From bugzilla at redhat.com Wed Jul 2 09:24:33 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 2 Jul 2014 09:24:33 +0000 Subject: [RHSA-2014:0827-01] Moderate: tomcat security update Message-ID: <201407020924.s629OYTO017475@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: tomcat security update Advisory ID: RHSA-2014:0827-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0827.html Issue date: 2014-07-02 CVE Names: CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 ===================================================================== 1. Summary: Updated tomcat packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch Red Hat Enterprise Linux Client Optional (v. 7) - noarch Red Hat Enterprise Linux ComputeNode (v. 7) - noarch Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Enterprise Linux Server Optional (v. 7) - noarch Red Hat Enterprise Linux Workstation (v. 7) - noarch Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. (CVE-2014-0075) It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly. (CVE-2014-0099) It was found that the org.apache.catalina.servlets.DefaultServlet implementation in Apache Tomcat allowed the definition of XML External Entities (XXEs) in provided XSLTs. A malicious application could use this to circumvent intended security restrictions to disclose sensitive information. (CVE-2014-0096) The CVE-2014-0075 issue was discovered by David Jorm of Red Hat Product Security. All Tomcat 7 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1072776 - CVE-2014-0075 Tomcat/JBossWeb: Limited DoS in chunked transfer encoding input filter 1088342 - CVE-2014-0096 Tomcat/JBossWeb: XXE vulnerability via user supplied XSLTs 1102030 - CVE-2014-0099 Tomcat/JBossWeb: Request smuggling via malicious content length header 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: tomcat-7.0.42-6.el7_0.src.rpm noarch: tomcat-servlet-3.0-api-7.0.42-6.el7_0.noarch.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: tomcat-7.0.42-6.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-6.el7_0.noarch.rpm tomcat-docs-webapp-7.0.42-6.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-javadoc-7.0.42-6.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-jsvc-7.0.42-6.el7_0.noarch.rpm tomcat-lib-7.0.42-6.el7_0.noarch.rpm tomcat-webapps-7.0.42-6.el7_0.noarch.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: tomcat-7.0.42-6.el7_0.src.rpm noarch: tomcat-servlet-3.0-api-7.0.42-6.el7_0.noarch.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: tomcat-7.0.42-6.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-6.el7_0.noarch.rpm tomcat-docs-webapp-7.0.42-6.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-javadoc-7.0.42-6.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-jsvc-7.0.42-6.el7_0.noarch.rpm tomcat-lib-7.0.42-6.el7_0.noarch.rpm tomcat-webapps-7.0.42-6.el7_0.noarch.rpm Red Hat Enterprise Linux Server (v. 7): Source: tomcat-7.0.42-6.el7_0.src.rpm noarch: tomcat-7.0.42-6.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-6.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-lib-7.0.42-6.el7_0.noarch.rpm tomcat-servlet-3.0-api-7.0.42-6.el7_0.noarch.rpm tomcat-webapps-7.0.42-6.el7_0.noarch.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: tomcat-7.0.42-6.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-6.el7_0.noarch.rpm tomcat-docs-webapp-7.0.42-6.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-javadoc-7.0.42-6.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-jsvc-7.0.42-6.el7_0.noarch.rpm tomcat-lib-7.0.42-6.el7_0.noarch.rpm tomcat-webapps-7.0.42-6.el7_0.noarch.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: tomcat-7.0.42-6.el7_0.src.rpm noarch: tomcat-7.0.42-6.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-6.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-6.el7_0.noarch.rpm tomcat-lib-7.0.42-6.el7_0.noarch.rpm tomcat-servlet-3.0-api-7.0.42-6.el7_0.noarch.rpm tomcat-webapps-7.0.42-6.el7_0.noarch.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: tomcat-docs-webapp-7.0.42-6.el7_0.noarch.rpm tomcat-javadoc-7.0.42-6.el7_0.noarch.rpm tomcat-jsvc-7.0.42-6.el7_0.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0075.html https://www.redhat.com/security/data/cve/CVE-2014-0096.html https://www.redhat.com/security/data/cve/CVE-2014-0099.html https://access.redhat.com/security/updates/classification/#moderate http://tomcat.apache.org/security-7.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTs8+9XlSAg2UNWIIRAglqAJ4sw3DT+V4pFReZSRvkoW+f90gxdgCdFn5e bVOeybWcY1fm+xgpnE7T2ZM= =O2as -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 2 17:58:06 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 2 Jul 2014 17:58:06 +0000 Subject: [RHSA-2014:0830-01] Low: Red Hat Enterprise Linux 6.3 Extended Update Support Retirement Notice Message-ID: <201407021758.s62Hw64G012248@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 6.3 Extended Update Support Retirement Notice Advisory ID: RHSA-2014:0830-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0830.html Issue date: 2014-07-02 ===================================================================== 1. Summary: This is the final notification for the retirement of Red Hat Enterprise Linux 6.3 Extended Update Support (EUS). This notification applies only to those customers subscribed to the Extended Update Support (EUS) channel for Red Hat Enterprise Linux 6.3. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server EUS (v. 6.3) - i386, ppc64, s390x, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.3 was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.3 EUS after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to plan their migration from Red Hat Enterprise Linux 6.3 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on a currently supported Red Hat Enterprise Linux release. Details of the Red Hat Enterprise Linux life cycle can be found here: https://access.redhat.com/site/support/policy/updates/errata/ 4. Solution: This erratum contains an updated redhat-release-server package, that provides a copy of this retirement notice in the "/usr/share/doc/" directory. 5. Package List: Red Hat Enterprise Linux Server EUS (v. 6.3): Source: redhat-release-server-6Server-6.3.0.7.el6_3.src.rpm i386: redhat-release-server-6Server-6.3.0.7.el6_3.i686.rpm ppc64: redhat-release-server-6Server-6.3.0.7.el6_3.ppc64.rpm s390x: redhat-release-server-6Server-6.3.0.7.el6_3.s390x.rpm x86_64: redhat-release-server-6Server-6.3.0.7.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 6. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/site/support/policy/updates/errata/ 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTtEgaXlSAg2UNWIIRAl5kAJ4+O/ffKqml+UpzlR2qUfcikZMUGwCcCfRG lQxAHj7spFtjirHqPV+F5mQ= =EQt7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 2 17:58:37 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 2 Jul 2014 17:58:37 +0000 Subject: [RHSA-2014:0831-01] Low: Red Hat Developer Toolset Version 1 Retirement Notice Message-ID: <201407021758.s62Hwc5f019267@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Developer Toolset Version 1 Retirement Notice Advisory ID: RHSA-2014:0831-01 Product: Red Hat Developer Toolset Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0831.html Issue date: 2014-07-02 ===================================================================== 1. Summary: This is the final notification for the retirement of Red Hat Developer Toolset Version 1. This notification applies only to those customers with subscriptions for Red Hat Developer Toolset Version 1. 2. Description: In accordance with the Red Hat Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 1 after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided for Red Hat Developer Toolset Version 1 after this date. We encourage customers to plan their migration from Red Hat Developer Toolset Version 1 to a more recent release of Red Hat Developer Toolset. As a benefit of the Red Hat subscription model, customers can use their active Red Hat Developer Toolset subscriptions to entitle any system on a currently supported version of this product. Details of the Red Hat Developer Toolset life cycle can be found at https://access.redhat.com/site/support/policy/updates/dts/ 3. Solution: Red Hat Developer Toolset Version 1 was retired on June 30, 2014. Customers are encouraged to migrate to a newer release of Red Hat Developer Toolset, and can find additional details on the Red Hat Developer Toolset life cycle page at https://access.redhat.com/site/support/policy/updates/dts/ 4. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/site/support/policy/updates/dts/ 5. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTtEg6XlSAg2UNWIIRArnsAKCqj2hMKaRdmcyAq5Qe1ZWCpdpd0QCeNl/V Z9lcvv/qcu638S486xGraWs= =tUBW -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 9 09:29:34 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 Jul 2014 09:29:34 +0000 Subject: [RHSA-2014:0858-01] Moderate: Red Hat Enterprise MRG 2.5 Messaging and Grid security update Message-ID: <201407090929.s699TZug018844@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Enterprise MRG 2.5 Messaging and Grid security update Advisory ID: RHSA-2014:0858-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0858.html Issue date: 2014-07-09 CVE Names: CVE-2012-2682 CVE-2014-0174 ===================================================================== 1. Summary: An updated cumin package that fixes two security issues is now available for Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Grid for RHEL 6 Server v.2 - noarch MRG Management for RHEL 6 Server v.2 - noarch 3. Description: Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. It was found that if Cumin were asked to display a link name containing non-ASCII characters, the request would terminate with an error. If data containing non-ASCII characters were added to the database (such as via Cumin or Wallaby), requests to load said data would terminate and the requested page would not be displayed until an administrator cleans the database. (CVE-2012-2682) It was found that Cumin did not set the HttpOnly flag on session cookies. This could allow a malicious script to access the session cookie. (CVE-2014-0174) These issues were discovered by Stanislav Graf of Red Hat. All users of cumin with Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 6 are advised to upgrade to this updated package, which corrects these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 830254 - CVE-2012-2682 cumin: DoS via displayed link names containing non-ASCII characters 1086000 - CVE-2014-0174 cumin: session cookies lack httponly setting 6. Package List: MRG Grid for RHEL 6 Server v.2: Source: cumin-0.1.5797-3.el6.src.rpm noarch: cumin-0.1.5797-3.el6.noarch.rpm MRG Management for RHEL 6 Server v.2: Source: cumin-0.1.5797-3.el6.src.rpm noarch: cumin-0.1.5797-3.el6.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-2682.html https://www.redhat.com/security/data/cve/CVE-2014-0174.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTvQtlXlSAg2UNWIIRAvyPAJ4t8usigBWAc1zg8vIgNsAfna5oCgCePWHq B+yu84FfTPBV/P3tEyYX4vw= =50WZ -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 9 09:30:08 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 Jul 2014 09:30:08 +0000 Subject: [RHSA-2014:0859-01] Moderate: Red Hat Enterprise MRG 2.5 Messaging and Grid security update Message-ID: <201407090930.s699U9Nd019458@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Enterprise MRG 2.5 Messaging and Grid security update Advisory ID: RHSA-2014:0859-01 Product: Red Hat Enterprise MRG for RHEL-5 Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0859.html Issue date: 2014-07-09 CVE Names: CVE-2012-2682 CVE-2014-0174 ===================================================================== 1. Summary: An updated cumin package that fixes two security issues is now available for Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Grid for RHEL 5 Server v.2 - noarch MRG Management for RHEL 5 Server v.2 - noarch 3. Description: Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. It was found that if Cumin were asked to display a link name containing non-ASCII characters, the request would terminate with an error. If data containing non-ASCII characters were added to the database (such as via Cumin or Wallaby), requests to load said data would terminate and the requested page would not be displayed until an administrator cleans the database. (CVE-2012-2682) It was found that Cumin did not set the HttpOnly flag on session cookies. This could allow a malicious script to access the session cookie. (CVE-2014-0174) These issues were discovered by Stanislav Graf of Red Hat. All users of cumin with Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 5 are advised to upgrade to this updated package, which corrects these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 830254 - CVE-2012-2682 cumin: DoS via displayed link names containing non-ASCII characters 1086000 - CVE-2014-0174 cumin: session cookies lack httponly setting 6. Package List: MRG Grid for RHEL 5 Server v.2: Source: cumin-0.1.5796-4.el5_9.src.rpm noarch: cumin-0.1.5796-4.el5_9.noarch.rpm MRG Management for RHEL 5 Server v.2: Source: cumin-0.1.5796-4.el5_9.src.rpm noarch: cumin-0.1.5796-4.el5_9.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-2682.html https://www.redhat.com/security/data/cve/CVE-2014-0174.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTvQuZXlSAg2UNWIIRAqLNAJ9iz0oP9c/IM9+1tIQahZa6yiasDwCginbm ifNIwei0m7ODkwrI3ojEfjw= =Attb -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 9 15:39:40 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 Jul 2014 15:39:40 +0000 Subject: [RHSA-2014:0860-01] Critical: flash-plugin security update Message-ID: <201407091539.s69Fdeix031386@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:0860-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0860.html Issue date: 2014-07-09 CVE Names: CVE-2014-0537 CVE-2014-0539 CVE-2014-4671 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-17, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0537, CVE-2014-0539) This update also fixes a flaw that would lead to Cross-Site Request Forgery (CSRF) attacks. (CVE-2014-4671) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.394. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1117586 - CVE-2014-0537 CVE-2014-0539 flash-plugin: security protection bypass (APSB14-17) 1117588 - CVE-2014-4671 flash-plugin: vulnerable JSONP callback APIs issue (APSB14-17) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.394-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.394-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.394-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.394-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.394-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.394-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.394-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.394-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.394-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.394-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0537.html https://www.redhat.com/security/data/cve/CVE-2014-0539.html https://www.redhat.com/security/data/cve/CVE-2014-4671.html https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-17.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTvWIcXlSAg2UNWIIRArr2AJwJyNpz/+Ec1y8LhYAkqBKM1ZZXBACfZtYB gBDt4W/WHbfPbMm4yjzv5Qk= =+esp -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 9 17:29:42 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 Jul 2014 17:29:42 +0000 Subject: [RHSA-2014:0861-02] Moderate: lzo security update Message-ID: <201407091729.s69HThqw027093@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: lzo security update Advisory ID: RHSA-2014:0861-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0861.html Issue date: 2014-07-09 CVE Names: CVE-2014-4607 ===================================================================== 1. Summary: Updated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) Red Hat would like to thank Don A. Bailey from Lab Mouse Security for reporting this issue. All lzo users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1112418 - CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm x86_64: lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm x86_64: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm x86_64: lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm x86_64: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm ppc64: lzo-2.03-3.1.el6_5.1.ppc64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.ppc64.rpm s390x: lzo-2.03-3.1.el6_5.1.s390x.rpm lzo-debuginfo-2.03-3.1.el6_5.1.s390x.rpm x86_64: lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm ppc64: lzo-2.03-3.1.el6_5.1.ppc.rpm lzo-debuginfo-2.03-3.1.el6_5.1.ppc.rpm lzo-debuginfo-2.03-3.1.el6_5.1.ppc64.rpm lzo-devel-2.03-3.1.el6_5.1.ppc.rpm lzo-devel-2.03-3.1.el6_5.1.ppc64.rpm lzo-minilzo-2.03-3.1.el6_5.1.ppc.rpm lzo-minilzo-2.03-3.1.el6_5.1.ppc64.rpm s390x: lzo-2.03-3.1.el6_5.1.s390.rpm lzo-debuginfo-2.03-3.1.el6_5.1.s390.rpm lzo-debuginfo-2.03-3.1.el6_5.1.s390x.rpm lzo-devel-2.03-3.1.el6_5.1.s390.rpm lzo-devel-2.03-3.1.el6_5.1.s390x.rpm lzo-minilzo-2.03-3.1.el6_5.1.s390.rpm lzo-minilzo-2.03-3.1.el6_5.1.s390x.rpm x86_64: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm x86_64: lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm x86_64: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: lzo-2.06-6.el7_0.2.src.rpm x86_64: lzo-2.06-6.el7_0.2.i686.rpm lzo-2.06-6.el7_0.2.x86_64.rpm lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-minilzo-2.06-6.el7_0.2.i686.rpm lzo-minilzo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-devel-2.06-6.el7_0.2.i686.rpm lzo-devel-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: lzo-2.06-6.el7_0.2.src.rpm x86_64: lzo-2.06-6.el7_0.2.i686.rpm lzo-2.06-6.el7_0.2.x86_64.rpm lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-devel-2.06-6.el7_0.2.i686.rpm lzo-devel-2.06-6.el7_0.2.x86_64.rpm lzo-minilzo-2.06-6.el7_0.2.i686.rpm lzo-minilzo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: lzo-2.06-6.el7_0.2.src.rpm ppc64: lzo-2.06-6.el7_0.2.ppc.rpm lzo-2.06-6.el7_0.2.ppc64.rpm lzo-debuginfo-2.06-6.el7_0.2.ppc.rpm lzo-debuginfo-2.06-6.el7_0.2.ppc64.rpm s390x: lzo-2.06-6.el7_0.2.s390.rpm lzo-2.06-6.el7_0.2.s390x.rpm lzo-debuginfo-2.06-6.el7_0.2.s390.rpm lzo-debuginfo-2.06-6.el7_0.2.s390x.rpm x86_64: lzo-2.06-6.el7_0.2.i686.rpm lzo-2.06-6.el7_0.2.x86_64.rpm lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-minilzo-2.06-6.el7_0.2.i686.rpm lzo-minilzo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: lzo-debuginfo-2.06-6.el7_0.2.ppc.rpm lzo-debuginfo-2.06-6.el7_0.2.ppc64.rpm lzo-devel-2.06-6.el7_0.2.ppc.rpm lzo-devel-2.06-6.el7_0.2.ppc64.rpm lzo-minilzo-2.06-6.el7_0.2.ppc.rpm lzo-minilzo-2.06-6.el7_0.2.ppc64.rpm s390x: lzo-debuginfo-2.06-6.el7_0.2.s390.rpm lzo-debuginfo-2.06-6.el7_0.2.s390x.rpm lzo-devel-2.06-6.el7_0.2.s390.rpm lzo-devel-2.06-6.el7_0.2.s390x.rpm lzo-minilzo-2.06-6.el7_0.2.s390.rpm lzo-minilzo-2.06-6.el7_0.2.s390x.rpm x86_64: lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-devel-2.06-6.el7_0.2.i686.rpm lzo-devel-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: lzo-2.06-6.el7_0.2.src.rpm x86_64: lzo-2.06-6.el7_0.2.i686.rpm lzo-2.06-6.el7_0.2.x86_64.rpm lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-minilzo-2.06-6.el7_0.2.i686.rpm lzo-minilzo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-devel-2.06-6.el7_0.2.i686.rpm lzo-devel-2.06-6.el7_0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-4607.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTvXwAXlSAg2UNWIIRAjMYAJ95mlHImoIprxyBKCiRSWXPZT+m1QCeKo4X 3d8b73N9CSR+sW5dmWW3zXk= =FYOa -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 9 17:30:24 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 Jul 2014 17:30:24 +0000 Subject: [RHSA-2014:0865-01] Moderate: tomcat6 security and bug fix update Message-ID: <201407091730.s69HUOGk027599@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: tomcat6 security and bug fix update Advisory ID: RHSA-2014:0865-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0865.html Issue date: 2014-07-09 CVE Names: CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 ===================================================================== 1. Summary: Updated tomcat6 packages that fix three security issues and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - noarch Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Enterprise Linux Server Optional (v. 6) - noarch Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Enterprise Linux Workstation Optional (v. 6) - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. (CVE-2014-0075) It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly. (CVE-2014-0099) It was found that the org.apache.catalina.servlets.DefaultServlet implementation in Apache Tomcat allowed the definition of XML External Entities (XXEs) in provided XSLTs. A malicious application could use this to circumvent intended security restrictions to disclose sensitive information. (CVE-2014-0096) The CVE-2014-0075 issue was discovered by David Jorm of Red Hat Product Security. This update also fixes the following bugs: * The patch that resolved the CVE-2014-0050 issue contained redundant code. This update removes the redundant code. (BZ#1094528) * The patch that resolved the CVE-2013-4322 issue contained an invalid check that triggered a java.io.EOFException while reading trailer headers for chunked requests. This update fixes the check and the aforementioned exception is no longer triggered in the described scenario. (BZ#1095602) All Tomcat 6 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1072776 - CVE-2014-0075 Tomcat/JBossWeb: Limited DoS in chunked transfer encoding input filter 1088342 - CVE-2014-0096 Tomcat/JBossWeb: XXE vulnerability via user supplied XSLTs 1095602 - tomcat6 security patch tomcat6-6.0.24-CVE-2013-4322 typo results in application crash with EOFException 1102030 - CVE-2014-0099 Tomcat/JBossWeb: Request smuggling via malicious content length header 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: tomcat6-6.0.24-72.el6_5.src.rpm noarch: tomcat6-6.0.24-72.el6_5.noarch.rpm tomcat6-admin-webapps-6.0.24-72.el6_5.noarch.rpm tomcat6-docs-webapp-6.0.24-72.el6_5.noarch.rpm tomcat6-el-2.1-api-6.0.24-72.el6_5.noarch.rpm tomcat6-javadoc-6.0.24-72.el6_5.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-72.el6_5.noarch.rpm tomcat6-lib-6.0.24-72.el6_5.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-72.el6_5.noarch.rpm tomcat6-webapps-6.0.24-72.el6_5.noarch.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: tomcat6-6.0.24-72.el6_5.src.rpm noarch: tomcat6-6.0.24-72.el6_5.noarch.rpm tomcat6-admin-webapps-6.0.24-72.el6_5.noarch.rpm tomcat6-docs-webapp-6.0.24-72.el6_5.noarch.rpm tomcat6-el-2.1-api-6.0.24-72.el6_5.noarch.rpm tomcat6-javadoc-6.0.24-72.el6_5.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-72.el6_5.noarch.rpm tomcat6-lib-6.0.24-72.el6_5.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-72.el6_5.noarch.rpm tomcat6-webapps-6.0.24-72.el6_5.noarch.rpm Red Hat Enterprise Linux Server (v. 6): Source: tomcat6-6.0.24-72.el6_5.src.rpm noarch: tomcat6-6.0.24-72.el6_5.noarch.rpm tomcat6-el-2.1-api-6.0.24-72.el6_5.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-72.el6_5.noarch.rpm tomcat6-lib-6.0.24-72.el6_5.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-72.el6_5.noarch.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: tomcat6-6.0.24-72.el6_5.src.rpm noarch: tomcat6-admin-webapps-6.0.24-72.el6_5.noarch.rpm tomcat6-docs-webapp-6.0.24-72.el6_5.noarch.rpm tomcat6-javadoc-6.0.24-72.el6_5.noarch.rpm tomcat6-webapps-6.0.24-72.el6_5.noarch.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: tomcat6-6.0.24-72.el6_5.src.rpm noarch: tomcat6-6.0.24-72.el6_5.noarch.rpm tomcat6-el-2.1-api-6.0.24-72.el6_5.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-72.el6_5.noarch.rpm tomcat6-lib-6.0.24-72.el6_5.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-72.el6_5.noarch.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: tomcat6-6.0.24-72.el6_5.src.rpm noarch: tomcat6-admin-webapps-6.0.24-72.el6_5.noarch.rpm tomcat6-docs-webapp-6.0.24-72.el6_5.noarch.rpm tomcat6-javadoc-6.0.24-72.el6_5.noarch.rpm tomcat6-webapps-6.0.24-72.el6_5.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0075.html https://www.redhat.com/security/data/cve/CVE-2014-0096.html https://www.redhat.com/security/data/cve/CVE-2014-0099.html https://access.redhat.com/security/updates/classification/#moderate https://tomcat.apache.org/security-6.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTvXwnXlSAg2UNWIIRAlETAJ9h/t6cImOQb/wTXhxFFhcuNAuXXwCgrS7D OIiDqTphtomRGnnfl7/JS9g= =AWBW -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 9 17:31:06 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 Jul 2014 17:31:06 +0000 Subject: [RHSA-2014:0866-01] Moderate: samba and samba3x security update Message-ID: <201407091731.s69HV6ww019300@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: samba and samba3x security update Advisory ID: RHSA-2014:0866-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0866.html Issue date: 2014-07-09 CVE Names: CVE-2014-0244 CVE-2014-3493 ===================================================================== 1. Summary: Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-3493. The Samba project acknowledges Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1097815 - CVE-2014-0244 samba: nmbd denial of service 1108748 - CVE-2014-3493 samba: smbd unicode path names denial of service 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: samba3x-3.6.6-0.140.el5_10.src.rpm i386: samba3x-3.6.6-0.140.el5_10.i386.rpm samba3x-client-3.6.6-0.140.el5_10.i386.rpm samba3x-common-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-doc-3.6.6-0.140.el5_10.i386.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.i386.rpm samba3x-swat-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm x86_64: samba3x-3.6.6-0.140.el5_10.x86_64.rpm samba3x-client-3.6.6-0.140.el5_10.x86_64.rpm samba3x-common-3.6.6-0.140.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.x86_64.rpm samba3x-doc-3.6.6-0.140.el5_10.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.x86_64.rpm samba3x-swat-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-3.6.6-0.140.