Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-0240 (GCVE-0-2014-0240)
Vulnerability from cvelistv5 – Published: 2014-05-27 15:00 – Updated: 2024-08-06 09:05
VLAI?
EPSS
Summary
The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:39.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59551",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59551"
},
{
"name": "67532",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67532"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"name": "RHSA-2014:0789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"name": "60094",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-20T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "59551",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59551"
},
{
"name": "67532",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67532"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"name": "RHSA-2014:0789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"name": "60094",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0240",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59551",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59551"
},
{
"name": "67532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67532"
},
{
"name": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html",
"refsource": "CONFIRM",
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"name": "RHSA-2014:0789",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
},
{
"name": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html",
"refsource": "CONFIRM",
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"name": "60094",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0240",
"datePublished": "2014-05-27T15:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:39.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.4\", \"matchCriteriaId\": \"785170E8-C24B-42E0-8DFD-E25BCBEA3F06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D11F04B8-E47E-448E-B5B0-499A3388DBF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50A93F05-1041-4E7A-B7F3-372828F1D01B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"414E1DA8-8135-4DF0-AB7F-BA54CCBB05DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D070519-30F1-4561-BC4F-06511BED6608\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BCF68C7-84CC-45DB-ACEA-31A624F9A3A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72AFD695-31E2-416F-8D25-25D76B57D935\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28EBA2EA-78FA-458A-A004-E306370D9AF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DB6E106-8C25-4EF5-98DD-95C3A477EBDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E04D69ED-0B61-440B-8AF5-AE1987F8343B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0766F7BB-709D-44C1-A435-9D78D8B65E6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EE398E6-F113-44DB-AE9D-B9FE2B58F2AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA1CCF4D-4874-4474-AB85-8E2B107031BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6D9ECCE-4FF6-483E-A320-D7085BAA9D81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00DCC650-5B04-4A60-B1BE-912798F9969F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA39B24F-EA97-49B5-B40E-830B15C80498\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6D5AA63-BD50-409E-BBD6-3D5340ABF361\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"671BE4C2-1F45-4BBC-B7FB-0AB1DBD57F38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61E348ED-9B13-469E-84DF-1E737C485847\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0131F322-C087-4A78-BC6F-B69EA36A15F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:modwsgi:mod_wsgi:3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"412A2104-C514-41A1-97E9-A0E204371396\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.\"}, {\"lang\": \"es\", \"value\": \"El m\\u00f3dulo mod_wsgi anterior a 3.5 para Apache, cuando modo demonio est\\u00e1 habilitado, no maneja debidamente c\\u00f3digos de error devueltos por setuid cuando se ejecuta en ciertos kernels de Linux, lo que permite a usuarios locales ganar privilegios a trav\\u00e9s de vectores relacionados con el n\\u00famero de procesos en ejecuci\\u00f3n.\"}]",
"id": "CVE-2014-0240",
"lastModified": "2024-11-21T02:01:44.117",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 1.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2014-05-27T14:55:12.197",
"references": "[{\"url\": \"http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0789.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/59551\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/60094\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/05/21/1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/67532\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0789.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/59551\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/60094\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/05/21/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/67532\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2014-0240\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-05-27T14:55:12.197\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.\"},{\"lang\":\"es\",\"value\":\"El m\u00f3dulo mod_wsgi anterior a 3.5 para Apache, cuando modo demonio est\u00e1 habilitado, no maneja debidamente c\u00f3digos de error devueltos por setuid cuando se ejecuta en ciertos kernels de Linux, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores relacionados con el n\u00famero de procesos en ejecuci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":6.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.4\",\"matchCriteriaId\":\"785170E8-C24B-42E0-8DFD-E25BCBEA3F06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D11F04B8-E47E-448E-B5B0-499A3388DBF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50A93F05-1041-4E7A-B7F3-372828F1D01B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"414E1DA8-8135-4DF0-AB7F-BA54CCBB05DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D070519-30F1-4561-BC4F-06511BED6608\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BCF68C7-84CC-45DB-ACEA-31A624F9A3A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72AFD695-31E2-416F-8D25-25D76B57D935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28EBA2EA-78FA-458A-A004-E306370D9AF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DB6E106-8C25-4EF5-98DD-95C3A477EBDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E04D69ED-0B61-440B-8AF5-AE1987F8343B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0766F7BB-709D-44C1-A435-9D78D8B65E6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EE398E6-F113-44DB-AE9D-B9FE2B58F2AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA1CCF4D-4874-4474-AB85-8E2B107031BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6D9ECCE-4FF6-483E-A320-D7085BAA9D81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00DCC650-5B04-4A60-B1BE-912798F9969F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA39B24F-EA97-49B5-B40E-830B15C80498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6D5AA63-BD50-409E-BBD6-3D5340ABF361\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"671BE4C2-1F45-4BBC-B7FB-0AB1DBD57F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E348ED-9B13-469E-84DF-1E737C485847\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0131F322-C087-4A78-BC6F-B69EA36A15F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:modwsgi:mod_wsgi:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"412A2104-C514-41A1-97E9-A0E204371396\"}]}]}],\"references\":[{\"url\":\"http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0789.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/59551\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/60094\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/05/21/1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/67532\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0789.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59551\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60094\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/05/21/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/67532\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
RHSA-2014:0789
Vulnerability from csaf_redhat - Published: 2014-06-25 15:40 - Updated: 2025-11-21 17:48Summary
Red Hat Security Advisory: python27-mod_wsgi and python33-mod_wsgi security update
Notes
Topic
Updated python27-mod_wsgi and python33-mod_wsgi packages that fix one
security issue are now available for Red Hat Software Collections 1.
The Red Hat Security Response Team has rated this update as having
Important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The mod_wsgi adapter is an Apache module that provides a WSGI-compliant
interface for hosting Python-based web applications within Apache.
It was found that mod_wsgi did not properly drop privileges if the call to
setuid() failed. If mod_wsgi was set up to allow unprivileged users to run
WSGI applications, a local user able to run a WSGI application could
possibly use this flaw to escalate their privileges on the system.
(CVE-2014-0240)
Note: mod_wsgi is not intended to provide privilege separation for WSGI
applications. Systems relying on mod_wsgi to limit or sandbox the
privileges of mod_wsgi applications should migrate to a different solution
with proper privilege separation.
Red Hat would like to thank Graham Dumpleton for reporting this issue.
Upstream acknowledges Róbert Kisteleki as the original reporter of this
issue.
All python27-mod_wsgi and python33-mod_wsgi users are advised to upgrade to
these updated packages, which contain a backported patch to correct this
issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated python27-mod_wsgi and python33-mod_wsgi packages that fix one\nsecurity issue are now available for Red Hat Software Collections 1.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The mod_wsgi adapter is an Apache module that provides a WSGI-compliant\ninterface for hosting Python-based web applications within Apache.\n\nIt was found that mod_wsgi did not properly drop privileges if the call to\nsetuid() failed. If mod_wsgi was set up to allow unprivileged users to run\nWSGI applications, a local user able to run a WSGI application could\npossibly use this flaw to escalate their privileges on the system.\n(CVE-2014-0240)\n\nNote: mod_wsgi is not intended to provide privilege separation for WSGI\napplications. Systems relying on mod_wsgi to limit or sandbox the\nprivileges of mod_wsgi applications should migrate to a different solution\nwith proper privilege separation.\n\nRed Hat would like to thank Graham Dumpleton for reporting this issue.\nUpstream acknowledges R\u00f3bert Kisteleki as the original reporter of this\nissue.\n\nAll python27-mod_wsgi and python33-mod_wsgi users are advised to upgrade to\nthese updated packages, which contain a backported patch to correct this\nissue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0789",
"url": "https://access.redhat.com/errata/RHSA-2014:0789"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0789.json"
}
],
"title": "Red Hat Security Advisory: python27-mod_wsgi and python33-mod_wsgi security update",
"tracking": {
"current_release_date": "2025-11-21T17:48:54+00:00",
"generator": {
"date": "2025-11-21T17:48:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2014:0789",
"initial_release_date": "2014-06-25T15:40:16+00:00",
"revision_history": [
{
"date": "2014-06-25T15:40:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-06-25T15:40:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:48:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"product": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"product_id": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi-debuginfo@3.4-14.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"product": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"product_id": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi@3.4-14.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"product": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"product_id": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi@3.4-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"product": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"product_id": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi-debuginfo@3.4-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product_id": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi-debuginfo@3.4-13.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"product": {
"name": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"product_id": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi@3.4-13.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"product": {
"name": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"product_id": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi@3.4-13.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product_id": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi-debuginfo@3.4-13.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python33-mod_wsgi-0:3.4-14.el6.src",
"product": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src",
"product_id": "python33-mod_wsgi-0:3.4-14.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi@3.4-14.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-0:3.4-12.el6.src",
"product": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src",
"product_id": "python27-mod_wsgi-0:3.4-12.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi@3.4-12.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "python33-mod_wsgi-0:3.4-13.el7.src",
"product": {
"name": "python33-mod_wsgi-0:3.4-13.el7.src",
"product_id": "python33-mod_wsgi-0:3.4-13.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi@3.4-13.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-0:3.4-13.el7.src",
"product": {
"name": "python27-mod_wsgi-0:3.4-13.el7.src",
"product_id": "python27-mod_wsgi-0:3.4-13.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi@3.4-13.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-13.el7.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-13.el7.src",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-13.el7.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-13.el7.src",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-13.el7.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-13.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-13.el7.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-13.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Graham Dumpleton"
]
},
{
"names": [
"R\u00f3bert Kisteleki"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-0240",
"cwe": {
"id": "CWE-271",
"name": "Privilege Dropping / Lowering Errors"
},
"discovery_date": "2014-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101863"
}
],
"notes": [
{
"category": "description",
"text": "It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system.\r\n\r\nNote: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_wsgi: possible privilege escalation in setuid() failure scenarios",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0240"
},
{
"category": "external",
"summary": "RHBZ#1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240"
}
],
"release_date": "2014-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-25T15:40:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0789"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mod_wsgi: possible privilege escalation in setuid() failure scenarios"
}
]
}
RHSA-2014_0789
Vulnerability from csaf_redhat - Published: 2014-06-25 15:40 - Updated: 2024-11-14 14:28Summary
Red Hat Security Advisory: python27-mod_wsgi and python33-mod_wsgi security update
Notes
Topic
Updated python27-mod_wsgi and python33-mod_wsgi packages that fix one
security issue are now available for Red Hat Software Collections 1.
The Red Hat Security Response Team has rated this update as having
Important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The mod_wsgi adapter is an Apache module that provides a WSGI-compliant
interface for hosting Python-based web applications within Apache.
It was found that mod_wsgi did not properly drop privileges if the call to
setuid() failed. If mod_wsgi was set up to allow unprivileged users to run
WSGI applications, a local user able to run a WSGI application could
possibly use this flaw to escalate their privileges on the system.
(CVE-2014-0240)
Note: mod_wsgi is not intended to provide privilege separation for WSGI
applications. Systems relying on mod_wsgi to limit or sandbox the
privileges of mod_wsgi applications should migrate to a different solution
with proper privilege separation.
Red Hat would like to thank Graham Dumpleton for reporting this issue.
Upstream acknowledges Róbert Kisteleki as the original reporter of this
issue.
All python27-mod_wsgi and python33-mod_wsgi users are advised to upgrade to
these updated packages, which contain a backported patch to correct this
issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated python27-mod_wsgi and python33-mod_wsgi packages that fix one\nsecurity issue are now available for Red Hat Software Collections 1.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The mod_wsgi adapter is an Apache module that provides a WSGI-compliant\ninterface for hosting Python-based web applications within Apache.\n\nIt was found that mod_wsgi did not properly drop privileges if the call to\nsetuid() failed. If mod_wsgi was set up to allow unprivileged users to run\nWSGI applications, a local user able to run a WSGI application could\npossibly use this flaw to escalate their privileges on the system.\n(CVE-2014-0240)\n\nNote: mod_wsgi is not intended to provide privilege separation for WSGI\napplications. Systems relying on mod_wsgi to limit or sandbox the\nprivileges of mod_wsgi applications should migrate to a different solution\nwith proper privilege separation.\n\nRed Hat would like to thank Graham Dumpleton for reporting this issue.\nUpstream acknowledges R\u00f3bert Kisteleki as the original reporter of this\nissue.\n\nAll python27-mod_wsgi and python33-mod_wsgi users are advised to upgrade to\nthese updated packages, which contain a backported patch to correct this\nissue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0789",
"url": "https://access.redhat.com/errata/RHSA-2014:0789"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0789.json"
}
],
"title": "Red Hat Security Advisory: python27-mod_wsgi and python33-mod_wsgi security update",
"tracking": {
"current_release_date": "2024-11-14T14:28:16+00:00",
"generator": {
"date": "2024-11-14T14:28:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2014:0789",
"initial_release_date": "2014-06-25T15:40:16+00:00",
"revision_history": [
{
"date": "2014-06-25T15:40:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-06-25T15:40:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T14:28:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"product": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"product_id": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi-debuginfo@3.4-14.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"product": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"product_id": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi@3.4-14.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"product": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"product_id": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi@3.4-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"product": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"product_id": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi-debuginfo@3.4-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product_id": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi-debuginfo@3.4-13.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"product": {
"name": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"product_id": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi@3.4-13.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"product": {
"name": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"product_id": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi@3.4-13.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product_id": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi-debuginfo@3.4-13.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python33-mod_wsgi-0:3.4-14.el6.src",
"product": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src",
"product_id": "python33-mod_wsgi-0:3.4-14.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi@3.4-14.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-0:3.4-12.el6.src",
"product": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src",
"product_id": "python27-mod_wsgi-0:3.4-12.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi@3.4-12.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "python33-mod_wsgi-0:3.4-13.el7.src",
"product": {
"name": "python33-mod_wsgi-0:3.4-13.el7.src",
"product_id": "python33-mod_wsgi-0:3.4-13.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python33-mod_wsgi@3.4-13.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-mod_wsgi-0:3.4-13.el7.src",
"product": {
"name": "python27-mod_wsgi-0:3.4-13.el7.src",
"product_id": "python27-mod_wsgi-0:3.4-13.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-mod_wsgi@3.4-13.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3)",
"product_id": "6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4)",
"product_id": "6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1-6.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.src",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-13.el7.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-13.el7.src",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-13.el7.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-13.el7.src",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-13.el7.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src"
},
"product_reference": "python27-mod_wsgi-0:3.4-13.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64"
},
"product_reference": "python27-mod_wsgi-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
},
"product_reference": "python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-13.el7.src as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src"
},
"product_reference": "python33-mod_wsgi-0:3.4-13.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64"
},
"product_reference": "python33-mod_wsgi-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64 as a component of Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
},
"product_reference": "python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-1.1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Graham Dumpleton"
]
},
{
"names": [
"R\u00f3bert Kisteleki"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-0240",
"cwe": {
"id": "CWE-271",
"name": "Privilege Dropping / Lowering Errors"
},
"discovery_date": "2014-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101863"
}
],
"notes": [
{
"category": "description",
"text": "It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system.\r\n\r\nNote: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_wsgi: possible privilege escalation in setuid() failure scenarios",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0240"
},
{
"category": "external",
"summary": "RHBZ#1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240"
}
],
"release_date": "2014-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-25T15:40:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0789"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.3.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1-6.4.Z:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.src",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-12.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.src",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-14.el6.x86_64",
"6Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-14.el6.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Server-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Server-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python27-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.src",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-0:3.4-13.el7.x86_64",
"7Workstation-RHSCL-1.1:python33-mod_wsgi-debuginfo-0:3.4-13.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mod_wsgi: possible privilege escalation in setuid() failure scenarios"
}
]
}
RHSA-2014_1091
Vulnerability from csaf_redhat - Published: 2014-08-25 08:59 - Updated: 2024-11-14 14:30Summary
Red Hat Security Advisory: mod_wsgi security update
Notes
Topic
An updated mod_wsgi package that fixes one security issue is now available
for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The mod_wsgi adapter is an Apache module that provides a WSGI-compliant
interface for hosting Python-based web applications within Apache.
