From bugzilla at redhat.com Tue Jun 3 16:34:43 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Jun 2014 16:34:43 +0000 Subject: [RHSA-2014:0593-01] Important: kernel security and bug fix update Message-ID: <201406031634.s53GYhdp028177@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:0593-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0593.html Issue date: 2014-06-03 CVE Names: CVE-2014-0077 CVE-2014-2523 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Compute Node EUS (v. 6.3) - noarch, x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.3) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.3) - i386, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat. This update also fixes the following bug: * Prior to this update, a guest-provided value was used as the head length of the socket buffer allocated on the host. If the host was under heavy memory load and the guest-provided value was too large, the allocation could have failed, resulting in stalls and packet drops in the guest's Tx path. With this update, the guest-provided value has been limited to a reasonable size so that socket buffer allocations on the host succeed regardless of the memory load on the host, and guests can send packets without experiencing packet drops or stalls. (BZ#1092350) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1064440 - CVE-2014-0077 kernel: vhost-net: insufficiency in handling of big packets in handle_rx() 1077343 - CVE-2014-2523 kernel: netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages 6. Package List: Red Hat Enterprise Linux Compute Node EUS (v. 6.3): Source: kernel-2.6.32-279.46.1.el6.src.rpm noarch: kernel-doc-2.6.32-279.46.1.el6.noarch.rpm kernel-firmware-2.6.32-279.46.1.el6.noarch.rpm x86_64: kernel-2.6.32-279.46.1.el6.x86_64.rpm kernel-debug-2.6.32-279.46.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.46.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.46.1.el6.x86_64.rpm kernel-devel-2.6.32-279.46.1.el6.x86_64.rpm kernel-headers-2.6.32-279.46.1.el6.x86_64.rpm perf-2.6.32-279.46.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3): Source: kernel-2.6.32-279.46.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.46.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm python-perf-2.6.32-279.46.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.3): Source: kernel-2.6.32-279.46.1.el6.src.rpm i386: kernel-2.6.32-279.46.1.el6.i686.rpm kernel-debug-2.6.32-279.46.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-279.46.1.el6.i686.rpm kernel-debug-devel-2.6.32-279.46.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.46.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.46.1.el6.i686.rpm kernel-devel-2.6.32-279.46.1.el6.i686.rpm kernel-headers-2.6.32-279.46.1.el6.i686.rpm perf-2.6.32-279.46.1.el6.i686.rpm perf-debuginfo-2.6.32-279.46.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.i686.rpm noarch: kernel-doc-2.6.32-279.46.1.el6.noarch.rpm kernel-firmware-2.6.32-279.46.1.el6.noarch.rpm ppc64: kernel-2.6.32-279.46.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-279.46.1.el6.ppc64.rpm kernel-debug-2.6.32-279.46.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-279.46.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-279.46.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-279.46.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-279.46.1.el6.ppc64.rpm kernel-devel-2.6.32-279.46.1.el6.ppc64.rpm kernel-headers-2.6.32-279.46.1.el6.ppc64.rpm perf-2.6.32-279.46.1.el6.ppc64.rpm perf-debuginfo-2.6.32-279.46.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.ppc64.rpm s390x: kernel-2.6.32-279.46.1.el6.s390x.rpm kernel-debug-2.6.32-279.46.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-279.46.1.el6.s390x.rpm kernel-debug-devel-2.6.32-279.46.1.el6.s390x.rpm kernel-debuginfo-2.6.32-279.46.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-279.46.1.el6.s390x.rpm kernel-devel-2.6.32-279.46.1.el6.s390x.rpm kernel-headers-2.6.32-279.46.1.el6.s390x.rpm kernel-kdump-2.6.32-279.46.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-279.46.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-279.46.1.el6.s390x.rpm perf-2.6.32-279.46.1.el6.s390x.rpm perf-debuginfo-2.6.32-279.46.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.s390x.rpm x86_64: kernel-2.6.32-279.46.1.el6.x86_64.rpm kernel-debug-2.6.32-279.46.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.46.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.46.1.el6.x86_64.rpm kernel-devel-2.6.32-279.46.1.el6.x86_64.rpm kernel-headers-2.6.32-279.46.1.el6.x86_64.rpm perf-2.6.32-279.46.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.3): Source: kernel-2.6.32-279.46.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-279.46.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.46.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.46.1.el6.i686.rpm perf-debuginfo-2.6.32-279.46.1.el6.i686.rpm python-perf-2.6.32-279.46.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-279.46.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-279.46.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-279.46.1.el6.ppc64.rpm perf-debuginfo-2.6.32-279.46.1.el6.ppc64.rpm python-perf-2.6.32-279.46.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-279.46.1.el6.s390x.rpm kernel-debuginfo-2.6.32-279.46.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-279.46.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-279.46.1.el6.s390x.rpm perf-debuginfo-2.6.32-279.46.1.el6.s390x.rpm python-perf-2.6.32-279.46.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.46.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm python-perf-2.6.32-279.46.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.46.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0077.html https://www.redhat.com/security/data/cve/CVE-2014-2523.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTjfkQXlSAg2UNWIIRApzfAKCZ7QeZO0Vlq6ypOF+P8b2t1EU7FQCbBKGt EfXrZIvK1cbdK5+9WZWRLzA= =Wg35 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 3 16:35:24 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Jun 2014 16:35:24 +0000 Subject: [RHSA-2014:0594-01] Important: gnutls security update Message-ID: <201406031635.s53GZO36013836@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: gnutls security update Advisory ID: RHSA-2014:0594-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0594.html Issue date: 2014-06-03 CVE Names: CVE-2014-3466 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 ===================================================================== 1. Summary: Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter of CVE-2014-3466. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS or libtasn1 library must be restarted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1101932 - CVE-2014-3466 gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3) 1102022 - CVE-2014-3467 libtasn1: multiple boundary check issues 1102323 - CVE-2014-3468 libtasn1: asn1_get_bit_der() can return negative bit length 1102329 - CVE-2014-3469 libtasn1: asn1_read_value_type() NULL pointer dereference 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/gnutls-1.4.1-16.el5_10.src.rpm i386: gnutls-1.4.1-16.el5_10.i386.rpm gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-utils-1.4.1-16.el5_10.i386.rpm x86_64: gnutls-1.4.1-16.el5_10.i386.rpm gnutls-1.4.1-16.el5_10.x86_64.rpm gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-debuginfo-1.4.1-16.el5_10.x86_64.rpm gnutls-utils-1.4.1-16.el5_10.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/gnutls-1.4.1-16.el5_10.src.rpm i386: gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-devel-1.4.1-16.el5_10.i386.rpm x86_64: gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-debuginfo-1.4.1-16.el5_10.x86_64.rpm gnutls-devel-1.4.1-16.el5_10.i386.rpm gnutls-devel-1.4.1-16.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/gnutls-1.4.1-16.el5_10.src.rpm i386: gnutls-1.4.1-16.el5_10.i386.rpm gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-devel-1.4.1-16.el5_10.i386.rpm gnutls-utils-1.4.1-16.el5_10.i386.rpm ia64: gnutls-1.4.1-16.el5_10.i386.rpm gnutls-1.4.1-16.el5_10.ia64.rpm gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-debuginfo-1.4.1-16.el5_10.ia64.rpm gnutls-devel-1.4.1-16.el5_10.ia64.rpm gnutls-utils-1.4.1-16.el5_10.ia64.rpm ppc: gnutls-1.4.1-16.el5_10.ppc.rpm gnutls-1.4.1-16.el5_10.ppc64.rpm gnutls-debuginfo-1.4.1-16.el5_10.ppc.rpm gnutls-debuginfo-1.4.1-16.el5_10.ppc64.rpm gnutls-devel-1.4.1-16.el5_10.ppc.rpm gnutls-devel-1.4.1-16.el5_10.ppc64.rpm gnutls-utils-1.4.1-16.el5_10.ppc.rpm s390x: gnutls-1.4.1-16.el5_10.s390.rpm gnutls-1.4.1-16.el5_10.s390x.rpm gnutls-debuginfo-1.4.1-16.el5_10.s390.rpm gnutls-debuginfo-1.4.1-16.el5_10.s390x.rpm gnutls-devel-1.4.1-16.el5_10.s390.rpm gnutls-devel-1.4.1-16.el5_10.s390x.rpm gnutls-utils-1.4.1-16.el5_10.s390x.rpm x86_64: gnutls-1.4.1-16.el5_10.i386.rpm gnutls-1.4.1-16.el5_10.x86_64.rpm gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-debuginfo-1.4.1-16.el5_10.x86_64.rpm gnutls-devel-1.4.1-16.el5_10.i386.rpm gnutls-devel-1.4.1-16.el5_10.x86_64.rpm gnutls-utils-1.4.1-16.el5_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3466.html https://www.redhat.com/security/data/cve/CVE-2014-3467.html https://www.redhat.com/security/data/cve/CVE-2014-3468.html https://www.redhat.com/security/data/cve/CVE-2014-3469.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTjfkxXlSAg2UNWIIRAiJAAJwInmMYTAzwR0+IrnDpt3cSRn3wFACdGuyA sFIO2xZvJQR7kswE4RkW38Y= =jDaZ -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 3 16:36:45 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Jun 2014 16:36:45 +0000 Subject: [RHSA-2014:0596-01] Moderate: libtasn1 security update Message-ID: <201406031636.s53GajmS029450@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libtasn1 security update Advisory ID: RHSA-2014:0596-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0596.html Issue date: 2014-06-03 CVE Names: CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 ===================================================================== 1. Summary: Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. All libtasn1 users are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the libtasn1 library must be restarted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1102022 - CVE-2014-3467 libtasn1: multiple boundary check issues 1102323 - CVE-2014-3468 libtasn1: asn1_get_bit_der() can return negative bit length 1102329 - CVE-2014-3469 libtasn1: asn1_read_value_type() NULL pointer dereference 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libtasn1-2.3-6.el6_5.src.rpm i386: libtasn1-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.i686.rpm x86_64: libtasn1-2.3-6.el6_5.i686.rpm libtasn1-2.3-6.el6_5.x86_64.rpm libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libtasn1-2.3-6.el6_5.src.rpm i386: libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-devel-2.3-6.el6_5.i686.rpm libtasn1-tools-2.3-6.el6_5.i686.rpm x86_64: libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.x86_64.rpm libtasn1-devel-2.3-6.el6_5.i686.rpm libtasn1-devel-2.3-6.el6_5.x86_64.rpm libtasn1-tools-2.3-6.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libtasn1-2.3-6.el6_5.src.rpm x86_64: libtasn1-2.3-6.el6_5.i686.rpm libtasn1-2.3-6.el6_5.x86_64.rpm libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libtasn1-2.3-6.el6_5.src.rpm x86_64: libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.x86_64.rpm libtasn1-devel-2.3-6.el6_5.i686.rpm libtasn1-devel-2.3-6.el6_5.x86_64.rpm libtasn1-tools-2.3-6.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libtasn1-2.3-6.el6_5.src.rpm i386: libtasn1-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-devel-2.3-6.el6_5.i686.rpm ppc64: libtasn1-2.3-6.el6_5.ppc.rpm libtasn1-2.3-6.el6_5.ppc64.rpm libtasn1-debuginfo-2.3-6.el6_5.ppc.rpm libtasn1-debuginfo-2.3-6.el6_5.ppc64.rpm libtasn1-devel-2.3-6.el6_5.ppc.rpm libtasn1-devel-2.3-6.el6_5.ppc64.rpm s390x: libtasn1-2.3-6.el6_5.s390.rpm libtasn1-2.3-6.el6_5.s390x.rpm libtasn1-debuginfo-2.3-6.el6_5.s390.rpm libtasn1-debuginfo-2.3-6.el6_5.s390x.rpm libtasn1-devel-2.3-6.el6_5.s390.rpm libtasn1-devel-2.3-6.el6_5.s390x.rpm x86_64: libtasn1-2.3-6.el6_5.i686.rpm libtasn1-2.3-6.el6_5.x86_64.rpm libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.x86_64.rpm libtasn1-devel-2.3-6.el6_5.i686.rpm libtasn1-devel-2.3-6.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libtasn1-2.3-6.el6_5.src.rpm i386: libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-tools-2.3-6.el6_5.i686.rpm ppc64: libtasn1-debuginfo-2.3-6.el6_5.ppc64.rpm libtasn1-tools-2.3-6.el6_5.ppc64.rpm s390x: libtasn1-debuginfo-2.3-6.el6_5.s390x.rpm libtasn1-tools-2.3-6.el6_5.s390x.rpm x86_64: libtasn1-debuginfo-2.3-6.el6_5.x86_64.rpm libtasn1-tools-2.3-6.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libtasn1-2.3-6.el6_5.src.rpm i386: libtasn1-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-devel-2.3-6.el6_5.i686.rpm x86_64: libtasn1-2.3-6.el6_5.i686.rpm libtasn1-2.3-6.el6_5.x86_64.rpm libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-debuginfo-2.3-6.el6_5.x86_64.rpm libtasn1-devel-2.3-6.el6_5.i686.rpm libtasn1-devel-2.3-6.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libtasn1-2.3-6.el6_5.src.rpm i386: libtasn1-debuginfo-2.3-6.el6_5.i686.rpm libtasn1-tools-2.3-6.el6_5.i686.rpm x86_64: libtasn1-debuginfo-2.3-6.el6_5.x86_64.rpm libtasn1-tools-2.3-6.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3467.html https://www.redhat.com/security/data/cve/CVE-2014-3468.html https://www.redhat.com/security/data/cve/CVE-2014-3469.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTjfmLXlSAg2UNWIIRAs5/AKCzvlEpaoQWK1Nb3hm0f+14BycQXACeOjyh 3xJPUdZgrwhgadFwaeElDDo= =FDUn -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 3 16:37:55 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Jun 2014 16:37:55 +0000 Subject: [RHSA-2014:0597-01] Moderate: squid security update Message-ID: <201406031637.s53GbtlC014962@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: squid security update Advisory ID: RHSA-2014:0597-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0597.html Issue date: 2014-06-03 CVE Names: CVE-2014-0128 ===================================================================== 1. Summary: Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. A denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash. (CVE-2014-0128) Red Hat would like to thank the Squid project for reporting this issue. Upstream acknowledges Mathias Fischer and Fabian Hugelshofer from Open Systems AG as the original reporters. All squid users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1074870 - CVE-2014-0128 squid: denial of service when using SSL-Bump 6. Package List: Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/squid-3.1.10-20.el6_5.3.src.rpm i386: squid-3.1.10-20.el6_5.3.i686.rpm squid-debuginfo-3.1.10-20.el6_5.3.i686.rpm ppc64: squid-3.1.10-20.el6_5.3.ppc64.rpm squid-debuginfo-3.1.10-20.el6_5.3.ppc64.rpm s390x: squid-3.1.10-20.el6_5.3.s390x.rpm squid-debuginfo-3.1.10-20.el6_5.3.s390x.rpm x86_64: squid-3.1.10-20.el6_5.3.x86_64.rpm squid-debuginfo-3.1.10-20.el6_5.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/squid-3.1.10-20.el6_5.3.src.rpm i386: squid-3.1.10-20.el6_5.3.i686.rpm squid-debuginfo-3.1.10-20.el6_5.3.i686.rpm x86_64: squid-3.1.10-20.el6_5.3.x86_64.rpm squid-debuginfo-3.1.10-20.el6_5.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0128.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTjfmrXlSAg2UNWIIRAssLAKChcrV/NdJ9qp4teigXjLWI0h3dSQCeKkRX 90W9YXZg46wZSa3XsXv+NuU= =sB7y -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 3 16:40:26 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Jun 2014 16:40:26 +0000 Subject: [RHSA-2014:0595-01] Important: gnutls security update Message-ID: <201406031640.s53GeQms003173@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: gnutls security update Advisory ID: RHSA-2014:0595-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0595.html Issue date: 2014-06-03 CVE Names: CVE-2014-3466 ===================================================================== 1. Summary: Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) Red Hat would like to thank GnuTLS upstream for reporting this issue. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1101932 - CVE-2014-3466 gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/gnutls-2.8.5-14.el6_5.src.rpm i386: gnutls-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-utils-2.8.5-14.el6_5.i686.rpm x86_64: gnutls-2.8.5-14.el6_5.i686.rpm gnutls-2.8.5-14.el6_5.x86_64.rpm gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.x86_64.rpm gnutls-utils-2.8.5-14.el6_5.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/gnutls-2.8.5-14.el6_5.src.rpm i386: gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-devel-2.8.5-14.el6_5.i686.rpm gnutls-guile-2.8.5-14.el6_5.i686.rpm x86_64: gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.x86_64.rpm gnutls-devel-2.8.5-14.el6_5.i686.rpm gnutls-devel-2.8.5-14.el6_5.x86_64.rpm gnutls-guile-2.8.5-14.el6_5.i686.rpm gnutls-guile-2.8.5-14.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/gnutls-2.8.5-14.el6_5.src.rpm x86_64: gnutls-2.8.5-14.el6_5.i686.rpm gnutls-2.8.5-14.el6_5.x86_64.rpm gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.x86_64.rpm gnutls-utils-2.8.5-14.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/gnutls-2.8.5-14.el6_5.src.rpm x86_64: gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.x86_64.rpm gnutls-devel-2.8.5-14.el6_5.i686.rpm gnutls-devel-2.8.5-14.el6_5.x86_64.rpm gnutls-guile-2.8.5-14.el6_5.i686.rpm gnutls-guile-2.8.5-14.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/gnutls-2.8.5-14.el6_5.src.rpm i386: gnutls-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-devel-2.8.5-14.el6_5.i686.rpm gnutls-utils-2.8.5-14.el6_5.i686.rpm ppc64: gnutls-2.8.5-14.el6_5.ppc.rpm gnutls-2.8.5-14.el6_5.ppc64.rpm gnutls-debuginfo-2.8.5-14.el6_5.ppc.rpm gnutls-debuginfo-2.8.5-14.el6_5.ppc64.rpm gnutls-devel-2.8.5-14.el6_5.ppc.rpm gnutls-devel-2.8.5-14.el6_5.ppc64.rpm gnutls-utils-2.8.5-14.el6_5.ppc64.rpm s390x: gnutls-2.8.5-14.el6_5.s390.rpm gnutls-2.8.5-14.el6_5.s390x.rpm gnutls-debuginfo-2.8.5-14.el6_5.s390.rpm gnutls-debuginfo-2.8.5-14.el6_5.s390x.rpm gnutls-devel-2.8.5-14.el6_5.s390.rpm gnutls-devel-2.8.5-14.el6_5.s390x.rpm gnutls-utils-2.8.5-14.el6_5.s390x.rpm x86_64: gnutls-2.8.5-14.el6_5.i686.rpm gnutls-2.8.5-14.el6_5.x86_64.rpm gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.x86_64.rpm gnutls-devel-2.8.5-14.el6_5.i686.rpm gnutls-devel-2.8.5-14.el6_5.x86_64.rpm gnutls-utils-2.8.5-14.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/gnutls-2.8.5-14.el6_5.src.rpm i386: gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-guile-2.8.5-14.el6_5.i686.rpm ppc64: gnutls-debuginfo-2.8.5-14.el6_5.ppc.rpm gnutls-debuginfo-2.8.5-14.el6_5.ppc64.rpm gnutls-guile-2.8.5-14.el6_5.ppc.rpm gnutls-guile-2.8.5-14.el6_5.ppc64.rpm s390x: gnutls-debuginfo-2.8.5-14.el6_5.s390.rpm gnutls-debuginfo-2.8.5-14.el6_5.s390x.rpm gnutls-guile-2.8.5-14.el6_5.s390.rpm gnutls-guile-2.8.5-14.el6_5.s390x.rpm x86_64: gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.x86_64.rpm gnutls-guile-2.8.5-14.el6_5.i686.rpm gnutls-guile-2.8.5-14.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/gnutls-2.8.5-14.el6_5.src.rpm i386: gnutls-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-devel-2.8.5-14.el6_5.i686.rpm gnutls-utils-2.8.5-14.el6_5.i686.rpm x86_64: gnutls-2.8.5-14.el6_5.i686.rpm gnutls-2.8.5-14.el6_5.x86_64.rpm gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.x86_64.rpm gnutls-devel-2.8.5-14.el6_5.i686.rpm gnutls-devel-2.8.5-14.el6_5.x86_64.rpm gnutls-utils-2.8.5-14.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/gnutls-2.8.5-14.el6_5.src.rpm i386: gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-guile-2.8.5-14.el6_5.i686.rpm x86_64: gnutls-debuginfo-2.8.5-14.el6_5.i686.rpm gnutls-debuginfo-2.8.5-14.el6_5.x86_64.rpm gnutls-guile-2.8.5-14.el6_5.i686.rpm gnutls-guile-2.8.5-14.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3466.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTjfpwXlSAg2UNWIIRAssyAJ9wL5JLJSch0Hpp5TWukeJ5rU1rxwCgqBF3 Lb71dYbnutyrgsRO1wL2yhw= =QWES -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 4 17:21:09 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 4 Jun 2014 17:21:09 +0000 Subject: [RHSA-2014:0634-01] Important: kernel security and bug fix update Message-ID: <201406041721.s54HL9ZB013749@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:0634-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0634.html Issue date: 2014-06-04 CVE Names: CVE-2013-6383 CVE-2014-0077 CVE-2014-2523 ===================================================================== 1. Summary: Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1033530 - CVE-2013-6383 Kernel: AACRAID Driver compat IOCTL missing capability check 1064440 - CVE-2014-0077 kernel: vhost-net: insufficiency in handling of big packets in handle_rx() 1077343 - CVE-2014-2523 kernel: netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.4): Source: kernel-2.6.32-358.44.1.el6.src.rpm noarch: kernel-doc-2.6.32-358.44.1.el6.noarch.rpm kernel-firmware-2.6.32-358.44.