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop Workstation (v. 5 client): Source: samba3x-3.6.6-0.140.el5_10.src.rpm i386: samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm x86_64: samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: samba3x-3.6.6-0.140.el5_10.src.rpm i386: samba3x-3.6.6-0.140.el5_10.i386.rpm samba3x-client-3.6.6-0.140.el5_10.i386.rpm samba3x-common-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-doc-3.6.6-0.140.el5_10.i386.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.i386.rpm samba3x-swat-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm ia64: samba3x-3.6.6-0.140.el5_10.ia64.rpm samba3x-client-3.6.6-0.140.el5_10.ia64.rpm samba3x-common-3.6.6-0.140.el5_10.ia64.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.ia64.rpm samba3x-doc-3.6.6-0.140.el5_10.ia64.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.ia64.rpm samba3x-swat-3.6.6-0.140.el5_10.ia64.rpm samba3x-winbind-3.6.6-0.140.el5_10.ia64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.ia64.rpm ppc: samba3x-3.6.6-0.140.el5_10.ppc.rpm samba3x-client-3.6.6-0.140.el5_10.ppc.rpm samba3x-common-3.6.6-0.140.el5_10.ppc.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.ppc.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.ppc64.rpm samba3x-doc-3.6.6-0.140.el5_10.ppc.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.ppc.rpm samba3x-swat-3.6.6-0.140.el5_10.ppc.rpm samba3x-winbind-3.6.6-0.140.el5_10.ppc.rpm samba3x-winbind-3.6.6-0.140.el5_10.ppc64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.ppc.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.ppc64.rpm s390x: samba3x-3.6.6-0.140.el5_10.s390x.rpm samba3x-client-3.6.6-0.140.el5_10.s390x.rpm samba3x-common-3.6.6-0.140.el5_10.s390x.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.s390.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.s390x.rpm samba3x-doc-3.6.6-0.140.el5_10.s390x.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.s390x.rpm samba3x-swat-3.6.6-0.140.el5_10.s390x.rpm samba3x-winbind-3.6.6-0.140.el5_10.s390.rpm samba3x-winbind-3.6.6-0.140.el5_10.s390x.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.s390.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.s390x.rpm x86_64: samba3x-3.6.6-0.140.el5_10.x86_64.rpm samba3x-client-3.6.6-0.140.el5_10.x86_64.rpm samba3x-common-3.6.6-0.140.el5_10.x86_64.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.i386.rpm samba3x-debuginfo-3.6.6-0.140.el5_10.x86_64.rpm samba3x-doc-3.6.6-0.140.el5_10.x86_64.rpm samba3x-domainjoin-gui-3.6.6-0.140.el5_10.x86_64.rpm samba3x-swat-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-3.6.6-0.140.el5_10.x86_64.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.i386.rpm samba3x-winbind-devel-3.6.6-0.140.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-3.6.9-169.el6_5.i686.rpm samba-client-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-winbind-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm x86_64: libsmbclient-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm samba-client-3.6.9-169.el6_5.x86_64.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm samba-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-doc-3.6.9-169.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-169.el6_5.i686.rpm samba-swat-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.i686.rpm x86_64: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm x86_64: samba-client-3.6.9-169.el6_5.x86_64.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm x86_64: libsmbclient-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm libsmbclient-devel-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-3.6.9-169.el6_5.i686.rpm samba-3.6.9-169.el6_5.i686.rpm samba-client-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-winbind-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm ppc64: libsmbclient-3.6.9-169.el6_5.ppc.rpm libsmbclient-3.6.9-169.el6_5.ppc64.rpm samba-3.6.9-169.el6_5.ppc64.rpm samba-client-3.6.9-169.el6_5.ppc64.rpm samba-common-3.6.9-169.el6_5.ppc.rpm samba-common-3.6.9-169.el6_5.ppc64.rpm samba-debuginfo-3.6.9-169.el6_5.ppc.rpm samba-debuginfo-3.6.9-169.el6_5.ppc64.rpm samba-winbind-3.6.9-169.el6_5.ppc64.rpm samba-winbind-clients-3.6.9-169.el6_5.ppc.rpm samba-winbind-clients-3.6.9-169.el6_5.ppc64.rpm s390x: libsmbclient-3.6.9-169.el6_5.s390.rpm libsmbclient-3.6.9-169.el6_5.s390x.rpm samba-3.6.9-169.el6_5.s390x.rpm samba-client-3.6.9-169.el6_5.s390x.rpm samba-common-3.6.9-169.el6_5.s390.rpm samba-common-3.6.9-169.el6_5.s390x.rpm samba-debuginfo-3.6.9-169.el6_5.s390.rpm samba-debuginfo-3.6.9-169.el6_5.s390x.rpm samba-winbind-3.6.9-169.el6_5.s390x.rpm samba-winbind-clients-3.6.9-169.el6_5.s390.rpm samba-winbind-clients-3.6.9-169.el6_5.s390x.rpm x86_64: libsmbclient-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm samba-client-3.6.9-169.el6_5.x86_64.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-doc-3.6.9-169.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-169.el6_5.i686.rpm samba-swat-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.i686.rpm ppc64: libsmbclient-devel-3.6.9-169.el6_5.ppc.rpm libsmbclient-devel-3.6.9-169.el6_5.ppc64.rpm samba-debuginfo-3.6.9-169.el6_5.ppc.rpm samba-debuginfo-3.6.9-169.el6_5.ppc64.rpm samba-doc-3.6.9-169.el6_5.ppc64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.ppc64.rpm samba-swat-3.6.9-169.el6_5.ppc64.rpm samba-winbind-devel-3.6.9-169.el6_5.ppc.rpm samba-winbind-devel-3.6.9-169.el6_5.ppc64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.ppc64.rpm s390x: libsmbclient-devel-3.6.9-169.el6_5.s390.rpm libsmbclient-devel-3.6.9-169.el6_5.s390x.rpm samba-debuginfo-3.6.9-169.el6_5.s390.rpm samba-debuginfo-3.6.9-169.el6_5.s390x.rpm samba-doc-3.6.9-169.el6_5.s390x.rpm samba-domainjoin-gui-3.6.9-169.el6_5.s390x.rpm samba-swat-3.6.9-169.el6_5.s390x.rpm samba-winbind-devel-3.6.9-169.el6_5.s390.rpm samba-winbind-devel-3.6.9-169.el6_5.s390x.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.s390x.rpm x86_64: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-3.6.9-169.el6_5.i686.rpm samba-3.6.9-169.el6_5.i686.rpm samba-client-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-winbind-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm x86_64: libsmbclient-3.6.9-169.el6_5.i686.rpm libsmbclient-3.6.9-169.el6_5.x86_64.rpm samba-3.6.9-169.el6_5.x86_64.rpm samba-client-3.6.9-169.el6_5.x86_64.rpm samba-common-3.6.9-169.el6_5.i686.rpm samba-common-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-winbind-3.6.9-169.el6_5.x86_64.rpm samba-winbind-clients-3.6.9-169.el6_5.i686.rpm samba-winbind-clients-3.6.9-169.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: samba-3.6.9-169.el6_5.src.rpm i386: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-doc-3.6.9-169.el6_5.i686.rpm samba-domainjoin-gui-3.6.9-169.el6_5.i686.rpm samba-swat-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.i686.rpm x86_64: libsmbclient-devel-3.6.9-169.el6_5.i686.rpm libsmbclient-devel-3.6.9-169.el6_5.x86_64.rpm samba-debuginfo-3.6.9-169.el6_5.i686.rpm samba-debuginfo-3.6.9-169.el6_5.x86_64.rpm samba-doc-3.6.9-169.el6_5.x86_64.rpm samba-domainjoin-gui-3.6.9-169.el6_5.x86_64.rpm samba-swat-3.6.9-169.el6_5.x86_64.rpm samba-winbind-devel-3.6.9-169.el6_5.i686.rpm samba-winbind-devel-3.6.9-169.el6_5.x86_64.rpm samba-winbind-krb5-locator-3.6.9-169.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0244.html https://www.redhat.com/security/data/cve/CVE-2014-3493.html https://access.redhat.com/security/updates/classification/#moderate https://www.samba.org/samba/security/CVE-2014-0244 https://www.samba.org/samba/security/CVE-2014-3493 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTvXxVXlSAg2UNWIIRAr72AJ428d++B/CYCIUR0atiT3bzicKXZACfSlyv 024P8vfdSd9xS/VQyEm2ehg= =pLAN -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 9 17:31:42 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 Jul 2014 17:31:42 +0000 Subject: [RHSA-2014:0867-01] Moderate: samba security update Message-ID: <201407091731.s69HVhHq020645@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: samba security update Advisory ID: RHSA-2014:0867-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0867.html Issue date: 2014-07-09 CVE Names: CVE-2014-0178 CVE-2014-0244 CVE-2014-3493 ===================================================================== 1. Summary: Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) A flaw was found in the way Samba created responses for certain authenticated client requests when a shadow-copy VFS module was enabled. An attacker able to send an authenticated request could use this flaw to disclose limited portions of memory per each request. (CVE-2014-0178) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) Red Hat would like to thank Daniel Berteaud of FIREWALL-SERVICES SARL for reporting CVE-2014-0244, and the Samba project for reporting CVE-2014-0178 and CVE-2014-3493. The Samba project acknowledges Christof Schmitt as the original reporter of CVE-2014-0178, and Simon Arlott as the original reporter of CVE-2014-3493. All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1097815 - CVE-2014-0244 samba: nmbd denial of service 1101992 - CVE-2014-0178 samba: Uninitialized memory exposure 1108748 - CVE-2014-3493 samba: smbd unicode path names denial of service 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: samba-4.1.1-35.el7_0.src.rpm x86_64: libsmbclient-4.1.1-35.el7_0.i686.rpm libsmbclient-4.1.1-35.el7_0.x86_64.rpm libwbclient-4.1.1-35.el7_0.i686.rpm libwbclient-4.1.1-35.el7_0.x86_64.rpm samba-client-4.1.1-35.el7_0.x86_64.rpm samba-common-4.1.1-35.el7_0.x86_64.rpm samba-debuginfo-4.1.1-35.el7_0.i686.rpm samba-debuginfo-4.1.1-35.el7_0.x86_64.rpm samba-libs-4.1.1-35.el7_0.i686.rpm samba-libs-4.1.1-35.el7_0.x86_64.rpm samba-winbind-4.1.1-35.el7_0.x86_64.rpm samba-winbind-modules-4.1.1-35.el7_0.i686.rpm samba-winbind-modules-4.1.1-35.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libsmbclient-devel-4.1.1-35.el7_0.i686.rpm libsmbclient-devel-4.1.1-35.el7_0.x86_64.rpm libwbclient-devel-4.1.1-35.el7_0.i686.rpm libwbclient-devel-4.1.1-35.el7_0.x86_64.rpm samba-4.1.1-35.el7_0.x86_64.rpm samba-dc-4.1.1-35.el7_0.x86_64.rpm samba-dc-libs-4.1.1-35.el7_0.x86_64.rpm samba-debuginfo-4.1.1-35.el7_0.i686.rpm samba-debuginfo-4.1.1-35.el7_0.x86_64.rpm samba-devel-4.1.1-35.el7_0.i686.rpm samba-devel-4.1.1-35.el7_0.x86_64.rpm samba-pidl-4.1.1-35.el7_0.x86_64.rpm samba-python-4.1.1-35.el7_0.x86_64.rpm samba-test-4.1.1-35.el7_0.x86_64.rpm samba-test-devel-4.1.1-35.el7_0.x86_64.rpm samba-vfs-glusterfs-4.1.1-35.el7_0.x86_64.rpm samba-winbind-clients-4.1.1-35.el7_0.x86_64.rpm samba-winbind-krb5-locator-4.1.1-35.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: samba-4.1.1-35.el7_0.src.rpm x86_64: libsmbclient-4.1.1-35.el7_0.i686.rpm libsmbclient-4.1.1-35.el7_0.x86_64.rpm libwbclient-4.1.1-35.el7_0.i686.rpm libwbclient-4.1.1-35.el7_0.x86_64.rpm samba-client-4.1.1-35.el7_0.x86_64.rpm samba-common-4.1.1-35.el7_0.x86_64.rpm samba-debuginfo-4.1.1-35.el7_0.i686.rpm samba-debuginfo-4.1.1-35.el7_0.x86_64.rpm samba-libs-4.1.1-35.el7_0.i686.rpm samba-libs-4.1.1-35.el7_0.x86_64.rpm samba-winbind-4.1.1-35.el7_0.x86_64.rpm samba-winbind-modules-4.1.1-35.el7_0.i686.rpm samba-winbind-modules-4.1.1-35.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libsmbclient-devel-4.1.1-35.el7_0.i686.rpm libsmbclient-devel-4.1.1-35.el7_0.x86_64.rpm libwbclient-devel-4.1.1-35.el7_0.i686.rpm libwbclient-devel-4.1.1-35.el7_0.x86_64.rpm samba-4.1.1-35.el7_0.x86_64.rpm samba-dc-4.1.1-35.el7_0.x86_64.rpm samba-dc-libs-4.1.1-35.el7_0.x86_64.rpm samba-debuginfo-4.1.1-35.el7_0.i686.rpm samba-debuginfo-4.1.1-35.el7_0.x86_64.rpm samba-devel-4.1.1-35.el7_0.i686.rpm samba-devel-4.1.1-35.el7_0.x86_64.rpm samba-pidl-4.1.1-35.el7_0.x86_64.rpm samba-python-4.1.1-35.el7_0.x86_64.rpm samba-test-4.1.1-35.el7_0.x86_64.rpm samba-test-devel-4.1.1-35.el7_0.x86_64.rpm samba-vfs-glusterfs-4.1.1-35.el7_0.x86_64.rpm samba-winbind-clients-4.1.1-35.el7_0.x86_64.rpm samba-winbind-krb5-locator-4.1.1-35.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: samba-4.1.1-35.el7_0.src.rpm ppc64: libsmbclient-4.1.1-35.el7_0.ppc.rpm libsmbclient-4.1.1-35.el7_0.ppc64.rpm libwbclient-4.1.1-35.el7_0.ppc.rpm libwbclient-4.1.1-35.el7_0.ppc64.rpm samba-4.1.1-35.el7_0.ppc64.rpm samba-client-4.1.1-35.el7_0.ppc64.rpm samba-common-4.1.1-35.el7_0.ppc64.rpm samba-debuginfo-4.1.1-35.el7_0.ppc.rpm samba-debuginfo-4.1.1-35.el7_0.ppc64.rpm samba-libs-4.1.1-35.el7_0.ppc.rpm samba-libs-4.1.1-35.el7_0.ppc64.rpm samba-winbind-4.1.1-35.el7_0.ppc64.rpm samba-winbind-modules-4.1.1-35.el7_0.ppc.rpm samba-winbind-modules-4.1.1-35.el7_0.ppc64.rpm s390x: libsmbclient-4.1.1-35.el7_0.s390.rpm libsmbclient-4.1.1-35.el7_0.s390x.rpm libwbclient-4.1.1-35.el7_0.s390.rpm libwbclient-4.1.1-35.el7_0.s390x.rpm samba-4.1.1-35.el7_0.s390x.rpm samba-client-4.1.1-35.el7_0.s390x.rpm samba-common-4.1.1-35.el7_0.s390x.rpm samba-debuginfo-4.1.1-35.el7_0.s390.rpm samba-debuginfo-4.1.1-35.el7_0.s390x.rpm samba-libs-4.1.1-35.el7_0.s390.rpm samba-libs-4.1.1-35.el7_0.s390x.rpm samba-winbind-4.1.1-35.el7_0.s390x.rpm samba-winbind-modules-4.1.1-35.el7_0.s390.rpm samba-winbind-modules-4.1.1-35.el7_0.s390x.rpm x86_64: libsmbclient-4.1.1-35.el7_0.i686.rpm libsmbclient-4.1.1-35.el7_0.x86_64.rpm libwbclient-4.1.1-35.el7_0.i686.rpm libwbclient-4.1.1-35.el7_0.x86_64.rpm samba-4.1.1-35.el7_0.x86_64.rpm samba-client-4.1.1-35.el7_0.x86_64.rpm samba-common-4.1.1-35.el7_0.x86_64.rpm samba-debuginfo-4.1.1-35.el7_0.i686.rpm samba-debuginfo-4.1.1-35.el7_0.x86_64.rpm samba-libs-4.1.1-35.el7_0.i686.rpm samba-libs-4.1.1-35.el7_0.x86_64.rpm samba-python-4.1.1-35.el7_0.x86_64.rpm samba-winbind-4.1.1-35.el7_0.x86_64.rpm samba-winbind-modules-4.1.1-35.el7_0.i686.rpm samba-winbind-modules-4.1.1-35.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libsmbclient-devel-4.1.1-35.el7_0.ppc.rpm libsmbclient-devel-4.1.1-35.el7_0.ppc64.rpm libwbclient-devel-4.1.1-35.el7_0.ppc.rpm libwbclient-devel-4.1.1-35.el7_0.ppc64.rpm samba-dc-4.1.1-35.el7_0.ppc64.rpm samba-dc-libs-4.1.1-35.el7_0.ppc64.rpm samba-debuginfo-4.1.1-35.el7_0.ppc.rpm samba-debuginfo-4.1.1-35.el7_0.ppc64.rpm samba-devel-4.1.1-35.el7_0.ppc.rpm samba-devel-4.1.1-35.el7_0.ppc64.rpm samba-pidl-4.1.1-35.el7_0.ppc64.rpm samba-python-4.1.1-35.el7_0.ppc64.rpm samba-test-4.1.1-35.el7_0.ppc64.rpm samba-test-devel-4.1.1-35.el7_0.ppc64.rpm samba-winbind-clients-4.1.1-35.el7_0.ppc64.rpm samba-winbind-krb5-locator-4.1.1-35.el7_0.ppc64.rpm s390x: libsmbclient-devel-4.1.1-35.el7_0.s390.rpm libsmbclient-devel-4.1.1-35.el7_0.s390x.rpm libwbclient-devel-4.1.1-35.el7_0.s390.rpm libwbclient-devel-4.1.1-35.el7_0.s390x.rpm samba-dc-4.1.1-35.el7_0.s390x.rpm samba-dc-libs-4.1.1-35.el7_0.s390x.rpm samba-debuginfo-4.1.1-35.el7_0.s390.rpm samba-debuginfo-4.1.1-35.el7_0.s390x.rpm samba-devel-4.1.1-35.el7_0.s390.rpm samba-devel-4.1.1-35.el7_0.s390x.rpm samba-pidl-4.1.1-35.el7_0.s390x.rpm samba-python-4.1.1-35.el7_0.s390x.rpm samba-test-4.1.1-35.el7_0.s390x.rpm samba-test-devel-4.1.1-35.el7_0.s390x.rpm samba-winbind-clients-4.1.1-35.el7_0.s390x.rpm samba-winbind-krb5-locator-4.1.1-35.el7_0.s390x.rpm x86_64: libsmbclient-devel-4.1.1-35.el7_0.i686.rpm libsmbclient-devel-4.1.1-35.el7_0.x86_64.rpm libwbclient-devel-4.1.1-35.el7_0.i686.rpm libwbclient-devel-4.1.1-35.el7_0.x86_64.rpm samba-dc-4.1.1-35.el7_0.x86_64.rpm samba-dc-libs-4.1.1-35.el7_0.x86_64.rpm samba-debuginfo-4.1.1-35.el7_0.i686.rpm samba-debuginfo-4.1.1-35.el7_0.x86_64.rpm samba-devel-4.1.1-35.el7_0.i686.rpm samba-devel-4.1.1-35.el7_0.x86_64.rpm samba-pidl-4.1.1-35.el7_0.x86_64.rpm samba-test-4.1.1-35.el7_0.x86_64.rpm samba-test-devel-4.1.1-35.el7_0.x86_64.rpm samba-vfs-glusterfs-4.1.1-35.el7_0.x86_64.rpm samba-winbind-clients-4.1.1-35.el7_0.x86_64.rpm samba-winbind-krb5-locator-4.1.1-35.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: samba-4.1.1-35.el7_0.src.rpm x86_64: libsmbclient-4.1.1-35.el7_0.i686.rpm libsmbclient-4.1.1-35.el7_0.x86_64.rpm libwbclient-4.1.1-35.el7_0.i686.rpm libwbclient-4.1.1-35.el7_0.x86_64.rpm samba-4.1.1-35.el7_0.x86_64.rpm samba-client-4.1.1-35.el7_0.x86_64.rpm samba-common-4.1.1-35.el7_0.x86_64.rpm samba-debuginfo-4.1.1-35.el7_0.i686.rpm samba-debuginfo-4.1.1-35.el7_0.x86_64.rpm samba-libs-4.1.1-35.el7_0.i686.rpm samba-libs-4.1.1-35.el7_0.x86_64.rpm samba-python-4.1.1-35.el7_0.x86_64.rpm samba-winbind-4.1.1-35.el7_0.x86_64.rpm samba-winbind-modules-4.1.1-35.el7_0.i686.rpm samba-winbind-modules-4.1.1-35.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libsmbclient-devel-4.1.1-35.el7_0.i686.rpm libsmbclient-devel-4.1.1-35.el7_0.x86_64.rpm libwbclient-devel-4.1.1-35.el7_0.i686.rpm libwbclient-devel-4.1.1-35.el7_0.x86_64.rpm samba-dc-4.1.1-35.el7_0.x86_64.rpm samba-dc-libs-4.1.1-35.el7_0.x86_64.rpm samba-debuginfo-4.1.1-35.el7_0.i686.rpm samba-debuginfo-4.1.1-35.el7_0.x86_64.rpm samba-devel-4.1.1-35.el7_0.i686.rpm samba-devel-4.1.1-35.el7_0.x86_64.rpm samba-pidl-4.1.1-35.el7_0.x86_64.rpm samba-test-4.1.1-35.el7_0.x86_64.rpm samba-test-devel-4.1.1-35.el7_0.x86_64.rpm samba-vfs-glusterfs-4.1.1-35.el7_0.x86_64.rpm samba-winbind-clients-4.1.1-35.el7_0.x86_64.rpm samba-winbind-krb5-locator-4.1.1-35.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0178.html https://www.redhat.com/security/data/cve/CVE-2014-0244.html https://www.redhat.com/security/data/cve/CVE-2014-3493.html https://access.redhat.com/security/updates/classification/#moderate https://www.samba.org/samba/security/CVE-2014-0244 https://www.samba.org/samba/security/CVE-2014-0178 https://www.samba.org/samba/security/CVE-2014-3493 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTvXxtXlSAg2UNWIIRAo80AJ0W9PdVUX/W4qsgAWqJiqw7Z6ZYUwCgl88F CZm4nbcxzN3QAufu5wCm+uw= =13v3 -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jul 14 16:39:17 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 14 Jul 2014 16:39:17 +0000 Subject: [RHSA-2014:0876-01] Moderate: ruby193-rubygem-activerecord security update Message-ID: <201407141639.s6EGdHdF006684@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ruby193-rubygem-activerecord security update Advisory ID: RHSA-2014:0876-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0876.html Issue date: 2014-07-14 CVE Names: CVE-2014-3482 ===================================================================== 1. Summary: Updated ruby193-rubygem-activerecord packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: Ruby on Rails is a model-view-controller (MVC) framework for web application development. Active Record implements object-relational mapping for accessing database entries using objects. It was discovered that Active Record did not properly quote values of the bitstring type attributes when using the PostgreSQL database adapter. A remote attacker could possibly use this flaw to conduct an SQL injection attack against applications using Active Record. (CVE-2014-3482) Red Hat would like to thank the Ruby on Rails project for reporting this issue. Upstream acknowledges Sean Griffin of thoughtbot as the original reporter. All ruby193-rubygem-activerecord users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1114425 - CVE-2014-3482 rubygem-activerecord: SQL injection vulnerability in 'bitstring' quoting 6. Package List: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6): Source: ruby193-rubygem-activerecord-3.2.8-8.2.el6.src.rpm noarch: ruby193-rubygem-activerecord-3.2.8-8.2.el6.noarch.rpm ruby193-rubygem-activerecord-doc-3.2.8-8.2.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4): Source: ruby193-rubygem-activerecord-3.2.8-8.2.el6.src.rpm noarch: ruby193-rubygem-activerecord-3.2.8-8.2.el6.noarch.rpm ruby193-rubygem-activerecord-doc-3.2.8-8.2.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6): Source: ruby193-rubygem-activerecord-3.2.8-8.2.el6.src.rpm noarch: ruby193-rubygem-activerecord-3.2.8-8.2.el6.noarch.rpm ruby193-rubygem-activerecord-doc-3.2.8-8.2.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7): Source: ruby193-rubygem-activerecord-3.2.8-8.2.el7.src.rpm noarch: ruby193-rubygem-activerecord-3.2.8-8.2.el7.noarch.rpm ruby193-rubygem-activerecord-doc-3.2.8-8.2.el7.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7): Source: ruby193-rubygem-activerecord-3.2.8-8.2.el7.src.rpm noarch: ruby193-rubygem-activerecord-3.2.8-8.2.el7.noarch.rpm ruby193-rubygem-activerecord-doc-3.2.8-8.2.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3482.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTxAVWXlSAg2UNWIIRAgqjAJ0UyJJTHsSzIdnyAH/2MhBz3CxGGwCgwK26 JvOyNv3hzxhhCbREouVzR+o= =L75G -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jul 14 16:39:43 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 14 Jul 2014 16:39:43 +0000 Subject: [RHSA-2014:0877-01] Moderate: ror40-rubygem-activerecord security update Message-ID: <201407141639.s6EGdiOn021234@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ror40-rubygem-activerecord security update Advisory ID: RHSA-2014:0877-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0877.html Issue date: 2014-07-14 CVE Names: CVE-2014-3483 ===================================================================== 1. Summary: Updated ror40-rubygem-activerecord packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: Ruby on Rails is a model-view-controller (MVC) framework for web application development. Active Record implements object-relational mapping for accessing database entries using objects. It was discovered that Active Record did not properly quote values of the range type attributes when using the PostgreSQL database adapter. A remote attacker could possibly use this flaw to conduct an SQL injection attack against applications using Active Record. (CVE-2014-3483) Red Hat would like to thank the Ruby on Rails project for reporting this issue. Upstream acknowledges Sean Griffin of thoughtbot as the original reporter. All ror40-rubygem-activerecord users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1114427 - CVE-2014-3483 rubygem-activerecord: SQL injection vulnerability in 'range' quoting 6. Package List: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6): Source: ror40-rubygem-activerecord-4.0.2-2.2.el6.src.rpm noarch: ror40-rubygem-activerecord-4.0.2-2.2.el6.noarch.rpm ror40-rubygem-activerecord-doc-4.0.2-2.2.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4): Source: ror40-rubygem-activerecord-4.0.2-2.2.el6.src.rpm noarch: ror40-rubygem-activerecord-4.0.2-2.2.el6.noarch.rpm ror40-rubygem-activerecord-doc-4.0.2-2.2.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6): Source: ror40-rubygem-activerecord-4.0.2-2.2.el6.src.rpm noarch: ror40-rubygem-activerecord-4.0.2-2.2.el6.noarch.rpm ror40-rubygem-activerecord-doc-4.0.2-2.2.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7): Source: ror40-rubygem-activerecord-4.0.2-2.2.el7.src.rpm noarch: ror40-rubygem-activerecord-4.0.2-2.2.el7.noarch.rpm ror40-rubygem-activerecord-doc-4.0.2-2.2.el7.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7): Source: ror40-rubygem-activerecord-4.0.2-2.2.el7.src.rpm noarch: ror40-rubygem-activerecord-4.0.2-2.2.el7.noarch.rpm ror40-rubygem-activerecord-doc-4.0.2-2.2.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3483.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTxAfAXlSAg2UNWIIRAkQKAKCRYPh8qfp3FQfg7EtMcxqYu/4CmACffRad WUW/kliuQ1Eb1ooMESP8I1M= =vjjY -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 16 05:29:56 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Jul 2014 05:29:56 +0000 Subject: [RHSA-2014:0890-01] Important: java-1.7.0-openjdk security update Message-ID: <201407160529.s6G5Tu6R004990@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2014:0890-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0890.html Issue date: 2014-07-16 CVE Names: CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 ===================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-4223, CVE-2014-4262, CVE-2014-2483) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1075795 - CVE-2014-4262 OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520) 1119475 - CVE-2014-4244 OpenJDK: RSA blinding issues (Security, 8031346) 1119476 - CVE-2014-4263 OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162) 1119483 - CVE-2014-4221 OpenJDK: MethodHandles.Lookup insufficient modifiers checks (Libraries, 8035788) 1119596 - CVE-2014-4219 OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119) 1119597 - CVE-2014-2490 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) 1119600 - CVE-2014-4216 OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076) 1119602 - CVE-2014-4223 OpenJDK: Incorrect handling of invocations with exhausted ranks (Libraries, 8035793) 1119608 - CVE-2014-4209 OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755) 1119611 - CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) 1119613 - CVE-2014-4252 OpenJDK: Prevent instantiation of service with non-public constructor (Security, 8035004) 1119615 - CVE-2014-4266 OpenJDK: InfoBuilder incorrect return values (Serviceability, 8033301) 1119626 - CVE-2014-2483 OpenJDK: Restrict use of privileged annotations (Libraries, 8034985) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el5_10.src.rpm i386: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el5_10.i386.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el5_10.src.rpm i386: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el5_10.i386.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el5_10.i386.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el5_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-2483.html https://www.redhat.com/security/data/cve/CVE-2014-2490.html https://www.redhat.com/security/data/cve/CVE-2014-4209.html https://www.redhat.com/security/data/cve/CVE-2014-4216.html https://www.redhat.com/security/data/cve/CVE-2014-4218.html https://www.redhat.com/security/data/cve/CVE-2014-4219.html https://www.redhat.com/security/data/cve/CVE-2014-4221.html https://www.redhat.com/security/data/cve/CVE-2014-4223.html https://www.redhat.com/security/data/cve/CVE-2014-4244.html https://www.redhat.com/security/data/cve/CVE-2014-4252.html https://www.redhat.com/security/data/cve/CVE-2014-4262.html https://www.redhat.com/security/data/cve/CVE-2014-4263.html https://www.redhat.com/security/data/cve/CVE-2014-4266.