From bugzilla at redhat.com Tue Mar 3 13:25:17 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Mar 2015 13:25:17 +0000 Subject: [RHSA-2015:0284-03] Important: kernel security and bug fix update Message-ID: <201503031325.t23DPHhm009840@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2015:0284-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0284.html Issue date: 2015-03-03 CVE Names: CVE-2013-4483 CVE-2014-3185 CVE-2014-3611 CVE-2014-3645 CVE-2014-3646 CVE-2014-7841 CVE-2014-8160 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.5) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.5) - noarch, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.5) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.5) - i386, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change (ASCONF). A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system. (CVE-2014-7841, Important) * A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory (OOM) condition and, potentially, crash the system. (CVE-2013-4483, Moderate) * A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate) * It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) * A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol (SCTP) case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking module was not loaded on the system. (CVE-2014-8160, Moderate) Red Hat would like to thank Lars Bull of Google for reporting CVE-2014-3611, Vladimir Davydov (Parallels) for reporting CVE-2013-4483, and the Advanced Threat Research team at Intel Security for reporting CVE-2014-3645 and CVE-2014-3646. The CVE-2014-7841 issue was discovered by Liu Wei of Red Hat. Bug fixes: * When forwarding a packet, the iptables target TCPOPTSTRIP used the tcp_hdr() function to locate the option space. Consequently, TCPOPTSTRIP located the incorrect place in the packet, and therefore did not match options for stripping. TCPOPTSTRIP now uses the TCP header itself to locate the option space, and the options are now properly stripped. (BZ#1172026) * The ipset utility computed incorrect values of timeouts from an old IP set, and these values were then supplied to a new IP set. A resize on an IP set with a timeouts option enabled could then supply corrupted data from an old IP set. This bug has been fixed by properly reading timeout values from an old set before supplying them to a new set. (BZ#1172763) * Incorrect processing of errors from the BCM5719 LAN controller could result in incoming packets being dropped. Now, received errors are handled properly, and incoming packets are no longer randomly dropped. (BZ#1180405) * When the NVMe driver allocated a name-space queue, it was recognized as a request-based driver, whereas it was a BIO-based driver. While trying to access data during the loading of NVMe along with a request-based DM device, the system could terminate unexpectedly or become unresponsive. Now, NVMe does not set the QUEUE_FLAG_STACKABLE flag during the allocation of a name-space queue, and the system no longer attempts to insert a request into the queue, preventing a crash. (BZ#1180554) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1024854 - CVE-2013-4483 kernel: ipc: ipc_rcu_putref refcount races 1141400 - CVE-2014-3185 Kernel: USB serial: memory corruption flaw 1144825 - CVE-2014-3646 kernel: kvm: vmx: invvpid vm exit not handled 1144835 - CVE-2014-3645 kernel: kvm: vmx: invept vm exit not handled 1144878 - CVE-2014-3611 kernel: kvm: PIT timer race condition 1163087 - CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet 1182059 - CVE-2014-8160 kernel: iptables restriction bypass if a protocol handler kernel module not loaded 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.5): Source: kernel-2.6.32-431.50.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-431.50.1.el6.noarch.rpm kernel-doc-2.6.32-431.50.1.el6.noarch.rpm kernel-firmware-2.6.32-431.50.1.el6.noarch.rpm x86_64: kernel-2.6.32-431.50.1.el6.x86_64.rpm kernel-debug-2.6.32-431.50.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.50.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.50.1.el6.x86_64.rpm kernel-devel-2.6.32-431.50.1.el6.x86_64.rpm kernel-headers-2.6.32-431.50.1.el6.x86_64.rpm perf-2.6.32-431.50.1.el6.x86_64.rpm perf-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.5): Source: kernel-2.6.32-431.50.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.50.1.el6.x86_64.rpm perf-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm python-perf-2.6.32-431.50.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.5): Source: kernel-2.6.32-431.50.1.el6.src.rpm i386: kernel-2.6.32-431.50.1.el6.i686.rpm kernel-debug-2.6.32-431.50.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.50.1.el6.i686.rpm kernel-debug-devel-2.6.32-431.50.1.el6.i686.rpm kernel-debuginfo-2.6.32-431.50.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.50.1.el6.i686.rpm kernel-devel-2.6.32-431.50.1.el6.i686.rpm kernel-headers-2.6.32-431.50.1.el6.i686.rpm perf-2.6.32-431.50.1.el6.i686.rpm perf-debuginfo-2.6.32-431.50.1.el6.i686.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-431.50.1.el6.noarch.rpm kernel-doc-2.6.32-431.50.1.el6.noarch.rpm kernel-firmware-2.6.32-431.50.1.el6.noarch.rpm ppc64: kernel-2.6.32-431.50.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-431.50.1.el6.ppc64.rpm kernel-debug-2.6.32-431.50.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-431.50.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.50.1.el6.ppc64.rpm kernel-devel-2.6.32-431.50.1.el6.ppc64.rpm kernel-headers-2.6.32-431.50.1.el6.ppc64.rpm perf-2.6.32-431.50.1.el6.ppc64.rpm perf-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm s390x: kernel-2.6.32-431.50.1.el6.s390x.rpm kernel-debug-2.6.32-431.50.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-431.50.1.el6.s390x.rpm kernel-debug-devel-2.6.32-431.50.1.el6.s390x.rpm kernel-debuginfo-2.6.32-431.50.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.50.1.el6.s390x.rpm kernel-devel-2.6.32-431.50.1.el6.s390x.rpm kernel-headers-2.6.32-431.50.1.el6.s390x.rpm kernel-kdump-2.6.32-431.50.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.50.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-431.50.1.el6.s390x.rpm perf-2.6.32-431.50.1.el6.s390x.rpm perf-debuginfo-2.6.32-431.50.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.s390x.rpm x86_64: kernel-2.6.32-431.50.1.el6.x86_64.rpm kernel-debug-2.6.32-431.50.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.50.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.50.1.el6.x86_64.rpm kernel-devel-2.6.32-431.50.1.el6.x86_64.rpm kernel-headers-2.6.32-431.50.1.el6.x86_64.rpm perf-2.6.32-431.50.1.el6.x86_64.rpm perf-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.5): Source: kernel-2.6.32-431.50.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-431.50.1.el6.i686.rpm kernel-debuginfo-2.6.32-431.50.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.50.1.el6.i686.rpm perf-debuginfo-2.6.32-431.50.1.el6.i686.rpm python-perf-2.6.32-431.50.1.el6.i686.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-431.50.1.el6.ppc64.rpm perf-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm python-perf-2.6.32-431.50.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-431.50.1.el6.s390x.rpm kernel-debuginfo-2.6.32-431.50.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-431.50.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-431.50.1.el6.s390x.rpm perf-debuginfo-2.6.32-431.50.1.el6.s390x.rpm python-perf-2.6.32-431.50.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.50.1.el6.x86_64.rpm perf-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm python-perf-2.6.32-431.50.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.50.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2013-4483 https://access.redhat.com/security/cve/CVE-2014-3185 https://access.redhat.com/security/cve/CVE-2014-3611 https://access.redhat.com/security/cve/CVE-2014-3645 https://access.redhat.com/security/cve/CVE-2014-3646 https://access.redhat.com/security/cve/CVE-2014-7841 https://access.redhat.com/security/cve/CVE-2014-8160 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU9bYwXlSAg2UNWIIRAt5GAJ9rkKU3H5fBp1wzkuwSFNzOJab8AACeOZL4 aqU3GwMw6LL0MdiQE3Ub8yA= =ldMY -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Mar 3 13:26:31 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Mar 2015 13:26:31 +0000 Subject: [RHSA-2015:0285-01] Important: kernel security and bug fix update Message-ID: <201503031326.t23DQVLT014384@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2015:0285-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0285.html Issue date: 2015-03-03 CVE Names: CVE-2014-7841 ===================================================================== 1. Summary: Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change (ASCONF). A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system. (CVE-2014-7841, Important) This issue was discovered by Liu Wei of Red Hat. This update also fixes the following bugs: * Due to several bugs in the network console logging, a race condition between the network console send operation and the driver's IRQ handler could occur, or the network console could access invalid memory content. As a consequence, the respective driver, such as vmxnet3, triggered a BUG_ON() assertion and the system terminated unexpectedly. A patch addressing these bugs has been applied so that driver's IRQs are disabled before processing the send operation and the network console now accesses the RCU-protected (read-copy update) data properly. Systems using the network console logging no longer crashes due to the aforementioned conditions. (BZ#1165983) * A bug in the vmxnet3 driver allowed potential race conditions to be triggered when the driver was used with the netconsole module. The race conditions allowed the driver's internal New API (NAPI) poll routine to run concurrently with the netpoll controller routine, which resulted in data corruption and a subsequent kernel panic. To fix this problem, the vmxnet3 driver has been modified to call the appropriate interrupt handler to schedule NAPI poll requests properly. (BZ#1179594) * Prior to this update, nfs_mark_return_delegation() was called without any locking, resulting in unsafe dereferencing of delegation->inode. Because the inode is only used to discover the nfs_client, the callers now pass a valid pointer to the nfs_server as a parameter. (BZ#1187637) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1163087 - CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.4): Source: kernel-2.6.32-358.56.1.el6.src.rpm noarch: kernel-doc-2.6.32-358.56.1.el6.noarch.rpm kernel-firmware-2.6.32-358.56.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.56.1.el6.x86_64.rpm kernel-debug-2.6.32-358.56.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.56.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.56.1.el6.x86_64.rpm kernel-devel-2.6.32-358.56.1.el6.x86_64.rpm kernel-headers-2.6.32-358.56.1.el6.x86_64.rpm perf-2.6.32-358.56.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4): Source: kernel-2.6.32-358.56.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.56.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm python-perf-2.6.32-358.56.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.4): Source: kernel-2.6.32-358.56.1.el6.src.rpm i386: kernel-2.6.32-358.56.1.el6.i686.rpm kernel-debug-2.6.32-358.56.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.56.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.56.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.56.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.56.1.el6.i686.rpm kernel-devel-2.6.32-358.56.1.el6.i686.rpm kernel-headers-2.6.32-358.56.1.el6.i686.rpm perf-2.6.32-358.56.1.el6.i686.rpm perf-debuginfo-2.6.32-358.56.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.i686.rpm noarch: kernel-doc-2.6.32-358.56.1.el6.noarch.rpm kernel-firmware-2.6.32-358.56.1.el6.noarch.rpm ppc64: kernel-2.6.32-358.56.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-358.56.1.el6.ppc64.rpm kernel-debug-2.6.32-358.56.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-358.56.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.56.1.el6.ppc64.rpm kernel-devel-2.6.32-358.56.1.el6.ppc64.rpm kernel-headers-2.6.32-358.56.1.el6.ppc64.rpm perf-2.6.32-358.56.1.el6.ppc64.rpm perf-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm s390x: kernel-2.6.32-358.56.1.el6.s390x.rpm kernel-debug-2.6.32-358.56.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-358.56.1.el6.s390x.rpm kernel-debug-devel-2.6.32-358.56.1.el6.s390x.rpm kernel-debuginfo-2.6.32-358.56.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.56.1.el6.s390x.rpm kernel-devel-2.6.32-358.56.1.el6.s390x.rpm kernel-headers-2.6.32-358.56.1.el6.s390x.rpm kernel-kdump-2.6.32-358.56.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.56.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-358.56.1.el6.s390x.rpm perf-2.6.32-358.56.1.el6.s390x.rpm perf-debuginfo-2.6.32-358.56.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.s390x.rpm x86_64: kernel-2.6.32-358.56.1.el6.x86_64.rpm kernel-debug-2.6.32-358.56.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.56.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.56.1.el6.x86_64.rpm kernel-devel-2.6.32-358.56.1.el6.x86_64.rpm kernel-headers-2.6.32-358.56.1.el6.x86_64.rpm perf-2.6.32-358.56.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.4): Source: kernel-2.6.32-358.56.1.el6.src.rpm i386: kernel-debug-debuginfo-2.6.32-358.56.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.56.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.56.1.el6.i686.rpm perf-debuginfo-2.6.32-358.56.1.el6.i686.rpm python-perf-2.6.32-358.56.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.56.1.el6.ppc64.rpm perf-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm python-perf-2.6.32-358.56.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-358.56.1.el6.s390x.rpm kernel-debuginfo-2.6.32-358.56.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.56.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.56.1.el6.s390x.rpm perf-debuginfo-2.6.32-358.56.1.el6.s390x.rpm python-perf-2.6.32-358.56.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.56.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm python-perf-2.6.32-358.56.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.56.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-7841 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU9bZ0XlSAg2UNWIIRAst/AKCilcxGrPF7wjASKiN+A1+yJ3V3JQCfYLbr Di3adfW26GBhUotqtPop0ic= =MZRQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Mar 3 13:55:31 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Mar 2015 13:55:31 +0000 Subject: [RHSA-2015:0286-01] Low: Red Hat Enterprise Linux 6.4 Extended Update Support Retirement Notice Message-ID: <201503031355.t23DtWOq006423@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 6.4 Extended Update Support Retirement Notice Advisory ID: RHSA-2015:0286-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0286.html Issue date: 2015-03-03 ===================================================================== 1. Summary: This is the final notification for the retirement of Red Hat Enterprise Linux 6.4 Extended Update Support (EUS). This notification applies only to those customers subscribed to the Extended Update Support (EUS) channel for Red Hat Enterprise Linux 6.4. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, ppc64, s390x, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.4 was retired on March 3, 2015, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.4 EUS after March 3, 2015. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to migrate from Red Hat Enterprise Linux 6.4 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on any currently supported Red Hat Enterprise Linux release. Details of the Red Hat Enterprise Linux life cycle can be found here: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This erratum contains an updated redhat-release-server package that provides a copy of this retirement notice in the "/usr/share/doc/" directory. 5. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.4): Source: redhat-release-computenode-6ComputeNode-6.4.0.6.el6_4.src.rpm x86_64: redhat-release-computenode-6ComputeNode-6.4.0.6.el6_4.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.4): Source: redhat-release-server-6Server-6.4.0.9.el6_4.src.rpm i386: redhat-release-server-6Server-6.4.0.9.el6_4.i686.rpm ppc64: redhat-release-server-6Server-6.4.0.9.el6_4.ppc64.rpm s390x: redhat-release-server-6Server-6.4.0.9.el6_4.s390x.rpm x86_64: redhat-release-server-6Server-6.4.0.9.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 6. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/support/policy/updates/errata/ 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU9b0yXlSAg2UNWIIRAnOFAKC6f6Zo6KoXGdk7B2oT3i6YApZTIACfUjOL 76OFgJLaUiowVyG3KqH5Tg8= =EFpJ -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Mar 3 21:41:33 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Mar 2015 21:41:33 +0000 Subject: [RHSA-2015:0287-01] Important: foreman-proxy security update Message-ID: <201503032141.t23LfXT9023150@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: foreman-proxy security update Advisory ID: RHSA-2015:0287-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0287.html Issue date: 2015-03-03 CVE Names: CVE-2014-3691 ===================================================================== 1. Summary: Updated foreman-proxy packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform Foreman. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: OpenStack Foreman - noarch 3. Description: The foreman-proxy package provides a RESTful API to manage DNS, DHCP, TFTP, and Puppet settings, and can be used as part of Foreman. It was discovered that foreman-proxy, when running in SSL-secured mode, did not correctly verify SSL client certificates. This could permit any client with access to the API to make requests and perform actions otherwise restricted. (CVE-2014-3691) All foreman-proxy users are advised to upgrade to these updated packages, which corrects this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1150879 - CVE-2014-3691 foreman-proxy: failure to verify SSL certificates 6. Package List: OpenStack Foreman: Source: foreman-proxy-1.6.0.33-2.el6ost.src.rpm noarch: foreman-proxy-1.6.0.33-2.el6ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3691 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU9ipgXlSAg2UNWIIRAl+8AJ4/oM8mGjpJJSacBneI6Ez1RzyY9ACcDsbL YYjlhpDr7/j84+gJKCBEdCE= =o3jT -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Mar 3 21:43:32 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Mar 2015 21:43:32 +0000 Subject: [RHSA-2015:0288-01] Important: foreman-proxy security update Message-ID: <201503032143.t23LhWjH008304@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: foreman-proxy security update Advisory ID: RHSA-2015:0288-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0288.html Issue date: 2015-03-03 CVE Names: CVE-2014-3691 ===================================================================== 1. Summary: Updated foreman-proxy packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 4.0 - noarch 3. Description: The foreman-proxy package provides a RESTful API to manage DNS, DHCP, TFTP, and Puppet settings, and can be used as part of Foreman. It was discovered that foreman-proxy, when running in SSL-secured mode, did not correctly verify SSL client certificates. This could permit any client with access to the API to make requests and perform actions otherwise restricted. (CVE-2014-3691) All foreman-proxy users are advised to upgrade to these updated packages, which corrects this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1150879 - CVE-2014-3691 foreman-proxy: failure to verify SSL certificates 6. Package List: Red Hat Enterprise Linux OpenStack Platform 4.0: Source: foreman-proxy-1.3.0-7.el6ost.src.rpm noarch: foreman-proxy-1.3.0-7.el6ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3691 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU9isAXlSAg2UNWIIRAlMcAJ4gdrwiVyacHAGoS6EW9cQ2uXPLJACeJcyk 8uERDkoepZqHs2ZchHBBFlM= =SEv5 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 13:58:20 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 13:58:20 +0000 Subject: [RHSA-2015:0628-01] Important: 389-ds-base security, bug fix, and enhancement update Message-ID: <201503051358.t25DwKAo002025@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: 389-ds-base security, bug fix, and enhancement update Advisory ID: RHSA-2015:0628-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0628.html Issue date: 2015-03-05 CVE Names: CVE-2014-8105 ===================================================================== 1. Summary: Updated 389-ds-base packages that fix one security issue, two bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include sensitive information such as plain-text passwords. (CVE-2014-8105) This issue was discovered by Petr ?pa?ek of the Red Hat Identity Management Engineering Team. This update also fixes the following bugs: * In multi-master replication (MMR), deleting a single-valued attribute of a Directory Server (DS) entry was previously in some cases not correctly replicated. Consequently, the entry state in the replica systems did not reflect the intended changes. This bug has been fixed and the removal of a single-valued attribute is now properly replicated. (BZ#1179099) * Prior to this update, the Directory Server (DS) always checked the ACI syntax. As a consequence, removing an ACI failed with a syntax error. With this update, the ACI check is stopped when the ACI is going to be removed, and the removal thus works as expected. (BZ#1179100) In addition, this update adds the following enhancement: * The buffer size limit for the 389-ds-base application has been increased to 2MB in order to match the buffer size limit of Simple Authentication and Security Layer (SASL) and Basic Encoding Rules (BER). (BZ#1179595) All 389-ds-base users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. After installing this update, the 389 server service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1167858 - CVE-2014-8105 389-ds-base: information disclosure through 'cn=changelog' subtree 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: 389-ds-base-1.2.11.15-50.el6_6.src.rpm i386: 389-ds-base-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.i686.rpm x86_64: 389-ds-base-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: 389-ds-base-1.2.11.15-50.el6_6.src.rpm x86_64: 389-ds-base-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: 389-ds-base-1.2.11.15-50.el6_6.src.rpm i386: 389-ds-base-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.i686.rpm x86_64: 389-ds-base-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: 389-ds-base-1.2.11.15-50.el6_6.src.rpm i386: 389-ds-base-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.i686.rpm x86_64: 389-ds-base-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-libs-1.2.11.15-50.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-debuginfo-1.2.11.15-50.el6_6.x86_64.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.i686.rpm 389-ds-base-devel-1.2.11.15-50.el6_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8105 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GDZXlSAg2UNWIIRAtqZAJwMohVVd4bhrNt8zFsQEN3HTq3GwgCgmTgD +m+iaouNSbpS5EhpPo6eXW4= =s3z0 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:01:40 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:01:40 +0000 Subject: [RHSA-2015:0627-01] Important: chromium-browser security update Message-ID: <201503051401.t25E1eom002168@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: chromium-browser security update Advisory ID: RHSA-2015:0627-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0627.html Issue date: 2015-03-05 CVE Names: CVE-2015-1213 CVE-2015-1214 CVE-2015-1215 CVE-2015-1216 CVE-2015-1217 CVE-2015-1218 CVE-2015-1219 CVE-2015-1220 CVE-2015-1221 CVE-2015-1222 CVE-2015-1223 CVE-2015-1224 CVE-2015-1225 CVE-2015-1226 CVE-2015-1227 CVE-2015-1228 CVE-2015-1229 CVE-2015-1230 CVE-2015-1231 ===================================================================== 1. Summary: Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. (CVE-2015-1213, CVE-2015-1214, CVE-2015-1215, CVE-2015-1216, CVE-2015-1217, CVE-2015-1218, CVE-2015-1219, CVE-2015-1220, CVE-2015-1221, CVE-2015-1222, CVE-2015-1223, CVE-2015-1224, CVE-2015-1225, CVE-2015-1226, CVE-2015-1227, CVE-2015-1228, CVE-2015-1229, CVE-2015-1230, CVE-2015-1231) All Chromium users should upgrade to these updated packages, which contain Chromium version 41.0.2272.76, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1198519 - CVE-2015-1213 chromium-browser: Out-of-bounds write in skia filters 1198520 - CVE-2015-1214 chromium-browser: Out-of-bounds write in skia filters 1198521 - CVE-2015-1215 chromium-browser: Out-of-bounds write in skia filters 1198522 - CVE-2015-1216 chromium-browser: Use-after-free in v8 bindings 1198523 - CVE-2015-1217 chromium-browser: Type confusion in v8 bindings 1198525 - CVE-2015-1218 chromium-browser: Use-after-free in dom 1198526 - CVE-2015-1219 chromium-browser: Integer overflow in webgl 1198527 - CVE-2015-1220 chromium-browser: Use-after-free in gif decoder 1198528 - CVE-2015-1221 chromium-browser: Use-after-free in web databases 1198529 - CVE-2015-1222 chromium-browser: Use-after-free in service workers 1198530 - CVE-2015-1223 chromium-browser: Use-after-free in dom 1198531 - CVE-2015-1224 chromium-browser: Out-of-bounds read in vpxdecoder 1198532 - CVE-2015-1225 chromium-browser: Out-of-bounds read in pdfium 1198533 - CVE-2015-1226 chromium-browser: Validation issue in debugger 1198534 - CVE-2015-1227 chromium-browser: Uninitialized value in blink 1198535 - CVE-2015-1228 chromium-browser: Uninitialized value in rendering 1198536 - CVE-2015-1229 chromium-browser: Cookie injection in proxies 1198537 - CVE-2015-1230 chromium-browser: Type confusion in v8 1198542 - CVE-2015-1231 chromium-browser: Various fixes from internal audits, fuzzing and other initiatives. 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): Source: chromium-browser-41.0.2272.76-1.el6_6.src.rpm i386: chromium-browser-41.0.2272.76-1.el6_6.i686.rpm chromium-browser-debuginfo-41.0.2272.76-1.el6_6.i686.rpm x86_64: chromium-browser-41.0.2272.76-1.el6_6.x86_64.rpm chromium-browser-debuginfo-41.0.2272.76-1.el6_6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): Source: chromium-browser-41.0.2272.76-1.el6_6.src.rpm i386: chromium-browser-41.0.2272.76-1.el6_6.i686.rpm chromium-browser-debuginfo-41.0.2272.76-1.el6_6.i686.rpm x86_64: chromium-browser-41.0.2272.76-1.el6_6.x86_64.rpm chromium-browser-debuginfo-41.0.2272.76-1.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): Source: chromium-browser-41.0.2272.76-1.el6_6.src.rpm i386: chromium-browser-41.0.2272.76-1.el6_6.i686.rpm chromium-browser-debuginfo-41.0.2272.76-1.el6_6.i686.rpm x86_64: chromium-browser-41.0.2272.76-1.el6_6.x86_64.rpm chromium-browser-debuginfo-41.0.2272.76-1.el6_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-1213 https://access.redhat.com/security/cve/CVE-2015-1214 https://access.redhat.com/security/cve/CVE-2015-1215 https://access.redhat.com/security/cve/CVE-2015-1216 https://access.redhat.com/security/cve/CVE-2015-1217 https://access.redhat.com/security/cve/CVE-2015-1218 https://access.redhat.com/security/cve/CVE-2015-1219 https://access.redhat.com/security/cve/CVE-2015-1220 https://access.redhat.com/security/cve/CVE-2015-1221 https://access.redhat.com/security/cve/CVE-2015-1222 https://access.redhat.com/security/cve/CVE-2015-1223 https://access.redhat.com/security/cve/CVE-2015-1224 https://access.redhat.com/security/cve/CVE-2015-1225 https://access.redhat.com/security/cve/CVE-2015-1226 https://access.redhat.com/security/cve/CVE-2015-1227 https://access.redhat.com/security/cve/CVE-2015-1228 https://access.redhat.com/security/cve/CVE-2015-1229 https://access.redhat.com/security/cve/CVE-2015-1230 https://access.redhat.com/security/cve/CVE-2015-1231 https://access.redhat.com/security/updates/classification/#important http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GGsXlSAg2UNWIIRAv83AJ95lD2dyEYoTrGAYUcO4V71HVDTggCgorf3 WBnqHdVoKEG/CXAoGOo98Ns= =QsiR -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:34:52 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:34:52 +0000 Subject: [RHSA-2015:0535-01] Low: GNOME Shell security, bug fix, and enhancement update Message-ID: <201503051434.t25EYq9J006695@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: GNOME Shell security, bug fix, and enhancement update Advisory ID: RHSA-2015:0535-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0535.html Issue date: 2015-03-05 CVE Names: CVE-2014-7300 ===================================================================== 1. Summary: Updated gnome-shell, mutter, clutter, and cogl packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: GNOME Shell and the packages it depends upon provide the core user interface of the Red Hat Enterprise Linux desktop, including functions such as navigating between windows and launching applications. It was found that the GNOME shell did not disable the Print Screen key when the screen was locked. This could allow an attacker with physical access to a system with a locked screen to crash the screen-locking application by creating a large amount of screenshots. (CVE-2014-7300) This update also fixes the following bugs: * The Timed Login feature, which automatically logs in a specified user after a specified period of time, stopped working after the first user of the GUI logged out. This has been fixed, and the specified user is always logged in if no one else logs in. (BZ#1043571) * If two monitors were arranged vertically with the secondary monitor above the primary monitor, it was impossible to move windows onto the secondary monitor. With this update, windows can be moved through the upper edge of the first monitor to the secondary monitor. (BZ#1075240) * If the Gnome Display Manager (GDM) user list was disabled and a user entered the user name, the password prompt did not appear. Instead, the user had to enter the user name one more time. The GDM code that contained this error has been fixed, and users can enter their user names and passwords as expected. (BZ#1109530) * Prior to this update, only a small area was available on the GDM login screen for a custom text banner. As a consequence, when a long banner was used, it did not fit into the area, and the person reading the banner had to use scrollbars to view the whole text. With this update, more space is used for the banner if necessary, which allows the user to read the message conveniently. (BZ#1110036) * When the Cancel button was pressed while an LDAP user name and password was being validated, the GDM code did not handle the situation correctly. As a consequence, GDM became unresponsive, and it was impossible to return to the login screen. The affected code has been fixed, and LDAP user validation can be canceled, allowing another user to log in instead. (BZ#1137041) * If the window focus mode in GNOME was set to "mouse" or "sloppy", navigating through areas of a pop-up menu displayed outside its parent window caused the window to lose its focus. Consequently, the menu was not usable. This has been fixed, and the window focus is kept in under this scenario. (BZ#1149585) * If user authentication is configured to require a smart card to log in, user names are obtained from the smart card. The authentication is then performed by entering the smart card PIN. Prior to this update, the login screen allowed a user name to be entered if no smart card was inserted, but due to a bug in the underlying code, the screen became unresponsive. If, on the other hand, a smart card was used for authentication, the user was logged in as soon as the authentication was complete. As a consequence, it was impossible to select a session other than GNOME Classic. Both of these problems have been fixed. Now, a smart card is required when this type of authentication is enabled, and any other installed session can be selected by the user. (BZ#1159385, BZ#1163474) In addition, this update adds the following enhancement: * Support for quad-buffer OpenGL stereo visuals has been added. As a result, OpenGL applications that use quad-buffer stereo can be run and properly displayed within the GNOME desktop when used with a video driver and hardware with the necessary capabilities. (BZ#861507, BZ#1108890, BZ#1108891, BZ#1108893) All GNOME Shell users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1043571 - Timed Login Failure 1052201 - Details -- Default Applications -- calendar 1092102 - workspaces thumbnails in overview too narrow with large number of workspaces 1108322 - Qt menu placement problem with gnome-shell and vertical monitors 1126754 - Workspace window placement is not persistent if monitors are switched 1137041 - GDM hangs when cancelling ldap user login 1147917 - CVE-2014-7300 gnome-shell: lockscreen bypass with printscreen key 1149585 - sloppy/mouse focus mode break with long pull-down menus 1153641 - [multi-head] Window is moved on its own to other screen 1154107 - CVE-2014-7300 gnome-shell: lockscreen bypass with printscreen key [rhel-7.1] 1154122 - Respect disable-save-to-disk lockdown setting 1159385 - GDM does not prompt for smartcard 1163474 - pam_pkcs11 with card_only breaks session selection 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: clutter-1.14.4-12.el7.src.rpm cogl-1.14.0-6.el7.src.rpm gnome-shell-3.8.4-45.el7.src.rpm mutter-3.8.4-16.el7.src.rpm x86_64: clutter-1.14.4-12.el7.i686.rpm clutter-1.14.4-12.el7.x86_64.rpm clutter-debuginfo-1.14.4-12.el7.i686.rpm clutter-debuginfo-1.14.4-12.el7.x86_64.rpm cogl-1.14.0-6.el7.i686.rpm cogl-1.14.0-6.el7.x86_64.rpm cogl-debuginfo-1.14.0-6.el7.i686.rpm cogl-debuginfo-1.14.0-6.el7.x86_64.rpm gnome-shell-3.8.4-45.el7.x86_64.rpm gnome-shell-debuginfo-3.8.4-45.el7.x86_64.rpm mutter-3.8.4-16.el7.i686.rpm mutter-3.8.4-16.el7.x86_64.rpm mutter-debuginfo-3.8.4-16.el7.i686.rpm mutter-debuginfo-3.8.4-16.