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.44.1.el6.x86_64.rpm kernel-debug-2.6.32-358.44.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.44.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.44.1.el6.x86_64.rpm kernel-devel-2.6.32-358.44.1.el6.x86_64.rpm kernel-headers-2.6.32-358.44.1.el6.x86_64.rpm perf-2.6.32-358.44.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4): Source: kernel-2.6.32-358.44.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.44.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm python-perf-2.6.32-358.44.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.4): Source: kernel-2.6.32-358.44.1.el6.src.rpm i386: kernel-2.6.32-358.44.1.el6.i686.rpm kernel-debug-2.6.32-358.44.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.44.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.44.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.44.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.44.1.el6.i686.rpm kernel-devel-2.6.32-358.44.1.el6.i686.rpm kernel-headers-2.6.32-358.44.1.el6.i686.rpm perf-2.6.32-358.44.1.el6.i686.rpm perf-debuginfo-2.6.32-358.44.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.i686.rpm noarch: kernel-doc-2.6.32-358.44.1.el6.noarch.rpm kernel-firmware-2.6.32-358.44.1.el6.noarch.rpm ppc64: kernel-2.6.32-358.44.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-358.44.1.el6.ppc64.rpm kernel-debug-2.6.32-358.44.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-358.44.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-358.44.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.44.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.44.1.el6.ppc64.rpm kernel-devel-2.6.32-358.44.1.el6.ppc64.rpm kernel-headers-2.6.32-358.44.1.el6.ppc64.rpm perf-2.6.32-358.44.1.el6.ppc64.rpm perf-debuginfo-2.6.32-358.44.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.ppc64.rpm s390x: kernel-2.6.32-358.44.1.el6.s390x.rpm kernel-debug-2.6.32-358.44.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-358.44.1.el6.s390x.rpm kernel-debug-devel-2.6.32-358.44.1.el6.s390x.rpm kernel-debuginfo-2.6.32-358.44.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.44.1.el6.s390x.rpm kernel-devel-2.6.32-358.44.1.el6.s390x.rpm kernel-headers-2.6.32-358.44.1.el6.s390x.rpm kernel-kdump-2.6.32-358.44.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.44.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-358.44.1.el6.s390x.rpm perf-2.6.32-358.44.1.el6.s390x.rpm perf-debuginfo-2.6.32-358.44.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.s390x.rpm x86_64: kernel-2.6.32-358.44.1.el6.x86_64.rpm kernel-debug-2.6.32-358.44.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.44.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.44.1.el6.x86_64.rpm kernel-devel-2.6.32-358.44.1.el6.x86_64.rpm kernel-headers-2.6.32-358.44.1.el6.x86_64.rpm perf-2.6.32-358.44.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.4): Source: kernel-2.6.32-358.44.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-358.44.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.44.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.44.1.el6.i686.rpm perf-debuginfo-2.6.32-358.44.1.el6.i686.rpm python-perf-2.6.32-358.44.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-358.44.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.44.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.44.1.el6.ppc64.rpm perf-debuginfo-2.6.32-358.44.1.el6.ppc64.rpm python-perf-2.6.32-358.44.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-358.44.1.el6.s390x.rpm kernel-debuginfo-2.6.32-358.44.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.44.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.44.1.el6.s390x.rpm perf-debuginfo-2.6.32-358.44.1.el6.s390x.rpm python-perf-2.6.32-358.44.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.44.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm python-perf-2.6.32-358.44.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.44.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-6383.html https://www.redhat.com/security/data/cve/CVE-2014-0077.html https://www.redhat.com/security/data/cve/CVE-2014-2523.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.4_Technical_Notes/kernel.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTj1VvXlSAg2UNWIIRAo2cAJ9vyTxak0u5/K3xCVgx1V863APWYwCgq0Tj EkqdhbljjLScNDJP+A75iUU= =dBV4 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 5 12:17:50 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Jun 2014 12:17:50 +0000 Subject: [RHSA-2014:0624-01] Important: openssl security update Message-ID: <201406051217.s55CHo31026367@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0624-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0624.html Issue date: 2014-06-05 CVE Names: CVE-2014-0224 ===================================================================== 1. Summary: Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: openssl-0.9.8e-27.el5_10.3.src.rpm i386: openssl-0.9.8e-27.el5_10.3.i386.rpm openssl-0.9.8e-27.el5_10.3.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm openssl-perl-0.9.8e-27.el5_10.3.i386.rpm x86_64: openssl-0.9.8e-27.el5_10.3.i686.rpm openssl-0.9.8e-27.el5_10.3.x86_64.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm openssl-perl-0.9.8e-27.el5_10.3.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: openssl-0.9.8e-27.el5_10.3.src.rpm i386: openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm openssl-devel-0.9.8e-27.el5_10.3.i386.rpm x86_64: openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm openssl-devel-0.9.8e-27.el5_10.3.i386.rpm openssl-devel-0.9.8e-27.el5_10.3.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: openssl-0.9.8e-27.el5_10.3.src.rpm i386: openssl-0.9.8e-27.el5_10.3.i386.rpm openssl-0.9.8e-27.el5_10.3.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm openssl-devel-0.9.8e-27.el5_10.3.i386.rpm openssl-perl-0.9.8e-27.el5_10.3.i386.rpm ia64: openssl-0.9.8e-27.el5_10.3.i686.rpm openssl-0.9.8e-27.el5_10.3.ia64.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.ia64.rpm openssl-devel-0.9.8e-27.el5_10.3.ia64.rpm openssl-perl-0.9.8e-27.el5_10.3.ia64.rpm ppc: openssl-0.9.8e-27.el5_10.3.ppc.rpm openssl-0.9.8e-27.el5_10.3.ppc64.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.ppc.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.ppc64.rpm openssl-devel-0.9.8e-27.el5_10.3.ppc.rpm openssl-devel-0.9.8e-27.el5_10.3.ppc64.rpm openssl-perl-0.9.8e-27.el5_10.3.ppc.rpm s390x: openssl-0.9.8e-27.el5_10.3.s390.rpm openssl-0.9.8e-27.el5_10.3.s390x.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.s390.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.s390x.rpm openssl-devel-0.9.8e-27.el5_10.3.s390.rpm openssl-devel-0.9.8e-27.el5_10.3.s390x.rpm openssl-perl-0.9.8e-27.el5_10.3.s390x.rpm x86_64: openssl-0.9.8e-27.el5_10.3.i686.rpm openssl-0.9.8e-27.el5_10.3.x86_64.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.3.x86_64.rpm openssl-devel-0.9.8e-27.el5_10.3.i386.rpm openssl-devel-0.9.8e-27.el5_10.3.x86_64.rpm openssl-perl-0.9.8e-27.el5_10.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTkF/fXlSAg2UNWIIRAlQNAJ90OWVC/c2xIwo84XFBTWht69B9sQCgrcfA i1+jsHy9vEBgGK1CBxqZzOg= =N1V2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 5 12:18:32 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Jun 2014 12:18:32 +0000 Subject: [RHSA-2014:0625-01] Important: openssl security update Message-ID: <201406051218.s55CIWDe013281@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0625-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0625.html Issue date: 2014-06-05 CVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 ===================================================================== 1. Summary: Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, J?ri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gr?bert and Ivan Fratri? of Google as the original reporters of CVE-2014-3470. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free 1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write() 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment 1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: openssl-1.0.1e-16.el6_5.14.src.rpm i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: openssl-1.0.1e-16.el6_5.14.src.rpm i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: openssl-1.0.1e-16.el6_5.14.src.rpm x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: openssl-1.0.1e-16.el6_5.14.src.rpm x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: openssl-1.0.1e-16.el6_5.14.src.rpm i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm ppc64: openssl-1.0.1e-16.el6_5.14.ppc.rpm openssl-1.0.1e-16.el6_5.14.ppc64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.ppc.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm openssl-devel-1.0.1e-16.el6_5.14.ppc.rpm openssl-devel-1.0.1e-16.el6_5.14.ppc64.rpm s390x: openssl-1.0.1e-16.el6_5.14.s390.rpm openssl-1.0.1e-16.el6_5.14.s390x.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.s390.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm openssl-devel-1.0.1e-16.el6_5.14.s390.rpm openssl-devel-1.0.1e-16.el6_5.14.s390x.rpm x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: openssl-1.0.1e-16.el6_5.14.src.rpm i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm ppc64: openssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm openssl-perl-1.0.1e-16.el6_5.14.ppc64.rpm openssl-static-1.0.1e-16.el6_5.14.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm openssl-perl-1.0.1e-16.el6_5.14.s390x.rpm openssl-static-1.0.1e-16.el6_5.14.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: openssl-1.0.1e-16.el6_5.14.src.rpm i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: openssl-1.0.1e-16.el6_5.14.src.rpm i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-5298.html https://www.redhat.com/security/data/cve/CVE-2014-0195.html https://www.redhat.com/security/data/cve/CVE-2014-0198.html https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://www.redhat.com/security/data/cve/CVE-2014-3470.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTkGAKXlSAg2UNWIIRAnrwAJ9sLrj3wCAZhJU00jxgt03unDAHywCfVjUB pJJhdOUzRUL8R2haDM4xrsk= =hZF8 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 5 12:19:34 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Jun 2014 12:19:34 +0000 Subject: [RHSA-2014:0626-01] Important: openssl097a and openssl098e security update Message-ID: <201406051219.s55CJYtB018629@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openssl097a and openssl098e security update Advisory ID: RHSA-2014:0626-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0626.html Issue date: 2014-06-05 CVE Names: CVE-2014-0224 ===================================================================== 1. Summary: Updated openssl097a and openssl098e packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: openssl097a-0.9.7a-12.el5_10.1.src.rpm i386: openssl097a-0.9.7a-12.el5_10.1.i386.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm x86_64: openssl097a-0.9.7a-12.el5_10.1.i386.rpm openssl097a-0.9.7a-12.el5_10.1.x86_64.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: openssl097a-0.9.7a-12.el5_10.1.src.rpm i386: openssl097a-0.9.7a-12.el5_10.1.i386.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm ia64: openssl097a-0.9.7a-12.el5_10.1.i386.rpm openssl097a-0.9.7a-12.el5_10.1.ia64.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.ia64.rpm ppc: openssl097a-0.9.7a-12.el5_10.1.ppc.rpm openssl097a-0.9.7a-12.el5_10.1.ppc64.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.ppc.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.ppc64.rpm s390x: openssl097a-0.9.7a-12.el5_10.1.s390.rpm openssl097a-0.9.7a-12.el5_10.1.s390x.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.s390.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.s390x.rpm x86_64: openssl097a-0.9.7a-12.el5_10.1.i386.rpm openssl097a-0.9.7a-12.el5_10.1.x86_64.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.i386.rpm openssl097a-debuginfo-0.9.7a-12.el5_10.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: openssl098e-0.9.8e-18.el6_5.2.src.rpm i386: openssl098e-0.9.8e-18.el6_5.2.i686.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm x86_64: openssl098e-0.9.8e-18.el6_5.2.i686.rpm openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: openssl098e-0.9.8e-18.el6_5.2.src.rpm x86_64: openssl098e-0.9.8e-18.el6_5.2.i686.rpm openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: openssl098e-0.9.8e-18.el6_5.2.src.rpm i386: openssl098e-0.9.8e-18.el6_5.2.i686.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm ppc64: openssl098e-0.9.8e-18.el6_5.2.ppc.rpm openssl098e-0.9.8e-18.el6_5.2.ppc64.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.ppc.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.ppc64.rpm s390x: openssl098e-0.9.8e-18.el6_5.2.s390.rpm openssl098e-0.9.8e-18.el6_5.2.s390x.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.s390.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.s390x.rpm x86_64: openssl098e-0.9.8e-18.el6_5.2.i686.rpm openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: openssl098e-0.9.8e-18.el6_5.2.src.rpm i386: openssl098e-0.9.8e-18.el6_5.2.i686.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm x86_64: openssl098e-0.9.8e-18.el6_5.2.i686.rpm openssl098e-0.9.8e-18.el6_5.2.x86_64.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.i686.rpm openssl098e-debuginfo-0.9.8e-18.el6_5.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTkGAvXlSAg2UNWIIRAvMIAJ9THcT9MzhmvqqtMIaD5sFgySKyFQCgnybA N88vhpDaL5gagPSskXXJ8NQ= =R/Vn -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 5 12:23:23 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Jun 2014 12:23:23 +0000 Subject: [RHSA-2014:0627-01] Important: openssl security update Message-ID: <201406051223.s55CNOk1009990@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0627-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0627.html Issue date: 2014-06-05 CVE Names: CVE-2014-0224 ===================================================================== 1. Summary: Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise Linux 6.3 and 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (v. 4 ELS) - i386, ia64, x86_64 Red Hat Enterprise Linux Compute Node EUS (v. 6.3) - x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3) - x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux ES (v. 4 ELS) - i386, x86_64 Red Hat Enterprise Linux EUS (v. 5.9 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux LL (v. 5.6 server) - i386, ia64, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.3) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.3) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 6. Package List: Red Hat Enterprise Linux AS (v. 4 ELS): Source: openssl-0.9.7a-43.22.el4.src.rpm i386: openssl-0.9.7a-43.22.el4.i386.rpm openssl-0.9.7a-43.22.el4.i686.rpm openssl-debuginfo-0.9.7a-43.22.el4.i386.rpm openssl-debuginfo-0.9.7a-43.22.el4.i686.rpm openssl-devel-0.9.7a-43.22.el4.i386.rpm openssl-perl-0.9.7a-43.22.el4.i386.rpm ia64: openssl-0.9.7a-43.22.el4.i686.rpm openssl-0.9.7a-43.22.el4.ia64.rpm openssl-debuginfo-0.9.7a-43.22.el4.i686.rpm openssl-debuginfo-0.9.7a-43.22.el4.ia64.rpm openssl-devel-0.9.7a-43.22.el4.ia64.rpm openssl-perl-0.9.7a-43.22.el4.ia64.rpm x86_64: openssl-0.9.7a-43.22.el4.i686.rpm openssl-0.9.7a-43.22.el4.x86_64.rpm openssl-debuginfo-0.9.7a-43.22.el4.i386.rpm openssl-debuginfo-0.9.7a-43.22.el4.i686.rpm openssl-debuginfo-0.9.7a-43.22.el4.x86_64.rpm openssl-devel-0.9.7a-43.22.el4.i386.rpm openssl-devel-0.9.7a-43.22.el4.x86_64.rpm openssl-perl-0.9.7a-43.22.el4.x86_64.rpm Red Hat Enterprise Linux ES (v. 4 ELS): Source: openssl-0.9.7a-43.22.el4.src.rpm i386: openssl-0.9.7a-43.22.el4.i386.rpm openssl-0.9.7a-43.22.el4.i686.rpm openssl-debuginfo-0.9.7a-43.22.el4.i386.rpm openssl-debuginfo-0.9.7a-43.22.el4.i686.rpm openssl-devel-0.9.7a-43.22.el4.i386.rpm openssl-perl-0.9.7a-43.22.el4.i386.rpm x86_64: openssl-0.9.7a-43.22.el4.i686.rpm openssl-0.9.7a-43.22.el4.x86_64.rpm openssl-debuginfo-0.9.7a-43.22.el4.i386.rpm openssl-debuginfo-0.9.7a-43.22.el4.i686.rpm openssl-debuginfo-0.9.7a-43.22.el4.x86_64.rpm openssl-devel-0.9.7a-43.22.el4.i386.rpm openssl-devel-0.9.7a-43.22.el4.x86_64.rpm openssl-perl-0.9.7a-43.22.el4.x86_64.rpm Red Hat Enterprise Linux LL (v. 5.6 server): Source: openssl-0.9.8e-12.el5_6.12.src.rpm i386: openssl-0.9.8e-12.el5_6.12.i386.rpm openssl-0.9.8e-12.el5_6.12.i686.rpm openssl-debuginfo-0.9.8e-12.el5_6.12.i386.rpm openssl-debuginfo-0.9.8e-12.el5_6.12.i686.rpm openssl-devel-0.9.8e-12.el5_6.12.i386.rpm openssl-perl-0.9.8e-12.el5_6.12.i386.rpm ia64: openssl-0.9.8e-12.el5_6.12.i686.rpm openssl-0.9.8e-12.el5_6.12.ia64.rpm openssl-debuginfo-0.9.8e-12.el5_6.12.i686.rpm openssl-debuginfo-0.9.8e-12.el5_6.12.ia64.rpm openssl-devel-0.9.8e-12.el5_6.12.ia64.rpm openssl-perl-0.9.8e-12.el5_6.12.ia64.rpm x86_64: openssl-0.9.8e-12.el5_6.12.i686.rpm openssl-0.9.8e-12.el5_6.12.x86_64.rpm openssl-debuginfo-0.9.8e-12.el5_6.12.i386.rpm openssl-debuginfo-0.9.8e-12.el5_6.12.i686.rpm openssl-debuginfo-0.9.8e-12.el5_6.12.x86_64.rpm openssl-devel-0.9.8e-12.el5_6.12.i386.rpm openssl-devel-0.9.8e-12.el5_6.12.x86_64.rpm openssl-perl-0.9.8e-12.el5_6.12.x86_64.rpm Red Hat Enterprise Linux EUS (v. 5.9 server): Source: openssl-0.9.8e-26.el5_9.4.src.rpm i386: openssl-0.9.8e-26.el5_9.4.i386.rpm openssl-0.9.8e-26.el5_9.4.i686.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.i386.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm openssl-devel-0.9.8e-26.el5_9.4.i386.rpm openssl-perl-0.9.8e-26.el5_9.4.i386.rpm ia64: openssl-0.9.8e-26.el5_9.4.i686.rpm openssl-0.9.8e-26.el5_9.4.ia64.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.ia64.rpm openssl-devel-0.9.8e-26.el5_9.4.ia64.rpm openssl-perl-0.9.8e-26.el5_9.4.ia64.rpm ppc: openssl-0.9.8e-26.el5_9.4.ppc.rpm openssl-0.9.8e-26.el5_9.4.ppc64.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.ppc.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.ppc64.rpm openssl-devel-0.9.8e-26.el5_9.4.ppc.rpm openssl-devel-0.9.8e-26.el5_9.4.ppc64.rpm openssl-perl-0.9.8e-26.el5_9.4.ppc.rpm s390x: openssl-0.9.8e-26.el5_9.4.s390.rpm openssl-0.9.8e-26.el5_9.4.s390x.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.s390.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.s390x.rpm openssl-devel-0.9.8e-26.el5_9.4.s390.rpm openssl-devel-0.9.8e-26.el5_9.4.s390x.rpm openssl-perl-0.9.8e-26.el5_9.4.s390x.rpm x86_64: openssl-0.9.8e-26.el5_9.4.i686.rpm openssl-0.9.8e-26.el5_9.4.x86_64.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.i386.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.i686.rpm openssl-debuginfo-0.9.8e-26.el5_9.4.x86_64.rpm openssl-devel-0.9.8e-26.el5_9.4.i386.rpm openssl-devel-0.9.8e-26.el5_9.4.x86_64.rpm openssl-perl-0.9.8e-26.el5_9.4.x86_64.rpm Red Hat Enterprise Linux Compute Node EUS (v. 6.3): Source: openssl-1.0.0-25.el6_3.3.src.rpm x86_64: openssl-1.0.0-25.el6_3.3.i686.rpm openssl-1.0.0-25.el6_3.3.x86_64.rpm openssl-debuginfo-1.0.0-25.el6_3.3.i686.rpm openssl-debuginfo-1.0.0-25.el6_3.3.x86_64.rpm Red Hat Enterprise Linux HPC Node EUS (v. 6.4): Source: openssl-1.0.0-27.el6_4.4.src.rpm x86_64: openssl-1.0.0-27.el6_4.4.i686.rpm openssl-1.0.0-27.el6_4.4.x86_64.rpm openssl-debuginfo-1.0.0-27.el6_4.4.i686.rpm openssl-debuginfo-1.0.0-27.el6_4.4.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3): Source: openssl-1.0.0-25.el6_3.3.src.rpm x86_64: openssl-debuginfo-1.0.0-25.el6_3.3.i686.rpm openssl-debuginfo-1.0.0-25.el6_3.3.x86_64.rpm openssl-devel-1.0.0-25.el6_3.3.i686.rpm openssl-devel-1.0.0-25.el6_3.3.x86_64.rpm openssl-perl-1.0.0-25.el6_3.3.x86_64.rpm openssl-static-1.0.0-25.el6_3.3.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4): Source: openssl-1.0.0-27.el6_4.4.src.rpm x86_64: openssl-debuginfo-1.0.0-27.el6_4.4.i686.rpm openssl-debuginfo-1.0.0-27.el6_4.4.x86_64.rpm openssl-devel-1.0.0-27.el6_4.4.i686.rpm openssl-devel-1.0.0-27.el6_4.4.x86_64.rpm openssl-perl-1.0.0-27.el6_4.4.x86_64.rpm openssl-static-1.0.0-27.el6_4.4.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.3): Source: openssl-1.0.0-25.el6_3.3.src.rpm i386: openssl-1.0.0-25.el6_3.3.i686.rpm openssl-debuginfo-1.0.0-25.el6_3.3.i686.rpm openssl-devel-1.0.0-25.el6_3.3.i686.rpm ppc64: openssl-1.0.0-25.el6_3.3.ppc.rpm openssl-1.0.0-25.el6_3.3.ppc64.rpm openssl-debuginfo-1.0.0-25.el6_3.3.ppc.rpm openssl-debuginfo-1.0.0-25.el6_3.3.ppc64.rpm openssl-devel-1.0.0-25.el6_3.3.ppc.rpm openssl-devel-1.0.0-25.el6_3.3.ppc64.rpm s390x: openssl-1.0.0-25.el6_3.3.s390.rpm openssl-1.0.0-25.el6_3.3.s390x.rpm openssl-debuginfo-1.0.0-25.el6_3.3.s390.rpm openssl-debuginfo-1.0.0-25.el6_3.3.s390x.rpm openssl-devel-1.0.0-25.el6_3.3.s390.rpm openssl-devel-1.0.0-25.el6_3.3.s390x.rpm x86_64: openssl-1.0.0-25.el6_3.3.i686.rpm openssl-1.0.0-25.el6_3.3.x86_64.rpm openssl-debuginfo-1.0.0-25.el6_3.3.i686.rpm openssl-debuginfo-1.0.0-25.el6_3.3.x86_64.rpm openssl-devel-1.0.0-25.el6_3.3.i686.rpm openssl-devel-1.0.0-25.el6_3.3.