.s390x.rpm
php-zts-5.3.3-14.el6_3.s390x.rpm
x86_64:
php-bcmath-5.3.3-14.el6_3.x86_64.rpm
php-dba-5.3.3-14.el6_3.x86_64.rpm
php-debuginfo-5.3.3-14.el6_3.x86_64.rpm
php-devel-5.3.3-14.el6_3.x86_64.rpm
php-embedded-5.3.3-14.el6_3.x86_64.rpm
php-enchant-5.3.3-14.el6_3.x86_64.rpm
php-imap-5.3.3-14.el6_3.x86_64.rpm
php-intl-5.3.3-14.el6_3.x86_64.rpm
php-mbstring-5.3.3-14.el6_3.x86_64.rpm
php-process-5.3.3-14.el6_3.x86_64.rpm
php-pspell-5.3.3-14.el6_3.x86_64.rpm
php-recode-5.3.3-14.el6_3.x86_64.rpm
php-snmp-5.3.3-14.el6_3.x86_64.rpm
php-tidy-5.3.3-14.el6_3.x86_64.rpm
php-zts-5.3.3-14.el6_3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/php-5.3.3-14.el6_3.src.rpm
i386:
php-5.3.3-14.el6_3.i686.rpm
php-cli-5.3.3-14.el6_3.i686.rpm
php-common-5.3.3-14.el6_3.i686.rpm
php-debuginfo-5.3.3-14.el6_3.i686.rpm
php-gd-5.3.3-14.el6_3.i686.rpm
php-ldap-5.3.3-14.el6_3.i686.rpm
php-mysql-5.3.3-14.el6_3.i686.rpm
php-odbc-5.3.3-14.el6_3.i686.rpm
php-pdo-5.3.3-14.el6_3.i686.rpm
php-pgsql-5.3.3-14.el6_3.i686.rpm
php-soap-5.3.3-14.el6_3.i686.rpm
php-xml-5.3.3-14.el6_3.i686.rpm
php-xmlrpc-5.3.3-14.el6_3.i686.rpm
x86_64:
php-5.3.3-14.el6_3.x86_64.rpm
php-cli-5.3.3-14.el6_3.x86_64.rpm
php-common-5.3.3-14.el6_3.x86_64.rpm
php-debuginfo-5.3.3-14.el6_3.x86_64.rpm
php-gd-5.3.3-14.el6_3.x86_64.rpm
php-ldap-5.3.3-14.el6_3.x86_64.rpm
php-mysql-5.3.3-14.el6_3.x86_64.rpm
php-odbc-5.3.3-14.el6_3.x86_64.rpm
php-pdo-5.3.3-14.el6_3.x86_64.rpm
php-pgsql-5.3.3-14.el6_3.x86_64.rpm
php-soap-5.3.3-14.el6_3.x86_64.rpm
php-xml-5.3.3-14.el6_3.x86_64.rpm
php-xmlrpc-5.3.3-14.el6_3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/php-5.3.3-14.el6_3.src.rpm
i386:
php-bcmath-5.3.3-14.el6_3.i686.rpm
php-dba-5.3.3-14.el6_3.i686.rpm
php-debuginfo-5.3.3-14.el6_3.i686.rpm
php-devel-5.3.3-14.el6_3.i686.rpm
php-embedded-5.3.3-14.el6_3.i686.rpm
php-enchant-5.3.3-14.el6_3.i686.rpm
php-imap-5.3.3-14.el6_3.i686.rpm
php-intl-5.3.3-14.el6_3.i686.rpm
php-mbstring-5.3.3-14.el6_3.i686.rpm
php-process-5.3.3-14.el6_3.i686.rpm
php-pspell-5.3.3-14.el6_3.i686.rpm
php-recode-5.3.3-14.el6_3.i686.rpm
php-snmp-5.3.3-14.el6_3.i686.rpm
php-tidy-5.3.3-14.el6_3.i686.rpm
php-zts-5.3.3-14.el6_3.i686.rpm
x86_64:
php-bcmath-5.3.3-14.el6_3.x86_64.rpm
php-dba-5.3.3-14.el6_3.x86_64.rpm
php-debuginfo-5.3.3-14.el6_3.x86_64.rpm
php-devel-5.3.3-14.el6_3.x86_64.rpm
php-embedded-5.3.3-14.el6_3.x86_64.rpm
php-enchant-5.3.3-14.el6_3.x86_64.rpm
php-imap-5.3.3-14.el6_3.x86_64.rpm
php-intl-5.3.3-14.el6_3.x86_64.rpm
php-mbstring-5.3.3-14.el6_3.x86_64.rpm
php-process-5.3.3-14.el6_3.x86_64.rpm
php-pspell-5.3.3-14.el6_3.x86_64.rpm
php-recode-5.3.3-14.el6_3.x86_64.rpm
php-snmp-5.3.3-14.el6_3.x86_64.rpm
php-tidy-5.3.3-14.el6_3.x86_64.rpm
php-zts-5.3.3-14.el6_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2010-2950.html
https://www.redhat.com/security/data/cve/CVE-2011-4153.html
https://www.redhat.com/security/data/cve/CVE-2012-0057.html
https://www.redhat.com/security/data/cve/CVE-2012-0781.html
https://www.redhat.com/security/data/cve/CVE-2012-0789.html
https://www.redhat.com/security/data/cve/CVE-2012-1172.html
https://www.redhat.com/security/data/cve/CVE-2012-2143.html
https://www.redhat.com/security/data/cve/CVE-2012-2336.html
https://www.redhat.com/security/data/cve/CVE-2012-2386.html
https://access.redhat.com/security/updates/classification/#moderate
https://rhn.redhat.com/errata/RHSA-2012-0546.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFP6yxRXlSAg2UNWIIRAqlmAKCLhNreR9eJ9DMLQgGynQ1AR57OhwCeNCjP
5dEIaw64iUF1AYJgb6tOHK0=
=KioB
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03839862
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03839862
Version: 1
HPSBMU02900 rev.1 - HP System Management Homepage (SMH) running on Linux and
Windows, Multiple Remote and Local Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2013-07-18
Last Updated: 2013-07-18
Potential Security Impact: Local Denial of Service (DoS), remote Denial of
Service (DoS), execution of arbitrary code, gain extended privileges,
disclosure of information, unauthorized access, XSS
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP System
Management Homepage (SMH) running on Linux and Windows. The vulnerabilities
could be exploited remotely resulting in Local Denial of Service (DoS),
remote Denial of Service (DoS), execution of arbitrary code, gain privileges,
disclosure of information, unauthorized access, or XSS.
References:
CVE-2011-3389 (SSRT100740) Remote disclosure of information
CVE-2012-0883 (SSRT101209) Remote gain extended privileges
CVE-2012-2110 (SSRT101210) Remote Denial of Service (DoS)
CVE-2012-2311 (SSRT100992) Remote execution of arbitrary code
CVE-2012-2329 (SSRT100992) Remote Denial of Service (DoS)
CVE-2012-2335 (SSRT100992) Remote execution of arbitrary code
CVE-2012-2336 (SSRT100992) Remote Denial of Service (DoS)
CVE-2013-2355 (SSRT100696) Remote unauthorized Access
CVE-2013-2356 (SSRT100835) Remote disclosure of information
CVE-2013-2357 (SSRT100907) Remote Denial of Service (DoS)
CVE-2013-2358 (SSRT100907) Remote Denial of Service (DoS)
CVE-2013-2359 (SSRT100907) Remote Denial of Service (DoS)
CVE-2013-2360 (SSRT100907) Remote Denial of Service (DoS)
CVE-2013-2361 (SSRT101007) XSS
CVE-2013-2362 (SSRT101076, ZDI-CAN-1676) Local Denial of Service (DoS)
CVE-2013-2363 (SSRT101150) Remote disclosure of information
CVE-2013-2364 (SSRT101151) XSS
CVE-2013-5217 (SSRT101137) Remote unauthorized access
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP System Management Homepage (SMH) v7.2.0 and earlier running on Linux and
Windows.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2012-0883 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9
CVE-2012-2110 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-2311 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-2329 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2012-2335 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-2336 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2013-2355 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2013-2356 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8
CVE-2013-2357 (AV:N/AC:M/Au:S/C:N/I:N/A:C) 6.3
CVE-2013-2358 (AV:N/AC:M/Au:S/C:N/I:N/A:C) 6.3
CVE-2013-2359 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5
CVE-2013-2360 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5
CVE-2013-2361 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2013-2362 (AV:L/AC:H/Au:S/C:N/I:N/A:P) 1.0
CVE-2013-2363 (AV:N/AC:H/Au:N/C:C/I:N/A:P) 6.1
CVE-2013-2364 (AV:N/AC:L/Au:S/C:N/I:N/A:P) 4.0
CVE-2013-5217 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks agix for working with the TippingPoint
Zero Day Initiative to report vulnerability CVE-2013-2362 to
security-alert@hp.com
RESOLUTION
HP has made System Management Homepage (SMH) v7.2.1 or subsequent available
for Windows and Linux to resolve the vulnerabilities.
Information and updates for SMH can be found at the following location:
http://h18013.www1.hp.com/products/servers/management/agents/index.html
HISTORY
Version:1 (rev.1) - 18 July 2013 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits;damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
_______________________________________________________________________
Problem Description:
A vulnerability has been found and corrected in php(-cgi):
PHP-CGI-based setups contain a vulnerability when parsing query string
parameters from php files. The
updated packages provides the latest version (5.3.13) which provides
a solution to this flaw. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFPq4WAmqjQ0CJFipgRAihWAKCc3667vbSD/ihxb7LB9g9x2C+bnQCg89XH
JTVUFGYH3hR84ZM7EV65I9g=
=hQaF
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
|
var-201903-0424
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of fonts. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. WebKit is prone to the following multiple security vulnerabilities:
1. Multiple remote code-execution vulnerabilities
2. A cross-site scripting vulnerability
3. Multiple memory corruption vulnerabilities
Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. tvOS is a smart TV operating system. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 12.1.3; tvOS prior to 12.1.2; Safari prior to 12.0.3; Windows-based iCloud prior to 7.10. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-1-22-4 tvOS 12.1.2
tvOS 12.1.2 is now available and addresses the following:
AppleKeyStore
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-6235: Brandon Azad
CoreAnimation
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team
CoreAnimation
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan
Team
FaceTime
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2019-6224: Natalie Silvanovich of Google Project Zero
IOKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to break out of its
sandbox
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2019-6214: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to elevate privileges
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-6225: Brandon Azad of Google Project Zero, Qixun Zhao of
Qihoo 360 Vulcan Team
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-6210: Ned Williamson of Google
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may cause unexpected changes in
memory shared between processes
Description: A memory corruption issue was addressed with improved
lock state checking.
CVE-2019-6205: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-6213: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to determine kernel
memory layout
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory.
CVE-2019-6209: Brandon Azad of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may cause unexpected changes in
memory shared between processes
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2019-6208: Jann Horn of Google Project Zero
libxpc
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-6218: Ian Beer of Google Project Zero
SQLite
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-6212: an anonymous researcher, Wen Xu of SSLab at Georgia
Tech
CVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day
Initiative
CVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day
Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan
Team
CVE-2019-6226: Apple
Additional recognition
mDNSResponder
We would like to acknowledge Fatemah Alharbi of University of
California, Riverside (UCR) and Taibah University (TU), Feng Qian of
University of Minnesota - Twin City, Jie Chang of LinkSure Network,
Nael Abu-Ghazaleh of University of California, Riverside (UCR),
Yuchen Zhou of Northeastern University, and Zhiyun Qian of University
of California, Riverside (UCR) for their assistance.
WebKit
We would like to acknowledge James Lee (@Windowsrcer) of Kryptos
Logic for their assistance.
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlxHSSgpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3H22Q/+
PKUpdAiTuY9INzQcN53qh0p0MKPEjbBmMfEeN7jB1yKoO9e7JSMHpVt5znw106Rp
AJEzEsCYspVnAo7aWwcNygGamgNo8J/PJCGso4+drltefWa6XcInsTJ9iIk/sZCV
iHgqz0qYZFSziaL0KecMjNK35CSTJQ/qnVv5fkRXOazRpFB0Zcp3ZINb72l5zPND
CI2HkJMtGCbrUnN8OJvdFWLo7uXGIQEC3c4dlx/x8m/UtkO3Jsro1qOqTdLEKvaG
6Atj3cFVOnd/SM4geleBOe536hHPsgwTtctkNlKk8JE8CryjEarR+vpb6yRAt1Wx
U0ykaXiRPyqadHhoOjtiSIpGZstOZ3lG0VLykhDAj/J2Mu5rwiFjdM4G0wRV0DE/
jVH/NxzoMRM+226T33bY2fM8SwtTsRw0gZyytZG2iIw1xT44ajvN6KTiR+M74h+J
yYXw357yMvtOwhdnQ/Npk04OCiHvYr+Rr4spSSyJG6FkBINGL2uIx2p4GgxRFzjV
akGElyRXa6WyKbILktAQz/JF6TGQvhhqBxjOmdF04Vs1gOA9h3sM64PsJlSVhx8A
Nhvh9DjFMdBVd5es0sfCqtksWFETGnwi2kNhPc6AHAKlkgGntbR6Krc98JnxkTT+
buDgLRHED0aOFpnXiQ0lADYKLrHQoQFiM1btKUoHM94=ouaJ
-----END PGP SIGNATURE-----
.
Installation note:
Safari 12.0.3 may be obtained from the Mac App Store. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201903-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 14, 2019
Bugs: #672108, #674702, #678334
ID: 201903-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in the arbitrary execution of code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.22.6 >= 2.22.6
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.22.6"
References
==========
[ 1 ] CVE-2019-6212
https://nvd.nist.gov/vuln/detail/CVE-2019-6212
[ 2 ] CVE-2019-6215
https://nvd.nist.gov/vuln/detail/CVE-2019-6215
[ 3 ] CVE-2019-6216
https://nvd.nist.gov/vuln/detail/CVE-2019-6216
[ 4 ] CVE-2019-6217
https://nvd.nist.gov/vuln/detail/CVE-2019-6217
[ 5 ] CVE-2019-6226
https://nvd.nist.gov/vuln/detail/CVE-2019-6226
[ 6 ] CVE-2019-6227
https://nvd.nist.gov/vuln/detail/CVE-2019-6227
[ 7 ] CVE-2019-6229
https://nvd.nist.gov/vuln/detail/CVE-2019-6229
[ 8 ] CVE-2019-6233
https://nvd.nist.gov/vuln/detail/CVE-2019-6233
[ 9 ] CVE-2019-6234
https://nvd.nist.gov/vuln/detail/CVE-2019-6234
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201903-12
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2019 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ------------------------------------------------------------------------
WebKitGTK+ and WPE WebKit Security Advisory WSA-2019-0001
------------------------------------------------------------------------
Date reported : February 08, 2019
Advisory ID : WSA-2019-0001
WebKitGTK+ Advisory URL :
https://webkitgtk.org/security/WSA-2019-0001.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2019-0001.html
CVE identifiers : CVE-2019-6212, CVE-2019-6215, CVE-2019-6216,
CVE-2019-6217, CVE-2019-6226, CVE-2019-6227,
CVE-2019-6229, CVE-2019-6233, CVE-2019-6234.
CVE-2019-6212
Versions affected: WebKitGTK+ before 2.22.6 and WPE WebKit before
2.22.4.
Credit to an anonymous researcher.
CVE-2019-6215
Versions affected: WebKitGTK+ before 2.22.6 and WPE WebKit before
2.22.4.
Credit to Lokihardt of Google Project Zero.
CVE-2019-6216
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Credit to Fluoroacetate working with Trend Micro's Zero Day
Initiative.
CVE-2019-6217
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Credit to Fluoroacetate working with Trend Micro's Zero Day
Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan
Team.
CVE-2019-6226
Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0.
Credit to Apple.
CVE-2019-6227
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Credit to Qixun Zhao of Qihoo 360 Vulcan Team.
CVE-2019-6229
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Credit to Ryan Pickren.
CVE-2019-6233
Versions affected: WebKitGTK+ before 2.22.4 and WPE WebKit before
2.22.2.
Credit to G. Geshev from MWR Labs working with Trend Micro's Zero
Day Initiative.
CVE-2019-6234
Versions affected: WebKitGTK+ before 2.22.4 and WPE WebKit before
2.22.2.
Credit to G. Geshev from MWR Labs working with Trend Micro's Zero
Day Initiative.
We recommend updating to the latest stable versions of WebKitGTK+ and
WPE WebKit. It is the best way to ensure that you are running safe
versions of WebKit. Please check our websites for information about the
latest stable releases.
The WebKitGTK+ and WPE WebKit team,
February 08, 2019
|
|
var-201401-0254
|
The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. OpenSSL is prone to multiple security-bypass vulnerabilities.
Successfully exploiting these issues may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
OpenSSL versions 0.9.8y, and 1.0.0 through 1.0.1e are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04239372
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04239372
Version: 4
HPSBMU02998 rev.4 - HP System Management Homepage (SMH) running OpenSSL on
Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2014-04-13
Last Updated: 2014-05-13
Potential Security Impact: Remote disclosure of information, Denial of
Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP System
Management Homepage (SMH) running on Linux and Windows. The vulnerabilities
could be exploited remotely resulting in Denial of Service (DoS). Also
included is the OpenSSL vulnerability known as "Heartbleed" which could be
exploited remotely resulting in disclosure of information.