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTxg3JXlSAg2UNWIIRAjxCAJ9HakY/WDBsCkUwcdbhsud+B1NlHACgnrtb i/GxYsayCTQ/+wDPnO5MIAs= =gcI7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 16 09:00:18 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Jul 2014 09:00:18 +0000 Subject: [RHSA-2014:0889-01] Critical: java-1.7.0-openjdk security update Message-ID: <201407160900.s6G90JW4011520@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2014:0889-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0889.html Issue date: 2014-07-16 CVE Names: CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 ===================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-4223, CVE-2014-4262, CVE-2014-2483) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1075795 - CVE-2014-4262 OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520) 1119475 - CVE-2014-4244 OpenJDK: RSA blinding issues (Security, 8031346) 1119476 - CVE-2014-4263 OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162) 1119483 - CVE-2014-4221 OpenJDK: MethodHandles.Lookup insufficient modifiers checks (Libraries, 8035788) 1119596 - CVE-2014-4219 OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119) 1119597 - CVE-2014-2490 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) 1119600 - CVE-2014-4216 OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076) 1119602 - CVE-2014-4223 OpenJDK: Incorrect handling of invocations with exhausted ranks (Libraries, 8035793) 1119608 - CVE-2014-4209 OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755) 1119611 - CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) 1119613 - CVE-2014-4252 OpenJDK: Prevent instantiation of service with non-public constructor (Security, 8035004) 1119615 - CVE-2014-4266 OpenJDK: InfoBuilder incorrect return values (Serviceability, 8033301) 1119626 - CVE-2014-2483 OpenJDK: Restrict use of privileged annotations (Libraries, 8034985) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.src.rpm i386: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el6_5.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el6_5.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.src.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el6_5.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.src.rpm i386: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el6_5.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el6_5.noarch.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el6_5.i686.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.src.rpm i386: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el6_5.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el6_5.noarch.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el6_5.i686.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el6_5.i686.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el6_5.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.src.rpm ppc64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.ppc64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el7_0.ppc64.rpm java-1.7.0-openjdk-headless-1.7.0.65-2.5.1.2.el7_0.ppc64.rpm s390x: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el7_0.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.65-2.5.1.2.el7_0.s390x.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el7_0.noarch.rpm ppc64: java-1.7.0-openjdk-accessibility-1.7.0.65-2.5.1.2.el7_0.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.ppc64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el7_0.ppc64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el7_0.ppc64.rpm s390x: java-1.7.0-openjdk-accessibility-1.7.0.65-2.5.1.2.el7_0.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el7_0.s390x.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el7_0.s390x.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-2483.html https://www.redhat.com/security/data/cve/CVE-2014-2490.html https://www.redhat.com/security/data/cve/CVE-2014-4209.html https://www.redhat.com/security/data/cve/CVE-2014-4216.html https://www.redhat.com/security/data/cve/CVE-2014-4218.html https://www.redhat.com/security/data/cve/CVE-2014-4219.html https://www.redhat.com/security/data/cve/CVE-2014-4221.html https://www.redhat.com/security/data/cve/CVE-2014-4223.html https://www.redhat.com/security/data/cve/CVE-2014-4244.html https://www.redhat.com/security/data/cve/CVE-2014-4252.html https://www.redhat.com/security/data/cve/CVE-2014-4262.html https://www.redhat.com/security/data/cve/CVE-2014-4263.html https://www.redhat.com/security/data/cve/CVE-2014-4266.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTxj58XlSAg2UNWIIRAsyoAJ45MhxJjTfYNo9nBKMa4+J8QqI5dQCbBaeJ eztJ6FYcD8DUCvUmvH6o8OI= =PW85 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 17 04:35:31 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 Jul 2014 04:35:31 +0000 Subject: [RHSA-2014:0899-01] Moderate: openstack-neutron security, bug fix, and enhancement update Message-ID: <201407170435.s6H4ZI86028459@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openstack-neutron security, bug fix, and enhancement update Advisory ID: RHSA-2014:0899-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0899.html Issue date: 2014-07-17 CVE Names: CVE-2014-0187 CVE-2014-4167 ===================================================================== 1. Summary: Updated openstack-neutron packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 4.0 - noarch 3. Description: The openstack-neutron packages provide Openstack Networking (neutron), the virtual network service. OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. It was discovered that an authenticated user could add a security group rule with an invalid CIDR causing the openvswitch-agent process to fail and prevent further rules from being applied. (CVE-2014-0187) It was discovered that an authenticated user could add an IPv6 private subnet to an L3 router causing L3-agent to break in a way that prevents further IPv4 addresses from being attached. Removal of the faulty network can only be done directly at the database level. Only Neutron setups using IPv6 and L3-agent are affected by this issue. (CVE-2014-4167) This update also fixes several bugs and adds enhancements: * Previously, running 'cloud-init' resulted in each instance sending requests to the metadata agent, which in turn queried Networking server. Consequently, booting multiple concurrent instances resulted in metadata agent queries producing heavy load for 'neutron-server'. This update addresses this issue by implementing a short lifetime cache for the metadata agent. Metadata agent now only queries Networking when data is not present in its cache, with the result of decreased load on Networking server during 'cloud-init' within instances. (BZ#1101494). * With this update, Networking (neutron) packages now update the '/etc/sudoers.d/neutron' file. Consequently, any local changes have been relocated to the '/etc/sudoers.d/neutron.rpmsave' file, and will need to be merged back manually. To avoid the need for manual updates in future, please apply local changes in a separate 'sudoers.d' file. (BZ#1115406) * Previously, Networking would fail to reliably communicate with Qpid. This behavior was due to an incorrect message subject set in the Qpid layer used by Networking. This update addresses this issue by setting a correct subject when sending a Qpid message. As a result, Networking now works reliably with the new Qpid server. (BZ#1108549) All openstack-neutron users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1090132 - CVE-2014-0187 openstack-neutron: security groups bypass through invalid CIDR 1108549 - RHOSP 4 is incompatible with python-qpid >= 0.18-11 1110139 - CVE-2014-4167 openstack-neutron: L3-agent denial of service through IPv6 subnet 1115406 - Neutron packaging attempts to update sudoers config file avoiding usual procedure 6. Package List: Red Hat Enterprise Linux OpenStack Platform 4.0: Source: openstack-neutron-2013.2.3-14.el6ost.src.rpm noarch: openstack-neutron-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-bigswitch-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-brocade-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-cisco-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-hyperv-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-linuxbridge-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-mellanox-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-metaplugin-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-metering-agent-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-midonet-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-ml2-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-nec-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-nicira-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-openvswitch-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-plumgrid-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-ryu-2013.2.3-14.el6ost.noarch.rpm openstack-neutron-vpn-agent-2013.2.3-14.el6ost.noarch.rpm python-neutron-2013.2.3-14.el6ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0187.html https://www.redhat.com/security/data/cve/CVE-2014-4167.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTx1I9XlSAg2UNWIIRAoCkAJ9zKT+chne96RXi9dFho6VoqbVMogCeLRPN CRHPjBcVRe9NkeOYKKjTMNw= =TV6K -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 17 15:34:17 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 Jul 2014 15:34:17 +0000 Subject: [RHSA-2014:0900-01] Important: kernel security and bug fix update Message-ID: <201407171534.s6HFYHfq008230@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:0900-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0900.html Issue date: 2014-07-17 CVE Names: CVE-2014-1737 CVE-2014-1738 CVE-2014-3153 ===================================================================== 1. Summary: Updated kernel packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. Red Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153, and Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153. This update also fixes the following bug: * A previous change that introduced global clock updates caused guest machines to boot slowly when the host Time Stamp Counter (TSC) was marked as unstable. The slow down increased with the number of vCPUs allocated. To resolve this problem, a patch has been applied to limit the rate of the global clock updates. (BZ#1102253) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command 1103626 - CVE-2014-3153 kernel: futex: pi futexes requeue issue 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.4): Source: kernel-2.6.32-358.46.1.el6.src.rpm noarch: kernel-doc-2.6.32-358.46.1.el6.noarch.rpm kernel-firmware-2.6.32-358.46.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.46.1.el6.x86_64.rpm kernel-debug-2.6.32-358.46.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.46.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.46.1.el6.x86_64.rpm kernel-devel-2.6.32-358.46.1.el6.x86_64.rpm kernel-headers-2.6.32-358.46.1.el6.x86_64.rpm perf-2.6.32-358.46.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4): Source: kernel-2.6.32-358.46.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.46.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm python-perf-2.6.32-358.46.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.4): Source: kernel-2.6.32-358.46.1.el6.src.rpm i386: kernel-2.6.32-358.46.1.el6.i686.rpm kernel-debug-2.6.32-358.46.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.46.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.46.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.46.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.46.1.el6.i686.rpm kernel-devel-2.6.32-358.46.1.el6.i686.rpm kernel-headers-2.6.32-358.46.1.el6.i686.rpm perf-2.6.32-358.46.1.el6.i686.rpm perf-debuginfo-2.6.32-358.46.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.i686.rpm noarch: kernel-doc-2.6.32-358.46.1.el6.noarch.rpm kernel-firmware-2.6.32-358.46.1.el6.noarch.rpm ppc64: kernel-2.6.32-358.46.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-358.46.1.el6.ppc64.rpm kernel-debug-2.6.32-358.46.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-358.46.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-358.46.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.46.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.46.1.el6.ppc64.rpm kernel-devel-2.6.32-358.46.1.el6.ppc64.rpm kernel-headers-2.6.32-358.46.1.el6.ppc64.rpm perf-2.6.32-358.46.1.el6.ppc64.rpm perf-debuginfo-2.6.32-358.46.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.ppc64.rpm s390x: kernel-2.6.32-358.46.1.el6.s390x.rpm kernel-debug-2.6.32-358.46.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-358.46.1.el6.s390x.rpm kernel-debug-devel-2.6.32-358.46.1.el6.s390x.rpm kernel-debuginfo-2.6.32-358.46.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.46.1.el6.s390x.rpm kernel-devel-2.6.32-358.46.1.el6.s390x.rpm kernel-headers-2.6.32-358.46.1.el6.s390x.rpm kernel-kdump-2.6.32-358.46.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.46.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-358.46.1.el6.s390x.rpm perf-2.6.32-358.46.1.el6.s390x.rpm perf-debuginfo-2.6.32-358.46.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.s390x.rpm x86_64: kernel-2.6.32-358.46.1.el6.x86_64.rpm kernel-debug-2.6.32-358.46.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.46.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.46.1.el6.x86_64.rpm kernel-devel-2.6.32-358.46.1.el6.x86_64.rpm kernel-headers-2.6.32-358.46.1.el6.x86_64.rpm perf-2.6.32-358.46.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.4): Source: kernel-2.6.32-358.46.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-358.46.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.46.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.46.1.el6.i686.rpm perf-debuginfo-2.6.32-358.46.1.el6.i686.rpm python-perf-2.6.32-358.46.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-358.46.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.46.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.46.1.el6.ppc64.rpm perf-debuginfo-2.6.32-358.46.1.el6.ppc64.rpm python-perf-2.6.32-358.46.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-358.46.1.el6.s390x.rpm kernel-debuginfo-2.6.32-358.46.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.46.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.46.1.el6.s390x.rpm perf-debuginfo-2.6.32-358.46.1.el6.s390x.rpm python-perf-2.6.32-358.46.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.46.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm python-perf-2.6.32-358.46.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.46.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1737.html https://www.redhat.com/security/data/cve/CVE-2014-1738.html https://www.redhat.com/security/data/cve/CVE-2014-3153.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTx+zfXlSAg2UNWIIRAhBEAJ97gP06Doz7HwFRkJGkJ3FmLXzCwQCfWOOo OCWgbRyqa35q2GhknnV3dvw= =NSG7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jul 18 01:50:49 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 18 Jul 2014 01:50:49 +0000 Subject: [RHSA-2014:0902-01] Critical: java-1.7.0-oracle security update Message-ID: <201407180150.s6I1oe9V021188@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-oracle security update Advisory ID: RHSA-2014:0902-01 Product: Oracle Java for Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0902.html Issue date: 2014-07-18 CVE Names: CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 ===================================================================== 1. Summary: Updated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Desktop 5 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux HPC Node 6 - x86_64 Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Server 5 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Workstation 6 - i386, x86_64 3. Description: Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2014-4219, CVE-2014-2490, CVE-2014-4216, CVE-2014-4223, CVE-2014-4262, CVE-2014-2483, CVE-2014-4209, CVE-2014-4218, CVE-2014-4252, CVE-2014-4266, CVE-2014-4221, CVE-2014-4244, CVE-2014-4263, CVE-2014-4227, CVE-2014-4265, CVE-2014-4220, CVE-2014-4208, CVE-2014-4264) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. Note: The way in which the Oracle Java SE packages are delivered has changed. They now reside in a separate channel/repository that requires action from the user to perform prior to getting updated packages. For information on subscribing to the new channel/repository please refer to: https://access.redhat.com/solutions/732883 All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 65 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1075795 - CVE-2014-4262 OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520) 1119475 - CVE-2014-4244 OpenJDK: RSA blinding issues (Security, 8031346) 1119476 - CVE-2014-4263 OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162) 1119483 - CVE-2014-4221 OpenJDK: MethodHandles.Lookup insufficient modifiers checks (Libraries, 8035788) 1119596 - CVE-2014-4219 OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119) 1119597 - CVE-2014-2490 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) 1119600 - CVE-2014-4216 OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076) 1119602 - CVE-2014-4223 OpenJDK: Incorrect handling of invocations with exhausted ranks (Libraries, 8035793) 1119608 - CVE-2014-4209 OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755) 1119611 - CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) 1119613 - CVE-2014-4252 OpenJDK: Prevent instantiation of service with non-public constructor (Security, 8035004) 1119615 - CVE-2014-4266 OpenJDK: InfoBuilder incorrect return values (Serviceability, 8033301) 1119622 - CVE-2014-4264 OpenJDK: Incorrect TLS/EC management (Security, 8031340) 1119626 - CVE-2014-2483 OpenJDK: Restrict use of privileged annotations (Libraries, 8034985) 1119912 - CVE-2014-4227 Oracle JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment) 1119913 - CVE-2014-4265 Oracle JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment) 1119914 - CVE-2014-4220 Oracle JDK: unspecified vulnerability fixed in 7u65 and 8u11 (Deployment) 1119915 - CVE-2014-4208 Oracle JDK: unspecified vulnerability fixed in 7u65 and 8u11 (Deployment) 6. Package List: Oracle Java for Red Hat Enterprise Linux Desktop 5: i386: java-1.7.0-oracle-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.2.el5_10.i386.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.2.el5_10.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server 5: i386: java-1.7.0-oracle-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.2.el5_10.i386.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.2.el5_10.i386.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.2.el5_10.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.2.el5_10.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Desktop 6: i386: java-1.7.0-oracle-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el6_5.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el6_5.x86_64.rpm Oracle Java for Red Hat Enterprise Linux HPC Node 6: x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el6_5.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server 6: i386: java-1.7.0-oracle-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el6_5.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el6_5.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation 6: i386: java-1.7.0-oracle-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el6_5.i686.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el6_5.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el6_5.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el6_5.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Client (v. 7): Source: java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.src.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.i686.rpm java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.i686.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7): Source: java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.src.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.i686.rpm java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.i686.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server (v. 7): Source: java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.src.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.i686.rpm java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.i686.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.src.rpm x86_64: java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.i686.rpm java-1.7.0-oracle-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.i686.rpm java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el7.x86_64.rpm java-1.7.0-oracle-src-1.7.0.65-1jpp.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-2483.html https://www.redhat.com/security/data/cve/CVE-2014-2490.html https://www.redhat.com/security/data/cve/CVE-2014-4208.html https://www.redhat.com/security/data/cve/CVE-2014-4209.html https://www.redhat.com/security/data/cve/CVE-2014-4216.html https://www.redhat.com/security/data/cve/CVE-2014-4218.html https://www.redhat.com/security/data/cve/CVE-2014-4219.html https://www.redhat.com/security/data/cve/CVE-2014-4220.html https://www.redhat.com/security/data/cve/CVE-2014-4221.html https://www.redhat.com/security/data/cve/CVE-2014-4223.html https://www.redhat.com/security/data/cve/CVE-2014-4227.html https://www.redhat.com/security/data/cve/CVE-2014-4244.html https://www.redhat.com/security/data/cve/CVE-2014-4252.html https://www.redhat.com/security/data/cve/CVE-2014-4262.html https://www.redhat.com/security/data/cve/CVE-2014-4263.html https://www.redhat.com/security/data/cve/CVE-2014-4264.html https://www.redhat.com/security/data/cve/CVE-2014-4265.html https://www.redhat.com/security/data/cve/CVE-2014-4266.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixJAVA https://access.redhat.com/solutions/732883 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTyH1FXlSAg2UNWIIRArKgAJ9bXY8zS92sI9khs2+QID8sgqtlmACfaBnv kYhSTFko2xf4alpmxp3g9Ug= =tHrX -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jul 21 18:56:40 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 Jul 2014 18:56:40 +0000 Subject: [RHSA-2014:0907-01] Important: java-1.6.0-openjdk security and bug fix update Message-ID: <201407211856.s6LIue8R013263@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-openjdk security and bug fix update Advisory ID: RHSA-2014:0907-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0907.html Issue date: 2014-07-21 CVE Names: CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2014-4262) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. This update also fixes the following bug: * Prior to this update, an application accessing an unsynchronized HashMap could potentially enter an infinite loop and consume an excessive amount of CPU resources. This update resolves this issue. (BZ#1115580) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1075795 - CVE-2014-4262 OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520) 1119475 - CVE-2014-4244 OpenJDK: RSA blinding issues (Security, 8031346) 1119476 - CVE-2014-4263 OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162) 1119596 - CVE-2014-4219 OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119) 1119597 - CVE-2014-2490 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) 1119600 - CVE-2014-4216 OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076) 1119608 - CVE-2014-4209 OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755) 1119611 - CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) 1119613 - CVE-2014-4252 OpenJDK: Prevent instantiation of service with non-public constructor (Security, 8035004) 1119615 - CVE-2014-4266 OpenJDK: InfoBuilder incorrect return values (Serviceability, 8033301) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el5_10.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el5_10.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el5_10.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el5_10.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el5_10.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el6_5.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.src.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el6_5.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el6_5.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el6_5.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el6_5.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el6_5.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.src.rpm ppc64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.ppc64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.ppc64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el7_0.ppc64.rpm s390x: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.s390x.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.s390x.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el7_0.s390x.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.ppc64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el7_0.ppc64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el7_0.ppc64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el7_0.ppc64.rpm s390x: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.s390x.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el7_0.s390x.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el7_0.s390x.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el7_0.s390x.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-2490.html https://www.redhat.com/security/data/cve/CVE-2014-4209.html https://www.redhat.com/security/data/cve/CVE-2014-4216.html https://www.redhat.com/security/data/cve/CVE-2014-4218.html https://www.redhat.com/security/data/cve/CVE-2014-4219.html https://www.redhat.com/security/data/cve/CVE-2014-4244.html https://www.redhat.com/security/data/cve/CVE-2014-4252.html https://www.redhat.com/security/data/cve/CVE-2014-4262.html https://www.redhat.com/security/data/cve/CVE-2014-4263.html https://www.redhat.com/security/data/cve/CVE-2014-4266.