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.4): Source: openssl-1.0.0-27.el6_4.4.src.rpm i386: openssl-1.0.0-27.el6_4.4.i686.rpm openssl-debuginfo-1.0.0-27.el6_4.4.i686.rpm openssl-devel-1.0.0-27.el6_4.4.i686.rpm ppc64: openssl-1.0.0-27.el6_4.4.ppc.rpm openssl-1.0.0-27.el6_4.4.ppc64.rpm openssl-debuginfo-1.0.0-27.el6_4.4.ppc.rpm openssl-debuginfo-1.0.0-27.el6_4.4.ppc64.rpm openssl-devel-1.0.0-27.el6_4.4.ppc.rpm openssl-devel-1.0.0-27.el6_4.4.ppc64.rpm s390x: openssl-1.0.0-27.el6_4.4.s390.rpm openssl-1.0.0-27.el6_4.4.s390x.rpm openssl-debuginfo-1.0.0-27.el6_4.4.s390.rpm openssl-debuginfo-1.0.0-27.el6_4.4.s390x.rpm openssl-devel-1.0.0-27.el6_4.4.s390.rpm openssl-devel-1.0.0-27.el6_4.4.s390x.rpm x86_64: openssl-1.0.0-27.el6_4.4.i686.rpm openssl-1.0.0-27.el6_4.4.x86_64.rpm openssl-debuginfo-1.0.0-27.el6_4.4.i686.rpm openssl-debuginfo-1.0.0-27.el6_4.4.x86_64.rpm openssl-devel-1.0.0-27.el6_4.4.i686.rpm openssl-devel-1.0.0-27.el6_4.4.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.3): Source: openssl-1.0.0-25.el6_3.3.src.rpm i386: openssl-debuginfo-1.0.0-25.el6_3.3.i686.rpm openssl-perl-1.0.0-25.el6_3.3.i686.rpm openssl-static-1.0.0-25.el6_3.3.i686.rpm ppc64: openssl-debuginfo-1.0.0-25.el6_3.3.ppc64.rpm openssl-perl-1.0.0-25.el6_3.3.ppc64.rpm openssl-static-1.0.0-25.el6_3.3.ppc64.rpm s390x: openssl-debuginfo-1.0.0-25.el6_3.3.s390x.rpm openssl-perl-1.0.0-25.el6_3.3.s390x.rpm openssl-static-1.0.0-25.el6_3.3.s390x.rpm x86_64: openssl-debuginfo-1.0.0-25.el6_3.3.x86_64.rpm openssl-perl-1.0.0-25.el6_3.3.x86_64.rpm openssl-static-1.0.0-25.el6_3.3.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.4): Source: openssl-1.0.0-27.el6_4.4.src.rpm i386: openssl-debuginfo-1.0.0-27.el6_4.4.i686.rpm openssl-perl-1.0.0-27.el6_4.4.i686.rpm openssl-static-1.0.0-27.el6_4.4.i686.rpm ppc64: openssl-debuginfo-1.0.0-27.el6_4.4.ppc64.rpm openssl-perl-1.0.0-27.el6_4.4.ppc64.rpm openssl-static-1.0.0-27.el6_4.4.ppc64.rpm s390x: openssl-debuginfo-1.0.0-27.el6_4.4.s390x.rpm openssl-perl-1.0.0-27.el6_4.4.s390x.rpm openssl-static-1.0.0-27.el6_4.4.s390x.rpm x86_64: openssl-debuginfo-1.0.0-27.el6_4.4.x86_64.rpm openssl-perl-1.0.0-27.el6_4.4.x86_64.rpm openssl-static-1.0.0-27.el6_4.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTkGEBXlSAg2UNWIIRAhH7AKCBIVa173E+oLwgHhXT0Gs0j+8jdgCgn6OR LaIZIdJViXsCzRKV3pFo2m0= =O0ah -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:34:22 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:34:22 +0000 Subject: [RHSA-2014:0675-01] Critical: java-1.7.0-openjdk security update Message-ID: <201406101934.s5AJYM3q026532@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2014:0675-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0675.html Issue date: 2014-06-10 CVE Names: CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 ===================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0455, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402, CVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1060907 - CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618) 1086632 - CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736) 1086645 - CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766) 1087409 - CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841) 1087411 - CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394) 1087413 - CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858) 1087417 - CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854) 1087423 - CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926) 1087424 - CVE-2014-0455 OpenJDK: MethodHandle variable argument lists handling (Libraries, 8029844) 1087426 - CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794) 1087427 - CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010) 1087428 - CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797) 1087430 - CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152) 1087431 - CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030) 1087434 - CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188) 1087436 - CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801) 1087438 - CVE-2014-2402 OpenJDK: Incorrect NIO channel separation (Libraries, 8026716) 1087439 - CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740) 1087440 - CVE-2014-0454 OpenJDK: Prevent SIGNATURE_PRIMITIVE_SET from being modified (Security, 8029745) 1087441 - CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163) 1087442 - CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731) 1087443 - CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282) 1087444 - CVE-2014-0459 lcms: insufficient ICC profile version validation (OpenJDK 2D, 8031335) 1087446 - CVE-2014-2413 OpenJDK: method handle call hierachy bypass (Libraries, 8032686) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm ppc64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm s390x: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.s390x.rpm x86_64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm ppc64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm s390x: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.s390x.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0429.html https://www.redhat.com/security/data/cve/CVE-2014-0446.html https://www.redhat.com/security/data/cve/CVE-2014-0451.html https://www.redhat.com/security/data/cve/CVE-2014-0452.html https://www.redhat.com/security/data/cve/CVE-2014-0453.html https://www.redhat.com/security/data/cve/CVE-2014-0454.html https://www.redhat.com/security/data/cve/CVE-2014-0455.html https://www.redhat.com/security/data/cve/CVE-2014-0456.html https://www.redhat.com/security/data/cve/CVE-2014-0457.html https://www.redhat.com/security/data/cve/CVE-2014-0458.html https://www.redhat.com/security/data/cve/CVE-2014-0459.html https://www.redhat.com/security/data/cve/CVE-2014-0460.html https://www.redhat.com/security/data/cve/CVE-2014-0461.html https://www.redhat.com/security/data/cve/CVE-2014-1876.html https://www.redhat.com/security/data/cve/CVE-2014-2397.html https://www.redhat.com/security/data/cve/CVE-2014-2398.html https://www.redhat.com/security/data/cve/CVE-2014-2402.html https://www.redhat.com/security/data/cve/CVE-2014-2403.html https://www.redhat.com/security/data/cve/CVE-2014-2412.html https://www.redhat.com/security/data/cve/CVE-2014-2413.html https://www.redhat.com/security/data/cve/CVE-2014-2414.html https://www.redhat.com/security/data/cve/CVE-2014-2421.html https://www.redhat.com/security/data/cve/CVE-2014-2423.html https://www.redhat.com/security/data/cve/CVE-2014-2427.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl12dXlSAg2UNWIIRAmMnAKDBn3yRFrjgZ2r2Pgk1zNaojzDhXACdE8EM WC6ur//nCsBvA7rEK0zVQSI= =mQDb -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:36:26 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:36:26 +0000 Subject: [RHSA-2014:0678-02] Important: kernel security update Message-ID: <201406101936.s5AJaRpN014179@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2014:0678-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0678.html Issue date: 2014-06-10 CVE Names: CVE-2014-0196 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel's N_TTY line discipline (LDISC) implementation handled concurrent processing of echo output and TTY write operations originating from user space when the underlying TTY driver was PTY. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-0196, Important) All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1094232 - CVE-2014-0196 kernel: pty layer race condition leading to memory corruption 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-123.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.1.2.el7.noarch.rpm x86_64: kernel-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.1.2.el7.x86_64.rpm kernel-devel-3.10.0-123.1.2.el7.x86_64.rpm kernel-headers-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.1.2.el7.x86_64.rpm perf-3.10.0-123.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: kernel-doc-3.10.0-123.1.2.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm python-perf-3.10.0-123.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-123.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.1.2.el7.noarch.rpm x86_64: kernel-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.1.2.el7.x86_64.rpm kernel-devel-3.10.0-123.1.2.el7.x86_64.rpm kernel-headers-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.1.2.el7.x86_64.rpm perf-3.10.0-123.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: kernel-doc-3.10.0-123.1.2.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm python-perf-3.10.0-123.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-123.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.1.2.el7.noarch.rpm ppc64: kernel-3.10.0-123.1.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-123.1.2.el7.ppc64.rpm kernel-debug-3.10.0-123.1.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-123.1.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-123.1.2.el7.ppc64.rpm kernel-devel-3.10.0-123.1.2.el7.ppc64.rpm kernel-headers-3.10.0-123.1.2.el7.ppc64.rpm kernel-tools-3.10.0-123.1.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-123.1.2.el7.ppc64.rpm perf-3.10.0-123.1.2.el7.ppc64.rpm perf-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm s390x: kernel-3.10.0-123.1.2.el7.s390x.rpm kernel-debug-3.10.0-123.1.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-123.1.2.el7.s390x.rpm kernel-debug-devel-3.10.0-123.1.2.el7.s390x.rpm kernel-debuginfo-3.10.0-123.1.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-123.1.2.el7.s390x.rpm kernel-devel-3.10.0-123.1.2.el7.s390x.rpm kernel-headers-3.10.0-123.1.2.el7.s390x.rpm kernel-kdump-3.10.0-123.1.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-123.1.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-123.1.2.el7.s390x.rpm perf-3.10.0-123.1.2.el7.s390x.rpm perf-debuginfo-3.10.0-123.1.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.s390x.rpm x86_64: kernel-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.1.2.el7.x86_64.rpm kernel-devel-3.10.0-123.1.2.el7.x86_64.rpm kernel-headers-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.1.2.el7.x86_64.rpm perf-3.10.0-123.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: kernel-doc-3.10.0-123.1.2.el7.noarch.rpm ppc64: kernel-debug-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-123.1.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-123.1.2.el7.ppc64.rpm perf-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm python-perf-3.10.0-123.1.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.ppc64.rpm s390x: kernel-debug-debuginfo-3.10.0-123.1.2.el7.s390x.rpm kernel-debuginfo-3.10.0-123.1.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-123.1.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-123.1.2.el7.s390x.rpm perf-debuginfo-3.10.0-123.1.2.el7.s390x.rpm python-perf-3.10.0-123.1.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.s390x.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm python-perf-3.10.0-123.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-123.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.1.2.el7.noarch.rpm x86_64: kernel-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.1.2.el7.x86_64.rpm kernel-devel-3.10.0-123.1.2.el7.x86_64.rpm kernel-headers-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.1.2.el7.x86_64.rpm perf-3.10.0-123.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: kernel-doc-3.10.0-123.1.2.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm python-perf-3.10.0-123.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.1.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0196.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl13yXlSAg2UNWIIRAlcRAJ9jfcysxf2wwpamOHxZ1xkvfhfNQACcD3cV COm6ik75/ztcYx+xwi0ACr8= =YLol -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:38:47 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:38:47 +0000 Subject: [RHSA-2014:0679-01] Important: openssl security update Message-ID: <201406101938.s5AJcl4j004556@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0679-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0679.html Issue date: 2014-06-10 CVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 ===================================================================== 1. Summary: Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, J?ri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gr?bert and Ivan Fratri? of Google as the original reporters of CVE-2014-3470. All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free 1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write() 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment 1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: openssl-1.0.1e-34.el7_0.3.src.rpm x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssl-1.0.1e-34.el7_0.3.src.rpm x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl-1.0.1e-34.el7_0.3.src.rpm ppc64: openssl-1.0.1e-34.el7_0.3.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.3.ppc.rpm openssl-devel-1.0.1e-34.el7_0.3.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.3.ppc.rpm openssl-libs-1.0.1e-34.el7_0.3.ppc64.rpm s390x: openssl-1.0.1e-34.el7_0.3.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm openssl-devel-1.0.1e-34.el7_0.3.s390.rpm openssl-devel-1.0.1e-34.el7_0.3.s390x.rpm openssl-libs-1.0.1e-34.el7_0.3.s390.rpm openssl-libs-1.0.1e-34.el7_0.3.s390x.rpm x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: openssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.3.ppc64.rpm openssl-static-1.0.1e-34.el7_0.3.ppc.rpm openssl-static-1.0.1e-34.el7_0.3.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm openssl-perl-1.0.1e-34.el7_0.3.s390x.rpm openssl-static-1.0.1e-34.el7_0.3.s390.rpm openssl-static-1.0.1e-34.el7_0.3.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssl-1.0.1e-34.el7_0.3.src.rpm x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-5298.html https://www.redhat.com/security/data/cve/CVE-2014-0195.html https://www.redhat.com/security/data/cve/CVE-2014-0198.html https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://www.redhat.com/security/data/cve/CVE-2014-3470.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl161XlSAg2UNWIIRAiJlAKCiztPWPTBaVbDSJK/cEtvknFYpTACgur3t GHJznx5GNeKZ00848jTZ9hw= =48eV -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:39:27 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:39:27 +0000 Subject: [RHSA-2014:0680-01] Important: openssl098e security update Message-ID: <201406101939.s5AJdSoC017422@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openssl098e security update Advisory ID: RHSA-2014:0680-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0680.html Issue date: 2014-06-10 CVE Names: CVE-2014-0224 ===================================================================== 1. Summary: Updated openssl098e packages that fix one security issue are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433 Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue. All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: openssl098e-0.9.8e-29.el7_0.2.src.rpm x86_64: openssl098e-0.9.8e-29.el7_0.2.i686.rpm openssl098e-0.9.8e-29.el7_0.2.x86_64.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.i686.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssl098e-0.9.8e-29.el7_0.2.src.rpm x86_64: openssl098e-0.9.8e-29.el7_0.2.i686.rpm openssl098e-0.9.8e-29.el7_0.2.x86_64.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.i686.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl098e-0.9.8e-29.el7_0.2.src.rpm ppc64: openssl098e-0.9.8e-29.el7_0.2.ppc.rpm openssl098e-0.9.8e-29.el7_0.2.ppc64.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.ppc.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.ppc64.rpm s390x: openssl098e-0.9.8e-29.el7_0.2.s390.rpm openssl098e-0.9.8e-29.el7_0.2.s390x.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.s390.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.s390x.rpm x86_64: openssl098e-0.9.8e-29.el7_0.2.i686.rpm openssl098e-0.9.8e-29.el7_0.2.x86_64.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.i686.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssl098e-0.9.8e-29.el7_0.2.src.rpm x86_64: openssl098e-0.9.8e-29.el7_0.2.i686.rpm openssl098e-0.9.8e-29.el7_0.2.x86_64.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.i686.rpm openssl098e-debuginfo-0.9.8e-29.el7_0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl17cXlSAg2UNWIIRAm+bAJ4/w3OKsvukjJb+Dxzt/Y5Wbor2owCfaOFB /ISpx2udUvDe+FUiXTtb/TY= =f/pv -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:40:06 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:40:06 +0000 Subject: [RHSA-2014:0684-01] Important: gnutls security update Message-ID: <201406101940.s5AJe7eQ017595@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: gnutls security update Advisory ID: RHSA-2014:0684-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0684.html Issue date: 2014-06-10 CVE Names: CVE-2014-3465 CVE-2014-3466 ===================================================================== 1. Summary: Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) A NULL pointer dereference flaw was found in the way GnuTLS parsed X.509 certificates. A specially crafted certificate could cause a server or client application using GnuTLS to crash. (CVE-2014-3465) Red Hat would like to thank GnuTLS upstream for reporting these issues. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter of CVE-2014-3466. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS library must be restarted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1101734 - CVE-2014-3465 gnutls: gnutls_x509_dn_oid_name NULL pointer dereference 1101932 - CVE-2014-3466 gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: gnutls-3.1.18-9.el7_0.src.rpm x86_64: gnutls-3.1.18-9.el7_0.i686.rpm gnutls-3.1.18-9.el7_0.x86_64.rpm gnutls-dane-3.1.18-9.el7_0.i686.rpm gnutls-dane-3.1.18-9.el7_0.x86_64.rpm gnutls-debuginfo-3.1.18-9.el7_0.i686.rpm gnutls-debuginfo-3.1.18-9.el7_0.x86_64.rpm gnutls-utils-3.1.18-9.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: gnutls-c++-3.1.18-9.el7_0.i686.rpm gnutls-c++-3.1.18-9.el7_0.x86_64.rpm gnutls-debuginfo-3.1.18-9.el7_0.i686.rpm gnutls-debuginfo-3.1.18-9.el7_0.x86_64.rpm gnutls-devel-3.1.18-9.el7_0.i686.rpm gnutls-devel-3.1.18-9.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: gnutls-3.1.18-9.el7_0.src.rpm x86_64: gnutls-3.1.18-9.el7_0.i686.rpm gnutls-3.1.18-9.el7_0.x86_64.rpm gnutls-dane-3.1.18-9.el7_0.i686.rpm gnutls-dane-3.1.18-9.el7_0.x86_64.rpm gnutls-debuginfo-3.1.18-9.el7_0.i686.rpm gnutls-debuginfo-3.1.18-9.el7_0.x86_64.rpm gnutls-utils-3.1.18-9.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: gnutls-c++-3.1.18-9.el7_0.i686.rpm gnutls-c++-3.1.18-9.el7_0.x86_64.rpm gnutls-debuginfo-3.1.18-9.el7_0.i686.rpm gnutls-debuginfo-3.1.18-9.el7_0.x86_64.rpm gnutls-devel-3.1.18-9.el7_0.i686.rpm gnutls-devel-3.1.18-9.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: gnutls-3.1.18-9.el7_0.src.rpm ppc64: gnutls-3.1.18-9.el7_0.ppc.rpm gnutls-3.1.18-9.el7_0.ppc64.rpm gnutls-c++-3.1.18-9.el7_0.ppc.rpm gnutls-c++-3.1.18-9.el7_0.ppc64.rpm gnutls-dane-3.1.18-9.el7_0.ppc.rpm gnutls-dane-3.1.18-9.el7_0.ppc64.rpm gnutls-debuginfo-3.1.18-9.el7_0.ppc.rpm gnutls-debuginfo-3.1.18-9.el7_0.ppc64.rpm gnutls-devel-3.1.18-9.el7_0.ppc.rpm gnutls-devel-3.1.18-9.el7_0.ppc64.rpm gnutls-utils-3.1.18-9.el7_0.ppc64.rpm s390x: gnutls-3.1.18-9.el7_0.s390.rpm gnutls-3.1.18-9.el7_0.s390x.rpm gnutls-c++-3.1.18-9.el7_0.s390.rpm gnutls-c++-3.1.18-9.el7_0.s390x.rpm gnutls-dane-3.1.18-9.el7_0.s390.rpm gnutls-dane-3.1.18-9.el7_0.s390x.rpm gnutls-debuginfo-3.1.18-9.el7_0.s390.rpm gnutls-debuginfo-3.1.18-9.el7_0.s390x.rpm gnutls-devel-3.1.18-9.el7_0.s390.rpm gnutls-devel-3.1.18-9.el7_0.s390x.rpm gnutls-utils-3.1.18-9.el7_0.s390x.rpm x86_64: gnutls-3.1.18-9.el7_0.i686.rpm gnutls-3.1.18-9.el7_0.x86_64.rpm gnutls-c++-3.1.18-9.el7_0.i686.rpm gnutls-c++-3.1.18-9.el7_0.x86_64.rpm gnutls-dane-3.1.18-9.el7_0.i686.rpm gnutls-dane-3.1.18-9.el7_0.x86_64.rpm gnutls-debuginfo-3.1.18-9.el7_0.i686.rpm gnutls-debuginfo-3.1.18-9.el7_0.x86_64.rpm gnutls-devel-3.1.18-9.el7_0.i686.rpm gnutls-devel-3.1.18-9.el7_0.x86_64.rpm gnutls-utils-3.1.18-9.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: gnutls-3.1.18-9.el7_0.src.rpm x86_64: gnutls-3.1.18-9.el7_0.i686.rpm gnutls-3.1.18-9.el7_0.x86_64.rpm gnutls-c++-3.1.18-9.el7_0.i686.rpm gnutls-c++-3.1.18-9.el7_0.x86_64.rpm gnutls-dane-3.1.18-9.el7_0.i686.rpm gnutls-dane-3.1.18-9.el7_0.x86_64.rpm gnutls-debuginfo-3.1.18-9.el7_0.i686.rpm gnutls-debuginfo-3.1.18-9.el7_0.x86_64.rpm gnutls-devel-3.1.18-9.el7_0.i686.rpm gnutls-devel-3.1.18-9.el7_0.x86_64.rpm gnutls-utils-3.1.18-9.