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: cogl-doc-1.14.0-6.el7.noarch.rpm x86_64: clutter-debuginfo-1.14.4-12.el7.i686.rpm clutter-debuginfo-1.14.4-12.el7.x86_64.rpm clutter-devel-1.14.4-12.el7.i686.rpm clutter-devel-1.14.4-12.el7.x86_64.rpm clutter-doc-1.14.4-12.el7.x86_64.rpm cogl-debuginfo-1.14.0-6.el7.i686.rpm cogl-debuginfo-1.14.0-6.el7.x86_64.rpm cogl-devel-1.14.0-6.el7.i686.rpm cogl-devel-1.14.0-6.el7.x86_64.rpm gnome-shell-browser-plugin-3.8.4-45.el7.x86_64.rpm gnome-shell-debuginfo-3.8.4-45.el7.x86_64.rpm mutter-debuginfo-3.8.4-16.el7.i686.rpm mutter-debuginfo-3.8.4-16.el7.x86_64.rpm mutter-devel-3.8.4-16.el7.i686.rpm mutter-devel-3.8.4-16.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: clutter-1.14.4-12.el7.src.rpm cogl-1.14.0-6.el7.src.rpm gnome-shell-3.8.4-45.el7.src.rpm mutter-3.8.4-16.el7.src.rpm noarch: cogl-doc-1.14.0-6.el7.noarch.rpm x86_64: clutter-1.14.4-12.el7.i686.rpm clutter-1.14.4-12.el7.x86_64.rpm clutter-debuginfo-1.14.4-12.el7.i686.rpm clutter-debuginfo-1.14.4-12.el7.x86_64.rpm clutter-devel-1.14.4-12.el7.i686.rpm clutter-devel-1.14.4-12.el7.x86_64.rpm clutter-doc-1.14.4-12.el7.x86_64.rpm cogl-1.14.0-6.el7.i686.rpm cogl-1.14.0-6.el7.x86_64.rpm cogl-debuginfo-1.14.0-6.el7.i686.rpm cogl-debuginfo-1.14.0-6.el7.x86_64.rpm cogl-devel-1.14.0-6.el7.i686.rpm cogl-devel-1.14.0-6.el7.x86_64.rpm gnome-shell-3.8.4-45.el7.x86_64.rpm gnome-shell-browser-plugin-3.8.4-45.el7.x86_64.rpm gnome-shell-debuginfo-3.8.4-45.el7.x86_64.rpm mutter-3.8.4-16.el7.i686.rpm mutter-3.8.4-16.el7.x86_64.rpm mutter-debuginfo-3.8.4-16.el7.i686.rpm mutter-debuginfo-3.8.4-16.el7.x86_64.rpm mutter-devel-3.8.4-16.el7.i686.rpm mutter-devel-3.8.4-16.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: clutter-1.14.4-12.el7.src.rpm cogl-1.14.0-6.el7.src.rpm gnome-shell-3.8.4-45.el7.src.rpm mutter-3.8.4-16.el7.src.rpm ppc64: clutter-1.14.4-12.el7.ppc.rpm clutter-1.14.4-12.el7.ppc64.rpm clutter-debuginfo-1.14.4-12.el7.ppc.rpm clutter-debuginfo-1.14.4-12.el7.ppc64.rpm cogl-1.14.0-6.el7.ppc.rpm cogl-1.14.0-6.el7.ppc64.rpm cogl-debuginfo-1.14.0-6.el7.ppc.rpm cogl-debuginfo-1.14.0-6.el7.ppc64.rpm gnome-shell-3.8.4-45.el7.ppc64.rpm gnome-shell-debuginfo-3.8.4-45.el7.ppc64.rpm mutter-3.8.4-16.el7.ppc.rpm mutter-3.8.4-16.el7.ppc64.rpm mutter-debuginfo-3.8.4-16.el7.ppc.rpm mutter-debuginfo-3.8.4-16.el7.ppc64.rpm s390x: clutter-1.14.4-12.el7.s390.rpm clutter-1.14.4-12.el7.s390x.rpm clutter-debuginfo-1.14.4-12.el7.s390.rpm clutter-debuginfo-1.14.4-12.el7.s390x.rpm cogl-1.14.0-6.el7.s390.rpm cogl-1.14.0-6.el7.s390x.rpm cogl-debuginfo-1.14.0-6.el7.s390.rpm cogl-debuginfo-1.14.0-6.el7.s390x.rpm gnome-shell-3.8.4-45.el7.s390x.rpm gnome-shell-debuginfo-3.8.4-45.el7.s390x.rpm mutter-3.8.4-16.el7.s390.rpm mutter-3.8.4-16.el7.s390x.rpm mutter-debuginfo-3.8.4-16.el7.s390.rpm mutter-debuginfo-3.8.4-16.el7.s390x.rpm x86_64: clutter-1.14.4-12.el7.i686.rpm clutter-1.14.4-12.el7.x86_64.rpm clutter-debuginfo-1.14.4-12.el7.i686.rpm clutter-debuginfo-1.14.4-12.el7.x86_64.rpm cogl-1.14.0-6.el7.i686.rpm cogl-1.14.0-6.el7.x86_64.rpm cogl-debuginfo-1.14.0-6.el7.i686.rpm cogl-debuginfo-1.14.0-6.el7.x86_64.rpm gnome-shell-3.8.4-45.el7.x86_64.rpm gnome-shell-debuginfo-3.8.4-45.el7.x86_64.rpm mutter-3.8.4-16.el7.i686.rpm mutter-3.8.4-16.el7.x86_64.rpm mutter-debuginfo-3.8.4-16.el7.i686.rpm mutter-debuginfo-3.8.4-16.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: cogl-doc-1.14.0-6.el7.noarch.rpm ppc64: clutter-debuginfo-1.14.4-12.el7.ppc.rpm clutter-debuginfo-1.14.4-12.el7.ppc64.rpm clutter-devel-1.14.4-12.el7.ppc.rpm clutter-devel-1.14.4-12.el7.ppc64.rpm clutter-doc-1.14.4-12.el7.ppc64.rpm cogl-debuginfo-1.14.0-6.el7.ppc.rpm cogl-debuginfo-1.14.0-6.el7.ppc64.rpm cogl-devel-1.14.0-6.el7.ppc.rpm cogl-devel-1.14.0-6.el7.ppc64.rpm gnome-shell-browser-plugin-3.8.4-45.el7.ppc64.rpm gnome-shell-debuginfo-3.8.4-45.el7.ppc64.rpm mutter-debuginfo-3.8.4-16.el7.ppc.rpm mutter-debuginfo-3.8.4-16.el7.ppc64.rpm mutter-devel-3.8.4-16.el7.ppc.rpm mutter-devel-3.8.4-16.el7.ppc64.rpm s390x: clutter-debuginfo-1.14.4-12.el7.s390.rpm clutter-debuginfo-1.14.4-12.el7.s390x.rpm clutter-devel-1.14.4-12.el7.s390.rpm clutter-devel-1.14.4-12.el7.s390x.rpm clutter-doc-1.14.4-12.el7.s390x.rpm cogl-debuginfo-1.14.0-6.el7.s390.rpm cogl-debuginfo-1.14.0-6.el7.s390x.rpm cogl-devel-1.14.0-6.el7.s390.rpm cogl-devel-1.14.0-6.el7.s390x.rpm gnome-shell-browser-plugin-3.8.4-45.el7.s390x.rpm gnome-shell-debuginfo-3.8.4-45.el7.s390x.rpm mutter-debuginfo-3.8.4-16.el7.s390.rpm mutter-debuginfo-3.8.4-16.el7.s390x.rpm mutter-devel-3.8.4-16.el7.s390.rpm mutter-devel-3.8.4-16.el7.s390x.rpm x86_64: clutter-debuginfo-1.14.4-12.el7.i686.rpm clutter-debuginfo-1.14.4-12.el7.x86_64.rpm clutter-devel-1.14.4-12.el7.i686.rpm clutter-devel-1.14.4-12.el7.x86_64.rpm clutter-doc-1.14.4-12.el7.x86_64.rpm cogl-debuginfo-1.14.0-6.el7.i686.rpm cogl-debuginfo-1.14.0-6.el7.x86_64.rpm cogl-devel-1.14.0-6.el7.i686.rpm cogl-devel-1.14.0-6.el7.x86_64.rpm gnome-shell-browser-plugin-3.8.4-45.el7.x86_64.rpm gnome-shell-debuginfo-3.8.4-45.el7.x86_64.rpm mutter-debuginfo-3.8.4-16.el7.i686.rpm mutter-debuginfo-3.8.4-16.el7.x86_64.rpm mutter-devel-3.8.4-16.el7.i686.rpm mutter-devel-3.8.4-16.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: clutter-1.14.4-12.el7.src.rpm cogl-1.14.0-6.el7.src.rpm gnome-shell-3.8.4-45.el7.src.rpm mutter-3.8.4-16.el7.src.rpm x86_64: clutter-1.14.4-12.el7.i686.rpm clutter-1.14.4-12.el7.x86_64.rpm clutter-debuginfo-1.14.4-12.el7.i686.rpm clutter-debuginfo-1.14.4-12.el7.x86_64.rpm cogl-1.14.0-6.el7.i686.rpm cogl-1.14.0-6.el7.x86_64.rpm cogl-debuginfo-1.14.0-6.el7.i686.rpm cogl-debuginfo-1.14.0-6.el7.x86_64.rpm gnome-shell-3.8.4-45.el7.x86_64.rpm gnome-shell-debuginfo-3.8.4-45.el7.x86_64.rpm mutter-3.8.4-16.el7.i686.rpm mutter-3.8.4-16.el7.x86_64.rpm mutter-debuginfo-3.8.4-16.el7.i686.rpm mutter-debuginfo-3.8.4-16.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: cogl-doc-1.14.0-6.el7.noarch.rpm x86_64: clutter-debuginfo-1.14.4-12.el7.i686.rpm clutter-debuginfo-1.14.4-12.el7.x86_64.rpm clutter-devel-1.14.4-12.el7.i686.rpm clutter-devel-1.14.4-12.el7.x86_64.rpm clutter-doc-1.14.4-12.el7.x86_64.rpm cogl-debuginfo-1.14.0-6.el7.i686.rpm cogl-debuginfo-1.14.0-6.el7.x86_64.rpm cogl-devel-1.14.0-6.el7.i686.rpm cogl-devel-1.14.0-6.el7.x86_64.rpm gnome-shell-browser-plugin-3.8.4-45.el7.x86_64.rpm gnome-shell-debuginfo-3.8.4-45.el7.x86_64.rpm mutter-debuginfo-3.8.4-16.el7.i686.rpm mutter-debuginfo-3.8.4-16.el7.x86_64.rpm mutter-devel-3.8.4-16.el7.i686.rpm mutter-devel-3.8.4-16.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-7300 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GiQXlSAg2UNWIIRApjUAJ4+FOmuNc0peDf2u2Bp5vsq/t1qbwCeIr0R jx/foC/4KMC6SRRgGMZ+BLI= =BV/R -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:36:21 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:36:21 +0000 Subject: [RHSA-2015:0290-01] Important: kernel security, bug fix, and enhancement update Message-ID: <201503051436.t25EaLLo012182@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2015:0290-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0290.html Issue date: 2015-03-05 CVE Names: CVE-2014-3690 CVE-2014-3940 CVE-2014-7825 CVE-2014-7826 CVE-2014-8086 CVE-2014-8160 CVE-2014-8172 CVE-2014-8173 CVE-2014-8709 CVE-2014-8884 CVE-2015-0274 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 7. This is the first regular update. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. (CVE-2015-0274, Important) * It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause denial of service on the system. (CVE-2014-3690, Moderate) * A flaw was found in the way Linux kernel's Transparent Huge Pages (THP) implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugepages. (CVE-2014-3940, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's perf subsystem. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-7825, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's ftrace subsystem. On a system with ftrace syscall tracing enabled, a local, unprivileged user could use this flaw to crash the system, or escalate their privileges. (CVE-2014-7826, Moderate) * A race condition flaw was found in the Linux kernel's ext4 file system implementation that allowed a local, unprivileged user to crash the system by simultaneously writing to a file and toggling the O_DIRECT flag using fcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate) * A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol (SCTP) case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking module was not loaded on the system. (CVE-2014-8160, Moderate) * It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8172, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8173, Moderate) * An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext. (CVE-2014-8709, Low) * A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge DEC USB device driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges on the system. (CVE-2014-8884, Low) Red Hat would like to thank Eric Windisch of the Docker project for reporting CVE-2015-0274, Andy Lutomirski for reporting CVE-2014-3690, and Robert ?wi?cki for reporting CVE-2014-7825 and CVE-2014-7826. This update also fixes several hundred bugs and adds numerous enhancements. Refer to the Red Hat Enterprise Linux 7.1 Release Notes for information on the most significant of these changes, and the following Knowledgebase article for further information: https://access.redhat.com/articles/1352803 All Red Hat Enterprise Linux 7 users are advised to install these updated packages, which correct these issues and add these enhancements. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 839966 - Trigger RHEL7 crash in guest domU, host don't generate core file 915335 - RFE: Multiple virtio-rng devices support 968147 - enable online multiple hot-added CPUs cause RHEL7.0 guest hang(soft lockup) 1043379 - guest screen fail to return back to the originally screen after resume from S3(still black screen) 1050834 - lockdep warning in flush_work() when hotunplugging a virtio-scsi disk (scsi-block + iscsi://) 1058608 - [RFE] btrfs-progs: btrfs resize doesn't support T/P/E suffix 1065474 - Size of external origin needs to be aligned with thin pool chunk size 1067126 - Virt-manager doesn't configure bridge for VM 1068627 - implement lazy save/restore of debug registers 1071340 - FCoE target: kernel panic when initiator connects to target 1074747 - kvm unit test "realmode" fails 1078775 - During query cpuinfo during guest boot from ipxe repeatedly in AMD hosts, vm repeatedly reboot. 1079841 - kvm unit test "debug" fails 1080894 - dm-cache: crash on creating cache 1083860 - kernel panic when virtscsi_init fails 1083969 - libguestfs-test-tool hangs when the guest is boot with -cpu host 1086058 - fail to boot L2 guest on wildcatpass Haswell host 1088784 - qemu ' KVM internal error. Suberror: 1' when query cpu frequently during pxe boot in Intel "Q95xx" host 1091818 - Windows guest booting failed with apicv and hv_vapic 1095099 - RHEL7.0 guest hang during kdump with qxl shared irq 1098643 - sync with latest upstream dm-thin provisioning improvements and fixes (through 3.15) 1102641 - BUG: It is not possible to communicate between local program and local ipv6 address when at least one 'netlabelctl unlbl' rule is added 1104097 - CVE-2014-3940 Kernel: missing check during hugepage migration 1115201 - [xfs] can't create inodes in newly added space after xfs_growfs 1117542 - Support for movntdq 1119662 - BUG: NetLabel lead to kernel panic on some SELinux levels 1120850 - unable recover NFSv3 locks NLM_DENIED_NOLOCK 1124880 - [fuse] java.io.FileNotFoundException (FNF) during time period with unrecovered disk errors 1127218 - Include fix commit daba287b299ec7a ("ipv4: fix DO and PROBE pmtu mode regarding local fragmentation with UFO/CORK") 1131552 - Solarflare devices do not provide PCIe ACS support, limiting device assignment use case due to IOMMU grouping 1141399 - Device 'vfio-pci' could not be initialized when passing through Intel 82599 1151353 - CVE-2014-8086 Kernel: fs: ext4 race condition 1153322 - CVE-2014-3690 kernel: kvm: vmx: invalid host cr4 handling across vm entries 1161565 - CVE-2014-7825 CVE-2014-7826 kernel: insufficient syscall number validation in perf and ftrace subsystems 1164266 - CVE-2014-8884 kernel: usb: buffer overflow in ttusb-dec 1173580 - CVE-2014-8709 kernel: net: mac80211: plain text information leak 1182059 - CVE-2014-8160 kernel: iptables restriction bypass if a protocol handler kernel module not loaded 1195248 - CVE-2015-0274 kernel: xfs: replacing remote attributes memory corruption 1198457 - CVE-2014-8173 kernel: NULL pointer dereference in madvise(MADV_WILLNEED) support 1198503 - CVE-2014-8172 kernel: soft lockup on aio 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-229.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm kernel-doc-3.10.0-229.el7.noarch.rpm x86_64: kernel-3.10.0-229.el7.x86_64.rpm kernel-debug-3.10.0-229.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debug-devel-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm kernel-devel-3.10.0-229.el7.x86_64.rpm kernel-headers-3.10.0-229.el7.x86_64.rpm kernel-tools-3.10.0-229.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-tools-libs-3.10.0-229.el7.x86_64.rpm perf-3.10.0-229.el7.x86_64.rpm perf-debuginfo-3.10.0-229.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm perf-debuginfo-3.10.0-229.el7.x86_64.rpm python-perf-3.10.0-229.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-229.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm kernel-doc-3.10.0-229.el7.noarch.rpm x86_64: kernel-3.10.0-229.el7.x86_64.rpm kernel-debug-3.10.0-229.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debug-devel-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm kernel-devel-3.10.0-229.el7.x86_64.rpm kernel-headers-3.10.0-229.el7.x86_64.rpm kernel-tools-3.10.0-229.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-tools-libs-3.10.0-229.el7.x86_64.rpm perf-3.10.0-229.el7.x86_64.rpm perf-debuginfo-3.10.0-229.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm perf-debuginfo-3.10.0-229.el7.x86_64.rpm python-perf-3.10.0-229.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-229.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm kernel-doc-3.10.0-229.el7.noarch.rpm ppc64: kernel-3.10.0-229.el7.ppc64.rpm kernel-bootwrapper-3.10.0-229.el7.ppc64.rpm kernel-debug-3.10.0-229.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-229.el7.ppc64.rpm kernel-debug-devel-3.10.0-229.el7.ppc64.rpm kernel-debuginfo-3.10.0-229.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-229.el7.ppc64.rpm kernel-devel-3.10.0-229.el7.ppc64.rpm kernel-headers-3.10.0-229.el7.ppc64.rpm kernel-tools-3.10.0-229.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-229.el7.ppc64.rpm kernel-tools-libs-3.10.0-229.el7.ppc64.rpm perf-3.10.0-229.el7.ppc64.rpm perf-debuginfo-3.10.0-229.el7.ppc64.rpm python-perf-debuginfo-3.10.0-229.el7.ppc64.rpm s390x: kernel-3.10.0-229.el7.s390x.rpm kernel-debug-3.10.0-229.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-229.el7.s390x.rpm kernel-debug-devel-3.10.0-229.el7.s390x.rpm kernel-debuginfo-3.10.0-229.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-229.el7.s390x.rpm kernel-devel-3.10.0-229.el7.s390x.rpm kernel-headers-3.10.0-229.el7.s390x.rpm kernel-kdump-3.10.0-229.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-229.el7.s390x.rpm kernel-kdump-devel-3.10.0-229.el7.s390x.rpm perf-3.10.0-229.el7.s390x.rpm perf-debuginfo-3.10.0-229.el7.s390x.rpm python-perf-debuginfo-3.10.0-229.el7.s390x.rpm x86_64: kernel-3.10.0-229.el7.x86_64.rpm kernel-debug-3.10.0-229.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debug-devel-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm kernel-devel-3.10.0-229.el7.x86_64.rpm kernel-headers-3.10.0-229.el7.x86_64.rpm kernel-tools-3.10.0-229.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-tools-libs-3.10.0-229.el7.x86_64.rpm perf-3.10.0-229.el7.x86_64.rpm perf-debuginfo-3.10.0-229.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: kernel-debug-debuginfo-3.10.0-229.el7.ppc64.rpm kernel-debuginfo-3.10.0-229.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-229.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-229.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-229.el7.ppc64.rpm perf-debuginfo-3.10.0-229.el7.ppc64.rpm python-perf-3.10.0-229.el7.ppc64.rpm python-perf-debuginfo-3.10.0-229.el7.ppc64.rpm s390x: kernel-debug-debuginfo-3.10.0-229.el7.s390x.rpm kernel-debuginfo-3.10.0-229.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-229.