References:
CVE-2014-0160 (SSRT101501) Disclosure of Information - "Heartbleed"
CVE-2013-4353 Denial of Service (DoS)
CVE-2013-6449 Denial of Service (DoS)
CVE-2013-6450 Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP System Management Homepage (SMH) v7.1.2, v7.2, v7.2.1, v7.2.2, v7.3,
v7.3.1 for Linux and Windows.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2013-4353 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2013-6449 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2013-6450 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8
CVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve the
vulnerabilities for the impacted versions of HP System Management Homepage
(SMH):
Product version/Platform
Download Location
SMH 7.2.3 Windows x86
http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52
SMH 7.2.3 Windows x64
http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37
SMH 7.3.2.1(B) Windows x86
http://www.hp.com/swpublishing/MTX-27e03b2f9cd24e77adc9dba94a
SMH 7.3.2.1(B) Windows x64
http://www.hp.com/swpublishing/MTX-37075daeead2433cb41b59ae76
SMH 7.3.2 Linux x86
http://www.hp.com/swpublishing/MTX-3d92ccccf85f404e8ba36a8178
SMH 7.3.2 Linux x64
http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37
Notes
SMH 7.2.3 recommended for customers running Windows 2003 OS
Updated OpenSSL to version 1.0.1g
Note: If you believe your SMH installation was exploited while it was running
components vulnerable to heartbleed, there are some steps to perform after
youve upgraded to the non-vulnerable components. These steps include
revoking, recreating, and re-importing certificates and resetting passwords
that might have been harvested by a malicious attacker using the heartbleed
vulnerability.
Impact on VCA - VCRM communication: VCA configures VCRM by importing the SMH
certificate from the SMH of VCA into the SMH of VCRM. When this certificate
is deleted & regenerated (as suggested before), it needs to be (re)imported
if the user wants to continue with Trust by Certificate option, and the
outdated certificate should be revoked (deleted) from each location where it
was previously imported.
If you use HPSIMs 2-way trust feature, and have imported SMH certificates
into HPSIM, you will also need to revoke those SMH certificated from HPSIM
and reimport the newly created SMH certificates.
Though SMH uses OS credentials using OS-based APIs, user provided credentials
are passed from the client (browser) to the server (SMH) using the HTTPS
protocol. If you suspect your systems using SMH were exploited while they
were vulnerable to heartbleed, these passwords need to be reset.
Frequently Asked Questions
Will updated systems require a reboot after applying the SMH patch?
No, reboot of the system will not be required. Installing the new build is
sufficient to get back to the normal state.
Is a Firmware Update necessary in addition to the SMH patch?
No, only the SMH update is sufficient to remove the heartbleed-vulnerable
version of SMH.
Will new certificates be issued along with the patch, or need to be handled
separately?
If you suspect the certificate has been compromised due to this
vulnerability, we do recommend to delete and revoke the certificate, or SMH
will reuse the existing certificate. New certificate will be created when SMH
service starts (at the end of the fresh / upgrade installation). Instructions
on deleting the certificate are in the notes above.
Where can I get SMH documentation?
All major documents are available at:
http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library
Select HP Insight Management under Product and Solutions & check HP System
Management Homepage to get SMH related documents.
What are the recommended upgrade paths?
See the table below:
SMH
DVD
SPP
Recommended SMH update for Linux
Recommended SMH update for Windows 2003 and Widows 2003 R2
Recommended SMH update for other Windows OS versions
v7.1.2
v7.1.2
2012.10.0
v7.3.2
v7.2.3
v7.3.2
v7.2.0
v7.2.0
2013.02.0(B)
v7.3.2
v7.2.3
v7.3.2
v7.2.1
v7.2u1
v7.3.2
v7.2.3
v7.3.2
v7.2.2
v7.2u2
2013.09.0(B)
v7.3.2
v7.2.3
v7.3.2
v7.3.0
v7.3.0
v7.3.2
not supported
v7.3.2
v7.3.1
v7.3.1
2014.02.0
v7.3.2
not supported
v7.3.2
How can I verify whether my setup is patched successfully?
SMH version can be verified by executing following command on:
Windows: hp\hpsmh\bin\smhlogreader version
Linux: /opt/hp/hpsmh/bin/smhlogreader version
Will VCA-VCRM communication be impacted due to the SMH certificate being
deleted?
VCA configures VCRM by importing the SMH certificate (sslshare\cert.pem) from
the SMH of VCA to the SMH of VCRM. When this certificate is deleted &
regenerated (as suggested before), it needs to be (re)imported if user wants
to continue with Trust by Certificate option, and remove the old, previously
imported certificate.
Should I reset password on all managed nodes, where SMH was/is running?
Though SMH uses OS credentials using OS based APIs, user-provided credentials
are passed from the client (browser) to the server (SMH) using the HTTPS
protocol. Passwords need to be reset if you suspect the vulnerable version of
SMH was exploited by malicious users/ hackers.
HISTORY
Version:1 (rev.1) - 13 April 2014 Initial release
Version:2 (rev.2) - 17 April 2014 SMH 7.2.3 and 7.3.2 released
Version:3 (rev.3) - 30 April 2014 SMH 7.3.2.1(B) released
Version:4 (rev.4) - 13 May 2014 Added additional remediation steps for post
update installation
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlNyLMAACgkQ4B86/C0qfVm6RQCg4JuHEt+iZq+td37hPIp27qrd
fm4AoKM1d7+F05Xo87Bicnmh0OHidg/O
=bK11
-----END PGP SIGNATURE-----
. ==========================================================================
Ubuntu Security Notice USN-2079-1
January 09, 2014
openssl vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.10
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL. (CVE-2013-4353)
Ron Barber discovered that OpenSSL used an incorrect data structure to
obtain a version number. (CVE-2013-6449)
Dmitry Sobinov discovered that OpenSSL incorrectly handled certain DTLS
retransmissions. (CVE-2013-6450)
This update also disables the default use of the RdRand feature of certain
Intel CPUs as the sole source of entropy.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.10:
libssl1.0.0 1.0.1e-3ubuntu1.1
Ubuntu 13.04:
libssl1.0.0 1.0.1c-4ubuntu8.2
Ubuntu 12.10:
libssl1.0.0 1.0.1c-3ubuntu2.6
Ubuntu 12.04 LTS:
libssl1.0.0 1.0.1-4ubuntu5.11
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2079-1
CVE-2013-4353, CVE-2013-6449, CVE-2013-6450
Package Information:
https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.1
https://launchpad.net/ubuntu/+source/openssl/1.0.1c-4ubuntu8.2
https://launchpad.net/ubuntu/+source/openssl/1.0.1c-3ubuntu2.6
https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.11
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-14:03.openssl Security Advisory
The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib
Module: openssl
Announced: 2014-01-14
Affects: FreeBSD 10.0 prior to 10.0-RC5
Corrected: 2014-01-07 20:04:41 UTC (stable/10, 10.0-PRERELEASE)
2014-01-07 20:06:20 UTC (releng/10.0, 10.0-RC5)
2014-01-07 20:06:20 UTC (releng/10.0, 10.0-RC4-p1)
2014-01-07 20:06:20 UTC (releng/10.0, 10.0-RC3-p1)
2014-01-07 20:06:20 UTC (releng/10.0, 10.0-RC2-p1)
2014-01-07 20:06:20 UTC (releng/10.0, 10.0-RC1-p1)
CVE Name: CVE-2013-4353, CVE-2013-6449, CVE-2013-6450
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is
a collaborative effort to develop a robust, commercial-grade, full-featured
Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols as well as a full-strength
general purpose cryptography library.
II. Problem Description
A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL
pointer exception. [CVE-2013-4353]
A flaw in DTLS handling can cause an application using OpenSSL and DTLS to
crash. [CVE-2013-6450]
A flaw in OpenSSL can cause an application using OpenSSL to crash when using
TLS version 1.2. [CVE-2013-6449]
III.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch http://security.FreeBSD.org/patches/SA-14:03/openssl.patch
# fetch http://security.FreeBSD.org/patches/SA-14:03/openssl.patch.asc
# gpg --verify openssl.patch.asc
b) Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
Recompile the operating system using buildworld and installworld as
described in <URL:http://www.FreeBSD.org/handbook/makeworld.html>.
Restart all deamons using the library, or reboot the system.
3) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r260404
releng/10.0/ r260405
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201412-39
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: OpenSSL: Multiple vulnerabilities
Date: December 26, 2014
Bugs: #494816, #519264, #525468
ID: 201412-39
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in OpenSSL, the worst of which
could result in Denial of Service or Man-in-the-Middle attacks.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.1j *>= 0.9.8z_p2
>= 1.0.1j
Description
===========
Multiple vulnerabilities have been discovered in OpenSSL. Please review
the CVE identifiers referenced below for details.
Resolution
==========
All OpenSSL 1.0.1 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1j"
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8z_p2"
Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying these packages.
References
==========
[ 1 ] CVE-2013-6449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6449
[ 2 ] CVE-2013-6450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6450
[ 3 ] CVE-2014-3505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3505
[ 4 ] CVE-2014-3506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3506
[ 5 ] CVE-2014-3507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3507
[ 6 ] CVE-2014-3509
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3509
[ 7 ] CVE-2014-3510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3510
[ 8 ] CVE-2014-3511
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3511
[ 9 ] CVE-2014-3512
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3512
[ 10 ] CVE-2014-3513
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3513
[ 11 ] CVE-2014-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3567
[ 12 ] CVE-2014-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3568
[ 13 ] CVE-2014-5139
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5139
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-39.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] openssl (SSA:2014-013-02)
New openssl packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/openssl-1.0.1f-i486-1_slack14.1.txz: Upgraded.
This update fixes the following security issues:
Fix for TLS record tampering bug CVE-2013-4353
Fix for TLS version checking bug CVE-2013-6449
Fix for DTLS retransmission bug CVE-2013-6450
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
(* Security fix *)
patches/packages/openssl-solibs-1.0.1f-i486-1_slack14.1.txz: Upgraded.
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated packages for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1f-i486-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1f-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1f-x86_64-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1f-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1f-i486-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1f-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1f-x86_64-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1f-x86_64-1_slack14.1.txz
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1f-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1f-i486-1.txz
Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1f-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1f-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 13.0 packages:
f059432e11a6b17643e7b8f1d78c5ce3 openssl-0.9.8y-i486-1_slack13.0.txz
46c623b2e58053d308b3d9eb735be26b openssl-solibs-0.9.8y-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages:
4fb6f07f85ec4ea26cc67d8b1c037fa9 openssl-0.9.8y-x86_64-1_slack13.0.txz
55bafd74f182806b1dcd076f31683743 openssl-solibs-0.9.8y-x86_64-1_slack13.0.txz
Slackware 13.1 packages:
9713a64881622c63d0756ec9a5914980 openssl-0.9.8y-i486-1_slack13.1.txz
5d8e3984389bd080bc37b9d1276c7a7d openssl-solibs-0.9.8y-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages:
821c76387f3ffa388af9e5bf81185758 openssl-0.9.8y-x86_64-1_slack13.1.txz
b6d525a53b4cda641166f19ee70a9650 openssl-solibs-0.9.8y-x86_64-1_slack13.1.txz
Slackware 13.37 packages:
5195be05b85f5eb2bd4bf9ebf0a73ff9 openssl-0.9.8y-i486-1_slack13.37.txz
5248a839148fa91de52361335dc051f5 openssl-solibs-0.9.8y-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages:
15e13676d0def5f0dac1e7a4704e0016 openssl-0.9.8y-x86_64-1_slack13.37.txz
d4e5bd308d2e918c6bd7616343370c49 openssl-solibs-0.9.8y-x86_64-1_slack13.37.txz
Slackware 14.0 packages:
1bb0907950c9f573899db21db15eb2b7 openssl-1.0.1f-i486-1_slack14.0.txz
677d7a6f86c4ae1ba507de9e9efba2f0 openssl-solibs-1.0.1f-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages:
e006bdbf032de2a5b6b6a3304e96473f openssl-1.0.1f-x86_64-1_slack14.0.txz
56958f463cc6e78451c9096a266d9085 openssl-solibs-1.0.1f-x86_64-1_slack14.0.txz
Slackware 14.1 packages:
e0c4e52c930fb32aa4ddf23079ac1e42 openssl-1.0.1f-i486-1_slack14.1.txz
3e51d8f2c1a9b763f037aa8dd51ad548 openssl-solibs-1.0.1f-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages:
2f18bac7c335eab1251decd15d8fce4c openssl-1.0.1f-x86_64-1_slack14.1.txz
a61b7c01a06974b55a692c7359d16183 openssl-solibs-1.0.1f-x86_64-1_slack14.1.txz
Slackware -current packages:
c07a84c4dc4dd27cc0c452fb650f2b5b a/openssl-solibs-1.0.1f-i486-1.txz
454153984c2d8bb76ff631416cc3550a n/openssl-1.0.1f-i486-1.txz
Slackware x86_64 -current packages:
9bef5de5f7d04d5c4fdd5ad62801472e a/openssl-solibs-1.0.1f-x86_64-1.txz
6523e9d4befa8e1531ffd5a9377c897b n/openssl-1.0.1f-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg openssl-1.0.1f-i486-1_slack14.1.txz openssl-solibs-1.0.1f-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address.
For the stable distribution (wheezy), these problems have been fixed in
version 1.0.1e-2+deb7u1.
For the unstable distribution (sid), these problems have been fixed in
version 1.0.1e-5.
We recommend that you upgrade your openssl packages.
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 1/X86_64:
0a21492e02429e199dfc88e8d502de88 mbs1/x86_64/lib64openssl1.0.0-1.0.0k-1.1.mbs1.x86_64.rpm
13eaad31a74bb167ce0d661eb25b5ca1 mbs1/x86_64/lib64openssl-devel-1.0.0k-1.1.mbs1.x86_64.rpm
fca41114d79983a4d7600ba9a97cea3f mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0k-1.1.mbs1.x86_64.rpm
acaf2f9638cf2bafeeb3a0aebc173e85 mbs1/x86_64/lib64openssl-static-devel-1.0.0k-1.1.mbs1.x86_64.rpm
8d7142a0c95315a29de750e2e29f2174 mbs1/x86_64/openssl-1.0.0k-1.1.mbs1.x86_64.rpm
35c5ec534b80c03ae237526e75c52c18 mbs1/SRPMS/openssl-1.0.0k-1.1.mbs1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security |
|
var-201806-1449
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.4; Safari prior to 11.1.1; Windows-based iCloud prior to 7.5; Windows-based iTunes prior to 12.7.5; tvOS prior to 11.4; watchOS 4.3. 1 previous version. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-7-23-4 Additional information for
APPLE-SA-2018-06-01-6 tvOS 11.4
tvOS 11.4 addresses the following:
Bluetooth
Available for: Apple TV 4K
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This
issue was addressed with improved input validation.
CVE-2018-5383: Lior Neumann and Eli Biham
Entry added July 23, 2018
Crash Reporter
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
error handling.
CVE-2018-4206: Ian Beer of Google Project Zero
FontParser
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2018-4241: Ian Beer of Google Project Zero
CVE-2018-4243: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4249: Kevin Backhouse of Semmle Ltd.
libxpc
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to gain elevated privileges
Description: A logic issue was addressed with improved validation.
CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
Messages
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A local user may be able to conduct impersonation attacks
Description: An injection issue was addressed with improved input
validation.
CVE-2018-4235: Anurodh Pokharel of Salesforce.com
Messages
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted message may lead to a denial
of service
Description: This issue was addressed with improved message
validation.
CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd
Security
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A local user may be able to read a persistent device
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4224: Abraham Masri (@cheesecakeufo)
Security
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A local user may be able to read a persistent account
identifier
Description: An authorization issue was addressed with improved state
management.
CVE-2018-4223: Abraham Masri (@cheesecakeufo)
UIKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted text file may lead to a
denial of service
Description: A validation issue existed in the handling of text. This
issue was addressed with improved validation of text.
CVE-2018-4198: Hunter Byrnes
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Visiting a maliciously crafted website may lead to cookies
being overwritten
Description: A permissions issue existed in the handling of web
browser cookies. This issue was addressed with improved restrictions.
CVE-2018-4232: an anonymous researcher, Aymeric Chaib
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A race condition was addressed with improved locking.
CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat
of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4214: found by OSS-Fuzz
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working
with Trend Micro's Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4246: found by OSS-Fuzz
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2018-4200: Ivan Fratric of Google Project Zero
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4201: an anonymous researcher
CVE-2018-4218: Natalie Silvanovich of Google Project Zero
CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero
Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils
of MWR Labs working with Trend Micro's Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Visiting a maliciously crafted website may leak sensitive
data
Description: Credentials were unexpectedly sent when fetching CSS
mask images. This was addressed by using a CORS-enabled fetch method.