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3465.html https://www.redhat.com/security/data/cve/CVE-2014-3466.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl18BXlSAg2UNWIIRApZqAJ98XSaasj6O+eA5fOqHGj+6nNq+lQCff6oN dZSShIkXHR7fLLnyFsAaYl8= =4hYG -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:41:10 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:41:10 +0000 Subject: [RHSA-2014:0685-01] Important: java-1.6.0-openjdk security update Message-ID: <201406101941.s5AJfAS2005540@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: RHSA-2014:0685-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0685.html Issue date: 2014-06-10 CVE Names: CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2403 CVE-2014-2412 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, and Sound components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-0446, CVE-2014-2427) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1060907 - CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618) 1086632 - CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736) 1086645 - CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766) 1087409 - CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841) 1087411 - CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394) 1087413 - CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858) 1087417 - CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854) 1087423 - CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926) 1087426 - CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794) 1087427 - CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010) 1087428 - CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797) 1087430 - CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152) 1087431 - CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030) 1087434 - CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188) 1087436 - CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801) 1087439 - CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740) 1087441 - CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163) 1087442 - CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731) 1087443 - CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.src.rpm ppc64: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.ppc64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.ppc64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.3.el7_0.ppc64.rpm s390x: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.s390x.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.s390x.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.3.el7_0.s390x.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.ppc64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.3.el7_0.ppc64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.3.el7_0.ppc64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.3.el7_0.ppc64.rpm s390x: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.s390x.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.3.el7_0.s390x.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.3.el7_0.s390x.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.3.el7_0.s390x.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-6.1.13.3.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0429.html https://www.redhat.com/security/data/cve/CVE-2014-0446.html https://www.redhat.com/security/data/cve/CVE-2014-0451.html https://www.redhat.com/security/data/cve/CVE-2014-0452.html https://www.redhat.com/security/data/cve/CVE-2014-0453.html https://www.redhat.com/security/data/cve/CVE-2014-0456.html https://www.redhat.com/security/data/cve/CVE-2014-0457.html https://www.redhat.com/security/data/cve/CVE-2014-0458.html https://www.redhat.com/security/data/cve/CVE-2014-0460.html https://www.redhat.com/security/data/cve/CVE-2014-0461.html https://www.redhat.com/security/data/cve/CVE-2014-1876.html https://www.redhat.com/security/data/cve/CVE-2014-2397.html https://www.redhat.com/security/data/cve/CVE-2014-2398.html https://www.redhat.com/security/data/cve/CVE-2014-2403.html https://www.redhat.com/security/data/cve/CVE-2014-2412.html https://www.redhat.com/security/data/cve/CVE-2014-2414.html https://www.redhat.com/security/data/cve/CVE-2014-2421.html https://www.redhat.com/security/data/cve/CVE-2014-2423.html https://www.redhat.com/security/data/cve/CVE-2014-2427.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl19HXlSAg2UNWIIRAq1FAKCcJOeeA+O9uRaaNYj8d3S5wZgMkACgquDr jdZt5MYLjqAe9TTREjOCRII= =ZIn3 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:41:52 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:41:52 +0000 Subject: [RHSA-2014:0686-01] Important: tomcat security update Message-ID: <201406101941.s5AJfrPE030581@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: tomcat security update Advisory ID: RHSA-2014:0686-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0686.html Issue date: 2014-06-10 CVE Names: CVE-2013-4286 CVE-2013-4322 CVE-2014-0186 ===================================================================== 1. Summary: Updated tomcat packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch Red Hat Enterprise Linux Client Optional (v. 7) - noarch Red Hat Enterprise Linux ComputeNode (v. 7) - noarch Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Enterprise Linux Server Optional (v. 7) - noarch Red Hat Enterprise Linux Workstation (v. 7) - noarch Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was found that a fix for a previous security flaw introduced a regression that could cause a denial of service in Tomcat 7. A remote attacker could use this flaw to consume an excessive amount of CPU on the Tomcat server by sending a specially crafted request to that server. (CVE-2014-0186) It was found that when Tomcat 7 processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat 7 processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) All Tomcat 7 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1069905 - CVE-2013-4322 tomcat: incomplete fix for CVE-2012-3544 1069921 - CVE-2013-4286 tomcat: multiple content-length header poisoning flaws 1089884 - CVE-2014-0186 tomcat7: RHEL-7 regression causing DoS 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: tomcat-7.0.42-5.el7_0.src.rpm noarch: tomcat-servlet-3.0-api-7.0.42-5.el7_0.noarch.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: tomcat-7.0.42-5.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-5.el7_0.noarch.rpm tomcat-docs-webapp-7.0.42-5.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-javadoc-7.0.42-5.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-jsvc-7.0.42-5.el7_0.noarch.rpm tomcat-lib-7.0.42-5.el7_0.noarch.rpm tomcat-webapps-7.0.42-5.el7_0.noarch.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: tomcat-7.0.42-5.el7_0.src.rpm noarch: tomcat-servlet-3.0-api-7.0.42-5.el7_0.noarch.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: tomcat-7.0.42-5.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-5.el7_0.noarch.rpm tomcat-docs-webapp-7.0.42-5.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-javadoc-7.0.42-5.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-jsvc-7.0.42-5.el7_0.noarch.rpm tomcat-lib-7.0.42-5.el7_0.noarch.rpm tomcat-webapps-7.0.42-5.el7_0.noarch.rpm Red Hat Enterprise Linux Server (v. 7): Source: tomcat-7.0.42-5.el7_0.src.rpm noarch: tomcat-7.0.42-5.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-5.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-lib-7.0.42-5.el7_0.noarch.rpm tomcat-servlet-3.0-api-7.0.42-5.el7_0.noarch.rpm tomcat-webapps-7.0.42-5.el7_0.noarch.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: tomcat-7.0.42-5.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-5.el7_0.noarch.rpm tomcat-docs-webapp-7.0.42-5.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-javadoc-7.0.42-5.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-jsvc-7.0.42-5.el7_0.noarch.rpm tomcat-lib-7.0.42-5.el7_0.noarch.rpm tomcat-webapps-7.0.42-5.el7_0.noarch.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: tomcat-7.0.42-5.el7_0.src.rpm noarch: tomcat-7.0.42-5.el7_0.noarch.rpm tomcat-admin-webapps-7.0.42-5.el7_0.noarch.rpm tomcat-el-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-jsp-2.2-api-7.0.42-5.el7_0.noarch.rpm tomcat-lib-7.0.42-5.el7_0.noarch.rpm tomcat-servlet-3.0-api-7.0.42-5.el7_0.noarch.rpm tomcat-webapps-7.0.42-5.el7_0.noarch.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: tomcat-docs-webapp-7.0.42-5.el7_0.noarch.rpm tomcat-javadoc-7.0.42-5.el7_0.noarch.rpm tomcat-jsvc-7.0.42-5.el7_0.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-4286.html https://www.redhat.com/security/data/cve/CVE-2013-4322.html https://www.redhat.com/security/data/cve/CVE-2014-0186.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl19oXlSAg2UNWIIRAtBbAKC7vobzGfmj7+XLqDJcyozhM9Jb1gCgp67/ eeFmagwqjXRCGIVdGbrAhW8= =diBu -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:42:29 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:42:29 +0000 Subject: [RHSA-2014:0687-01] Moderate: libtasn1 security update Message-ID: <201406101942.s5AJgTxq016674@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libtasn1 security update Advisory ID: RHSA-2014:0687-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0687.html Issue date: 2014-06-10 CVE Names: CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 ===================================================================== 1. Summary: Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. All libtasn1 users are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the libtasn1 library must be restarted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1102022 - CVE-2014-3467 libtasn1: multiple boundary check issues 1102323 - CVE-2014-3468 libtasn1: asn1_get_bit_der() can return negative bit length 1102329 - CVE-2014-3469 libtasn1: asn1_read_value_type() NULL pointer dereference 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libtasn1-3.3-5.el7_0.src.rpm x86_64: libtasn1-3.3-5.el7_0.i686.rpm libtasn1-3.3-5.el7_0.x86_64.rpm libtasn1-debuginfo-3.3-5.el7_0.i686.rpm libtasn1-debuginfo-3.3-5.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libtasn1-debuginfo-3.3-5.el7_0.i686.rpm libtasn1-debuginfo-3.3-5.el7_0.x86_64.rpm libtasn1-devel-3.3-5.el7_0.i686.rpm libtasn1-devel-3.3-5.el7_0.x86_64.rpm libtasn1-tools-3.3-5.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libtasn1-3.3-5.el7_0.src.rpm x86_64: libtasn1-3.3-5.el7_0.i686.rpm libtasn1-3.3-5.el7_0.x86_64.rpm libtasn1-debuginfo-3.3-5.el7_0.i686.rpm libtasn1-debuginfo-3.3-5.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libtasn1-debuginfo-3.3-5.el7_0.i686.rpm libtasn1-debuginfo-3.3-5.el7_0.x86_64.rpm libtasn1-devel-3.3-5.el7_0.i686.rpm libtasn1-devel-3.3-5.el7_0.x86_64.rpm libtasn1-tools-3.3-5.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libtasn1-3.3-5.el7_0.src.rpm ppc64: libtasn1-3.3-5.el7_0.ppc.rpm libtasn1-3.3-5.el7_0.ppc64.rpm libtasn1-debuginfo-3.3-5.el7_0.ppc.rpm libtasn1-debuginfo-3.3-5.el7_0.ppc64.rpm libtasn1-devel-3.3-5.el7_0.ppc.rpm libtasn1-devel-3.3-5.el7_0.ppc64.rpm s390x: libtasn1-3.3-5.el7_0.s390.rpm libtasn1-3.3-5.el7_0.s390x.rpm libtasn1-debuginfo-3.3-5.el7_0.s390.rpm libtasn1-debuginfo-3.3-5.el7_0.s390x.rpm libtasn1-devel-3.3-5.el7_0.s390.rpm libtasn1-devel-3.3-5.el7_0.s390x.rpm x86_64: libtasn1-3.3-5.el7_0.i686.rpm libtasn1-3.3-5.el7_0.x86_64.rpm libtasn1-debuginfo-3.3-5.el7_0.i686.rpm libtasn1-debuginfo-3.3-5.el7_0.x86_64.rpm libtasn1-devel-3.3-5.el7_0.i686.rpm libtasn1-devel-3.3-5.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libtasn1-debuginfo-3.3-5.el7_0.ppc64.rpm libtasn1-tools-3.3-5.el7_0.ppc64.rpm s390x: libtasn1-debuginfo-3.3-5.el7_0.s390x.rpm libtasn1-tools-3.3-5.el7_0.s390x.rpm x86_64: libtasn1-debuginfo-3.3-5.el7_0.x86_64.rpm libtasn1-tools-3.3-5.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libtasn1-3.3-5.el7_0.src.rpm x86_64: libtasn1-3.3-5.el7_0.i686.rpm libtasn1-3.3-5.el7_0.x86_64.rpm libtasn1-debuginfo-3.3-5.el7_0.i686.rpm libtasn1-debuginfo-3.3-5.el7_0.x86_64.rpm libtasn1-devel-3.3-5.el7_0.i686.rpm libtasn1-devel-3.3-5.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libtasn1-debuginfo-3.3-5.el7_0.x86_64.rpm libtasn1-tools-3.3-5.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3467.html https://www.redhat.com/security/data/cve/CVE-2014-3468.html https://www.redhat.com/security/data/cve/CVE-2014-3469.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl1+TXlSAg2UNWIIRAvb4AKCoflLnTTWaZ3VGaQvJKrNHvKwduQCfV74a y7US/BZBfYfjJYYpeKWDYtw= =MASP -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:43:06 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:43:06 +0000 Subject: [RHSA-2014:0702-01] Moderate: mariadb security update Message-ID: <201406101943.s5AJh6os021941@int-mx12.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: mariadb security update Advisory ID: RHSA-2014:0702-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0702.html Issue date: 2014-06-10 CVE Names: CVE-2014-0384 CVE-2014-2419 CVE-2014-2430 CVE-2014-2431 CVE-2014-2432 CVE-2014-2436 CVE-2014-2438 CVE-2014-2440 ===================================================================== 1. Summary: Updated mariadb packages that fix several security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2014-2436, CVE-2014-2440, CVE-2014-0384, CVE-2014-2419, CVE-2014-2430, CVE-2014-2431, CVE-2014-2432, CVE-2014-2438) These updated packages upgrade MariaDB to version 5.5.37. Refer to the MariaDB Release Notes listed in the References section for a complete list of changes. All MariaDB users should upgrade to these updated packages, which correct these issues. After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1088133 - CVE-2014-0384 mysql: unspecified DoS related to XML (CPU April 2014) 1088134 - CVE-2014-2419 mysql: unspecified DoS related to Partition (CPU April 2014) 1088143 - CVE-2014-2430 mysql: unspecified DoS related to Performance Schema (CPU April 2014) 1088146 - CVE-2014-2431 mysql: unspecified DoS related to Options (CPU April 2014) 1088179 - CVE-2014-2432 mysql: unspecified DoS related to Federated (CPU April 2014) 1088190 - CVE-2014-2436 mysql: unspecified vulnerability related to RBR (CPU April 2014) 1088191 - CVE-2014-2438 mysql: unspecified DoS related to Replication (CPU April 2014) 1088197 - CVE-2014-2440 mysql: unspecified vulnerability related to Client (CPU April 2014) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: mariadb-5.5.37-1.el7_0.src.rpm x86_64: mariadb-5.5.37-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.37-1.el7_0.i686.rpm mariadb-debuginfo-5.5.37-1.el7_0.x86_64.rpm mariadb-libs-5.5.37-1.el7_0.i686.rpm mariadb-libs-5.5.37-1.el7_0.x86_64.rpm mariadb-server-5.5.37-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: mariadb-bench-5.5.37-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.37-1.el7_0.i686.rpm mariadb-debuginfo-5.5.37-1.el7_0.x86_64.rpm mariadb-devel-5.5.37-1.el7_0.i686.rpm mariadb-devel-5.5.37-1.el7_0.x86_64.rpm mariadb-embedded-5.5.37-1.el7_0.i686.rpm mariadb-embedded-5.5.37-1.el7_0.x86_64.rpm mariadb-embedded-devel-5.5.37-1.el7_0.i686.rpm mariadb-embedded-devel-5.5.37-1.el7_0.x86_64.rpm mariadb-test-5.5.37-1.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: mariadb-5.5.37-1.el7_0.src.rpm x86_64: mariadb-5.5.37-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.37-1.el7_0.i686.rpm mariadb-debuginfo-5.5.37-1.el7_0.x86_64.rpm mariadb-libs-5.5.37-1.el7_0.i686.rpm mariadb-libs-5.5.37-1.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: mariadb-bench-5.5.37-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.37-1.el7_0.i686.rpm mariadb-debuginfo-5.5.37-1.el7_0.x86_64.rpm mariadb-devel-5.5.37-1.el7_0.i686.rpm mariadb-devel-5.5.37-1.el7_0.x86_64.rpm mariadb-embedded-5.5.37-1.el7_0.i686.rpm mariadb-embedded-5.5.37-1.el7_0.x86_64.rpm mariadb-embedded-devel-5.5.37-1.el7_0.i686.rpm mariadb-embedded-devel-5.5.37-1.el7_0.x86_64.rpm mariadb-server-5.5.37-1.el7_0.x86_64.rpm mariadb-test-5.5.37-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: mariadb-5.5.37-1.el7_0.src.rpm ppc64: mariadb-5.5.37-1.el7_0.ppc64.rpm mariadb-bench-5.5.37-1.el7_0.ppc64.rpm mariadb-debuginfo-5.5.37-1.el7_0.ppc.rpm mariadb-debuginfo-5.5.37-1.el7_0.ppc64.rpm mariadb-devel-5.5.37-1.el7_0.ppc.rpm mariadb-devel-5.5.37-1.el7_0.ppc64.rpm mariadb-libs-5.5.37-1.el7_0.ppc.rpm mariadb-libs-5.5.37-1.el7_0.ppc64.rpm mariadb-server-5.5.37-1.el7_0.ppc64.rpm mariadb-test-5.5.37-1.el7_0.ppc64.rpm s390x: mariadb-5.5.37-1.el7_0.s390x.rpm mariadb-bench-5.5.37-1.el7_0.s390x.rpm mariadb-debuginfo-5.5.37-1.el7_0.s390.rpm mariadb-debuginfo-5.5.37-1.el7_0.s390x.rpm mariadb-devel-5.5.37-1.el7_0.s390.rpm mariadb-devel-5.5.37-1.el7_0.s390x.rpm mariadb-libs-5.5.37-1.el7_0.s390.rpm mariadb-libs-5.5.37-1.el7_0.s390x.rpm mariadb-server-5.5.37-1.el7_0.s390x.rpm mariadb-test-5.5.37-1.el7_0.s390x.rpm x86_64: mariadb-5.5.37-1.el7_0.x86_64.rpm mariadb-bench-5.5.37-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.37-1.el7_0.i686.rpm mariadb-debuginfo-5.5.37-1.el7_0.x86_64.rpm mariadb-devel-5.5.37-1.el7_0.i686.rpm mariadb-devel-5.5.37-1.el7_0.x86_64.rpm mariadb-libs-5.5.37-1.el7_0.i686.rpm mariadb-libs-5.5.37-1.el7_0.x86_64.rpm mariadb-server-5.5.37-1.el7_0.x86_64.rpm mariadb-test-5.5.37-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: mariadb-debuginfo-5.5.37-1.el7_0.ppc.rpm mariadb-debuginfo-5.5.37-1.el7_0.ppc64.rpm mariadb-embedded-5.5.37-1.el7_0.ppc.rpm mariadb-embedded-5.5.37-1.el7_0.ppc64.rpm mariadb-embedded-devel-5.5.37-1.el7_0.ppc.rpm mariadb-embedded-devel-5.5.37-1.el7_0.ppc64.rpm s390x: mariadb-debuginfo-5.5.37-1.el7_0.s390.rpm mariadb-debuginfo-5.5.37-1.el7_0.s390x.rpm mariadb-embedded-5.5.37-1.el7_0.s390.rpm mariadb-embedded-5.5.37-1.el7_0.s390x.rpm mariadb-embedded-devel-5.5.37-1.el7_0.s390.rpm mariadb-embedded-devel-5.5.37-1.el7_0.s390x.rpm x86_64: mariadb-debuginfo-5.5.37-1.el7_0.i686.rpm mariadb-debuginfo-5.5.37-1.el7_0.x86_64.rpm mariadb-embedded-5.5.37-1.el7_0.i686.rpm mariadb-embedded-5.5.37-1.el7_0.x86_64.rpm mariadb-embedded-devel-5.5.37-1.el7_0.i686.rpm mariadb-embedded-devel-5.5.37-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: mariadb-5.5.37-1.el7_0.src.rpm x86_64: mariadb-5.5.37-1.el7_0.x86_64.rpm mariadb-bench-5.5.37-1.el7_0.x86_64.rpm mariadb-debuginfo-5.5.37-1.el7_0.i686.rpm mariadb-debuginfo-5.5.37-1.el7_0.x86_64.rpm mariadb-devel-5.5.37-1.el7_0.i686.rpm mariadb-devel-5.5.37-1.el7_0.x86_64.rpm mariadb-libs-5.5.37-1.el7_0.i686.rpm mariadb-libs-5.5.37-1.el7_0.x86_64.rpm mariadb-server-5.5.37-1.el7_0.x86_64.rpm mariadb-test-5.5.37-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: mariadb-debuginfo-5.5.37-1.el7_0.i686.rpm mariadb-debuginfo-5.5.37-1.el7_0.x86_64.rpm mariadb-embedded-5.5.37-1.el7_0.i686.rpm mariadb-embedded-5.5.37-1.el7_0.x86_64.rpm mariadb-embedded-devel-5.5.37-1.el7_0.i686.rpm mariadb-embedded-devel-5.5.37-1.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0384.html https://www.redhat.com/security/data/cve/CVE-2014-2419.html https://www.redhat.com/security/data/cve/CVE-2014-2430.html https://www.redhat.com/security/data/cve/CVE-2014-2431.html https://www.redhat.com/security/data/cve/CVE-2014-2432.html https://www.redhat.com/security/data/cve/CVE-2014-2436.html https://www.redhat.com/security/data/cve/CVE-2014-2438.html https://www.redhat.com/security/data/cve/CVE-2014-2440.html https://access.redhat.com/security/updates/classification/#moderate https://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL https://mariadb.com/kb/en/mariadb-5537-release-notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl1+5XlSAg2UNWIIRAlbUAJ4/rXPyaSb4KPcInkhgasn877XL/ACaAkZ4 AmqybAz/XJThbB5p+yzzJ0A= =2jQZ -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:44:02 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:44:02 +0000 Subject: [RHSA-2014:0703-01] Moderate: json-c security update Message-ID: <201406101944.s5AJi3tL017036@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: json-c security update Advisory ID: RHSA-2014:0703-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0703.html Issue date: 2014-06-10 CVE Names: CVE-2013-6370 CVE-2013-6371 ===================================================================== 1. Summary: Updated json-c packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: JSON-C implements a reference counting object model that allows you to easily construct JSON objects in C, output them as JSON-formatted strings, and parse JSON-formatted strings back into the C representation of JSON objects. Multiple buffer overflow flaws were found in the way the json-c library handled long strings in JSON documents. An attacker able to make an application using json-c parse excessively large JSON input could cause the application to crash. (CVE-2013-6370) A denial of service flaw was found in the implementation of hash arrays in json-c. An attacker could use this flaw to make an application using json-c consume an excessive amount of CPU time by providing a specially crafted JSON document that triggers multiple hash function collisions. To mitigate this issue, json-c now uses a different hash function and randomization to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2013-6371) These issues were discovered by Florian Weimer of the Red Hat Product Security Team. All json-c users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1032311 - CVE-2013-6371 json-c: hash collision DoS 1032322 - CVE-2013-6370 json-c: buffer overflow if size_t is larger than int 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: json-c-0.11-4.el7_0.src.rpm x86_64: json-c-0.11-4.el7_0.i686.rpm json-c-0.11-4.el7_0.x86_64.rpm json-c-debuginfo-0.11-4.el7_0.i686.rpm json-c-debuginfo-0.11-4.