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-229.el7.s390x.rpm perf-debuginfo-3.10.0-229.el7.s390x.rpm python-perf-3.10.0-229.el7.s390x.rpm python-perf-debuginfo-3.10.0-229.el7.s390x.rpm x86_64: kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm perf-debuginfo-3.10.0-229.el7.x86_64.rpm python-perf-3.10.0-229.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-229.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm kernel-doc-3.10.0-229.el7.noarch.rpm x86_64: kernel-3.10.0-229.el7.x86_64.rpm kernel-debug-3.10.0-229.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debug-devel-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm kernel-devel-3.10.0-229.el7.x86_64.rpm kernel-headers-3.10.0-229.el7.x86_64.rpm kernel-tools-3.10.0-229.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-tools-libs-3.10.0-229.el7.x86_64.rpm perf-3.10.0-229.el7.x86_64.rpm perf-debuginfo-3.10.0-229.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm perf-debuginfo-3.10.0-229.el7.x86_64.rpm python-perf-3.10.0-229.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3690 https://access.redhat.com/security/cve/CVE-2014-3940 https://access.redhat.com/security/cve/CVE-2014-7825 https://access.redhat.com/security/cve/CVE-2014-7826 https://access.redhat.com/security/cve/CVE-2014-8086 https://access.redhat.com/security/cve/CVE-2014-8160 https://access.redhat.com/security/cve/CVE-2014-8172 https://access.redhat.com/security/cve/CVE-2014-8173 https://access.redhat.com/security/cve/CVE-2014-8709 https://access.redhat.com/security/cve/CVE-2014-8884 https://access.redhat.com/security/cve/CVE-2015-0274 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/1352803 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GmuXlSAg2UNWIIRAsuVAJ0cw57y0gf8PHaHBm+h2iMw579L0QCgj2Yx RbiWM5G7puiwtgziJ75pAwM= =0gV7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:37:15 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:37:15 +0000 Subject: [RHSA-2015:0442-01] Moderate: ipa security, bug fix, and enhancement update Message-ID: <201503051437.t25EbFtf019784@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ipa security, bug fix, and enhancement update Advisory ID: RHSA-2015:0442-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0442.html Issue date: 2015-03-05 CVE Names: CVE-2010-5312 CVE-2012-6662 ===================================================================== 1. Summary: Updated ipa packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Two cross-site scripting (XSS) flaws were found in jQuery, which impacted the Identity Management web administrative interface, and could allow an authenticated user to inject arbitrary HTML or web script into the interface. (CVE-2010-5312, CVE-2012-6662) Note: The IdM version provided by this update no longer uses jQuery. This update adds several enhancements that are described in more detail in the Red Hat Enterprise Linux 7.1 Release Notes, linked to in the References section, including: * Added the "ipa-cacert-manage" command, which renews the Certification Authority (CA) file. (BZ#886645) * Added the ID Views feature. (BZ#891984) * IdM now supports using one-time password (OTP) authentication and allows gradual migration from proprietary OTP solutions to the IdM OTP solution. (BZ#919228) * Added the "ipa-backup" and "ipa-restore" commands to allow manual backups. (BZ#951581) * Added a solution for regulating access permissions to specific sections of the IdM server. (BZ#976382) This update also fixes several bugs, including: * Previously, when IdM servers were configured to require the Transport Layer Security protocol version 1.1 (TLSv1.1) or later in the httpd server, the "ipa" command-line utility failed. With this update, running "ipa" works as expected with TLSv1.1 or later. (BZ#1156466) In addition, this update adds multiple enhancements, including: * The "ipa-getkeytab" utility can now optionally fetch existing keytabs from the KDC. Previously, retrieving an existing keytab was not supported, as the only option was to generate a new key. (BZ#1007367) * You can now create and manage a "." root zone on IdM servers. DNS queries sent to the IdM DNS server use this configured zone instead of the public zone. (BZ#1056202) * The IdM server web UI has been updated and is now based on the Patternfly framework, offering better responsiveness. (BZ#1108212) * A new user attribute now enables provisioning systems to add custom tags for user objects. The tags can be used for automember rules or for additional local interpretation. (BZ#1108229) * This update adds a new DNS zone type to ensure that forward and master zones are better separated. As a result, the IdM DNS interface complies with the forward zone semantics in BIND. (BZ#1114013) * This update adds a set of Apache modules that external applications can use to achieve tighter interaction with IdM beyond simple authentication. (BZ#1107555) * IdM supports configuring automember rules for automated assignment of users or hosts in respective groups according to their characteristics, such as the "userClass" or "departmentNumber" attributes. Previously, the rules could be applied only to new entries. This update allows applying the rules also to existing users or hosts. (BZ#1108226) * The extdom plug-in translates Security Identifiers (SIDs) of Active Directory (AD) users and groups to names and POSIX IDs. With this update, extdom returns the full member list for groups and the full list of group memberships for a user, the GECOS field, the home directory, as well as the login shell of a user. Also, an optional list of key-value pairs contains the SID of the requested object if the SID is available. (BZ#1030699) All ipa users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 711693 - [RFE] Normal users should not be given privileges to view all sudorules and their details. 788645 - [RFE] Allow filter and subtree to be added in same permission 815828 - Rename DNS permissions to use mixed-case 817909 - error indicates a different reason when ipa permission-mod fails to modify attrs 854335 - Unable to update "remove automount keys" - it has filter and subtree specified 887988 - [RFE] Expose the krbPrincipalExpiration attribute for editing in the IPA CLI / WEBUI 891984 - [RFE] ID Views: Support migration from the sync solution to the trust solution 893850 - Unable to update permissions for "Add Automount Keys" 921655 - fix UI CSS to support RH branding 922749 - IPA Navigation links overlaped or unclickable 924008 - Unknown binary attributes can cause migration to fail 924395 - [RFE] ipa-client-install should configure sudo automatically 951581 - [RFE] Backup & Restore mechanism 970618 - [RFE] pac-type change must be effective immediately without kdc restart 971061 - Localization not working even for languages that are localized 975456 - [RFE] add option to ipa-client-install to configure automount 985234 - ipa-client-install --uninstall starts nscd service 1027712 - "username" field in IPA webUI login page should be mandatory 1027713 - There is no version information on IPA WebUI 1030699 - [RFE] Support initgroups for unauthenticated AD users 1031111 - ipa-client: add root CA to trust anchors if not already available 1033357 - ipactl can not restart ipa services if current status is "stopped" 1035286 - [WebUI] Realm domain is not providing proper error message 1048934 - [WebUI] Retry and Cancel dialogs do not support 'confirmation by Enter' 1048956 - [WebUI] "OK" button is not focused on "Operations Error" dialog, once we opened "show details" 1056202 - [RFE] Support DNS root zone 1058780 - Missing checks during ipa idrange-add 1060349 - IPA: Unable to add host when ipv6 address already exits 1061772 - [WebUI] Maximum serial number search accepts negative inputs and lists wrong search results. 1072502 - running ipa-server-install --setup-dns results in a crash 1075129 - bogus time estimates shown for configuration of various component in replica installation 1077734 - [WebUI] select all checkbox remains selected after operation 1080209 - IPA server does not allow sudo host network filters 1080532 - ipa-client-install --uninstall crash on a freshly installed machine joined to IPA via reamd and anaconda 1081626 - When certmonger is still tracking cert in ipa, uninstall fails but error does not indicate this 1084609 - [RFE] RHEL7 support for ipa-admintools on other architectures 1099811 - Apache crashes when replica is restarted when installing 1107555 - [RFE] Provide a stack of apache modules for any applications to consume 1108195 - MOD command returns duplicate memberships 1108201 - cannot create dns zone when name has consecutive dash characters 1108202 - dnsrecord-* with absolute target gives error 1108203 - [RFE] Add EmployeeID in the Web UI and command name 1108204 - PTR record cannot be added from UI, if user added zone without last '.' 1108205 - Replica installation dies if /etc/resolv.conf is not writeable 1108206 - sshd should run at least once before ipa-client-install 1108207 - [WebUI] When adding a condition to an automember rule, expression field should be required 1108208 - The Synchronizing time with KDC... message looks strange between login and password prompts 1108212 - [RFE] Adopt Patternfly/RCUE open interface project for the Web UI 1108213 - Installers should explicitly specify auth mechanism when calling ldapmodify 1108214 - ipa-replica-install: DNS check is between "host already exists" message and exit 1108215 - Make Read replication agreements permission less more targeted 1108216 - Unexpected error when providing incorrect password to ipa-ldap-updater 1108220 - Broken Firefox configuration files in freeipa-client package 1108222 - SSH widget doesn't honor a lack of write right 1108224 - Replace ntpdate calls with ntpd 1108225 - ipadb.so could get tripped up by DAL changes to support keyless principals 1108226 - [RFE] Use automember for hosts after the host is added 1108228 - Add UI for the new user and host userClass attribute 1108229 - [RFE] Better integration with the external provisioning systems - users 1108230 - Should not display ports to open when password is incorrect during ipa-client-install. 1108231 - ipa-join usage instructions are incorrect 1108232 - [RFE] ipa migrate-ds should have an argument to specify cert to use for DS connection 1108233 - [RFE] ipa dnsrecord-add should allow internationalized names 1108234 - [WebUI] it is not clear which row a value belongs to 1108235 - xmlrpc system commands do not work 1108236 - Name is blank in error message for duplicate automember rule 1108237 - [RFE] Enhance input validation for filters in access control 1109726 - Rebase IPA to 4.1 1112603 - Internal Error: `ipa sudorule-mod rule --order=` 1112605 - [RFE] Add support for SubjectAltNames (SAN) to IPA service certificates 1112691 - ipa-server-install break sshd 1113918 - Setting a sudo category to all doesn't check to see if rules already exist 1113919 - Let deny commands be added to sudo rule with cmdcatetory=ALL 1113920 - Sudo runasgroup entry not generated by the sudo compat tree 1114013 - [RFE] Separate master and forward DNS zones 1115048 - Description attribute should not be required 1115616 - [RFE] Allow unlocking user in Web UI 1126989 - ipa-client-install creates configuration file with deprecated values 1128380 - Failure when installing on dual stacked system with external ca 1129558 - Windows Server 2012 CA does not accept CSR generated by IdM External CA installation 1129730 - CA-less installation fails when the CA cert has an empty subject 1131049 - Update SSL ciphers configured in 389-ds-base 1131187 - ipa-ldap-upgrade should restore Directory Server settings when upgrade fails 1131877 - Registering one IPA server with the browser removes entries for another 1133966 - ipa trust-add cmd should be interactive 1138773 - Internal error received for blank password with --trust-secret 1138775 - Password migration is broken 1138777 - Renewal with no master CA 1138791 - Prohibit setting --rid-base for ranges of ipa-trust-ad-posix type 1138792 - Disable unsupported ID range types 1138795 - DS returns limited RootDSE 1138798 - Add support for bounce_url to /ipa/ui/reset_password.html 1138803 - Do not store host certificate in shared NSS database /etc/pki/nssdb 1142088 - ipa-server-install searches CA under different hostname 1142789 - host-del command does not accept --continue 1147679 - ipa man page incorrectly indicates how to add users 1149124 - group-add doesn't accept gid parameter 1156466 - POODLE: force using safe ciphers (non-SSLv3) in IPA client and server 1159011 - Trust setting not restored for CA cert with ipa-restore command 1159330 - RHEL7.1 ipa-server-install --uninstall Could not set SELinux booleans for httpd 1159816 - ignoring user attributes in migrate-ds does not work if uppercase characters are returned by ldap 1160756 - Investigate & fix Coverity defects in IPA DS/KDC plugins 1160758 - Tests: host-del returns DatabaseError 1161128 - Upgrade 3.3.5 to 4.1 failed 1161129 - ipactl stop should stop dirsrv last 1161131 - Deadlock in schema compat plugin 1162340 - ipa-server-install fails when restarting named 1163498 - Renewing the CA signing certificate does not extend its validity period end 1163849 - error message which is not understandable when IDNA2003 characters are present in --zonemgr (--zonemgr=T??ko at redhat.com) 1164859 - Traceback when adding zone with long name 1164896 - RHEL7.1 IPA server httpd avc denials after upgrade 1166041 - CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option 1166064 - CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget 1166641 - ipa-otp-lasttoken loads all user's tokens on every mod/del 1166931 - RHEL7.1 ipa automatic CA cert renewal stuck in submitting state 1167196 - schema update on RHEL-6.6 using latest copy-schema-to-ca.py from RHEL-7.1 build fails 1167270 - Tracebacks with latest build for --zonemgr cli option 1167964 - RHEL7.1 ipa replica unable to replicate to rhel6 master 1168214 - [WebUI] Not able to unprovisioning service in IPA 4.1 1168376 - Clean up debug log for trust-add 1168916 - Extend host-show to add the view attribute in set of default attributes 1169591 - RHEL7.1 ipa-cacert-manage renewed certificate from MS ADCS not compatible 1169867 - Winsync: Setup is broken due to incorrect import of certificate 1170003 - RHEL7.1 ipa-cacert-manage cannot change external to self-signed ca cert 1170695 - krb5kdc crash in ldap_pvt_search 1171089 - webui: increase notification duration 1172578 - CLI doesn't show SSHFP records with SHA256 added via nsupdate (regression) 1172598 - Access is not rejected for disabled domain 1173207 - IPA certs fail to autorenew simultaneouly 1175277 - Data replication not working as expected after data restore from full backup 1175287 - No error message thrown on restore(full kind) on replica from full backup taken on master 1175326 - ipa-restore proceed even IPA not configured 1175384 - DNS zones are not migrated into forward zones if 4.0+ replica is added 1176034 - More validation required on ipa-restore's options 1176995 - IPA replica missing data after master upgraded 1177133 - When migrating warn user if compat is enabled 1178128 - IPA externally signed CA cert expiration warning missing from log 1181010 - ipa-replica-manage list does not list synced domain 1181093 - PassSync does not sync passwords due to missing ACIs 1181767 - ipa-upgradeconfig fails in CA-less installs 1183279 - ipa-replica-manage disconnect fails without password 1184149 - DUA profile not available anonymously 1185410 - idoverrideuser-add option --sshpubkey does not work 1186396 - ipa-restore crashes if replica is unreachable 1186398 - Wrong directories created on full restore 1187342 - Login ignores global OTP enablement 1187540 - Full set of objectclass not available post group detach. 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: ipa-4.1.0-18.el7.src.rpm x86_64: ipa-client-4.1.0-18.el7.x86_64.rpm ipa-debuginfo-4.1.0-18.el7.x86_64.rpm ipa-python-4.1.0-18.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: ipa-admintools-4.1.0-18.el7.x86_64.rpm ipa-debuginfo-4.1.0-18.el7.x86_64.rpm ipa-server-4.1.0-18.el7.x86_64.rpm ipa-server-trust-ad-4.1.0-18.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: ipa-4.1.0-18.el7.src.rpm x86_64: ipa-client-4.1.0-18.el7.x86_64.rpm ipa-debuginfo-4.1.0-18.el7.x86_64.rpm ipa-python-4.1.0-18.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: ipa-admintools-4.1.0-18.el7.x86_64.rpm ipa-debuginfo-4.1.0-18.el7.x86_64.rpm ipa-server-4.1.0-18.el7.x86_64.rpm ipa-server-trust-ad-4.1.0-18.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ipa-4.1.0-18.el7.src.rpm ppc64: ipa-client-4.1.0-18.el7.ppc64.rpm ipa-debuginfo-4.1.0-18.el7.ppc64.rpm ipa-python-4.1.0-18.el7.ppc64.rpm s390x: ipa-client-4.1.0-18.el7.s390x.rpm ipa-debuginfo-4.1.0-18.el7.s390x.rpm ipa-python-4.1.0-18.el7.s390x.rpm x86_64: ipa-admintools-4.1.0-18.el7.x86_64.rpm ipa-client-4.1.0-18.el7.x86_64.rpm ipa-debuginfo-4.1.0-18.el7.x86_64.rpm ipa-python-4.1.0-18.el7.x86_64.rpm ipa-server-4.1.0-18.el7.x86_64.rpm ipa-server-trust-ad-4.1.0-18.