It was found that mod_wsgi did not properly drop privileges if the call to
setuid() failed. If mod_wsgi was set up to allow unprivileged users to run
WSGI applications, a local user able to run a WSGI application could
possibly use this flaw to escalate their privileges on the system.
(CVE-2014-0240)
Note: mod_wsgi is not intended to provide privilege separation for WSGI
applications. Systems relying on mod_wsgi to limit or sandbox the
privileges of mod_wsgi applications should migrate to a different solution
with proper privilege separation.
Red Hat would like to thank Graham Dumpleton for reporting this issue.
Upstream acknowledges Róbert Kisteleki as the original reporter.
All mod_wsgi users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated mod_wsgi package that fixes one security issue is now available\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "The mod_wsgi adapter is an Apache module that provides a WSGI-compliant\ninterface for hosting Python-based web applications within Apache.\n\nIt was found that mod_wsgi did not properly drop privileges if the call to\nsetuid() failed. If mod_wsgi was set up to allow unprivileged users to run\nWSGI applications, a local user able to run a WSGI application could\npossibly use this flaw to escalate their privileges on the system.\n(CVE-2014-0240)\n\nNote: mod_wsgi is not intended to provide privilege separation for WSGI\napplications. Systems relying on mod_wsgi to limit or sandbox the\nprivileges of mod_wsgi applications should migrate to a different solution\nwith proper privilege separation.\n\nRed Hat would like to thank Graham Dumpleton for reporting this issue.\nUpstream acknowledges R\u00f3bert Kisteleki as the original reporter.\n\nAll mod_wsgi users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:1091",
"url": "https://access.redhat.com/errata/RHSA-2014:1091"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1091.json"
}
],
"title": "Red Hat Security Advisory: mod_wsgi security update",
"tracking": {
"current_release_date": "2024-11-14T14:30:17+00:00",
"generator": {
"date": "2024-11-14T14:30:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2014:1091",
"initial_release_date": "2014-08-25T08:59:36+00:00",
"revision_history": [
{
"date": "2014-08-25T08:59:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-08-25T08:59:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T14:30:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"product": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"product_id": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.4-12.el7_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"product": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"product_id": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.4-12.el7_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.4-12.el7_0.src",
"product": {
"name": "mod_wsgi-0:3.4-12.el7_0.src",
"product_id": "mod_wsgi-0:3.4-12.el7_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.4-12.el7_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.4-12.el7_0.s390x",
"product": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x",
"product_id": "mod_wsgi-0:3.4-12.el7_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.4-12.el7_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"product": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"product_id": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.4-12.el7_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"product": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"product_id": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.4-12.el7_0?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"product": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"product_id": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.4-12.el7_0?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.src",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.src",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.src",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.src",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Workstation-7.0.Z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Graham Dumpleton"
]
},
{
"names": [
"R\u00f3bert Kisteleki"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-0240",
"cwe": {
"id": "CWE-271",
"name": "Privilege Dropping / Lowering Errors"
},
"discovery_date": "2014-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101863"
}
],
"notes": [
{
"category": "description",
"text": "It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system.\r\n\r\nNote: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_wsgi: possible privilege escalation in setuid() failure scenarios",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0240"
},
{
"category": "external",
"summary": "RHBZ#1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240"
}
],
"release_date": "2014-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-08-25T08:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1091"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mod_wsgi: possible privilege escalation in setuid() failure scenarios"
}
]
}
RHSA-2014:0788
Vulnerability from csaf_redhat - Published: 2014-06-25 15:40 - Updated: 2025-11-21 17:48Summary
Red Hat Security Advisory: mod_wsgi security update
Notes
Topic
An updated mod_wsgi package that fixes two security issues is now available
for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
The mod_wsgi adapter is an Apache module that provides a WSGI-compliant
interface for hosting Python-based web applications within Apache.
It was found that mod_wsgi did not properly drop privileges if the call to
setuid() failed. If mod_wsgi was set up to allow unprivileged users to run
WSGI applications, a local user able to run a WSGI application could
possibly use this flaw to escalate their privileges on the system.
(CVE-2014-0240)
Note: mod_wsgi is not intended to provide privilege separation for WSGI
applications. Systems relying on mod_wsgi to limit or sandbox the
privileges of mod_wsgi applications should migrate to a different solution
with proper privilege separation.
It was discovered that mod_wsgi could leak memory of a hosted web
application via the "Content-Type" header. A remote attacker could possibly
use this flaw to disclose limited portions of the web application's memory.
(CVE-2014-0242)
Red Hat would like to thank Graham Dumpleton for reporting these issues.
Upstream acknowledges Róbert Kisteleki as the original reporter of
CVE-2014-0240, and Buck Golemon as the original reporter of CVE-2014-0242.
All mod_wsgi users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated mod_wsgi package that fixes two security issues is now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The mod_wsgi adapter is an Apache module that provides a WSGI-compliant\ninterface for hosting Python-based web applications within Apache.\n\nIt was found that mod_wsgi did not properly drop privileges if the call to\nsetuid() failed. If mod_wsgi was set up to allow unprivileged users to run\nWSGI applications, a local user able to run a WSGI application could\npossibly use this flaw to escalate their privileges on the system.\n(CVE-2014-0240)\n\nNote: mod_wsgi is not intended to provide privilege separation for WSGI\napplications. Systems relying on mod_wsgi to limit or sandbox the\nprivileges of mod_wsgi applications should migrate to a different solution\nwith proper privilege separation.\n\nIt was discovered that mod_wsgi could leak memory of a hosted web\napplication via the \"Content-Type\" header. A remote attacker could possibly\nuse this flaw to disclose limited portions of the web application\u0027s memory.\n(CVE-2014-0242)\n\nRed Hat would like to thank Graham Dumpleton for reporting these issues.\nUpstream acknowledges R\u00f3bert Kisteleki as the original reporter of\nCVE-2014-0240, and Buck Golemon as the original reporter of CVE-2014-0242.\n\nAll mod_wsgi users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0788",
"url": "https://access.redhat.com/errata/RHSA-2014:0788"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "external",
"summary": "1101873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101873"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0788.json"
}
],
"title": "Red Hat Security Advisory: mod_wsgi security update",
"tracking": {
"current_release_date": "2025-11-21T17:48:57+00:00",
"generator": {
"date": "2025-11-21T17:48:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2014:0788",
"initial_release_date": "2014-06-25T15:40:36+00:00",
"revision_history": [
{
"date": "2014-06-25T15:40:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-06-25T15:40:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:48:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"product_id": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"product": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"product_id": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.2-6.el6_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.i686",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686",
"product_id": "mod_wsgi-0:3.2-6.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"product": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"product_id": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.2-6.el6_5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.src",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.src",
"product_id": "mod_wsgi-0:3.2-6.el6_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"product_id": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"product": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"product_id": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.2-6.el6_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.s390x",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x",
"product_id": "mod_wsgi-0:3.2-6.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"product": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"product_id": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.2-6.el6_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.src",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.src",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.src",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Graham Dumpleton"
]
},
{
"names": [
"R\u00f3bert Kisteleki"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-0240",
"cwe": {
"id": "CWE-271",
"name": "Privilege Dropping / Lowering Errors"
},
"discovery_date": "2014-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101863"
}
],
"notes": [
{
"category": "description",
"text": "It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system.\r\n\r\nNote: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_wsgi: possible privilege escalation in setuid() failure scenarios",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0240"
},
{
"category": "external",
"summary": "RHBZ#1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240"
}
],
"release_date": "2014-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-25T15:40:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0788"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mod_wsgi: possible privilege escalation in setuid() failure scenarios"
},
{
"cve": "CVE-2014-0242",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2014-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101873"
}
],
"notes": [
{
"category": "description",
"text": "mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_wsgi: information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Update Infrastructure 2.1.3 is now in Production 2 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Update Infrastructure Life Cycle: https://access.redhat.com/support/policy/updates/rhui.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0242"
},
{
"category": "external",
"summary": "RHBZ#1101873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101873"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0242"
}
],
"release_date": "2014-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-25T15:40:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0788"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mod_wsgi: information leak"
}
]
}
RHSA-2014:1091
Vulnerability from csaf_redhat - Published: 2014-08-25 08:59 - Updated: 2025-11-21 17:49Summary
Red Hat Security Advisory: mod_wsgi security update
Notes
Topic
An updated mod_wsgi package that fixes one security issue is now available
for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The mod_wsgi adapter is an Apache module that provides a WSGI-compliant
interface for hosting Python-based web applications within Apache.
It was found that mod_wsgi did not properly drop privileges if the call to
setuid() failed. If mod_wsgi was set up to allow unprivileged users to run
WSGI applications, a local user able to run a WSGI application could
possibly use this flaw to escalate their privileges on the system.
(CVE-2014-0240)
Note: mod_wsgi is not intended to provide privilege separation for WSGI
applications. Systems relying on mod_wsgi to limit or sandbox the
privileges of mod_wsgi applications should migrate to a different solution
with proper privilege separation.
Red Hat would like to thank Graham Dumpleton for reporting this issue.
Upstream acknowledges Róbert Kisteleki as the original reporter.
All mod_wsgi users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated mod_wsgi package that fixes one security issue is now available\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "The mod_wsgi adapter is an Apache module that provides a WSGI-compliant\ninterface for hosting Python-based web applications within Apache.\n\nIt was found that mod_wsgi did not properly drop privileges if the call to\nsetuid() failed. If mod_wsgi was set up to allow unprivileged users to run\nWSGI applications, a local user able to run a WSGI application could\npossibly use this flaw to escalate their privileges on the system.\n(CVE-2014-0240)\n\nNote: mod_wsgi is not intended to provide privilege separation for WSGI\napplications. Systems relying on mod_wsgi to limit or sandbox the\nprivileges of mod_wsgi applications should migrate to a different solution\nwith proper privilege separation.\n\nRed Hat would like to thank Graham Dumpleton for reporting this issue.\nUpstream acknowledges R\u00f3bert Kisteleki as the original reporter.\n\nAll mod_wsgi users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:1091",
"url": "https://access.redhat.com/errata/RHSA-2014:1091"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1091.json"
}
],
"title": "Red Hat Security Advisory: mod_wsgi security update",
"tracking": {
"current_release_date": "2025-11-21T17:49:43+00:00",
"generator": {
"date": "2025-11-21T17:49:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2014:1091",
"initial_release_date": "2014-08-25T08:59:36+00:00",
"revision_history": [
{
"date": "2014-08-25T08:59:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-08-25T08:59:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:49:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"product": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"product_id": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.4-12.el7_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"product": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"product_id": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.4-12.el7_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.4-12.el7_0.src",
"product": {
"name": "mod_wsgi-0:3.4-12.el7_0.src",
"product_id": "mod_wsgi-0:3.4-12.el7_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.4-12.el7_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.4-12.el7_0.s390x",
"product": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x",
"product_id": "mod_wsgi-0:3.4-12.el7_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.4-12.el7_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"product": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"product_id": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.4-12.el7_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"product": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"product_id": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.4-12.el7_0?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"product": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"product_id": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.4-12.el7_0?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.src",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Client-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.src",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.src",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Server-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.src",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"relates_to_product_reference": "7Workstation-7.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"relates_to_product_reference": "7Workstation-7.0.Z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Graham Dumpleton"
]
},
{
"names": [
"R\u00f3bert Kisteleki"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-0240",
"cwe": {
"id": "CWE-271",
"name": "Privilege Dropping / Lowering Errors"
},
"discovery_date": "2014-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101863"
}
],
"notes": [
{
"category": "description",
"text": "It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system.\r\n\r\nNote: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_wsgi: possible privilege escalation in setuid() failure scenarios",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0240"
},
{
"category": "external",
"summary": "RHBZ#1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240"
}
],
"release_date": "2014-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-08-25T08:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:1091"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Client-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Client-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7ComputeNode-optional-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7ComputeNode-optional-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Server-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Server-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.src",
"7Workstation-7.0.Z:mod_wsgi-0:3.4-12.el7_0.x86_64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.ppc64",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.s390x",
"7Workstation-7.0.Z:mod_wsgi-debuginfo-0:3.4-12.el7_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mod_wsgi: possible privilege escalation in setuid() failure scenarios"
}
]
}
RHSA-2014_0788
Vulnerability from csaf_redhat - Published: 2014-06-25 15:40 - Updated: 2024-11-22 08:03Summary
Red Hat Security Advisory: mod_wsgi security update
Notes
Topic
An updated mod_wsgi package that fixes two security issues is now available
for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
The mod_wsgi adapter is an Apache module that provides a WSGI-compliant
interface for hosting Python-based web applications within Apache.