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: json-c-doc-0.11-4.el7_0.noarch.rpm x86_64: json-c-debuginfo-0.11-4.el7_0.i686.rpm json-c-debuginfo-0.11-4.el7_0.x86_64.rpm json-c-devel-0.11-4.el7_0.i686.rpm json-c-devel-0.11-4.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: json-c-0.11-4.el7_0.src.rpm x86_64: json-c-0.11-4.el7_0.i686.rpm json-c-0.11-4.el7_0.x86_64.rpm json-c-debuginfo-0.11-4.el7_0.i686.rpm json-c-debuginfo-0.11-4.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: json-c-doc-0.11-4.el7_0.noarch.rpm x86_64: json-c-debuginfo-0.11-4.el7_0.i686.rpm json-c-debuginfo-0.11-4.el7_0.x86_64.rpm json-c-devel-0.11-4.el7_0.i686.rpm json-c-devel-0.11-4.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: json-c-0.11-4.el7_0.src.rpm ppc64: json-c-0.11-4.el7_0.ppc.rpm json-c-0.11-4.el7_0.ppc64.rpm json-c-debuginfo-0.11-4.el7_0.ppc.rpm json-c-debuginfo-0.11-4.el7_0.ppc64.rpm s390x: json-c-0.11-4.el7_0.s390.rpm json-c-0.11-4.el7_0.s390x.rpm json-c-debuginfo-0.11-4.el7_0.s390.rpm json-c-debuginfo-0.11-4.el7_0.s390x.rpm x86_64: json-c-0.11-4.el7_0.i686.rpm json-c-0.11-4.el7_0.x86_64.rpm json-c-debuginfo-0.11-4.el7_0.i686.rpm json-c-debuginfo-0.11-4.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: json-c-doc-0.11-4.el7_0.noarch.rpm ppc64: json-c-debuginfo-0.11-4.el7_0.ppc.rpm json-c-debuginfo-0.11-4.el7_0.ppc64.rpm json-c-devel-0.11-4.el7_0.ppc.rpm json-c-devel-0.11-4.el7_0.ppc64.rpm s390x: json-c-debuginfo-0.11-4.el7_0.s390.rpm json-c-debuginfo-0.11-4.el7_0.s390x.rpm json-c-devel-0.11-4.el7_0.s390.rpm json-c-devel-0.11-4.el7_0.s390x.rpm x86_64: json-c-debuginfo-0.11-4.el7_0.i686.rpm json-c-debuginfo-0.11-4.el7_0.x86_64.rpm json-c-devel-0.11-4.el7_0.i686.rpm json-c-devel-0.11-4.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: json-c-0.11-4.el7_0.src.rpm x86_64: json-c-0.11-4.el7_0.i686.rpm json-c-0.11-4.el7_0.x86_64.rpm json-c-debuginfo-0.11-4.el7_0.i686.rpm json-c-debuginfo-0.11-4.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: json-c-doc-0.11-4.el7_0.noarch.rpm x86_64: json-c-debuginfo-0.11-4.el7_0.i686.rpm json-c-debuginfo-0.11-4.el7_0.x86_64.rpm json-c-devel-0.11-4.el7_0.i686.rpm json-c-devel-0.11-4.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-6370.html https://www.redhat.com/security/data/cve/CVE-2013-6371.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl1/iXlSAg2UNWIIRAiSZAKDFUb5xuuobGPJ5f4nsYWMGYUkErQCeLRVU yQjhh0G9QSzAAZIJZ4vGBVM= =6S0B -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 19:44:45 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 19:44:45 +0000 Subject: [RHSA-2014:0704-01] Moderate: qemu-kvm security and bug fix update Message-ID: <201406101944.s5AJioQ0008893@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qemu-kvm security and bug fix update Advisory ID: RHSA-2014:0704-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0704.html Issue date: 2014-06-10 CVE Names: CVE-2014-2894 ===================================================================== 1. Summary: Updated qemu-kvm packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide a user-space component to run virtual machines using KVM. An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-2894) This update also fixes the following bugs: * Prior to this update, a bug in the migration code caused the following error on specific machine types: after a Red Hat Enterprise Linux 6.5 guest was migrated from a Red Hat Enterprise Linux 6.5 host to a Red Hat Enterprise Linux 7.0 host and then restarted, the boot failed and the guest automatically restarted. Thus, the guest entered an endless loop. With this update, the migration code has been fixed and the Red Hat Enterprise Linux 6.5 guests migrated in the aforementioned scenario now boot properly. (BZ#1091322) * Due to a regression bug in the iSCSI driver, the qemu-kvm process terminated unexpectedly with a segmentation fault when the "write same" command was executed in guest mode under the iSCSI protocol. This update fixes the regression and the "write same" command now functions in guest mode under iSCSI as intended. (BZ#1090978) * Due to a mismatch in interrupt request (IRQ) routing, migration of a Red Hat Enterprise Linux 6.5 guest from a Red Hat Enterprise Linux 6.5 host to a Red Hat Enterprise Linux 7.0 host could produce a call trace. This happened if memory ballooning and a Universal Host Control Interface (UHCI) device were used at the same time on certain machine types. With this patch, the IRQ routing mismatch has been amended and the described migration now proceeds as expected. (BZ#1090981) * Previously, an internal error prevented KVM from executing a CPU hot plug on a Red Hat Enterprise Linux 7 guest running on a Red Hat Enterprise Linux 7 host. This update addresses the internal error and CPU hot plugging in the described scenario now functions correctly. (BZ#1094820) All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1087971 - CVE-2014-2894 QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART 1090978 - qemu-kvm: iSCSI: Failure. SENSE KEY:ILLEGAL_REQUEST(5) ASCQ:INVALID_FIELD_IN_CDB(0x2400) 1090981 - Guest hits call trace migrate from RHEL6.5 to RHEL7.0 host with -M 6.1 & balloon & uhci device 1091322 - fail to reboot guest after migration from RHEL6.5 host to RHEL7.0 host 1094820 - Hot plug CPU not working with RHEL6 machine types running on RHEL7 host. 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: qemu-kvm-1.5.3-60.el7_0.2.src.rpm x86_64: libcacard-1.5.3-60.el7_0.2.i686.rpm libcacard-1.5.3-60.el7_0.2.x86_64.rpm qemu-guest-agent-1.5.3-60.el7_0.2.x86_64.rpm qemu-img-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libcacard-devel-1.5.3-60.el7_0.2.i686.rpm libcacard-devel-1.5.3-60.el7_0.2.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: qemu-kvm-1.5.3-60.el7_0.2.src.rpm x86_64: qemu-guest-agent-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libcacard-1.5.3-60.el7_0.2.i686.rpm libcacard-1.5.3-60.el7_0.2.x86_64.rpm libcacard-devel-1.5.3-60.el7_0.2.i686.rpm libcacard-devel-1.5.3-60.el7_0.2.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.2.x86_64.rpm qemu-img-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: qemu-kvm-1.5.3-60.el7_0.2.src.rpm x86_64: libcacard-1.5.3-60.el7_0.2.i686.rpm libcacard-1.5.3-60.el7_0.2.x86_64.rpm qemu-guest-agent-1.5.3-60.el7_0.2.x86_64.rpm qemu-img-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): x86_64: libcacard-devel-1.5.3-60.el7_0.2.i686.rpm libcacard-devel-1.5.3-60.el7_0.2.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: qemu-kvm-1.5.3-60.el7_0.2.src.rpm x86_64: libcacard-1.5.3-60.el7_0.2.i686.rpm libcacard-1.5.3-60.el7_0.2.x86_64.rpm qemu-guest-agent-1.5.3-60.el7_0.2.x86_64.rpm qemu-img-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libcacard-devel-1.5.3-60.el7_0.2.i686.rpm libcacard-devel-1.5.3-60.el7_0.2.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.i686.rpm qemu-kvm-debuginfo-1.5.3-60.el7_0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-2894.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl2AXXlSAg2UNWIIRAtq8AJ9kR75m69PmYZkwR7Syx/aVYWs8EwCfV668 4N+HYT28HbyOkUFnmq4vR24= =yBvo -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 21:47:42 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 21:47:42 +0000 Subject: [RHSA-2014:0740-01] Important: kernel security and bug fix update Message-ID: <201406102147.s5ALlgU6013348@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:0740-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0740.html Issue date: 2014-06-10 CVE Names: CVE-2013-7339 CVE-2014-1737 CVE-2014-1738 ===================================================================== 1. Summary: Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091832) * A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly. (BZ#1092869) * Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152) * A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062) * When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1079214 - CVE-2013-7339 kernel: net: rds: dereference of a NULL device in rds_ib_laddr_check() 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: kernel-2.6.18-371.9.1.el5.src.rpm i386: kernel-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-devel-2.6.18-371.9.1.el5.i686.rpm kernel-debug-2.6.18-371.9.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-debug-devel-2.6.18-371.9.1.el5.i686.rpm kernel-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.i686.rpm kernel-devel-2.6.18-371.9.1.el5.i686.rpm kernel-headers-2.6.18-371.9.1.el5.i386.rpm kernel-xen-2.6.18-371.9.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-xen-devel-2.6.18-371.9.1.el5.i686.rpm noarch: kernel-doc-2.6.18-371.9.1.el5.noarch.rpm x86_64: kernel-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-371.9.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.x86_64.rpm kernel-devel-2.6.18-371.9.1.el5.x86_64.rpm kernel-headers-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-371.9.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: kernel-2.6.18-371.9.1.el5.src.rpm i386: kernel-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-devel-2.6.18-371.9.1.el5.i686.rpm kernel-debug-2.6.18-371.9.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-debug-devel-2.6.18-371.9.1.el5.i686.rpm kernel-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.i686.rpm kernel-devel-2.6.18-371.9.1.el5.i686.rpm kernel-headers-2.6.18-371.9.1.el5.i386.rpm kernel-xen-2.6.18-371.9.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-xen-devel-2.6.18-371.9.1.el5.i686.rpm ia64: kernel-2.6.18-371.9.1.el5.ia64.rpm kernel-debug-2.6.18-371.9.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.ia64.rpm kernel-debug-devel-2.6.18-371.9.1.el5.ia64.rpm kernel-debuginfo-2.6.18-371.9.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.ia64.rpm kernel-devel-2.6.18-371.9.1.el5.ia64.rpm kernel-headers-2.6.18-371.9.1.el5.ia64.rpm kernel-xen-2.6.18-371.9.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.ia64.rpm kernel-xen-devel-2.6.18-371.9.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-371.9.1.el5.noarch.rpm ppc: kernel-2.6.18-371.9.1.el5.ppc64.rpm kernel-debug-2.6.18-371.9.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-371.9.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-371.9.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.ppc64.rpm kernel-devel-2.6.18-371.9.1.el5.ppc64.rpm kernel-headers-2.6.18-371.9.1.el5.ppc.rpm kernel-headers-2.6.18-371.9.1.el5.ppc64.rpm kernel-kdump-2.6.18-371.9.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-371.9.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-371.9.1.el5.ppc64.rpm s390x: kernel-2.6.18-371.9.1.el5.s390x.rpm kernel-debug-2.6.18-371.9.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.s390x.rpm kernel-debug-devel-2.6.18-371.9.1.el5.s390x.rpm kernel-debuginfo-2.6.18-371.9.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.s390x.rpm kernel-devel-2.6.18-371.9.1.el5.s390x.rpm kernel-headers-2.6.18-371.9.1.el5.s390x.rpm kernel-kdump-2.6.18-371.9.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-371.9.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-371.9.1.el5.s390x.rpm x86_64: kernel-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-371.9.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.x86_64.rpm kernel-devel-2.6.18-371.9.1.el5.x86_64.rpm kernel-headers-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-371.9.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-7339.html https://www.redhat.com/security/data/cve/CVE-2014-1737.html https://www.redhat.com/security/data/cve/CVE-2014-1738.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl3zNXlSAg2UNWIIRAlU5AJoCSLPcoMzRWP1rYW5zjlJ5rLYAAgCgto1p 5+pet0YEvVn0+nS2zYOFrko= =h0m5 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 21:48:35 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 21:48:35 +0000 Subject: [RHSA-2014:0741-01] Critical: firefox security update Message-ID: <201406102148.s5ALmaxl013525@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2014:0741-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0741.html Issue date: 2014-06-10 CVE Names: CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 ===================================================================== 1. Summary: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.6.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.6.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1107399 - CVE-2014-1533 Mozilla: Miscellaneous memory safety hazards (rv:24.6) (MFSA 2014-48) 1107421 - CVE-2014-1538 Mozilla: Use-after-free and out of bounds issues found using Address Sanitizer (MFSA 2014-49) 1107424 - CVE-2014-1541 Mozilla: Use-after-free with SMIL Animation Controller (MFSA 2014-52) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: firefox-24.6.0-1.el5_10.src.rpm i386: firefox-24.6.0-1.el5_10.i386.rpm firefox-debuginfo-24.6.0-1.el5_10.i386.rpm x86_64: firefox-24.6.0-1.el5_10.i386.rpm firefox-24.6.0-1.el5_10.x86_64.rpm firefox-debuginfo-24.6.0-1.el5_10.i386.rpm firefox-debuginfo-24.6.0-1.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: firefox-24.6.0-1.el5_10.src.rpm i386: firefox-24.6.0-1.el5_10.i386.rpm firefox-debuginfo-24.6.0-1.el5_10.i386.rpm ia64: firefox-24.6.0-1.el5_10.ia64.rpm firefox-debuginfo-24.6.0-1.el5_10.ia64.rpm ppc: firefox-24.6.0-1.el5_10.ppc.rpm firefox-debuginfo-24.6.0-1.el5_10.ppc.rpm s390x: firefox-24.6.0-1.el5_10.s390.rpm firefox-24.6.0-1.el5_10.s390x.rpm firefox-debuginfo-24.6.0-1.el5_10.s390.rpm firefox-debuginfo-24.6.0-1.el5_10.s390x.rpm x86_64: firefox-24.6.0-1.el5_10.i386.rpm firefox-24.6.0-1.el5_10.x86_64.rpm firefox-debuginfo-24.6.0-1.el5_10.i386.rpm firefox-debuginfo-24.6.0-1.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: firefox-24.6.0-1.el6_5.src.rpm i386: firefox-24.6.0-1.el6_5.i686.rpm firefox-debuginfo-24.6.0-1.el6_5.i686.rpm x86_64: firefox-24.6.0-1.el6_5.i686.rpm firefox-24.6.0-1.el6_5.x86_64.rpm firefox-debuginfo-24.6.0-1.el6_5.i686.rpm firefox-debuginfo-24.6.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: firefox-24.6.0-1.el6_5.src.rpm x86_64: firefox-24.6.0-1.el6_5.i686.rpm firefox-24.6.0-1.el6_5.x86_64.rpm firefox-debuginfo-24.6.0-1.el6_5.i686.rpm firefox-debuginfo-24.6.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: firefox-24.6.0-1.el6_5.src.rpm i386: firefox-24.6.0-1.el6_5.i686.rpm firefox-debuginfo-24.6.0-1.el6_5.i686.rpm ppc64: firefox-24.6.0-1.el6_5.ppc.rpm firefox-24.6.0-1.el6_5.ppc64.rpm firefox-debuginfo-24.6.0-1.el6_5.ppc.rpm firefox-debuginfo-24.6.0-1.el6_5.ppc64.rpm s390x: firefox-24.6.0-1.el6_5.s390.rpm firefox-24.6.0-1.el6_5.s390x.rpm firefox-debuginfo-24.6.0-1.el6_5.s390.rpm firefox-debuginfo-24.6.0-1.el6_5.s390x.rpm x86_64: firefox-24.6.0-1.el6_5.i686.rpm firefox-24.6.0-1.el6_5.x86_64.rpm firefox-debuginfo-24.6.0-1.el6_5.i686.rpm firefox-debuginfo-24.6.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: firefox-24.6.0-1.el6_5.src.rpm i386: firefox-24.6.0-1.el6_5.i686.rpm firefox-debuginfo-24.6.0-1.el6_5.i686.rpm x86_64: firefox-24.6.0-1.el6_5.i686.rpm firefox-24.6.0-1.el6_5.x86_64.rpm firefox-debuginfo-24.6.0-1.el6_5.i686.rpm firefox-debuginfo-24.6.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: firefox-24.6.0-1.el7_0.src.rpm xulrunner-24.6.0-1.el7_0.src.rpm x86_64: firefox-24.6.0-1.el7_0.x86_64.rpm firefox-debuginfo-24.6.0-1.el7_0.x86_64.rpm xulrunner-24.6.0-1.el7_0.i686.rpm xulrunner-24.6.0-1.el7_0.x86_64.rpm xulrunner-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: firefox-24.6.0-1.el7_0.i686.rpm firefox-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.x86_64.rpm xulrunner-devel-24.6.0-1.el7_0.i686.rpm xulrunner-devel-24.6.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: xulrunner-24.6.0-1.el7_0.src.rpm x86_64: xulrunner-24.6.0-1.el7_0.i686.rpm xulrunner-24.6.0-1.el7_0.x86_64.rpm xulrunner-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.x86_64.rpm xulrunner-devel-24.6.0-1.el7_0.i686.rpm xulrunner-devel-24.6.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-24.6.0-1.el7_0.src.rpm xulrunner-24.6.0-1.el7_0.src.rpm ppc64: firefox-24.6.0-1.el7_0.ppc64.rpm firefox-debuginfo-24.6.0-1.el7_0.ppc64.rpm xulrunner-24.6.0-1.el7_0.ppc.rpm xulrunner-24.6.0-1.el7_0.ppc64.rpm xulrunner-debuginfo-24.6.0-1.el7_0.ppc.rpm xulrunner-debuginfo-24.6.0-1.el7_0.ppc64.rpm s390x: firefox-24.6.0-1.el7_0.s390x.rpm firefox-debuginfo-24.6.0-1.el7_0.s390x.rpm x86_64: firefox-24.6.0-1.el7_0.x86_64.rpm firefox-debuginfo-24.6.0-1.el7_0.x86_64.rpm xulrunner-24.6.0-1.el7_0.i686.rpm xulrunner-24.6.0-1.el7_0.x86_64.rpm xulrunner-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: xulrunner-24.6.0-1.el7_0.src.rpm ppc64: firefox-24.6.0-1.el7_0.ppc.rpm firefox-debuginfo-24.6.0-1.el7_0.ppc.rpm xulrunner-debuginfo-24.6.0-1.el7_0.ppc.rpm xulrunner-debuginfo-24.6.0-1.el7_0.ppc64.rpm xulrunner-devel-24.6.0-1.el7_0.ppc.rpm xulrunner-devel-24.6.0-1.el7_0.ppc64.rpm s390x: firefox-24.6.0-1.el7_0.s390.rpm firefox-debuginfo-24.6.0-1.el7_0.s390.rpm xulrunner-24.6.0-1.el7_0.s390.rpm xulrunner-24.6.0-1.el7_0.s390x.rpm xulrunner-debuginfo-24.6.0-1.el7_0.s390.rpm xulrunner-debuginfo-24.6.0-1.el7_0.s390x.rpm xulrunner-devel-24.6.0-1.el7_0.s390.rpm xulrunner-devel-24.6.0-1.el7_0.s390x.rpm x86_64: firefox-24.6.0-1.el7_0.i686.rpm firefox-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.x86_64.rpm xulrunner-devel-24.6.0-1.el7_0.i686.rpm xulrunner-devel-24.6.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: firefox-24.6.0-1.el7_0.src.rpm xulrunner-24.6.0-1.el7_0.src.rpm x86_64: firefox-24.6.0-1.el7_0.x86_64.rpm firefox-debuginfo-24.6.0-1.el7_0.x86_64.rpm xulrunner-24.6.0-1.el7_0.i686.rpm xulrunner-24.6.0-1.el7_0.x86_64.rpm xulrunner-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: firefox-24.6.0-1.el7_0.i686.rpm firefox-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.i686.rpm xulrunner-debuginfo-24.6.0-1.el7_0.x86_64.rpm xulrunner-devel-24.6.0-1.el7_0.i686.rpm xulrunner-devel-24.6.0-1.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1533.html https://www.redhat.com/security/data/cve/CVE-2014-1538.html https://www.redhat.com/security/data/cve/CVE-2014-1541.html https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.6 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl30hXlSAg2UNWIIRArYPAKC1l7FXM395K4R1cFjeprO5JVYwqgCfTmZd ATGYqQtRgsoSMHmVNBn/EKY= =riOh -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 21:49:14 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 21:49:14 +0000 Subject: [RHSA-2014:0742-01] Important: thunderbird security update Message-ID: <201406102149.s5ALnF0d012326@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: thunderbird security update Advisory ID: RHSA-2014:0742-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0742.html Issue date: 2014-06-10 CVE Names: CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 ===================================================================== 1. Summary: An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.6.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.6.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1107399 - CVE-2014-1533 Mozilla: Miscellaneous memory safety hazards (rv:24.6) (MFSA 2014-48) 1107421 - CVE-2014-1538 Mozilla: Use-after-free and out of bounds issues found using Address Sanitizer (MFSA 2014-49) 1107424 - CVE-2014-1541 Mozilla: Use-after-free with SMIL Animation Controller (MFSA 2014-52) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: thunderbird-24.6.0-1.el5_10.src.rpm i386: thunderbird-24.6.0-1.el5_10.i386.rpm thunderbird-debuginfo-24.6.0-1.el5_10.i386.rpm x86_64: thunderbird-24.6.0-1.el5_10.x86_64.rpm thunderbird-debuginfo-24.6.0-1.el5_10.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): Source: thunderbird-24.6.0-1.el5_10.src.rpm i386: thunderbird-24.6.0-1.el5_10.i386.rpm thunderbird-debuginfo-24.6.0-1.el5_10.i386.rpm x86_64: thunderbird-24.6.0-1.el5_10.x86_64.rpm thunderbird-debuginfo-24.6.0-1.