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: ipa-admintools-4.1.0-18.el7.ppc64.rpm ipa-debuginfo-4.1.0-18.el7.ppc64.rpm s390x: ipa-admintools-4.1.0-18.el7.s390x.rpm ipa-debuginfo-4.1.0-18.el7.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ipa-4.1.0-18.el7.src.rpm x86_64: ipa-admintools-4.1.0-18.el7.x86_64.rpm ipa-client-4.1.0-18.el7.x86_64.rpm ipa-debuginfo-4.1.0-18.el7.x86_64.rpm ipa-python-4.1.0-18.el7.x86_64.rpm ipa-server-4.1.0-18.el7.x86_64.rpm ipa-server-trust-ad-4.1.0-18.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2010-5312 https://access.redhat.com/security/cve/CVE-2012-6662 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.1_Release_Notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+Gn6XlSAg2UNWIIRAom6AJ450oYK39lzrnhP1tEAjyWJSSuIewCghc9I YLx9EP6hrQprcMa6HO/FYX0= =5cxi -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:38:10 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:38:10 +0000 Subject: [RHSA-2015:0439-01] Moderate: krb5 security, bug fix and enhancement update Message-ID: <201503051438.t25EcBuo028943@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: krb5 security, bug fix and enhancement update Advisory ID: RHSA-2015:0439-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html Issue date: 2015-03-05 CVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 ===================================================================== 1. Summary: Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344) A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) call the gss_process_context_token() function could use this flaw to crash that application. (CVE-2014-5352) If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker with the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353) A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, using specially crafted XDR packets. (CVE-2014-9421) It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as "kad/x") could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422) An information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS implementation (libgssrpc) handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application. (CVE-2014-9423) Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. (CVE-2014-4341, CVE-2014-4342) A double-free flaw was found in the MIT Kerberos SPNEGO initiators. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343) Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT Kerberos project acknowledges Nico Williams for helping with the analysis of CVE-2014-5352. The krb5 packages have been upgraded to upstream version 1.12, which provides a number of bug fixes and enhancements, including: * Added plug-in interfaces for principal-to-username mapping and verifying authorization to user accounts. * When communicating with a KDC over a connected TCP or HTTPS socket, the client gives the KDC more time to reply before it transmits the request to another server. (BZ#1049709, BZ#1127995) This update also fixes multiple bugs, for example: * The Kerberos client library did not recognize certain exit statuses that the resolver libraries could return when looking up the addresses of servers configured in the /etc/krb5.conf file or locating Kerberos servers using DNS service location. The library could treat non-fatal return codes as fatal errors. Now, the library interprets the specific return codes correctly. (BZ#1084068, BZ#1109102) In addition, this update adds various enhancements. Among others: * Added support for contacting KDCs and kpasswd servers through HTTPS proxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919) 4. Solution: All krb5 users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1084068 - ipv6 address handling in krb5.conf 1102837 - Please backport improved GSSAPI mech configuration 1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly 1109919 - Backport https support into libkrb5 1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext 1118347 - ksu non-functional, gets invalid argument copying cred cache 1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens 1121789 - CVE-2014-4343: use-after-free crash in SPNEGO 1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators 1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens 1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure 1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) 1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update 1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name 1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001) 1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001) 1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001) 1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001) 1184629 - kinit loops on principals on unknown error 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: krb5-1.12.2-14.el7.src.rpm x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: krb5-1.12.2-14.el7.src.rpm x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: krb5-1.12.2-14.el7.src.rpm ppc64: krb5-debuginfo-1.12.2-14.el7.ppc.rpm krb5-debuginfo-1.12.2-14.el7.ppc64.rpm krb5-devel-1.12.2-14.el7.ppc.rpm krb5-devel-1.12.2-14.el7.ppc64.rpm krb5-libs-1.12.2-14.el7.ppc.rpm krb5-libs-1.12.2-14.el7.ppc64.rpm krb5-pkinit-1.12.2-14.el7.ppc64.rpm krb5-server-1.12.2-14.el7.ppc64.rpm krb5-server-ldap-1.12.2-14.el7.ppc64.rpm krb5-workstation-1.12.2-14.el7.ppc64.rpm s390x: krb5-debuginfo-1.12.2-14.el7.s390.rpm krb5-debuginfo-1.12.2-14.el7.s390x.rpm krb5-devel-1.12.2-14.el7.s390.rpm krb5-devel-1.12.2-14.el7.s390x.rpm krb5-libs-1.12.2-14.el7.s390.rpm krb5-libs-1.12.2-14.el7.s390x.rpm krb5-pkinit-1.12.2-14.el7.s390x.rpm krb5-server-1.12.2-14.el7.s390x.rpm krb5-server-ldap-1.12.2-14.el7.s390x.rpm krb5-workstation-1.12.2-14.el7.s390x.rpm x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: krb5-1.12.2-14.el7.src.rpm x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-4341 https://access.redhat.com/security/cve/CVE-2014-4342 https://access.redhat.com/security/cve/CVE-2014-4343 https://access.redhat.com/security/cve/CVE-2014-4344 https://access.redhat.com/security/cve/CVE-2014-4345 https://access.redhat.com/security/cve/CVE-2014-5352 https://access.redhat.com/security/cve/CVE-2014-5353 https://access.redhat.com/security/cve/CVE-2014-9421 https://access.redhat.com/security/cve/CVE-2014-9422 https://access.redhat.com/security/cve/CVE-2014-9423 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi gZD8EL2lSaLXnIQxca8zLTg= =aK0y -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:38:54 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:38:54 +0000 Subject: [RHSA-2015:0430-01] Moderate: virt-who security, bug fix, and enhancement update Message-ID: <201503051438.t25EcsN5026248@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: virt-who security, bug fix, and enhancement update Advisory ID: RHSA-2015:0430-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0430.html Issue date: 2015-03-05 CVE Names: CVE-2014-0189 ===================================================================== 1. Summary: An updated virt-who package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: The virt-who package provides an agent that collects information about virtual guests present in the system and reports them to the subscription manager. It was discovered that the /etc/sysconfig/virt-who configuration file, which may contain hypervisor authentication credentials, was world-readable. A local user could use this flaw to obtain authentication credentials from this file. (CVE-2014-0189) Red Hat would like to thank Sal Castiglione for reporting this issue. The virt-who package has been upgraded to upstream version 0.11, which provides a number of bug fixes and enhancements over the previous version. The most notable bug fixes and enhancements include: * Support for remote libvirt. * A fix for using encrypted passwords. * Bug fixes and enhancements that increase the stability of virt-who. (BZ#1122489) This update also fixes the following bugs: * Prior to this update, the virt-who agent failed to read the list of virtual guests provided by the VDSM daemon. As a consequence, when in VDSM mode, the virt-who agent was not able to send updates about virtual guests to Subscription Asset Manager (SAM) and Red Hat Satellite. With this update, the agent reads the list of guests when in VDSM mode correctly and reports to SAM and Satellite as expected. (BZ#1153405) * Previously, virt-who used incorrect information when connecting to Red Hat Satellite 5. Consequently, virt-who could not connect to Red Hat Satellite 5 servers. The incorrect parameter has been corrected, and virt-who can now successfully connect to Red Hat Satellite 5. (BZ#1158859) * Prior to this update, virt-who did not decode the hexadecimal representation of a password before decrypting it. As a consequence, the decrypted password did not match the original password, and attempts to connect using the password failed. virt-who has been updated to decode the encrypted password and, as a result, virt-who now handles storing credentials using encrypted passwords as expected. (BZ#1161607) In addition, this update adds the following enhancement: * With this update, virt-who is able to read the list of guests from a remote libvirt hypervisor. (BZ#1127965) Users of virt-who are advised to upgrade to this updated package, which corrects these issues and adds these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1065421 - Remove dependency on 'libvirt' RPM 1076290 - virt-who creat a null system in SAM server in esx mode 1082981 - Faild to add Hyper-V 2012 to SAM as virt-who communication with Hyper-V failed 1086517 - virt-who failed when testing against Satellite 5.6 due to missing folder /var/lib/virt-who in RHEL 7 1088732 - CVE-2014-0189 virt-who: plaintext hypervisor passwords in world-readable /etc/sysconfig/virt-who configuration file 1098448 - virt-who dies when the system is being unregistered 1122489 - virt-who rebase 1127965 - [RFE] Please add libvirt parameter for using Red Hat Enterprise Linux for Virtual Datacenter in kvm environments. 1153405 - virt-who can't work in the VDSM mode 1158759 - Wrong permission for configuration file /etc/sysconfig/virt-who on rhel7.1 1158803 - Can't display the running mode in the virt-who log 1158859 - virt-who uses wrong server when connecting to satellite 1159187 - "/etc/virt-who.d" hasn't been created by default. 1161434 - Take over one minute to stop/restart virt-who service in ESX mode. 1161607 - virt-who not able to decrypt encrypted password 1162049 - syslog.target depenancy 1163021 - Failed to send host/guest associate to SAM when virt-who run at esx mode 1168111 - [VDSM mode]Failed to send host/guest associate to SAM when there is a vm in the host 1168122 - virt-who incorrectly says that VM is from 'None' hypervisor 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: virt-who-0.11-5.el7.src.rpm noarch: virt-who-0.11-5.el7.noarch.rpm Red Hat Enterprise Linux Server (v. 7): Source: virt-who-0.11-5.el7.src.rpm noarch: virt-who-0.11-5.el7.noarch.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: virt-who-0.11-5.el7.src.rpm noarch: virt-who-0.11-5.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0189 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GphXlSAg2UNWIIRAoE6AJ91cRX75wBg0NbM2uckB4JzO2giPwCgqZb/ InvxPci5HOMZ7m+LSxdOr5E= =9G90 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:43:20 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:43:20 +0000 Subject: [RHSA-2015:0425-02] Moderate: openssh security, bug fix and enhancement update Message-ID: <201503051443.t25EhKol029454@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssh security, bug fix and enhancement update Advisory ID: RHSA-2015:0425-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0425.html Issue date: 2015-03-05 CVE Names: CVE-2014-2653 CVE-2014-9278 ===================================================================== 1. Summary: Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record. (CVE-2014-2653) It was found that when OpenSSH was used in a Kerberos environment, remote authenticated users were allowed to log in as a different user if they were listed in the ~/.k5users file of that user, potentially bypassing intended authentication restrictions. (CVE-2014-9278) The openssh packages have been upgraded to upstream version 6.6.1, which provides a number of bug fixes and enhancements over the previous version. (BZ#1059667) Bug fixes: * An existing /dev/log socket is needed when logging using the syslog utility, which is not possible for all chroot environments based on the user's home directories. As a consequence, the sftp commands were not logged in the chroot setup without /dev/log in the internal sftp subsystem. With this update, openssh has been enhanced to detect whether /dev/log exists. If /dev/log does not exist, processes in the chroot environment use their master processes for logging. (BZ#1083482) * The buffer size for a host name was limited to 64 bytes. As a consequence, when a host name was 64 bytes long or longer, the ssh-keygen utility failed. The buffer size has been increased to fix this bug, and ssh-keygen no longer fails in the described situation. (BZ#1097665) * Non-ASCII characters have been replaced by their octal representations in banner messages in order to prevent terminal re-programming attacks. Consequently, banners containing UTF-8 strings were not correctly displayed in a client. With this update, banner messages are processed according to RFC 3454, control characters have been removed, and banners containing UTF-8 strings are now displayed correctly. (BZ#1104662) * Red Hat Enterprise Linux uses persistent Kerberos credential caches, which are shared between sessions. Previously, the GSSAPICleanupCredentials option was set to "yes" by default. Consequently, removing a Kerberos cache on logout could remove unrelated credentials of other sessions, which could make the system unusable. To fix this bug, GSSAPICleanupCredentials is set by default to "no". (BZ#1134447) * Access permissions for the /etc/ssh/moduli file were set to 0600, which was unnecessarily strict. With this update, the permissions for /etc/ssh/moduli have been changed to 0644 to make the access to the file easier. (BZ#1134448) * Due to the KRB5CCNAME variable being truncated, the Kerberos ticket cache was not found after login using a Kerberos-enabled SSH connection. The underlying source code has been modified to fix this bug, and Kerberos authentication works as expected in the described situation. (BZ#1161173) Enhancements: * When the sshd daemon is configured to force the internal SFTP session, a connection other then SFTP is used, the appropriate message is logged to the /var/log/secure file. (BZ#1130198) * The sshd-keygen service was run using the "ExecStartPre=-/usr/sbin/sshd-keygen" option in the sshd.service unit file. With this update, the separate sshd-keygen.service unit file has been added, and sshd.service has been adjusted to require sshd-keygen.service. (BZ#1134997) Users of openssh are advised to upgrade to these updated packages, which correct these issues and add these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 912792 - ssh client showing Connection closed by UNKNOWN after timeout at password prompt 1071967 - Inconsistent error message when generating keys in FIPS mode 1081338 - CVE-2014-2653 openssh: failure to check DNS SSHFP records in certain scenarios 1084079 - sftp / symlink does not create relative links 1097665 - ssh-keygen with error : gethostname: File name too long 1102288 - AuthorizedKeysCommand does not work under the Match section 1134997 - sshd.service shouldn't call /usr/sbin/sshd-keygen directly using ExecStartPre 1143867 - sshd fails to start in FIPS mode due to ED25519 key generation 1153011 - sshd requires that .k5login exists even if krb5_kuserok() returns TRUE 1155626 - KerberosUseKuserok default changed from "yes" to "no" 1161173 - sshd sets KRB5CCNAME environment variable with a truncated value 1162620 - fatal: monitor_read: unsupported request: 82 on server while attempting GSSAPI key exchange 1169843 - CVE-2014-9278 openssh: ~/.k5users unexpectedly grants remote login 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: openssh-6.6.1p1-11.el7.src.rpm x86_64: openssh-6.6.1p1-11.el7.x86_64.rpm openssh-askpass-6.6.1p1-11.el7.x86_64.rpm openssh-clients-6.6.1p1-11.el7.x86_64.rpm openssh-debuginfo-6.6.1p1-11.el7.x86_64.rpm openssh-keycat-6.6.1p1-11.el7.x86_64.rpm openssh-server-6.6.1p1-11.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: openssh-debuginfo-6.6.1p1-11.el7.i686.rpm openssh-debuginfo-6.6.1p1-11.el7.x86_64.rpm openssh-ldap-6.6.1p1-11.el7.x86_64.rpm openssh-server-sysvinit-6.6.1p1-11.el7.x86_64.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.i686.