CVE-2018-4190: Jun Kokatsu (@shhnjk)
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4222: Natalie Silvanovich of Google Project Zero
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUsiMACgkQ8ecVjteJ
iCYcZBAAusSQ6lM5Qebyc48iNEu/DUrOwUVyN6MNjo0699Xm+kbu+0u/JQNf75jw
ZeelK31NLRyRx9BuK7u4J20gi+hsWI7N9wtVkeOaPiE/Ha45uEVaJ6lSSJOIZ3rZ
oXb4PiL8+bSukiRgBvFhnxDwGCGefg8udRjtONRlCuMvyZAY09LT6cgZOXSEJEbF
ecVmvDAEEwH1hcTV7PJbQ4nCkv97DA8dPVTbUUbtPXCOPYjsClz1JSUubOSDw3d4
7tq4pfs6ZJFZCE8JFJFY+CCIWuE1FppTE7FVJVfFdpAri+prTeGZJppzEjJDZR2g
4lCOyx926Mp5tqZx6WZc1Xkz8LJaZbEWPrfGW4wKMFIC7WPwhyi7y2NqVfcjbubW
aOsfQFwbCx9KlfOfUMJtbAaha7TBiDJV5u2PMILL3ct2BRX+LqEUrlrR1uwhF5VZ
npPX9cEwMbWRCj7QJC9bmRT1mPYKD+sK5HqBc7Ftp3NYv1hjhEz6iVcF7HYY9T2j
aYzvsXaMilihEaDRu4H/0wLX4abUrOtUwFowuehUkNF30cgBrtyWcJl6K6/WaW2C
IdmF0IB4T4MRWyPKY2r1A+rBerCaoxb0IBucOP9JO4V1uDrCoHdxEL9LfjXlz/tx
CiPvy4EaV2aIDjSfkf75IXtHx2ueIFfdTGVH1OEdX9JoCSqNRPQ=
=8ofX
-----END PGP SIGNATURE-----
.
Alternatively, on your watch, select "My Watch > General > About" |
|
var-202201-0405
|
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. vim/vim Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: vim security update
Advisory ID: RHSA-2022:0894-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:0894
Issue date: 2022-03-15
CVE Names: CVE-2022-0261 CVE-2022-0318 CVE-2022-0359
CVE-2022-0361 CVE-2022-0392 CVE-2022-0413
====================================================================
1. Summary:
An update for vim is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
Vim (Vi IMproved) is an updated and improved version of the vi editor.
Security Fix(es):
* vim: Heap-based buffer overflow in block_insert() in src/ops.c
(CVE-2022-0261)
* vim: Heap-based buffer overflow in utf_head_off() in mbyte.c
(CVE-2022-0318)
* vim: Heap-based buffer overflow in init_ccline() in ex_getln.c
(CVE-2022-0359)
* vim: Illegal memory access when copying lines in visual mode leads to
heap buffer overflow (CVE-2022-0361)
* vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c
(CVE-2022-0392)
* vim: Use after free in src/ex_cmds.c (CVE-2022-0413)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
aarch64:
vim-X11-8.0.1763-16.el8_5.12.aarch64.rpm
vim-X11-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
vim-common-8.0.1763-16.el8_5.12.aarch64.rpm
vim-common-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
vim-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
vim-debugsource-8.0.1763-16.el8_5.12.aarch64.rpm
vim-enhanced-8.0.1763-16.el8_5.12.aarch64.rpm
vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
vim-minimal-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
noarch:
vim-filesystem-8.0.1763-16.el8_5.12.noarch.rpm
ppc64le:
vim-X11-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-X11-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-common-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-common-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-debugsource-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-enhanced-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-minimal-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
s390x:
vim-X11-8.0.1763-16.el8_5.12.s390x.rpm
vim-X11-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
vim-common-8.0.1763-16.el8_5.12.s390x.rpm
vim-common-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
vim-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
vim-debugsource-8.0.1763-16.el8_5.12.s390x.rpm
vim-enhanced-8.0.1763-16.el8_5.12.s390x.rpm
vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
vim-minimal-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
x86_64:
vim-X11-8.0.1763-16.el8_5.12.x86_64.rpm
vim-X11-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
vim-common-8.0.1763-16.el8_5.12.x86_64.rpm
vim-common-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
vim-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
vim-debugsource-8.0.1763-16.el8_5.12.x86_64.rpm
vim-enhanced-8.0.1763-16.el8_5.12.x86_64.rpm
vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
vim-minimal-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
vim-8.0.1763-16.el8_5.12.src.rpm
aarch64:
vim-X11-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
vim-common-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
vim-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
vim-debugsource-8.0.1763-16.el8_5.12.aarch64.rpm
vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
vim-minimal-8.0.1763-16.el8_5.12.aarch64.rpm
vim-minimal-debuginfo-8.0.1763-16.el8_5.12.aarch64.rpm
ppc64le:
vim-X11-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-common-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-debugsource-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-minimal-8.0.1763-16.el8_5.12.ppc64le.rpm
vim-minimal-debuginfo-8.0.1763-16.el8_5.12.ppc64le.rpm
s390x:
vim-X11-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
vim-common-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
vim-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
vim-debugsource-8.0.1763-16.el8_5.12.s390x.rpm
vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
vim-minimal-8.0.1763-16.el8_5.12.s390x.rpm
vim-minimal-debuginfo-8.0.1763-16.el8_5.12.s390x.rpm
x86_64:
vim-X11-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
vim-common-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
vim-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
vim-debugsource-8.0.1763-16.el8_5.12.x86_64.rpm
vim-enhanced-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
vim-minimal-8.0.1763-16.el8_5.12.x86_64.rpm
vim-minimal-debuginfo-8.0.1763-16.el8_5.12.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-0261
https://access.redhat.com/security/cve/CVE-2022-0318
https://access.redhat.com/security/cve/CVE-2022-0359
https://access.redhat.com/security/cve/CVE-2022-0361
https://access.redhat.com/security/cve/CVE-2022-0392
https://access.redhat.com/security/cve/CVE-2022-0413
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. Description:
Red Hat Openshift GitOps is a declarative way to implement continuous
deployment for cloud native applications. Bugs fixed (https://bugzilla.redhat.com/):
2062751 - CVE-2022-24730 argocd: path traversal and improper access control allows leaking out-of-bound files
2062755 - CVE-2022-24731 argocd: path traversal allows leaking out-of-bound files
2064682 - CVE-2022-1025 Openshift-Gitops: Improper access control allows admin privilege escalation
5. This update provides security fixes, bug
fixes, and updates the container images. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.4.3 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which provide some security fixes and bug fixes.
See the following Release Notes documentation, which will be updated
shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/
Security updates:
* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
* nats-server: misusing the "dynamically provisioned sandbox accounts"
feature authenticated user can obtain the privileges of the System account
(CVE-2022-24450)
* nanoid: Information disclosure via valueOf() function (CVE-2021-23566)
* nodejs-shelljs: improper privilege management (CVE-2022-0144)
* search-ui-container: follow-redirects: Exposure of Private Personal
Information to an Unauthorized Actor (CVE-2022-0155)
* node-fetch: exposure of sensitive information to an unauthorized actor
(CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization
Header leak (CVE-2022-0536)
* openssl: Infinite loop in BN_mod_sqrt() reachable when parsing
certificates (CVE-2022-0778)
* imgcrypt: Unauthorized access to encryted container image on a shared
system due to missing check in CheckAuthorization() code path
(CVE-2022-24778)
* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
* opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190)
Related bugs:
* RHACM 2.4.3 image files (BZ #2057249)
* Observability - dashboard name contains `/` would cause error when
generating dashboard cm (BZ #2032128)
* ACM application placement fails after renaming the application name (BZ
#2033051)
* Disable the obs metric collect should not impact the managed cluster
upgrade (BZ #2039197)
* Observability - cluster list should only contain OCP311 cluster on OCP311
dashboard (BZ #2039820)
* The value of name label changed from clusterclaim name to cluster name
(BZ #2042223)
* VMWare Cluster creation does not accept ecdsa-sha2-nistp521 ssh keys (BZ
#2048500)
* clusterSelector matchLabels spec are cleared when changing app
name/namespace during creating an app in UI (BZ #2053211)
* Application cluster status is not updated in UI after restoring (BZ
#2053279)
* OpenStack cluster creation is using deprecated floating IP config for
4.7+ (BZ #2056610)
* The value of Vendor reported by cluster metrics was Other even if the
vendor label in managedcluster was Openshift (BZ #2059039)
* Subscriptions stop reconciling after channel secrets are recreated (BZ
#2059954)
* Placementrule is not reconciling on a new fresh environment (BZ #2074156)
* The cluster claimed from clusterpool cannot auto imported (BZ #2074543)
3. Bugs fixed (https://bugzilla.redhat.com/):
2024938 - CVE-2021-41190 opencontainers: OCI manifest and index parsing confusion
2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic
2032128 - Observability - dashboard name contains `/` would cause error when generating dashboard cm
2033051 - ACM application placement fails after renaming the application name
2039197 - disable the obs metric collect should not impact the managed cluster upgrade
2039820 - Observability - cluster list should only contain OCP311 cluster on OCP311 dashboard
2042223 - the value of name label changed from clusterclaim name to cluster name
2043535 - CVE-2022-0144 nodejs-shelljs: improper privilege management
2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor
2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor
2048500 - VMWare Cluster creation does not accept ecdsa-sha2-nistp521 ssh keys
2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function
2052573 - CVE-2022-24450 nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account
2053211 - clusterSelector matchLabels spec are cleared when changing app name/namespace during creating an app in UI
2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak
2053279 - Application cluster status is not updated in UI after restoring
2056610 - OpenStack cluster creation is using deprecated floating IP config for 4.7+
2057249 - RHACM 2.4.3 images
2059039 - The value of Vendor reported by cluster metrics was Other even if the vendor label in managedcluster was Openshift
2059954 - Subscriptions stop reconciling after channel secrets are recreated
2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server
2069368 - CVE-2022-24778 imgcrypt: Unauthorized access to encryted container image on a shared system due to missing check in CheckAuthorization() code path
2074156 - Placementrule is not reconciling on a new fresh environment
2074543 - The cluster claimed from clusterpool can not auto imported
5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202208-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Low
Title: Vim, gVim: Multiple Vulnerabilities
Date: August 21, 2022
Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231
ID: 202208-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been discovered in Vim, the worst of which
could result in denial of service. gVim is the GUI version of Vim.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-editors/gvim < 9.0.0060 >= 9.0.0060
2 app-editors/vim < 9.0.0060 >= 9.0.0060
3 app-editors/vim-core < 9.0.0060 >= 9.0.0060
Description
==========
Multiple vulnerabilities have been discovered in Vim and gVim. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All Vim users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060"
All gVim users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060"
All vim-core users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060"
References
=========
[ 1 ] CVE-2021-3770
https://nvd.nist.gov/vuln/detail/CVE-2021-3770
[ 2 ] CVE-2021-3778
https://nvd.nist.gov/vuln/detail/CVE-2021-3778
[ 3 ] CVE-2021-3796
https://nvd.nist.gov/vuln/detail/CVE-2021-3796
[ 4 ] CVE-2021-3872
https://nvd.nist.gov/vuln/detail/CVE-2021-3872
[ 5 ] CVE-2021-3875
https://nvd.nist.gov/vuln/detail/CVE-2021-3875
[ 6 ] CVE-2021-3927
https://nvd.nist.gov/vuln/detail/CVE-2021-3927
[ 7 ] CVE-2021-3928
https://nvd.nist.gov/vuln/detail/CVE-2021-3928
[ 8 ] CVE-2021-3968
https://nvd.nist.gov/vuln/detail/CVE-2021-3968
[ 9 ] CVE-2021-3973
https://nvd.nist.gov/vuln/detail/CVE-2021-3973
[ 10 ] CVE-2021-3974
https://nvd.nist.gov/vuln/detail/CVE-2021-3974
[ 11 ] CVE-2021-3984
https://nvd.nist.gov/vuln/detail/CVE-2021-3984
[ 12 ] CVE-2021-4019
https://nvd.nist.gov/vuln/detail/CVE-2021-4019
[ 13 ] CVE-2021-4069
https://nvd.nist.gov/vuln/detail/CVE-2021-4069
[ 14 ] CVE-2021-4136
https://nvd.nist.gov/vuln/detail/CVE-2021-4136
[ 15 ] CVE-2021-4166
https://nvd.nist.gov/vuln/detail/CVE-2021-4166
[ 16 ] CVE-2021-4173
https://nvd.nist.gov/vuln/detail/CVE-2021-4173
[ 17 ] CVE-2021-4187
https://nvd.nist.gov/vuln/detail/CVE-2021-4187
[ 18 ] CVE-2021-4192
https://nvd.nist.gov/vuln/detail/CVE-2021-4192
[ 19 ] CVE-2021-4193
https://nvd.nist.gov/vuln/detail/CVE-2021-4193
[ 20 ] CVE-2021-46059
https://nvd.nist.gov/vuln/detail/CVE-2021-46059
[ 21 ] CVE-2022-0128
https://nvd.nist.gov/vuln/detail/CVE-2022-0128
[ 22 ] CVE-2022-0156
https://nvd.nist.gov/vuln/detail/CVE-2022-0156
[ 23 ] CVE-2022-0158
https://nvd.nist.gov/vuln/detail/CVE-2022-0158
[ 24 ] CVE-2022-0213
https://nvd.nist.gov/vuln/detail/CVE-2022-0213
[ 25 ] CVE-2022-0261
https://nvd.nist.gov/vuln/detail/CVE-2022-0261
[ 26 ] CVE-2022-0318
https://nvd.nist.gov/vuln/detail/CVE-2022-0318
[ 27 ] CVE-2022-0319
https://nvd.nist.gov/vuln/detail/CVE-2022-0319
[ 28 ] CVE-2022-0351
https://nvd.nist.gov/vuln/detail/CVE-2022-0351
[ 29 ] CVE-2022-0359
https://nvd.nist.gov/vuln/detail/CVE-2022-0359
[ 30 ] CVE-2022-0361
https://nvd.nist.gov/vuln/detail/CVE-2022-0361
[ 31 ] CVE-2022-0368
https://nvd.nist.gov/vuln/detail/CVE-2022-0368
[ 32 ] CVE-2022-0392
https://nvd.nist.gov/vuln/detail/CVE-2022-0392
[ 33 ] CVE-2022-0393
https://nvd.nist.gov/vuln/detail/CVE-2022-0393
[ 34 ] CVE-2022-0407
https://nvd.nist.gov/vuln/detail/CVE-2022-0407
[ 35 ] CVE-2022-0408
https://nvd.nist.gov/vuln/detail/CVE-2022-0408
[ 36 ] CVE-2022-0413
https://nvd.nist.gov/vuln/detail/CVE-2022-0413
[ 37 ] CVE-2022-0417
https://nvd.nist.gov/vuln/detail/CVE-2022-0417
[ 38 ] CVE-2022-0443
https://nvd.nist.gov/vuln/detail/CVE-2022-0443
[ 39 ] CVE-2022-0554
https://nvd.nist.gov/vuln/detail/CVE-2022-0554
[ 40 ] CVE-2022-0629
https://nvd.nist.gov/vuln/detail/CVE-2022-0629
[ 41 ] CVE-2022-0685
https://nvd.nist.gov/vuln/detail/CVE-2022-0685
[ 42 ] CVE-2022-0714
https://nvd.nist.gov/vuln/detail/CVE-2022-0714
[ 43 ] CVE-2022-0729
https://nvd.nist.gov/vuln/detail/CVE-2022-0729
[ 44 ] CVE-2022-0943
https://nvd.nist.gov/vuln/detail/CVE-2022-0943
[ 45 ] CVE-2022-1154
https://nvd.nist.gov/vuln/detail/CVE-2022-1154
[ 46 ] CVE-2022-1160
https://nvd.nist.gov/vuln/detail/CVE-2022-1160
[ 47 ] CVE-2022-1381
https://nvd.nist.gov/vuln/detail/CVE-2022-1381
[ 48 ] CVE-2022-1420
https://nvd.nist.gov/vuln/detail/CVE-2022-1420
[ 49 ] CVE-2022-1616
https://nvd.nist.gov/vuln/detail/CVE-2022-1616
[ 50 ] CVE-2022-1619
https://nvd.nist.gov/vuln/detail/CVE-2022-1619
[ 51 ] CVE-2022-1620
https://nvd.nist.gov/vuln/detail/CVE-2022-1620
[ 52 ] CVE-2022-1621
https://nvd.nist.gov/vuln/detail/CVE-2022-1621
[ 53 ] CVE-2022-1629
https://nvd.nist.gov/vuln/detail/CVE-2022-1629
[ 54 ] CVE-2022-1674
https://nvd.nist.gov/vuln/detail/CVE-2022-1674
[ 55 ] CVE-2022-1720
https://nvd.nist.gov/vuln/detail/CVE-2022-1720
[ 56 ] CVE-2022-1733
https://nvd.nist.gov/vuln/detail/CVE-2022-1733
[ 57 ] CVE-2022-1735
https://nvd.nist.gov/vuln/detail/CVE-2022-1735
[ 58 ] CVE-2022-1769
https://nvd.nist.gov/vuln/detail/CVE-2022-1769
[ 59 ] CVE-2022-1771
https://nvd.nist.gov/vuln/detail/CVE-2022-1771
[ 60 ] CVE-2022-1785
https://nvd.nist.gov/vuln/detail/CVE-2022-1785
[ 61 ] CVE-2022-1796
https://nvd.nist.gov/vuln/detail/CVE-2022-1796
[ 62 ] CVE-2022-1851
https://nvd.nist.gov/vuln/detail/CVE-2022-1851
[ 63 ] CVE-2022-1886
https://nvd.nist.gov/vuln/detail/CVE-2022-1886
[ 64 ] CVE-2022-1897
https://nvd.nist.gov/vuln/detail/CVE-2022-1897
[ 65 ] CVE-2022-1898
https://nvd.nist.gov/vuln/detail/CVE-2022-1898
[ 66 ] CVE-2022-1927
https://nvd.nist.gov/vuln/detail/CVE-2022-1927
[ 67 ] CVE-2022-1942
https://nvd.nist.gov/vuln/detail/CVE-2022-1942
[ 68 ] CVE-2022-1968
https://nvd.nist.gov/vuln/detail/CVE-2022-1968
[ 69 ] CVE-2022-2000
https://nvd.nist.gov/vuln/detail/CVE-2022-2000
[ 70 ] CVE-2022-2042
https://nvd.nist.gov/vuln/detail/CVE-2022-2042
[ 71 ] CVE-2022-2124
https://nvd.nist.gov/vuln/detail/CVE-2022-2124
[ 72 ] CVE-2022-2125
https://nvd.nist.gov/vuln/detail/CVE-2022-2125
[ 73 ] CVE-2022-2126
https://nvd.nist.gov/vuln/detail/CVE-2022-2126
[ 74 ] CVE-2022-2129
https://nvd.nist.gov/vuln/detail/CVE-2022-2129
[ 75 ] CVE-2022-2175
https://nvd.nist.gov/vuln/detail/CVE-2022-2175
[ 76 ] CVE-2022-2182
https://nvd.nist.gov/vuln/detail/CVE-2022-2182
[ 77 ] CVE-2022-2183
https://nvd.nist.gov/vuln/detail/CVE-2022-2183
[ 78 ] CVE-2022-2206
https://nvd.nist.gov/vuln/detail/CVE-2022-2206
[ 79 ] CVE-2022-2207
https://nvd.nist.gov/vuln/detail/CVE-2022-2207
[ 80 ] CVE-2022-2208
https://nvd.nist.gov/vuln/detail/CVE-2022-2208
[ 81 ] CVE-2022-2210
https://nvd.nist.gov/vuln/detail/CVE-2022-2210
[ 82 ] CVE-2022-2231
https://nvd.nist.gov/vuln/detail/CVE-2022-2231
[ 83 ] CVE-2022-2257
https://nvd.nist.gov/vuln/detail/CVE-2022-2257
[ 84 ] CVE-2022-2264
https://nvd.nist.gov/vuln/detail/CVE-2022-2264
[ 85 ] CVE-2022-2284
https://nvd.nist.gov/vuln/detail/CVE-2022-2284
[ 86 ] CVE-2022-2285
https://nvd.nist.gov/vuln/detail/CVE-2022-2285
[ 87 ] CVE-2022-2286
https://nvd.nist.gov/vuln/detail/CVE-2022-2286
[ 88 ] CVE-2022-2287
https://nvd.nist.gov/vuln/detail/CVE-2022-2287
[ 89 ] CVE-2022-2288
https://nvd.nist.gov/vuln/detail/CVE-2022-2288
[ 90 ] CVE-2022-2289
https://nvd.nist.gov/vuln/detail/CVE-2022-2289
[ 91 ] CVE-2022-2304
https://nvd.nist.gov/vuln/detail/CVE-2022-2304
[ 92 ] CVE-2022-2343
https://nvd.nist.gov/vuln/detail/CVE-2022-2343
[ 93 ] CVE-2022-2344
https://nvd.nist.gov/vuln/detail/CVE-2022-2344
[ 94 ] CVE-2022-2345
https://nvd.nist.gov/vuln/detail/CVE-2022-2345
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-32
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2022 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. Summary:
The Migration Toolkit for Containers (MTC) 1.7.1 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API.