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: thunderbird-24.6.0-1.el6_5.src.rpm i386: thunderbird-24.6.0-1.el6_5.i686.rpm thunderbird-debuginfo-24.6.0-1.el6_5.i686.rpm x86_64: thunderbird-24.6.0-1.el6_5.x86_64.rpm thunderbird-debuginfo-24.6.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: thunderbird-24.6.0-1.el6_5.src.rpm i386: thunderbird-24.6.0-1.el6_5.i686.rpm thunderbird-debuginfo-24.6.0-1.el6_5.i686.rpm ppc64: thunderbird-24.6.0-1.el6_5.ppc64.rpm thunderbird-debuginfo-24.6.0-1.el6_5.ppc64.rpm s390x: thunderbird-24.6.0-1.el6_5.s390x.rpm thunderbird-debuginfo-24.6.0-1.el6_5.s390x.rpm x86_64: thunderbird-24.6.0-1.el6_5.x86_64.rpm thunderbird-debuginfo-24.6.0-1.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: thunderbird-24.6.0-1.el6_5.src.rpm i386: thunderbird-24.6.0-1.el6_5.i686.rpm thunderbird-debuginfo-24.6.0-1.el6_5.i686.rpm x86_64: thunderbird-24.6.0-1.el6_5.x86_64.rpm thunderbird-debuginfo-24.6.0-1.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1533.html https://www.redhat.com/security/data/cve/CVE-2014-1538.html https://www.redhat.com/security/data/cve/CVE-2014-1541.html https://access.redhat.com/security/updates/classification/#important https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.6 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl31EXlSAg2UNWIIRAt/PAKCIDL9f8TfaxDDTZWLC2EfslRjAngCeLKa6 OiIZWFKmmDtpxwfot+AWoqM= =vLQ2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 10 21:49:48 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Jun 2014 21:49:48 +0000 Subject: [RHSA-2014:0743-01] Moderate: qemu-kvm security and bug fix update Message-ID: <201406102149.s5ALnpXi012435@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qemu-kvm security and bug fix update Advisory ID: RHSA-2014:0743-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0743.html Issue date: 2014-06-10 CVE Names: CVE-2013-4148 CVE-2013-4151 CVE-2013-4535 CVE-2013-4536 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-2894 CVE-2014-3461 ===================================================================== 1. Summary: Updated qemu-kvm packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way the virtio, virtio-net, virtio-scsi, and usb drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-2894) The CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, and CVE-2014-3461 issues were discovered by Michael S. Tsirkin of Red Hat, Anthony Liguori, and Michael Roth. This update also fixes the following bugs: * Previously, under certain circumstances, libvirt failed to start guests which used a non-zero PCI domain and SR-IOV Virtual Functions (VFs), and returned the following error message: Can't assign device inside non-zero PCI segment as this KVM module doesn't support it. This update fixes this issue and guests using the aforementioned configuration no longer fail to start. (BZ#1099941) * Due to an incorrect initialization of the cpus_sts bitmap, which holds the enablement status of a vCPU, libvirt could fail to start a guest with an unusual vCPU topology (for example, a guest with three cores and two sockets). With this update, the initialization of cpus_sts has been corrected, and libvirt no longer fails to start the aforementioned guests. (BZ#1100575) All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1066334 - CVE-2013-4148 qemu: virtio-net: buffer overflow on invalid state load 1066342 - CVE-2013-4151 qemu: virtio: out-of-bounds buffer write on invalid state load 1066361 - CVE-2013-6399 qemu: virtio: buffer overrun on incoming migration 1066382 - CVE-2013-4542 qemu: virtio-scsi: buffer overrun on invalid state load 1066384 - CVE-2013-4541 qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load 1066401 - CVE-2013-4535 CVE-2013-4536 qemu: virtio: insufficient validation of num_sg when mapping 1087971 - CVE-2014-2894 QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART 1088986 - CVE-2014-0182 qemu: virtio: out-of-bounds buffer write on state load with invalid config_len 1096821 - CVE-2014-3461 Qemu: usb: fix up post load checks 1100575 - Some vCPU topologies not accepted by libvirt 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: qemu-kvm-0.12.1.2-2.415.el6_5.10.src.rpm i386: qemu-guest-agent-0.12.1.2-2.415.el6_5.10.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.10.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-img-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.415.el6_5.10.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: qemu-kvm-0.12.1.2-2.415.el6_5.10.src.rpm x86_64: qemu-guest-agent-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-img-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.415.el6_5.10.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: qemu-kvm-0.12.1.2-2.415.el6_5.10.src.rpm i386: qemu-guest-agent-0.12.1.2-2.415.el6_5.10.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.10.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-img-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.415.el6_5.10.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: qemu-kvm-0.12.1.2-2.415.el6_5.10.src.rpm i386: qemu-guest-agent-0.12.1.2-2.415.el6_5.10.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.10.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-img-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.10.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.415.el6_5.10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-4148.html https://www.redhat.com/security/data/cve/CVE-2013-4151.html https://www.redhat.com/security/data/cve/CVE-2013-4535.html https://www.redhat.com/security/data/cve/CVE-2013-4536.html https://www.redhat.com/security/data/cve/CVE-2013-4541.html https://www.redhat.com/security/data/cve/CVE-2013-4542.html https://www.redhat.com/security/data/cve/CVE-2013-6399.html https://www.redhat.com/security/data/cve/CVE-2014-0182.html https://www.redhat.com/security/data/cve/CVE-2014-2894.html https://www.redhat.com/security/data/cve/CVE-2014-3461.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTl31qXlSAg2UNWIIRAtvwAJwPiQxEOQ/AsWD3iCg5gtlJ35G1NwCeO10p duhrlNvUcqV+Saiygbbr4mo= =KjU6 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 11 09:31:35 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Jun 2014 09:31:35 +0000 Subject: [RHSA-2014:0745-01] Critical: flash-plugin security update Message-ID: <201406110924.s5B9OnLP027345@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:0745-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0745.html Issue date: 2014-06-11 CVE Names: CVE-2014-0531 CVE-2014-0532 CVE-2014-0533 CVE-2014-0534 CVE-2014-0535 CVE-2014-0536 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-16, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0534, CVE-2014-0535, CVE-2014-0536) Multiple flaws in flash-plugin could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially crafted web page. (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.378. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1107822 - CVE-2014-0534 CVE-2014-0535 CVE-2014-0536 flash-plugin: arbitrary code execution flaws (APSB14-16) 1107823 - CVE-2014-0531 CVE-2014-0532 CVE-2014-0533 flash-plugin: multiple cross-site scripting flaws (APSB14-16) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.378-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.378-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.378-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.378-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.378-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.378-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.378-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.378-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.378-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.378-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0531.html https://www.redhat.com/security/data/cve/CVE-2014-0532.html https://www.redhat.com/security/data/cve/CVE-2014-0533.html https://www.redhat.com/security/data/cve/CVE-2014-0534.html https://www.redhat.com/security/data/cve/CVE-2014-0535.html https://www.redhat.com/security/data/cve/CVE-2014-0536.html https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-16.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTmB/VXlSAg2UNWIIRAui0AJ4ue6h6ArFI48FIv6w1DDNOEZDaBwCgsYtv djH8cHwfwVYfOzL8K4/neDs= =hqB0 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 11 17:28:13 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Jun 2014 17:28:13 +0000 Subject: [RHSA-2014:0747-01] Moderate: python-jinja2 security update Message-ID: <201406111728.s5BHSDnI013109@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python-jinja2 security update Advisory ID: RHSA-2014:0747-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0747.html Issue date: 2014-06-11 CVE Names: CVE-2014-1402 ===================================================================== 1. Summary: Updated python-jinja2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Jinja2 is a template engine written in pure Python. It provides a Django-inspired, non-XML syntax but supports inline expressions and an optional sandboxed environment. It was discovered that Jinja2 did not properly handle bytecode cache files stored in the system's temporary directory. A local attacker could use this flaw to alter the output of an application using Jinja2 and FileSystemBytecodeCache, and potentially execute arbitrary code with the privileges of that application. (CVE-2014-1402) All python-jinja2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications using python-jinja2 must be restarted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1051421 - CVE-2014-1402 python-jinja2: FileSystemBytecodeCache insecure cache temporary file use 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: python-jinja2-2.2.1-2.el6_5.src.rpm i386: python-jinja2-2.2.1-2.el6_5.i686.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.i686.rpm x86_64: python-jinja2-2.2.1-2.el6_5.x86_64.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: python-jinja2-2.2.1-2.el6_5.src.rpm x86_64: python-jinja2-2.2.1-2.el6_5.x86_64.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: python-jinja2-2.2.1-2.el6_5.src.rpm i386: python-jinja2-2.2.1-2.el6_5.i686.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.i686.rpm ppc64: python-jinja2-2.2.1-2.el6_5.ppc64.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.ppc64.rpm s390x: python-jinja2-2.2.1-2.el6_5.s390x.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.s390x.rpm x86_64: python-jinja2-2.2.1-2.el6_5.x86_64.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: python-jinja2-2.2.1-2.el6_5.src.rpm i386: python-jinja2-2.2.1-2.el6_5.i686.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.i686.rpm x86_64: python-jinja2-2.2.1-2.el6_5.x86_64.rpm python-jinja2-debuginfo-2.2.1-2.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1402.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTmJGgXlSAg2UNWIIRAgUUAJ9Ro6FKlq64ipZ+URxLpY1mCAJbsACbBWmY 9xN/ecw+MV7/KoWCTzVWXD0= =dVND -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 11 17:30:50 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Jun 2014 17:30:50 +0000 Subject: [RHSA-2014:0748-01] Moderate: python33-python-jinja2 and python27-python-jinja2 security update Message-ID: <201406111730.s5BHUoAE030420@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python33-python-jinja2 and python27-python-jinja2 security update Advisory ID: RHSA-2014:0748-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0748.html Issue date: 2014-06-11 CVE Names: CVE-2014-1402 ===================================================================== 1. Summary: Updated python33-python-jinja2 and python27-python-jinja2 packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: Jinja2 is a template engine written in pure Python. It provides a Django-inspired, non-XML syntax but supports inline expressions and an optional sandboxed environment. It was discovered that Jinja2 did not properly handle bytecode cache files stored in the system's temporary directory. A local attacker could use this flaw to alter the output of an application using Jinja2 and FileSystemBytecodeCache, and potentially execute arbitrary code with the privileges of that application. (CVE-2014-1402) All Jinja2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications using Jinja2 must be restarted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1051421 - CVE-2014-1402 python-jinja2: FileSystemBytecodeCache insecure cache temporary file use 6. Package List: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6): Source: python27-python-jinja2-2.6-10.el6.src.rpm python33-python-jinja2-2.6-11.el6.src.rpm noarch: python27-python-jinja2-2.6-10.el6.noarch.rpm python33-python-jinja2-2.6-11.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3): Source: python27-python-jinja2-2.6-10.el6.src.rpm python33-python-jinja2-2.6-11.el6.src.rpm noarch: python27-python-jinja2-2.6-10.el6.noarch.rpm python33-python-jinja2-2.6-11.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4): Source: python27-python-jinja2-2.6-10.el6.src.rpm python33-python-jinja2-2.6-11.el6.src.rpm noarch: python27-python-jinja2-2.6-10.el6.noarch.rpm python33-python-jinja2-2.6-11.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6): Source: python27-python-jinja2-2.6-10.el6.src.rpm python33-python-jinja2-2.6-11.el6.src.rpm noarch: python27-python-jinja2-2.6-10.el6.noarch.rpm python33-python-jinja2-2.6-11.el6.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7): Source: python27-python-jinja2-2.6-11.el7.src.rpm python33-python-jinja2-2.6-12.el7.src.rpm noarch: python27-python-jinja2-2.6-11.el7.noarch.rpm python33-python-jinja2-2.6-12.el7.noarch.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7): Source: python27-python-jinja2-2.6-11.el7.src.rpm python33-python-jinja2-2.6-12.el7.src.rpm noarch: python27-python-jinja2-2.6-11.el7.noarch.rpm python33-python-jinja2-2.6-12.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1402.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTmJG4XlSAg2UNWIIRAuqQAKDB5DtJx9/169MKon0kkNKrz0OGVgCfcCV4 NRfz9D5UrWuj05b4GJL7rA4= =0knn -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 18 20:32:16 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 Jun 2014 20:32:16 +0000 Subject: [RHSA-2014:0762-01] Critical: rubygem-openshift-origin-node security update Message-ID: <201406182032.s5IKWGdM021740@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: rubygem-openshift-origin-node security update Advisory ID: RHSA-2014:0762-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0762.html Issue date: 2014-06-18 CVE Names: CVE-2014-3496 ===================================================================== 1. Summary: An updated rubygem-openshift-origin-node package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.2.8. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Enterprise Node - noarch 3. Description: The rubygem-openshift-origin-node package provides basic OpenShift node functionality. A command injection flaw was found in rubygem-openshift-origin-node. A remote, authenticated user permitted to install cartridges via the web interface could use this flaw to execute arbitrary code with root privileges on the Red Hat OpenShift node server. (CVE-2014-3496) This issue was discovered by Jeremy Choi of the Red Hat HSS Pen-test Team. All rubygem-openshift-origin-node users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1110470 - CVE-2014-3496 OpenShift Origin: Command execution as root via downloadable cartridge source-url 6. Package List: Red Hat OpenShift Enterprise Node: Source: rubygem-openshift-origin-node-1.9.14.8-1.el6op.src.rpm noarch: rubygem-openshift-origin-node-1.9.14.8-1.el6op.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3496.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTofdBXlSAg2UNWIIRAqGdAKCDI22/qSK1VQALrp0r90cC2/yWzwCgq7Cx RpyPyP0OiVe3rgOi40gc3bo= =fwvA -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 18 20:32:43 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 Jun 2014 20:32:43 +0000 Subject: [RHSA-2014:0763-01] Critical: rubygem-openshift-origin-node security update Message-ID: <201406182032.s5IKWiJF015903@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: rubygem-openshift-origin-node security update Advisory ID: RHSA-2014:0763-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0763.html Issue date: 2014-06-18 CVE Names: CVE-2014-3496 ===================================================================== 1. Summary: An updated rubygem-openshift-origin-node package that fixes one security issue is now available for Red Hat OpenShift Enterprise 2.0.6. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHOSE Node 2.0 - noarch 3. Description: The rubygem-openshift-origin-node package provides basic OpenShift node functionality. A command injection flaw was found in rubygem-openshift-origin-node. A remote, authenticated user permitted to install cartridges via the web interface could use this flaw to execute arbitrary code with root privileges on the Red Hat OpenShift Enterprise node server. (CVE-2014-3496) This issue was discovered by Jeremy Choi of the Red Hat HSS Pen-test Team. All rubygem-openshift-origin-node users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1110470 - CVE-2014-3496 OpenShift Origin: Command execution as root via downloadable cartridge source-url 6. Package List: RHOSE Node 2.0: Source: rubygem-openshift-origin-node-1.17.5.17-1.el6op.src.rpm noarch: rubygem-openshift-origin-node-1.17.5.17-1.el6op.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3496.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTofdhXlSAg2UNWIIRAh9pAJ9AHfCJAyBO5p7TLUT+guMi58LxAACgp96/ 8BQXq/vJk9N2H9HOL8HMQLw= =ce4G -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 18 20:42:38 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 Jun 2014 20:42:38 +0000 Subject: [RHSA-2014:0764-01] Critical: rubygem-openshift-origin-node security update Message-ID: <201406182042.s5IKgc10015110@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: rubygem-openshift-origin-node security update Advisory ID: RHSA-2014:0764-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0764.html Issue date: 2014-06-18 CVE Names: CVE-2014-3496 ===================================================================== 1. Summary: An updated rubygem-openshift-origin-node package that fixes one security issue and several bugs is now available for Red Hat OpenShift Enterprise 2.1.1. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHOSE Node 2.1 - noarch 3. Description: The rubygem-openshift-origin-node package provides basic OpenShift node functionality. A command injection flaw was found in rubygem-openshift-origin-node. A remote, authenticated user permitted to install cartridges via the web interface could use this flaw to execute arbitrary code with root privileges on the Red Hat OpenShift Enterprise node server. (CVE-2014-3496) This issue was discovered by Jeremy Choi of the Red Hat HSS Pen-test Team. The rubygem-openshift-origin-node package has been upgraded to version 1.23.9.11. Additionally, the rubygem-openshift-origin-container-selinux package has been upgraded to version 0.8.1.2, as needed by the updated rubygem-openshift-origin-node package. This update also fixes the following bugs: * The syslog_logger.rb implementation on nodes made incorrect use of the Ruby Syslog library. Raw log message input was handled as a Syslog format string, causing failures for many application operations. This bug fix updates the implementation to correctly handle raw log message input, and the failures no longer occur. (BZ#1096900) * Under certain conditions, it was possible for the MCollective agent on nodes to fail to fully initialize while checking the status of a cartridge. This resulted in sporadic failures of rhc cartridge status. This bug fix ensures that the agent is always fully initialized. (BZ#1102399) * Developers encountered syntax errors when connecting to a gear using the 'rhc ssh' command if the gear was hosted on a node with quotas disabled. This was due to the command trying to report quota information but being given an empty string because quotas were disabled. This bug fix updates the handling for reporting on quotas when there is no information to report, and the syntax errors no longer occur. (BZ#1107801) * If a file containing invalid special characters was placed in an application's ~/.env/user_vars directory, subsequent interactions with the application using SSH or Git were refused. This was due to problems with the node component handling the invalid characters. This bug fix updates the node component to handle problematic files in ~/.env/user_vars; as a result, interactions with the application using SSH or Git succeed as normal. (BZ#1096833) All rubygem-openshift-origin-node users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1096833 - Errors in user_vars/* files block ssh access, git access 1096900 - Log messages are being interpolated by syslog_logger.rb, causing random app operation failures 1102399 - [new relic] undefined method `run_in_container_context' for nil:NilClass on INT nodes 1107801 - rhcsh quota check prints error messages on login if quotas are disabled 1110470 - CVE-2014-3496 OpenShift Origin: Command execution as root via downloadable cartridge source-url 6. Package List: RHOSE Node 2.1: Source: rubygem-openshift-origin-container-selinux-0.8.1.2-1.el6op.src.rpm rubygem-openshift-origin-node-1.23.9.11-1.el6op.src.rpm noarch: rubygem-openshift-origin-container-selinux-0.8.1.2-1.el6op.noarch.rpm rubygem-openshift-origin-node-1.23.9.11-1.el6op.