It was found that mod_wsgi did not properly drop privileges if the call to
setuid() failed. If mod_wsgi was set up to allow unprivileged users to run
WSGI applications, a local user able to run a WSGI application could
possibly use this flaw to escalate their privileges on the system.
(CVE-2014-0240)
Note: mod_wsgi is not intended to provide privilege separation for WSGI
applications. Systems relying on mod_wsgi to limit or sandbox the
privileges of mod_wsgi applications should migrate to a different solution
with proper privilege separation.
It was discovered that mod_wsgi could leak memory of a hosted web
application via the "Content-Type" header. A remote attacker could possibly
use this flaw to disclose limited portions of the web application's memory.
(CVE-2014-0242)
Red Hat would like to thank Graham Dumpleton for reporting these issues.
Upstream acknowledges Róbert Kisteleki as the original reporter of
CVE-2014-0240, and Buck Golemon as the original reporter of CVE-2014-0242.
All mod_wsgi users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated mod_wsgi package that fixes two security issues is now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The mod_wsgi adapter is an Apache module that provides a WSGI-compliant\ninterface for hosting Python-based web applications within Apache.\n\nIt was found that mod_wsgi did not properly drop privileges if the call to\nsetuid() failed. If mod_wsgi was set up to allow unprivileged users to run\nWSGI applications, a local user able to run a WSGI application could\npossibly use this flaw to escalate their privileges on the system.\n(CVE-2014-0240)\n\nNote: mod_wsgi is not intended to provide privilege separation for WSGI\napplications. Systems relying on mod_wsgi to limit or sandbox the\nprivileges of mod_wsgi applications should migrate to a different solution\nwith proper privilege separation.\n\nIt was discovered that mod_wsgi could leak memory of a hosted web\napplication via the \"Content-Type\" header. A remote attacker could possibly\nuse this flaw to disclose limited portions of the web application\u0027s memory.\n(CVE-2014-0242)\n\nRed Hat would like to thank Graham Dumpleton for reporting these issues.\nUpstream acknowledges R\u00f3bert Kisteleki as the original reporter of\nCVE-2014-0240, and Buck Golemon as the original reporter of CVE-2014-0242.\n\nAll mod_wsgi users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0788",
"url": "https://access.redhat.com/errata/RHSA-2014:0788"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "external",
"summary": "1101873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101873"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0788.json"
}
],
"title": "Red Hat Security Advisory: mod_wsgi security update",
"tracking": {
"current_release_date": "2024-11-22T08:03:18+00:00",
"generator": {
"date": "2024-11-22T08:03:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2014:0788",
"initial_release_date": "2014-06-25T15:40:36+00:00",
"revision_history": [
{
"date": "2014-06-25T15:40:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-06-25T15:40:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T08:03:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"product_id": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"product": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"product_id": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.2-6.el6_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.i686",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686",
"product_id": "mod_wsgi-0:3.2-6.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"product": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"product_id": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.2-6.el6_5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.src",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.src",
"product_id": "mod_wsgi-0:3.2-6.el6_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"product_id": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"product": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"product_id": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.2-6.el6_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_wsgi-0:3.2-6.el6_5.s390x",
"product": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x",
"product_id": "mod_wsgi-0:3.2-6.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi@3.2-6.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"product": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"product_id": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_wsgi-debuginfo@3.2-6.el6_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.src",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Client-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.src",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.src",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
},
"product_reference": "mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Graham Dumpleton"
]
},
{
"names": [
"R\u00f3bert Kisteleki"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-0240",
"cwe": {
"id": "CWE-271",
"name": "Privilege Dropping / Lowering Errors"
},
"discovery_date": "2014-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101863"
}
],
"notes": [
{
"category": "description",
"text": "It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system.\r\n\r\nNote: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_wsgi: possible privilege escalation in setuid() failure scenarios",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0240"
},
{
"category": "external",
"summary": "RHBZ#1101863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240"
}
],
"release_date": "2014-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-25T15:40:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0788"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mod_wsgi: possible privilege escalation in setuid() failure scenarios"
},
{
"cve": "CVE-2014-0242",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2014-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101873"
}
],
"notes": [
{
"category": "description",
"text": "mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mod_wsgi: information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Update Infrastructure 2.1.3 is now in Production 2 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Update Infrastructure Life Cycle: https://access.redhat.com/support/policy/updates/rhui.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0242"
},
{
"category": "external",
"summary": "RHBZ#1101873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101873"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0242"
}
],
"release_date": "2014-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-25T15:40:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0788"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Client-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Client-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6ComputeNode-optional-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6ComputeNode-optional-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Server-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Server-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.src",
"6Workstation-6.5.z:mod_wsgi-0:3.2-6.el6_5.x86_64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.i686",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.ppc64",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.s390x",
"6Workstation-6.5.z:mod_wsgi-debuginfo-0:3.2-6.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mod_wsgi: information leak"
}
]
}
OPENSUSE-SU-2024:10457-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
apache2-mod_wsgi-4.5.2-1.4 on GA media
Notes
Title of the patch
apache2-mod_wsgi-4.5.2-1.4 on GA media
Description of the patch
These are all security issues fixed in the apache2-mod_wsgi-4.5.2-1.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10457
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "apache2-mod_wsgi-4.5.2-1.4 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the apache2-mod_wsgi-4.5.2-1.4 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10457",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10457-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0240 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0240/"
}
],
"title": "apache2-mod_wsgi-4.5.2-1.4 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10457-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-mod_wsgi-4.5.2-1.4.aarch64",
"product": {
"name": "apache2-mod_wsgi-4.5.2-1.4.aarch64",
"product_id": "apache2-mod_wsgi-4.5.2-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.aarch64",
"product": {
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.aarch64",
"product_id": "apache2-mod_wsgi-python3-4.5.2-1.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-mod_wsgi-4.5.2-1.4.ppc64le",
"product": {
"name": "apache2-mod_wsgi-4.5.2-1.4.ppc64le",
"product_id": "apache2-mod_wsgi-4.5.2-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.ppc64le",
"product": {
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.ppc64le",
"product_id": "apache2-mod_wsgi-python3-4.5.2-1.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-mod_wsgi-4.5.2-1.4.s390x",
"product": {
"name": "apache2-mod_wsgi-4.5.2-1.4.s390x",
"product_id": "apache2-mod_wsgi-4.5.2-1.4.s390x"
}
},
{
"category": "product_version",
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.s390x",
"product": {
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.s390x",
"product_id": "apache2-mod_wsgi-python3-4.5.2-1.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-mod_wsgi-4.5.2-1.4.x86_64",
"product": {
"name": "apache2-mod_wsgi-4.5.2-1.4.x86_64",
"product_id": "apache2-mod_wsgi-4.5.2-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.x86_64",
"product": {
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.x86_64",
"product_id": "apache2-mod_wsgi-python3-4.5.2-1.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-4.5.2-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.aarch64"
},
"product_reference": "apache2-mod_wsgi-4.5.2-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-4.5.2-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.ppc64le"
},
"product_reference": "apache2-mod_wsgi-4.5.2-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-4.5.2-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.s390x"
},
"product_reference": "apache2-mod_wsgi-4.5.2-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-4.5.2-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.x86_64"
},
"product_reference": "apache2-mod_wsgi-4.5.2-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.aarch64"
},
"product_reference": "apache2-mod_wsgi-python3-4.5.2-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.ppc64le"
},
"product_reference": "apache2-mod_wsgi-python3-4.5.2-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.s390x"
},
"product_reference": "apache2-mod_wsgi-python3-4.5.2-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-python3-4.5.2-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.x86_64"
},
"product_reference": "apache2-mod_wsgi-python3-4.5.2-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0240"
}
],
"notes": [
{
"category": "general",
"text": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.aarch64",
"openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.ppc64le",
"openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.s390x",
"openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.x86_64",
"openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.aarch64",
"openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.ppc64le",
"openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.s390x",
"openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0240",
"url": "https://www.suse.com/security/cve/CVE-2014-0240"
},
{
"category": "external",
"summary": "SUSE Bug 878550 for CVE-2014-0240",
"url": "https://bugzilla.suse.com/878550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.aarch64",
"openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.ppc64le",
"openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.s390x",
"openSUSE Tumbleweed:apache2-mod_wsgi-4.5.2-1.4.x86_64",
"openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.aarch64",
"openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.ppc64le",
"openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.s390x",
"openSUSE Tumbleweed:apache2-mod_wsgi-python3-4.5.2-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-0240"
}
]
}
GHSA-P3R2-MVH7-9PCC
Vulnerability from github – Published: 2022-05-17 00:12 – Updated: 2022-05-17 00:12
VLAI?
Details
The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.
{
"affected": [],
"aliases": [
"CVE-2014-0240"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-05-27T14:55:00Z",
"severity": "MODERATE"
},
"details": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.",
"id": "GHSA-p3r2-mvh7-9pcc",
"modified": "2022-05-17T00:12:15Z",
"published": "2022-05-17T00:12:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0240"
},
{
"type": "WEB",
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"type": "WEB",
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/59551"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/60094"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/67532"
}
],
"schema_version": "1.4.0",
"severity": []
}
SUSE-RU-2015:0611-1
Vulnerability from csaf_suse - Published: 2015-02-25 20:05 - Updated: 2015-02-25 20:05Summary
Recommended update for SUSE Manager Server 2.1
Notes
Title of the patch
Recommended update for SUSE Manager Server 2.1
Description of the patch
This collective update for SUSE Manager Server 2.1 provides the following
new features:
* Connect SUSE Manager to the SUSE Customer Center.
* Manage SLE12 systems.
* ISS: export/import information about cloned channels to support
Service Pack migration on ISS slaves. (FATE#317789)
* New API calls: system.scheduleSPMigration(),
system.scheduleDistUpgrade(). (FATE#314785, FATE#314340)
Additionally, several issues have been fixed:
auditlog-keeper:
* Fix value too long for type character varying(2048). (bnc#872351)
* Fix init.d script restart. (bsc#872029)
cobbler:
* Require syslinux-x86_64 on s390x. (bsc#884051)
* Fix fetching of profiles for auto-installation. (bsc#880936)
* Fix port guessing in koan. (bsc#855389)
* Add 'copy-default' option to grubby-compat. (bsc#855389)
* Handle elilo in SUSE. (bsc#855389)
* Fix wrong option 'text' in SUSE environment. (bsc#901058)
* Fix re-installation on SLE with static network configuration.
(bsc#883487)
* Add RHEL 7 as a valid operating system version.
oracle-config:
* No need to pre-require Apache as its user and group are available in
the base system.
osad:
* Enable and install osad during first installation. (bsc#901958)
pxe-default-image:
* Add bind-utils (dig) to packagelist. (bsc#889739)
* Wait for gateway to become available before register. (bsc#895001)
rhnlib:
* Ensure bytes strings are sent to pyOpenSSL. (bnc#880388)
rhnpush:
* Add default path structure to proxy lookaside that avoids collisions.
sm-ncc-sync-data:
* Add SUSE Cloud 4 channels. (bnc#883057)
* Add channels for SUSE Manager Server 2.1 s390x.
* Fix parent label of the LTSS channel for SLMS.
* Add ATI and nVidia channels for SLED11-SP3. (bsc#901108)
* Add support for RES7 in SUSE Manager. (bsc#897723, bsc#893608)
smdba:
* Fix 'system check breaks backup and other configuration'.
* Implement rotating PostgreSQL backup. (bsc#896244)
* Space reclamation caused ORA-00942: table or view does not exist.
(bsc#906850)
* Archival of PosgreSQL transaction log does not recover in case of no
space left on device. (bsc#915140)
spacecmd:
* Fix listupgrades. (bsc#892707)
* Make print_result a static method of SpacewalkShell. (bsc#889605)
* Call listAutoinstallableChannels() for listing distributions.
(bsc#887879)
* Fix spacecmd schedule listing. (bsc#902494)
* Fix call of setCustomOptions() during kickstart_importjson.
(bsc#879904)
* Fix configchannel export: do not create 'contents' key for
directories. (bsc#908849)
spacewalk-backend:
* Insert update tag at the correct place for SLE12. (bsc#907677)
* Trigger generation of metadata if the repo contains no packages.
(bsc#870159)
* Convert mtime to localtime to prevent invalid times because of DST.
(bsc#914437)
* Do not exit with error if a vendor channel has no URL associated.
(bsc#914260)
* Convert empty string to null for DMI values. (bsc#911272)
spacewalk-branding:
* CVE patches adapted for colour blind users. (bnc#872298)
* Underline in icons is removed. (bnc#880001)
* Fix link to macro documentation. (bsc#895961)
* Fix branding in error message. (bsc#902503)
spacewalk-certs-tools:
* Fix removal of existing host key entries. (bsc#886391)
* Remove duplicates from authorized_keys2 as well. (bsc#885889)
* Do not allow registering a SUSE Manager server against itself.
(bsc#841731)
spacewalk-client-tools:
* Allow unicode characters in proxy username and password.
* Send correct hostname. (bsc#887538)
spacewalk-config:
* Add recommended Apache settings from the Security Team.
spacewalk-java:
* Fix human dates now() staying unmodified. (bnc#880081)
* Allow for null evr and archs on event history detail. (bnc#880327)
* Disable form autocompletion in some places. (bnc#879998)
* Fix datepicker time at xx:xx PM pre-filled with xx:xx AM.
(bnc#881522)
* Fixed package upgrade via SSM when using the Oracle DB as backend.
(bnc#889721)
* This update fixes various cross-site scripting (XSS) issues in
spacewalk-java. (CVE-2014-3654, bnc#902182)
* Sync correct repositories. (bnc#904959)
* Fix pxt page link to point to the ported version of that page.
(bsc#903720)
* Correctly apply patches to multiple systems in SSM. (bsc#898242)
* Fix CVE audit when some packages of a patch are already installed.
(bsc#899266)
* Download CSV button does not export all columns ('Base Channel'
missing). (bsc#896238)
* Read and display only a limited number of logfile lines. (bsc#883009)
* Fix package upgrade via SSM. (bsc#889721)
* Fix logrotate for /var/log/rhn/rhn_web_api.log. (bsc#884081)
* Throw channel name exception if name is already used. (bnc#901675)
* Don't commit when XMLRPCExceptions are thrown. (bsc#908320)
* Remove 'Select All' button from system currency report. (bsc#653265)
* Fix documentation search. (bsc#875452)
* Add API listAutoinstallableChannels(). (bsc#887879)
* Avoid ArrayIndexOutOfBoundsException with invalid URLs. (bsc#892711)
* Avoid NumberFormatException in case of invalid URL. (bsc#892711)
* Lookup kickstart tree only when org is found. (bsc#892711)
* Fix NPE on GET /rhn/common/DownloadFile.do. (bsc#892711)
* Port of the advanced provisioning option page to bootstrap.