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssh-6.6.1p1-11.el7.src.rpm x86_64: openssh-6.6.1p1-11.el7.x86_64.rpm openssh-clients-6.6.1p1-11.el7.x86_64.rpm openssh-debuginfo-6.6.1p1-11.el7.x86_64.rpm openssh-keycat-6.6.1p1-11.el7.x86_64.rpm openssh-server-6.6.1p1-11.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: openssh-askpass-6.6.1p1-11.el7.x86_64.rpm openssh-debuginfo-6.6.1p1-11.el7.i686.rpm openssh-debuginfo-6.6.1p1-11.el7.x86_64.rpm openssh-ldap-6.6.1p1-11.el7.x86_64.rpm openssh-server-sysvinit-6.6.1p1-11.el7.x86_64.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.i686.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssh-6.6.1p1-11.el7.src.rpm ppc64: openssh-6.6.1p1-11.el7.ppc64.rpm openssh-askpass-6.6.1p1-11.el7.ppc64.rpm openssh-clients-6.6.1p1-11.el7.ppc64.rpm openssh-debuginfo-6.6.1p1-11.el7.ppc64.rpm openssh-keycat-6.6.1p1-11.el7.ppc64.rpm openssh-server-6.6.1p1-11.el7.ppc64.rpm s390x: openssh-6.6.1p1-11.el7.s390x.rpm openssh-askpass-6.6.1p1-11.el7.s390x.rpm openssh-clients-6.6.1p1-11.el7.s390x.rpm openssh-debuginfo-6.6.1p1-11.el7.s390x.rpm openssh-keycat-6.6.1p1-11.el7.s390x.rpm openssh-server-6.6.1p1-11.el7.s390x.rpm x86_64: openssh-6.6.1p1-11.el7.x86_64.rpm openssh-askpass-6.6.1p1-11.el7.x86_64.rpm openssh-clients-6.6.1p1-11.el7.x86_64.rpm openssh-debuginfo-6.6.1p1-11.el7.x86_64.rpm openssh-keycat-6.6.1p1-11.el7.x86_64.rpm openssh-server-6.6.1p1-11.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: openssh-debuginfo-6.6.1p1-11.el7.ppc.rpm openssh-debuginfo-6.6.1p1-11.el7.ppc64.rpm openssh-ldap-6.6.1p1-11.el7.ppc64.rpm openssh-server-sysvinit-6.6.1p1-11.el7.ppc64.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.ppc.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.ppc64.rpm s390x: openssh-debuginfo-6.6.1p1-11.el7.s390.rpm openssh-debuginfo-6.6.1p1-11.el7.s390x.rpm openssh-ldap-6.6.1p1-11.el7.s390x.rpm openssh-server-sysvinit-6.6.1p1-11.el7.s390x.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.s390.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.s390x.rpm x86_64: openssh-debuginfo-6.6.1p1-11.el7.i686.rpm openssh-debuginfo-6.6.1p1-11.el7.x86_64.rpm openssh-ldap-6.6.1p1-11.el7.x86_64.rpm openssh-server-sysvinit-6.6.1p1-11.el7.x86_64.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.i686.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssh-6.6.1p1-11.el7.src.rpm x86_64: openssh-6.6.1p1-11.el7.x86_64.rpm openssh-askpass-6.6.1p1-11.el7.x86_64.rpm openssh-clients-6.6.1p1-11.el7.x86_64.rpm openssh-debuginfo-6.6.1p1-11.el7.x86_64.rpm openssh-keycat-6.6.1p1-11.el7.x86_64.rpm openssh-server-6.6.1p1-11.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: openssh-debuginfo-6.6.1p1-11.el7.i686.rpm openssh-debuginfo-6.6.1p1-11.el7.x86_64.rpm openssh-ldap-6.6.1p1-11.el7.x86_64.rpm openssh-server-sysvinit-6.6.1p1-11.el7.x86_64.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.i686.rpm pam_ssh_agent_auth-0.9.3-9.11.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-2653 https://access.redhat.com/security/cve/CVE-2014-9278 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GtaXlSAg2UNWIIRAi+rAJ4+qTCxrYsgDAf8feg2qmUdPQ/pJQCfSrSR 6GwhuQQHZIECM4DVyma5hLo= =syDk -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:44:25 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:44:25 +0000 Subject: [RHSA-2015:0416-02] Important: 389-ds-base security, bug fix, and enhancement update Message-ID: <201503051444.t25EiP6q017654@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: 389-ds-base security, bug fix, and enhancement update Advisory ID: RHSA-2015:0416-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0416.html Issue date: 2015-03-05 CVE Names: CVE-2014-8105 CVE-2014-8112 ===================================================================== 1. Summary: Updated 389-ds-base packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include sensitive information such as plain-text passwords. (CVE-2014-8105) It was found that when the nsslapd-unhashed-pw-switch 389 Directory Server configuration option was set to "off", it did not prevent the writing of unhashed passwords into the Changelog. This could potentially allow an authenticated user able to access the Changelog to read sensitive information. (CVE-2014-8112) The CVE-2014-8105 issue was discovered by Petr ?pa?ek of the Red Hat Identity Management Engineering Team, and the CVE-2014-8112 issue was discovered by Ludwig Krispenz of the Red Hat Identity Management Engineering Team. Enhancements: * Added new WinSync configuration parameters: winSyncSubtreePair for synchronizing multiple subtrees, as well as winSyncWindowsFilter and winSyncDirectoryFilter for synchronizing restricted sets by filters. (BZ#746646) * It is now possible to stop, start, or configure plug-ins without the need to restart the server for the change to take effect. (BZ#994690) * Access control related to the MODDN and MODRDN operations has been updated: the source and destination targets can be specified in the same access control instruction. (BZ#1118014) * The nsDS5ReplicaBindDNGroup attribute for using a group distinguished name in binding to replicas has been added. (BZ#1052754) * WinSync now supports range retrieval. If more than the MaxValRange number of attribute values exist per attribute, WinSync synchronizes all the attributes to the directory server using the range retrieval. (BZ#1044149) * Support for the RFC 4527 Read Entry Controls and RFC 4533 Content Synchronization Operation LDAP standards has been added. (BZ#1044139, BZ#1044159) * The Referential Integrity (referint) plug-in can now use an alternate configuration area. The PlugInArg plug-in configuration now uses unique configuration attributes. Configuration changes no longer require a server restart. (BZ#1044203) * The logconv.pl log analysis tool now supports gzip, bzip2, and xz compressed files and also TAR archives and compressed TAR archives of these files. (BZ#1044188) * Only the Directory Manager could add encoded passwords or force users to change their password after a reset. Users defined in the passwordAdminDN attribute can now also do this. (BZ#1118007) * The "nsslapd-memberofScope" configuration parameter has been added to the MemberOf plug-in. With MemberOf enabled and a scope defined, moving a group out of scope with a MODRDN operation failed. Moving a member entry out of scope now correctly removes the memberof value. (BZ#1044170) * The alwaysRecordLoginAttr attribute has been addded to the Account Policy plug-in configuration entry, which allows to distinguish between an attribute for checking the activity of an account and an attribute to be updated at successful login. (BZ#1060032) * A root DSE search, using the ldapsearch command with the '-s base -b ""' options, returns only the user attributes instead of the operational attributes. The "nsslapd-return-default" option has been added for backward compatibility. (BZ#1118021) * The configuration of the MemberOf plug-in can be stored in a suffix mapped to a back-end database, which allows MemberOf configuration to be replicated. (BZ#1044205) * Added support for the SSL versions from the range supported by the NSS library available on the system. Due to the POODLE vulnerability, SSLv3 is disabled by default even if NSS supports it. (BZ#1044191) 4. Solution: All 389-ds-base users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. After installing this update, the 389 server service will be restarted automatically. Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 881372 - nsDS5BeginReplicaRefresh attribute accepts any value and it doesn't throw any error when server restarts. 920597 - Possible to add invalid ACI value 921162 - Possible to add nonexistent target to ACI 923799 - if nsslapd-cachememsize set to the number larger than the RAM available, should result in proper error message. 924937 - Attribute "dsOnlyMemberUid" not allowed when syncing nested posix groups from AD with posixWinsync 951754 - Self entry access ACI not working properly 975176 - Non-directory manager can change the individual userPassword's storage scheme 982597 - Some attributes in cn=config should not be multivalued 994690 - [RFE] Allow dynamically adding/enabling/disabling/removing plugins without requiring a server restart 1012991 - errorlog-level 16384 is listed as 0 in cn=config 1013736 - Enabling/Disabling DNA plug-in throws "ldap_modify: Server Unwilling to Perform (53)" error 1014380 - setup-ds.pl doesn't lookup the "root" group correctly 1024541 - start dirsrv after ntpd 1029959 - Managed Entries betxnpreoperation - transaction not aborted upon failure to create managed entry 1031216 - add dbmon.sh 1044133 - Indexed search with filter containing '&' and "!" with attribute subtypes gives wrong result 1044134 - [RFE] should set LDAP_OPT_X_SASL_NOCANON to LDAP_OPT_ON by default 1044135 - [RFE] make connection buffer size adjustable 1044137 - [RFE] posix winsync should support ADD user/group entries from DS to AD 1044138 - mep_pre_op: Unable to fetch origin entry 1044139 - [RFE] Support RFC 4527 Read Entry Controls 1044140 - Allow search to look up 'in memory RUV' 1044141 - MMR stress test with dna enabled causes a deadlock 1044142 - winsync doesn't sync DN valued attributes if DS DN value doesn't exist 1044143 - modrdn + NSMMReplicationPlugin - Consumer failed to replay change 1044144 - resurrected entry is not correctly indexed 1044146 - Add a warning message when a connection hits the max number of threads 1044147 - 7-bit check plugin does not work for userpassword attribute 1044148 - The backend name provided to bak2db is not validated 1044149 - [RFE] Winsync should support range retrieval 1044150 - 7-bit checking is not necessary for userPassword 1044151 - With SeLinux, ports can be labelled per range. setup-ds.pl or setup-ds-admin.pl fail to detect already ranged labelled ports 1044152 - ChainOnUpdate: "cn=directory manager" can modify userRoot on consumer without changes being chained or replicated. Directory integrity compromised. 1044153 - mods optimizer 1044154 - multi master replication allows schema violation 1044156 - DS crashes with some 7-bit check plugin configurations 1044157 - Some updates of "passwordgraceusertime" are useless when updating "userpassword" 1044159 - [RFE] Support 'Content Synchronization Operation' (SyncRepl) - RFC 4533 1044160 - remove-ds.pl should remove /var/lock/dirsrv 1044162 - enhance retro changelog 1044163 - updates to ruv entry are written to retro changelog 1044164 - Password administrators should be able to violate password policy 1044168 - Schema replication between DS versions may overwrite newer base schema 1044169 - [RFE] ACIs do not allow attribute subtypes in targetattr keyword 1044170 - [RFE] Allow memberOf suffixes to be configurable 1044171 - [RFE] Allow referential integrity suffixes to be configurable 1044172 - Plugin library path validation prevents intentional loading of out-of-tree modules 1044173 - [RFE] make referential integrity configuration more flexible 1044177 - allow configuring changelog trim interval 1044179 - objectclass may, must lists skip rest of objectclass once first is found in sup 1044180 - memberOf on a user is converted to lowercase 1044181 - report unindexed internal searches 1044183 - With 1.3.04 and subtree-renaming OFF, when a user is deleted after restarting the server, the same entry can't be added 1044185 - dbscan on entryrdn should show all matching values 1044187 - [RFE] logconv.pl - add on option for a minimum etime for unindexed search stats 1044188 - [RFE] Recognize compressed log files 1044191 - [RFE] support TLSv1.1 and TLSv1.2, if supported by NSS 1044193 - default nsslapd-sasl-max-buffer-size should be 2MB 1044194 - Complex filter in a search request doen't work as expected. 1044196 - Automember plug-in should treat MODRDN operations as ADD operations 1044198 - Replication of the schema may overwrite consumer 'attributetypes' even if consumer definition is a superset 1044202 - db2bak.pl issue when specifying non-default directory 1044203 - [RFE] Allow referint plugin to use an alternate config area 1044205 - [RFE] Allow memberOf to use an alternate config area 1044210 - idl switch does not work 1044211 - [RFE] make old-idl tunable 1044212 - IDL-style can become mismatched during partial restoration 1044213 - backend performance - introduce optimization levels 1044215 - using transaction batchval violates durability 1044216 - examine replication code to reduce amount of stored state information 1048980 - 7-bit check plugin not checking MODRDN operation 1049030 - Windows Sync group issues 1052751 - Page control does not work if effective rights control is specified 1052754 - [RFE] Allow nsDS5ReplicaBindDN to be a group DN 1057803 - logconv errors when search has invalid bind dn 1061060 - betxn: retro changelog broken after cancelled transaction 1063990 - single valued attribute replicated ADD does not work 1064006 - Size returned by slapi_entry_size is not accurate 1064986 - Replication retry time attributes cannot be added 1067090 - Missing warning for invalid replica backoff configuration 1072032 - Updating nsds5ReplicaHost attribute in a replication agreement fails with error 53 1074306 - Under heavy stress, failure of turning a tombstone into glue makes the server hung 1074447 - Part of DNA shared configuration is deleted after server restart 1076729 - Continuous add/delete of an entry in MMR setup causes entryrdn-index conflict 1077884 - ldap/servers/slapd/back-ldbm/dblayer.c: possible minor problem with sscanf 1077897 - Memory leak with proxy auth control 1079099 - Simultaneous adding a user and binding as the user could fail in the password policy check 1080186 - Creating a glue fails if one above level is a conflict or missing 1082967 - attribute uniqueness plugin fails when set as a chaining component 1086890 - empty modify returns LDAP_INVALID_DN_SYNTAX 1086902 - mem leak in do_bind when there is an error 1086904 - mem leak in do_search - rawbase not freed upon certain errors 1086908 - Performing deletes during tombstone purging results in operation errors 1090178 - #481 breaks possibility to reassemble memberuid list 1092099 - A replicated MOD fails (Unwilling to perform) if it targets a tombstone 1092342 - nsslapd-ndn-cache-max-size accepts any invalid value. 1092648 - Negative value of nsSaslMapPriority is not reset to lowest priority 1097004 - Problem with deletion while replicated 1098654 - db2bak.pl error with changelogdb 1099654 - Normalization from old DN format to New DN format doesnt handel condition properly when there is space in a suffix after the seperator operator. 1108298 - Rebase 389-ds-base to 1.3.3 1108405 - find a way to remove replication plugin errors messages "changelog iteration code returned a dummy entry with csn %s, skipping ..." 1108407 - managed entry plugin fails to update managed entry pointer on modrdn operation 1108872 - Logconv.pl with an empty access log gives lots of errors 1108874 - logconv.pl memory continually grows 1108881 - rsearch filter error on any search filter 1108895 - [RFE] CLI report to monitor replication 1108902 - rhds91 389-ds-base-1.2.11.15-31.el6_5.x86_64 crash in db4 __dbc_get_pp env = 0x0 ? 1108909 - single valued attribute replicated ADD does not work 1109334 - 389 Server crashes if uniqueMember is invalid syntax and memberOf plugin is enabled. 1109336 - Parent numsubordinate count can be incorrectly updated if an error occurs 1109339 - Nested tombstones become orphaned after purge 1109354 - Tombstone purging can crash the server if the backend is stopped/disabled 1109357 - Coverity issue in 1.3.3 1109364 - valgrind - value mem leaks, uninit mem usage 1109375 - provide default syntax plugin 1109378 - Environment variables are not passed when DS is started via service 1111364 - Updating winsync one-way sync does not affect the behaviour dynamically 1112824 - Broken dereference control with the FreeIPA 4.0 ACIs 1113605 - server restart wipes out index config if there is a default index 1115177 - attrcrypt_generate_key calls slapd_pk11_TokenKeyGenWithFlags with improper macro 1117021 - Server deadlock if online import started while server is under load 1117975 - paged results control is not working in some cases when we have a subsuffix. 1117979 - harden the list of ciphers available by default 1117981 - Fix various typos in manpages & code 1117982 - Fix hyphens used as minus signed and other manpage mistakes 1118002 - server crashes deleting a replication agreement 1118006 - [RFE] forcing passwordmustchange attribute by non-cn=directory manager 1118007 - [RFE] Make it possible for privileges to be provided to an admin user to import an LDIF file containing hashed passwords 1118014 - [RFE] Enhance ACIs to have more control over MODRDN operations 1118021 - [RFE] Don't return all attributes in rootdse without explicit request 1118032 - Schema Replication Issue 1118043 - Failed deletion of aci: no such attribute 1118048 - If be_txn plugin fails in ldbm_back_add, adding entry is double freed. 