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3496.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTofmzXlSAg2UNWIIRAnj6AKC+6xrzr1o8oU0HF6NNMVIVlNHfVQCgu33n 5/J3+eFNAHWZIzMZp1rHwXs= =uGKL -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 19 13:19:48 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 Jun 2014 13:19:48 +0000 Subject: [RHSA-2014:0770-01] Critical: foreman-proxy security update Message-ID: <201406191319.s5JDJnas030678@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: foreman-proxy security update Advisory ID: RHSA-2014:0770-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0770.html Issue date: 2014-06-19 CVE Names: CVE-2014-0007 ===================================================================== 1. Summary: An updated foreman-proxy package that fixes one security issue is now available for Red Hat Enterprise Linux OpenStack Platform 3.0 and 4.0. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 3.0 - noarch Red Hat Enterprise Linux OpenStack Platform 4.0 - noarch 3. Description: The foreman-proxy package provides a RESTful API to manage DNS, DHCP, TFTP, and Puppet settings, and can be used as part of Foreman. A shell command injection flaw was found in the way foreman-proxy verified URLs in the TFTP module. A remote attacker could use this flaw to execute arbitrary shell commands on the system with the privileges of the user running foreman-proxy. (CVE-2014-0007) This issue was discovered by Lukas Zapletal of Red Hat. Note that for Red Hat Enterprise Linux OpenStack Platform 3.0, Foreman was released as a Technology Preview. More information about Red Hat Technology Previews is available at https://access.redhat.com/site/support/offerings/techpreview/ All foreman-proxy users are advised to upgrade to this updated package, which corrects this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1105369 - CVE-2014-0007 foreman-proxy: smart-proxy remote command injection 6. Package List: Red Hat Enterprise Linux OpenStack Platform 3.0: Source: ruby193-foreman-proxy-1.1.10001-7.el6ost.src.rpm noarch: ruby193-foreman-proxy-1.1.10001-7.el6ost.noarch.rpm Red Hat Enterprise Linux OpenStack Platform 4.0: Source: foreman-proxy-1.3.0-5.el6sat.src.rpm noarch: foreman-proxy-1.3.0-5.el6sat.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0007.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTouNVXlSAg2UNWIIRArOlAKCre9oqM5oK6YcZmh5wIag0mV1WpACgoiFU d1Br9XvZKLgGK+4CoVOgbM4= =k7x5 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 19 18:05:30 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 Jun 2014 18:05:30 +0000 Subject: [RHSA-2014:0771-01] Important: kernel security and bug fix update Message-ID: <201406191805.s5JI5ULM014295@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:0771-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0771.html Issue date: 2014-06-19 CVE Names: CVE-2013-6378 CVE-2014-0203 CVE-2014-1737 CVE-2014-1738 CVE-2014-1874 CVE-2014-2039 CVE-2014-3153 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * It was discovered that the proc_ns_follow_link() function did not properly return the LAST_BIND value in the last pathname component as is expected for procfs symbolic links, which could lead to excessive freeing of memory and consequent slab corruption. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-0203, Moderate) * A flaw was found in the way the Linux kernel handled exceptions when user-space applications attempted to use the linkage stack. On IBM S/390 systems, a local, unprivileged user could use this flaw to crash the system. (CVE-2014-2039, Moderate) * An invalid pointer dereference flaw was found in the Marvell 8xxx Libertas WLAN (libertas) driver in the Linux kernel. A local user able to write to a file that is provided by the libertas driver and located on the debug file system (debugfs) could use this flaw to crash the system. Note: The debugfs file system must be mounted locally to exploit this issue. It is not mounted by default. (CVE-2013-6378, Low) * A denial of service flaw was discovered in the way the Linux kernel's SELinux implementation handled files with an empty SELinux security context. A local user who has the CAP_MAC_ADMIN capability could use this flaw to crash the system. (CVE-2014-1874, Low) Red Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153, Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738, and Vladimir Davydov of Parallels for reporting CVE-2014-0203. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1033578 - CVE-2013-6378 Kernel: drivers: libertas: potential oops in debugfs 1062356 - CVE-2014-1874 Kernel: SELinux: local denial-of-service 1067558 - CVE-2014-2039 Kernel: s390: crash due to linkage stack instructions 1094287 - ixgbevf prematurely strips VLAN tags [rhel-6.5.z] 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command 1094363 - CVE-2014-0203 kernel: fs: slab corruption due to the invalid last component type during do_filp_open() 1103626 - CVE-2014-3153 kernel: futex: pi futexes requeue issue 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-431.20.3.el6.src.rpm i386: kernel-2.6.32-431.20.3.el6.i686.rpm kernel-debug-2.6.32-431.20.3.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debug-devel-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.3.el6.i686.rpm kernel-devel-2.6.32-431.20.3.el6.i686.rpm kernel-headers-2.6.32-431.20.3.el6.i686.rpm perf-2.6.32-431.20.3.el6.i686.rpm perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.20.3.el6.noarch.rpm kernel-doc-2.6.32-431.20.3.el6.noarch.rpm kernel-firmware-2.6.32-431.20.3.el6.noarch.rpm x86_64: kernel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm kernel-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-headers-2.6.32-431.20.3.el6.x86_64.rpm perf-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: kernel-2.6.32-431.20.3.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.3.el6.i686.rpm perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm python-perf-2.6.32-431.20.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-431.20.3.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-431.20.3.el6.noarch.rpm kernel-doc-2.6.32-431.20.3.el6.noarch.rpm kernel-firmware-2.6.32-431.20.3.el6.noarch.rpm x86_64: kernel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm kernel-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-headers-2.6.32-431.20.3.el6.x86_64.rpm perf-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: kernel-2.6.32-431.20.3.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-431.20.3.el6.src.rpm i386: kernel-2.6.32-431.20.3.el6.i686.rpm kernel-debug-2.6.32-431.20.3.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debug-devel-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.3.el6.i686.rpm kernel-devel-2.6.32-431.20.3.el6.i686.rpm kernel-headers-2.6.32-431.20.3.el6.i686.rpm perf-2.6.32-431.20.3.el6.i686.rpm perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.20.3.el6.noarch.rpm kernel-doc-2.6.32-431.20.3.el6.noarch.rpm kernel-firmware-2.6.32-431.20.3.el6.noarch.rpm ppc64: kernel-2.6.32-431.20.3.el6.ppc64.rpm kernel-bootwrapper-2.6.32-431.20.3.el6.ppc64.rpm kernel-debug-2.6.32-431.20.3.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.ppc64.rpm kernel-debug-devel-2.6.32-431.20.3.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.20.3.el6.ppc64.rpm kernel-devel-2.6.32-431.20.3.el6.ppc64.rpm kernel-headers-2.6.32-431.20.3.el6.ppc64.rpm perf-2.6.32-431.20.3.el6.ppc64.rpm perf-debuginfo-2.6.32-431.20.3.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.ppc64.rpm s390x: kernel-2.6.32-431.20.3.el6.s390x.rpm kernel-debug-2.6.32-431.20.3.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.s390x.rpm kernel-debug-devel-2.6.32-431.20.3.el6.s390x.rpm kernel-debuginfo-2.6.32-431.20.3.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.20.3.el6.s390x.rpm kernel-devel-2.6.32-431.20.3.el6.s390x.rpm kernel-headers-2.6.32-431.20.3.el6.s390x.rpm kernel-kdump-2.6.32-431.20.3.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.20.3.el6.s390x.rpm kernel-kdump-devel-2.6.32-431.20.3.el6.s390x.rpm perf-2.6.32-431.20.3.el6.s390x.rpm perf-debuginfo-2.6.32-431.20.3.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.s390x.rpm x86_64: kernel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm kernel-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-headers-2.6.32-431.20.3.el6.x86_64.rpm perf-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: kernel-2.6.32-431.20.3.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.3.el6.i686.rpm perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm python-perf-2.6.32-431.20.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-431.20.3.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.20.3.el6.ppc64.rpm perf-debuginfo-2.6.32-431.20.3.el6.ppc64.rpm python-perf-2.6.32-431.20.3.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-431.20.3.el6.s390x.rpm kernel-debuginfo-2.6.32-431.20.3.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.20.3.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.20.3.el6.s390x.rpm perf-debuginfo-2.6.32-431.20.3.el6.s390x.rpm python-perf-2.6.32-431.20.3.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-431.20.3.el6.src.rpm i386: kernel-2.6.32-431.20.3.el6.i686.rpm kernel-debug-2.6.32-431.20.3.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debug-devel-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.3.el6.i686.rpm kernel-devel-2.6.32-431.20.3.el6.i686.rpm kernel-headers-2.6.32-431.20.3.el6.i686.rpm perf-2.6.32-431.20.3.el6.i686.rpm perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.20.3.el6.noarch.rpm kernel-doc-2.6.32-431.20.3.el6.noarch.rpm kernel-firmware-2.6.32-431.20.3.el6.noarch.rpm x86_64: kernel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm kernel-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-headers-2.6.32-431.20.3.el6.x86_64.rpm perf-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: kernel-2.6.32-431.20.3.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.3.el6.i686.rpm perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm python-perf-2.6.32-431.20.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-6378.html https://www.redhat.com/security/data/cve/CVE-2014-0203.html https://www.redhat.com/security/data/cve/CVE-2014-1737.html https://www.redhat.com/security/data/cve/CVE-2014-1738.html https://www.redhat.com/security/data/cve/CVE-2014-1874.html https://www.redhat.com/security/data/cve/CVE-2014-2039.html https://www.redhat.com/security/data/cve/CVE-2014-3153.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/kernel.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFToyZHXlSAg2UNWIIRApQsAKCZeH0Mv1eaPAW9nGofX8NTqmj5IgCfbwe/ riveg/u5L/KicpJHe7/dxdA= =whvt -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 19 18:07:30 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 Jun 2014 18:07:30 +0000 Subject: [RHSA-2014:0772-01] Important: kernel security and bug fix update Message-ID: <201406191807.s5JI7UKw009471@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:0772-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0772.html Issue date: 2014-06-19 CVE Names: CVE-2012-6638 CVE-2014-1737 CVE-2014-1738 ===================================================================== 1. Summary: Updated kernel packages that fix three security issues and two bugs are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux EUS (v. 5.9 server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled TCP packets with both the SYN and FIN flags set. A remote attacker could use this flaw to consume an excessive amount of resources on the target system, potentially resulting in a denial of service. (CVE-2012-6638, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * While under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096060) * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091831) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1066055 - CVE-2012-6638 Kernel: net: tcp: potential DoS via SYN+FIN messages 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command 6. Package List: Red Hat Enterprise Linux EUS (v. 5.9 server): Source: kernel-2.6.18-348.27.1.el5.src.rpm i386: kernel-2.6.18-348.27.1.el5.i686.rpm kernel-PAE-2.6.18-348.27.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-348.27.1.el5.i686.rpm kernel-PAE-devel-2.6.18-348.27.1.el5.i686.rpm kernel-debug-2.6.18-348.27.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-348.27.1.el5.i686.rpm kernel-debug-devel-2.6.18-348.27.1.el5.i686.rpm kernel-debuginfo-2.6.18-348.27.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-348.27.1.el5.i686.rpm kernel-devel-2.6.18-348.27.1.el5.i686.rpm kernel-headers-2.6.18-348.27.1.el5.i386.rpm kernel-xen-2.6.18-348.27.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-348.27.1.el5.i686.rpm kernel-xen-devel-2.6.18-348.27.1.el5.i686.rpm ia64: kernel-2.6.18-348.27.1.el5.ia64.rpm kernel-debug-2.6.18-348.27.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-348.27.1.el5.ia64.rpm kernel-debug-devel-2.6.18-348.27.1.el5.ia64.rpm kernel-debuginfo-2.6.18-348.27.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-348.27.1.el5.ia64.rpm kernel-devel-2.6.18-348.27.1.el5.ia64.rpm kernel-headers-2.6.18-348.27.1.el5.ia64.rpm kernel-xen-2.6.18-348.27.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-348.27.1.el5.ia64.rpm kernel-xen-devel-2.6.18-348.27.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-348.27.1.el5.noarch.rpm ppc: kernel-2.6.18-348.27.1.el5.ppc64.rpm kernel-debug-2.6.18-348.27.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-348.27.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-348.27.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-348.27.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-348.27.1.el5.ppc64.rpm kernel-devel-2.6.18-348.27.1.el5.ppc64.rpm kernel-headers-2.6.18-348.27.1.el5.ppc.rpm kernel-headers-2.6.18-348.27.1.el5.ppc64.rpm kernel-kdump-2.6.18-348.27.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-348.27.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-348.27.1.el5.ppc64.rpm s390x: kernel-2.6.18-348.27.1.el5.s390x.rpm kernel-debug-2.6.18-348.27.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-348.27.1.el5.s390x.rpm kernel-debug-devel-2.6.18-348.27.1.el5.s390x.rpm kernel-debuginfo-2.6.18-348.27.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-348.27.1.el5.s390x.rpm kernel-devel-2.6.18-348.27.1.el5.s390x.rpm kernel-headers-2.6.18-348.27.1.el5.s390x.rpm kernel-kdump-2.6.18-348.27.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-348.27.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-348.27.1.el5.s390x.rpm x86_64: kernel-2.6.18-348.27.1.el5.x86_64.rpm kernel-debug-2.6.18-348.27.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-348.27.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-348.27.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-348.27.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-348.27.1.el5.x86_64.rpm kernel-devel-2.6.18-348.27.1.el5.x86_64.rpm kernel-headers-2.6.18-348.27.1.el5.x86_64.rpm kernel-xen-2.6.18-348.27.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-348.27.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-348.27.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-6638.html https://www.redhat.com/security/data/cve/CVE-2014-1737.html https://www.redhat.com/security/data/cve/CVE-2014-1738.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFToyZ2XlSAg2UNWIIRAgzcAJ99/et74itAWMk/prkhe0/JzFKQJQCfXEej NMISGxA1+IUHRKBHIE6o0JU= =3oT7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jun 24 16:20:54 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 24 Jun 2014 16:20:54 +0000 Subject: [RHSA-2014:0786-01] Important: kernel security, bug fix, and enhancement update Message-ID: <201406241620.s5OGKsDi001990@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2014:0786-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0786.html Issue date: 2014-06-24 CVE Names: CVE-2014-0206 CVE-2014-1737 CVE-2014-1738 CVE-2014-2568 CVE-2014-2851 CVE-2014-3144 CVE-2014-3145 CVE-2014-3153 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2851, Important) * Use-after-free and information leak flaws were found in the way the Linux kernel's floppy driver processed the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use these flaws to escalate their privileges on the system. (CVE-2014-1737, CVE-2014-1738, Important) * It was found that the aio_read_events_ring() function of the Linux kernel's Asynchronous I/O (AIO) subsystem did not properly sanitize the AIO ring head received from user space. A local, unprivileged user could use this flaw to disclose random parts of the (physical) memory belonging to the kernel and/or other processes. (CVE-2014-0206, Moderate) * An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145, Moderate) * An information leak flaw was found in the way the skb_zerocopy() function copied socket buffers (skb) that are backed by user-space buffers (for example vhost-net and Xen netback), potentially allowing an attacker to read data from those buffers. (CVE-2014-2568, Low) Red Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153 and Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153. The CVE-2014-0206 issue was discovered by Mateusz Guzik of Red Hat. This update also fixes the following bugs: * Due to incorrect calculation of Tx statistics in the qlcninc driver, running the "ethtool -S ethX" command could trigger memory corruption. As a consequence, running the sosreport tool, that uses this command, resulted in a kernel panic. The problem has been fixed by correcting the said statistics calculation. (BZ#1104972) * When an attempt to create a file on the GFS2 file system failed due to a file system quota violation, the relevant VFS inode was not completely uninitialized. This could result in a list corruption error. This update resolves this problem by correctly uninitializing the VFS inode in this situation. (BZ#1097407) * Due to a race condition in the kernel, the getcwd() system call could return "/" instead of the correct full path name when querying a path name of a file or directory. Paths returned in the "/proc" file system could also be incorrect. This problem was causing instability of various applications. The aforementioned race condition has been fixed and getcwd() now always returns the correct paths. (BZ#1099048) In addition, this update adds the following enhancements: * The kernel mutex code has been improved. The changes include improved queuing of the MCS spin locks, the MCS code optimization, introduction of the cancellable MCS spin locks, and improved handling of mutexes without wait locks. (BZ#1103631, BZ#1103629) * The handling of the Virtual Memory Area (VMA) cache and huge page faults has been improved. (BZ#1103630) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1079012 - CVE-2014-2568 kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()ied 1086730 - CVE-2014-2851 kernel: net: ping: refcount issue in ping_init_sock() function 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command 1094602 - CVE-2014-0206 kernel: aio: insufficient sanitization of head in aio_read_events_ring() 1096775 - CVE-2014-3144 CVE-2014-3145 Kernel: filter: prevent nla extensions to peek beyond the end of the message 1103626 - CVE-2014-3153 kernel: futex: pi futexes requeue issue 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-123.4.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.4.2.el7.noarch.rpm x86_64: kernel-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.2.el7.x86_64.rpm kernel-devel-3.10.0-123.4.2.el7.x86_64.rpm kernel-headers-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.4.2.el7.x86_64.rpm perf-3.10.0-123.4.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: kernel-doc-3.10.0-123.4.2.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.4.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm python-perf-3.10.0-123.4.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-123.4.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.4.2.el7.noarch.rpm x86_64: kernel-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.2.el7.x86_64.rpm kernel-devel-3.10.0-123.4.2.el7.x86_64.rpm kernel-headers-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.4.2.el7.x86_64.rpm perf-3.10.0-123.4.