(bnc#862408)
* mgr-sync refresh sets wrong permissions on JSON files. (bnc#907337)
* Fix link to macro documentation. (bsc#895961)
* Forward to 'raw mode' page in case this is an uploaded profile.
(bsc#904841)
* Enlarge big text area to use more available screen space.
(bnc#867836)
* Fix links to monitoring documentation. (bsc#906887)
* Fix install type detection. (bsc#875231)
* Point 'Register Clients' link to 'Client Configuration Guide'.
(bsc#880026)
* Change order of installer type: prefer SUSE Linux. (bsc#860299)
* Fix ISE when clicking system currency. (bnc#905530)
* Set cobbler hostname variable when calling system.createSystemRecord.
(bnc#904699)
* Fix wrong install=http://nullnull line when calling
system.createSystemRecord. (bnc#904699)
* Explain snapshot/rollback behavior better. (bsc#808947)
* Fix patch syncing: prevent hibernate.NonUniqueObjectException
androllback. (bsc#903880)
* Remove 'Add Selected to SSM' from system overview page. (bsc#901776)
* Fix CVE audit in case of multi-version package installed and patch in
multi channels. (bsc#903723)
* Update channel family membership when channel is updated.
(bsc#901193)
* Add log warning if uploaded file size > 1MB. (bnc#901927)
* Fix channel package compare. (bsc#904690)
* Fix automatic configuration file deployment via snippet. (bsc#898426)
* Add client hostname or IP to log messages. (bsc#904732)
* Fixed copying text from kickstart snippets. (bsc#880087)
* Fix auditlog config yaml syntax. (bsc#913221)
* Show Proxy tab if system is a proxy even when assigned to cloned
channels. (bsc#913939)
* Fixed uncaught error which prevent correct error handling.
(bsc#858971)
* Fix NPE by setting max_members to 0 instead of NULL. (bsc#912035)
* Fix more cross-site-scripting (XSS) issues. (CVE-2014-7811,
bsc#902915)
* Fix basic authentication for HTTP proxies. (bsc#912057)
* Accept repos with same SCC ID and different URLs. (bsc#911808)
* Avoid mgr-sync-refresh failure because clear_log_id was not called.
(bsc#911166)
* Fix cross-site-scripting (XSS) issue in system-group (CVE-2014-7812,
bsc#912886)
* Fix 'Select All' buttons display on rhn:list and make it consistent
with new rl:list. (bsc#909724)
* Fix List tag missing submit parameter for 'Select All' and others.
(bnc#909724)
* Sort filelist in configfile.compare event history alphabetically.
(bsc#910243)
* Allow parenthesis in system group description. (bsc#903064)
* Provide new API documentation in PDF format. (bsc#896029)
* Update the example scripts section. (bsc#896029)
* Fixed wording issues on package lock page. (bsc#880022)
* Make text more clear for package profile sync. (bsc#884350)
spacewalk-reports:
* Added channel- and server-group-ids to activation-keys.
* Added spacewalk-report for systems with extra packages.
spacewalk-search:
* Fix package searching in shared channels.
spacewalk-setup:
* Setup /etc/sudoers in SUSE Manager upgrade scripts (bnc#881711)
* No activation if database population should be skipped. (bsc#900956)
* Do not enable spacewalk-service in runlevel 4. (bsc#879992)
spacewalk-utils:
* Fixed spacewalk-hostname-rename to work with PostgreSQL backend.
* Added limitation of spacewalk-clone-by-date for RHEL4 and earlier.
* Add openSUSE 13.2 repositories to spacewalk-common-channels.
* Improve clone-by-date dependency resolution.
* Add CentOS 7 and EPEL 7 channels.
* Fix error if blacklist / removelist is not in scbd configurationfile.
spacewalk-web:
* Fix links to monitoring documentation. (bsc#906887)
* Show Proxy tab if system is a proxy even when assigned to cloned
channels. (bsc#913939)
supportutils-plugin-susemanager:
* Write current service and repository configuration into
supportconfig.
susemanager-manuals_en, susemanager-jsp_en:
* Clarification about supported Web browsers. (bsc#889905)
* Update text and image files. (bnc#907527)
* Document NCC to SCC switch with SUSE Manager 2.1. (bnc#907106,
bnc#907643, bnc#907645, bnc#907646)
* SUSE Manager server update description. (bnc#902373)
* Activation keys and packages. (bnc#767279)
* Cobbler (bnc#880027), Link fix (bnc#881225), Wagon (bnc#884366)
* Install and ship the built PDFs. (bnc#907086)
* Update text and image files (bsc#910494).
* Firewall rules are incomplete - ssh-push and ssh-push-tunnel settings
missing. (bsc#904703)
* Document SP migration and ISS. (bsc#913215, partially).
* Fix 'beta packages' mentioned in documentation. (bsc#886421).
* User guide: Snapshots: clarify snaphot usage. (bsc#906851).
* Document maximal supported configuration file limit. (bsc#910482).
susemanager-schema:
* Add SLE 12 distribution targets to database.
* Fix evr_t schema upgrade. (bsc#881111)
* Allow evr_t to be compared with NULL in Oracle. (bsc#881111)
* Add support to ppc64le architecture.
* Fix migration script names to fix bare-metal registration.
(bsc#896109)
* Create regular index instead and have one migration per DB.
(bsc#905072)
* Drop unique index on package ids. (bsc#905072)
* Fix NPE by setting max_members to 0 instead of NULL. (bsc#912035)
* Fix old migration for future reference. (bsc#911180)
* Avoid NPE when migrating to SCC on Oracle migrated from 1.7.
(bsc#911180)
susemanager:
* Update the sudoers file after SUSE Manager upgrade. (bnc#881711)
* Fix oracle2postgres.sh (database configuration).
* Replace /etc/motd after setup. (bsc#883379)
* Make mgr-create-bootstrap-repo SCC and SLE 12 aware.
* Abort setup when invalid SSL country code given. (bnc#882468)
* Use noRepoSync parameter always.
* Fixed error message on exception in mgr-sync. (bnc#905263)
* Fixed add product to not trigger redundant addition of base channel.
(bnc#901928)
* Ask for the authentication beforehand. (bsc#908317)
susemanager-sync-data:
* Add channels for Public Cloud Module. (bsc#907586)
* Add new channel families SLE-WE and SLE-LP.
* Add ATI and nVidia channels for SLED11-SP3. (bsc#901108)
* Add channels for IBM-DLPAR for SLE12 ppc64le.
* Added support for RES7 in SUSE Manager. (bsc#897723, bsc#893608)
suseRegisterInfo:
* Re-add legacy suse_register_info to successfully perform the update.
(bsc#898428)
zypp-plugin-spacewalk:
* Check for retrieveOnly option in up2date configuration and set
download_only. (bsc#896254)
* Changed the spec file to force usage of the official python VM.
(bsc#889363)
yum:
* Preserve query parameters in URLs. (bsc#896844)
struts:
* CVE-2014-0114: The ActionForm object in Apache Struts 1.x through
1.3.10 allows remote attackers to 'manipulate' the ClassLoader and
execute arbitrary code via the class parameter, which is passed to
the getClass method.
apache2-mod_wsgi:
* CVE-2014-0242: Information exposure. (bnc#878553)
* CVE-2014-0240: Local privilege escalation. (bnc#878550)
* CVE-2014-8583: Failure to handle errors when attempting to drop group
privileges. (bnc#903961)
libyaml-0-2:
* Assert failure when processing wrapped strings (bnc#907809,
CVE-2014-9130)
tanukiwrapper:
* Allow more than 4G as -Xmx option. (bsc#914900)
The following new packages have been added to the product:
susemanager-sync-data, google-gson, python-enum34.
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service: spacewalk-service stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Upgrade the database schema with spacewalk-schema-upgrade
5. Start the Spacewalk service: spacewalk-service start
Security Issues:
* CVE-2014-0114
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114>
* CVE-2014-0240
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240>
* CVE-2014-0242
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242>
* CVE-2014-3654
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3654>
* CVE-2014-7811
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7811>
* CVE-2014-7812
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7812>
* CVE-2014-8583
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8583>
* CVE-2014-9130
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130>
Patchnames
sleman21-suse-manager-201503
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for SUSE Manager Server 2.1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis collective update for SUSE Manager Server 2.1 provides the following \nnew features:\n\n * Connect SUSE Manager to the SUSE Customer Center.\n * Manage SLE12 systems.\n * ISS: export/import information about cloned channels to support\n Service Pack migration on ISS slaves. (FATE#317789)\n * New API calls: system.scheduleSPMigration(),\n system.scheduleDistUpgrade(). (FATE#314785, FATE#314340)\n\nAdditionally, several issues have been fixed:\n\nauditlog-keeper:\n\n * Fix value too long for type character varying(2048). (bnc#872351)\n * Fix init.d script restart. (bsc#872029)\n\ncobbler:\n\n * Require syslinux-x86_64 on s390x. (bsc#884051)\n * Fix fetching of profiles for auto-installation. (bsc#880936)\n * Fix port guessing in koan. (bsc#855389)\n * Add \u0027copy-default\u0027 option to grubby-compat. (bsc#855389)\n * Handle elilo in SUSE. (bsc#855389)\n * Fix wrong option \u0027text\u0027 in SUSE environment. (bsc#901058)\n * Fix re-installation on SLE with static network configuration.\n (bsc#883487)\n * Add RHEL 7 as a valid operating system version.\n\noracle-config:\n\n * No need to pre-require Apache as its user and group are available in\n the base system.\n\nosad:\n\n * Enable and install osad during first installation. (bsc#901958)\n\npxe-default-image:\n\n * Add bind-utils (dig) to packagelist. (bsc#889739)\n * Wait for gateway to become available before register. (bsc#895001)\n\nrhnlib:\n\n * Ensure bytes strings are sent to pyOpenSSL. (bnc#880388)\n\nrhnpush:\n\n * Add default path structure to proxy lookaside that avoids collisions.\n\nsm-ncc-sync-data:\n\n * Add SUSE Cloud 4 channels. (bnc#883057)\n * Add channels for SUSE Manager Server 2.1 s390x.\n * Fix parent label of the LTSS channel for SLMS.\n * Add ATI and nVidia channels for SLED11-SP3. (bsc#901108)\n * Add support for RES7 in SUSE Manager. (bsc#897723, bsc#893608)\n\nsmdba:\n\n * Fix \u0027system check breaks backup and other configuration\u0027.\n * Implement rotating PostgreSQL backup. (bsc#896244)\n * Space reclamation caused ORA-00942: table or view does not exist.\n (bsc#906850)\n * Archival of PosgreSQL transaction log does not recover in case of no\n space left on device. (bsc#915140)\n\nspacecmd:\n\n * Fix listupgrades. (bsc#892707)\n * Make print_result a static method of SpacewalkShell. (bsc#889605)\n * Call listAutoinstallableChannels() for listing distributions.\n (bsc#887879)\n * Fix spacecmd schedule listing. (bsc#902494)\n * Fix call of setCustomOptions() during kickstart_importjson.\n (bsc#879904)\n * Fix configchannel export: do not create \u0027contents\u0027 key for\n directories. (bsc#908849)\n\nspacewalk-backend:\n\n * Insert update tag at the correct place for SLE12. (bsc#907677)\n * Trigger generation of metadata if the repo contains no packages.\n (bsc#870159)\n * Convert mtime to localtime to prevent invalid times because of DST.\n (bsc#914437)\n * Do not exit with error if a vendor channel has no URL associated.\n (bsc#914260)\n * Convert empty string to null for DMI values. (bsc#911272)\n\nspacewalk-branding:\n\n * CVE patches adapted for colour blind users. (bnc#872298)\n * Underline in icons is removed. (bnc#880001)\n * Fix link to macro documentation. (bsc#895961)\n * Fix branding in error message. (bsc#902503)\n\nspacewalk-certs-tools:\n\n * Fix removal of existing host key entries. (bsc#886391)\n * Remove duplicates from authorized_keys2 as well. (bsc#885889)\n * Do not allow registering a SUSE Manager server against itself.\n (bsc#841731)\n\nspacewalk-client-tools:\n\n * Allow unicode characters in proxy username and password.\n * Send correct hostname. (bsc#887538)\n\nspacewalk-config:\n\n * Add recommended Apache settings from the Security Team.\n\nspacewalk-java:\n\n * Fix human dates now() staying unmodified. (bnc#880081)\n * Allow for null evr and archs on event history detail. (bnc#880327)\n * Disable form autocompletion in some places. (bnc#879998)\n * Fix datepicker time at xx:xx PM pre-filled with xx:xx AM.\n (bnc#881522)\n * Fixed package upgrade via SSM when using the Oracle DB as backend.\n (bnc#889721)\n * This update fixes various cross-site scripting (XSS) issues in\n spacewalk-java. (CVE-2014-3654, bnc#902182)\n * Sync correct repositories. (bnc#904959)\n * Fix pxt page link to point to the ported version of that page.\n (bsc#903720)\n * Correctly apply patches to multiple systems in SSM. (bsc#898242)\n * Fix CVE audit when some packages of a patch are already installed.\n (bsc#899266)\n * Download CSV button does not export all columns (\u0027Base Channel\u0027\n missing). (bsc#896238)\n * Read and display only a limited number of logfile lines. (bsc#883009)\n * Fix package upgrade via SSM. (bsc#889721)\n * Fix logrotate for /var/log/rhn/rhn_web_api.log. (bsc#884081)\n * Throw channel name exception if name is already used. (bnc#901675)\n * Don\u0027t commit when XMLRPCExceptions are thrown. (bsc#908320)\n * Remove \u0027Select All\u0027 button from system currency report. (bsc#653265)\n * Fix documentation search. (bsc#875452)\n * Add API listAutoinstallableChannels(). (bsc#887879)\n * Avoid ArrayIndexOutOfBoundsException with invalid URLs. (bsc#892711)\n * Avoid NumberFormatException in case of invalid URL. (bsc#892711)\n * Lookup kickstart tree only when org is found. (bsc#892711)\n * Fix NPE on GET /rhn/common/DownloadFile.do. (bsc#892711)\n * Port of the advanced provisioning option page to bootstrap.\n (bnc#862408)\n * mgr-sync refresh sets wrong permissions on JSON files. (bnc#907337)\n * Fix link to macro documentation. (bsc#895961)\n * Forward to \u0027raw mode\u0027 page in case this is an uploaded profile.\n (bsc#904841)\n * Enlarge big text area to use more available screen space.\n (bnc#867836)\n * Fix links to monitoring documentation. (bsc#906887)\n * Fix install type detection. (bsc#875231)\n * Point \u0027Register Clients\u0027 link to \u0027Client Configuration Guide\u0027.\n (bsc#880026)\n * Change order of installer type: prefer SUSE Linux. (bsc#860299)\n * Fix ISE when clicking system currency. (bnc#905530)\n * Set cobbler hostname variable when calling system.createSystemRecord.\n (bnc#904699)\n * Fix wrong install=http://nullnull line when calling\n system.createSystemRecord. (bnc#904699)\n * Explain snapshot/rollback behavior better. (bsc#808947)\n * Fix patch syncing: prevent hibernate.NonUniqueObjectException\n androllback. (bsc#903880)\n * Remove \u0027Add Selected to SSM\u0027 from system overview page. (bsc#901776)\n * Fix CVE audit in case of multi-version package installed and patch in\n multi channels. (bsc#903723)\n * Update channel family membership when channel is updated.\n (bsc#901193)\n * Add log warning if uploaded file size \u003e 1MB. (bnc#901927)\n * Fix channel package compare. (bsc#904690)\n * Fix automatic configuration file deployment via snippet. (bsc#898426)\n * Add client hostname or IP to log messages. (bsc#904732)\n * Fixed copying text from kickstart snippets. (bsc#880087)\n * Fix auditlog config yaml syntax. (bsc#913221)\n * Show Proxy tab if system is a proxy even when assigned to cloned\n channels. (bsc#913939)\n * Fixed uncaught error which prevent correct error handling.