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzWJUXlSAg2UNWIIRAliMAJ9QUeYnjqvffdzojOxHB21nXkpjaQCgujRs Je7mok4Rso9fSKt56Bjf69A= =AVTB -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jul 21 18:57:22 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 Jul 2014 18:57:22 +0000 Subject: [RHSA-2014:0908-01] Important: java-1.6.0-sun security update Message-ID: <201407211857.s6LIvMgA016966@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-sun security update Advisory ID: RHSA-2014:0908-01 Product: Oracle Java for Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0908.html Issue date: 2014-07-21 CVE Names: CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4227 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4265 ===================================================================== 1. Summary: Updated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Desktop 5 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux HPC Node 6 - x86_64 Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Server 5 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Workstation 6 - i386, x86_64 3. Description: Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. (CVE-2014-4219, CVE-2014-4216, CVE-2014-4262, CVE-2014-4209, CVE-2014-4218, CVE-2014-4252, CVE-2014-4244, CVE-2014-4263, CVE-2014-4227, CVE-2014-4265) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. Note: The way in which the Oracle Java SE packages are delivered has changed. They now reside in a separate channel/repository that requires action from the user to perform prior to getting updated packages. For information on subscribing to the new channel/repository please refer to: https://access.redhat.com/solutions/732883 All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 81 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1075795 - CVE-2014-4262 OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520) 1119475 - CVE-2014-4244 OpenJDK: RSA blinding issues (Security, 8031346) 1119476 - CVE-2014-4263 OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162) 1119596 - CVE-2014-4219 OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119) 1119600 - CVE-2014-4216 OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076) 1119608 - CVE-2014-4209 OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755) 1119611 - CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) 1119613 - CVE-2014-4252 OpenJDK: Prevent instantiation of service with non-public constructor (Security, 8035004) 1119912 - CVE-2014-4227 Oracle JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment) 1119913 - CVE-2014-4265 Oracle JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment) 6. Package List: Oracle Java for Red Hat Enterprise Linux Desktop 5: i386: java-1.6.0-sun-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el5_10.i586.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el5_10.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server 5: i386: java-1.6.0-sun-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el5_10.i586.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el5_10.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el5_10.i586.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el5_10.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Desktop 6: i386: java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el6_5.i686.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el6_5.x86_64.rpm Oracle Java for Red Hat Enterprise Linux HPC Node 6: x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el6_5.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server 6: i386: java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el6_5.i686.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el6_5.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation 6: i386: java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el6_5.i686.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el6_5.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el6_5.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Client (v. 7): Source: java-1.6.0-sun-1.6.0.81-1jpp.1.el7.src.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el7.i686.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el7.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7): Source: java-1.6.0-sun-1.6.0.81-1jpp.1.el7.src.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el7.i686.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el7.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server (v. 7): Source: java-1.6.0-sun-1.6.0.81-1jpp.1.el7.src.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el7.i686.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el7.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.6.0-sun-1.6.0.81-1jpp.1.el7.src.rpm x86_64: java-1.6.0-sun-1.6.0.81-1jpp.1.el7.i686.rpm java-1.6.0-sun-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-demo-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el7.i686.rpm java-1.6.0-sun-devel-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.81-1jpp.1.el7.x86_64.rpm java-1.6.0-sun-src-1.6.0.81-1jpp.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-4209.html https://www.redhat.com/security/data/cve/CVE-2014-4216.html https://www.redhat.com/security/data/cve/CVE-2014-4218.html https://www.redhat.com/security/data/cve/CVE-2014-4219.html https://www.redhat.com/security/data/cve/CVE-2014-4227.html https://www.redhat.com/security/data/cve/CVE-2014-4244.html https://www.redhat.com/security/data/cve/CVE-2014-4252.html https://www.redhat.com/security/data/cve/CVE-2014-4262.html https://www.redhat.com/security/data/cve/CVE-2014-4263.html https://www.redhat.com/security/data/cve/CVE-2014-4265.html https://access.redhat.com/security/updates/classification/#important http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixJAVA https://access.redhat.com/solutions/732883 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzWKBXlSAg2UNWIIRAsOgAKC+XHiPwvO+3K5Z9+m9jEAuY0Lt2ACfW398 tzodYhW9hpm/SDyFjaPC9IY= =2BAn -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 22 19:23:34 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Jul 2014 19:23:34 +0000 Subject: [RHSA-2014:0913-01] Important: kernel-rt security update Message-ID: <201407221923.s6MJNYIQ017819@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security update Advisory ID: RHSA-2014:0913-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0913.html Issue date: 2014-07-22 CVE Names: CVE-2014-0181 CVE-2014-0206 CVE-2014-3144 CVE-2014-3145 CVE-2014-3153 CVE-2014-3917 CVE-2014-3940 CVE-2014-4027 CVE-2014-4667 CVE-2014-4699 ===================================================================== 1. Summary: Updated kernel-rt packages that fix multiple security issues are now available for Red Hat Enterprise MRG 2.5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64 3. Description: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important) Note: The CVE-2014-4699 issue only affected systems using an Intel CPU. * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) * It was found that the aio_read_events_ring() function of the Linux kernel's Asynchronous I/O (AIO) subsystem did not properly sanitize the AIO ring head received from user space. A local, unprivileged user could use this flaw to disclose random parts of the (physical) memory belonging to the kernel and/or other processes. (CVE-2014-0206, Moderate) * An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145, Moderate) * An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system. (CVE-2014-3917, Moderate) * A flaw was found in the way Linux kernel's Transparent Huge Pages (THP) implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugepages. (CVE-2014-3940, Moderate) * An integer underflow flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation processed certain COOKIE_ECHO packets. By sending a specially crafted SCTP packet, a remote attacker could use this flaw to prevent legitimate connections to a particular SCTP server socket to be made. (CVE-2014-4667, Moderate) * An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp) backend driver of the iSCSI Target subsystem of the Linux kernel. A privileged user could use this flaw to leak the contents of kernel memory to an iSCSI initiator remote client. (CVE-2014-4027, Low) Red Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153, Andy Lutomirski for reporting CVE-2014-4699 and CVE-2014-0181, and Gopal Reddy Kodudula of Nokia Siemens Networks for reporting CVE-2014-4667. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153. The CVE-2014-0206 issue was discovered by Mateusz Guzik of Red Hat. Users are advised to upgrade to these updated packages, which upgrade the kernel-rt kernel to version kernel-rt-3.10.33-rt32.43 and correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1094265 - CVE-2014-0181 kernel: net: insufficient permision checks of netlink messages 1094602 - CVE-2014-0206 kernel: aio: insufficient sanitization of head in aio_read_events_ring() 1096775 - CVE-2014-3144 CVE-2014-3145 Kernel: filter: prevent nla extensions to peek beyond the end of the message 1102571 - CVE-2014-3917 kernel: DoS with syscall auditing 1103626 - CVE-2014-3153 kernel: futex: pi futexes requeue issue 1104097 - CVE-2014-3940 Kernel: missing check during hugepage migration 1108744 - CVE-2014-4027 Kernel: target/rd: imformation leakage 1113967 - CVE-2014-4667 kernel: sctp: sk_ack_backlog wrap-around problem 1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address 6. Package List: MRG Realtime for RHEL 6 Server v.2: Source: kernel-rt-3.10.33-rt32.43.el6rt.src.rpm noarch: kernel-rt-doc-3.10.33-rt32.43.el6rt.noarch.rpm kernel-rt-firmware-3.10.33-rt32.43.el6rt.noarch.rpm x86_64: kernel-rt-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-debug-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-debug-debuginfo-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-debug-devel-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-debuginfo-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-devel-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-trace-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-trace-debuginfo-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-trace-devel-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-vanilla-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-vanilla-debuginfo-3.10.33-rt32.43.el6rt.x86_64.rpm kernel-rt-vanilla-devel-3.10.33-rt32.43.el6rt.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0181.html https://www.redhat.com/security/data/cve/CVE-2014-0206.html https://www.redhat.com/security/data/cve/CVE-2014-3144.html https://www.redhat.com/security/data/cve/CVE-2014-3145.html https://www.redhat.com/security/data/cve/CVE-2014-3153.html https://www.redhat.com/security/data/cve/CVE-2014-3917.html https://www.redhat.com/security/data/cve/CVE-2014-3940.html https://www.redhat.com/security/data/cve/CVE-2014-4027.html https://www.redhat.com/security/data/cve/CVE-2014-4667.html https://www.redhat.com/security/data/cve/CVE-2014-4699.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzronXlSAg2UNWIIRArVpAKCkgJOnYjb7yjtHsGw5upf04nuVCgCdHPgl t/C/rKSGYdFAx2jHSiE4s7U= =JzfF -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 22 19:24:13 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Jul 2014 19:24:13 +0000 Subject: [RHSA-2014:0914-01] Moderate: libvirt security and bug fix update Message-ID: <201407221924.s6MJODDH020237@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libvirt security and bug fix update Advisory ID: RHSA-2014:0914-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0914.html Issue date: 2014-07-22 CVE Names: CVE-2014-0179 ===================================================================== 1. Summary: Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. It was found that libvirt passes the XML_PARSE_NOENT flag when parsing XML documents using the libxml2 library, in which case all XML entities in the parsed documents are expanded. A user able to force libvirtd to parse an XML document with an entity pointing to a file could use this flaw to read the contents of that file; parsing an XML document with an entity pointing to a special file that blocks on read access could cause libvirtd to hang indefinitely, resulting in a denial of service on the system. (CVE-2014-0179) Red Hat would like to thank the upstream Libvirt project for reporting this issue. Upstream acknowledges Daniel P. Berrange and Richard Jones as the original reporters. This update also fixes the following bugs: * A previous update of the libvirt package introduced an error; a SIG_SETMASK argument was incorrectly replaced by a SIG_BLOCK argument after the poll() system call. Consequently, the SIGCHLD signal could be permanently blocked, which caused signal masks to not return to their original values and defunct processes to be generated. With this update, the original signal masks are restored and defunct processes are no longer generated. (BZ#1112689) * An attempt to start a domain that did not exist caused network filters to be locked for read-only access. As a consequence, when trying to gain read-write access, a deadlock occurred. This update applies a patch to fix this bug and an attempt to start a non-existent domain no longer causes a deadlock in the described scenario. (BZ#1112690) * Previously, the libvirtd daemon was binding only to addresses that were configured on certain network interfaces. When libvirtd started before the IPv4 addresses had been configured, libvirtd listened only on the IPv6 addresses. The daemon has been modified to not require an address to be configured when binding to a wildcard address, such as "0.0.0.0" or "::". As a result, libvirtd binds to both IPv4 and IPv6 addresses as expected. (BZ#1112692) Users of libvirt are advised to upgrade to these updated packages, which fix these bugs. After installing the updated packages, libvirtd will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1088290 - CVE-2014-0179 libvirt: unsafe parsing of XML documents allows libvirt DoS and/or arbitrary file read 1112689 - use of tls with libvirt.so can leave zombie processes 1112690 - nwfilter deadlock 1112692 - libvirt binds only to ipv6 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libvirt-1.1.1-29.el7_0.1.src.rpm x86_64: libvirt-1.1.1-29.el7_0.1.x86_64.rpm libvirt-client-1.1.1-29.el7_0.1.i686.rpm libvirt-client-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-config-network-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-interface-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-lxc-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-network-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-qemu-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-secret-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-storage-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-kvm-1.1.1-29.el7_0.1.x86_64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.i686.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.x86_64.rpm libvirt-python-1.1.1-29.el7_0.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libvirt-daemon-lxc-1.1.1-29.el7_0.1.x86_64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.i686.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.x86_64.rpm libvirt-devel-1.1.1-29.el7_0.1.i686.rpm libvirt-devel-1.1.1-29.el7_0.1.x86_64.rpm libvirt-docs-1.1.1-29.el7_0.1.x86_64.rpm libvirt-lock-sanlock-1.1.1-29.el7_0.1.x86_64.rpm libvirt-login-shell-1.1.1-29.el7_0.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libvirt-1.1.1-29.el7_0.1.src.rpm x86_64: libvirt-client-1.1.1-29.el7_0.1.i686.rpm libvirt-client-1.1.1-29.el7_0.1.x86_64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.i686.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libvirt-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-config-network-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-interface-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-lxc-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-network-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-qemu-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-secret-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-storage-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-kvm-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-lxc-1.1.1-29.el7_0.1.x86_64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.i686.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.x86_64.rpm libvirt-devel-1.1.1-29.el7_0.1.i686.rpm libvirt-devel-1.1.1-29.el7_0.1.x86_64.rpm libvirt-docs-1.1.1-29.el7_0.1.x86_64.rpm libvirt-lock-sanlock-1.1.1-29.el7_0.1.x86_64.rpm libvirt-login-shell-1.1.1-29.el7_0.1.x86_64.rpm libvirt-python-1.1.1-29.el7_0.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libvirt-1.1.1-29.el7_0.1.src.rpm ppc64: libvirt-1.1.1-29.el7_0.1.ppc64.rpm libvirt-client-1.1.1-29.el7_0.1.ppc.rpm libvirt-client-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-config-network-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-driver-interface-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-driver-lxc-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-driver-network-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-driver-secret-1.1.1-29.el7_0.1.ppc64.rpm libvirt-daemon-driver-storage-1.1.1-29.el7_0.1.ppc64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.ppc.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.ppc64.rpm libvirt-devel-1.1.1-29.el7_0.1.ppc.rpm libvirt-devel-1.1.1-29.el7_0.1.ppc64.rpm libvirt-docs-1.1.1-29.el7_0.1.ppc64.rpm libvirt-python-1.1.1-29.el7_0.1.ppc64.rpm s390x: libvirt-1.1.1-29.el7_0.1.s390x.rpm libvirt-client-1.1.1-29.el7_0.1.s390.rpm libvirt-client-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-config-network-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-driver-interface-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-driver-lxc-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-driver-network-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-driver-secret-1.1.1-29.el7_0.1.s390x.rpm libvirt-daemon-driver-storage-1.1.1-29.el7_0.1.s390x.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.s390.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.s390x.rpm libvirt-devel-1.1.1-29.el7_0.1.s390.rpm libvirt-devel-1.1.1-29.el7_0.1.s390x.rpm libvirt-docs-1.1.1-29.el7_0.1.s390x.rpm libvirt-python-1.1.1-29.el7_0.1.s390x.rpm x86_64: libvirt-1.1.1-29.el7_0.1.x86_64.rpm libvirt-client-1.1.1-29.el7_0.1.i686.rpm libvirt-client-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-config-network-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-interface-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-lxc-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-network-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-qemu-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-secret-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-storage-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-kvm-1.1.1-29.el7_0.1.x86_64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.i686.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.x86_64.rpm libvirt-devel-1.1.1-29.el7_0.1.i686.rpm libvirt-devel-1.1.1-29.el7_0.1.x86_64.rpm libvirt-docs-1.1.1-29.el7_0.1.x86_64.rpm libvirt-python-1.1.1-29.el7_0.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libvirt-daemon-lxc-1.1.1-29.el7_0.1.ppc64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.ppc64.rpm libvirt-login-shell-1.1.1-29.el7_0.1.ppc64.rpm s390x: libvirt-daemon-lxc-1.1.1-29.el7_0.1.s390x.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.s390x.rpm libvirt-login-shell-1.1.1-29.el7_0.1.s390x.rpm x86_64: libvirt-daemon-lxc-1.1.1-29.el7_0.1.x86_64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.x86_64.rpm libvirt-lock-sanlock-1.1.1-29.el7_0.1.x86_64.rpm libvirt-login-shell-1.1.1-29.el7_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libvirt-1.1.1-29.el7_0.1.src.rpm x86_64: libvirt-1.1.1-29.el7_0.1.x86_64.rpm libvirt-client-1.1.1-29.el7_0.1.i686.rpm libvirt-client-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-config-network-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-interface-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-lxc-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-network-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-qemu-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-secret-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-driver-storage-1.1.1-29.el7_0.1.x86_64.rpm libvirt-daemon-kvm-1.1.1-29.el7_0.1.x86_64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.i686.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.x86_64.rpm libvirt-devel-1.1.1-29.el7_0.1.i686.rpm libvirt-devel-1.1.1-29.el7_0.1.x86_64.rpm libvirt-docs-1.1.1-29.el7_0.1.x86_64.rpm libvirt-python-1.1.1-29.el7_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libvirt-daemon-lxc-1.1.1-29.el7_0.1.x86_64.rpm libvirt-debuginfo-1.1.1-29.el7_0.1.x86_64.rpm libvirt-lock-sanlock-1.1.1-29.el7_0.1.x86_64.rpm libvirt-login-shell-1.1.1-29.el7_0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0179.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzrpNXlSAg2UNWIIRAjWbAJ0ScITval9+4WYDGOxYra/b1OLdugCfQrUX hQi7hw60VaScIn3NdbfswRI= =Y2li -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 22 19:24:53 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Jul 2014 19:24:53 +0000 Subject: [RHSA-2014:0915-01] Critical: nss security update Message-ID: <201407221924.s6MJOr28019566@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: nss security update Advisory ID: RHSA-2014:0915-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0915.html Issue date: 2014-07-22 CVE Names: CVE-2014-1544 ===================================================================== 1. Summary: Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AUS (v. 6.2 server) - x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux EUS (v. 5.9 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux LL (v. 5.6 server) - i386, ia64, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) Red Hat would like to thank the Mozilla project for reporting CVE-2014-1544. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters. Users of NSS are advised to upgrade to these updated packages, which correct this issue. After installing this update, applications using NSS must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1116198 - CVE-2014-1544 nss: Race-condition in certificate verification can lead to Remote code execution (MFSA 2014-63) 6. Package List: Red Hat Enterprise Linux LL (v. 5.6 server): Source: nss-3.12.8-9.el5_6.src.rpm i386: nss-3.12.8-9.el5_6.i386.rpm nss-debuginfo-3.12.8-9.el5_6.i386.rpm nss-devel-3.12.8-9.el5_6.i386.rpm nss-pkcs11-devel-3.12.8-9.el5_6.i386.rpm nss-tools-3.12.8-9.el5_6.i386.rpm ia64: nss-3.12.8-9.el5_6.i386.rpm nss-3.12.8-9.el5_6.ia64.rpm nss-debuginfo-3.12.8-9.el5_6.i386.rpm nss-debuginfo-3.12.8-9.el5_6.ia64.rpm nss-devel-3.12.8-9.el5_6.ia64.rpm nss-pkcs11-devel-3.12.8-9.el5_6.ia64.rpm nss-tools-3.12.8-9.el5_6.ia64.rpm x86_64: nss-3.12.8-9.el5_6.i386.rpm nss-3.12.8-9.el5_6.x86_64.rpm nss-debuginfo-3.12.8-9.el5_6.i386.rpm nss-debuginfo-3.12.8-9.el5_6.x86_64.rpm nss-devel-3.12.8-9.el5_6.i386.rpm nss-devel-3.12.8-9.el5_6.x86_64.rpm nss-pkcs11-devel-3.12.8-9.el5_6.i386.rpm nss-pkcs11-devel-3.12.8-9.el5_6.x86_64.rpm nss-tools-3.12.8-9.el5_6.x86_64.rpm Red Hat Enterprise Linux EUS (v. 5.9 server): Source: nss-3.14.3-9.el5_9.src.rpm i386: nss-3.14.3-9.el5_9.i386.rpm nss-debuginfo-3.14.3-9.el5_9.i386.rpm nss-devel-3.14.3-9.el5_9.i386.rpm nss-pkcs11-devel-3.14.3-9.el5_9.i386.rpm nss-tools-3.14.3-9.el5_9.i386.rpm ia64: nss-3.14.3-9.el5_9.i386.rpm nss-3.14.3-9.el5_9.ia64.rpm nss-debuginfo-3.14.3-9.el5_9.i386.rpm nss-debuginfo-3.14.3-9.el5_9.ia64.rpm nss-devel-3.14.3-9.el5_9.ia64.rpm nss-pkcs11-devel-3.14.3-9.el5_9.ia64.rpm nss-tools-3.14.3-9.el5_9.ia64.rpm ppc: nss-3.14.3-9.el5_9.ppc.rpm nss-3.14.3-9.el5_9.ppc64.rpm nss-debuginfo-3.14.3-9.el5_9.ppc.rpm nss-debuginfo-3.14.3-9.el5_9.ppc64.rpm nss-devel-3.14.3-9.el5_9.ppc.rpm nss-devel-3.14.3-9.el5_9.ppc64.rpm nss-pkcs11-devel-3.14.3-9.el5_9.ppc.rpm nss-pkcs11-devel-3.14.3-9.el5_9.ppc64.rpm nss-tools-3.14.3-9.el5_9.ppc.rpm s390x: nss-3.14.3-9.el5_9.s390.rpm nss-3.14.3-9.el5_9.s390x.rpm nss-debuginfo-3.14.3-9.el5_9.s390.rpm nss-debuginfo-3.14.3-9.el5_9.s390x.rpm nss-devel-3.14.3-9.el5_9.s390.rpm nss-devel-3.14.3-9.el5_9.s390x.rpm nss-pkcs11-devel-3.14.3-9.el5_9.s390.rpm nss-pkcs11-devel-3.14.3-9.el5_9.s390x.rpm nss-tools-3.14.3-9.el5_9.s390x.rpm x86_64: nss-3.14.3-9.el5_9.i386.rpm nss-3.14.3-9.el5_9.x86_64.rpm nss-debuginfo-3.14.3-9.el5_9.i386.rpm nss-debuginfo-3.14.3-9.el5_9.x86_64.rpm nss-devel-3.14.3-9.el5_9.i386.rpm nss-devel-3.14.3-9.el5_9.x86_64.rpm nss-pkcs11-devel-3.14.3-9.el5_9.i386.rpm nss-pkcs11-devel-3.14.3-9.el5_9.x86_64.rpm nss-tools-3.14.3-9.el5_9.x86_64.rpm Red Hat Enterprise Linux HPC Node EUS (v. 6.4): Source: nss-3.14.3-6.el6_4.src.rpm x86_64: nss-3.14.3-6.el6_4.i686.rpm nss-3.14.3-6.el6_4.x86_64.rpm nss-debuginfo-3.14.3-6.el6_4.i686.rpm nss-debuginfo-3.14.3-6.el6_4.x86_64.rpm nss-sysinit-3.14.3-6.el6_4.x86_64.rpm nss-tools-3.14.3-6.el6_4.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4): Source: nss-3.14.3-6.el6_4.src.rpm x86_64: nss-debuginfo-3.14.3-6.el6_4.i686.rpm nss-debuginfo-3.14.3-6.el6_4.x86_64.rpm nss-devel-3.14.3-6.el6_4.i686.rpm nss-devel-3.14.3-6.el6_4.x86_64.rpm nss-pkcs11-devel-3.14.3-6.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-6.el6_4.x86_64.rpm Red Hat Enterprise Linux AUS (v. 6.2 server): Source: nss-3.13.1-10.el6_2.src.rpm x86_64: nss-3.13.1-10.el6_2.i686.rpm nss-3.13.1-10.el6_2.x86_64.rpm nss-debuginfo-3.13.1-10.el6_2.i686.rpm nss-debuginfo-3.13.1-10.el6_2.x86_64.rpm nss-devel-3.13.1-10.el6_2.i686.rpm nss-devel-3.13.1-10.el6_2.x86_64.rpm nss-sysinit-3.13.1-10.el6_2.x86_64.rpm nss-tools-3.13.1-10.el6_2.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.4): Source: nss-3.14.3-6.el6_4.src.rpm i386: nss-3.14.3-6.el6_4.i686.rpm nss-debuginfo-3.14.3-6.el6_4.i686.rpm nss-devel-3.14.3-6.el6_4.i686.rpm nss-sysinit-3.14.3-6.el6_4.i686.rpm nss-tools-3.14.3-6.el6_4.i686.rpm ppc64: nss-3.14.3-6.el6_4.ppc.rpm nss-3.14.3-6.el6_4.ppc64.rpm nss-debuginfo-3.14.3-6.el6_4.ppc.rpm nss-debuginfo-3.14.3-6.el6_4.ppc64.rpm nss-devel-3.14.3-6.el6_4.ppc.rpm nss-devel-3.14.3-6.el6_4.ppc64.rpm nss-sysinit-3.14.3-6.el6_4.ppc64.rpm nss-tools-3.14.3-6.el6_4.ppc64.rpm s390x: nss-3.14.3-6.el6_4.s390.rpm nss-3.14.3-6.el6_4.s390x.rpm nss-debuginfo-3.14.3-6.el6_4.s390.rpm nss-debuginfo-3.14.3-6.el6_4.s390x.rpm nss-devel-3.14.3-6.el6_4.s390.rpm nss-devel-3.14.3-6.el6_4.s390x.rpm nss-sysinit-3.14.3-6.el6_4.s390x.rpm nss-tools-3.14.3-6.el6_4.s390x.rpm x86_64: nss-3.14.3-6.el6_4.i686.rpm nss-3.14.3-6.el6_4.x86_64.rpm nss-debuginfo-3.14.3-6.el6_4.i686.rpm nss-debuginfo-3.14.3-6.el6_4.x86_64.rpm nss-devel-3.14.3-6.el6_4.i686.rpm nss-devel-3.14.3-6.el6_4.x86_64.rpm nss-sysinit-3.14.3-6.el6_4.x86_64.rpm nss-tools-3.14.3-6.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: nss-3.13.1-10.el6_2.src.rpm x86_64: nss-debuginfo-3.13.1-10.el6_2.i686.rpm nss-debuginfo-3.13.1-10.el6_2.x86_64.rpm nss-pkcs11-devel-3.13.1-10.el6_2.i686.rpm nss-pkcs11-devel-3.13.1-10.el6_2.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.4): Source: nss-3.14.3-6.el6_4.src.rpm i386: nss-debuginfo-3.14.3-6.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-6.el6_4.i686.rpm ppc64: nss-debuginfo-3.14.3-6.el6_4.ppc.rpm nss-debuginfo-3.14.3-6.el6_4.ppc64.rpm nss-pkcs11-devel-3.14.3-6.el6_4.ppc.rpm nss-pkcs11-devel-3.14.3-6.el6_4.ppc64.rpm s390x: nss-debuginfo-3.14.3-6.el6_4.s390.rpm nss-debuginfo-3.14.3-6.el6_4.s390x.rpm nss-pkcs11-devel-3.14.3-6.el6_4.s390.rpm nss-pkcs11-devel-3.14.3-6.el6_4.s390x.rpm x86_64: nss-debuginfo-3.14.3-6.el6_4.i686.rpm nss-debuginfo-3.14.3-6.el6_4.x86_64.rpm nss-pkcs11-devel-3.14.3-6.