Security Fix(es) from Bugzilla:
* golang: net/http: Limit growth of header canonicalization cache
(CVE-2021-44716)
* golang: debug/macho: Invalid dynamic symbol table command can cause panic
(CVE-2021-41771)
* golang: archive/zip: Reader.Open panics on empty string (CVE-2021-41772)
* golang: syscall: Don't close fd 0 on ForkExec error (CVE-2021-44717)
* opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section. Bugs fixed (https://bugzilla.redhat.com/):
2020725 - CVE-2021-41771 golang: debug/macho: invalid dynamic symbol table command can cause panic
2020736 - CVE-2021-41772 golang: archive/zip: Reader.Open panics on empty string
2024938 - CVE-2021-41190 opencontainers: OCI manifest and index parsing confusion
2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
2030806 - CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error
2040378 - Don't allow Storage class conversion migration if source cluster has only one storage class defined [backend]
2057516 - [MTC UI] UI should not allow PVC mapping for Full migration
2060244 - [MTC] DIM registry route need to be exposed to create inter-cluster state migration plans
2060717 - [MTC] Registry pod goes in CrashLoopBackOff several times when MCG Nooba is used as the Replication Repository
2061347 - [MTC] Log reader pod is missing velero and restic pod logs.
2061653 - [MTC UI] Migration Resources section showing pods from other namespaces
2062682 - [MTC] Destination storage class non-availability warning visible in Intra-cluster source to source state-migration migplan.
2065837 - controller_config.yml.j2 merge type should be set to merge (currently using the default strategic)
2071000 - Storage Conversion: UI doesn't have the ability to skip PVC
2072036 - Migration plan for storage conversion cannot be created if there's no replication repository
2072186 - Wrong migration type description
2072684 - Storage Conversion: PersistentVolumeClaimTemplates in StatefulSets are not updated automatically after migration
2073496 - Errors in rsync pod creation are not printed in the controller logs
2079814 - [MTC UI] Intra-cluster state migration plan showing a warning on PersistentVolumes page
5. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6
macOS Monterey 12.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213444.
AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: An issue in code signature validation was addressed with
improved checks.
CVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc.
Entry added October 27, 2022
ATS
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2022-32902: Mickey Jin (@patch1t)
Entry added October 27, 2022
ATS
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2022-32904: Mickey Jin (@patch1t)
Entry added October 27, 2022
ATS
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2022-32902: Mickey Jin (@patch1t)
Calendar
Available for: macOS Monterey
Impact: An app may be able to read sensitive location information
Description: An access issue was addressed with improved access
restrictions.
CVE-2022-42819: an anonymous researcher
Entry added October 27, 2022
GarageBand
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: A configuration issue was addressed with additional
restrictions.
CVE-2022-32877: Wojciech Reguła (@_r3ggi) of SecuRing
Entry added October 27, 2022
ImageIO
Available for: macOS Monterey
Impact: Processing an image may lead to a denial-of-service
Description: A denial-of-service issue was addressed with improved
validation.
CVE-2022-1622
Entry added October 27, 2022
Image Processing
Available for: macOS Monterey
Impact: A sandboxed app may be able to determine which app is
currently using the camera
Description: The issue was addressed with additional restrictions on
the observability of app states.
CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit)
Entry added October 27, 2022
iMovie
Available for: macOS Monterey
Impact: A user may be able to view sensitive user information
Description: This issue was addressed by enabling hardened runtime.
CVE-2022-32896: Wojciech Reguła (@_r3ggi)
Kernel
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-32914: Zweig of Kunlun Lab
Entry added October 27, 2022
Kernel
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32911: Zweig of Kunlun Lab
CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)
CVE-2022-32924: Ian Beer of Google Project Zero
Entry updated October 27, 2022
Kernel
Available for: macOS Monterey
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)
Kernel
Available for: macOS Monterey
Impact: An application may be able to execute arbitrary code with
kernel privileges. Apple is aware of a report that this issue may
have been actively exploited.
Description: The issue was addressed with improved bounds checks.
CVE-2022-32917: an anonymous researcher
Maps
Available for: macOS Monterey
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved restrictions.
CVE-2022-32883: Ron Masas of breakpointhq.com
Entry updated October 27, 2022
MediaLibrary
Available for: macOS Monterey
Impact: A user may be able to elevate privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2022-32908: an anonymous researcher
ncurses
Available for: macOS Monterey
Impact: A user may be able to cause unexpected app termination or
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2021-39537
Entry added October 27, 2022
PackageKit
Available for: macOS Monterey
Impact: An app may be able to gain elevated privileges
Description: A logic issue was addressed with improved state
management.
CVE-2022-32900: Mickey Jin (@patch1t)
Sandbox
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file
system
Description: A logic issue was addressed with improved restrictions.
CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security
Entry added October 27, 2022
Security
Available for: macOS Monterey
Impact: An app may be able to bypass code signing checks
Description: An issue in code signature validation was addressed with
improved checks.
CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)
Entry added October 27, 2022
Sidecar
Available for: macOS Monterey
Impact: A user may be able to view restricted content from the lock
screen
Description: A logic issue was addressed with improved state
management.
CVE-2022-42790: Om kothawade of Zaprico Digital
Entry added October 27, 2022
SMB
Available for: macOS Monterey
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
CVE-2022-32934: Felix Poulin-Belanger
Entry added October 27, 2022
Vim
Available for: macOS Monterey
Impact: Processing a maliciously crafted file may lead to unexpected
app termination or arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2022-0261
CVE-2022-0318
CVE-2022-0319
CVE-2022-0351
CVE-2022-0359
CVE-2022-0361
CVE-2022-0368
CVE-2022-0392
Entry added October 27, 2022
Vim
Available for: macOS Monterey
Impact: Processing a maliciously crafted file may lead to a denial-
of-service or potentially disclose memory contents
Description: This issue was addressed with improved checks.
CVE-2022-1720
CVE-2022-2000
CVE-2022-2042
CVE-2022-2124
CVE-2022-2125
CVE-2022-2126
Entry added October 27, 2022
Weather
Available for: macOS Monterey
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved state
management.
CVE-2022-32875: an anonymous researcher
Entry added October 27, 2022
WebKit
Available for: macOS Monterey
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
WebKit Bugzilla: 242047
CVE-2022-32888: P1umer (@p1umer)
Entry added October 27, 2022
Additional recognition
Identity Services
We would like to acknowledge Joshua Jones for their assistance.
macOS Monterey 12.6 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpcACgkQ4RjMIDke
Nxkwlg//SSBu/uDg4G5fbGIYbNhe6z0pbPi6KhKQJI/fwDQw0rD1rRCYMYY3FqSv
QwV8MyduewVyNTYL/OiNUDEBJolv3HmAGSLOKML4fJzExGN8j0hzxB+VDreh0PP7
/dIFsarwPIdQTaqD+oolT6XPJ1oG+GClaFn2JRJd1eCMstpQ9n04TZlTa6g5kSzT
ZU6GnRyVBTSi9o2FGKJ0uZxTVZ06G2M1Y6j5qEugEiO+8mSP6DbE8GuMNhxQHgdQ
IThRbMhaggheulPHgoF5023MB2eHOxzd92qGQBfilGXiDEXYQW8dCD21yhEDQt9J
5TKrgDRnGweDZIrTm3/dUiEfcAIrpNCGvieXCTmuBLnG9DqJyfYq8KPAh7E5Mwry
TQvtTSVvf5Gp/vfrDZSbkS5dzWoIlJJByvc9Zt9MtC+eP2vYXjYAwDRd9duM/N+J
1wzXK8axVwImx58j5Ae1VsfELkbiGicovRn306MKUWgl3iz6D2JNTJPIyI96K3D7
ZDg4FhFJOTfXdmSdH9bbGKMt2LTPbYem3gk7zm4a5eKp3RQGd8HnhTRbMbr5e7Vh
/C6AwsIbWhvE2SY3Pig7+BkzjfX4wNlnxKpa+wzZfamaXHxYYu6jwHdi74gqv5JA
GDdcqUsSlUaFU+VsZlWnogpZGJjq5dxowq+2jmD2AOjevacHe3c=
=uGN6
-----END PGP SIGNATURE-----
|
|
var-201711-0450
|
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are all products of the American company Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that comes with the Mac OS X and iOS operating systems by default. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. ------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2017-0009
------------------------------------------------------------------------
Date reported : November 10, 2017
Advisory ID : WSA-2017-0009
Advisory URL : https://webkitgtk.org/security/WSA-2017-0009.html
CVE identifiers : CVE-2017-13783, CVE-2017-13784, CVE-2017-13785,
CVE-2017-13788, CVE-2017-13791, CVE-2017-13792,
CVE-2017-13793, CVE-2017-13794, CVE-2017-13795,
CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
CVE-2017-13803.
Several vulnerabilities were discovered in WebKitGTK+.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to xisigr of Tencent's Xuanwu Lab (tencent.com). Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Hanul Choi working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to Ivan Fratric of Google Project Zero. Description: Multiple memory corruption
issues were addressed with improved memory handling.
Credit to chenqin (ee|) of Ant-financial Light-Year Security. Description: Multiple memory corruption
issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.
Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html
The WebKitGTK+ team,
November 10, 2017
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201712-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebKitGTK+: Multiple vulnerabilities
Date: December 14, 2017
Bugs: #637076
ID: 201712-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in WebKitGTK+, the worst
of which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.18.3 >= 2.18.3
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There are no known workarounds at this time.
Resolution
==========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.18.3"
References
==========
[ 1 ] CVE-2017-13783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13783
[ 2 ] CVE-2017-13784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13784
[ 3 ] CVE-2017-13785
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13785
[ 4 ] CVE-2017-13788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13788
[ 5 ] CVE-2017-13791
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13791
[ 6 ] CVE-2017-13792
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13792
[ 7 ] CVE-2017-13793
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13793
[ 8 ] CVE-2017-13794
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13794
[ 9 ] CVE-2017-13795
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13795
[ 10 ] CVE-2017-13796
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13796
[ 11 ] CVE-2017-13798
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13798
[ 12 ] CVE-2017-13802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13802
[ 13 ] CVE-2017-13803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13803
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201712-01
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
===========================================================================
Ubuntu Security Notice USN-3481-1
November 16, 2017
webkit2gtk vulnerabilities
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 17.04
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.17.10.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.17.10.1
Ubuntu 17.04:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.17.04.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.17.04.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.18.3-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.18.3-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3481-1
CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788,
CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794,
CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
CVE-2017-13803
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.17.04.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.18.3-0ubuntu0.16.04.1
--cAJSiv6PLl8jlntXfAr5kK8XnnPQvgKnJ--
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-10-31-1 iOS 11.1
iOS 11.1 is now available and addresses the following:
CoreText
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text file may lead to an
unexpected application termination
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2017-13849: Ro of SavSec
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13799: an anonymous researcher
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
access photos from the lock screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device. This issue was addressed with
improved state management.
CVE-2017-13844: Miguel Alvarado of iDeviceHelp INC
Siri
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A person with physical access to an iOS device may be able to
use Siri to read notifications of content that is set not to be
displayed at the lock screen
Description: An issue existed with Siri permissions. This was
addressed with improved permission checking.
CVE-2017-13805: Yiğit Can YILMAZ (@yilmazcanyigit)
StreamingZip
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious zip file may be able modify restricted areas of
the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L.
UIKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Characters in a secure text field might be revealed
Description: The characters in a secure text field were revealed
during focus change events. This issue was addressed through improved
state management.
CVE-2017-7113: an anonymous researcher, Duraiamuthan Harikrishnan of
Tech Mahindra, Ricardo Sampayo of Bemo Ltd
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u7opHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbQiw//
bEkSQWlXTfpJ/9F2VKbMv+++td8sXozC3ICj9Ho+zhctxNY3MvIqXY8B4MrWB5+e
wgz1X/EQSCMItE2u20uISfApls/8/pBde6kKnca9rPGr7I2BKsuHTfCT3taSkhoj
EWMHEb64Se0hSiWKj99HJ80It9bDGSHz1cofpYDCNSMFBCiGWF2EbMgxUa55T5Vx
BtWZ91y2oU6gTsu4ZSR5NXG+Hi/vFYDnAFSr2/5Dgud4fl0tYk1KZ725g2YvXT7S
E3qV6shwcQtpf5ixm4G2cYalfiAmkYYjA/q2sgLClHDVXaPzahTS9ScMygKo4BsZ
RDboCM0q0ywPl+xnNJFuq2ZpZAfMefuXpcjTSxBDoNXliphzH2YOjk5YtHV47S+x
E8+b/bGDvBiKXJFo+yotJ07er0XtFPxfJKwgaYAi8VAfEXZrIv0uDQfYIZieMIRz
VznZvlaKXpA1Ms3R3rY2ukI9gdyPD0wk7r8zAGD0eTdl8E0bMI89UaSMWqDGf1Jm
9AWKOB7na2ElWNHeEMUAhReOL4jHqu/FLkRuoYVAiYKYUDWJGDlD79Yz8bTqnwtu
AWHqstzzcUVg1HXcwR5ngUDGFFOU2vVkqZRK6uwzCRzd/a7QQ/Lu+86GkfxPUB+p
9rtwIDGcTg0795ylrx8NLY/3BD8xcBMhfcZbpX5TF8s=
=qJV/
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/ |
|
var-200701-0510
|
The Adobe PDF specification 1.3, as implemented by Apple Mac OS X Preview, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. Microsoft Publisher is prone to a remote code-execution vulnerability.