\n (bsc#858971)\n * Fix NPE by setting max_members to 0 instead of NULL. (bsc#912035)\n * Fix more cross-site-scripting (XSS) issues. (CVE-2014-7811,\n bsc#902915)\n * Fix basic authentication for HTTP proxies. (bsc#912057)\n * Accept repos with same SCC ID and different URLs. (bsc#911808)\n * Avoid mgr-sync-refresh failure because clear_log_id was not called.\n (bsc#911166)\n * Fix cross-site-scripting (XSS) issue in system-group (CVE-2014-7812,\n bsc#912886)\n * Fix \u0027Select All\u0027 buttons display on rhn:list and make it consistent\n with new rl:list. (bsc#909724)\n * Fix List tag missing submit parameter for \u0027Select All\u0027 and others.\n (bnc#909724)\n * Sort filelist in configfile.compare event history alphabetically.\n (bsc#910243)\n * Allow parenthesis in system group description. (bsc#903064)\n * Provide new API documentation in PDF format. (bsc#896029)\n * Update the example scripts section. (bsc#896029)\n * Fixed wording issues on package lock page. (bsc#880022)\n * Make text more clear for package profile sync. (bsc#884350)\n\nspacewalk-reports:\n\n * Added channel- and server-group-ids to activation-keys.\n * Added spacewalk-report for systems with extra packages.\n\nspacewalk-search:\n\n * Fix package searching in shared channels.\n\nspacewalk-setup:\n\n * Setup /etc/sudoers in SUSE Manager upgrade scripts (bnc#881711)\n * No activation if database population should be skipped. (bsc#900956)\n * Do not enable spacewalk-service in runlevel 4. (bsc#879992)\n\nspacewalk-utils:\n\n * Fixed spacewalk-hostname-rename to work with PostgreSQL backend.\n * Added limitation of spacewalk-clone-by-date for RHEL4 and earlier.\n * Add openSUSE 13.2 repositories to spacewalk-common-channels.\n * Improve clone-by-date dependency resolution.\n * Add CentOS 7 and EPEL 7 channels.\n * Fix error if blacklist / removelist is not in scbd configurationfile.\n\nspacewalk-web:\n\n * Fix links to monitoring documentation. (bsc#906887)\n * Show Proxy tab if system is a proxy even when assigned to cloned\n channels. (bsc#913939)\n\nsupportutils-plugin-susemanager:\n\n * Write current service and repository configuration into\n supportconfig.\n\nsusemanager-manuals_en, susemanager-jsp_en:\n\n * Clarification about supported Web browsers. (bsc#889905)\n * Update text and image files. (bnc#907527)\n * Document NCC to SCC switch with SUSE Manager 2.1. (bnc#907106,\n bnc#907643, bnc#907645, bnc#907646)\n * SUSE Manager server update description. (bnc#902373)\n * Activation keys and packages. (bnc#767279)\n * Cobbler (bnc#880027), Link fix (bnc#881225), Wagon (bnc#884366)\n * Install and ship the built PDFs. (bnc#907086)\n * Update text and image files (bsc#910494).\n * Firewall rules are incomplete - ssh-push and ssh-push-tunnel settings\n missing. (bsc#904703)\n * Document SP migration and ISS. (bsc#913215, partially).\n * Fix \u0027beta packages\u0027 mentioned in documentation. (bsc#886421).\n * User guide: Snapshots: clarify snaphot usage. (bsc#906851).\n * Document maximal supported configuration file limit. (bsc#910482).\n\nsusemanager-schema:\n\n * Add SLE 12 distribution targets to database.\n * Fix evr_t schema upgrade. (bsc#881111)\n * Allow evr_t to be compared with NULL in Oracle. (bsc#881111)\n * Add support to ppc64le architecture.\n * Fix migration script names to fix bare-metal registration.\n (bsc#896109)\n * Create regular index instead and have one migration per DB.\n (bsc#905072)\n * Drop unique index on package ids. (bsc#905072)\n * Fix NPE by setting max_members to 0 instead of NULL. (bsc#912035)\n * Fix old migration for future reference. (bsc#911180)\n * Avoid NPE when migrating to SCC on Oracle migrated from 1.7.\n (bsc#911180)\n\nsusemanager:\n\n * Update the sudoers file after SUSE Manager upgrade. (bnc#881711)\n * Fix oracle2postgres.sh (database configuration).\n * Replace /etc/motd after setup. (bsc#883379)\n * Make mgr-create-bootstrap-repo SCC and SLE 12 aware.\n * Abort setup when invalid SSL country code given. (bnc#882468)\n * Use noRepoSync parameter always.\n * Fixed error message on exception in mgr-sync. (bnc#905263)\n * Fixed add product to not trigger redundant addition of base channel.\n (bnc#901928)\n * Ask for the authentication beforehand. (bsc#908317)\n\nsusemanager-sync-data:\n\n * Add channels for Public Cloud Module. (bsc#907586)\n * Add new channel families SLE-WE and SLE-LP.\n * Add ATI and nVidia channels for SLED11-SP3. (bsc#901108)\n * Add channels for IBM-DLPAR for SLE12 ppc64le.\n * Added support for RES7 in SUSE Manager. (bsc#897723, bsc#893608)\n\nsuseRegisterInfo:\n\n * Re-add legacy suse_register_info to successfully perform the update.\n (bsc#898428)\n\nzypp-plugin-spacewalk:\n\n * Check for retrieveOnly option in up2date configuration and set\n download_only. (bsc#896254)\n * Changed the spec file to force usage of the official python VM.\n (bsc#889363)\n\nyum:\n\n * Preserve query parameters in URLs. (bsc#896844)\n\nstruts:\n\n * CVE-2014-0114: The ActionForm object in Apache Struts 1.x through\n 1.3.10 allows remote attackers to \u0027manipulate\u0027 the ClassLoader and\n execute arbitrary code via the class parameter, which is passed to\n the getClass method.\n\napache2-mod_wsgi:\n\n * CVE-2014-0242: Information exposure. (bnc#878553)\n * CVE-2014-0240: Local privilege escalation. (bnc#878550)\n * CVE-2014-8583: Failure to handle errors when attempting to drop group\n privileges. (bnc#903961)\n\nlibyaml-0-2:\n\n * Assert failure when processing wrapped strings (bnc#907809,\n CVE-2014-9130)\n\ntanukiwrapper:\n\n * Allow more than 4G as -Xmx option. (bsc#914900)\n\nThe following new packages have been added to the product: \nsusemanager-sync-data, google-gson, python-enum34.\n\nHow to apply this update:\n\n 1. Log in as root user to the SUSE Manager server.\n 2. Stop the Spacewalk service: spacewalk-service stop\n 3. Apply the patch using either zypper patch or YaST Online Update.\n 4. Upgrade the database schema with spacewalk-schema-upgrade\n 5. Start the Spacewalk service: spacewalk-service start\n\nSecurity Issues:\n\n * CVE-2014-0114\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114\u003e\n * CVE-2014-0240\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240\u003e\n * CVE-2014-0242\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242\u003e\n * CVE-2014-3654\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3654\u003e\n * CVE-2014-7811\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7811\u003e\n * CVE-2014-7812\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7812\u003e\n * CVE-2014-8583\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8583\u003e\n * CVE-2014-9130\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130\u003e\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleman21-suse-manager-201503",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2015_0611-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2015:0611-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20150611-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2015:0611-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2015-March/002829.html"
},
{
"category": "self",
"summary": "SUSE Bug 653265",
"url": "https://bugzilla.suse.com/653265"
},
{
"category": "self",
"summary": "SUSE Bug 767279",
"url": "https://bugzilla.suse.com/767279"
},
{
"category": "self",
"summary": "SUSE Bug 808947",
"url": "https://bugzilla.suse.com/808947"
},
{
"category": "self",
"summary": "SUSE Bug 841731",
"url": "https://bugzilla.suse.com/841731"
},
{
"category": "self",
"summary": "SUSE Bug 855389",
"url": "https://bugzilla.suse.com/855389"
},
{
"category": "self",
"summary": "SUSE Bug 858971",
"url": "https://bugzilla.suse.com/858971"
},
{
"category": "self",
"summary": "SUSE Bug 860299",
"url": "https://bugzilla.suse.com/860299"
},
{
"category": "self",
"summary": "SUSE Bug 862408",
"url": "https://bugzilla.suse.com/862408"
},
{
"category": "self",
"summary": "SUSE Bug 867836",
"url": "https://bugzilla.suse.com/867836"
},
{
"category": "self",
"summary": "SUSE Bug 870159",
"url": "https://bugzilla.suse.com/870159"
},
{
"category": "self",
"summary": "SUSE Bug 872029",
"url": "https://bugzilla.suse.com/872029"
},
{
"category": "self",
"summary": "SUSE Bug 872298",
"url": "https://bugzilla.suse.com/872298"
},
{
"category": "self",
"summary": "SUSE Bug 872351",
"url": "https://bugzilla.suse.com/872351"
},
{
"category": "self",
"summary": "SUSE Bug 875231",
"url": "https://bugzilla.suse.com/875231"
},
{
"category": "self",
"summary": "SUSE Bug 875452",
"url": "https://bugzilla.suse.com/875452"
},
{
"category": "self",
"summary": "SUSE Bug 878550",
"url": "https://bugzilla.suse.com/878550"
},
{
"category": "self",
"summary": "SUSE Bug 878553",
"url": "https://bugzilla.suse.com/878553"
},
{
"category": "self",
"summary": "SUSE Bug 879904",
"url": "https://bugzilla.suse.com/879904"
},
{
"category": "self",
"summary": "SUSE Bug 879992",
"url": "https://bugzilla.suse.com/879992"
},
{
"category": "self",
"summary": "SUSE Bug 879998",
"url": "https://bugzilla.suse.com/879998"
},
{
"category": "self",
"summary": "SUSE Bug 880001",
"url": "https://bugzilla.suse.com/880001"
},
{
"category": "self",
"summary": "SUSE Bug 880022",
"url": "https://bugzilla.suse.com/880022"
},
{
"category": "self",
"summary": "SUSE Bug 880026",
"url": "https://bugzilla.suse.com/880026"
},
{
"category": "self",
"summary": "SUSE Bug 880027",
"url": "https://bugzilla.suse.com/880027"
},
{
"category": "self",
"summary": "SUSE Bug 880081",
"url": "https://bugzilla.suse.com/880081"
},
{
"category": "self",
"summary": "SUSE Bug 880087",
"url": "https://bugzilla.suse.com/880087"
},
{
"category": "self",
"summary": "SUSE Bug 880327",
"url": "https://bugzilla.suse.com/880327"
},
{
"category": "self",
"summary": "SUSE Bug 880388",
"url": "https://bugzilla.suse.com/880388"
},
{
"category": "self",
"summary": "SUSE Bug 880936",
"url": "https://bugzilla.suse.com/880936"
},
{
"category": "self",
"summary": "SUSE Bug 881111",
"url": "https://bugzilla.suse.com/881111"
},
{
"category": "self",
"summary": "SUSE Bug 881225",
"url": "https://bugzilla.suse.com/881225"
},
{
"category": "self",
"summary": "SUSE Bug 881522",
"url": "https://bugzilla.suse.com/881522"
},
{
"category": "self",
"summary": "SUSE Bug 881711",
"url": "https://bugzilla.suse.com/881711"
},
{
"category": "self",
"summary": "SUSE Bug 882468",
"url": "https://bugzilla.suse.com/882468"
},
{
"category": "self",
"summary": "SUSE Bug 883009",
"url": "https://bugzilla.suse.com/883009"
},
{
"category": "self",
"summary": "SUSE Bug 883057",
"url": "https://bugzilla.suse.com/883057"
},
{
"category": "self",
"summary": "SUSE Bug 883379",
"url": "https://bugzilla.suse.com/883379"
},
{
"category": "self",
"summary": "SUSE Bug 883487",
"url": "https://bugzilla.suse.com/883487"
},
{
"category": "self",
"summary": "SUSE Bug 884051",
"url": "https://bugzilla.suse.com/884051"
},
{
"category": "self",
"summary": "SUSE Bug 884081",
"url": "https://bugzilla.suse.com/884081"
},
{
"category": "self",
"summary": "SUSE Bug 884350",
"url": "https://bugzilla.suse.com/884350"
},
{
"category": "self",
"summary": "SUSE Bug 884366",
"url": "https://bugzilla.suse.com/884366"
},
{
"category": "self",
"summary": "SUSE Bug 885889",
"url": "https://bugzilla.suse.com/885889"
},
{
"category": "self",
"summary": "SUSE Bug 886391",
"url": "https://bugzilla.suse.com/886391"
},
{
"category": "self",
"summary": "SUSE Bug 886421",
"url": "https://bugzilla.suse.com/886421"
},
{
"category": "self",
"summary": "SUSE Bug 887538",
"url": "https://bugzilla.suse.com/887538"
},
{
"category": "self",
"summary": "SUSE Bug 887879",
"url": "https://bugzilla.suse.com/887879"
},
{
"category": "self",
"summary": "SUSE Bug 889363",
"url": "https://bugzilla.suse.com/889363"
},
{
"category": "self",
"summary": "SUSE Bug 889605",
"url": "https://bugzilla.suse.com/889605"
},
{
"category": "self",
"summary": "SUSE Bug 889721",
"url": "https://bugzilla.suse.com/889721"
},
{
"category": "self",
"summary": "SUSE Bug 889739",
"url": "https://bugzilla.suse.com/889739"
},
{
"category": "self",
"summary": "SUSE Bug 889905",
"url": "https://bugzilla.suse.com/889905"
},
{
"category": "self",
"summary": "SUSE Bug 892707",
"url": "https://bugzilla.suse.com/892707"
},
{
"category": "self",
"summary": "SUSE Bug 892711",
"url": "https://bugzilla.suse.com/892711"
},
{
"category": "self",
"summary": "SUSE Bug 893608",
"url": "https://bugzilla.suse.com/893608"
},
{
"category": "self",
"summary": "SUSE Bug 895001",
"url": "https://bugzilla.suse.com/895001"
},
{
"category": "self",
"summary": "SUSE Bug 895961",
"url": "https://bugzilla.suse.com/895961"
},
{
"category": "self",
"summary": "SUSE Bug 896029",
"url": "https://bugzilla.suse.com/896029"
},
{
"category": "self",
"summary": "SUSE Bug 896109",
"url": "https://bugzilla.suse.com/896109"
},
{
"category": "self",
"summary": "SUSE Bug 896238",
"url": "https://bugzilla.suse.com/896238"
},
{
"category": "self",
"summary": "SUSE Bug 896244",
"url": "https://bugzilla.suse.com/896244"
},
{
"category": "self",
"summary": "SUSE Bug 896254",
"url": "https://bugzilla.suse.com/896254"
},
{
"category": "self",
"summary": "SUSE Bug 896844",
"url": "https://bugzilla.suse.com/896844"
},
{
"category": "self",
"summary": "SUSE Bug 897723",
"url": "https://bugzilla.suse.com/897723"
},
{
"category": "self",
"summary": "SUSE Bug 898242",
"url": "https://bugzilla.suse.com/898242"
},
{
"category": "self",
"summary": "SUSE Bug 898426",
"url": "https://bugzilla.suse.com/898426"
},
{
"category": "self",
"summary": "SUSE Bug 898428",
"url": "https://bugzilla.suse.com/898428"
},
{
"category": "self",
"summary": "SUSE Bug 899266",
"url": "https://bugzilla.suse.com/899266"
},
{
"category": "self",
"summary": "SUSE Bug 900956",
"url": "https://bugzilla.suse.com/900956"
},
{
"category": "self",
"summary": "SUSE Bug 901058",
"url": "https://bugzilla.suse.com/901058"
},
{
"category": "self",
"summary": "SUSE Bug 901108",
"url": "https://bugzilla.suse.com/901108"
},
{
"category": "self",
"summary": "SUSE Bug 901193",
"url": "https://bugzilla.suse.com/901193"
},
{
"category": "self",
"summary": "SUSE Bug 901675",
"url": "https://bugzilla.suse.com/901675"
},
{
"category": "self",
"summary": "SUSE Bug 901776",
"url": "https://bugzilla.suse.com/901776"
},
{
"category": "self",
"summary": "SUSE Bug 901927",
"url": "https://bugzilla.suse.com/901927"
},
{
"category": "self",
"summary": "SUSE Bug 901928",
"url": "https://bugzilla.suse.com/901928"
},
{
"category": "self",
"summary": "SUSE Bug 901958",
"url": "https://bugzilla.suse.com/901958"
},
{
"category": "self",
"summary": "SUSE Bug 902182",
"url": "https://bugzilla.suse.com/902182"
},
{
"category": "self",
"summary": "SUSE Bug 902373",
"url": "https://bugzilla.suse.com/902373"
},
{
"category": "self",
"summary": "SUSE Bug 902494",
"url": "https://bugzilla.suse.com/902494"
},
{
"category": "self",
"summary": "SUSE Bug 902503",
"url": "https://bugzilla.suse.com/902503"
},
{
"category": "self",
"summary": "SUSE Bug 902915",
"url": "https://bugzilla.suse.com/902915"
},
{
"category": "self",