1118051 - Add switch to disable pre-hashed password checking 1118054 - Make ldbm_back_seq independently support transactions 1118055 - Add operations rejected by betxn plugins remain in cache 1118057 - online import crashes server if using verbose error logging 1118059 - [RFE] add fixup-memberuid.pl script 1118060 - winsync plugin modify is broken 1118066 - [RFE] memberof scope: allow to exclude subtrees 1118069 - 389-ds production segfault: __memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:144 1118074 - ds logs many "SLAPI_PLUGIN_BE_TXN_POST_DELETE_FN plugin returned error" messages 1118076 - ds logs many "Operation error fetching Null DN" messages 1118077 - Improve import logging and abort handling 1118079 - Multi master replication initialization incomplete after restore of one master 1118080 - Don't add unhashed password mod if we don't have an unhashed value 1118081 - Investigate betxn plugins to ensure they return the correct error code 1118082 - The error result text message should be obtained just prior to sending result 1139882 - coverity defects found in 1.3.3.x 1140888 - Broken dereference control with the FreeIPA 4.0 ACIs 1145846 - 389-ds 1.3.3.0 does not adjust cipher suite configuration on upgrade, breaks itself and pki-server: "Cipher suite fortezza is not available in NSS 3.17" , "Cannot communicate securely with peer: no common encryption algorithm(s)." 1150206 - result of dna_dn_is_shared_config is incorrectly used 1150694 - Encoding of SearchResultEntry is missing tag 1150695 - ldbm_back_modify SLAPI_PLUGIN_BE_PRE_MODIFY_FN does not return even if one of the preop plugins fails. 1151287 - dynamically added macro aci is not evaluated on the fly 1153737 - Disable SSL v3, by default. 1156607 - Crash in entry_add_present_values_wsi_multi_valued 1162997 - Directory Server crashes while trying to perform export task for automember plugin with dynamic plugin on. 1163461 - Should not check aci syntax when deleting an aci 1166252 - RHEL7.1 ns-slapd segfault when ipa-replica-install restarts dirsrv 1166260 - cookie_change_info returns random negative number if there was no change in a tree 1167858 - CVE-2014-8105 389-ds-base: information disclosure through 'cn=changelog' subtree 1170707 - cos_cache_build_definition_list does not stop during server shutdown 1170708 - COS memory leak when rebuilding the cache 1170709 - Account lockout attributes incorrectly updated after failed SASL Bind 1171355 - start dirsrv after chrony 1171356 - Bind DN tracking unable to write to internalModifiersName without special permissions 1172597 - Server crashes when memberOf plugin is partially configured 1172729 - CVE-2014-8112 389-ds-base: password hashing bypassed when "nsslapd-unhashed-pw-switch" is set to off 1173273 - [RFE] BDB backend - clear free page files to reduce main db and changelog db size 1180325 - RHEL 7.1 ipa-server-4.1.0 upgrade fails 1182477 - User enable/disable does not sync with ipawinsyncacctdisable set to both 1183655 - IPA replica missing data after master upgraded 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: 389-ds-base-1.3.3.1-13.el7.src.rpm x86_64: 389-ds-base-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-debuginfo-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-devel-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-libs-1.3.3.1-13.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: 389-ds-base-1.3.3.1-13.el7.src.rpm x86_64: 389-ds-base-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-debuginfo-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-devel-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-libs-1.3.3.1-13.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: 389-ds-base-1.3.3.1-13.el7.src.rpm x86_64: 389-ds-base-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-debuginfo-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-libs-1.3.3.1-13.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): x86_64: 389-ds-base-debuginfo-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-devel-1.3.3.1-13.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: 389-ds-base-1.3.3.1-13.el7.src.rpm x86_64: 389-ds-base-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-debuginfo-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-libs-1.3.3.1-13.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: 389-ds-base-debuginfo-1.3.3.1-13.el7.x86_64.rpm 389-ds-base-devel-1.3.3.1-13.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8105 https://access.redhat.com/security/cve/CVE-2014-8112 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+Gu4XlSAg2UNWIIRArLbAJ4tEDwAhKtaOZvw+UaJ//ynpIhmFACfSlAp PthBh7lPAwEIEoahfYVfBIg= =c1GO -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:45:05 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:45:05 +0000 Subject: [RHSA-2015:0384-01] Low: powerpc-utils security, bug fix, and enhancement update Message-ID: <201503051445.t25Ej5GQ001041@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: powerpc-utils security, bug fix, and enhancement update Advisory ID: RHSA-2015:0384-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0384.html Issue date: 2015-03-05 CVE Names: CVE-2014-4040 ===================================================================== 1. Summary: Updated powerpc-utils packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 7) - ppc64 3. Description: The powerpc-utils packages provide various utilities for the PowerPC platform. A flaw was found in the way the snap utility of powerpc-utils generated an archive containing a configuration snapshot of a service. A local attacker could obtain sensitive information from the generated archive such as plain text passwords. (CVE-2014-4040) The powerpc-utils packages have been upgraded to the upstream version 1.2.24, which provides a number of bug fixes and enhancements over the previous version. (BZ#1088539, BZ#1167865, BZ#1161552) This update also fixes the following bugs: * Previously, the lsdevinfo command did not correctly process the path to the device, which made the path unreadable in the console output of lsdevinfo. With this update, lsdevinfo has been updated and the path is now displayed correctly. (BZ#1079246) * Previously, after migrating several Linux partitions, Resource Monitoring and Control (RMC) was inactive and Machine Type, Model, and Serial number (MTMS) were set incorrectly, so the subsequent validation operation failed. This bug has been fixed, and validation is now successful after migration and suspend. (BZ#1083221) * Previously, when the drmgr tool attempted to remove the last CPU from the system, drmgr became unresponsive or terminated unexpectedly. This bug has been fixed, and drmgr no longer hangs or crashes in the described case. (BZ#1152313) * With this update, the drmgr utility has been fixed to correctly gather Logical Memory Block (LMB) information while performing Mem Dynamic Logical Partitioning (DLPAR) on little-endian varian of IBM Power Systems CPU architecture as expected (BZ#1170856). * Previously, the "ppc64_cpu --threads-per-core" command returned incorrect data with the --smt option enabled. This bug has been fixed and "ppc64_cpu - --threads-per-core" now reports correctly with enabled --smt. (BZ#1179263) In addition, this update adds the following enhancements: * This update adds support for the Red Hat Enterprise Linux for POWER, little endian CPU architecture to the powerpc-utils package. (BZ#1124006) * This update adds support for hot plugging of the qemu virtio device with the drmgr command to the powerpc-utils package.(BZ#1083791) * The deprecated snap tool has been removed from the powerpc-utils packages. Its functionality has been integrated into the sosreport tool. (BZ#1172087) * With this update, a dependency on the perl-Data-Dumper package required by the rtas_dump utility has been added to powerpc-utils packages. (BZ#1175812) Users of powerpc-utils are advised to upgrade to these updated packages, which correct these issues and add these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1110520 - CVE-2014-4040 powerpc-utils: snap creates archives with fstab and yaboot.conf which may expose certain passwords 6. Package List: Red Hat Enterprise Linux Server (v. 7): Source: powerpc-utils-1.2.24-7.el7.src.rpm ppc64: powerpc-utils-1.2.24-7.el7.ppc64.rpm powerpc-utils-debuginfo-1.2.24-7.el7.ppc64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-4040 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GvhXlSAg2UNWIIRAvJrAJ9tQ8IX7cvGosblEX4VR+zl4ic/qwCgkZUs BsciYnYh+Hdw+MfGgUhrAj8= =GMvm -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:45:46 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:45:46 +0000 Subject: [RHSA-2015:0383-01] Moderate: ppc64-diag security, bug fix, and enhancement update Message-ID: <201503051445.t25Ejl2j018502@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ppc64-diag security, bug fix, and enhancement update Advisory ID: RHSA-2015:0383-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0383.html Issue date: 2015-03-05 CVE Names: CVE-2014-4038 CVE-2014-4039 ===================================================================== 1. Summary: Updated ppc64-diag packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 7) - ppc64 3. Description: The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit PowerPC platforms. The platform diagnostics write events reported by the firmware to the service log, provide automated responses to urgent events, and notify system administrators or connected service frameworks about the reported events. Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files. (CVE-2014-4038, CVE-2014-4039) The ppc64-diag packages have been upgraded to upstream version 2.6.7, which provides a number of bug fixes and enhancements over the previous version including support for hot plugging of QEMU PCI devices. (BZ#1088493, BZ#1084062) This update also fixes the following bugs: * Prior to this update, the rtas_errd daemon was not started by default on system boot. With this update, rtas_errd has been modified to start automatically by default. (BZ#1170146) * Previously, the /var/log/dump file was not automatically created when installing the ppc64-diag package. This bug has been fixed, and /var/log/dump is now created at package install time as expected. (BZ#1175808) In addition, this update adds the following enhancement: * This update adds support for building the ppc64-diag packages on the little-endian variant of IBM Power Systems platform architecture. (BZ#1124007) Users of ppc64-diag are advised to upgrade to these updated packages, which correct these issues and add these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1109371 - CVE-2014-4038 CVE-2014-4039 ppc64-diag: multiple temporary file races 6. Package List: Red Hat Enterprise Linux Server (v. 7): Source: ppc64-diag-2.6.7-6.el7.src.rpm ppc64: ppc64-diag-2.6.7-6.el7.ppc64.rpm ppc64-diag-debuginfo-2.6.7-6.el7.ppc64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-4038 https://access.redhat.com/security/cve/CVE-2014-4039 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GwOXlSAg2UNWIIRAuU0AJ9GsJLUXge1QJOtZp++HA8LeoyC/QCdGCGL EbyjWRjt+pt2SZQBWXzUo10= =wmy4 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:47:00 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:47:00 +0000 Subject: [RHSA-2015:0377-01] Moderate: libreoffice security, bug fix, and enhancement update Message-ID: <201503051447.t25El05l026103@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libreoffice security, bug fix, and enhancement update Advisory ID: RHSA-2015:0377-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0377.html Issue date: 2015-03-05 CVE Names: CVE-2014-0247 CVE-2014-3575 CVE-2014-3693 ===================================================================== 1. Summary: Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. It was found that LibreOffice documents executed macros unconditionally, without user approval, when these documents were opened using LibreOffice. An attacker could use this flaw to execute arbitrary code as the user running LibreOffice by embedding malicious VBA scripts in the document as macros. (CVE-2014-0247) A flaw was found in the OLE (Object Linking and Embedding) generation in LibreOffice. An attacker could use this flaw to embed malicious OLE code in a LibreOffice document, allowing for arbitrary code execution. (CVE-2014-3575) A use-after-free flaw was found in the "Remote Control" capabilities of the LibreOffice Impress application. An attacker could use this flaw to remotely execute code with the permissions of the user running LibreOffice Impress. (CVE-2014-3693) The libreoffice packages have been upgraded to upstream version 4.2.6.3, which provides a number of bug fixes and enhancements over the previous version. Among others: * Improved OpenXML interoperability. * Additional statistic functions in Calc (for interoperability with Excel and Excel's Add-in "Analysis ToolPak"). * Various performance improvements in Calc. * Apple Keynote and Abiword import. * Improved MathML export. * New Start screen with thumbnails of recently opened documents. * Visual clue in Slide Sorter when a slide has a transition or an animation. * Improvements for trend lines in charts. * Support for BCP-47 language tags. (BZ#1119709) All libreoffice users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1065807 - [fix available] Usability - libreoffice does not search XDG defined "Templates" directory 1096295 - [fix available] Highlighting the currently selected slide vs the currently viewed slide is hard in impress 1111083 - CVE-2014-0247 libreoffice: VBA macros executed unconditionally 1111216 - [fix available] LibreOffice Calc: PDF export of an empty document fails with Write Error 1117853 - [fix available] impress killed by SIGABRT on paste into outline view at a position where the slide has no title object 1119709 - Rebase to latest stable LibreOffice 4.2.X in RHEL-7.1 1132065 - rebase libcmis to 0.4.1 1132069 - rebase mdds to 0.10.3 1132070 - rebase libmwaw to 0.2.0 1132072 - rebase libodfgen to 0.0.4 1132077 - rebase liblangtag to 0.5.4 1138882 - CVE-2014-3575 openoffice: Arbitrary file disclosure via crafted OLE objects 1164733 - CVE-2014-3693 libreoffice: Use-After-Free in socket manager of Impress Remote 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libabw-0.0.2-1.el7.src.rpm libcmis-0.4.1-5.el7.src.rpm libetonyek-0.0.4-2.el7.src.rpm libfreehand-0.0.0-3.el7.src.rpm liblangtag-0.5.4-8.el7.src.rpm libmwaw-0.2.0-4.el7.src.rpm libodfgen-0.0.4-1.el7.src.rpm libreoffice-4.2.6.3-5.el7.src.rpm noarch: autocorr-af-4.2.6.3-5.el7.noarch.rpm autocorr-bg-4.2.6.3-5.el7.noarch.rpm autocorr-ca-4.2.6.3-5.el7.noarch.rpm autocorr-cs-4.2.6.3-5.el7.noarch.rpm autocorr-da-4.2.6.3-5.el7.noarch.rpm autocorr-de-4.2.6.3-5.el7.noarch.rpm autocorr-en-4.2.6.3-5.el7.noarch.rpm autocorr-es-4.2.6.3-5.el7.noarch.rpm autocorr-fa-4.2.6.3-5.el7.noarch.rpm autocorr-fi-4.2.6.3-5.el7.noarch.rpm autocorr-fr-4.2.6.3-5.el7.noarch.rpm autocorr-ga-4.2.6.3-5.el7.noarch.rpm autocorr-hr-4.2.6.3-5.el7.noarch.rpm autocorr-hu-4.2.6.3-5.el7.noarch.rpm autocorr-is-4.2.6.3-5.el7.noarch.rpm autocorr-it-4.2.6.3-5.el7.noarch.rpm autocorr-ja-4.2.6.3-5.el7.noarch.rpm autocorr-ko-4.2.6.3-5.el7.noarch.rpm autocorr-lb-4.2.6.3-5.el7.noarch.rpm autocorr-lt-4.2.6.3-5.el7.noarch.rpm autocorr-mn-4.2.6.3-5.el7.noarch.rpm autocorr-nl-4.2.6.3-5.el7.noarch.rpm autocorr-pl-4.2.6.3-5.el7.noarch.rpm autocorr-pt-4.2.6.3-5.el7.noarch.rpm autocorr-ro-4.2.6.3-5.el7.noarch.rpm autocorr-ru-4.2.6.3-5.el7.noarch.rpm autocorr-sk-4.2.6.3-5.el7.noarch.rpm autocorr-sl-4.2.6.3-5.el7.noarch.rpm autocorr-sr-4.2.6.3-5.el7.noarch.rpm autocorr-sv-4.2.6.3-5.el7.noarch.rpm autocorr-tr-4.2.6.3-5.el7.noarch.rpm autocorr-vi-4.2.6.3-5.el7.noarch.rpm autocorr-zh-4.2.6.3-5.el7.noarch.rpm libreoffice-opensymbol-fonts-4.2.6.3-5.el7.noarch.rpm x86_64: libabw-0.0.2-1.el7.i686.rpm libabw-0.0.2-1.el7.x86_64.rpm libabw-debuginfo-0.0.2-1.el7.i686.rpm libabw-debuginfo-0.0.2-1.el7.x86_64.rpm libcmis-0.4.1-5.el7.i686.rpm libcmis-0.4.1-5.el7.x86_64.rpm libcmis-debuginfo-0.4.1-5.el7.i686.rpm libcmis-debuginfo-0.4.1-5.el7.x86_64.rpm libetonyek-0.0.4-2.el7.i686.rpm libetonyek-0.0.4-2.el7.x86_64.rpm libetonyek-debuginfo-0.0.4-2.el7.i686.rpm libetonyek-debuginfo-0.0.4-2.el7.x86_64.rpm libfreehand-0.0.0-3.el7.i686.rpm libfreehand-0.0.0-3.el7.x86_64.rpm libfreehand-debuginfo-0.0.0-3.el7.i686.rpm libfreehand-debuginfo-0.0.0-3.el7.x86_64.rpm liblangtag-0.5.4-8.el7.i686.rpm liblangtag-0.5.4-8.el7.x86_64.rpm liblangtag-debuginfo-0.5.4-8.el7.i686.rpm liblangtag-debuginfo-0.5.4-8.el7.x86_64.rpm libmwaw-0.2.0-4.el7.i686.rpm libmwaw-0.2.0-4.el7.x86_64.rpm libmwaw-debuginfo-0.2.0-4.el7.i686.rpm libmwaw-debuginfo-0.2.0-4.el7.x86_64.rpm libodfgen-0.0.4-1.el7.i686.rpm libodfgen-0.0.4-1.el7.x86_64.rpm libodfgen-debuginfo-0.0.4-1.el7.i686.rpm libodfgen-debuginfo-0.0.4-1.el7.x86_64.rpm libreoffice-base-4.2.6.3-5.el7.x86_64.rpm libreoffice-calc-4.2.6.3-5.el7.x86_64.rpm libreoffice-core-4.2.6.3-5.el7.x86_64.rpm libreoffice-debuginfo-4.2.6.3-5.el7.x86_64.rpm