An attacker could exploit this issue by enticing a victim to open a malicious Publisher file.
Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user. Publisher is a tool in the Microsoft Office suite of office software for creating, personalizing and sharing a variety of publications and marketing materials. Publisher did not properly validate application data when loading Publisher files into memory, and did not validate memory index values when opening specially crafted Publisher files. If a user is tricked into opening a malicious .pub file, memory corruption could be triggered, resulting in arbitrary command execution.
----------------------------------------------------------------------
To improve our services to our customers, we have made a number of
additions to the Secunia Advisories and have started translating the
advisories to German.
The improvements will help our customers to get a better
understanding of how we reached our conclusions, how it was rated,
our thoughts on exploitation, attack vectors, and scenarios.
This includes:
* Reason for rating
* Extended description
* Extended solution
* Exploit code or links to exploit code
* Deep links
Read the full description:
http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information:
http://corporate.secunia.com/how_to_buy/15/?r=l
----------------------------------------------------------------------
TITLE:
Mac OS X Mach-O Universal Binary Memory Corruption
SECUNIA ADVISORY ID:
SA23088
VERIFY ADVISORY:
http://secunia.com/advisories/23088/
CRITICAL:
Less critical
IMPACT:
DoS, System access
WHERE:
Local system
OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/
DESCRIPTION:
LMH has reported a vulnerability in Mac OS X, which can be exploited
by malicious, local users to cause a DoS (Denial of Service) or
potentially gain escalated privileges.
The vulnerability is caused due to an error in the fatfile_getarch2()
function. This can be exploited to cause an integer overflow and may
potentially allow execution of arbitrary code with kernel privileges
via a specially crafted Mach-O Universal binary.
The vulnerability is reported in a fully patched Mac OS X
(2006-11-26). Other versions may also be affected.
SOLUTION:
Grant only trusted users access to affected systems.
PROVIDED AND/OR DISCOVERED BY:
LMH
ORIGINAL ADVISORY:
http://projects.info-pull.com/mokb/MOKB-26-11-2006.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-201904-1360
|
A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. plural Apple Because the product is incompletely checked, cookie An administrative vulnerability exists.Information may be obtained. Apple watchOS/tvOS/macOS/iCloud/iTunes are prone to a remote security vulnerability.
An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS High Sierra is a dedicated operating system developed for Mac computers. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-7-9-1 iOS 11.4.1
iOS 11.4.1 is now available and addresses the following:
CFNetwork
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Cookies may unexpectedly persist in Safari
Description: A cookie management issue was addressed with improved
checks.
CVE-2018-4293: an anonymous researcher
Emoji
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing an emoji under certain configurations may lead to
a denial of service
Description: A denial of service issue was addressed with improved
memory handling.
CVE-2018-4290: Patrick Wardle of Digita Security
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory.
CVE-2018-4282: Proteas of Qihoo 360 Nirvan Team
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4280: Brandon Azad
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4248: Brandon Azad
LinkPresentation
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs.
CVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may exfiltrate audio data cross-origin
Description: Sound fetched through audio elements may be exfiltrated
cross-origin.
CVE-2018-4278: Jun Kokatsu (@shhnjk)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A race condition was addressed with additional
validation.
CVE-2018-4266: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs.
CVE-2018-4274: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4270: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4284: Found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative
CVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day
Initiative
CVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative
CVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of
Ant-financial Light-Year Security Lab
CVE-2018-4265: cc working with Trend Micro's Zero Day Initiative
CVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero
Day Initiative
CVE-2018-4272: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-4271: found by OSS-Fuzz
CVE-2018-4273: found by OSS-Fuzz
WebKit Page Loading
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com)
Wi-Fi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4275: Brandon Azad
Additional recognition
Kernel
We would like to acknowledge juwei lin (@panicaII) of Trend Micro
working with Trend Micro's Zero Day Initiative for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 11.4.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltDyFEpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQ8ecVjteJiCaYqQ/+
LoOw2Hgwr9l7EplQS1O9t9ssVvjaQ25JhxeAkEHhrrLTTpEHNOYhBgPj3XV3DkNT
QR1XDKykgVXq1jAMqy2CzpVvb0bWrhAZte7lwLwTKiSdzWzY99LspMtck0uZXg5y
qoePuHIifMF5oMzRsLq2IDKj7sDJ3mEOjOGizfJ5BRdFOZPKmuTLK/LnafzoqlOY
XAYMj3puFWnlMs1ewTTbup5Oh0totisA7WlpDleG+a/IborfXe89nvUIAEyPH3UF
jbPXGlIrB+aofMmoxgbJ7YDXm+7RZbRShrqS3IIwbuVWlWxi8M6AYvlFCAxKc3In
R3Bum13NIR8ZTfLARmrRos54kzmygazCHK0yIkeKvJW3uSFIOUbBtkKQ8EpE8og9
KzNvxyMd5Le6kCJe8JECl6jrfnY7QrYBIPxowXymfcRyYpnpIidYHUPlej8OZYnT
fH8lWsE09CikZjBLyKmM6NJ4Y24CAmILyJWTmrM+pM9jLN9InWxTr0raY+MiULnI
MZgqDuP+wMKfcGGngOkDnmm84w4RSnwK7bRgVtCWV99rnqZvzDgoYhJXDyXXuPqL
P0HN+TKdCJ7e+C4boqDup2Ojz7YhFXfCwkJ1fHLD+L+Aj46eLbuu9936vGgvAzQI
7aT98URG/GMffZ3Y53yDJZxHDTnFQ5/tOlNBv8LKJDA=
=mzJ2
-----END PGP SIGNATURE-----
.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-14 Additional information for APPLE-SA-2018-7-9-4
macOS High Sierra 10.13.6, Security Update 2018-004 Sierra,
Security Update 2018-004 El Capitan
macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and
Security Update 2018-004 El Capitan address the following:
AMD
Available for: macOS High Sierra 10.13.5
Impact: A malicious application may be able to determine kernel
memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2018-4285: Mohamed Ghannam (@_simo36)
Bluetooth
Available for: MacBook Pro (15-inch, 2018), and MacBook Pro
(13-inch, 2018, Four Thunderbolt 3 Ports)
Other Mac models were addressed with macOS High Sierra 10.13.5.
Impact: An attacker in a privileged network position may be able to
intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth.
CVE-2018-4269: Abraham Masri (@cheesecakeufo)
CUPS
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.5
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A null pointer dereference was addressed with improved
validation.
CVE-2018-4276: Jakub Jirasek of Secunia Research at Flexera
Entry added October 30, 2018
DesktopServices
Available for: macOS Sierra 10.12.6
Impact: A local user may be able to view sensitive user information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2018-4283: @panicaII working with Trend Micro's Zero Day
Initiative
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.5
Impact: Systems using IntelA(r) Core-based microprocessors may
potentially allow a local process to infer data utilizing Lazy FP
state restore from another process through a speculative execution
side channel
Description: Lazy FP state restore instead of eager save and restore
of the state upon a context switch. Lazy restored states are
potentially vulnerable to exploits where one process may infer
register values of other processes through a speculative execution
side channel that infers their value.
Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.
Security
We would like to acknowledge Brad Dahlsten of Iowa State University
for their assistance |
|
var-201108-0236
|
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895. The software enables a variety of image manipulations, including photo retouching, image compositing, and image creation. Description:
The GIMP (GNU Image Manipulation Program) is an image composition and
editing program. Bugs fixed (http://bugzilla.redhat.com/):
727800 - CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow
839020 - CVE-2012-3403 gimp (CEL plug-in): heap buffer overflow when loading external palette files
847303 - CVE-2012-3481 Gimp (GIF plug-in): Heap-based buffer overflow by loading certain GIF images
6. (CVE-2011-2896)
This update also fixes the following bugs:
* Prior to this update, the "Show Completed Jobs," "Show All Jobs," and
"Show Active Jobs" buttons returned results globally across all printers
and not the results for the specified printer. With this update, jobs from
only the selected printer are shown. (BZ#625900)
* Prior to this update, the code of the serial backend contained a wrong
condition. As a consequence, print jobs on the raw print queue could not be
canceled. This update modifies the condition in the serial backend code.
Now, the user can cancel these print jobs. (BZ#625955)
* Prior to this update, the textonly filter did not work if used as a pipe,
for example when the command line did not specify the filename and the
number of copies was always 1. This update modifies the condition in the
textonly filter. Now, the data are sent to the printer regardless of the
number of copies specified. (BZ#660518)
* Prior to this update, the file descriptor count increased until it ran
out of resources when the cups daemon was running with enabled
Security-Enhanced Linux (SELinux) features. With this update, all resources
are allocated only once. (BZ#668009)
* Prior to this update, CUPS incorrectly handled the en_US.ASCII value for
the LANG environment variable. This update fixes the handling of the en_US.ASCII value and the
binaries now write to standard output properly. Bugs fixed (http://bugzilla.redhat.com/):
625900 - STR #3436: Jobs buttons not working correctly when viewing a specific printer
625955 - Serial back end has inverted SIGTERM block
660518 - textonly filter won't work as a pipe with copies=1
668009 - avc calls leak file descriptors
727800 - CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow
6.
Packages for 2009.0 are provided as of the Extended Maintenance
Program. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security.
CVE-2011-1782
The correction for CVE-2010-4543 was incomplete.
For the stable distribution (squeeze), these problems have been fixed in
version 2.6.10-1+squeeze3.
For the testing distribution (wheezy) and the unstable distribution
(sid), these problems have been fixed in version 2.6.11-5.
We recommend that you upgrade your gimp packages.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: GIMP: Multiple vulnerabilities
Date: September 28, 2012
Bugs: #293127, #350915, #372975, #379289, #418425, #432582
ID: 201209-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in GIMP, the worst of which
allow execution of arbitrary code or Denial of Service.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-gfx/gimp < 2.6.12-r2 >= 2.6.12-r2
Description
===========
Multiple vulnerabilities have been discovered in GIMP. Please review
the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All GIMP users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/gimp-2.6.12-r2"
References
==========
[ 1 ] CVE-2009-1570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1570
[ 2 ] CVE-2009-3909
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3909
[ 3 ] CVE-2010-4540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4540
[ 4 ] CVE-2010-4541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4541
[ 5 ] CVE-2010-4542
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4542
[ 6 ] CVE-2010-4543
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4543
[ 7 ] CVE-2011-1178
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1178
[ 8 ] CVE-2011-2896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2896
[ 9 ] CVE-2012-2763
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2763
[ 10 ] CVE-2012-3402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3402
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-23.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Low: cups security and bug fix update
Advisory ID: RHSA-2011:1635-03
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1635.html
Issue date: 2011-12-06
CVE Names: CVE-2011-2896
=====================================================================
1. Summary:
Updated cups packages that fix one security issue and several bugs are now
available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.
A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)
decompression algorithm implementation used by the CUPS GIF image format
reader. An attacker could create a malicious GIF image file that, when
printed, could possibly cause CUPS to crash or, potentially, execute
arbitrary code with the privileges of the "lp" user. (CVE-2011-2896)
These updated cups packages also provide fixes for the following bugs:
* Previously CUPS was not correctly handling the language setting
LANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were
not displaying any output when the LANG=en_US.ASCII environment variable
was used. As a result of this update the problem is fixed and the expected
output is now displayed. (BZ#681836)
* Previously the scheduler did not check for empty values of several
configuration directives. As a consequence it was possible for the CUPS
daemon (cupsd) to crash when a configuration file contained certain empty
values. With this update the problem is fixed and cupsd no longer crashes
when reading such a configuration file. (BZ#706673)
* Previously when printing to a raw print queue, when using certain printer
models, CUPS was incorrectly sending SNMP queries. As a consequence there
was a noticeable 4-second delay between queueing the job and the start of
printing. With this update the problem is fixed and CUPS no longer tries to
collect SNMP supply and status information for raw print queues.
(BZ#709896)
* Previously when using the BrowsePoll directive it could happen that the
CUPS printer polling daemon (cups-polld) began polling before the network
interfaces were set up after a system boot. CUPS was then caching the
failed hostname lookup. As a consequence no printers were found and the
error, "Host name lookup failure", was logged. With this update the code
that re-initializes the resolver after failure in cups-polld is fixed and
as a result CUPS will obtain the correct network settings to use in printer
discovery. (BZ#712430)
* The MaxJobs directive controls the maximum number of print jobs that are
kept in memory. Previously, once the number of jobs reached the limit, the
CUPS system failed to automatically purge the data file associated with the
oldest completed job from the system in order to make room for a new print
job. This bug has been fixed, and the jobs beyond the set limit are now
properly purged. (BZ#735505)
* The cups init script (/etc/rc.d/init.d/cups) uses the daemon function
(from /etc/rc.d/init.d/functions) to start the cups process, but previously
it did not source a configuration file from the /etc/sysconfig/ directory.
As a consequence, it was difficult to cleanly set the nice level or cgroup
for the cups daemon by setting the NICELEVEL or CGROUP_DAEMON variables.
With this update, the init script is fixed. (BZ#744791)
All users of CUPS are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues. After installing this
update, the cupsd daemon will be restarted automatically.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
681836 - lpstat bug with ASCII encoding, LANG=en_US.ASCII lpstat -h localhost -s
706673 - Cups config parsing segfault
712430 - printers are not found after system boot
727800 - CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow
735505 - CUPS is not purging JobFiles when MaxJobs is reached in RHEL6.1
744791 - cups init script should source /etc/sysconfig/cups
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386:
cups-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-libs-1.4.2-44.el6.i686.rpm
cups-lpd-1.4.2-44.el6.i686.rpm
x86_64:
cups-1.4.2-44.el6.x86_64.rpm
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.x86_64.rpm
cups-libs-1.4.2-44.el6.i686.rpm
cups-libs-1.4.2-44.el6.x86_64.rpm
cups-lpd-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386:
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-devel-1.4.2-44.el6.i686.rpm
cups-php-1.4.2-44.el6.i686.rpm
x86_64:
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.x86_64.rpm
cups-devel-1.4.2-44.el6.i686.rpm
cups-devel-1.4.2-44.el6.x86_64.rpm
cups-php-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
x86_64:
cups-1.4.2-44.el6.x86_64.rpm
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.x86_64.rpm
cups-libs-1.4.2-44.el6.i686.rpm
cups-libs-1.4.2-44.el6.x86_64.rpm
cups-lpd-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
x86_64:
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.x86_64.rpm
cups-devel-1.4.2-44.el6.i686.rpm
cups-devel-1.4.2-44.el6.x86_64.rpm
cups-php-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386:
cups-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-devel-1.4.2-44.el6.i686.rpm
cups-libs-1.4.2-44.el6.i686.rpm
cups-lpd-1.4.2-44.el6.i686.rpm
ppc64:
cups-1.4.2-44.el6.ppc64.rpm
cups-debuginfo-1.4.2-44.el6.ppc.rpm
cups-debuginfo-1.4.2-44.el6.ppc64.rpm
cups-devel-1.4.2-44.el6.ppc.rpm
cups-devel-1.4.2-44.el6.ppc64.rpm
cups-libs-1.4.2-44.el6.ppc.rpm
cups-libs-1.4.2-44.el6.ppc64.rpm
cups-lpd-1.4.2-44.el6.ppc64.rpm
s390x:
cups-1.4.2-44.el6.s390x.rpm
cups-debuginfo-1.4.2-44.el6.s390.rpm
cups-debuginfo-1.4.2-44.el6.s390x.rpm
cups-devel-1.4.2-44.el6.s390.rpm
cups-devel-1.4.2-44.el6.s390x.rpm
cups-libs-1.4.2-44.el6.s390.rpm
cups-libs-1.4.2-44.el6.s390x.rpm
cups-lpd-1.4.2-44.el6.s390x.rpm
x86_64:
cups-1.4.2-44.el6.x86_64.rpm
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.x86_64.rpm
cups-devel-1.4.2-44.el6.i686.rpm
cups-devel-1.4.2-44.el6.x86_64.rpm
cups-libs-1.4.2-44.el6.i686.rpm
cups-libs-1.4.2-44.el6.x86_64.rpm
cups-lpd-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386:
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-php-1.4.2-44.el6.i686.rpm
ppc64:
cups-debuginfo-1.4.2-44.el6.ppc64.rpm
cups-php-1.4.2-44.el6.ppc64.rpm
s390x:
cups-debuginfo-1.4.2-44.el6.s390x.rpm
cups-php-1.4.2-44.el6.s390x.rpm
x86_64:
cups-debuginfo-1.4.2-44.el6.x86_64.rpm
cups-php-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386:
cups-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-devel-1.4.2-44.el6.i686.rpm
cups-libs-1.4.2-44.el6.i686.rpm
cups-lpd-1.4.2-44.el6.i686.rpm
x86_64:
cups-1.4.2-44.el6.x86_64.rpm
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-debuginfo-1.4.2-44.el6.x86_64.rpm
cups-devel-1.4.2-44.el6.i686.rpm
cups-devel-1.4.2-44.el6.x86_64.rpm
cups-libs-1.4.2-44.el6.i686.rpm
cups-libs-1.4.2-44.el6.x86_64.rpm
cups-lpd-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386:
cups-debuginfo-1.4.2-44.el6.i686.rpm
cups-php-1.4.2-44.el6.i686.rpm
x86_64:
cups-debuginfo-1.4.2-44.el6.x86_64.rpm
cups-php-1.4.2-44.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2896.html
https://access.redhat.com/security/updates/classification/#low
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFO3jdAXlSAg2UNWIIRAuf9AJ40wZu4zvl7/JluD0pOAIRHpsC9WACfQlq4
m4F9XjZwY5c1UV+v9+pq1hs=
=YoxJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ==========================================================================
Ubuntu Security Notice USN-1207-1
September 14, 2011
cups, cupsys vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS
Summary:
An attacker could send crafted print jobs to CUPS and cause it to crash or
run programs.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.04:
libcupsimage2 1.4.6-5ubuntu1.4
Ubuntu 10.10:
libcupsimage2 1.4.4-6ubuntu2.4
Ubuntu 10.04 LTS:
libcupsimage2 1.4.3-1ubuntu1.5
Ubuntu 8.04 LTS:
libcupsimage2 1.3.7-1ubuntu3.13
In general, a standard system update will make all the necessary changes |
|
var-200107-0173
|
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. "The Bat!" is an MUA for Windows by Rit Research Labs.