"summary": "SUSE Bug 903064",
"url": "https://bugzilla.suse.com/903064"
},
{
"category": "self",
"summary": "SUSE Bug 903720",
"url": "https://bugzilla.suse.com/903720"
},
{
"category": "self",
"summary": "SUSE Bug 903723",
"url": "https://bugzilla.suse.com/903723"
},
{
"category": "self",
"summary": "SUSE Bug 903880",
"url": "https://bugzilla.suse.com/903880"
},
{
"category": "self",
"summary": "SUSE Bug 903961",
"url": "https://bugzilla.suse.com/903961"
},
{
"category": "self",
"summary": "SUSE Bug 904690",
"url": "https://bugzilla.suse.com/904690"
},
{
"category": "self",
"summary": "SUSE Bug 904699",
"url": "https://bugzilla.suse.com/904699"
},
{
"category": "self",
"summary": "SUSE Bug 904703",
"url": "https://bugzilla.suse.com/904703"
},
{
"category": "self",
"summary": "SUSE Bug 904732",
"url": "https://bugzilla.suse.com/904732"
},
{
"category": "self",
"summary": "SUSE Bug 904841",
"url": "https://bugzilla.suse.com/904841"
},
{
"category": "self",
"summary": "SUSE Bug 904959",
"url": "https://bugzilla.suse.com/904959"
},
{
"category": "self",
"summary": "SUSE Bug 905072",
"url": "https://bugzilla.suse.com/905072"
},
{
"category": "self",
"summary": "SUSE Bug 905263",
"url": "https://bugzilla.suse.com/905263"
},
{
"category": "self",
"summary": "SUSE Bug 905530",
"url": "https://bugzilla.suse.com/905530"
},
{
"category": "self",
"summary": "SUSE Bug 906850",
"url": "https://bugzilla.suse.com/906850"
},
{
"category": "self",
"summary": "SUSE Bug 906851",
"url": "https://bugzilla.suse.com/906851"
},
{
"category": "self",
"summary": "SUSE Bug 906887",
"url": "https://bugzilla.suse.com/906887"
},
{
"category": "self",
"summary": "SUSE Bug 907086",
"url": "https://bugzilla.suse.com/907086"
},
{
"category": "self",
"summary": "SUSE Bug 907106",
"url": "https://bugzilla.suse.com/907106"
},
{
"category": "self",
"summary": "SUSE Bug 907337",
"url": "https://bugzilla.suse.com/907337"
},
{
"category": "self",
"summary": "SUSE Bug 907527",
"url": "https://bugzilla.suse.com/907527"
},
{
"category": "self",
"summary": "SUSE Bug 907586",
"url": "https://bugzilla.suse.com/907586"
},
{
"category": "self",
"summary": "SUSE Bug 907643",
"url": "https://bugzilla.suse.com/907643"
},
{
"category": "self",
"summary": "SUSE Bug 907645",
"url": "https://bugzilla.suse.com/907645"
},
{
"category": "self",
"summary": "SUSE Bug 907646",
"url": "https://bugzilla.suse.com/907646"
},
{
"category": "self",
"summary": "SUSE Bug 907677",
"url": "https://bugzilla.suse.com/907677"
},
{
"category": "self",
"summary": "SUSE Bug 907809",
"url": "https://bugzilla.suse.com/907809"
},
{
"category": "self",
"summary": "SUSE Bug 908317",
"url": "https://bugzilla.suse.com/908317"
},
{
"category": "self",
"summary": "SUSE Bug 908320",
"url": "https://bugzilla.suse.com/908320"
},
{
"category": "self",
"summary": "SUSE Bug 908849",
"url": "https://bugzilla.suse.com/908849"
},
{
"category": "self",
"summary": "SUSE Bug 909724",
"url": "https://bugzilla.suse.com/909724"
},
{
"category": "self",
"summary": "SUSE Bug 910243",
"url": "https://bugzilla.suse.com/910243"
},
{
"category": "self",
"summary": "SUSE Bug 910482",
"url": "https://bugzilla.suse.com/910482"
},
{
"category": "self",
"summary": "SUSE Bug 910494",
"url": "https://bugzilla.suse.com/910494"
},
{
"category": "self",
"summary": "SUSE Bug 911166",
"url": "https://bugzilla.suse.com/911166"
},
{
"category": "self",
"summary": "SUSE Bug 911180",
"url": "https://bugzilla.suse.com/911180"
},
{
"category": "self",
"summary": "SUSE Bug 911272",
"url": "https://bugzilla.suse.com/911272"
},
{
"category": "self",
"summary": "SUSE Bug 911808",
"url": "https://bugzilla.suse.com/911808"
},
{
"category": "self",
"summary": "SUSE Bug 912035",
"url": "https://bugzilla.suse.com/912035"
},
{
"category": "self",
"summary": "SUSE Bug 912057",
"url": "https://bugzilla.suse.com/912057"
},
{
"category": "self",
"summary": "SUSE Bug 912886",
"url": "https://bugzilla.suse.com/912886"
},
{
"category": "self",
"summary": "SUSE Bug 913215",
"url": "https://bugzilla.suse.com/913215"
},
{
"category": "self",
"summary": "SUSE Bug 913221",
"url": "https://bugzilla.suse.com/913221"
},
{
"category": "self",
"summary": "SUSE Bug 913939",
"url": "https://bugzilla.suse.com/913939"
},
{
"category": "self",
"summary": "SUSE Bug 914260",
"url": "https://bugzilla.suse.com/914260"
},
{
"category": "self",
"summary": "SUSE Bug 914437",
"url": "https://bugzilla.suse.com/914437"
},
{
"category": "self",
"summary": "SUSE Bug 914900",
"url": "https://bugzilla.suse.com/914900"
},
{
"category": "self",
"summary": "SUSE Bug 915140",
"url": "https://bugzilla.suse.com/915140"
},
{
"category": "self",
"summary": "SUSE Bug 919448",
"url": "https://bugzilla.suse.com/919448"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0114 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0240 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0242 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0242/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3654 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-7811 page",
"url": "https://www.suse.com/security/cve/CVE-2014-7811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-7812 page",
"url": "https://www.suse.com/security/cve/CVE-2014-7812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8583 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9130 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9130/"
}
],
"title": "Recommended update for SUSE Manager Server 2.1",
"tracking": {
"current_release_date": "2015-02-25T20:05:05Z",
"generator": {
"date": "2015-02-25T20:05:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2015:0611-1",
"initial_release_date": "2015-02-25T20:05:05Z",
"revision_history": [
{
"date": "2015-02-25T20:05:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product": {
"name": "auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product_id": "auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
}
},
{
"category": "product_version",
"name": "auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product": {
"name": "auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product_id": "auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
}
},
{
"category": "product_version",
"name": "auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product": {
"name": "auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product_id": "auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
}
},
{
"category": "product_version",
"name": "auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product": {
"name": "auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product_id": "auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
}
},
{
"category": "product_version",
"name": "auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product": {
"name": "auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product_id": "auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
}
},
{
"category": "product_version",
"name": "google-gson-2.2.4-0.7.52.noarch",
"product": {
"name": "google-gson-2.2.4-0.7.52.noarch",
"product_id": "google-gson-2.2.4-0.7.52.noarch"
}
},
{
"category": "product_version",
"name": "oracle-config-1.1-0.10.10.16.noarch",
"product": {
"name": "oracle-config-1.1-0.10.10.16.noarch",
"product_id": "oracle-config-1.1-0.10.10.16.noarch"
}
},
{
"category": "product_version",
"name": "osa-dispatcher-5.11.33.7-0.7.16.noarch",
"product": {
"name": "osa-dispatcher-5.11.33.7-0.7.16.noarch",
"product_id": "osa-dispatcher-5.11.33.7-0.7.16.noarch"
}
},
{
"category": "product_version",
"name": "perl-Class-Singleton-1.4-4.13.38.noarch",
"product": {
"name": "perl-Class-Singleton-1.4-4.13.38.noarch",
"product_id": "perl-Class-Singleton-1.4-4.13.38.noarch"
}
},
{
"category": "product_version",
"name": "perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"product": {
"name": "perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"product_id": "perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch"
}
},
{
"category": "product_version",
"name": "perl-Satcon-1.20.2-0.7.6.noarch",
"product": {
"name": "perl-Satcon-1.20.2-0.7.6.noarch",
"product_id": "perl-Satcon-1.20.2-0.7.6.noarch"
}
},
{
"category": "product_version",
"name": "perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product": {
"name": "perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"product_id": "perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
}
},
{
"category": "product_version",
"name": "pxe-default-image-0.1-0.20.56.noarch",
"product": {
"name": "pxe-default-image-0.1-0.20.56.noarch",
"product_id": "pxe-default-image-0.1-0.20.56.noarch"
}
},
{
"category": "product_version",
"name": "rhn-custom-info-5.4.22.6-0.7.13.noarch",
"product": {
"name": "rhn-custom-info-5.4.22.6-0.7.13.noarch",
"product_id": "rhn-custom-info-5.4.22.6-0.7.13.noarch"
}
},
{
"category": "product_version",
"name": "rhnmd-5.3.18.4-0.7.15.noarch",
"product": {
"name": "rhnmd-5.3.18.4-0.7.15.noarch",
"product_id": "rhnmd-5.3.18.4-0.7.15.noarch"
}
},
{
"category": "product_version",
"name": "rhnpush-5.5.71.7-0.7.16.noarch",
"product": {
"name": "rhnpush-5.5.71.7-0.7.16.noarch",
"product_id": "rhnpush-5.5.71.7-0.7.16.noarch"
}
},
{
"category": "product_version",
"name": "sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"product": {
"name": "sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"product_id": "sm-ncc-sync-data-2.1.9-0.7.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-2.1.2.4-0.7.6.noarch",
"product": {
"name": "spacewalk-admin-2.1.2.4-0.7.6.noarch",
"product_id": "spacewalk-admin-2.1.2.4-0.7.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-2.1.60.12-0.7.7.noarch",
"product": {
"name": "spacewalk-base-2.1.60.12-0.7.7.noarch",
"product_id": "spacewalk-base-2.1.60.12-0.7.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"product": {
"name": "spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"product_id": "spacewalk-base-minimal-2.1.60.12-0.7.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"product": {
"name": "spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"product_id": "spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"product": {
"name": "spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"product_id": "spacewalk-certs-tools-2.1.6.5-0.7.10.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-2.1.16.6-0.7.9.noarch",
"product": {
"name": "spacewalk-check-2.1.16.6-0.7.9.noarch",
"product_id": "spacewalk-check-2.1.16.6-0.7.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"product": {
"name": "spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"product_id": "spacewalk-client-setup-2.1.16.6-0.7.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"product": {
"name": "spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"product_id": "spacewalk-client-tools-2.1.16.6-0.7.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-config-2.1.5.4-0.7.15.noarch",
"product": {
"name": "spacewalk-config-2.1.5.4-0.7.15.noarch",
"product_id": "spacewalk-config-2.1.5.4-0.7.15.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"product": {
"name": "spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"product_id": "spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-grail-2.1.60.12-0.7.7.noarch",
"product": {
"name": "spacewalk-grail-2.1.60.12-0.7.7.noarch",
"product_id": "spacewalk-grail-2.1.60.12-0.7.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-2.1.60.12-0.7.7.noarch",
"product": {
"name": "spacewalk-html-2.1.60.12-0.7.7.noarch",
"product_id": "spacewalk-html-2.1.60.12-0.7.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-2.1.165.14-0.7.16.noarch",
"product": {
"name": "spacewalk-java-2.1.165.14-0.7.16.noarch",
"product_id": "spacewalk-java-2.1.165.14-0.7.16.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"product": {
"name": "spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"product_id": "spacewalk-java-config-2.1.165.14-0.7.16.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"product": {
"name": "spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"product_id": "spacewalk-java-lib-2.1.165.14-0.7.16.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"product": {
"name": "spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"product_id": "spacewalk-java-oracle-2.1.165.14-0.7.16.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"product": {
"name": "spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"product_id": "spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"product": {
"name": "spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"product_id": "spacewalk-pxt-2.1.60.12-0.7.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-reports-2.1.14.8-0.7.10.noarch",
"product": {
"name": "spacewalk-reports-2.1.14.8-0.7.10.noarch",
"product_id": "spacewalk-reports-2.1.14.8-0.7.10.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-search-2.1.14.6-0.7.18.noarch",
"product": {
"name": "spacewalk-search-2.1.14.6-0.7.18.noarch",
"product_id": "spacewalk-search-2.1.14.6-0.7.18.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-2.1.14.9-0.7.6.noarch",
"product": {
"name": "spacewalk-setup-2.1.14.9-0.7.6.noarch",
"product_id": "spacewalk-setup-2.1.14.9-0.7.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"product": {
"name": "spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"product_id": "spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"product": {
"name": "spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"product_id": "spacewalk-sniglets-2.1.60.12-0.7.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"product": {
"name": "spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"product_id": "spacewalk-taskomatic-2.1.165.14-0.7.16.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-2.1.27.12-0.7.25.noarch",
"product": {
"name": "spacewalk-utils-2.1.27.12-0.7.25.noarch",
"product_id": "spacewalk-utils-2.1.27.12-0.7.25.noarch"
}
},
{
"category": "product_version",
"name": "struts-1.2.9-162.33.22.noarch",
"product": {
"name": "struts-1.2.9-162.33.22.noarch",
"product_id": "struts-1.2.9-162.33.22.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"product": {
"name": "supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"product_id": "supportutils-plugin-susemanager-1.0.3-0.5.5.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"product_id": "supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"product": {
"name": "susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"product_id": "susemanager-client-config_en-pdf-2.1-0.15.24.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-install_en-pdf-2.1-0.15.24.noarch",
"product": {
"name": "susemanager-install_en-pdf-2.1-0.15.24.noarch",
"product_id": "susemanager-install_en-pdf-2.1-0.15.24.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-jsp_en-2.1-0.15.23.noarch",
"product": {
"name": "susemanager-jsp_en-2.1-0.15.23.noarch",
"product_id": "susemanager-jsp_en-2.1-0.15.23.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-manuals_en-2.1-0.15.24.noarch",
"product": {
"name": "susemanager-manuals_en-2.1-0.15.24.noarch",
"product_id": "susemanager-manuals_en-2.1-0.15.24.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"product": {