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-6.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1544.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzrp3XlSAg2UNWIIRAvG0AJwIThjscRx8U8cqL9P/fHApkVLY+QCfXwzu EzR8Syt9blevmWExUkZ2MmY= =n46o -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 22 19:25:36 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Jul 2014 19:25:36 +0000 Subject: [RHSA-2014:0916-01] Critical: nss and nspr security update Message-ID: <201407221925.s6MJPasY004793@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: nss and nspr security update Advisory ID: RHSA-2014:0916-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0916.html Issue date: 2014-07-22 CVE Names: CVE-2014-1544 ===================================================================== 1. Summary: Updated nss and nspr packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) Red Hat would like to thank the Mozilla project for reporting CVE-2014-1544. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters. Users of NSS and NSPR are advised to upgrade to these updated packages, which correct this issue. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1116198 - CVE-2014-1544 nss: Race-condition in certificate verification can lead to Remote code execution (MFSA 2014-63) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: nspr-4.10.6-1.el5_10.src.rpm nss-3.15.3-7.el5_10.src.rpm i386: nspr-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nss-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-tools-3.15.3-7.el5_10.i386.rpm x86_64: nspr-4.10.6-1.el5_10.i386.rpm nspr-4.10.6-1.el5_10.x86_64.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.x86_64.rpm nss-3.15.3-7.el5_10.i386.rpm nss-3.15.3-7.el5_10.x86_64.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.x86_64.rpm nss-tools-3.15.3-7.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop Workstation (v. 5 client): Source: nspr-4.10.6-1.el5_10.src.rpm nss-3.15.3-7.el5_10.src.rpm i386: nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-devel-4.10.6-1.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-devel-3.15.3-7.el5_10.i386.rpm nss-pkcs11-devel-3.15.3-7.el5_10.i386.rpm x86_64: nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.x86_64.rpm nspr-devel-4.10.6-1.el5_10.i386.rpm nspr-devel-4.10.6-1.el5_10.x86_64.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.x86_64.rpm nss-devel-3.15.3-7.el5_10.i386.rpm nss-devel-3.15.3-7.el5_10.x86_64.rpm nss-pkcs11-devel-3.15.3-7.el5_10.i386.rpm nss-pkcs11-devel-3.15.3-7.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: nspr-4.10.6-1.el5_10.src.rpm nss-3.15.3-7.el5_10.src.rpm i386: nspr-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-devel-4.10.6-1.el5_10.i386.rpm nss-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-devel-3.15.3-7.el5_10.i386.rpm nss-pkcs11-devel-3.15.3-7.el5_10.i386.rpm nss-tools-3.15.3-7.el5_10.i386.rpm ia64: nspr-4.10.6-1.el5_10.i386.rpm nspr-4.10.6-1.el5_10.ia64.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.ia64.rpm nspr-devel-4.10.6-1.el5_10.ia64.rpm nss-3.15.3-7.el5_10.i386.rpm nss-3.15.3-7.el5_10.ia64.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.ia64.rpm nss-devel-3.15.3-7.el5_10.ia64.rpm nss-pkcs11-devel-3.15.3-7.el5_10.ia64.rpm nss-tools-3.15.3-7.el5_10.ia64.rpm ppc: nspr-4.10.6-1.el5_10.ppc.rpm nspr-4.10.6-1.el5_10.ppc64.rpm nspr-debuginfo-4.10.6-1.el5_10.ppc.rpm nspr-debuginfo-4.10.6-1.el5_10.ppc64.rpm nspr-devel-4.10.6-1.el5_10.ppc.rpm nspr-devel-4.10.6-1.el5_10.ppc64.rpm nss-3.15.3-7.el5_10.ppc.rpm nss-3.15.3-7.el5_10.ppc64.rpm nss-debuginfo-3.15.3-7.el5_10.ppc.rpm nss-debuginfo-3.15.3-7.el5_10.ppc64.rpm nss-devel-3.15.3-7.el5_10.ppc.rpm nss-devel-3.15.3-7.el5_10.ppc64.rpm nss-pkcs11-devel-3.15.3-7.el5_10.ppc.rpm nss-pkcs11-devel-3.15.3-7.el5_10.ppc64.rpm nss-tools-3.15.3-7.el5_10.ppc.rpm s390x: nspr-4.10.6-1.el5_10.s390.rpm nspr-4.10.6-1.el5_10.s390x.rpm nspr-debuginfo-4.10.6-1.el5_10.s390.rpm nspr-debuginfo-4.10.6-1.el5_10.s390x.rpm nspr-devel-4.10.6-1.el5_10.s390.rpm nspr-devel-4.10.6-1.el5_10.s390x.rpm nss-3.15.3-7.el5_10.s390.rpm nss-3.15.3-7.el5_10.s390x.rpm nss-debuginfo-3.15.3-7.el5_10.s390.rpm nss-debuginfo-3.15.3-7.el5_10.s390x.rpm nss-devel-3.15.3-7.el5_10.s390.rpm nss-devel-3.15.3-7.el5_10.s390x.rpm nss-pkcs11-devel-3.15.3-7.el5_10.s390.rpm nss-pkcs11-devel-3.15.3-7.el5_10.s390x.rpm nss-tools-3.15.3-7.el5_10.s390x.rpm x86_64: nspr-4.10.6-1.el5_10.i386.rpm nspr-4.10.6-1.el5_10.x86_64.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.x86_64.rpm nspr-devel-4.10.6-1.el5_10.i386.rpm nspr-devel-4.10.6-1.el5_10.x86_64.rpm nss-3.15.3-7.el5_10.i386.rpm nss-3.15.3-7.el5_10.x86_64.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.x86_64.rpm nss-devel-3.15.3-7.el5_10.i386.rpm nss-devel-3.15.3-7.el5_10.x86_64.rpm nss-pkcs11-devel-3.15.3-7.el5_10.i386.rpm nss-pkcs11-devel-3.15.3-7.el5_10.x86_64.rpm nss-tools-3.15.3-7.el5_10.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: nspr-4.10.6-1.el7_0.src.rpm nss-3.15.4-7.el7_0.src.rpm x86_64: nspr-4.10.6-1.el7_0.i686.rpm nspr-4.10.6-1.el7_0.x86_64.rpm nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nss-3.15.4-7.el7_0.i686.rpm nss-3.15.4-7.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-sysinit-3.15.4-7.el7_0.x86_64.rpm nss-tools-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nspr-devel-4.10.6-1.el7_0.i686.rpm nspr-devel-4.10.6-1.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-devel-3.15.4-7.el7_0.i686.rpm nss-devel-3.15.4-7.el7_0.x86_64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.i686.rpm nss-pkcs11-devel-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: nspr-4.10.6-1.el7_0.src.rpm nss-3.15.4-7.el7_0.src.rpm x86_64: nspr-4.10.6-1.el7_0.i686.rpm nspr-4.10.6-1.el7_0.x86_64.rpm nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nss-3.15.4-7.el7_0.i686.rpm nss-3.15.4-7.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-sysinit-3.15.4-7.el7_0.x86_64.rpm nss-tools-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nspr-devel-4.10.6-1.el7_0.i686.rpm nspr-devel-4.10.6-1.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-devel-3.15.4-7.el7_0.i686.rpm nss-devel-3.15.4-7.el7_0.x86_64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.i686.rpm nss-pkcs11-devel-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: nspr-4.10.6-1.el7_0.src.rpm nss-3.15.4-7.el7_0.src.rpm ppc64: nspr-4.10.6-1.el7_0.ppc.rpm nspr-4.10.6-1.el7_0.ppc64.rpm nspr-debuginfo-4.10.6-1.el7_0.ppc.rpm nspr-debuginfo-4.10.6-1.el7_0.ppc64.rpm nspr-devel-4.10.6-1.el7_0.ppc.rpm nspr-devel-4.10.6-1.el7_0.ppc64.rpm nss-3.15.4-7.el7_0.ppc.rpm nss-3.15.4-7.el7_0.ppc64.rpm nss-debuginfo-3.15.4-7.el7_0.ppc.rpm nss-debuginfo-3.15.4-7.el7_0.ppc64.rpm nss-devel-3.15.4-7.el7_0.ppc.rpm nss-devel-3.15.4-7.el7_0.ppc64.rpm nss-sysinit-3.15.4-7.el7_0.ppc64.rpm nss-tools-3.15.4-7.el7_0.ppc64.rpm s390x: nspr-4.10.6-1.el7_0.s390.rpm nspr-4.10.6-1.el7_0.s390x.rpm nspr-debuginfo-4.10.6-1.el7_0.s390.rpm nspr-debuginfo-4.10.6-1.el7_0.s390x.rpm nspr-devel-4.10.6-1.el7_0.s390.rpm nspr-devel-4.10.6-1.el7_0.s390x.rpm nss-3.15.4-7.el7_0.s390.rpm nss-3.15.4-7.el7_0.s390x.rpm nss-debuginfo-3.15.4-7.el7_0.s390.rpm nss-debuginfo-3.15.4-7.el7_0.s390x.rpm nss-devel-3.15.4-7.el7_0.s390.rpm nss-devel-3.15.4-7.el7_0.s390x.rpm nss-sysinit-3.15.4-7.el7_0.s390x.rpm nss-tools-3.15.4-7.el7_0.s390x.rpm x86_64: nspr-4.10.6-1.el7_0.i686.rpm nspr-4.10.6-1.el7_0.x86_64.rpm nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nspr-devel-4.10.6-1.el7_0.i686.rpm nspr-devel-4.10.6-1.el7_0.x86_64.rpm nss-3.15.4-7.el7_0.i686.rpm nss-3.15.4-7.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-devel-3.15.4-7.el7_0.i686.rpm nss-devel-3.15.4-7.el7_0.x86_64.rpm nss-sysinit-3.15.4-7.el7_0.x86_64.rpm nss-tools-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: nss-debuginfo-3.15.4-7.el7_0.ppc.rpm nss-debuginfo-3.15.4-7.el7_0.ppc64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.ppc.rpm nss-pkcs11-devel-3.15.4-7.el7_0.ppc64.rpm s390x: nss-debuginfo-3.15.4-7.el7_0.s390.rpm nss-debuginfo-3.15.4-7.el7_0.s390x.rpm nss-pkcs11-devel-3.15.4-7.el7_0.s390.rpm nss-pkcs11-devel-3.15.4-7.el7_0.s390x.rpm x86_64: nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.i686.rpm nss-pkcs11-devel-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: nspr-4.10.6-1.el7_0.src.rpm nss-3.15.4-7.el7_0.src.rpm x86_64: nspr-4.10.6-1.el7_0.i686.rpm nspr-4.10.6-1.el7_0.x86_64.rpm nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nspr-devel-4.10.6-1.el7_0.i686.rpm nspr-devel-4.10.6-1.el7_0.x86_64.rpm nss-3.15.4-7.el7_0.i686.rpm nss-3.15.4-7.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-devel-3.15.4-7.el7_0.i686.rpm nss-devel-3.15.4-7.el7_0.x86_64.rpm nss-sysinit-3.15.4-7.el7_0.x86_64.rpm nss-tools-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.i686.rpm nss-pkcs11-devel-3.15.4-7.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1544.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzrqeXlSAg2UNWIIRAs1xAJ4zX91dawCMSkVcmX+tZ45F+5WxFgCfemRo PDT1TYdeLSyXY7mDSC7KXlg= =HHaR -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 22 19:26:18 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Jul 2014 19:26:18 +0000 Subject: [RHSA-2014:0917-01] Critical: nss and nspr security, bug fix, and enhancement update Message-ID: <201407221926.s6MJQINh018009@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: nss and nspr security, bug fix, and enhancement update Advisory ID: RHSA-2014:0917-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0917.html Issue date: 2014-07-22 CVE Names: CVE-2013-1740 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 CVE-2014-1544 CVE-2014-1545 ===================================================================== 1. Summary: Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters of CVE-2014-1544, Brian Smith as the original reporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545. In addition, the nss package has been upgraded to upstream version 3.16.1, and the nspr package has been upgraded to upstream version 4.10.6. These updated packages provide a number of bug fixes and enhancements over the previous versions. (BZ#1112136, BZ#1112135) Users of NSS and NSPR are advised to upgrade to these updated packages, which correct these issues and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1053725 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue 1060953 - CVE-2014-1490 nss: TOCTOU, potential use-after-free in libssl's session ticket processing (MFSA 2014-12) 1060955 - CVE-2014-1491 nss: Do not allow p-1 as a public DH value (MFSA 2014-12) 1079851 - CVE-2014-1492 nss: IDNA hostname matching code does not follow RFC 6125 recommendation (MFSA 2014-45) 1107432 - CVE-2014-1545 Mozilla: Out of bounds write in NSPR (MFSA 2014-55) 1112135 - Rebase nspr in RHEL 6.5.z to NSPR 4.10.6 (Required for FF31) 1112136 - Rebase nss in RHEL 6.5.z to NSS 3.16.1 (anticipated minimum version for FF 31) 1116198 - CVE-2014-1544 nss: Race-condition in certificate verification can lead to Remote code execution (MFSA 2014-63) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: nspr-4.10.6-1.el6_5.src.rpm nss-3.16.1-4.el6_5.src.rpm nss-util-3.16.1-1.el6_5.src.rpm i386: nspr-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nss-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-sysinit-3.16.1-4.el6_5.i686.rpm nss-tools-3.16.1-4.el6_5.i686.rpm nss-util-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm x86_64: nspr-4.10.6-1.el6_5.i686.rpm nspr-4.10.6-1.el6_5.x86_64.rpm nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.x86_64.rpm nss-3.16.1-4.el6_5.i686.rpm nss-3.16.1-4.el6_5.x86_64.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.x86_64.rpm nss-sysinit-3.16.1-4.el6_5.x86_64.rpm nss-tools-3.16.1-4.el6_5.x86_64.rpm nss-util-3.16.1-1.el6_5.i686.rpm nss-util-3.16.1-1.el6_5.x86_64.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: nspr-4.10.6-1.el6_5.src.rpm nss-3.16.1-4.el6_5.src.rpm nss-util-3.16.1-1.el6_5.src.rpm i386: nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-devel-4.10.6-1.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-devel-3.16.1-4.el6_5.i686.rpm nss-pkcs11-devel-3.16.1-4.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-devel-3.16.1-1.el6_5.i686.rpm x86_64: nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.x86_64.rpm nspr-devel-4.10.6-1.el6_5.i686.rpm nspr-devel-4.10.6-1.el6_5.x86_64.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.x86_64.rpm nss-devel-3.16.1-4.el6_5.i686.rpm nss-devel-3.16.1-4.el6_5.x86_64.rpm nss-pkcs11-devel-3.16.1-4.el6_5.i686.rpm nss-pkcs11-devel-3.16.1-4.el6_5.x86_64.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.x86_64.rpm nss-util-devel-3.16.1-1.el6_5.i686.rpm nss-util-devel-3.16.1-1.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: nspr-4.10.6-1.el6_5.src.rpm nss-3.16.1-4.el6_5.src.rpm nss-util-3.16.1-1.el6_5.src.rpm x86_64: nspr-4.10.6-1.el6_5.i686.rpm nspr-4.10.6-1.el6_5.x86_64.rpm nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.x86_64.rpm nss-3.16.1-4.el6_5.i686.rpm nss-3.16.1-4.el6_5.x86_64.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.x86_64.rpm nss-sysinit-3.16.1-4.el6_5.x86_64.rpm nss-tools-3.16.1-4.el6_5.x86_64.rpm nss-util-3.16.1-1.el6_5.i686.rpm nss-util-3.16.1-1.el6_5.x86_64.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: nspr-4.10.6-1.el6_5.src.rpm nss-3.16.1-4.el6_5.src.rpm nss-util-3.16.1-1.el6_5.src.rpm x86_64: nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.x86_64.rpm nspr-devel-4.10.6-1.el6_5.i686.rpm nspr-devel-4.10.6-1.el6_5.x86_64.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.x86_64.rpm nss-devel-3.16.1-4.el6_5.i686.rpm nss-devel-3.16.1-4.el6_5.x86_64.rpm nss-pkcs11-devel-3.16.1-4.el6_5.i686.rpm nss-pkcs11-devel-3.16.1-4.el6_5.x86_64.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.x86_64.rpm nss-util-devel-3.16.1-1.el6_5.i686.rpm nss-util-devel-3.16.1-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: nspr-4.10.6-1.el6_5.src.rpm nss-3.16.1-4.el6_5.src.rpm nss-util-3.16.1-1.el6_5.src.rpm i386: nspr-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-devel-4.10.6-1.el6_5.i686.rpm nss-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-devel-3.16.1-4.el6_5.i686.rpm nss-sysinit-3.16.1-4.el6_5.i686.rpm nss-tools-3.16.1-4.el6_5.i686.rpm nss-util-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-devel-3.16.1-1.el6_5.i686.rpm ppc64: nspr-4.10.6-1.el6_5.ppc.rpm nspr-4.10.6-1.el6_5.ppc64.rpm nspr-debuginfo-4.10.6-1.el6_5.ppc.rpm nspr-debuginfo-4.10.6-1.el6_5.ppc64.rpm nspr-devel-4.10.6-1.el6_5.ppc.rpm nspr-devel-4.10.6-1.el6_5.ppc64.rpm nss-3.16.1-4.el6_5.ppc.rpm nss-3.16.1-4.el6_5.ppc64.rpm nss-debuginfo-3.16.1-4.el6_5.ppc.rpm nss-debuginfo-3.16.1-4.el6_5.ppc64.rpm nss-devel-3.16.1-4.el6_5.ppc.rpm nss-devel-3.16.1-4.el6_5.ppc64.rpm nss-sysinit-3.16.1-4.el6_5.ppc64.rpm nss-tools-3.16.1-4.el6_5.ppc64.rpm nss-util-3.16.1-1.el6_5.ppc.rpm nss-util-3.16.1-1.el6_5.ppc64.rpm nss-util-debuginfo-3.16.1-1.el6_5.ppc.rpm nss-util-debuginfo-3.16.1-1.el6_5.ppc64.rpm nss-util-devel-3.16.1-1.el6_5.ppc.rpm nss-util-devel-3.16.1-1.el6_5.ppc64.rpm s390x: nspr-4.10.6-1.el6_5.s390.rpm nspr-4.10.6-1.el6_5.s390x.rpm nspr-debuginfo-4.10.6-1.el6_5.s390.rpm nspr-debuginfo-4.10.6-1.el6_5.s390x.rpm nspr-devel-4.10.6-1.el6_5.s390.rpm nspr-devel-4.10.6-1.el6_5.s390x.rpm nss-3.16.1-4.el6_5.s390.rpm nss-3.16.1-4.el6_5.s390x.rpm nss-debuginfo-3.16.1-4.el6_5.s390.rpm nss-debuginfo-3.16.1-4.el6_5.s390x.rpm nss-devel-3.16.1-4.el6_5.s390.rpm nss-devel-3.16.1-4.el6_5.s390x.rpm nss-sysinit-3.16.1-4.el6_5.s390x.rpm nss-tools-3.16.1-4.el6_5.s390x.rpm nss-util-3.16.1-1.el6_5.s390.rpm nss-util-3.16.1-1.el6_5.s390x.rpm nss-util-debuginfo-3.16.1-1.el6_5.s390.rpm nss-util-debuginfo-3.16.1-1.el6_5.s390x.rpm nss-util-devel-3.16.1-1.el6_5.s390.rpm nss-util-devel-3.16.1-1.el6_5.s390x.rpm x86_64: nspr-4.10.6-1.el6_5.i686.rpm nspr-4.10.6-1.el6_5.x86_64.rpm nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.x86_64.rpm nspr-devel-4.10.6-1.el6_5.i686.rpm nspr-devel-4.10.6-1.el6_5.x86_64.rpm nss-3.16.1-4.el6_5.i686.rpm nss-3.16.1-4.el6_5.x86_64.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.x86_64.rpm nss-devel-3.16.1-4.el6_5.i686.rpm nss-devel-3.16.1-4.el6_5.x86_64.rpm nss-sysinit-3.16.1-4.el6_5.x86_64.rpm nss-tools-3.16.1-4.el6_5.x86_64.rpm nss-util-3.16.1-1.el6_5.i686.rpm nss-util-3.16.1-1.el6_5.x86_64.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.x86_64.rpm nss-util-devel-3.16.1-1.el6_5.i686.rpm nss-util-devel-3.16.1-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: nss-3.16.1-4.el6_5.src.rpm i386: nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-pkcs11-devel-3.16.1-4.el6_5.i686.rpm ppc64: nss-debuginfo-3.16.1-4.el6_5.ppc.rpm nss-debuginfo-3.16.1-4.el6_5.ppc64.rpm nss-pkcs11-devel-3.16.1-4.el6_5.ppc.rpm nss-pkcs11-devel-3.16.1-4.el6_5.ppc64.rpm s390x: nss-debuginfo-3.16.1-4.el6_5.s390.rpm nss-debuginfo-3.16.1-4.el6_5.s390x.rpm nss-pkcs11-devel-3.16.1-4.el6_5.s390.rpm nss-pkcs11-devel-3.16.1-4.el6_5.s390x.rpm x86_64: nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.x86_64.rpm nss-pkcs11-devel-3.16.1-4.el6_5.i686.rpm nss-pkcs11-devel-3.16.1-4.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: nspr-4.10.6-1.el6_5.src.rpm nss-3.16.1-4.el6_5.src.rpm nss-util-3.16.1-1.el6_5.src.rpm i386: nspr-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-devel-4.10.6-1.el6_5.i686.rpm nss-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-devel-3.16.1-4.el6_5.i686.rpm nss-sysinit-3.16.1-4.el6_5.i686.rpm nss-tools-3.16.1-4.el6_5.i686.rpm nss-util-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-devel-3.16.1-1.el6_5.i686.rpm x86_64: nspr-4.10.6-1.el6_5.i686.rpm nspr-4.10.6-1.el6_5.x86_64.rpm nspr-debuginfo-4.10.6-1.el6_5.i686.rpm nspr-debuginfo-4.10.6-1.el6_5.x86_64.rpm nspr-devel-4.10.6-1.el6_5.i686.rpm nspr-devel-4.10.6-1.el6_5.x86_64.rpm nss-3.16.1-4.el6_5.i686.rpm nss-3.16.1-4.el6_5.x86_64.rpm nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.x86_64.rpm nss-devel-3.16.1-4.el6_5.i686.rpm nss-devel-3.16.1-4.el6_5.x86_64.rpm nss-sysinit-3.16.1-4.el6_5.x86_64.rpm nss-tools-3.16.1-4.el6_5.x86_64.rpm nss-util-3.16.1-1.el6_5.i686.rpm nss-util-3.16.1-1.el6_5.x86_64.rpm nss-util-debuginfo-3.16.1-1.el6_5.i686.rpm nss-util-debuginfo-3.16.1-1.el6_5.x86_64.rpm nss-util-devel-3.16.1-1.el6_5.i686.rpm nss-util-devel-3.16.1-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: nss-3.16.1-4.el6_5.src.rpm i386: nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-pkcs11-devel-3.16.1-4.el6_5.i686.rpm x86_64: nss-debuginfo-3.16.1-4.el6_5.i686.rpm nss-debuginfo-3.16.1-4.el6_5.x86_64.rpm nss-pkcs11-devel-3.16.1-4.el6_5.i686.rpm nss-pkcs11-devel-3.16.1-4.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-1740.html https://www.redhat.com/security/data/cve/CVE-2014-1490.html https://www.redhat.com/security/data/cve/CVE-2014-1491.html https://www.redhat.com/security/data/cve/CVE-2014-1492.html https://www.redhat.com/security/data/cve/CVE-2014-1544.html https://www.redhat.com/security/data/cve/CVE-2014-1545.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzrrLXlSAg2UNWIIRAmJAAKCk/kq/V4lg2HConylJV0GVGjLBuwCgq0cW DXDxz74LSkzpivxS+7k6Hgs= =iHhJ -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 22 19:27:07 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Jul 2014 19:27:07 +0000 Subject: [RHSA-2014:0918-01] Important: thunderbird security update Message-ID: <201407221927.s6MJR8hD021159@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: thunderbird security update Advisory ID: RHSA-2014:0918-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0918.html Issue date: 2014-07-22 CVE Names: CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 ===================================================================== 1. Summary: An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, David Keeler, Byron Campen, Jethro Beekman, Patrick Cozzi, and Mozilla community member John as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.7.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.7.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1121464 - CVE-2014-1547 Mozilla: Miscellaneous memory safety hazards (rv:24.7) (MFSA 2014-56) 1121476 - CVE-2014-1555 Mozilla: Use-after-free with FireOnStateChange event (MFSA 2014-61) 1121478 - CVE-2014-1556 Mozilla: Exploitable WebGL crash with Cesium JavaScript library (MFSA 2014-62) 1121479 - CVE-2014-1557 Mozilla: Crash in Skia library when scaling high quality images (MFSA 2014-64) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: thunderbird-24.7.0-1.el5_10.src.rpm i386: thunderbird-24.7.0-1.el5_10.i386.rpm thunderbird-debuginfo-24.7.0-1.el5_10.i386.rpm x86_64: thunderbird-24.7.0-1.el5_10.x86_64.rpm thunderbird-debuginfo-24.7.0-1.el5_10.x86_64.rpm Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server): Source: thunderbird-24.7.0-1.el5_10.src.rpm i386: thunderbird-24.7.0-1.el5_10.i386.rpm thunderbird-debuginfo-24.7.0-1.el5_10.i386.rpm x86_64: thunderbird-24.7.0-1.el5_10.x86_64.rpm thunderbird-debuginfo-24.7.0-1.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: thunderbird-24.7.0-1.el6_5.src.rpm i386: thunderbird-24.7.0-1.el6_5.i686.rpm thunderbird-debuginfo-24.7.0-1.el6_5.i686.rpm x86_64: thunderbird-24.7.0-1.el6_5.x86_64.rpm thunderbird-debuginfo-24.7.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: thunderbird-24.7.0-1.el6_5.src.rpm i386: thunderbird-24.7.0-1.el6_5.i686.rpm thunderbird-debuginfo-24.7.0-1.el6_5.i686.rpm ppc64: thunderbird-24.7.0-1.el6_5.ppc64.rpm thunderbird-debuginfo-24.7.0-1.el6_5.ppc64.rpm s390x: thunderbird-24.7.0-1.el6_5.s390x.rpm thunderbird-debuginfo-24.7.0-1.el6_5.s390x.rpm x86_64: thunderbird-24.7.0-1.el6_5.x86_64.rpm thunderbird-debuginfo-24.7.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: thunderbird-24.7.0-1.el6_5.src.rpm i386: thunderbird-24.7.0-1.el6_5.i686.rpm thunderbird-debuginfo-24.7.0-1.el6_5.i686.rpm x86_64: thunderbird-24.7.0-1.el6_5.x86_64.rpm thunderbird-debuginfo-24.7.0-1.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1547.html https://www.redhat.com/security/data/cve/CVE-2014-1555.html https://www.redhat.com/security/data/cve/CVE-2014-1556.html https://www.redhat.com/security/data/cve/CVE-2014-1557.html https://access.redhat.com/security/updates/classification/#important https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.7 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzrrrXlSAg2UNWIIRAsymAJ9NnBEYKbOGjiKv6cxJ0nsJRad08wCfaa5M 7OwZ0enFgRbB93GMNpfevsM= =uPvv -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 22 23:02:37 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 22 Jul 2014 23:02:37 +0000 Subject: [RHSA-2014:0919-01] Critical: firefox security update Message-ID: <201407222302.s6MN2b20029174@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2014:0919-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0919.html Issue date: 2014-07-22 CVE Names: CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 ===================================================================== 1. Summary: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, David Keeler, Byron Campen, Jethro Beekman, Patrick Cozzi, and Mozilla community member John as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.7.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.7.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1121464 - CVE-2014-1547 Mozilla: Miscellaneous memory safety hazards (rv:24.7) (MFSA 2014-56) 1121476 - CVE-2014-1555 Mozilla: Use-after-free with FireOnStateChange event (MFSA 2014-61) 1121478 - CVE-2014-1556 Mozilla: Exploitable WebGL crash with Cesium JavaScript library (MFSA 2014-62) 1121479 - CVE-2014-1557 Mozilla: Crash in Skia library when scaling high quality images (MFSA 2014-64) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: firefox-24.7.0-1.el5_10.src.rpm i386: firefox-24.7.0-1.el5_10.i386.rpm firefox-debuginfo-24.7.0-1.el5_10.i386.rpm x86_64: firefox-24.7.0-1.el5_10.i386.rpm firefox-24.7.0-1.el5_10.x86_64.rpm firefox-debuginfo-24.7.0-1.el5_10.i386.rpm firefox-debuginfo-24.7.0-1.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: firefox-24.7.0-1.el5_10.src.rpm i386: firefox-24.7.0-1.el5_10.i386.rpm firefox-debuginfo-24.7.0-1.el5_10.i386.rpm ia64: firefox-24.7.0-1.el5_10.ia64.rpm firefox-debuginfo-24.7.0-1.el5_10.ia64.rpm ppc: firefox-24.7.0-1.el5_10.ppc.rpm firefox-debuginfo-24.7.0-1.el5_10.ppc.rpm s390x: firefox-24.7.0-1.el5_10.s390.rpm firefox-24.7.0-1.el5_10.s390x.rpm firefox-debuginfo-24.7.0-1.el5_10.s390.rpm firefox-debuginfo-24.7.0-1.el5_10.s390x.rpm x86_64: firefox-24.7.0-1.el5_10.i386.rpm firefox-24.7.0-1.el5_10.x86_64.rpm firefox-debuginfo-24.7.0-1.el5_10.i386.rpm firefox-debuginfo-24.7.0-1.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: firefox-24.7.0-1.el6_5.src.rpm i386: firefox-24.7.0-1.el6_5.i686.rpm firefox-debuginfo-24.7.0-1.el6_5.i686.rpm x86_64: firefox-24.7.0-1.el6_5.i686.rpm firefox-24.7.0-1.el6_5.x86_64.rpm firefox-debuginfo-24.7.0-1.el6_5.i686.rpm firefox-debuginfo-24.7.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: firefox-24.7.0-1.el6_5.src.rpm x86_64: firefox-24.7.0-1.el6_5.i686.rpm firefox-24.7.0-1.el6_5.x86_64.rpm firefox-debuginfo-24.7.0-1.el6_5.i686.rpm firefox-debuginfo-24.7.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: firefox-24.7.0-1.el6_5.src.rpm i386: firefox-24.7.0-1.el6_5.i686.rpm firefox-debuginfo-24.7.0-1.el6_5.i686.rpm ppc64: firefox-24.7.0-1.el6_5.ppc.rpm firefox-24.7.0-1.el6_5.ppc64.rpm firefox-debuginfo-24.7.0-1.el6_5.ppc.rpm firefox-debuginfo-24.7.0-1.el6_5.ppc64.rpm s390x: firefox-24.7.0-1.el6_5.s390.rpm firefox-24.7.0-1.el6_5.s390x.rpm firefox-debuginfo-24.7.0-1.el6_5.s390.rpm firefox-debuginfo-24.7.0-1.el6_5.s390x.rpm x86_64: firefox-24.7.0-1.el6_5.i686.rpm firefox-24.7.0-1.el6_5.x86_64.rpm firefox-debuginfo-24.7.0-1.el6_5.i686.rpm firefox-debuginfo-24.7.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: firefox-24.7.0-1.el6_5.src.rpm i386: firefox-24.7.0-1.el6_5.i686.rpm firefox-debuginfo-24.7.0-1.el6_5.i686.rpm x86_64: firefox-24.7.0-1.el6_5.i686.rpm firefox-24.7.0-1.el6_5.x86_64.rpm firefox-debuginfo-24.7.0-1.el6_5.i686.rpm firefox-debuginfo-24.7.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: firefox-24.7.0-1.el7_0.src.rpm xulrunner-24.7.0-1.el7_0.src.rpm x86_64: firefox-24.7.0-1.el7_0.x86_64.rpm firefox-debuginfo-24.7.0-1.el7_0.x86_64.rpm xulrunner-24.7.0-1.el7_0.i686.rpm xulrunner-24.7.0-1.el7_0.x86_64.rpm xulrunner-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: firefox-24.7.0-1.el7_0.i686.rpm firefox-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.x86_64.rpm xulrunner-devel-24.7.0-1.el7_0.i686.rpm xulrunner-devel-24.7.