"The Bat!" is vulnerable to a remote denial of service attack. Email messages in which carriage return (CR) characters are not followed by a linefeed (LF) can cause "The Bat!" to incorrectly interpret the message's structure. This can lead "The Bat!" to read text in the message body as a response from the POP3 server. The current (corrupt) message will not be deleted from the server, and the mail download process will stop.
As a result, the user will remain unable to receive new email messages from the affected POP3 account |
|
var-201206-0055
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA.
The vulnerability can be exploited over multiple protocols. This issue affects the 'CORBA' sub-component.
This vulnerability affects the following supported versions:
7 Update 4, 6 Update 32, 5 Update 35, 1.4.2_37.
CVE-2012-1711 CVE-2012-1719
Multiple errors in the CORBA implementation could lead to
breakouts of the Java sandbox
CVE-2012-1713
Missing input sanitising in the font manager could lead to
the execution of arbitrary code.
CVE-2012-1716
The SynthLookAndFeel Swing class could be abused to break
out of the Java sandbox.
CVE-2012-1723 CVE-2012-1725
Validation errors in the bytecode verifier of the Hotspot VM
could lead to breakouts of the Java sandbox. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-openjdk security update
Advisory ID: RHSA-2012:0729-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0729.html
Issue date: 2012-06-13
CVE Names: CVE-2012-1711 CVE-2012-1713 CVE-2012-1716
CVE-2012-1717 CVE-2012-1718 CVE-2012-1719
CVE-2012-1723 CVE-2012-1724 CVE-2012-1725
=====================================================================
1. Summary:
Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.
Multiple flaws were discovered in the CORBA (Common Object Request Broker
Architecture) implementation in Java. A malicious Java application or
applet could use these flaws to bypass Java sandbox restrictions or modify
immutable object data. (CVE-2012-1711, CVE-2012-1719)
It was discovered that the SynthLookAndFeel class from Swing did not
properly prevent access to certain UI elements from outside the current
application context. A malicious Java application or applet could use this
flaw to crash the Java Virtual Machine, or bypass Java sandbox
restrictions. (CVE-2012-1716)
Multiple flaws were discovered in the font manager's layout lookup
implementation. A specially-crafted font file could cause the Java Virtual
Machine to crash or, possibly, execute arbitrary code with the privileges
of the user running the virtual machine. (CVE-2012-1713)
Multiple flaws were found in the way the Java HotSpot Virtual Machine
verified the bytecode of the class file to be executed. A specially-crafted
Java application or applet could use these flaws to crash the Java Virtual
Machine, or bypass Java sandbox restrictions. (CVE-2012-1723,
CVE-2012-1725)
It was discovered that the Java XML parser did not properly handle certain
XML documents. An attacker able to make a Java application parse a
specially-crafted XML file could use this flaw to make the XML parser enter
an infinite loop. (CVE-2012-1724)
It was discovered that the Java security classes did not properly handle
Certificate Revocation Lists (CRL). CRL containing entries with duplicate
certificate serial numbers could have been ignored. (CVE-2012-1718)
It was discovered that various classes of the Java Runtime library could
create temporary files with insecure permissions. A local attacker could
use this flaw to gain access to the content of such temporary files.
(CVE-2012-1717)
Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.
This erratum also upgrades the OpenJDK package to IcedTea6 1.11.3. Refer to
the NEWS file, linked to in the References, for further information.
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
829354 - CVE-2012-1711 OpenJDK: improper protection of CORBA data models (CORBA, 7079902)
829358 - CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606)
829360 - CVE-2012-1716 OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614)
829361 - CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617)
829371 - CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)
829372 - CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872)
829373 - CVE-2012-1723 OpenJDK: insufficient field accessibility checks (HotSpot, 7152811)
829374 - CVE-2012-1724 OpenJDK: XML parsing infinite loop (JAXP, 7157609)
829376 - CVE-2012-1725 OpenJDK: insufficient invokespecial <init> verification (HotSpot, 7160757)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-1711.html
https://www.redhat.com/security/data/cve/CVE-2012-1713.html
https://www.redhat.com/security/data/cve/CVE-2012-1716.html
https://www.redhat.com/security/data/cve/CVE-2012-1717.html
https://www.redhat.com/security/data/cve/CVE-2012-1718.html
https://www.redhat.com/security/data/cve/CVE-2012-1719.html
https://www.redhat.com/security/data/cve/CVE-2012-1723.html
https://www.redhat.com/security/data/cve/CVE-2012-1724.html
https://www.redhat.com/security/data/cve/CVE-2012-1725.html
https://access.redhat.com/security/updates/classification/#critical
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.3/NEWS
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFP2Ja7XlSAg2UNWIIRAokFAJ9V8VJuhVGk/NeIz9cIUFTWFq0Y/ACfT9AU
CU7+p+0KxnampfpTiGqnnPM=
=ZEhT
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface.
Download it here!
http://secunia.com/psi_30_beta_launch
----------------------------------------------------------------------
TITLE:
uCosminexus Products Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA49578
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/49578/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=49578
RELEASE DATE:
2012-06-15
DISCUSS ADVISORY:
http://secunia.com/advisories/49578/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/49578/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49578
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Hitachi has acknowledged multiple vulnerabilities in uCosminexus
products, which can be exploited by malicious, local users to
disclose potentially sensitive information, manipulate certain data,
and cause a DoS (Denial of Service) and by malicious people to
conduct cross-site scripting attacks, disclose potentially sensitive
information, manipulate certain data, cause a DoS (Denial of
Service), and compromise a vulnerable system.
The vulnerabilities are caused due to vulnerabilities in the bundled
version of Cosminexus Developer's Kit for Java.
For more information:
SA49472
Please see the vendor's advisory for a list of affected products.
ORIGINAL ADVISORY:
HS12-015:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-015/index.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: January 27, 2014
Bugs: #404071, #421073, #433094, #438706, #451206, #455174,
#458444, #460360, #466212, #473830, #473980, #488210, #498148
ID: 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable!
2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 *
3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable!
4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 *
5 app-emulation/emul-linux-x86-java
< 1.7.0.51 >= 1.7.0.51 *
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
5 affected packages
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation. Please review the CVE identifiers referenced below for
details.
Impact
======
An unauthenticated, remote attacker could exploit these vulnerabilities
to execute arbitrary code.
Furthermore, a local or remote attacker could exploit these
vulnerabilities to cause unspecified impact, possibly including remote
execution of arbitrary code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the
latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one
of the newer Oracle packages like dev-java/oracle-jdk-bin or
dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.
NOTE: As Oracle has revoked the DLJ license for its Java
implementation, the packages can no longer be updated automatically.
References
==========
[ 1 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Content-Disposition: inline
============================================================================
Ubuntu Security Notice USN-1505-1
July 13, 2012
icedtea-web, openjdk-6 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6. (CVE-2012-1724)
As part of this update, the IcedTea web browser applet plugin was
updated for Ubuntu 10.04 LTS, Ubuntu 11.04, and Ubuntu 11.10.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
openjdk-6-jre 6b24-1.11.3-1ubuntu0.12.04.1
Ubuntu 11.10:
icedtea-6-plugin 1.2-2ubuntu0.11.10.1
openjdk-6-jre 6b24-1.11.3-1ubuntu0.11.10.1
Ubuntu 11.04:
icedtea-6-plugin 1.2-2ubuntu0.11.04.1
openjdk-6-jre 6b24-1.11.3-1ubuntu0.11.04.1
Ubuntu 10.04 LTS:
icedtea-6-plugin 1.2-2ubuntu0.10.04.1
openjdk-6-jre 6b24-1.11.3-1ubuntu0.10.04.1
This update uses a new upstream release, which includes additional
bug fixes |
|
var-201901-1586
|
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. plural Apple The product contains a vulnerability in which sound acquired via audio elements is acquired with cross-origin.Sounds may be acquired with a cross-origin. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. iTunes for Windows is a media player application based on the Windows platform. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.4.1; Safari prior to 11.1.2; Windows-based iTunes prior to 12.8; tvOS prior to 11.4.1; Windows-based iCloud prior to 7.6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: August 22, 2018
Bugs: #652820, #658168, #662974
ID: 201808-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
==========
[ 1 ] CVE-2018-11646
https://nvd.nist.gov/vuln/detail/CVE-2018-11646
[ 2 ] CVE-2018-11712
https://nvd.nist.gov/vuln/detail/CVE-2018-11712
[ 3 ] CVE-2018-11713
https://nvd.nist.gov/vuln/detail/CVE-2018-11713
[ 4 ] CVE-2018-12293
https://nvd.nist.gov/vuln/detail/CVE-2018-12293
[ 5 ] CVE-2018-12294
https://nvd.nist.gov/vuln/detail/CVE-2018-12294
[ 6 ] CVE-2018-4101
https://nvd.nist.gov/vuln/detail/CVE-2018-4101
[ 7 ] CVE-2018-4113
https://nvd.nist.gov/vuln/detail/CVE-2018-4113
[ 8 ] CVE-2018-4114
https://nvd.nist.gov/vuln/detail/CVE-2018-4114
[ 9 ] CVE-2018-4117
https://nvd.nist.gov/vuln/detail/CVE-2018-4117
[ 10 ] CVE-2018-4118
https://nvd.nist.gov/vuln/detail/CVE-2018-4118
[ 11 ] CVE-2018-4119
https://nvd.nist.gov/vuln/detail/CVE-2018-4119
[ 12 ] CVE-2018-4120
https://nvd.nist.gov/vuln/detail/CVE-2018-4120
[ 13 ] CVE-2018-4121
https://nvd.nist.gov/vuln/detail/CVE-2018-4121
[ 14 ] CVE-2018-4122
https://nvd.nist.gov/vuln/detail/CVE-2018-4122
[ 15 ] CVE-2018-4125
https://nvd.nist.gov/vuln/detail/CVE-2018-4125
[ 16 ] CVE-2018-4127
https://nvd.nist.gov/vuln/detail/CVE-2018-4127
[ 17 ] CVE-2018-4128
https://nvd.nist.gov/vuln/detail/CVE-2018-4128
[ 18 ] CVE-2018-4129
https://nvd.nist.gov/vuln/detail/CVE-2018-4129
[ 19 ] CVE-2018-4133
https://nvd.nist.gov/vuln/detail/CVE-2018-4133
[ 20 ] CVE-2018-4146
https://nvd.nist.gov/vuln/detail/CVE-2018-4146
[ 21 ] CVE-2018-4162
https://nvd.nist.gov/vuln/detail/CVE-2018-4162
[ 22 ] CVE-2018-4163
https://nvd.nist.gov/vuln/detail/CVE-2018-4163
[ 23 ] CVE-2018-4165
https://nvd.nist.gov/vuln/detail/CVE-2018-4165
[ 24 ] CVE-2018-4190
https://nvd.nist.gov/vuln/detail/CVE-2018-4190
[ 25 ] CVE-2018-4192
https://nvd.nist.gov/vuln/detail/CVE-2018-4192
[ 26 ] CVE-2018-4199
https://nvd.nist.gov/vuln/detail/CVE-2018-4199
[ 27 ] CVE-2018-4200
https://nvd.nist.gov/vuln/detail/CVE-2018-4200
[ 28 ] CVE-2018-4201
https://nvd.nist.gov/vuln/detail/CVE-2018-4201
[ 29 ] CVE-2018-4204
https://nvd.nist.gov/vuln/detail/CVE-2018-4204
[ 30 ] CVE-2018-4214
https://nvd.nist.gov/vuln/detail/CVE-2018-4214
[ 31 ] CVE-2018-4218
https://nvd.nist.gov/vuln/detail/CVE-2018-4218
[ 32 ] CVE-2018-4222
https://nvd.nist.gov/vuln/detail/CVE-2018-4222
[ 33 ] CVE-2018-4232
https://nvd.nist.gov/vuln/detail/CVE-2018-4232
[ 34 ] CVE-2018-4233
https://nvd.nist.gov/vuln/detail/CVE-2018-4233
[ 35 ] CVE-2018-4261
https://nvd.nist.gov/vuln/detail/CVE-2018-4261
[ 36 ] CVE-2018-4262
https://nvd.nist.gov/vuln/detail/CVE-2018-4262
[ 37 ] CVE-2018-4263
https://nvd.nist.gov/vuln/detail/CVE-2018-4263
[ 38 ] CVE-2018-4264
https://nvd.nist.gov/vuln/detail/CVE-2018-4264
[ 39 ] CVE-2018-4265
https://nvd.nist.gov/vuln/detail/CVE-2018-4265
[ 40 ] CVE-2018-4266
https://nvd.nist.gov/vuln/detail/CVE-2018-4266
[ 41 ] CVE-2018-4267
https://nvd.nist.gov/vuln/detail/CVE-2018-4267
[ 42 ] CVE-2018-4270
https://nvd.nist.gov/vuln/detail/CVE-2018-4270
[ 43 ] CVE-2018-4272
https://nvd.nist.gov/vuln/detail/CVE-2018-4272
[ 44 ] CVE-2018-4273
https://nvd.nist.gov/vuln/detail/CVE-2018-4273
[ 45 ] CVE-2018-4278
https://nvd.nist.gov/vuln/detail/CVE-2018-4278
[ 46 ] CVE-2018-4284
https://nvd.nist.gov/vuln/detail/CVE-2018-4284
[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003
https://webkitgtk.org/security/WSA-2018-0003.html
[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004
https://webkitgtk.org/security/WSA-2018-0004.html
[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005
https://webkitgtk.org/security/WSA-2018-0005.html
[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006
https://webkitgtk.org/security/WSA-2018-0006.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2018 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-7-9-1 iOS 11.4.1
iOS 11.4.1 is now available and addresses the following:
CFNetwork
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Cookies may unexpectedly persist in Safari
Description: A cookie management issue was addressed with improved
checks.
CVE-2018-4293: an anonymous researcher
Emoji
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing an emoji under certain configurations may lead to
a denial of service
Description: A denial of service issue was addressed with improved
memory handling.
CVE-2018-4290: Patrick Wardle of Digita Security
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory.
CVE-2018-4282: Proteas of Qihoo 360 Nirvan Team
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4280: Brandon Azad
libxpc
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4248: Brandon Azad
LinkPresentation
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs.
CVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may exfiltrate audio data cross-origin
Description: Sound fetched through audio elements may be exfiltrated
cross-origin.
CVE-2018-4278: Jun Kokatsu (@shhnjk)
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A race condition was addressed with additional
validation.
CVE-2018-4266: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs.