"name": "susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"product_id": "susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"product": {
"name": "susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"product_id": "susemanager-reference_en-pdf-2.1-0.15.24.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-2.1.50.11-0.7.8.noarch",
"product": {
"name": "susemanager-schema-2.1.50.11-0.7.8.noarch",
"product_id": "susemanager-schema-2.1.50.11-0.7.8.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sync-data-2.1.5-0.7.6.noarch",
"product": {
"name": "susemanager-sync-data-2.1.5-0.7.6.noarch",
"product_id": "susemanager-sync-data-2.1.5-0.7.6.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-user_en-pdf-2.1-0.15.24.noarch",
"product": {
"name": "susemanager-user_en-pdf-2.1-0.15.24.noarch",
"product_id": "susemanager-user_en-pdf-2.1-0.15.24.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-mod_wsgi-3.3-5.7.17.s390x",
"product": {
"name": "apache2-mod_wsgi-3.3-5.7.17.s390x",
"product_id": "apache2-mod_wsgi-3.3-5.7.17.s390x"
}
},
{
"category": "product_version",
"name": "cobbler-2.2.2-0.54.9.s390x",
"product": {
"name": "cobbler-2.2.2-0.54.9.s390x",
"product_id": "cobbler-2.2.2-0.54.9.s390x"
}
},
{
"category": "product_version",
"name": "libyaml-0-2-0.1.3-0.10.16.11.s390x",
"product": {
"name": "libyaml-0-2-0.1.3-0.10.16.11.s390x",
"product_id": "libyaml-0-2-0.1.3-0.10.16.11.s390x"
}
},
{
"category": "product_version",
"name": "postgresql91-pltcl-9.1.15-0.3.1.s390x",
"product": {
"name": "postgresql91-pltcl-9.1.15-0.3.1.s390x",
"product_id": "postgresql91-pltcl-9.1.15-0.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python-enum34-1.0-0.7.33.s390x",
"product": {
"name": "python-enum34-1.0-0.7.33.s390x",
"product_id": "python-enum34-1.0-0.7.33.s390x"
}
},
{
"category": "product_version",
"name": "python-gzipstream-1.10.2.2-0.7.6.s390x",
"product": {
"name": "python-gzipstream-1.10.2.2-0.7.6.s390x",
"product_id": "python-gzipstream-1.10.2.2-0.7.6.s390x"
}
},
{
"category": "product_version",
"name": "rhnlib-2.5.69.6-0.7.6.s390x",
"product": {
"name": "rhnlib-2.5.69.6-0.7.6.s390x",
"product_id": "rhnlib-2.5.69.6-0.7.6.s390x"
}
},
{
"category": "product_version",
"name": "smdba-1.5.1-0.7.6.s390x",
"product": {
"name": "smdba-1.5.1-0.7.6.s390x",
"product_id": "smdba-1.5.1-0.7.6.s390x"
}
},
{
"category": "product_version",
"name": "spacecmd-2.1.25.7-0.7.9.s390x",
"product": {
"name": "spacecmd-2.1.25.7-0.7.9.s390x",
"product_id": "spacecmd-2.1.25.7-0.7.9.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-app-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-applet-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-iss-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-libs-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-server-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-sql-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-tools-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"product": {
"name": "spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"product_id": "spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-2.1.33.10-0.7.16.s390x",
"product": {
"name": "spacewalk-branding-2.1.33.10-0.7.16.s390x",
"product_id": "spacewalk-branding-2.1.33.10-0.7.16.s390x"
}
},
{
"category": "product_version",
"name": "spacewalksd-5.0.14.6-0.7.15.s390x",
"product": {
"name": "spacewalksd-5.0.14.6-0.7.15.s390x",
"product_id": "spacewalksd-5.0.14.6-0.7.15.s390x"
}
},
{
"category": "product_version",
"name": "suseRegisterInfo-2.1.9-0.7.29.s390x",
"product": {
"name": "suseRegisterInfo-2.1.9-0.7.29.s390x",
"product_id": "suseRegisterInfo-2.1.9-0.7.29.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-2.1.17-0.7.11.s390x",
"product": {
"name": "susemanager-2.1.17-0.7.11.s390x",
"product_id": "susemanager-2.1.17-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-2.1.17-0.7.11.s390x",
"product": {
"name": "susemanager-tools-2.1.17-0.7.11.s390x",
"product_id": "susemanager-tools-2.1.17-0.7.11.s390x"
}
},
{
"category": "product_version",
"name": "tanukiwrapper-3.2.3-0.10.12.s390x",
"product": {
"name": "tanukiwrapper-3.2.3-0.10.12.s390x",
"product_id": "tanukiwrapper-3.2.3-0.10.12.s390x"
}
},
{
"category": "product_version",
"name": "yum-3.2.29-0.19.30.s390x",
"product": {
"name": "yum-3.2.29-0.19.30.s390x",
"product_id": "yum-3.2.29-0.19.30.s390x"
}
},
{
"category": "product_version",
"name": "yum-common-3.2.29-0.19.30.s390x",
"product": {
"name": "yum-common-3.2.29-0.19.30.s390x",
"product_id": "yum-common-3.2.29-0.19.30.s390x"
}
},
{
"category": "product_version",
"name": "zypp-plugin-spacewalk-0.9.8-0.15.51.s390x",
"product": {
"name": "zypp-plugin-spacewalk-0.9.8-0.15.51.s390x",
"product_id": "zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager 2.1",
"product": {
"name": "SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:2.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-mod_wsgi-3.3-5.7.17.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x"
},
"product_reference": "apache2-mod_wsgi-3.3-5.7.17.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
},
"product_reference": "auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
},
"product_reference": "auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
},
"product_reference": "auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
},
"product_reference": "auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
},
"product_reference": "auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cobbler-2.2.2-0.54.9.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x"
},
"product_reference": "cobbler-2.2.2-0.54.9.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "google-gson-2.2.4-0.7.52.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch"
},
"product_reference": "google-gson-2.2.4-0.7.52.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libyaml-0-2-0.1.3-0.10.16.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x"
},
"product_reference": "libyaml-0-2-0.1.3-0.10.16.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oracle-config-1.1-0.10.10.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch"
},
"product_reference": "oracle-config-1.1-0.10.10.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osa-dispatcher-5.11.33.7-0.7.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch"
},
"product_reference": "osa-dispatcher-5.11.33.7-0.7.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-Class-Singleton-1.4-4.13.38.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch"
},
"product_reference": "perl-Class-Singleton-1.4-4.13.38.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch"
},
"product_reference": "perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-Satcon-1.20.2-0.7.6.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch"
},
"product_reference": "perl-Satcon-1.20.2-0.7.6.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch"
},
"product_reference": "perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql91-pltcl-9.1.15-0.3.1.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x"
},
"product_reference": "postgresql91-pltcl-9.1.15-0.3.1.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pxe-default-image-0.1-0.20.56.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch"
},
"product_reference": "pxe-default-image-0.1-0.20.56.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-enum34-1.0-0.7.33.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x"
},
"product_reference": "python-enum34-1.0-0.7.33.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gzipstream-1.10.2.2-0.7.6.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x"
},
"product_reference": "python-gzipstream-1.10.2.2-0.7.6.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhn-custom-info-5.4.22.6-0.7.13.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch"
},
"product_reference": "rhn-custom-info-5.4.22.6-0.7.13.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhnlib-2.5.69.6-0.7.6.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x"
},
"product_reference": "rhnlib-2.5.69.6-0.7.6.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhnmd-5.3.18.4-0.7.15.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch"
},
"product_reference": "rhnmd-5.3.18.4-0.7.15.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhnpush-5.5.71.7-0.7.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch"
},
"product_reference": "rhnpush-5.5.71.7-0.7.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sm-ncc-sync-data-2.1.9-0.7.6.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch"
},
"product_reference": "sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smdba-1.5.1-0.7.6.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x"
},
"product_reference": "smdba-1.5.1-0.7.6.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-2.1.25.7-0.7.9.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x"
},
"product_reference": "spacecmd-2.1.25.7-0.7.9.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-admin-2.1.2.4-0.7.6.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch"
},
"product_reference": "spacewalk-admin-2.1.2.4-0.7.6.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-app-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-applet-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-libs-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-server-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-tools-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x"
},
"product_reference": "spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-2.1.60.12-0.7.7.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch"
},
"product_reference": "spacewalk-base-2.1.60.12-0.7.7.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-2.1.60.12-0.7.7.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch"
},
"product_reference": "spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch"
},
"product_reference": "spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-branding-2.1.33.10-0.7.16.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x"
},
"product_reference": "spacewalk-branding-2.1.33.10-0.7.16.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-2.1.6.5-0.7.10.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch"
},
"product_reference": "spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-2.1.16.6-0.7.9.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch"
},
"product_reference": "spacewalk-check-2.1.16.6-0.7.9.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-2.1.16.6-0.7.9.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch"
},
"product_reference": "spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-2.1.16.6-0.7.9.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch"
},
"product_reference": "spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-config-2.1.5.4-0.7.15.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch"
},
"product_reference": "spacewalk-config-2.1.5.4-0.7.15.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch"
},
"product_reference": "spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-grail-2.1.60.12-0.7.7.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch"
},
"product_reference": "spacewalk-grail-2.1.60.12-0.7.7.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-2.1.60.12-0.7.7.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch"
},
"product_reference": "spacewalk-html-2.1.60.12-0.7.7.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-2.1.165.14-0.7.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch"
},
"product_reference": "spacewalk-java-2.1.165.14-0.7.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-2.1.165.14-0.7.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch"
},
"product_reference": "spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-2.1.165.14-0.7.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch"
},
"product_reference": "spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-2.1.165.14-0.7.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch"
},
"product_reference": "spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch"
},
"product_reference": "spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-pxt-2.1.60.12-0.7.7.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch"
},
"product_reference": "spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-reports-2.1.14.8-0.7.10.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch"
},
"product_reference": "spacewalk-reports-2.1.14.8-0.7.10.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-search-2.1.14.6-0.7.18.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch"
},
"product_reference": "spacewalk-search-2.1.14.6-0.7.18.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-2.1.14.9-0.7.6.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch"
},
"product_reference": "spacewalk-setup-2.1.14.9-0.7.6.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch"
},
"product_reference": "spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-sniglets-2.1.60.12-0.7.7.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch"
},
"product_reference": "spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-2.1.165.14-0.7.16.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch"
},
"product_reference": "spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-2.1.27.12-0.7.25.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch"
},
"product_reference": "spacewalk-utils-2.1.27.12-0.7.25.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalksd-5.0.14.6-0.7.15.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x"
},
"product_reference": "spacewalksd-5.0.14.6-0.7.15.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "struts-1.2.9-162.33.22.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch"
},
"product_reference": "struts-1.2.9-162.33.22.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-1.0.3-0.5.5.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch"
},
"product_reference": "supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suseRegisterInfo-2.1.9-0.7.29.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x"
},
"product_reference": "suseRegisterInfo-2.1.9-0.7.29.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-2.1.17-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x"
},
"product_reference": "susemanager-2.1.17-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-client-config_en-pdf-2.1-0.15.24.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch"
},
"product_reference": "susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-install_en-pdf-2.1-0.15.24.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch"
},
"product_reference": "susemanager-install_en-pdf-2.1-0.15.24.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-jsp_en-2.1-0.15.23.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch"
},
"product_reference": "susemanager-jsp_en-2.1-0.15.23.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-manuals_en-2.1-0.15.24.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch"
},
"product_reference": "susemanager-manuals_en-2.1-0.15.24.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch"
},