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: kernel-doc-3.10.0-123.4.2.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.4.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm python-perf-3.10.0-123.4.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-123.4.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.4.2.el7.noarch.rpm ppc64: kernel-3.10.0-123.4.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-123.4.2.el7.ppc64.rpm kernel-debug-3.10.0-123.4.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-123.4.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-123.4.2.el7.ppc64.rpm kernel-devel-3.10.0-123.4.2.el7.ppc64.rpm kernel-headers-3.10.0-123.4.2.el7.ppc64.rpm kernel-tools-3.10.0-123.4.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-123.4.2.el7.ppc64.rpm perf-3.10.0-123.4.2.el7.ppc64.rpm perf-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm s390x: kernel-3.10.0-123.4.2.el7.s390x.rpm kernel-debug-3.10.0-123.4.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-123.4.2.el7.s390x.rpm kernel-debug-devel-3.10.0-123.4.2.el7.s390x.rpm kernel-debuginfo-3.10.0-123.4.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-123.4.2.el7.s390x.rpm kernel-devel-3.10.0-123.4.2.el7.s390x.rpm kernel-headers-3.10.0-123.4.2.el7.s390x.rpm kernel-kdump-3.10.0-123.4.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-123.4.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-123.4.2.el7.s390x.rpm perf-3.10.0-123.4.2.el7.s390x.rpm perf-debuginfo-3.10.0-123.4.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.s390x.rpm x86_64: kernel-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.2.el7.x86_64.rpm kernel-devel-3.10.0-123.4.2.el7.x86_64.rpm kernel-headers-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.4.2.el7.x86_64.rpm perf-3.10.0-123.4.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: kernel-doc-3.10.0-123.4.2.el7.noarch.rpm ppc64: kernel-debug-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-123.4.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-123.4.2.el7.ppc64.rpm perf-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm python-perf-3.10.0-123.4.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.ppc64.rpm s390x: kernel-debug-debuginfo-3.10.0-123.4.2.el7.s390x.rpm kernel-debuginfo-3.10.0-123.4.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-123.4.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-123.4.2.el7.s390x.rpm perf-debuginfo-3.10.0-123.4.2.el7.s390x.rpm python-perf-3.10.0-123.4.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.s390x.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.4.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm python-perf-3.10.0-123.4.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-123.4.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-123.4.2.el7.noarch.rpm x86_64: kernel-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.2.el7.x86_64.rpm kernel-devel-3.10.0-123.4.2.el7.x86_64.rpm kernel-headers-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.4.2.el7.x86_64.rpm perf-3.10.0-123.4.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: kernel-doc-3.10.0-123.4.2.el7.noarch.rpm x86_64: kernel-debug-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.4.2.el7.x86_64.rpm perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm python-perf-3.10.0-123.4.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.4.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0206.html https://www.redhat.com/security/data/cve/CVE-2014-1737.html https://www.redhat.com/security/data/cve/CVE-2014-1738.html https://www.redhat.com/security/data/cve/CVE-2014-2568.html https://www.redhat.com/security/data/cve/CVE-2014-2851.html https://www.redhat.com/security/data/cve/CVE-2014-3144.html https://www.redhat.com/security/data/cve/CVE-2014-3145.html https://www.redhat.com/security/data/cve/CVE-2014-3153.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTqaVHXlSAg2UNWIIRAgFKAJ4mnRXwaYy/0GthgyRuVcYlMmxwLQCeMOiR c7WYxjs/jFlckZ6+5sUqO6M= =j+79 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 25 17:35:32 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 Jun 2014 17:35:32 +0000 Subject: [RHSA-2014:0788-01] Important: mod_wsgi security update Message-ID: <201406251735.s5PHZWGj029193@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mod_wsgi security update Advisory ID: RHSA-2014:0788-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0788.html Issue date: 2014-06-25 CVE Names: CVE-2014-0240 CVE-2014-0242 ===================================================================== 1. Summary: An updated mod_wsgi package that fixes two security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: The mod_wsgi adapter is an Apache module that provides a WSGI-compliant interface for hosting Python-based web applications within Apache. It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. (CVE-2014-0240) Note: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation. It was discovered that mod_wsgi could leak memory of a hosted web application via the "Content-Type" header. A remote attacker could possibly use this flaw to disclose limited portions of the web application's memory. (CVE-2014-0242) Red Hat would like to thank Graham Dumpleton for reporting these issues. Upstream acknowledges R?bert Kisteleki as the original reporter of CVE-2014-0240, and Buck Golemon as the original reporter of CVE-2014-0242. All mod_wsgi users are advised to upgrade to this updated package, which contains backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1101863 - CVE-2014-0240 mod_wsgi: possible privilege escalation in setuid() failure scenarios 1101873 - CVE-2014-0242 mod_wsgi: information leak 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: mod_wsgi-3.2-6.el6_5.src.rpm i386: mod_wsgi-3.2-6.el6_5.i686.rpm mod_wsgi-debuginfo-3.2-6.el6_5.i686.rpm x86_64: mod_wsgi-3.2-6.el6_5.x86_64.rpm mod_wsgi-debuginfo-3.2-6.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: mod_wsgi-3.2-6.el6_5.src.rpm x86_64: mod_wsgi-3.2-6.el6_5.x86_64.rpm mod_wsgi-debuginfo-3.2-6.el6_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: mod_wsgi-3.2-6.el6_5.src.rpm i386: mod_wsgi-3.2-6.el6_5.i686.rpm mod_wsgi-debuginfo-3.2-6.el6_5.i686.rpm ppc64: mod_wsgi-3.2-6.el6_5.ppc64.rpm mod_wsgi-debuginfo-3.2-6.el6_5.ppc64.rpm s390x: mod_wsgi-3.2-6.el6_5.s390x.rpm mod_wsgi-debuginfo-3.2-6.el6_5.s390x.rpm x86_64: mod_wsgi-3.2-6.el6_5.x86_64.rpm mod_wsgi-debuginfo-3.2-6.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: mod_wsgi-3.2-6.el6_5.src.rpm i386: mod_wsgi-3.2-6.el6_5.i686.rpm mod_wsgi-debuginfo-3.2-6.el6_5.i686.rpm x86_64: mod_wsgi-3.2-6.el6_5.x86_64.rpm mod_wsgi-debuginfo-3.2-6.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0240.html https://www.redhat.com/security/data/cve/CVE-2014-0242.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTqwhXXlSAg2UNWIIRAuOQAJ9oXAFcIhqRdUyken6/RIV6N6whPwCgpPap 1u+qQOjPAKjHBRCGRuS3k3I= =uUHk -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 25 17:36:03 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 Jun 2014 17:36:03 +0000 Subject: [RHSA-2014:0789-01] Important: python27-mod_wsgi and python33-mod_wsgi security update Message-ID: <201406251736.s5PHa31K026107@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: python27-mod_wsgi and python33-mod_wsgi security update Advisory ID: RHSA-2014:0789-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0789.html Issue date: 2014-06-25 CVE Names: CVE-2014-0240 ===================================================================== 1. Summary: Updated python27-mod_wsgi and python33-mod_wsgi packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: The mod_wsgi adapter is an Apache module that provides a WSGI-compliant interface for hosting Python-based web applications within Apache. It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. (CVE-2014-0240) Note: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation. Red Hat would like to thank Graham Dumpleton for reporting this issue. Upstream acknowledges R?bert Kisteleki as the original reporter of this issue. All python27-mod_wsgi and python33-mod_wsgi users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1101863 - CVE-2014-0240 mod_wsgi: possible privilege escalation in setuid() failure scenarios 6. Package List: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6): Source: python27-mod_wsgi-3.4-12.el6.src.rpm python33-mod_wsgi-3.4-14.el6.src.rpm x86_64: python27-mod_wsgi-3.4-12.el6.x86_64.rpm python27-mod_wsgi-debuginfo-3.4-12.el6.x86_64.rpm python33-mod_wsgi-3.4-14.el6.x86_64.rpm python33-mod_wsgi-debuginfo-3.4-14.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.3): Source: python27-mod_wsgi-3.4-12.el6.src.rpm python33-mod_wsgi-3.4-14.el6.src.rpm x86_64: python27-mod_wsgi-3.4-12.el6.x86_64.rpm python27-mod_wsgi-debuginfo-3.4-12.el6.x86_64.rpm python33-mod_wsgi-3.4-14.el6.x86_64.rpm python33-mod_wsgi-debuginfo-3.4-14.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.4): Source: python27-mod_wsgi-3.4-12.el6.src.rpm python33-mod_wsgi-3.4-14.el6.src.rpm x86_64: python27-mod_wsgi-3.4-12.el6.x86_64.rpm python27-mod_wsgi-debuginfo-3.4-12.el6.x86_64.rpm python33-mod_wsgi-3.4-14.el6.x86_64.rpm python33-mod_wsgi-debuginfo-3.4-14.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6): Source: python27-mod_wsgi-3.4-12.el6.src.rpm python33-mod_wsgi-3.4-14.el6.src.rpm x86_64: python27-mod_wsgi-3.4-12.el6.x86_64.rpm python27-mod_wsgi-debuginfo-3.4-12.el6.x86_64.rpm python33-mod_wsgi-3.4-14.el6.x86_64.rpm python33-mod_wsgi-debuginfo-3.4-14.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7): Source: python27-mod_wsgi-3.4-13.el7.src.rpm python33-mod_wsgi-3.4-13.el7.src.rpm x86_64: python27-mod_wsgi-3.4-13.el7.x86_64.rpm python27-mod_wsgi-debuginfo-3.4-13.el7.x86_64.rpm python33-mod_wsgi-3.4-13.el7.x86_64.rpm python33-mod_wsgi-debuginfo-3.4-13.el7.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7): Source: python27-mod_wsgi-3.4-13.el7.src.rpm python33-mod_wsgi-3.4-13.el7.src.rpm x86_64: python27-mod_wsgi-3.4-13.el7.x86_64.rpm python27-mod_wsgi-debuginfo-3.4-13.el7.x86_64.rpm python33-mod_wsgi-3.4-13.el7.x86_64.rpm python33-mod_wsgi-debuginfo-3.4-13.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0240.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTqwhxXlSAg2UNWIIRAnm8AKCv+Lz9DN1NNOhiBHAM3x04RjjHvACfdz6R aaXtxyVyGgdwkS0W8IYcXdU= =irzK -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jun 25 17:36:54 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 Jun 2014 17:36:54 +0000 Subject: [RHSA-2014:0790-01] Moderate: dovecot security update Message-ID: <201406251736.s5PHassU005617@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: dovecot security update Advisory ID: RHSA-2014:0790-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0790.html Issue date: 2014-06-25 CVE Names: CVE-2014-3430 ===================================================================== 1. Summary: Updated dovecot packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Dovecot is an IMAP server, written with security primarily in mind, for Linux and other UNIX-like systems. It also contains a small POP3 server. It supports mail in both the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. It was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made. (CVE-2014-3430) All dovecot users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the dovecot service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1096402 - CVE-2014-3430 dovecot: denial of service through maxxing out SSL connections 6. Package List: Red Hat Enterprise Linux Server (v. 6): Source: dovecot-2.0.9-7.el6_5.1.src.rpm i386: dovecot-2.0.9-7.el6_5.1.i686.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm dovecot-mysql-2.0.9-7.el6_5.1.i686.rpm dovecot-pgsql-2.0.9-7.el6_5.1.i686.rpm dovecot-pigeonhole-2.0.9-7.el6_5.1.i686.rpm ppc64: dovecot-2.0.9-7.el6_5.1.ppc.rpm dovecot-2.0.9-7.el6_5.1.ppc64.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.ppc.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.ppc64.rpm dovecot-mysql-2.0.9-7.el6_5.1.ppc64.rpm dovecot-pgsql-2.0.9-7.el6_5.1.ppc64.rpm dovecot-pigeonhole-2.0.9-7.el6_5.1.ppc64.rpm s390x: dovecot-2.0.9-7.el6_5.1.s390.rpm dovecot-2.0.9-7.el6_5.1.s390x.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.s390.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.s390x.rpm dovecot-mysql-2.0.9-7.el6_5.1.s390x.rpm dovecot-pgsql-2.0.9-7.el6_5.1.s390x.rpm dovecot-pigeonhole-2.0.9-7.el6_5.1.s390x.rpm x86_64: dovecot-2.0.9-7.el6_5.1.i686.rpm dovecot-2.0.9-7.el6_5.1.x86_64.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.x86_64.rpm dovecot-mysql-2.0.9-7.el6_5.1.x86_64.rpm dovecot-pgsql-2.0.9-7.el6_5.1.x86_64.rpm dovecot-pigeonhole-2.0.9-7.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: dovecot-2.0.9-7.el6_5.1.src.rpm i386: dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm dovecot-devel-2.0.9-7.el6_5.1.i686.rpm ppc64: dovecot-debuginfo-2.0.9-7.el6_5.1.ppc64.rpm dovecot-devel-2.0.9-7.el6_5.1.ppc64.rpm s390x: dovecot-debuginfo-2.0.9-7.el6_5.1.s390x.rpm dovecot-devel-2.0.9-7.el6_5.1.s390x.rpm x86_64: dovecot-debuginfo-2.0.9-7.el6_5.1.x86_64.rpm dovecot-devel-2.0.9-7.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: dovecot-2.0.9-7.el6_5.1.src.rpm i386: dovecot-2.0.9-7.el6_5.1.i686.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm dovecot-mysql-2.0.9-7.el6_5.1.i686.rpm dovecot-pgsql-2.0.9-7.el6_5.1.i686.rpm dovecot-pigeonhole-2.0.9-7.el6_5.1.i686.rpm x86_64: dovecot-2.0.9-7.el6_5.1.i686.rpm dovecot-2.0.9-7.el6_5.1.x86_64.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm dovecot-debuginfo-2.0.9-7.el6_5.1.x86_64.rpm dovecot-mysql-2.0.9-7.el6_5.1.x86_64.rpm dovecot-pgsql-2.0.9-7.el6_5.1.x86_64.rpm dovecot-pigeonhole-2.0.9-7.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: dovecot-2.0.9-7.el6_5.1.src.rpm i386: dovecot-debuginfo-2.0.9-7.el6_5.1.i686.rpm dovecot-devel-2.0.9-7.el6_5.1.i686.rpm x86_64: dovecot-debuginfo-2.0.9-7.el6_5.1.x86_64.rpm dovecot-devel-2.0.9-7.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: dovecot-2.2.10-4.el7_0.1.src.rpm ppc64: dovecot-2.2.10-4.el7_0.1.ppc.rpm dovecot-2.2.10-4.el7_0.1.ppc64.rpm dovecot-debuginfo-2.2.10-4.el7_0.1.ppc.rpm dovecot-debuginfo-2.2.10-4.el7_0.1.ppc64.rpm dovecot-mysql-2.2.10-4.el7_0.1.ppc64.rpm dovecot-pgsql-2.2.10-4.el7_0.1.ppc64.rpm dovecot-pigeonhole-2.2.10-4.el7_0.1.ppc64.rpm s390x: dovecot-2.2.10-4.el7_0.1.s390.rpm dovecot-2.2.10-4.el7_0.1.s390x.rpm dovecot-debuginfo-2.2.10-4.el7_0.1.s390.rpm dovecot-debuginfo-2.2.10-4.el7_0.1.s390x.rpm dovecot-mysql-2.2.10-4.el7_0.1.s390x.rpm dovecot-pgsql-2.2.10-4.el7_0.1.s390x.rpm dovecot-pigeonhole-2.2.10-4.el7_0.1.s390x.rpm x86_64: dovecot-2.2.10-4.el7_0.1.i686.rpm dovecot-2.2.10-4.el7_0.1.x86_64.rpm dovecot-debuginfo-2.2.10-4.el7_0.1.i686.rpm dovecot-debuginfo-2.2.10-4.el7_0.1.x86_64.rpm dovecot-mysql-2.2.10-4.el7_0.1.x86_64.rpm dovecot-pgsql-2.2.10-4.el7_0.1.x86_64.rpm dovecot-pigeonhole-2.2.10-4.el7_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: dovecot-2.2.10-4.el7_0.1.src.rpm x86_64: dovecot-2.2.10-4.el7_0.1.i686.rpm dovecot-2.2.10-4.el7_0.1.x86_64.rpm dovecot-debuginfo-2.2.10-4.el7_0.1.i686.rpm dovecot-debuginfo-2.2.10-4.el7_0.1.x86_64.rpm dovecot-mysql-2.2.10-4.el7_0.1.x86_64.rpm dovecot-pgsql-2.2.10-4.el7_0.1.x86_64.rpm dovecot-pigeonhole-2.2.10-4.el7_0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-3430.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTqwigXlSAg2UNWIIRAuuRAKCKt3nLkx0FWlkjQhi0x6nMNCLlvwCeNZCl LNmR03Ziexvz765kvDYPb9Y= =KnU0 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 26 17:26:11 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 26 Jun 2014 17:26:11 +0000 Subject: [RHSA-2014:0800-01] Important: kernel security update Message-ID: <201406261726.s5QHQBQK029203@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2014:0800-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0800.html Issue date: 2014-06-26 CVE Names: CVE-2014-1737 CVE-2014-1738 CVE-2014-3153 ===================================================================== 1. Summary: Updated kernel packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AUS (v. 6.2 server) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. Red Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153, and Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command 1103626 - CVE-2014-3153 kernel: futex: pi futexes requeue issue 6. Package List: Red Hat Enterprise Linux AUS (v. 6.2 server): Source: kernel-2.6.32-220.52.1.el6.src.rpm noarch: kernel-doc-2.6.32-220.52.1.el6.noarch.rpm kernel-firmware-2.6.32-220.52.1.el6.noarch.rpm x86_64: kernel-2.6.32-220.52.1.el6.x86_64.rpm kernel-debug-2.6.32-220.52.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.52.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.52.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.52.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.52.1.el6.x86_64.rpm kernel-devel-2.6.32-220.52.1.el6.x86_64.rpm kernel-headers-2.6.32-220.52.1.el6.x86_64.rpm perf-2.6.32-220.52.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.52.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.52.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: kernel-2.6.32-220.52.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.52.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.52.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.52.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.52.1.el6.x86_64.rpm python-perf-2.6.32-220.52.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.52.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1737.html https://www.redhat.com/security/data/cve/CVE-2014-1738.html https://www.redhat.com/security/data/cve/CVE-2014-3153.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTrFcTXlSAg2UNWIIRAgUbAKDDlBCqHvqvW/wJdumGvQy/iPvRawCgj1D2 LEzToUKsWm2klfO2GiCiCvE= =w+z2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jun 26 17:28:54 2014 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 26 Jun 2014 17:28:54 +0000 Subject: [RHSA-2014:0801-01] Important: kernel security update Message-ID: <201406261728.s5QHSsw4001512@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2014:0801-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0801.html Issue date: 2014-06-26 CVE Names: CVE-2014-1737 CVE-2014-1738 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5.6 Long Life. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux LL (v. 5.6 server) - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. Red Hat would like to thank Matthew Daley for reporting these issues. All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command 6. Package List: Red Hat Enterprise Linux LL (v. 5.6 server): Source: kernel-2.6.18-238.53.1.el5.src.rpm i386: kernel-2.6.18-238.53.1.el5.i686.rpm kernel-PAE-2.6.18-238.53.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-238.53.1.el5.i686.rpm kernel-PAE-devel-2.6.18-238.53.1.el5.i686.rpm kernel-debug-2.6.18-238.53.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-238.53.1.el5.i686.rpm kernel-debug-devel-2.6.18-238.53.1.el5.i686.rpm kernel-debuginfo-2.6.18-238.53.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-238.53.1.el5.i686.rpm kernel-devel-2.6.18-238.53.1.el5.i686.rpm kernel-headers-2.6.18-238.53.1.el5.i386.rpm kernel-xen-2.6.18-238.53.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-238.53.1.el5.i686.rpm kernel-xen-devel-2.6.18-238.53.1.el5.i686.rpm ia64: kernel-2.6.18-238.53.1.el5.ia64.rpm kernel-debug-2.6.18-238.53.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-238.53.1.el5.ia64.rpm kernel-debug-devel-2.6.18-238.53.1.el5.ia64.rpm kernel-debuginfo-2.6.18-238.53.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-238.53.1.el5.ia64.rpm kernel-devel-2.6.18-238.53.1.el5.ia64.rpm kernel-headers-2.6.18-238.53.1.el5.ia64.rpm kernel-xen-2.6.18-238.53.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-238.53.1.el5.ia64.rpm kernel-xen-devel-2.6.18-238.53.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-238.53.1.el5.noarch.rpm x86_64: kernel-2.6.18-238.53.1.el5.x86_64.rpm kernel-debug-2.6.18-238.53.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-238.53.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-238.53.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-238.53.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-238.53.1.el5.x86_64.rpm kernel-devel-2.6.18-238.53.1.el5.x86_64.rpm kernel-headers-2.6.18-238.53.1.el5.x86_64.rpm kernel-xen-2.6.18-238.53.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-238.53.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-238.53.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1737.html https://www.redhat.com/security/data/cve/CVE-2014-1738.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTrFe7XlSAg2UNWIIRAjJOAKDE4pUIDub/0jEKGO6xlC3ay6iFuwCfcbmI gHJWRJzp4Bdttc+LVSrWJyw= =IQKm -----END PGP SIGNATURE-----