CVE-2018-4274: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4270: found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4284: Found by OSS-Fuzz
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4271: found by OSS-Fuzz
CVE-2018-4273: found by OSS-Fuzz
WebKit Page Loading
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com)
Wi-Fi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory corruption issue was addressed with improved
memory handling.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 11.4.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltDyFEpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQ8ecVjteJiCaYqQ/+
LoOw2Hgwr9l7EplQS1O9t9ssVvjaQ25JhxeAkEHhrrLTTpEHNOYhBgPj3XV3DkNT
QR1XDKykgVXq1jAMqy2CzpVvb0bWrhAZte7lwLwTKiSdzWzY99LspMtck0uZXg5y
qoePuHIifMF5oMzRsLq2IDKj7sDJ3mEOjOGizfJ5BRdFOZPKmuTLK/LnafzoqlOY
XAYMj3puFWnlMs1ewTTbup5Oh0totisA7WlpDleG+a/IborfXe89nvUIAEyPH3UF
jbPXGlIrB+aofMmoxgbJ7YDXm+7RZbRShrqS3IIwbuVWlWxi8M6AYvlFCAxKc3In
R3Bum13NIR8ZTfLARmrRos54kzmygazCHK0yIkeKvJW3uSFIOUbBtkKQ8EpE8og9
KzNvxyMd5Le6kCJe8JECl6jrfnY7QrYBIPxowXymfcRyYpnpIidYHUPlej8OZYnT
fH8lWsE09CikZjBLyKmM6NJ4Y24CAmILyJWTmrM+pM9jLN9InWxTr0raY+MiULnI
MZgqDuP+wMKfcGGngOkDnmm84w4RSnwK7bRgVtCWV99rnqZvzDgoYhJXDyXXuPqL
P0HN+TKdCJ7e+C4boqDup2Ojz7YhFXfCwkJ1fHLD+L+Aj46eLbuu9936vGgvAzQI
7aT98URG/GMffZ3Y53yDJZxHDTnFQ5/tOlNBv8LKJDA=
=mzJ2
-----END PGP SIGNATURE-----
. ------------------------------------------------------------------------
WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0006
------------------------------------------------------------------------
Date reported : August 07, 2018
Advisory ID : WSA-2018-0006
WebKitGTK+ Advisory URL :
https://webkitgtk.org/security/WSA-2018-0006.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2018-0006.html
CVE identifiers : CVE-2018-4246, CVE-2018-4261, CVE-2018-4262,
CVE-2018-4263, CVE-2018-4264, CVE-2018-4265,
CVE-2018-4266, CVE-2018-4267, CVE-2018-4270,
CVE-2018-4271, CVE-2018-4272, CVE-2018-4273,
CVE-2018-4278, CVE-2018-4284, CVE-2018-12911.
Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit.
CVE-2018-4246
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.1.
Credit to OSS-Fuzz.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4261
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to Omair working with Trend Micro's Zero Day Initiative.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4262
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to Mateusz Krzywicki working with Trend Micro's Zero Day
Initiative.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4263
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to Arayz working with Trend Micro's Zero Day Initiative.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4264
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-
Year Security Lab.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4265
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to cc working with Trend Micro's Zero Day Initiative.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4266
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to OSS-Fuzz.
A malicious website may be able to cause a denial of service. A race
condition was addressed with additional validation.
CVE-2018-4267
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to Arayz of Pangu team working with Trend Micro's Zero Day
Initiative.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4270
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to OSS-Fuzz.
Processing maliciously crafted web content may lead to an unexpected
application crash.
CVE-2018-4271
Versions affected: WebKitGTK+ before 2.20.2.
Credit to OSS-Fuzz.
Processing maliciously crafted web content may lead to an unexpected
application crash.
CVE-2018-4272
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to OSS-Fuzz.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4273
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to OSS-Fuzz.
Processing maliciously crafted web content may lead to an unexpected
application crash.
CVE-2018-4278
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to Jun Kokatsu (@shhnjk).
A malicious website may exfiltrate audio data cross-origin.
CVE-2018-4284
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to OSS-Fuzz.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-12911
Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before
2.20.2.
Credit to Yu Haiwan.
Processing maliciously crafted web content may lead to arbitrary
code execution.
We recommend updating to the latest stable versions of WebKitGTK+ and
WPE WebKit. It is the best way to ensure that you are running safe
versions of WebKit. Please check our websites for information about the
latest stable releases.
Further information about WebKitGTK+ and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK+ and WPE WebKit team,
August 07, 2018
.
CVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com)
Installation note:
Safari 11.1.2 may be obtained from the Mac App Store. ==========================================================================
Ubuntu Security Notice USN-3743-1
August 16, 2018
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libjavascriptcoregtk-4.0-18 2.20.5-0ubuntu0.18.04.1
libwebkit2gtk-4.0-37 2.20.5-0ubuntu0.18.04.1
Ubuntu 16.04 LTS:
libjavascriptcoregtk-4.0-18 2.20.5-0ubuntu0.16.04.1
libwebkit2gtk-4.0-37 2.20.5-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3743-1
CVE-2018-12911, CVE-2018-4246, CVE-2018-4261, CVE-2018-4262,
CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266,
CVE-2018-4267, CVE-2018-4270, CVE-2018-4272, CVE-2018-4273,
CVE-2018-4278, CVE-2018-4284
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.5-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.5-0ubuntu0.16.04.1
|
|
var-201903-0423
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Sandbox avoidance * Arbitrary code execution * Privilege escalation * information leak * Information falsification * Service operation interruption (DoS) * Arbitrary script execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of RenderBlockFlow objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. WebKit is prone to the following multiple security vulnerabilities:
1. Multiple remote code-execution vulnerabilities
2. A cross-site scripting vulnerability
3. Multiple memory corruption vulnerabilities
Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. tvOS is a smart TV operating system. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 12.1.3; tvOS prior to 12.1.2; Safari prior to 12.0.3; Windows-based iCloud prior to 7.10. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-1-22-4 tvOS 12.1.2
tvOS 12.1.2 is now available and addresses the following:
AppleKeyStore
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-6235: Brandon Azad
CoreAnimation
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team
CoreAnimation
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan
Team
FaceTime
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2019-6224: Natalie Silvanovich of Google Project Zero
IOKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to break out of its
sandbox
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2019-6214: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to elevate privileges
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-6225: Brandon Azad of Google Project Zero, Qixun Zhao of
Qihoo 360 Vulcan Team
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-6210: Ned Williamson of Google
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may cause unexpected changes in
memory shared between processes
Description: A memory corruption issue was addressed with improved
lock state checking.
CVE-2019-6205: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-6213: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to determine kernel
memory layout
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory.
CVE-2019-6209: Brandon Azad of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may cause unexpected changes in
memory shared between processes
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2019-6208: Jann Horn of Google Project Zero
libxpc
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-6218: Ian Beer of Google Project Zero
SQLite
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-6212: an anonymous researcher, Wen Xu of SSLab at Georgia
Tech
CVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day
Initiative
CVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day
Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan
Team
CVE-2019-6226: Apple
Additional recognition
mDNSResponder
We would like to acknowledge Fatemah Alharbi of University of
California, Riverside (UCR) and Taibah University (TU), Feng Qian of
University of Minnesota - Twin City, Jie Chang of LinkSure Network,
Nael Abu-Ghazaleh of University of California, Riverside (UCR),
Yuchen Zhou of Northeastern University, and Zhiyun Qian of University
of California, Riverside (UCR) for their assistance.
WebKit
We would like to acknowledge James Lee (@Windowsrcer) of Kryptos
Logic for their assistance.
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlxHSSgpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3H22Q/+
PKUpdAiTuY9INzQcN53qh0p0MKPEjbBmMfEeN7jB1yKoO9e7JSMHpVt5znw106Rp
AJEzEsCYspVnAo7aWwcNygGamgNo8J/PJCGso4+drltefWa6XcInsTJ9iIk/sZCV
iHgqz0qYZFSziaL0KecMjNK35CSTJQ/qnVv5fkRXOazRpFB0Zcp3ZINb72l5zPND
CI2HkJMtGCbrUnN8OJvdFWLo7uXGIQEC3c4dlx/x8m/UtkO3Jsro1qOqTdLEKvaG
6Atj3cFVOnd/SM4geleBOe536hHPsgwTtctkNlKk8JE8CryjEarR+vpb6yRAt1Wx
U0ykaXiRPyqadHhoOjtiSIpGZstOZ3lG0VLykhDAj/J2Mu5rwiFjdM4G0wRV0DE/
jVH/NxzoMRM+226T33bY2fM8SwtTsRw0gZyytZG2iIw1xT44ajvN6KTiR+M74h+J
yYXw357yMvtOwhdnQ/Npk04OCiHvYr+Rr4spSSyJG6FkBINGL2uIx2p4GgxRFzjV
akGElyRXa6WyKbILktAQz/JF6TGQvhhqBxjOmdF04Vs1gOA9h3sM64PsJlSVhx8A
Nhvh9DjFMdBVd5es0sfCqtksWFETGnwi2kNhPc6AHAKlkgGntbR6Krc98JnxkTT+
buDgLRHED0aOFpnXiQ0lADYKLrHQoQFiM1btKUoHM94=ouaJ
-----END PGP SIGNATURE-----
.
Installation note:
Safari 12.0.3 may be obtained from the Mac App Store. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201903-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 14, 2019
Bugs: #672108, #674702, #678334
ID: 201903-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in the arbitrary execution of code.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.22.6 >= 2.22.6
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.22.6"
References
==========
[ 1 ] CVE-2019-6212
https://nvd.nist.gov/vuln/detail/CVE-2019-6212
[ 2 ] CVE-2019-6215
https://nvd.nist.gov/vuln/detail/CVE-2019-6215
[ 3 ] CVE-2019-6216
https://nvd.nist.gov/vuln/detail/CVE-2019-6216
[ 4 ] CVE-2019-6217
https://nvd.nist.gov/vuln/detail/CVE-2019-6217
[ 5 ] CVE-2019-6226
https://nvd.nist.gov/vuln/detail/CVE-2019-6226
[ 6 ] CVE-2019-6227
https://nvd.nist.gov/vuln/detail/CVE-2019-6227
[ 7 ] CVE-2019-6229
https://nvd.nist.gov/vuln/detail/CVE-2019-6229
[ 8 ] CVE-2019-6233
https://nvd.nist.gov/vuln/detail/CVE-2019-6233
[ 9 ] CVE-2019-6234
https://nvd.nist.gov/vuln/detail/CVE-2019-6234
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201903-12
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2019 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ------------------------------------------------------------------------
WebKitGTK+ and WPE WebKit Security Advisory WSA-2019-0001
------------------------------------------------------------------------
Date reported : February 08, 2019
Advisory ID : WSA-2019-0001
WebKitGTK+ Advisory URL :
https://webkitgtk.org/security/WSA-2019-0001.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2019-0001.html
CVE identifiers : CVE-2019-6212, CVE-2019-6215, CVE-2019-6216,
CVE-2019-6217, CVE-2019-6226, CVE-2019-6227,
CVE-2019-6229, CVE-2019-6233, CVE-2019-6234.
CVE-2019-6212
Versions affected: WebKitGTK+ before 2.22.6 and WPE WebKit before
2.22.4.
Credit to an anonymous researcher.
CVE-2019-6215
Versions affected: WebKitGTK+ before 2.22.6 and WPE WebKit before
2.22.4.
Credit to Lokihardt of Google Project Zero.
CVE-2019-6216
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Credit to Fluoroacetate working with Trend Micro's Zero Day
Initiative.
CVE-2019-6217
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Credit to Fluoroacetate working with Trend Micro's Zero Day
Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan
Team.
CVE-2019-6226
Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0.
Credit to Apple.
CVE-2019-6227
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Credit to Qixun Zhao of Qihoo 360 Vulcan Team.
CVE-2019-6229
Versions affected: WebKitGTK+ before 2.22.5 and WPE WebKit before
2.22.3.
Credit to Ryan Pickren.
CVE-2019-6233
Versions affected: WebKitGTK+ before 2.22.4 and WPE WebKit before
2.22.2.
Credit to G. Geshev from MWR Labs working with Trend Micro's Zero
Day Initiative.
CVE-2019-6234
Versions affected: WebKitGTK+ before 2.22.4 and WPE WebKit before
2.22.2.
Credit to G. Geshev from MWR Labs working with Trend Micro's Zero
Day Initiative.
We recommend updating to the latest stable versions of WebKitGTK+ and
WPE WebKit. It is the best way to ensure that you are running safe
versions of WebKit. Please check our websites for information about the
latest stable releases.
The WebKitGTK+ and WPE WebKit team,
February 08, 2019
|
|
var-201304-0373
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (DoS) An attack may be carried out. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
This issue affects the 'Deployment' sub-component.
This vulnerability affects the following supported versions:
7 Update 17 , 6 Update 43. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03809278
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03809278
Version: 1
HPSBUX02889 SSRT101252 rev.1 - HP-UX Running Java, Remote Unauthorized
Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2013-07-01
Last Updated: 2013-07-01
Potential Security Impact: Remote unauthorized access, disclosure of
information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in the Java Runtime
Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These
vulnerabilities could allow remote unauthorized access, disclosure of
information, and other exploits.
HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.18 and
earlier.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2013-0401 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-1491 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-1518 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-1537 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-1540 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2013-1557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-1558 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-1563 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2013-1569 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-2383 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-2384 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-2394 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2013-2417 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2013-2418 (AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.6
CVE-2013-2419 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2013-2420 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-2422 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-2424 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2013-2429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2013-2430 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2013-2432 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-2433 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2013-2434 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-2435 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2013-2439 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9
CVE-2013-2440 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these
vulnerabilities.
The upgrade is available from the following location
http://www.hp.com/java
OS Version
Release Version
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.19 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0 update to Java v6.0.19 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
===========
Jdk60.JDK60-COM
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
Jre60.JRE60-COM
Jre60.JRE60-COM-DOC
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
action: install revision 1.6.0.19.00 or subsequent
HP-UX B.11.23
HP-UX B.11.31
===========
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
action: install revision 1.6.0.19.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 1 July 2013 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits;damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: January 27, 2014
Bugs: #404071, #421073, #433094, #438706, #451206, #455174,
#458444, #460360, #466212, #473830, #473980, #488210, #498148
ID: 201401-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable!
2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 *
3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable!
4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 *
5 app-emulation/emul-linux-x86-java
< 1.7.0.51 >= 1.7.0.51 *
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
5 affected packages
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation. Please review the CVE identifiers referenced below for
details.
Impact
======
An unauthenticated, remote attacker could exploit these vulnerabilities
to execute arbitrary code.
Furthermore, a local or remote attacker could exploit these
vulnerabilities to cause unspecified impact, possibly including remote
execution of arbitrary code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the
latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one
of the newer Oracle packages like dev-java/oracle-jdk-bin or
dev-java/oracle-jre-bin or choose another alternative we provide; eg.
the IBM JDK/JRE or the open source IcedTea.