"product_reference": "susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-reference_en-pdf-2.1-0.15.24.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch"
},
"product_reference": "susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-schema-2.1.50.11-0.7.8.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch"
},
"product_reference": "susemanager-schema-2.1.50.11-0.7.8.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sync-data-2.1.5-0.7.6.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch"
},
"product_reference": "susemanager-sync-data-2.1.5-0.7.6.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-2.1.17-0.7.11.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x"
},
"product_reference": "susemanager-tools-2.1.17-0.7.11.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-user_en-pdf-2.1-0.15.24.noarch as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch"
},
"product_reference": "susemanager-user_en-pdf-2.1-0.15.24.noarch",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tanukiwrapper-3.2.3-0.10.12.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x"
},
"product_reference": "tanukiwrapper-3.2.3-0.10.12.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yum-3.2.29-0.19.30.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x"
},
"product_reference": "yum-3.2.29-0.19.30.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yum-common-3.2.29-0.19.30.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x"
},
"product_reference": "yum-common-3.2.29-0.19.30.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zypp-plugin-spacewalk-0.9.8-0.15.51.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
},
"product_reference": "zypp-plugin-spacewalk-0.9.8-0.15.51.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0114"
}
],
"notes": [
{
"category": "general",
"text": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0114",
"url": "https://www.suse.com/security/cve/CVE-2014-0114"
},
{
"category": "external",
"summary": "SUSE Bug 778464 for CVE-2014-0114",
"url": "https://bugzilla.suse.com/778464"
},
{
"category": "external",
"summary": "SUSE Bug 875455 for CVE-2014-0114",
"url": "https://bugzilla.suse.com/875455"
},
{
"category": "external",
"summary": "SUSE Bug 885963 for CVE-2014-0114",
"url": "https://bugzilla.suse.com/885963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-25T20:05:05Z",
"details": "important"
}
],
"title": "CVE-2014-0114"
},
{
"cve": "CVE-2014-0240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0240"
}
],
"notes": [
{
"category": "general",
"text": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0240",
"url": "https://www.suse.com/security/cve/CVE-2014-0240"
},
{
"category": "external",
"summary": "SUSE Bug 878550 for CVE-2014-0240",
"url": "https://bugzilla.suse.com/878550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-25T20:05:05Z",
"details": "important"
}
],
"title": "CVE-2014-0240"
},
{
"cve": "CVE-2014-0242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0242"
}
],
"notes": [
{
"category": "general",
"text": "mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0242",
"url": "https://www.suse.com/security/cve/CVE-2014-0242"
},
{
"category": "external",
"summary": "SUSE Bug 878553 for CVE-2014-0242",
"url": "https://bugzilla.suse.com/878553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-25T20:05:05Z",
"details": "important"
}
],
"title": "CVE-2014-0242"
},
{
"cve": "CVE-2014-3654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3654"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) kickstart/cobbler/CustomSnippetList.do, (2) channels/software/Entitlements.do, or (3) admin/multiorg/OrgUsers.do.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3654",
"url": "https://www.suse.com/security/cve/CVE-2014-3654"
},
{
"category": "external",
"summary": "SUSE Bug 902182 for CVE-2014-3654",
"url": "https://bugzilla.suse.com/902182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-25T20:05:05Z",
"details": "moderate"
}
],
"title": "CVE-2014-3654"
},
{
"cve": "CVE-2014-7811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-7811"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-7811",
"url": "https://www.suse.com/security/cve/CVE-2014-7811"
},
{
"category": "external",
"summary": "SUSE Bug 902915 for CVE-2014-7811",
"url": "https://bugzilla.suse.com/902915"
},
{
"category": "external",
"summary": "SUSE Bug 912886 for CVE-2014-7811",
"url": "https://bugzilla.suse.com/912886"
},
{
"category": "external",
"summary": "SUSE Bug 922740 for CVE-2014-7811",
"url": "https://bugzilla.suse.com/922740"
},
{
"category": "external",
"summary": "SUSE Bug 969911 for CVE-2014-7811",
"url": "https://bugzilla.suse.com/969911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-25T20:05:05Z",
"details": "moderate"
}
],
"title": "CVE-2014-7811"
},
{
"cve": "CVE-2014-7812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-7812"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-7812",
"url": "https://www.suse.com/security/cve/CVE-2014-7812"
},
{
"category": "external",
"summary": "SUSE Bug 912886 for CVE-2014-7812",
"url": "https://bugzilla.suse.com/912886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-25T20:05:05Z",
"details": "low"
}
],
"title": "CVE-2014-7812"
},
{
"cve": "CVE-2014-8583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8583"
}
],
"notes": [
{
"category": "general",
"text": "mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8583",
"url": "https://www.suse.com/security/cve/CVE-2014-8583"
},
{
"category": "external",
"summary": "SUSE Bug 903961 for CVE-2014-8583",
"url": "https://bugzilla.suse.com/903961"
},
{
"category": "external",
"summary": "SUSE Bug 907649 for CVE-2014-8583",
"url": "https://bugzilla.suse.com/907649"
},
{
"category": "external",
"summary": "SUSE Bug 983032 for CVE-2014-8583",
"url": "https://bugzilla.suse.com/983032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-25T20:05:05Z",
"details": "moderate"
}
],
"title": "CVE-2014-8583"
},
{
"cve": "CVE-2014-9130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9130"
}
],
"notes": [
{
"category": "general",
"text": "scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9130",
"url": "https://www.suse.com/security/cve/CVE-2014-9130"
},
{
"category": "external",
"summary": "SUSE Bug 907809 for CVE-2014-9130",
"url": "https://bugzilla.suse.com/907809"
},
{
"category": "external",
"summary": "SUSE Bug 911782 for CVE-2014-9130",
"url": "https://bugzilla.suse.com/911782"
},
{
"category": "external",
"summary": "SUSE Bug 921588 for CVE-2014-9130",
"url": "https://bugzilla.suse.com/921588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17.s390x",
"SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:cobbler-2.2.2-0.54.9.s390x",
"SUSE Manager 2.1:google-gson-2.2.4-0.7.52.noarch",
"SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11.s390x",
"SUSE Manager 2.1:oracle-config-1.1-0.10.10.16.noarch",
"SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16.noarch",
"SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38.noarch",
"SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13.noarch",
"SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6.noarch",
"SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58.noarch",
"SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1.s390x",
"SUSE Manager 2.1:pxe-default-image-0.1-0.20.56.noarch",
"SUSE Manager 2.1:python-enum34-1.0-0.7.33.s390x",
"SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6.s390x",
"SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13.noarch",
"SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6.s390x",
"SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15.noarch",
"SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16.noarch",
"SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6.noarch",
"SUSE Manager 2.1:smdba-1.5.1-0.7.6.s390x",
"SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9.s390x",
"SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11.s390x",
"SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16.s390x",
"SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9.noarch",
"SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15.noarch",
"SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26.noarch",
"SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10.noarch",
"SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18.noarch",
"SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6.noarch",
"SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7.noarch",
"SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16.noarch",
"SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25.noarch",
"SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15.s390x",
"SUSE Manager 2.1:struts-1.2.9-162.33.22.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5.noarch",
"SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5.noarch",
"SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29.s390x",
"SUSE Manager 2.1:susemanager-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23.noarch",
"SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8.noarch",
"SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6.noarch",
"SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11.s390x",
"SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24.noarch",
"SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12.s390x",
"SUSE Manager 2.1:yum-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:yum-common-3.2.29-0.19.30.s390x",
"SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-25T20:05:05Z",
"details": "moderate"
}
],
"title": "CVE-2014-9130"
}
]
}
FKIE_CVE-2014-0240
Vulnerability from fkie_nvd - Published: 2014-05-27 14:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| modwsgi | mod_wsgi | * | |
| modwsgi | mod_wsgi | 1.0 | |
| modwsgi | mod_wsgi | 1.1 | |
| modwsgi | mod_wsgi | 1.2 | |
| modwsgi | mod_wsgi | 1.3 | |
| modwsgi | mod_wsgi | 1.4 | |
| modwsgi | mod_wsgi | 1.5 | |
| modwsgi | mod_wsgi | 1.6 | |
| modwsgi | mod_wsgi | 2.0 | |
| modwsgi | mod_wsgi | 2.1 | |
| modwsgi | mod_wsgi | 2.2 | |
| modwsgi | mod_wsgi | 2.3 | |
| modwsgi | mod_wsgi | 2.4 | |
| modwsgi | mod_wsgi | 2.5 | |
| modwsgi | mod_wsgi | 2.6 | |
| modwsgi | mod_wsgi | 2.7 | |
| modwsgi | mod_wsgi | 2.8 | |
| modwsgi | mod_wsgi | 3.0 | |
| modwsgi | mod_wsgi | 3.1 | |
| modwsgi | mod_wsgi | 3.2 | |
| modwsgi | mod_wsgi | 3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "785170E8-C24B-42E0-8DFD-E25BCBEA3F06",
"versionEndIncluding": "3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D11F04B8-E47E-448E-B5B0-499A3388DBF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50A93F05-1041-4E7A-B7F3-372828F1D01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "414E1DA8-8135-4DF0-AB7F-BA54CCBB05DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D070519-30F1-4561-BC4F-06511BED6608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCF68C7-84CC-45DB-ACEA-31A624F9A3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72AFD695-31E2-416F-8D25-25D76B57D935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28EBA2EA-78FA-458A-A004-E306370D9AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DB6E106-8C25-4EF5-98DD-95C3A477EBDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E04D69ED-0B61-440B-8AF5-AE1987F8343B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0766F7BB-709D-44C1-A435-9D78D8B65E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE398E6-F113-44DB-AE9D-B9FE2B58F2AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA1CCF4D-4874-4474-AB85-8E2B107031BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D9ECCE-4FF6-483E-A320-D7085BAA9D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00DCC650-5B04-4A60-B1BE-912798F9969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA39B24F-EA97-49B5-B40E-830B15C80498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D5AA63-BD50-409E-BBD6-3D5340ABF361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "671BE4C2-1F45-4BBC-B7FB-0AB1DBD57F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61E348ED-9B13-469E-84DF-1E737C485847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0131F322-C087-4A78-BC6F-B69EA36A15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "412A2104-C514-41A1-97E9-A0E204371396",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."
},
{
"lang": "es",
"value": "El m\u00f3dulo mod_wsgi anterior a 3.5 para Apache, cuando modo demonio est\u00e1 habilitado, no maneja debidamente c\u00f3digos de error devueltos por setuid cuando se ejecuta en ciertos kernels de Linux, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores relacionados con el n\u00famero de procesos en ejecuci\u00f3n."
}
],
"id": "CVE-2014-0240",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-27T14:55:12.197",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"source": "secalert@redhat.com",
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/59551"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60094"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/67532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/67532"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2014-0240
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-0240",
"description": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.",
"id": "GSD-2014-0240",
"references": [
"https://www.suse.com/security/cve/CVE-2014-0240.html",
"https://www.debian.org/security/2014/dsa-2937",
"https://access.redhat.com/errata/RHSA-2014:1091",
"https://access.redhat.com/errata/RHSA-2014:0789",
"https://access.redhat.com/errata/RHSA-2014:0788",
"https://ubuntu.com/security/CVE-2014-0240",
"https://alas.aws.amazon.com/cve/html/CVE-2014-0240.html",
"https://linux.oracle.com/cve/CVE-2014-0240.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-0240"
],
"details": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.",
"id": "GSD-2014-0240",
"modified": "2023-12-13T01:22:44.101695Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0240",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59551",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59551"
},
{
"name": "67532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67532"
},
{
"name": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html",
"refsource": "CONFIRM",
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"name": "RHSA-2014:0789",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
},
{
"name": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html",
"refsource": "CONFIRM",
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"name": "60094",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60094"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0240"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67532",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/67532"
},
{
"name": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"name": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"name": "60094",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/60094"
},
{
"name": "59551",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/59551"
},
{
"name": "RHSA-2014:0789",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-12-21T02:29Z",
"publishedDate": "2014-05-27T14:55Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…