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: xulrunner-24.7.0-1.el7_0.src.rpm x86_64: xulrunner-24.7.0-1.el7_0.i686.rpm xulrunner-24.7.0-1.el7_0.x86_64.rpm xulrunner-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.x86_64.rpm xulrunner-devel-24.7.0-1.el7_0.i686.rpm xulrunner-devel-24.7.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-24.7.0-1.el7_0.src.rpm xulrunner-24.7.0-1.el7_0.src.rpm ppc64: firefox-24.7.0-1.el7_0.ppc64.rpm firefox-debuginfo-24.7.0-1.el7_0.ppc64.rpm xulrunner-24.7.0-1.el7_0.ppc.rpm xulrunner-24.7.0-1.el7_0.ppc64.rpm xulrunner-debuginfo-24.7.0-1.el7_0.ppc.rpm xulrunner-debuginfo-24.7.0-1.el7_0.ppc64.rpm s390x: firefox-24.7.0-1.el7_0.s390x.rpm firefox-debuginfo-24.7.0-1.el7_0.s390x.rpm x86_64: firefox-24.7.0-1.el7_0.x86_64.rpm firefox-debuginfo-24.7.0-1.el7_0.x86_64.rpm xulrunner-24.7.0-1.el7_0.i686.rpm xulrunner-24.7.0-1.el7_0.x86_64.rpm xulrunner-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: xulrunner-24.7.0-1.el7_0.src.rpm ppc64: firefox-24.7.0-1.el7_0.ppc.rpm firefox-debuginfo-24.7.0-1.el7_0.ppc.rpm xulrunner-debuginfo-24.7.0-1.el7_0.ppc.rpm xulrunner-debuginfo-24.7.0-1.el7_0.ppc64.rpm xulrunner-devel-24.7.0-1.el7_0.ppc.rpm xulrunner-devel-24.7.0-1.el7_0.ppc64.rpm s390x: firefox-24.7.0-1.el7_0.s390.rpm firefox-debuginfo-24.7.0-1.el7_0.s390.rpm xulrunner-24.7.0-1.el7_0.s390.rpm xulrunner-24.7.0-1.el7_0.s390x.rpm xulrunner-debuginfo-24.7.0-1.el7_0.s390.rpm xulrunner-debuginfo-24.7.0-1.el7_0.s390x.rpm xulrunner-devel-24.7.0-1.el7_0.s390.rpm xulrunner-devel-24.7.0-1.el7_0.s390x.rpm x86_64: firefox-24.7.0-1.el7_0.i686.rpm firefox-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.x86_64.rpm xulrunner-devel-24.7.0-1.el7_0.i686.rpm xulrunner-devel-24.7.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: firefox-24.7.0-1.el7_0.src.rpm xulrunner-24.7.0-1.el7_0.src.rpm x86_64: firefox-24.7.0-1.el7_0.x86_64.rpm firefox-debuginfo-24.7.0-1.el7_0.x86_64.rpm xulrunner-24.7.0-1.el7_0.i686.rpm xulrunner-24.7.0-1.el7_0.x86_64.rpm xulrunner-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: firefox-24.7.0-1.el7_0.i686.rpm firefox-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.7.0-1.el7_0.x86_64.rpm xulrunner-devel-24.7.0-1.el7_0.i686.rpm xulrunner-devel-24.7.0-1.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1547.html https://www.redhat.com/security/data/cve/CVE-2014-1555.html https://www.redhat.com/security/data/cve/CVE-2014-1556.html https://www.redhat.com/security/data/cve/CVE-2014-1557.html https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.7 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTzu12XlSAg2UNWIIRAtqcAJ4wnGwfCwr297KBJ2LKp4g9Xz7KcACfbhTq jrF1ab+hOptVeWceT0msK/w= =nicH -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 23 10:13:24 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jul 2014 10:13:24 +0000 Subject: [RHSA-2014:0920-01] Important: httpd security update Message-ID: <201407231006.s6NA62UU010594@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: httpd security update Advisory ID: RHSA-2014:0920-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0920.html Issue date: 2014-07-23 CVE Names: CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 ===================================================================== 1. Summary: Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2014-0226) A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression (configured via the "DEFLATE" input filter). A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system. (CVE-2014-0118) A denial of service flaw was found in the way httpd's mod_cgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely. (CVE-2014-0231) All httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1120596 - CVE-2014-0231 httpd: mod_cgid denial of service 1120601 - CVE-2014-0118 httpd: mod_deflate denial of service 1120603 - CVE-2014-0226 httpd: mod_status heap-based buffer overflow 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: httpd-2.2.3-87.el5_10.src.rpm i386: httpd-2.2.3-87.el5_10.i386.rpm httpd-debuginfo-2.2.3-87.el5_10.i386.rpm mod_ssl-2.2.3-87.el5_10.i386.rpm x86_64: httpd-2.2.3-87.el5_10.x86_64.rpm httpd-debuginfo-2.2.3-87.el5_10.x86_64.rpm mod_ssl-2.2.3-87.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop Workstation (v. 5 client): Source: httpd-2.2.3-87.el5_10.src.rpm i386: httpd-debuginfo-2.2.3-87.el5_10.i386.rpm httpd-devel-2.2.3-87.el5_10.i386.rpm httpd-manual-2.2.3-87.el5_10.i386.rpm x86_64: httpd-debuginfo-2.2.3-87.el5_10.i386.rpm httpd-debuginfo-2.2.3-87.el5_10.x86_64.rpm httpd-devel-2.2.3-87.el5_10.i386.rpm httpd-devel-2.2.3-87.el5_10.x86_64.rpm httpd-manual-2.2.3-87.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: httpd-2.2.3-87.el5_10.src.rpm i386: httpd-2.2.3-87.el5_10.i386.rpm httpd-debuginfo-2.2.3-87.el5_10.i386.rpm httpd-devel-2.2.3-87.el5_10.i386.rpm httpd-manual-2.2.3-87.el5_10.i386.rpm mod_ssl-2.2.3-87.el5_10.i386.rpm ia64: httpd-2.2.3-87.el5_10.ia64.rpm httpd-debuginfo-2.2.3-87.el5_10.ia64.rpm httpd-devel-2.2.3-87.el5_10.ia64.rpm httpd-manual-2.2.3-87.el5_10.ia64.rpm mod_ssl-2.2.3-87.el5_10.ia64.rpm ppc: httpd-2.2.3-87.el5_10.ppc.rpm httpd-debuginfo-2.2.3-87.el5_10.ppc.rpm httpd-debuginfo-2.2.3-87.el5_10.ppc64.rpm httpd-devel-2.2.3-87.el5_10.ppc.rpm httpd-devel-2.2.3-87.el5_10.ppc64.rpm httpd-manual-2.2.3-87.el5_10.ppc.rpm mod_ssl-2.2.3-87.el5_10.ppc.rpm s390x: httpd-2.2.3-87.el5_10.s390x.rpm httpd-debuginfo-2.2.3-87.el5_10.s390.rpm httpd-debuginfo-2.2.3-87.el5_10.s390x.rpm httpd-devel-2.2.3-87.el5_10.s390.rpm httpd-devel-2.2.3-87.el5_10.s390x.rpm httpd-manual-2.2.3-87.el5_10.s390x.rpm mod_ssl-2.2.3-87.el5_10.s390x.rpm x86_64: httpd-2.2.3-87.el5_10.x86_64.rpm httpd-debuginfo-2.2.3-87.el5_10.i386.rpm httpd-debuginfo-2.2.3-87.el5_10.x86_64.rpm httpd-devel-2.2.3-87.el5_10.i386.rpm httpd-devel-2.2.3-87.el5_10.x86_64.rpm httpd-manual-2.2.3-87.el5_10.x86_64.rpm mod_ssl-2.2.3-87.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: httpd-2.2.15-31.el6_5.src.rpm i386: httpd-2.2.15-31.el6_5.i686.rpm httpd-debuginfo-2.2.15-31.el6_5.i686.rpm httpd-tools-2.2.15-31.el6_5.i686.rpm x86_64: httpd-2.2.15-31.el6_5.x86_64.rpm httpd-debuginfo-2.2.15-31.el6_5.x86_64.rpm httpd-tools-2.2.15-31.el6_5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: httpd-2.2.15-31.el6_5.src.rpm i386: httpd-debuginfo-2.2.15-31.el6_5.i686.rpm httpd-devel-2.2.15-31.el6_5.i686.rpm mod_ssl-2.2.15-31.el6_5.i686.rpm noarch: httpd-manual-2.2.15-31.el6_5.noarch.rpm x86_64: httpd-debuginfo-2.2.15-31.el6_5.i686.rpm httpd-debuginfo-2.2.15-31.el6_5.x86_64.rpm httpd-devel-2.2.15-31.el6_5.i686.rpm httpd-devel-2.2.15-31.el6_5.x86_64.rpm mod_ssl-2.2.15-31.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: httpd-2.2.15-31.el6_5.src.rpm x86_64: httpd-2.2.15-31.el6_5.x86_64.rpm httpd-debuginfo-2.2.15-31.el6_5.x86_64.rpm httpd-tools-2.2.15-31.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: httpd-2.2.15-31.el6_5.src.rpm noarch: httpd-manual-2.2.15-31.el6_5.noarch.rpm x86_64: httpd-debuginfo-2.2.15-31.el6_5.i686.rpm httpd-debuginfo-2.2.15-31.el6_5.x86_64.rpm httpd-devel-2.2.15-31.el6_5.i686.rpm httpd-devel-2.2.15-31.el6_5.x86_64.rpm mod_ssl-2.2.15-31.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: httpd-2.2.15-31.el6_5.src.rpm i386: httpd-2.2.15-31.el6_5.i686.rpm httpd-debuginfo-2.2.15-31.el6_5.i686.rpm httpd-devel-2.2.15-31.el6_5.i686.rpm httpd-tools-2.2.15-31.el6_5.i686.rpm mod_ssl-2.2.15-31.el6_5.i686.rpm noarch: httpd-manual-2.2.15-31.el6_5.noarch.rpm ppc64: httpd-2.2.15-31.el6_5.ppc64.rpm httpd-debuginfo-2.2.15-31.el6_5.ppc.rpm httpd-debuginfo-2.2.15-31.el6_5.ppc64.rpm httpd-devel-2.2.15-31.el6_5.ppc.rpm httpd-devel-2.2.15-31.el6_5.ppc64.rpm httpd-tools-2.2.15-31.el6_5.ppc64.rpm mod_ssl-2.2.15-31.el6_5.ppc64.rpm s390x: httpd-2.2.15-31.el6_5.s390x.rpm httpd-debuginfo-2.2.15-31.el6_5.s390.rpm httpd-debuginfo-2.2.15-31.el6_5.s390x.rpm httpd-devel-2.2.15-31.el6_5.s390.rpm httpd-devel-2.2.15-31.el6_5.s390x.rpm httpd-tools-2.2.15-31.el6_5.s390x.rpm mod_ssl-2.2.15-31.el6_5.s390x.rpm x86_64: httpd-2.2.15-31.el6_5.x86_64.rpm httpd-debuginfo-2.2.15-31.el6_5.i686.rpm httpd-debuginfo-2.2.15-31.el6_5.x86_64.rpm httpd-devel-2.2.15-31.el6_5.i686.rpm httpd-devel-2.2.15-31.el6_5.x86_64.rpm httpd-tools-2.2.15-31.el6_5.x86_64.rpm mod_ssl-2.2.15-31.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: httpd-2.2.15-31.el6_5.src.rpm i386: httpd-2.2.15-31.el6_5.i686.rpm httpd-debuginfo-2.2.15-31.el6_5.i686.rpm httpd-devel-2.2.15-31.el6_5.i686.rpm httpd-tools-2.2.15-31.el6_5.i686.rpm mod_ssl-2.2.15-31.el6_5.i686.rpm noarch: httpd-manual-2.2.15-31.el6_5.noarch.rpm x86_64: httpd-2.2.15-31.el6_5.x86_64.rpm httpd-debuginfo-2.2.15-31.el6_5.i686.rpm httpd-debuginfo-2.2.15-31.el6_5.x86_64.rpm httpd-devel-2.2.15-31.el6_5.i686.rpm httpd-devel-2.2.15-31.el6_5.x86_64.rpm httpd-tools-2.2.15-31.el6_5.x86_64.rpm mod_ssl-2.2.15-31.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0118.html https://www.redhat.com/security/data/cve/CVE-2014-0226.html https://www.redhat.com/security/data/cve/CVE-2014-0231.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTz4jxXlSAg2UNWIIRAi2PAJ4mlJA8WFsfdw7lpgSkwwJatJC8bgCghwMO KauvIF7hYrmFTrbgsOdEycI= =fHZu -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 23 10:14:51 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jul 2014 10:14:51 +0000 Subject: [RHSA-2014:0921-01] Important: httpd security update Message-ID: <201407231007.s6NA7TvK029752@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: httpd security update Advisory ID: RHSA-2014:0921-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0921.html Issue date: 2014-07-23 CVE Names: CVE-2013-4352 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 ===================================================================== 1. Summary: Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2014-0226) A NULL pointer dereference flaw was found in the mod_cache httpd module. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP Server was used as a forward proxy with caching. (CVE-2013-4352) A denial of service flaw was found in the mod_proxy httpd module. A remote attacker could send a specially crafted request to a server configured as a reverse proxy using a threaded Multi-Processing Modules (MPM) that would cause the httpd child process to crash. (CVE-2014-0117) A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression (configured via the "DEFLATE" input filter). A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system. (CVE-2014-0118) A denial of service flaw was found in the way httpd's mod_cgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely. (CVE-2014-0231) All httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1120596 - CVE-2014-0231 httpd: mod_cgid denial of service 1120599 - CVE-2014-0117 httpd: mod_proxy denial of service 1120601 - CVE-2014-0118 httpd: mod_deflate denial of service 1120603 - CVE-2014-0226 httpd: mod_status heap-based buffer overflow 1120604 - CVE-2013-4352 httpd: mod_cache NULL pointer dereference crash 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: httpd-2.4.6-18.el7_0.src.rpm noarch: httpd-manual-2.4.6-18.el7_0.noarch.rpm x86_64: httpd-2.4.6-18.el7_0.x86_64.rpm httpd-debuginfo-2.4.6-18.el7_0.x86_64.rpm httpd-devel-2.4.6-18.el7_0.x86_64.rpm httpd-tools-2.4.6-18.el7_0.x86_64.rpm mod_ldap-2.4.6-18.el7_0.x86_64.rpm mod_proxy_html-2.4.6-18.el7_0.x86_64.rpm mod_session-2.4.6-18.el7_0.x86_64.rpm mod_ssl-2.4.6-18.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: httpd-2.4.6-18.el7_0.src.rpm noarch: httpd-manual-2.4.6-18.el7_0.noarch.rpm x86_64: httpd-2.4.6-18.el7_0.x86_64.rpm httpd-debuginfo-2.4.6-18.el7_0.x86_64.rpm httpd-devel-2.4.6-18.el7_0.x86_64.rpm httpd-tools-2.4.6-18.el7_0.x86_64.rpm mod_ldap-2.4.6-18.el7_0.x86_64.rpm mod_proxy_html-2.4.6-18.el7_0.x86_64.rpm mod_session-2.4.6-18.el7_0.x86_64.rpm mod_ssl-2.4.6-18.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: httpd-2.4.6-18.el7_0.src.rpm noarch: httpd-manual-2.4.6-18.el7_0.noarch.rpm ppc64: httpd-2.4.6-18.el7_0.ppc64.rpm httpd-debuginfo-2.4.6-18.el7_0.ppc64.rpm httpd-devel-2.4.6-18.el7_0.ppc64.rpm httpd-tools-2.4.6-18.el7_0.ppc64.rpm mod_ssl-2.4.6-18.el7_0.ppc64.rpm s390x: httpd-2.4.6-18.el7_0.s390x.rpm httpd-debuginfo-2.4.6-18.el7_0.s390x.rpm httpd-devel-2.4.6-18.el7_0.s390x.rpm httpd-tools-2.4.6-18.el7_0.s390x.rpm mod_ssl-2.4.6-18.el7_0.s390x.rpm x86_64: httpd-2.4.6-18.el7_0.x86_64.rpm httpd-debuginfo-2.4.6-18.el7_0.x86_64.rpm httpd-devel-2.4.6-18.el7_0.x86_64.rpm httpd-tools-2.4.6-18.el7_0.x86_64.rpm mod_ssl-2.4.6-18.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: httpd-debuginfo-2.4.6-18.el7_0.ppc64.rpm mod_ldap-2.4.6-18.el7_0.ppc64.rpm mod_proxy_html-2.4.6-18.el7_0.ppc64.rpm mod_session-2.4.6-18.el7_0.ppc64.rpm s390x: httpd-debuginfo-2.4.6-18.el7_0.s390x.rpm mod_ldap-2.4.6-18.el7_0.s390x.rpm mod_proxy_html-2.4.6-18.el7_0.s390x.rpm mod_session-2.4.6-18.el7_0.s390x.rpm x86_64: httpd-debuginfo-2.4.6-18.el7_0.x86_64.rpm mod_ldap-2.4.6-18.el7_0.x86_64.rpm mod_proxy_html-2.4.6-18.el7_0.x86_64.rpm mod_session-2.4.6-18.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: httpd-2.4.6-18.el7_0.src.rpm noarch: httpd-manual-2.4.6-18.el7_0.noarch.rpm x86_64: httpd-2.4.6-18.el7_0.x86_64.rpm httpd-debuginfo-2.4.6-18.el7_0.x86_64.rpm httpd-devel-2.4.6-18.el7_0.x86_64.rpm httpd-tools-2.4.6-18.el7_0.x86_64.rpm mod_ssl-2.4.6-18.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: httpd-debuginfo-2.4.6-18.el7_0.x86_64.rpm mod_ldap-2.4.6-18.el7_0.x86_64.rpm mod_proxy_html-2.4.6-18.el7_0.x86_64.rpm mod_session-2.4.6-18.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-4352.html https://www.redhat.com/security/data/cve/CVE-2014-0117.html https://www.redhat.com/security/data/cve/CVE-2014-0118.html https://www.redhat.com/security/data/cve/CVE-2014-0226.html https://www.redhat.com/security/data/cve/CVE-2014-0231.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTz4k8XlSAg2UNWIIRAhYKAJ9g2VrkFgyFz55UEfv0x8fGXSyjwACghfJ7 zOzeWbMF1aXEVExM5K4QNMA= =qBwW -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 23 10:16:55 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jul 2014 10:16:55 +0000 Subject: [RHSA-2014:0922-01] Important: httpd24-httpd security update Message-ID: <201407231009.s6NA9Xc7014046@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: httpd24-httpd security update Advisory ID: RHSA-2014:0922-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0922.html Issue date: 2014-07-23 CVE Names: CVE-2013-4352 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 ===================================================================== 1. Summary: Updated httpd24-httpd packages that fix multiple security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4) - noarch, x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2014-0226) A NULL pointer dereference flaw was found in the mod_cache httpd module. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP Server was used as a forward proxy with caching. (CVE-2013-4352) A denial of service flaw was found in the mod_proxy httpd module. A remote attacker could send a specially crafted request to a server configured as a reverse proxy using a threaded Multi-Processing Modules (MPM) that would cause the httpd child process to crash. (CVE-2014-0117) A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression (configured via the "DEFLATE" input filter). A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system. (CVE-2014-0118) A denial of service flaw was found in the way httpd's mod_cgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely. (CVE-2014-0231) All httpd24-httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1120596 - CVE-2014-0231 httpd: mod_cgid denial of service 1120599 - CVE-2014-0117 httpd: mod_proxy denial of service 1120601 - CVE-2014-0118 httpd: mod_deflate denial of service 1120603 - CVE-2014-0226 httpd: mod_status heap-based buffer overflow 1120604 - CVE-2013-4352 httpd: mod_cache NULL pointer dereference crash 6. Package List: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6): Source: httpd24-httpd-2.4.6-18.el6.src.rpm noarch: httpd24-httpd-manual-2.4.6-18.el6.noarch.rpm x86_64: httpd24-httpd-2.4.6-18.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.6-18.el6.x86_64.rpm httpd24-httpd-devel-2.4.6-18.el6.x86_64.rpm httpd24-httpd-tools-2.4.6-18.el6.x86_64.rpm httpd24-mod_ldap-2.4.6-18.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.6-18.el6.x86_64.rpm httpd24-mod_session-2.4.6-18.el6.x86_64.rpm httpd24-mod_ssl-2.4.6-18.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4): Source: httpd24-httpd-2.4.6-18.el6.src.rpm noarch: httpd24-httpd-manual-2.4.6-18.el6.noarch.rpm x86_64: httpd24-httpd-2.4.6-18.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.6-18.el6.x86_64.rpm httpd24-httpd-devel-2.4.6-18.el6.x86_64.rpm httpd24-httpd-tools-2.4.6-18.el6.x86_64.rpm httpd24-mod_ldap-2.4.6-18.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.6-18.el6.x86_64.rpm httpd24-mod_session-2.4.6-18.el6.x86_64.rpm httpd24-mod_ssl-2.4.6-18.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6): Source: httpd24-httpd-2.4.6-18.el6.src.rpm noarch: httpd24-httpd-manual-2.4.6-18.el6.noarch.rpm x86_64: httpd24-httpd-2.4.6-18.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.6-18.el6.x86_64.rpm httpd24-httpd-devel-2.4.6-18.el6.x86_64.rpm httpd24-httpd-tools-2.4.6-18.el6.x86_64.rpm httpd24-mod_ldap-2.4.6-18.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.6-18.el6.x86_64.rpm httpd24-mod_session-2.4.6-18.el6.x86_64.rpm httpd24-mod_ssl-2.4.6-18.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7): Source: httpd24-httpd-2.4.6-21.el7.src.rpm noarch: httpd24-httpd-manual-2.4.6-21.el7.noarch.rpm x86_64: httpd24-httpd-2.4.6-21.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.6-21.el7.x86_64.rpm httpd24-httpd-devel-2.4.6-21.el7.x86_64.rpm httpd24-httpd-tools-2.4.6-21.el7.x86_64.rpm httpd24-mod_ldap-2.4.6-21.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.6-21.el7.x86_64.rpm httpd24-mod_session-2.4.6-21.el7.x86_64.rpm httpd24-mod_ssl-2.4.6-21.el7.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7): Source: httpd24-httpd-2.4.6-21.el7.src.rpm noarch: httpd24-httpd-manual-2.4.6-21.el7.noarch.rpm x86_64: httpd24-httpd-2.4.6-21.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.6-21.el7.x86_64.rpm httpd24-httpd-devel-2.4.6-21.el7.x86_64.rpm httpd24-httpd-tools-2.4.6-21.el7.x86_64.rpm httpd24-mod_ldap-2.4.6-21.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.6-21.el7.x86_64.rpm httpd24-mod_session-2.4.6-21.el7.x86_64.rpm httpd24-mod_ssl-2.4.6-21.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-4352.html https://www.redhat.com/security/data/cve/CVE-2014-0117.html https://www.redhat.com/security/data/cve/CVE-2014-0118.html https://www.redhat.com/security/data/cve/CVE-2014-0226.html https://www.redhat.com/security/data/cve/CVE-2014-0231.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTz4nYXlSAg2UNWIIRAsFrAKCUzY45KZMYY6z88UBAzFWQYzBvSQCgmf0v kmH5M0yw2miRn/5hGQamQPc= =nZ64 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 23 17:28:58 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jul 2014 17:28:58 +0000 Subject: [RHSA-2014:0923-01] Important: kernel security update Message-ID: <201407231728.s6NHSw79018768@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2014:0923-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0923.html Issue date: 2014-07-23 CVE Names: CVE-2014-4699 CVE-2014-4943 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important) Note: The CVE-2014-4699 issue only affected systems using an Intel CPU. * A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important) Red Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address 1119458 - CVE-2014-4943 kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt() 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-123.4.4.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.4.4.el7.noarch.rpm x86_64: kernel-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm kernel-devel-3.10.0-123.4.4.el7.x86_64.rpm kernel-headers-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.4.4.el7.x86_64.rpm perf-3.10.0-123.4.4.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: kernel-doc-3.10.0-123.4.4.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.4.4.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm python-perf-3.10.0-123.4.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-123.4.4.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.4.4.el7.noarch.rpm x86_64: kernel-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm kernel-devel-3.10.0-123.4.4.el7.x86_64.rpm kernel-headers-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.4.4.el7.x86_64.rpm perf-3.10.0-123.4.4.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: kernel-doc-3.10.0-123.4.4.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.4.4.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm python-perf-3.10.0-123.4.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-123.4.4.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.4.4.el7.noarch.rpm ppc64: kernel-3.10.0-123.4.4.el7.ppc64.rpm kernel-bootwrapper-3.10.0-123.4.4.el7.ppc64.rpm kernel-debug-3.10.0-123.4.4.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm kernel-debug-devel-3.10.0-123.4.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-123.4.4.el7.ppc64.rpm kernel-devel-3.10.0-123.4.4.el7.ppc64.rpm kernel-headers-3.10.0-123.4.4.el7.ppc64.rpm kernel-tools-3.10.0-123.4.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm kernel-tools-libs-3.10.0-123.4.4.el7.ppc64.rpm perf-3.10.0-123.4.4.el7.ppc64.rpm perf-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm s390x: kernel-3.10.0-123.4.4.el7.s390x.rpm kernel-debug-3.10.0-123.4.4.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-123.4.4.el7.s390x.rpm kernel-debug-devel-3.10.0-123.4.4.el7.s390x.rpm kernel-debuginfo-3.10.0-123.4.4.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-123.4.4.el7.s390x.rpm kernel-devel-3.10.0-123.4.4.el7.s390x.rpm kernel-headers-3.10.0-123.4.4.el7.s390x.rpm kernel-kdump-3.10.0-123.4.4.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-123.4.4.el7.s390x.rpm kernel-kdump-devel-3.10.0-123.4.4.el7.s390x.rpm perf-3.10.0-123.4.4.el7.s390x.rpm perf-debuginfo-3.10.0-123.4.4.el7.s390x.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.s390x.rpm x86_64: kernel-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm kernel-devel-3.10.0-123.4.4.el7.x86_64.rpm kernel-headers-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.4.4.el7.x86_64.rpm perf-3.10.0-123.4.4.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: kernel-doc-3.10.0-123.4.4.el7.noarch.rpm ppc64: kernel-debug-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-123.4.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-123.4.4.el7.ppc64.rpm perf-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm python-perf-3.10.0-123.4.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm s390x: kernel-debug-debuginfo-3.10.0-123.4.4.el7.s390x.rpm kernel-debuginfo-3.10.0-123.4.4.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-123.4.4.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-123.4.4.el7.s390x.rpm perf-debuginfo-3.10.0-123.4.4.el7.s390x.rpm python-perf-3.10.0-123.4.4.el7.s390x.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.s390x.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.4.4.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm python-perf-3.10.0-123.4.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-123.4.4.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.4.4.el7.noarch.rpm x86_64: kernel-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm kernel-devel-3.10.0-123.4.4.el7.x86_64.rpm kernel-headers-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.4.4.el7.x86_64.rpm perf-3.10.0-123.4.4.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: kernel-doc-3.10.0-123.4.4.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.4.4.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm python-perf-3.10.0-123.4.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-4699.html https://www.redhat.com/security/data/cve/CVE-2014-4943.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTz/DMXlSAg2UNWIIRAttrAJ9zW4vHtV4r4rmhDf8RpEfXPS0HiQCgm3XA SSXWmBVsJGn4YDCjUZOf90M= =oB01 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 23 17:29:45 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jul 2014 17:29:45 +0000 Subject: [RHSA-2014:0924-01] Important: kernel security update Message-ID: <201407231729.s6NHTjCX002785@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2014:0924-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0924.html Issue date: 2014-07-23 CVE Names: CVE-2014-4699 CVE-2014-4943 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important) Note: The CVE-2014-4699 issue only affected systems using an Intel CPU. * A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important) Red Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address 1119458 - CVE-2014-4943 kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt() 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-431.20.5.el6.src.rpm i386: kernel-2.6.32-431.20.5.el6.i686.rpm kernel-debug-2.6.32-431.20.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debug-devel-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.5.el6.i686.rpm kernel-devel-2.6.32-431.20.5.el6.i686.rpm kernel-headers-2.6.32-431.20.5.el6.i686.rpm perf-2.6.32-431.20.5.el6.i686.rpm perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm kernel-doc-2.6.32-431.20.5.el6.noarch.rpm kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm x86_64: kernel-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm kernel-devel-2.6.32-431.20.5.el6.x86_64.rpm kernel-headers-2.6.32-431.20.5.el6.x86_64.rpm perf-2.6.32-431.20.5.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: kernel-2.6.32-431.20.5.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.5.el6.i686.rpm perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm python-perf-2.6.32-431.20.5.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm python-perf-2.6.32-431.20.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-431.20.5.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm kernel-doc-2.6.32-431.20.5.el6.noarch.rpm kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm x86_64: kernel-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm kernel-devel-2.6.32-431.20.5.el6.x86_64.rpm kernel-headers-2.6.32-431.20.5.el6.x86_64.rpm perf-2.6.32-431.20.5.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: kernel-2.6.32-431.20.5.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm python-perf-2.6.32-431.20.