References
==========
[ 1 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 2 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 3 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 4 ] CVE-2012-0498
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498
[ 5 ] CVE-2012-0499
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499
[ 6 ] CVE-2012-0500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500
[ 7 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 8 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 9 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 10 ] CVE-2012-0504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504
[ 11 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 12 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 13 ] CVE-2012-0507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507
[ 14 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 15 ] CVE-2012-1531
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531
[ 16 ] CVE-2012-1532
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532
[ 17 ] CVE-2012-1533
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533
[ 18 ] CVE-2012-1541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541
[ 19 ] CVE-2012-1682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682
[ 20 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 21 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 22 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 23 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 24 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 25 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 26 ] CVE-2012-1721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721
[ 27 ] CVE-2012-1722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722
[ 28 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 29 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 30 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 31 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 32 ] CVE-2012-3136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136
[ 33 ] CVE-2012-3143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143
[ 34 ] CVE-2012-3159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159
[ 35 ] CVE-2012-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174
[ 36 ] CVE-2012-3213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213
[ 37 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 38 ] CVE-2012-3342
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342
[ 39 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 40 ] CVE-2012-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681
[ 41 ] CVE-2012-5067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067
[ 42 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 43 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 44 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 45 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 46 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 47 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 48 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 49 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 50 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 51 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 52 ] CVE-2012-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079
[ 53 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 54 ] CVE-2012-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083
[ 55 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 56 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 57 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 58 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 59 ] CVE-2012-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088
[ 60 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 61 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 62 ] CVE-2013-0351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351
[ 63 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 64 ] CVE-2013-0402
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402
[ 65 ] CVE-2013-0409
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409
[ 66 ] CVE-2013-0419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419
[ 67 ] CVE-2013-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422
[ 68 ] CVE-2013-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423
[ 69 ] CVE-2013-0430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430
[ 70 ] CVE-2013-0437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437
[ 71 ] CVE-2013-0438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438
[ 72 ] CVE-2013-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445
[ 73 ] CVE-2013-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446
[ 74 ] CVE-2013-0448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448
[ 75 ] CVE-2013-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449
[ 76 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 77 ] CVE-2013-1473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473
[ 78 ] CVE-2013-1479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479
[ 79 ] CVE-2013-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481
[ 80 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 81 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 82 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 83 ] CVE-2013-1487
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487
[ 84 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 85 ] CVE-2013-1491
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491
[ 86 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 87 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 88 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 89 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 90 ] CVE-2013-1540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540
[ 91 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 92 ] CVE-2013-1558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558
[ 93 ] CVE-2013-1561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561
[ 94 ] CVE-2013-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563
[ 95 ] CVE-2013-1564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564
[ 96 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 97 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 98 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 99 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 100 ] CVE-2013-2394
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394
[ 101 ] CVE-2013-2400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400
[ 102 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 103 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 104 ] CVE-2013-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414
[ 105 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 106 ] CVE-2013-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416
[ 107 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 108 ] CVE-2013-2418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418
[ 109 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 110 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 111 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 112 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 113 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 114 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 115 ] CVE-2013-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425
[ 116 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 117 ] CVE-2013-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427
[ 118 ] CVE-2013-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428
[ 119 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 120 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 121 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 122 ] CVE-2013-2432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432
[ 123 ] CVE-2013-2433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433
[ 124 ] CVE-2013-2434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434
[ 125 ] CVE-2013-2435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435
[ 126 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 127 ] CVE-2013-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437
[ 128 ] CVE-2013-2438
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438
[ 129 ] CVE-2013-2439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439
[ 130 ] CVE-2013-2440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440
[ 131 ] CVE-2013-2442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442
[ 132 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 133 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 134 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 135 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 136 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 137 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 138 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 139 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 140 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 141 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 142 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 143 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 144 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 145 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 146 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 147 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 148 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 149 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 150 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 151 ] CVE-2013-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462
[ 152 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 153 ] CVE-2013-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464
[ 154 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 155 ] CVE-2013-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466
[ 156 ] CVE-2013-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467
[ 157 ] CVE-2013-2468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468
[ 158 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 159 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 160 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 161 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 162 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 163 ] CVE-2013-3743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743
[ 164 ] CVE-2013-3744
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744
[ 165 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 166 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 167 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 168 ] CVE-2013-5775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775
[ 169 ] CVE-2013-5776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776
[ 170 ] CVE-2013-5777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777
[ 171 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 172 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 173 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 174 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 175 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 176 ] CVE-2013-5787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787
[ 177 ] CVE-2013-5788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788
[ 178 ] CVE-2013-5789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789
[ 179 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 180 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 181 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 182 ] CVE-2013-5801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801
[ 183 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 184 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 185 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 186 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 187 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 188 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 189 ] CVE-2013-5810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810
[ 190 ] CVE-2013-5812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812
[ 191 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 192 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 193 ] CVE-2013-5818
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818
[ 194 ] CVE-2013-5819
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819
[ 195 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 196 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 197 ] CVE-2013-5824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824
[ 198 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 199 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 200 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 201 ] CVE-2013-5831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831
[ 202 ] CVE-2013-5832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832
[ 203 ] CVE-2013-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838
[ 204 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 205 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 206 ] CVE-2013-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843
[ 207 ] CVE-2013-5844
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844
[ 208 ] CVE-2013-5846
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846
[ 209 ] CVE-2013-5848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848
[ 210 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 211 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 212 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 213 ] CVE-2013-5852
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852
[ 214 ] CVE-2013-5854
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854
[ 215 ] CVE-2013-5870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870
[ 216 ] CVE-2013-5878
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878
[ 217 ] CVE-2013-5887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887
[ 218 ] CVE-2013-5888
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888
[ 219 ] CVE-2013-5889
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889
[ 220 ] CVE-2013-5893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893
[ 221 ] CVE-2013-5895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895
[ 222 ] CVE-2013-5896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896
[ 223 ] CVE-2013-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898
[ 224 ] CVE-2013-5899
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899
[ 225 ] CVE-2013-5902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902
[ 226 ] CVE-2013-5904
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904
[ 227 ] CVE-2013-5905
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905
[ 228 ] CVE-2013-5906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906
[ 229 ] CVE-2013-5907
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907
[ 230 ] CVE-2013-5910
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910
[ 231 ] CVE-2014-0368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368
[ 232 ] CVE-2014-0373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373
[ 233 ] CVE-2014-0375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375
[ 234 ] CVE-2014-0376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376
[ 235 ] CVE-2014-0382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382
[ 236 ] CVE-2014-0385
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385
[ 237 ] CVE-2014-0387
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387
[ 238 ] CVE-2014-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403
[ 239 ] CVE-2014-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408
[ 240 ] CVE-2014-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410
[ 241 ] CVE-2014-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411
[ 242 ] CVE-2014-0415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415
[ 243 ] CVE-2014-0416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416
[ 244 ] CVE-2014-0417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417
[ 245 ] CVE-2014-0418
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418
[ 246 ] CVE-2014-0422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422
[ 247 ] CVE-2014-0423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423
[ 248 ] CVE-2014-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424
[ 249 ] CVE-2014-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-oracle security update
Advisory ID: RHSA-2013:0757-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0757.html
Issue date: 2013-04-18
CVE Names: CVE-2013-0401 CVE-2013-0402 CVE-2013-1488
CVE-2013-1491 CVE-2013-1518 CVE-2013-1537
CVE-2013-1540 CVE-2013-1557 CVE-2013-1558
CVE-2013-1561 CVE-2013-1563 CVE-2013-1564
CVE-2013-1569 CVE-2013-2383 CVE-2013-2384
CVE-2013-2394 CVE-2013-2414 CVE-2013-2415
CVE-2013-2416 CVE-2013-2417 CVE-2013-2418
CVE-2013-2419 CVE-2013-2420 CVE-2013-2421
CVE-2013-2422 CVE-2013-2423 CVE-2013-2424
CVE-2013-2425 CVE-2013-2426 CVE-2013-2427
CVE-2013-2428 CVE-2013-2429 CVE-2013-2430
CVE-2013-2431 CVE-2013-2432 CVE-2013-2433
CVE-2013-2434 CVE-2013-2435 CVE-2013-2436
CVE-2013-2438 CVE-2013-2439 CVE-2013-2440
=====================================================================
1. Summary:
Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2013-0401, CVE-2013-0402, CVE-2013-1488, CVE-2013-1491, CVE-2013-1518,
CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561,
CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2394, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417,
CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422,
CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427,
CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432,
CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438,
CVE-2013-2439, CVE-2013-2440)
All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 21 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
920245 - CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, 8009305, AWT)
920246 - CVE-2013-0402 Oracle JDK: unspecified JavaFX buffer overflow leading to JVM compromise (CanSecWest 2013, JavaFX)
920247 - CVE-2013-1488 OpenJDK: unspecified sanbox bypass (CanSecWest 2013, Libraries)
920248 - CVE-2013-1491 Oracle JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)
952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)
952389 - CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)
952398 - CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)
952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)
952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)
952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)
952550 - CVE-2013-2436 OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)
952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)
952640 - CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)
952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)
952645 - CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)
952646 - CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673)
952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
952649 - CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)
952653 - CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)
952656 - CVE-2013-2419 OpenJDK: font processing errors (2D, 8001031)
952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)
952708 - CVE-2013-2383 OpenJDK: font layout and glyph table errors (2D, 8004986)
952709 - CVE-2013-2384 OpenJDK: font layout and glyph table errors (2D, 8004987)
952711 - CVE-2013-1569 OpenJDK: font layout and glyph table errors (2D, 8004994)
953135 - Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)
953166 - CVE-2013-1540 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953172 - CVE-2013-1563 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
953265 - CVE-2013-2394 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
953266 - CVE-2013-2416 Oracle JDK: unspecified vulnerability fixed in 7u21 (Deployment)
953267 - CVE-2013-2418 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953268 - CVE-2013-2425 Oracle JDK: unspecified vulnerability fixed in 7u21 (Install)
953269 - CVE-2013-2432 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
953270 - CVE-2013-2433 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953272 - CVE-2013-2434 Oracle JDK: unspecified vulnerability fixed in 7u21 (2D)
953273 - CVE-2013-2435 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953274 - CVE-2013-2439 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
953275 - CVE-2013-2440 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.i386.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.i386.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.i386.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-0401.html
https://www.redhat.com/security/data/cve/CVE-2013-0402.html
https://www.redhat.com/security/data/cve/CVE-2013-1488.html
https://www.redhat.com/security/data/cve/CVE-2013-1491.html
https://www.redhat.com/security/data/cve/CVE-2013-1518.html
https://www.redhat.com/security/data/cve/CVE-2013-1537.html
https://www.redhat.com/security/data/cve/CVE-2013-1540.html
https://www.redhat.com/security/data/cve/CVE-2013-1557.html
https://www.redhat.com/security/data/cve/CVE-2013-1558.html
https://www.redhat.com/security/data/cve/CVE-2013-1561.html
https://www.redhat.com/security/data/cve/CVE-2013-1563.html
https://www.redhat.com/security/data/cve/CVE-2013-1564.html
https://www.redhat.com/security/data/cve/CVE-2013-1569.html
https://www.redhat.com/security/data/cve/CVE-2013-2383.html
https://www.redhat.com/security/data/cve/CVE-2013-2384.html
https://www.redhat.com/security/data/cve/CVE-2013-2394.html
https://www.redhat.com/security/data/cve/CVE-2013-2414.html
https://www.redhat.com/security/data/cve/CVE-2013-2415.html
https://www.redhat.com/security/data/cve/CVE-2013-2416.html
https://www.redhat.com/security/data/cve/CVE-2013-2417.html
https://www.redhat.com/security/data/cve/CVE-2013-2418.html
https://www.redhat.com/security/data/cve/CVE-2013-2419.html
https://www.redhat.com/security/data/cve/CVE-2013-2420.html
https://www.redhat.com/security/data/cve/CVE-2013-2421.html
https://www.redhat.com/security/data/cve/CVE-2013-2422.html
https://www.redhat.com/security/data/cve/CVE-2013-2423.html
https://www.redhat.com/security/data/cve/CVE-2013-2424.html
https://www.redhat.com/security/data/cve/CVE-2013-2425.html
https://www.redhat.com/security/data/cve/CVE-2013-2426.html
https://www.redhat.com/security/data/cve/CVE-2013-2427.html
https://www.redhat.com/security/data/cve/CVE-2013-2428.html
https://www.redhat.com/security/data/cve/CVE-2013-2429.html
https://www.redhat.com/security/data/cve/CVE-2013-2430.html
https://www.redhat.com/security/data/cve/CVE-2013-2431.html
https://www.redhat.com/security/data/cve/CVE-2013-2432.html
https://www.redhat.com/security/data/cve/CVE-2013-2433.html
https://www.redhat.com/security/data/cve/CVE-2013-2434.html
https://www.redhat.com/security/data/cve/CVE-2013-2435.html
https://www.redhat.com/security/data/cve/CVE-2013-2436.html
https://www.redhat.com/security/data/cve/CVE-2013-2438.html
https://www.redhat.com/security/data/cve/CVE-2013-2439.html
https://www.redhat.com/security/data/cve/CVE-2013-2440.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRcDsoXlSAg2UNWIIRAnQRAJkBOGnz8TW8LPB1Ur1msZYNqpYTowCfaOUs
Up+dHVsSUEZZ+ySDcLQZIyU=
=yeWV
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
|
|
var-200701-0061
|
Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long volume name in a DMG disk image, which results in memory corruption. Apple Mac OS X Finder is prone to a memory-corruption vulnerability. This issue occurs when the application fails to handle overly long DMG volume names.
Due to the nature of this issue, an attacker may be able to execute arbitrary machine code in the context of the affected application, but this has not been confirmed. Failed exploit attempts result in memory corruption and a crash of the application, denying service to legitimate users.
Finder 10.4.6 on Mac OS X 10.4.8 X86 is vulnerable to this issue; other versions may also be affected. Remote attackers may use this vulnerability to control the user's machine. If an attacker can trick a user into loading a DMG image with a volume label name larger than 255 bytes, this vulnerability could be triggered, resulting in a denial of service or arbitrary command execution.
----------------------------------------------------------------------
To improve our services to our customers, we have made a number of
additions to the Secunia Advisories and have started translating the
advisories to German.
The improvements will help our customers to get a better
understanding of how we reached our conclusions, how it was rated,
our thoughts on exploitation, attack vectors, and scenarios.
This includes:
* Reason for rating
* Extended description
* Extended solution
* Exploit code or links to exploit code
* Deep links
Read the full description:
http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information:
http://corporate.secunia.com/how_to_buy/15/?r=l
----------------------------------------------------------------------
TITLE:
Mac OS X Mach-O Universal Binary Memory Corruption
SECUNIA ADVISORY ID:
SA23088
VERIFY ADVISORY:
http://secunia.com/advisories/23088/
CRITICAL:
Less critical
IMPACT:
DoS, System access
WHERE:
Local system
OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/
DESCRIPTION:
LMH has reported a vulnerability in Mac OS X, which can be exploited
by malicious, local users to cause a DoS (Denial of Service) or
potentially gain escalated privileges.
The vulnerability is caused due to an error in the fatfile_getarch2()
function. This can be exploited to cause an integer overflow and may
potentially allow execution of arbitrary code with kernel privileges
via a specially crafted Mach-O Universal binary. Other versions may also be affected.
SOLUTION:
Grant only trusted users access to affected systems.
PROVIDED AND/OR DISCOVERED BY:
LMH
ORIGINAL ADVISORY:
http://projects.info-pull.com/mokb/MOKB-26-11-2006.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
|
|
var-200502-0025
|
The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL include der_chop The script contains a flaw that creates a temporary file in an inappropriate way for security reasons, so there is a vulnerability that is subject to symbolic link attacks.der_chop An arbitrary file may be created or overwritten with the privileges of the user executing the script. OpenSSL is affected by an insecure temporary file creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the existence of a file before writing to it.
An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application. Reportedly this issue is unlikely to facilitate privilege escalation. OpenSSL is an open source SSL suite.
----------------------------------------------------------------------
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts.
We will help with relocation and obtaining a work permit.
Currently the following type of positions are available:
http://secunia.com/quality_assurance_analyst/
http://secunia.com/web_application_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
----------------------------------------------------------------------
TITLE:
gzip Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA21996
VERIFY ADVISORY:
http://secunia.com/advisories/21996/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
>From remote
SOFTWARE:
gzip 1.x
http://secunia.com/product/4220/
DESCRIPTION:
Tavis Ormandy has reported some vulnerabilities in gzip, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.
1) A boundary error within the "make_table()" function in unlzh.c can
be used to modify certain stack data. tricking
a user or automated system into unpacking a specially crafted archive
file. tricking a user or
automated system into unpacking a specially crafted "pack" archive
file.
3) A buffer overflow within the "make_table()" function of gzip's LZH
support can be exploited to cause a DoS and potentially to compromise
a vulnerable system by e.g. tricking a user or automated system into
unpacking an archive containing a specially crafted decoding table.
4) A NULL pointer dereference within the "huft_build()" function and
an infinite loop within the LZH handling can be exploited to cause a
DoS by e.g. tricking a user or automated system into unpacking a
specially crafted archive file.
The vulnerabilities have been reported in version 1.3.5. Other
versions may also be affected.
SOLUTION:
Do not unpack untrusted archive files.
PROVIDED AND/OR DISCOVERED BY:
Tavis Ormandy, Google Security Team
ORIGINAL ADVISORY:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
OTHER REFERENCES:
US-CERT VU#554780:
http://www.kb.cert.org/vuls/id/554780
US-CERT VU#381508:
http://www.kb.cert.org/vuls/id/381508
US-CERT VU#773548:
http://www.kb.cert.org/vuls/id/773548
US-CERT VU#933712:
http://www.kb.cert.org/vuls/id/933712
US-CERT VU#596848
http://www.kb.cert.org/vuls/id/596848
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA06-333A
Apple Releases Security Update to Address Multiple Vulnerabilities
Original release date: November 29, 2006
Last revised: --
Source: US-CERT
Systems Affected
* Apple Mac OS X version 10.3.x and 10.4.x
* Apple Mac OS X Server version 10.3.x and 10.4.x
* Apple Safari web browser
These vulnerabilities affect both Intel-based and PowerPC-based Apple
systems.
Overview
Apple has released Security Update 2006-007 to correct multiple
vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web
browser. Vulnerabilities in OpenSSL, gzip, and other products are also
addressed.
I. Description
Apple Security Update 2006-007 addresses a number of vulnerabilities
affecting Mac OS X, OS X Server, Safari web browser, and other
products. Further details are available in the related vulnerability
notes.
This security update also addresses previously known vulnerabilities
in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. The
OpenSSL vulnerabilities are documented in multiple vulnerability
notes. Information is also available through the OpenSSL
vulnerabilities page. Information about the vulnerabilities in gzip is
available in a series of vulnerability notes.
II. Impact
The impacts of these vulnerabilities vary. For specific details, see
the appropriate vulnerability notes. Potential consequences include
remote execution of arbitrary code or commands, bypass of security
restrictions, and denial of service.
III. Solution
Install updates
Install Apple Security Update 2006-007. This and other updates are
available via Apple Update or via Apple Downloads.
IV. References
* Vulnerability Notes for Apple Security Update 2006-007 -
<http://www.kb.cert.org/vuls/byid?searchview&query=apple-2006-007>
* Vulnerability Notes for OpenSSL Security Advisory [28th September
2006] -
<http://www.kb.cert.org/vuls/byid?searchview&query=openssl_secadv_20060928>
* Vulnerability Note VU#845620 -
<http://www.kb.cert.org/vuls/id/845620>
* Vulnerability Note VU#933712 -
<http://www.kb.cert.org/vuls/id/933712>
* Vulnerability Note VU#381508 -
<http://www.kb.cert.org/vuls/id/381508>
* Vulnerability Note VU#554780 -
<http://www.kb.cert.org/vuls/id/554780>
* Vulnerability Note VU#596848 -
<http://www.kb.cert.org/vuls/id/596848>
* Vulnerability Note VU#773548 -
<http://www.kb.cert.org/vuls/id/773548>
* About the security content of Security Update 2006-007 -
<http://docs.info.apple.com/article.html?artnum=304829>
* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>
* Apple Downloads - <http://www.apple.com/support/downloads/>
* OpenSSL: OpenSSL vulnerabilities -
<http://www.openssl.org/news/vulnerabilities.html>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Safari>
_________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA06-333A.html>
_________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-333A Feedback VU#191336" in the
subject.
_________________________________________________________________
Produced 2006 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
_________________________________________________________________
Revision History
November 29, 2006: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6
lJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz
iN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7
xr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf
8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q
A580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg==
=f7N+
-----END PGP SIGNATURE-----
|