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-431.20.5.el6.src.rpm i386: kernel-2.6.32-431.20.5.el6.i686.rpm kernel-debug-2.6.32-431.20.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debug-devel-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.5.el6.i686.rpm kernel-devel-2.6.32-431.20.5.el6.i686.rpm kernel-headers-2.6.32-431.20.5.el6.i686.rpm perf-2.6.32-431.20.5.el6.i686.rpm perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm kernel-doc-2.6.32-431.20.5.el6.noarch.rpm kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm ppc64: kernel-2.6.32-431.20.5.el6.ppc64.rpm kernel-bootwrapper-2.6.32-431.20.5.el6.ppc64.rpm kernel-debug-2.6.32-431.20.5.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm kernel-debug-devel-2.6.32-431.20.5.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.20.5.el6.ppc64.rpm kernel-devel-2.6.32-431.20.5.el6.ppc64.rpm kernel-headers-2.6.32-431.20.5.el6.ppc64.rpm perf-2.6.32-431.20.5.el6.ppc64.rpm perf-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm s390x: kernel-2.6.32-431.20.5.el6.s390x.rpm kernel-debug-2.6.32-431.20.5.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.s390x.rpm kernel-debug-devel-2.6.32-431.20.5.el6.s390x.rpm kernel-debuginfo-2.6.32-431.20.5.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.20.5.el6.s390x.rpm kernel-devel-2.6.32-431.20.5.el6.s390x.rpm kernel-headers-2.6.32-431.20.5.el6.s390x.rpm kernel-kdump-2.6.32-431.20.5.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.20.5.el6.s390x.rpm kernel-kdump-devel-2.6.32-431.20.5.el6.s390x.rpm perf-2.6.32-431.20.5.el6.s390x.rpm perf-debuginfo-2.6.32-431.20.5.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.s390x.rpm x86_64: kernel-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm kernel-devel-2.6.32-431.20.5.el6.x86_64.rpm kernel-headers-2.6.32-431.20.5.el6.x86_64.rpm perf-2.6.32-431.20.5.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: kernel-2.6.32-431.20.5.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.5.el6.i686.rpm perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm python-perf-2.6.32-431.20.5.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.20.5.el6.ppc64.rpm perf-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm python-perf-2.6.32-431.20.5.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-431.20.5.el6.s390x.rpm kernel-debuginfo-2.6.32-431.20.5.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.20.5.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.20.5.el6.s390x.rpm perf-debuginfo-2.6.32-431.20.5.el6.s390x.rpm python-perf-2.6.32-431.20.5.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm python-perf-2.6.32-431.20.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-431.20.5.el6.src.rpm i386: kernel-2.6.32-431.20.5.el6.i686.rpm kernel-debug-2.6.32-431.20.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debug-devel-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.5.el6.i686.rpm kernel-devel-2.6.32-431.20.5.el6.i686.rpm kernel-headers-2.6.32-431.20.5.el6.i686.rpm perf-2.6.32-431.20.5.el6.i686.rpm perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm kernel-doc-2.6.32-431.20.5.el6.noarch.rpm kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm x86_64: kernel-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm kernel-devel-2.6.32-431.20.5.el6.x86_64.rpm kernel-headers-2.6.32-431.20.5.el6.x86_64.rpm perf-2.6.32-431.20.5.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: kernel-2.6.32-431.20.5.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.5.el6.i686.rpm perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm python-perf-2.6.32-431.20.5.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm python-perf-2.6.32-431.20.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-4699.html https://www.redhat.com/security/data/cve/CVE-2014-4943.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTz/D4XlSAg2UNWIIRAk3AAKCY8n5qeLBMA9x9vkVcwUNAu4iAmQCcDXQM R2iBqbe55B9yfppjZqBOHDQ= =yxns -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 23 17:30:16 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jul 2014 17:30:16 +0000 Subject: [RHSA-2014:0925-01] Important: kernel security update Message-ID: <201407231730.s6NHUGAc019269@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2014:0925-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0925.html Issue date: 2014-07-23 CVE Names: CVE-2014-4699 CVE-2014-4943 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important) Note: The CVE-2014-4699 issue only affected systems using an Intel CPU. * A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important) Red Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address 1119458 - CVE-2014-4943 kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt() 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.4): Source: kernel-2.6.32-358.46.2.el6.src.rpm noarch: kernel-doc-2.6.32-358.46.2.el6.noarch.rpm kernel-firmware-2.6.32-358.46.2.el6.noarch.rpm x86_64: kernel-2.6.32-358.46.2.el6.x86_64.rpm kernel-debug-2.6.32-358.46.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.46.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.46.2.el6.x86_64.rpm kernel-devel-2.6.32-358.46.2.el6.x86_64.rpm kernel-headers-2.6.32-358.46.2.el6.x86_64.rpm perf-2.6.32-358.46.2.el6.x86_64.rpm perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4): Source: kernel-2.6.32-358.46.2.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.46.2.el6.x86_64.rpm perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm python-perf-2.6.32-358.46.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.4): Source: kernel-2.6.32-358.46.2.el6.src.rpm i386: kernel-2.6.32-358.46.2.el6.i686.rpm kernel-debug-2.6.32-358.46.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.46.2.el6.i686.rpm kernel-debug-devel-2.6.32-358.46.2.el6.i686.rpm kernel-debuginfo-2.6.32-358.46.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.46.2.el6.i686.rpm kernel-devel-2.6.32-358.46.2.el6.i686.rpm kernel-headers-2.6.32-358.46.2.el6.i686.rpm perf-2.6.32-358.46.2.el6.i686.rpm perf-debuginfo-2.6.32-358.46.2.el6.i686.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.i686.rpm noarch: kernel-doc-2.6.32-358.46.2.el6.noarch.rpm kernel-firmware-2.6.32-358.46.2.el6.noarch.rpm ppc64: kernel-2.6.32-358.46.2.el6.ppc64.rpm kernel-bootwrapper-2.6.32-358.46.2.el6.ppc64.rpm kernel-debug-2.6.32-358.46.2.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm kernel-debug-devel-2.6.32-358.46.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.46.2.el6.ppc64.rpm kernel-devel-2.6.32-358.46.2.el6.ppc64.rpm kernel-headers-2.6.32-358.46.2.el6.ppc64.rpm perf-2.6.32-358.46.2.el6.ppc64.rpm perf-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm s390x: kernel-2.6.32-358.46.2.el6.s390x.rpm kernel-debug-2.6.32-358.46.2.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-358.46.2.el6.s390x.rpm kernel-debug-devel-2.6.32-358.46.2.el6.s390x.rpm kernel-debuginfo-2.6.32-358.46.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.46.2.el6.s390x.rpm kernel-devel-2.6.32-358.46.2.el6.s390x.rpm kernel-headers-2.6.32-358.46.2.el6.s390x.rpm kernel-kdump-2.6.32-358.46.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.46.2.el6.s390x.rpm kernel-kdump-devel-2.6.32-358.46.2.el6.s390x.rpm perf-2.6.32-358.46.2.el6.s390x.rpm perf-debuginfo-2.6.32-358.46.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.s390x.rpm x86_64: kernel-2.6.32-358.46.2.el6.x86_64.rpm kernel-debug-2.6.32-358.46.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.46.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.46.2.el6.x86_64.rpm kernel-devel-2.6.32-358.46.2.el6.x86_64.rpm kernel-headers-2.6.32-358.46.2.el6.x86_64.rpm perf-2.6.32-358.46.2.el6.x86_64.rpm perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.4): Source: kernel-2.6.32-358.46.2.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-358.46.2.el6.i686.rpm kernel-debuginfo-2.6.32-358.46.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.46.2.el6.i686.rpm perf-debuginfo-2.6.32-358.46.2.el6.i686.rpm python-perf-2.6.32-358.46.2.el6.i686.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.46.2.el6.ppc64.rpm perf-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm python-perf-2.6.32-358.46.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-358.46.2.el6.s390x.rpm kernel-debuginfo-2.6.32-358.46.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.46.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.46.2.el6.s390x.rpm perf-debuginfo-2.6.32-358.46.2.el6.s390x.rpm python-perf-2.6.32-358.46.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.46.2.el6.x86_64.rpm perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm python-perf-2.6.32-358.46.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-4699.html https://www.redhat.com/security/data/cve/CVE-2014-4943.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTz/EYXlSAg2UNWIIRAiuKAJ98eISgIn5+vjKo0S7j9LGHrUsf/ACfavFC SoIlTl1GLifWp9hoHRvRkYo= =6jKo -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 23 17:30:54 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jul 2014 17:30:54 +0000 Subject: [RHSA-2014:0926-01] Moderate: kernel security and bug fix update Message-ID: <201407231730.s6NHUsHq019641@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security and bug fix update Advisory ID: RHSA-2014:0926-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0926.html Issue date: 2014-07-23 CVE Names: CVE-2014-2678 CVE-2014-4021 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate) * It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself. (CVE-2014-4021, Moderate) Red Hat would like to thank the Xen project for reporting CVE-2014-4021. Upstream acknowledges Jan Beulich as the original reporter. This update also fixes the following bugs: * A bug in the journaling block device (jbd and jbd2) code could, under certain circumstances, trigger a BUG_ON() assertion and result in a kernel oops. This happened when an application performed an extensive number of commits to the journal of the ext3 file system and there was no currently active transaction while synchronizing the file's in-core state. This problem has been resolved by correcting respective test conditions in the jbd and jbd2 code. (BZ#1097528) * After a statically defined gateway became unreachable and its corresponding neighbor entry entered a FAILED state, the gateway stayed in the FAILED state even after it became reachable again. As a consequence, traffic was not routed through that gateway. This update allows probing such a gateway automatically so that the traffic can be routed through this gateway again once it becomes reachable. (BZ#1106354) * Due to an incorrect condition check in the IPv6 code, the ipv6 driver was unable to correctly assemble incoming packet fragments, which resulted in a high IPv6 packet loss rate. This update fixes the said check for a fragment overlap and ensures that incoming IPv6 packet fragments are now processed as expected. (BZ#1107932) * Recent changes in the d_splice_alias() function introduced a bug that allowed d_splice_alias() to return a dentry from a different directory than the directory being looked up. As a consequence in cluster environment, a kernel panic could be triggered when a directory was being removed while a concurrent cross-directory operation was performed on this directory on another cluster node. This update avoids the kernel panic in this situation by correcting the search logic in the d_splice_alias() function so that the function can no longer return a dentry from an incorrect directory. (BZ#1109720) * The NFSv4 server did not handle multiple OPEN operations to the same file separately, which could cause the NFSv4 client to repeatedly send CLOSE requests with the same state ID, even though the NFS server rejected the request with an NFS4ERR_OLD_STATEID (10024) error code. This update ensures that the NFSv4 client no longer re-sends the same CLOSE request after receiving NFS4ERR_OLD_STATEID. (BZ#1113468) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1083274 - CVE-2014-2678 kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check() 1103646 - CVE-2014-4021 xen: Hypervisor heap contents leaked to guests (xsa-100) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: kernel-2.6.18-371.11.1.el5.src.rpm i386: kernel-2.6.18-371.11.1.el5.i686.rpm kernel-PAE-2.6.18-371.11.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-371.11.1.el5.i686.rpm kernel-PAE-devel-2.6.18-371.11.1.el5.i686.rpm kernel-debug-2.6.18-371.11.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-371.11.1.el5.i686.rpm kernel-debug-devel-2.6.18-371.11.1.el5.i686.rpm kernel-debuginfo-2.6.18-371.11.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-371.11.1.el5.i686.rpm kernel-devel-2.6.18-371.11.1.el5.i686.rpm kernel-headers-2.6.18-371.11.1.el5.i386.rpm kernel-xen-2.6.18-371.11.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-371.11.1.el5.i686.rpm kernel-xen-devel-2.6.18-371.11.1.el5.i686.rpm noarch: kernel-doc-2.6.18-371.11.1.el5.noarch.rpm x86_64: kernel-2.6.18-371.11.1.el5.x86_64.rpm kernel-debug-2.6.18-371.11.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-371.11.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-371.11.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-371.11.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-371.11.1.el5.x86_64.rpm kernel-devel-2.6.18-371.11.1.el5.x86_64.rpm kernel-headers-2.6.18-371.11.1.el5.x86_64.rpm kernel-xen-2.6.18-371.11.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-371.11.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-371.11.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: kernel-2.6.18-371.11.1.el5.src.rpm i386: kernel-2.6.18-371.11.1.el5.i686.rpm kernel-PAE-2.6.18-371.11.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-371.11.1.el5.i686.rpm kernel-PAE-devel-2.6.18-371.11.1.el5.i686.rpm kernel-debug-2.6.18-371.11.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-371.11.1.el5.i686.rpm kernel-debug-devel-2.6.18-371.11.1.el5.i686.rpm kernel-debuginfo-2.6.18-371.11.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-371.11.1.el5.i686.rpm kernel-devel-2.6.18-371.11.1.el5.i686.rpm kernel-headers-2.6.18-371.11.1.el5.i386.rpm kernel-xen-2.6.18-371.11.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-371.11.1.el5.i686.rpm kernel-xen-devel-2.6.18-371.11.1.el5.i686.rpm ia64: kernel-2.6.18-371.11.1.el5.ia64.rpm kernel-debug-2.6.18-371.11.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-371.11.1.el5.ia64.rpm kernel-debug-devel-2.6.18-371.11.1.el5.ia64.rpm kernel-debuginfo-2.6.18-371.11.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-371.11.1.el5.ia64.rpm kernel-devel-2.6.18-371.11.1.el5.ia64.rpm kernel-headers-2.6.18-371.11.1.el5.ia64.rpm kernel-xen-2.6.18-371.11.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-371.11.1.el5.ia64.rpm kernel-xen-devel-2.6.18-371.11.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-371.11.1.el5.noarch.rpm ppc: kernel-2.6.18-371.11.1.el5.ppc64.rpm kernel-debug-2.6.18-371.11.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-371.11.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-371.11.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-371.11.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-371.11.1.el5.ppc64.rpm kernel-devel-2.6.18-371.11.1.el5.ppc64.rpm kernel-headers-2.6.18-371.11.1.el5.ppc.rpm kernel-headers-2.6.18-371.11.1.el5.ppc64.rpm kernel-kdump-2.6.18-371.11.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-371.11.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-371.11.1.el5.ppc64.rpm s390x: kernel-2.6.18-371.11.1.el5.s390x.rpm kernel-debug-2.6.18-371.11.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-371.11.1.el5.s390x.rpm kernel-debug-devel-2.6.18-371.11.1.el5.s390x.rpm kernel-debuginfo-2.6.18-371.11.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-371.11.1.el5.s390x.rpm kernel-devel-2.6.18-371.11.1.el5.s390x.rpm kernel-headers-2.6.18-371.11.1.el5.s390x.rpm kernel-kdump-2.6.18-371.11.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-371.11.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-371.11.1.el5.s390x.rpm x86_64: kernel-2.6.18-371.11.1.el5.x86_64.rpm kernel-debug-2.6.18-371.11.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-371.11.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-371.11.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-371.11.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-371.11.1.el5.x86_64.rpm kernel-devel-2.6.18-371.11.1.el5.x86_64.rpm kernel-headers-2.6.18-371.11.1.el5.x86_64.rpm kernel-xen-2.6.18-371.11.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-371.11.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-371.11.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-2678.html https://www.redhat.com/security/data/cve/CVE-2014-4021.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTz/E2XlSAg2UNWIIRAqgiAKCN8wsC7Ekd/yMYQW43Qm1mVtMHhgCbBH+N aJQ1szu++kF5EQ0yZ8hU+M4= =gCgj -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 23 17:33:26 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jul 2014 17:33:26 +0000 Subject: [RHSA-2014:0927-01] Moderate: qemu-kvm security and bug fix update Message-ID: <201407231733.s6NHXQ3k019955@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qemu-kvm security and bug fix update Advisory ID: RHSA-2014:0927-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0927.html Issue date: 2014-07-23 CVE Names: CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4527 CVE-2013-4529 CVE-2013-4535 CVE-2013-4536 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 ===================================================================== 1. Summary: Updated qemu-kvm packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use either of these flaws to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0222, CVE-2014-0223) Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way virtio, virtio-net, virtio-scsi, usb, and hpet drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4527, CVE-2013-4529, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) These issues were discovered by Michael S. Tsirkin, Anthony Liguori and Michael Roth of Red Hat: CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4527, CVE-2013-4529, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, and CVE-2014-3461. This update also fixes the following bugs: * Previously, QEMU did not free pre-allocated zero clusters correctly and the clusters under some circumstances leaked. With this update, pre-allocated zero clusters are freed appropriately and the cluster leaks no longer occur. (BZ#1110188) * Prior to this update, the QEMU command interface did not properly handle resizing of cache memory during guest migration, causing QEMU to terminate unexpectedly with a segmentation fault and QEMU to fail. This update fixes the related code and QEMU no longer crashes in the described situation. (BZ#1110191) * Previously, when a guest device was hot unplugged, QEMU correctly removed the corresponding file descriptor watch but did not re-create it after the device was re-connected. As a consequence, the guest became unable to receive any data from the host over this device. With this update, the file descriptor's watch is re-created and the guest in the above scenario can communicate with the host as expected. (BZ#1110219) * Previously, the QEMU migration code did not account for the gaps caused by hot unplugged devices and thus expected more memory to be transferred during migrations. As a consequence, guest migration failed to complete after multiple devices were hot unplugged. In addition, the migration info text displayed erroneous values for the "remaining ram" item. With this update, QEMU calculates memory after a device has been unplugged correctly, and any subsequent guest migrations proceed as expected. (BZ#1110189) All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1066334 - CVE-2013-4148 qemu: virtio-net: buffer overflow on invalid state load 1066337 - CVE-2013-4149 qemu: virtio-net: out-of-bounds buffer write on load 1066340 - CVE-2013-4150 qemu: virtio-net: out-of-bounds buffer write on invalid state load 1066342 - CVE-2013-4151 qemu: virtio: out-of-bounds buffer write on invalid state load 1066347 - CVE-2013-4527 qemu: hpet: buffer overrun on invalid state load 1066353 - CVE-2013-4529 qemu: hw/pci/pcie_aer.c: buffer overrun on invalid state load 1066361 - CVE-2013-6399 qemu: virtio: buffer overrun on incoming migration 1066382 - CVE-2013-4542 qemu: virtio-scsi: buffer overrun on invalid state load 1066384 - CVE-2013-4541 qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load 1066401 - CVE-2013-4535 CVE-2013-4536 qemu: virtio: insufficient validation of num_sg when mapping 1088986 - CVE-2014-0182 qemu: virtio: out-of-bounds buffer write on state load with invalid config_len 1096821 - CVE-2014-3461 Qemu: usb: fix up post load checks 1097216 - CVE-2014-0222 Qemu: qcow1: validate L2 table size to avoid integer overflows 1097222 - CVE-2014-0223 Qemu: qcow1: validate image size to avoid out-of-bounds memory access 1110188 - qcow2 corruptions (leaked clusters after installing a rhel7 guest using virtio_scsi) 1110189 - migration can not finish with 1024k 'remaining ram' left after hotunplug 4 nics 1110191 - Reduce the migrate cache size during migration causes qemu segment fault 1110219 - Guest can't receive any character transmitted from host after hot unplugging virtserialport then hot plugging again 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: qemu-kvm-1.5.3-60.el7_0.5.src.rpm x86_64: libcacard-1.5.3-60.el7_0.5.i686.rpm libcacard-1.5.3-60.el7_0.5.x86_64.rpm qemu-guest-agent-1.5.3-60.el7_0.5.x86_64.rpm qemu-img-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.5.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libcacard-devel-1.5.3-60.el7_0.5.i686.rpm libcacard-devel-1.5.3-60.el7_0.5.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: qemu-kvm-1.5.3-60.el7_0.5.src.rpm x86_64: qemu-guest-agent-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libcacard-1.5.3-60.el7_0.5.i686.rpm libcacard-1.5.3-60.el7_0.5.x86_64.rpm libcacard-devel-1.5.3-60.el7_0.5.i686.rpm libcacard-devel-1.5.3-60.el7_0.5.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.5.x86_64.rpm qemu-img-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.5.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: qemu-kvm-1.5.3-60.el7_0.5.src.rpm x86_64: libcacard-1.5.3-60.el7_0.5.i686.rpm libcacard-1.5.3-60.el7_0.5.x86_64.rpm qemu-guest-agent-1.5.3-60.el7_0.5.x86_64.rpm qemu-img-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): x86_64: libcacard-devel-1.5.3-60.el7_0.5.i686.rpm libcacard-devel-1.5.3-60.el7_0.5.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: qemu-kvm-1.5.3-60.el7_0.5.src.rpm x86_64: libcacard-1.5.3-60.el7_0.5.i686.rpm libcacard-1.5.3-60.el7_0.5.x86_64.rpm qemu-guest-agent-1.5.3-60.el7_0.5.x86_64.rpm qemu-img-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libcacard-devel-1.5.3-60.el7_0.5.i686.rpm libcacard-devel-1.5.3-60.el7_0.5.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.5.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-4148.html https://www.redhat.com/security/data/cve/CVE-2013-4149.html https://www.redhat.com/security/data/cve/CVE-2013-4150.html https://www.redhat.com/security/data/cve/CVE-2013-4151.html https://www.redhat.com/security/data/cve/CVE-2013-4527.html https://www.redhat.com/security/data/cve/CVE-2013-4529.html https://www.redhat.com/security/data/cve/CVE-2013-4535.html https://www.redhat.com/security/data/cve/CVE-2013-4536.html https://www.redhat.com/security/data/cve/CVE-2013-4541.html https://www.redhat.com/security/data/cve/CVE-2013-4542.html https://www.redhat.com/security/data/cve/CVE-2013-6399.html https://www.redhat.com/security/data/cve/CVE-2014-0182.html https://www.redhat.com/security/data/cve/CVE-2014-0222.html https://www.redhat.com/security/data/cve/CVE-2014-0223.html https://www.redhat.com/security/data/cve/CVE-2014-3461.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTz/HcXlSAg2UNWIIRAg3JAJ9hdSQpwiCcWGcnAnciDZgsVGTW5gCfRAMV 3uH1H6+IOWo4TpNLXNxvUlg= =vcBq -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 24 17:46:03 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 24 Jul 2014 17:46:03 +0000 Subject: [RHSA-2014:0939-01] Moderate: python-django-horizon security, bug fix, and enhancement update Message-ID: <201407241746.s6OHk3rU010079@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python-django-horizon security, bug fix, and enhancement update Advisory ID: RHSA-2014:0939-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0939.html Issue date: 2014-07-24 CVE Names: CVE-2014-3473 CVE-2014-3474 CVE-2014-3475 ===================================================================== 1. Summary: Updated python-django-horizon packages that fix three security issues, multiple bugs, and add an enhancement are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: OpenStack 5.0 for RHEL 7 - noarch 3. Description: OpenStack Dashboard (Horizon) provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. A cross-site scripting (XSS) flaw was found in the way orchestration templates were handled. An owner of such a template could use this flaw to perform XSS attacks against other Horizon users. (CVE-2014-3473) It was found that network names were not sanitized. A malicious user could use this flaw to perform XSS attacks against other Horizon users by creating a network with a specially crafted name. (CVE-2014-3474) It was found that certain email addresses were not sanitized. An administrator could use this flaw to perform XSS attacks against other Horizon users by storing an email address that has a specially crafted name. (CVE-2014-3475) Red Hat would like to thank the OpenStack project for reporting these issues. Upstream acknowledges Jason Hullinger from Hewlett Packard as the original reporter of CVE-2014-3473, Craig Lorentzen from Cisco as the original reporter of CVE-2014-3474, and Michael Xin from Rackspace as the original reporter of CVE-2014-3475. This update also fixes the following bugs: * The python-django-horizon package has been updated to upstream version 2014.1.1. This includes several important bug fixes, including an issue that prevented access to Swift pseudo-folders through the Dashboard, and an issue that prevented instances from being launched when using the French locale (or other locales that use apostrophes). (BZ#1117901) Lastly, this update also adds the following enhancement: * A new "Update" option has been added for OpenStack Networking VPNaaS support for Dashboard. This makes it easier to use Virtual Private Network as a Service (VPNaaS). (BZ#1042030) All python-django-horizon users are advised to upgrade to these updated packages, which correct these issues and add this enhancement. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1042030 - [RFE][horizon]: 'Update' options for Neutron VPNaaS Horizon Support 1116090 - CVE-2014-3473 CVE-2014-3474 CVE-2014-3475 openstack-horizon: multiple XSS flaws 1117901 - Rebase python-django-horizon to 2014.1.1 6. Package List: OpenStack 5.0 for RHEL 7: Source: python-django-horizon-2014.1.1-2.el7ost.src.rpm noarch: openstack-dashboard-2014.1.1-2.el7ost.noarch.rpm openstack-dashboard-theme-2014.1.1-2.el7ost.noarch.rpm python-django-horizon-2014.1.1-2.el7ost.noarch.rpm python-django-horizon-doc-2014.1.1-2.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3473.html https://www.redhat.com/security/data/cve/CVE-2014-3474.html https://www.redhat.com/security/data/cve/CVE-2014-3475.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFT0UYAXlSAg2UNWIIRArS5AJ9j+HKJv0kdBoNOV9xK9oEM0RYqZwCglcc5 rVr4TZIPbLWLsXb1dpHJx2M= =i+mY -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 24 17:46:53 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 24 Jul 2014 17:46:53 +0000 Subject: [RHSA-2014:0940-01] Moderate: openstack-nova security and bug fix update Message-ID: <201407241746.s6OHkrdl025274@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openstack-nova security and bug fix update Advisory ID: RHSA-2014:0940-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0940.html Issue date: 2014-07-24 CVE Names: CVE-2014-3517 ===================================================================== 1. Summary: Updated openstack-nova packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: OpenStack 5.0 for RHEL 7 - noarch 3. Description: OpenStack Compute (Nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. A side-channel timing attack flaw was found in Nova. An attacker could possibly use this flaw to guess valid instance ID signatures, giving them access to details of another instance, by analyzing the response times of requests for instance metadata. This issue only affected configurations that proxy metadata requests via Neutron. (CVE-2014-3517) Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges Alex Gaynor from Rackspace as the original reporter. This update also fixes the following bugs: * The GlusterFS driver changes the file name used to point to a volume when a snapshot is changed, but in the past the new file name was not stored in Compute's block device information. As a result, if the VM was shut down and started again, the old file name in the snapshot chain was used, resulting in corruption of the qcow2 chain and unexpected results in the instance. This has been fixed by persisting the new file name in Compute's block device info when a snapshot is created. Now, GlusterFS volumes work as expected after creating or deleting a snapshot and then rebooting the instance. (BZ#1085852) * Previously, in some cases, it may not have been possible to attach a read-only volume to an instance. (BZ#1100358) * The sysfsutils package enables the Compute service to attach Block Storage volumes. This package is automatically installed by PackStack. However, sysfsutils was not a dependency of the Compute service; as such, when not using PackStack, it was possible to deploy OpenStack without sysfsutils installed. When this occurred, the Compute service was unable to attach Block Storage volumes. With this release, the sysfsutils package is now a dependency of the Compute service. This ensures that sysfsutils is installed, regardless of what deployment method is used. (BZ#1114637) * An issue with Fibre Channel Cinder volumes not being removed after the image has been destroyed has been fixed. (BZ#1115375) * This update fixes legacy group support, allowing you to provide a group by name in the scheduler hint instead of using the new server groups API. (BZ#1116866) * The openstack-nova package has been updated to upstream version 2014.1.1, which fixes a number of bugs. (BZ#1117895) All openstack-nova users are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1085852 - GlusterFS: Instance is not using the correct snapshot backing file after reboot 1100358 - can't attach a read only volume to an instance 1112499 - CVE-2014-3517 openstack-nova: timing attack issue allows access to other instances' configuration information 1114637 - sysfsutils needs to be a dependency of OpenStack nova 1115375 - FC cinder volumes still show mpath device on nova host after volumes are detached from instance. 1116866 - Fix legacy server group support 1117895 - Rebase openstack-nova to 2014.1.1 6. Package List: OpenStack 5.0 for RHEL 7: Source: openstack-nova-2014.1.1-4.el7ost.src.rpm noarch: openstack-nova-2014.1.1-4.el7ost.noarch.rpm openstack-nova-api-2014.1.1-4.el7ost.noarch.rpm openstack-nova-cells-2014.1.1-4.el7ost.noarch.rpm openstack-nova-cert-2014.1.1-4.el7ost.noarch.rpm openstack-nova-common-2014.1.1-4.el7ost.noarch.rpm openstack-nova-compute-2014.1.1-4.el7ost.noarch.rpm openstack-nova-conductor-2014.1.1-4.el7ost.noarch.rpm openstack-nova-console-2014.1.1-4.el7ost.noarch.rpm openstack-nova-doc-2014.1.1-4.el7ost.noarch.rpm openstack-nova-network-2014.1.1-4.el7ost.noarch.rpm openstack-nova-novncproxy-2014.1.1-4.el7ost.noarch.rpm openstack-nova-objectstore-2014.1.1-4.el7ost.noarch.rpm openstack-nova-scheduler-2014.1.1-4.el7ost.noarch.rpm python-nova-2014.1.1-4.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3517.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFT0UZwXlSAg2UNWIIRAv87AKCnXO3C7Qn8UfdtIqa89ie8PKBpRACghG6x KvN+O805m1KVn/PiZvto1ME= =YexK -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 24 17:47:35 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 24 Jul 2014 17:47:35 +0000 Subject: [RHSA-2014:0941-01] Moderate: openstack-swift security update Message-ID: <201407241747.s6OHlZ08024252@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openstack-swift security update Advisory ID: RHSA-2014:0941-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0941.html Issue date: 2014-07-24 CVE Names: CVE-2014-3497 ===================================================================== 1. Summary: Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: OpenStack 5.0 for RHEL 7 - noarch 3. Description: OpenStack Object Storage (Swift) provides object storage in virtual containers, which allows users to store and retrieve files (arbitrary data). It was found that Swift did not escape all HTTP header values, allowing data to be injected into the responses sent from the Swift server. This could lead to cross-site scripting attacks (and possibly other impacts) if a user were tricked into clicking on a malicious URL. (CVE-2014-3497) Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges the Globo.com Security Team as the original reporter. All users of openstack-swift are advised to upgrade to these updated packages, which correct this issue. After installing this update, the OpenStack Object Storage services will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1110809 - CVE-2014-3497 openstack-swift: XSS in Swift requests through WWW-Authenticate header 6. Package List: OpenStack 5.0 for RHEL 7: Source: openstack-swift-1.13.1-3.el7ost.src.rpm python-swiftclient-2.1.0-2.el7ost.src.rpm noarch: openstack-swift-1.13.1-3.el7ost.noarch.rpm openstack-swift-account-1.13.1-3.el7ost.noarch.rpm openstack-swift-container-1.13.1-3.el7ost.noarch.rpm openstack-swift-doc-1.13.1-3.el7ost.noarch.rpm openstack-swift-object-1.13.1-3.el7ost.noarch.rpm openstack-swift-proxy-1.13.1-3.el7ost.noarch.rpm python-swiftclient-2.1.0-2.el7ost.noarch.rpm python-swiftclient-doc-2.1.0-2.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3497.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFT0UaeXlSAg2UNWIIRAiv8AKCywby657VG16WLkc7O56JOQJu4RwCgwUBn UGHpHd7kAPplRBVzkbLe1ck= =JmX7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 24 20:45:45 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 24 Jul 2014 20:45:45 +0000 Subject: [RHSA-2014:0888-01] Moderate: qemu-kvm-rhev security update Message-ID: <201407242045.s6OKjjDH009450@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qemu-kvm-rhev security update Advisory ID: RHSA-2014:0888-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0888.html Issue date: 2014-07-24 CVE Names: CVE-2013-4148 CVE-2013-4151 CVE-2013-4535 CVE-2013-4536 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-2894 CVE-2014-3461 ===================================================================== 1. Summary: Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0 and 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 3.0 - x86_64 Red Hat Enterprise Linux OpenStack Platform 4.0 - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Linux OpenStack Platform. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way the virtio, virtio-net, virtio-scsi, and usb drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-2894) These issues were discovered by Michael S. Tsirkin, Anthony Liguori and Michael Roth of Red Hat: CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, and CVE-2014-3461. All users of qemu-kvm-rhev are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1066334 - CVE-2013-4148 qemu: virtio-net: buffer overflow on invalid state load 1066342 - CVE-2013-4151 qemu: virtio: out-of-bounds buffer write on invalid state load 1066361 - CVE-2013-6399 qemu: virtio: buffer overrun on incoming migration 1066382 - CVE-2013-4542 qemu: virtio-scsi: buffer overrun on invalid state load 1066384 - CVE-2013-4541 qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load 1066401 - CVE-2013-4535 CVE-2013-4536 qemu: virtio: insufficient validation of num_sg when mapping 1087971 - CVE-2014-2894 QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART 1088986 - CVE-2014-0182 qemu: virtio: out-of-bounds buffer write on state load with invalid config_len 1096821 - CVE-2014-3461 Qemu: usb: fix up post load checks 6. Package List: Red Hat Enterprise Linux OpenStack Platform 3.0: Source: qemu-kvm-rhev-0.12.1.2-2.415.el6_5.10.src.rpm x86_64: qemu-img-rhev-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-rhev-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-rhev-debuginfo-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-rhev-tools-0.12.1.2-2.415.el6_5.10.x86_64.rpm Red Hat Enterprise Linux OpenStack Platform 4.0: Source: qemu-kvm-rhev-0.12.1.2-2.415.el6_5.10.src.rpm x86_64: qemu-img-rhev-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-rhev-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-rhev-debuginfo-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-rhev-tools-0.12.1.2-2.415.el6_5.10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-4148.html https://www.redhat.com/security/data/cve/CVE-2013-4151.html https://www.redhat.com/security/data/cve/CVE-2013-4535.html https://www.redhat.com/security/data/cve/CVE-2013-4536.html https://www.redhat.com/security/data/cve/CVE-2013-4541.html https://www.redhat.com/security/data/cve/CVE-2013-4542.html https://www.redhat.com/security/data/cve/CVE-2013-6399.html https://www.redhat.com/security/data/cve/CVE-2014-0182.html https://www.redhat.com/security/data/cve/CVE-2014-2894.html https://www.redhat.com/security/data/cve/CVE-2014-3461.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFT0XBoXlSAg2UNWIIRAhlHAKCHBXaY1vf3kBNFVwt7ZNLepEQNywCglGPR IRHBWiV516oMkJBYRRgQEzU= =TOtM -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jul 28 16:22:13 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 28 Jul 2014 16:22:13 +0000 Subject: [RHSA-2014:0949-01] Important: kernel security update Message-ID: <201407281613.s6SGDlA5025240@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2014:0949-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0949.html Issue date: 2014-07-28 CVE Names: CVE-2014-4699 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AUS (v. 6.2 server) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important) Note: The CVE-2014-4699 issue only affected systems using an Intel CPU. Red Hat would like to thank Andy Lutomirski for reporting this issue. All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address 6. Package List: Red Hat Enterprise Linux AUS (v. 6.2 server): Source: kernel-2.6.32-220.53.1.el6.src.rpm noarch: kernel-doc-2.6.32-220.53.1.el6.noarch.rpm kernel-firmware-2.6.32-220.53.1.el6.noarch.rpm x86_64: kernel-2.6.32-220.53.1.el6.x86_64.rpm kernel-debug-2.6.32-220.53.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.53.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.53.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.53.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.53.1.el6.x86_64.rpm kernel-devel-2.6.32-220.53.1.el6.x86_64.rpm kernel-headers-2.6.32-220.53.1.el6.x86_64.rpm perf-2.6.32-220.53.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.53.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.53.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: kernel-2.6.32-220.53.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.53.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.53.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.53.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.53.1.el6.x86_64.rpm python-perf-2.6.32-220.53.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.53.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-4699.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFT1naTXlSAg2UNWIIRAncMAJ9HGsMOV37EAY7i0/qkYW/0S2lJfQCfVXX0 smNEtglI8vf59EN1tWVhfqo= =HXMI -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 29 15:57:07 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 29 Jul 2014 15:57:07 +0000 Subject: [RHSA-2014:0981-01] Important: kernel security, bug fix, and enhancement update Message-ID: <201407291557.s6TFv73H021397@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2014:0981-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0981.html Issue date: 2014-07-29 CVE Names: CVE-2012-6647 CVE-2013-7339 CVE-2014-2672 CVE-2014-2678 CVE-2014-2706 CVE-2014-2851 CVE-2014-3144 CVE-2014-3145 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2851, Important) * A NULL pointer dereference flaw was found in the way the futex_wait_requeue_pi() function of the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to crash the system. (CVE-2012-6647, Moderate) * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) * It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter. (CVE-2014-2672, Moderate) * A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate) * A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system. (CVE-2014-2706, Moderate) * An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145, Moderate) This update also fixes several bugs and adds one enhancement. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1079214 - CVE-2013-7339 kernel: net: rds: dereference of a NULL device in rds_ib_laddr_check() 1083246 - CVE-2014-2672 kernel: ath9k: tid->sched race in ath_tx_aggr_sleep() 1083274 - CVE-2014-2678 kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check() 1083512 - CVE-2014-2706 Kernel: net: mac80211: crash dues to AP powersave TX vs. wakeup race 1086730 - CVE-2014-2851 kernel: net: ping: refcount issue in ping_init_sock() function 1096775 - CVE-2014-3144 CVE-2014-3145 Kernel: filter: prevent nla extensions to peek beyond the end of the message 1097746 - CVE-2012-6647 Kernel: futex: forbid uaddr == uaddr2 in futex_wait_requeue_pi() 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-431.23.3.el6.src.rpm i386: kernel-2.6.32-431.23.3.el6.i686.rpm kernel-debug-2.6.32-431.23.3.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debug-devel-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.23.3.el6.i686.rpm kernel-devel-2.6.32-431.23.3.el6.i686.rpm kernel-headers-2.6.32-431.23.3.el6.i686.rpm perf-2.6.32-431.23.3.el6.i686.rpm perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.23.3.el6.noarch.rpm kernel-doc-2.6.32-431.23.3.el6.noarch.rpm kernel-firmware-2.6.32-431.23.3.el6.noarch.rpm x86_64: kernel-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6.x86_64.rpm kernel-devel-2.6.32-431.23.3.el6.x86_64.rpm kernel-headers-2.6.32-431.23.3.el6.x86_64.rpm perf-2.6.32-431.23.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: kernel-2.6.32-431.23.3.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.23.3.el6.i686.rpm perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm python-perf-2.6.32-431.23.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm python-perf-2.6.32-431.23.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-431.23.3.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-431.23.3.el6.noarch.rpm kernel-doc-2.6.32-431.23.3.el6.noarch.rpm kernel-firmware-2.6.32-431.23.3.el6.noarch.rpm x86_64: kernel-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6.x86_64.rpm kernel-devel-2.6.32-431.23.3.el6.x86_64.rpm kernel-headers-2.6.32-431.23.3.el6.x86_64.rpm perf-2.6.32-431.23.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: kernel-2.6.32-431.23.3.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm python-perf-2.6.32-431.23.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-431.23.3.el6.src.rpm i386: kernel-2.6.32-431.23.3.el6.i686.rpm kernel-debug-2.6.32-431.23.3.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debug-devel-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.23.3.el6.i686.rpm kernel-devel-2.6.32-431.23.3.el6.i686.rpm kernel-headers-2.6.32-431.23.3.el6.i686.rpm perf-2.6.32-431.23.3.el6.i686.rpm perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.23.3.el6.noarch.rpm kernel-doc-2.6.32-431.23.3.el6.noarch.rpm kernel-firmware-2.6.32-431.23.3.el6.noarch.rpm ppc64: kernel-2.6.32-431.23.3.el6.ppc64.rpm kernel-bootwrapper-2.6.32-431.23.3.el6.ppc64.rpm kernel-debug-2.6.32-431.23.3.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.ppc64.rpm kernel-debug-devel-2.6.32-431.23.3.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.23.3.el6.ppc64.rpm kernel-devel-2.6.32-431.23.3.el6.ppc64.rpm kernel-headers-2.6.32-431.23.3.el6.ppc64.rpm perf-2.6.32-431.23.3.el6.ppc64.rpm perf-debuginfo-2.6.32-431.23.3.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.ppc64.rpm s390x: kernel-2.6.32-431.23.3.el6.s390x.rpm kernel-debug-2.6.32-431.23.3.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.s390x.rpm kernel-debug-devel-2.6.32-431.23.3.el6.s390x.rpm kernel-debuginfo-2.6.32-431.23.3.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.23.3.el6.s390x.rpm kernel-devel-2.6.32-431.23.3.el6.s390x.rpm kernel-headers-2.6.32-431.23.3.el6.s390x.rpm kernel-kdump-2.6.32-431.23.3.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.23.3.el6.s390x.rpm kernel-kdump-devel-2.6.32-431.23.3.el6.s390x.rpm perf-2.6.32-431.23.3.el6.s390x.rpm perf-debuginfo-2.6.32-431.23.3.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.s390x.rpm x86_64: kernel-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6.x86_64.rpm kernel-devel-2.6.32-431.23.3.el6.x86_64.rpm kernel-headers-2.6.32-431.23.3.el6.x86_64.rpm perf-2.6.32-431.23.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: kernel-2.6.32-431.23.3.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.23.3.el6.i686.rpm perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm python-perf-2.6.32-431.23.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-431.23.3.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.23.3.el6.ppc64.rpm perf-debuginfo-2.6.32-431.23.3.el6.ppc64.rpm python-perf-2.6.32-431.23.3.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-431.23.3.el6.s390x.rpm kernel-debuginfo-2.6.32-431.23.3.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.23.3.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.23.3.el6.s390x.rpm perf-debuginfo-2.6.32-431.23.3.el6.s390x.rpm python-perf-2.6.32-431.23.3.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm python-perf-2.6.32-431.23.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-431.23.3.el6.src.rpm i386: kernel-2.6.32-431.23.3.el6.i686.rpm kernel-debug-2.6.32-431.23.3.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debug-devel-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.23.3.el6.i686.rpm kernel-devel-2.6.32-431.23.3.el6.i686.rpm kernel-headers-2.6.32-431.23.3.el6.i686.rpm perf-2.6.32-431.23.3.el6.i686.rpm perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.23.3.el6.noarch.rpm kernel-doc-2.6.32-431.23.3.el6.noarch.rpm kernel-firmware-2.6.32-431.23.3.el6.noarch.rpm x86_64: kernel-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6.x86_64.rpm kernel-devel-2.6.32-431.23.3.el6.x86_64.rpm kernel-headers-2.6.32-431.23.3.el6.x86_64.rpm perf-2.6.32-431.23.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: kernel-2.6.32-431.23.3.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.23.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.23.3.el6.i686.rpm perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm python-perf-2.6.32-431.23.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm python-perf-2.6.32-431.23.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.23.3.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-6647.html https://www.redhat.com/security/data/cve/CVE-2013-7339.html https://www.redhat.com/security/data/cve/CVE-2014-2672.html https://www.redhat.com/security/data/cve/CVE-2014-2678.html https://www.redhat.com/security/data/cve/CVE-2014-2706.html https://www.redhat.com/security/data/cve/CVE-2014-2851.html https://www.redhat.com/security/data/cve/CVE-2014-3144.html https://www.redhat.com/security/data/cve/CVE-2014-3145.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/kernel.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFT18QqXlSAg2UNWIIRAsNnAJ0dqXDIxbJ8rPobWrWqrCAnx8LXGgCfW+Vj 96cMoW4gII4mTCzCcHnQfcI= =fPOP -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 31 15:22:26 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 31 Jul 2014 15:22:26 +0000 Subject: [RHSA-2014:0994-01] Important: openstack-keystone security update Message-ID: <201407311522.s6VFMQXY018095@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openstack-keystone security update Advisory ID: RHSA-2014:0994-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0994.html Issue date: 2014-07-31 CVE Names: CVE-2014-3476 CVE-2014-3520 ===================================================================== 1. Summary: Updated openstack-keystone packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0 and 4.0. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 3.0 - noarch Red Hat Enterprise Linux OpenStack Platform 4.0 - noarch 3. Description: The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins. A flaw was found in keystone's chained delegation. A trustee able to create a delegation from a trust or an OAuth token could misuse identity impersonation to bypass the enforced scope, possibly allowing them to obtain elevated privileges to the trustor's projects and roles. (CVE-2014-3476) A flaw was found in the way keystone handled trusts. A trustee could use an out-of-scope project ID to gain unauthorized access to a project if the trustor had the required roles for that requested project. (CVE-2014-3520) Red Hat would like to thank the OpenStack project for reporting CVE-2014-3520; upstream acknowledges Jamie Lennox of Red Hat as the original reporter. The CVE-2014-3476 issue was discovered by Steven Hardy of Red Hat. All openstack-keystone users are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1104524 - CVE-2014-3476 openstack-keystone: privilege escalation through trust chained delegation 1112668 - CVE-2014-3520 openstack-keystone: Keystone V2 trusts privilege escalation through user supplied project id 6. Package List: Red Hat Enterprise Linux OpenStack Platform 3.0: Source: openstack-keystone-2013.1.5-3.el6ost.src.rpm noarch: openstack-keystone-2013.1.5-3.el6ost.noarch.rpm openstack-keystone-doc-2013.1.5-3.el6ost.noarch.rpm python-keystone-2013.1.5-3.el6ost.noarch.rpm Red Hat Enterprise Linux OpenStack Platform 4.0: Source: openstack-keystone-2013.2.3-7.el6ost.src.rpm noarch: openstack-keystone-2013.2.3-7.el6ost.noarch.rpm openstack-keystone-doc-2013.2.3-7.el6ost.noarch.rpm python-keystone-2013.2.3-7.el6ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3476.html https://www.redhat.com/security/data/cve/CVE-2014-3520.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFT2l7RXlSAg2UNWIIRAiQIAJ9uNzO7yofB0FqgzFh/MhyHhFXFpgCgtB0J g6l2Wu2R5sHjs9TpBuQVR+Y= =nbzQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 31 23:59:34 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 31 Jul 2014 23:59:34 +0000 Subject: [RHSA-2014:0995-01] Low: Red Hat Enterprise Linux OpenStack Platform 3.0 Retirement Notice Message-ID: <201407312359.s6VNxYW7018819@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux OpenStack Platform 3.0 Retirement Notice Advisory ID: RHSA-2014:0995-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0995.html Issue date: 2014-07-31 ===================================================================== 1. Summary: This is the final notification for the retirement of Red Hat Enterprise Linux OpenStack Platform 3.0. 2. Description: In accordance with the Red Hat Enterprise Linux OpenStack Platform Support Policy, the one-year life cycle of Production Support for version 3 will end on July 31, 2014. On August 1, 2014, Red Hat Enterprise Linux OpenStack Platform version 3 will enter an inactive state and will no longer receive updated packages, including Critical-impact security patches or urgent-priority bug fixes. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to plan their migration from Red Hat Enterprise Linux OpenStack Platform 3.0 to a supported version of Red Hat Enterprise Linux OpenStack Platform. To upgrade to Red Hat Enterprise Linux OpenStack Platform version 4, see Chapter "Upgrading" in the Release Notes document linked to in the References section. Full details of the Red Hat Enterprise Linux OpenStack Platform Life Cycle can be found at https://access.redhat.com/support/policy/updates/openstack/platform/ 3. Solution: Customers are encouraged to plan their migration from Red Hat Enterprise Linux OpenStack Platform 3.0 to a supported version of Red Hat Enterprise Linux OpenStack Platform. 4. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/support/policy/updates/openstack/platform/ https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/4/html/Release_Notes/chap-OpenStackNotes-Upgrading.html 5. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFT2tgrXlSAg2UNWIIRAmBBAJ9Yu5VDDxR1+317I+YWDziLnguAPwCdFvmF 4CH8FFtSBk73oJvB77bOMS0= =YELW -----END PGP SIGNATURE-----