libreoffice-draw-4.2.6.3-5.el7.x86_64.rpm libreoffice-emailmerge-4.2.6.3-5.el7.x86_64.rpm libreoffice-graphicfilter-4.2.6.3-5.el7.x86_64.rpm libreoffice-impress-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-af-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ar-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-as-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-bg-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-bn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-br-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ca-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-cs-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-cy-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-da-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-de-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-dz-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-el-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-en-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-es-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-et-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-eu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fa-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fi-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ga-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-gl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-gu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-he-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hi-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-it-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ja-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-kk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-kn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ko-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-lt-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-lv-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-mai-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ml-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-mr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nb-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nso-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-or-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pa-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pt-BR-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pt-PT-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ro-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ru-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-si-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ss-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-st-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sv-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ta-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-te-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-th-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-tn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-tr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ts-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-uk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ve-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-xh-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zh-Hans-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zh-Hant-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zu-4.2.6.3-5.el7.x86_64.rpm libreoffice-math-4.2.6.3-5.el7.x86_64.rpm libreoffice-ogltrans-4.2.6.3-5.el7.x86_64.rpm libreoffice-pdfimport-4.2.6.3-5.el7.x86_64.rpm libreoffice-pyuno-4.2.6.3-5.el7.x86_64.rpm libreoffice-ure-4.2.6.3-5.el7.x86_64.rpm libreoffice-wiki-publisher-4.2.6.3-5.el7.x86_64.rpm libreoffice-writer-4.2.6.3-5.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): Source: mdds-0.10.3-1.el7.src.rpm noarch: libabw-doc-0.0.2-1.el7.noarch.rpm libetonyek-doc-0.0.4-2.el7.noarch.rpm libfreehand-doc-0.0.0-3.el7.noarch.rpm liblangtag-doc-0.5.4-8.el7.noarch.rpm libmwaw-doc-0.2.0-4.el7.noarch.rpm libodfgen-doc-0.0.4-1.el7.noarch.rpm mdds-devel-0.10.3-1.el7.noarch.rpm x86_64: libabw-debuginfo-0.0.2-1.el7.i686.rpm libabw-debuginfo-0.0.2-1.el7.x86_64.rpm libabw-devel-0.0.2-1.el7.i686.rpm libabw-devel-0.0.2-1.el7.x86_64.rpm libabw-tools-0.0.2-1.el7.x86_64.rpm libcmis-debuginfo-0.4.1-5.el7.i686.rpm libcmis-debuginfo-0.4.1-5.el7.x86_64.rpm libcmis-devel-0.4.1-5.el7.i686.rpm libcmis-devel-0.4.1-5.el7.x86_64.rpm libcmis-tools-0.4.1-5.el7.x86_64.rpm libetonyek-debuginfo-0.0.4-2.el7.i686.rpm libetonyek-debuginfo-0.0.4-2.el7.x86_64.rpm libetonyek-devel-0.0.4-2.el7.i686.rpm libetonyek-devel-0.0.4-2.el7.x86_64.rpm libetonyek-tools-0.0.4-2.el7.x86_64.rpm libfreehand-debuginfo-0.0.0-3.el7.i686.rpm libfreehand-debuginfo-0.0.0-3.el7.x86_64.rpm libfreehand-devel-0.0.0-3.el7.i686.rpm libfreehand-devel-0.0.0-3.el7.x86_64.rpm libfreehand-tools-0.0.0-3.el7.x86_64.rpm liblangtag-debuginfo-0.5.4-8.el7.i686.rpm liblangtag-debuginfo-0.5.4-8.el7.x86_64.rpm liblangtag-devel-0.5.4-8.el7.i686.rpm liblangtag-devel-0.5.4-8.el7.x86_64.rpm liblangtag-gobject-0.5.4-8.el7.i686.rpm liblangtag-gobject-0.5.4-8.el7.x86_64.rpm libmwaw-debuginfo-0.2.0-4.el7.i686.rpm libmwaw-debuginfo-0.2.0-4.el7.x86_64.rpm libmwaw-devel-0.2.0-4.el7.i686.rpm libmwaw-devel-0.2.0-4.el7.x86_64.rpm libmwaw-tools-0.2.0-4.el7.x86_64.rpm libodfgen-debuginfo-0.0.4-1.el7.i686.rpm libodfgen-debuginfo-0.0.4-1.el7.x86_64.rpm libodfgen-devel-0.0.4-1.el7.i686.rpm libodfgen-devel-0.0.4-1.el7.x86_64.rpm libreoffice-4.2.6.3-5.el7.x86_64.rpm libreoffice-bsh-4.2.6.3-5.el7.x86_64.rpm libreoffice-debuginfo-4.2.6.3-5.el7.x86_64.rpm libreoffice-filters-4.2.6.3-5.el7.x86_64.rpm libreoffice-gdb-debug-support-4.2.6.3-5.el7.x86_64.rpm libreoffice-glade-4.2.6.3-5.el7.x86_64.rpm libreoffice-headless-4.2.6.3-5.el7.x86_64.rpm libreoffice-librelogo-4.2.6.3-5.el7.x86_64.rpm libreoffice-nlpsolver-4.2.6.3-5.el7.x86_64.rpm libreoffice-postgresql-4.2.6.3-5.el7.x86_64.rpm libreoffice-rhino-4.2.6.3-5.el7.x86_64.rpm libreoffice-sdk-4.2.6.3-5.el7.x86_64.rpm libreoffice-sdk-doc-4.2.6.3-5.el7.x86_64.rpm libreoffice-xsltfilter-4.2.6.3-5.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: libabw-0.0.2-1.el7.src.rpm libcmis-0.4.1-5.el7.src.rpm libetonyek-0.0.4-2.el7.src.rpm libfreehand-0.0.0-3.el7.src.rpm liblangtag-0.5.4-8.el7.src.rpm libmwaw-0.2.0-4.el7.src.rpm libodfgen-0.0.4-1.el7.src.rpm libreoffice-4.2.6.3-5.el7.src.rpm mdds-0.10.3-1.el7.src.rpm noarch: autocorr-af-4.2.6.3-5.el7.noarch.rpm autocorr-bg-4.2.6.3-5.el7.noarch.rpm autocorr-ca-4.2.6.3-5.el7.noarch.rpm autocorr-cs-4.2.6.3-5.el7.noarch.rpm autocorr-da-4.2.6.3-5.el7.noarch.rpm autocorr-de-4.2.6.3-5.el7.noarch.rpm autocorr-en-4.2.6.3-5.el7.noarch.rpm autocorr-es-4.2.6.3-5.el7.noarch.rpm autocorr-fa-4.2.6.3-5.el7.noarch.rpm autocorr-fi-4.2.6.3-5.el7.noarch.rpm autocorr-fr-4.2.6.3-5.el7.noarch.rpm autocorr-ga-4.2.6.3-5.el7.noarch.rpm autocorr-hr-4.2.6.3-5.el7.noarch.rpm autocorr-hu-4.2.6.3-5.el7.noarch.rpm autocorr-is-4.2.6.3-5.el7.noarch.rpm autocorr-it-4.2.6.3-5.el7.noarch.rpm autocorr-ja-4.2.6.3-5.el7.noarch.rpm autocorr-ko-4.2.6.3-5.el7.noarch.rpm autocorr-lb-4.2.6.3-5.el7.noarch.rpm autocorr-lt-4.2.6.3-5.el7.noarch.rpm autocorr-mn-4.2.6.3-5.el7.noarch.rpm autocorr-nl-4.2.6.3-5.el7.noarch.rpm autocorr-pl-4.2.6.3-5.el7.noarch.rpm autocorr-pt-4.2.6.3-5.el7.noarch.rpm autocorr-ro-4.2.6.3-5.el7.noarch.rpm autocorr-ru-4.2.6.3-5.el7.noarch.rpm autocorr-sk-4.2.6.3-5.el7.noarch.rpm autocorr-sl-4.2.6.3-5.el7.noarch.rpm autocorr-sr-4.2.6.3-5.el7.noarch.rpm autocorr-sv-4.2.6.3-5.el7.noarch.rpm autocorr-tr-4.2.6.3-5.el7.noarch.rpm autocorr-vi-4.2.6.3-5.el7.noarch.rpm autocorr-zh-4.2.6.3-5.el7.noarch.rpm libabw-doc-0.0.2-1.el7.noarch.rpm libetonyek-doc-0.0.4-2.el7.noarch.rpm libfreehand-doc-0.0.0-3.el7.noarch.rpm liblangtag-doc-0.5.4-8.el7.noarch.rpm libmwaw-doc-0.2.0-4.el7.noarch.rpm libodfgen-doc-0.0.4-1.el7.noarch.rpm libreoffice-opensymbol-fonts-4.2.6.3-5.el7.noarch.rpm mdds-devel-0.10.3-1.el7.noarch.rpm x86_64: libabw-0.0.2-1.el7.i686.rpm libabw-0.0.2-1.el7.x86_64.rpm libabw-debuginfo-0.0.2-1.el7.i686.rpm libabw-debuginfo-0.0.2-1.el7.x86_64.rpm libabw-devel-0.0.2-1.el7.i686.rpm libabw-devel-0.0.2-1.el7.x86_64.rpm libabw-tools-0.0.2-1.el7.x86_64.rpm libcmis-0.4.1-5.el7.i686.rpm libcmis-0.4.1-5.el7.x86_64.rpm libcmis-debuginfo-0.4.1-5.el7.i686.rpm libcmis-debuginfo-0.4.1-5.el7.x86_64.rpm libcmis-devel-0.4.1-5.el7.i686.rpm libcmis-devel-0.4.1-5.el7.x86_64.rpm libcmis-tools-0.4.1-5.el7.x86_64.rpm libetonyek-0.0.4-2.el7.i686.rpm libetonyek-0.0.4-2.el7.x86_64.rpm libetonyek-debuginfo-0.0.4-2.el7.i686.rpm libetonyek-debuginfo-0.0.4-2.el7.x86_64.rpm libetonyek-devel-0.0.4-2.el7.i686.rpm libetonyek-devel-0.0.4-2.el7.x86_64.rpm libetonyek-tools-0.0.4-2.el7.x86_64.rpm libfreehand-0.0.0-3.el7.i686.rpm libfreehand-0.0.0-3.el7.x86_64.rpm libfreehand-debuginfo-0.0.0-3.el7.i686.rpm libfreehand-debuginfo-0.0.0-3.el7.x86_64.rpm libfreehand-devel-0.0.0-3.el7.i686.rpm libfreehand-devel-0.0.0-3.el7.x86_64.rpm libfreehand-tools-0.0.0-3.el7.x86_64.rpm liblangtag-0.5.4-8.el7.i686.rpm liblangtag-0.5.4-8.el7.x86_64.rpm liblangtag-debuginfo-0.5.4-8.el7.i686.rpm liblangtag-debuginfo-0.5.4-8.el7.x86_64.rpm liblangtag-devel-0.5.4-8.el7.i686.rpm liblangtag-devel-0.5.4-8.el7.x86_64.rpm liblangtag-gobject-0.5.4-8.el7.i686.rpm liblangtag-gobject-0.5.4-8.el7.x86_64.rpm libmwaw-0.2.0-4.el7.i686.rpm libmwaw-0.2.0-4.el7.x86_64.rpm libmwaw-debuginfo-0.2.0-4.el7.i686.rpm libmwaw-debuginfo-0.2.0-4.el7.x86_64.rpm libmwaw-devel-0.2.0-4.el7.i686.rpm libmwaw-devel-0.2.0-4.el7.x86_64.rpm libmwaw-tools-0.2.0-4.el7.x86_64.rpm libodfgen-0.0.4-1.el7.i686.rpm libodfgen-0.0.4-1.el7.x86_64.rpm libodfgen-debuginfo-0.0.4-1.el7.i686.rpm libodfgen-debuginfo-0.0.4-1.el7.x86_64.rpm libodfgen-devel-0.0.4-1.el7.i686.rpm libodfgen-devel-0.0.4-1.el7.x86_64.rpm libreoffice-4.2.6.3-5.el7.x86_64.rpm libreoffice-base-4.2.6.3-5.el7.x86_64.rpm libreoffice-bsh-4.2.6.3-5.el7.x86_64.rpm libreoffice-calc-4.2.6.3-5.el7.x86_64.rpm libreoffice-core-4.2.6.3-5.el7.x86_64.rpm libreoffice-debuginfo-4.2.6.3-5.el7.x86_64.rpm libreoffice-draw-4.2.6.3-5.el7.x86_64.rpm libreoffice-emailmerge-4.2.6.3-5.el7.x86_64.rpm libreoffice-filters-4.2.6.3-5.el7.x86_64.rpm libreoffice-gdb-debug-support-4.2.6.3-5.el7.x86_64.rpm libreoffice-glade-4.2.6.3-5.el7.x86_64.rpm libreoffice-graphicfilter-4.2.6.3-5.el7.x86_64.rpm libreoffice-headless-4.2.6.3-5.el7.x86_64.rpm libreoffice-impress-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-af-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ar-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-as-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-bg-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-bn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-br-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ca-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-cs-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-cy-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-da-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-de-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-dz-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-el-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-en-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-es-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-et-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-eu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fa-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fi-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ga-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-gl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-gu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-he-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hi-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-it-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ja-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-kk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-kn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ko-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-lt-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-lv-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-mai-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ml-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-mr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nb-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nso-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-or-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pa-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pt-BR-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pt-PT-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ro-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ru-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-si-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ss-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-st-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sv-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ta-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-te-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-th-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-tn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-tr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ts-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-uk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ve-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-xh-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zh-Hans-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zh-Hant-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zu-4.2.6.3-5.el7.x86_64.rpm libreoffice-librelogo-4.2.6.3-5.el7.x86_64.rpm libreoffice-math-4.2.6.3-5.el7.x86_64.rpm libreoffice-nlpsolver-4.2.6.3-5.el7.x86_64.rpm libreoffice-ogltrans-4.2.6.3-5.el7.x86_64.rpm libreoffice-pdfimport-4.2.6.3-5.el7.x86_64.rpm libreoffice-postgresql-4.2.6.3-5.el7.x86_64.rpm libreoffice-pyuno-4.2.6.3-5.el7.x86_64.rpm libreoffice-rhino-4.2.6.3-5.el7.x86_64.rpm libreoffice-sdk-4.2.6.3-5.el7.x86_64.rpm libreoffice-sdk-doc-4.2.6.3-5.el7.x86_64.rpm libreoffice-ure-4.2.6.3-5.el7.x86_64.rpm libreoffice-wiki-publisher-4.2.6.3-5.el7.x86_64.rpm libreoffice-writer-4.2.6.3-5.el7.x86_64.rpm libreoffice-xsltfilter-4.2.6.3-5.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libabw-0.0.2-1.el7.src.rpm libcmis-0.4.1-5.el7.src.rpm libetonyek-0.0.4-2.el7.src.rpm libfreehand-0.0.0-3.el7.src.rpm liblangtag-0.5.4-8.el7.src.rpm libmwaw-0.2.0-4.el7.src.rpm libodfgen-0.0.4-1.el7.src.rpm libreoffice-4.2.6.3-5.el7.src.rpm noarch: autocorr-af-4.2.6.3-5.el7.noarch.rpm autocorr-bg-4.2.6.3-5.el7.noarch.rpm autocorr-ca-4.2.6.3-5.el7.noarch.rpm autocorr-cs-4.2.6.3-5.el7.noarch.rpm autocorr-da-4.2.6.3-5.el7.noarch.rpm autocorr-de-4.2.6.3-5.el7.noarch.rpm autocorr-en-4.2.6.3-5.el7.noarch.rpm autocorr-es-4.2.6.3-5.el7.noarch.rpm autocorr-fa-4.2.6.3-5.el7.noarch.rpm autocorr-fi-4.2.6.3-5.el7.noarch.rpm autocorr-fr-4.2.6.3-5.el7.noarch.rpm autocorr-ga-4.2.6.3-5.el7.noarch.rpm autocorr-hr-4.2.6.3-5.el7.noarch.rpm autocorr-hu-4.2.6.3-5.el7.noarch.rpm autocorr-is-4.2.6.3-5.el7.noarch.rpm autocorr-it-4.2.6.3-5.el7.noarch.rpm autocorr-ja-4.2.6.3-5.el7.noarch.rpm autocorr-ko-4.2.6.3-5.el7.noarch.rpm autocorr-lb-4.2.6.3-5.el7.noarch.rpm autocorr-lt-4.2.6.3-5.el7.noarch.rpm autocorr-mn-4.2.6.3-5.el7.noarch.rpm autocorr-nl-4.2.6.3-5.el7.noarch.rpm autocorr-pl-4.2.6.3-5.el7.noarch.rpm autocorr-pt-4.2.6.3-5.el7.noarch.rpm autocorr-ro-4.2.6.3-5.el7.noarch.rpm autocorr-ru-4.2.6.3-5.el7.noarch.rpm autocorr-sk-4.2.6.3-5.el7.noarch.rpm autocorr-sl-4.2.6.3-5.el7.noarch.rpm autocorr-sr-4.2.6.3-5.el7.noarch.rpm autocorr-sv-4.2.6.3-5.el7.noarch.rpm autocorr-tr-4.2.6.3-5.el7.noarch.rpm autocorr-vi-4.2.6.3-5.el7.noarch.rpm autocorr-zh-4.2.6.3-5.el7.noarch.rpm libreoffice-opensymbol-fonts-4.2.6.3-5.el7.noarch.rpm x86_64: libabw-0.0.2-1.el7.i686.rpm libabw-0.0.2-1.el7.x86_64.rpm libabw-debuginfo-0.0.2-1.el7.i686.rpm libabw-debuginfo-0.0.2-1.el7.x86_64.rpm libcmis-0.4.1-5.el7.i686.rpm libcmis-0.4.1-5.el7.x86_64.rpm libcmis-debuginfo-0.4.1-5.el7.i686.rpm libcmis-debuginfo-0.4.1-5.el7.x86_64.rpm libetonyek-0.0.4-2.el7.i686.rpm libetonyek-0.0.4-2.el7.x86_64.rpm libetonyek-debuginfo-0.0.4-2.el7.i686.rpm libetonyek-debuginfo-0.0.4-2.el7.x86_64.rpm libfreehand-0.0.0-3.el7.i686.rpm libfreehand-0.0.0-3.el7.x86_64.rpm libfreehand-debuginfo-0.0.0-3.el7.i686.rpm libfreehand-debuginfo-0.0.0-3.el7.x86_64.rpm liblangtag-0.5.4-8.el7.i686.rpm liblangtag-0.5.4-8.el7.x86_64.rpm liblangtag-debuginfo-0.5.4-8.el7.i686.rpm liblangtag-debuginfo-0.5.4-8.el7.x86_64.rpm libmwaw-0.2.0-4.el7.i686.rpm libmwaw-0.2.0-4.el7.x86_64.rpm libmwaw-debuginfo-0.2.0-4.el7.i686.rpm libmwaw-debuginfo-0.2.0-4.el7.x86_64.rpm libodfgen-0.0.4-1.el7.i686.rpm libodfgen-0.0.4-1.el7.x86_64.rpm libodfgen-debuginfo-0.0.4-1.el7.i686.rpm libodfgen-debuginfo-0.0.4-1.el7.x86_64.rpm libreoffice-base-4.2.6.3-5.el7.x86_64.rpm libreoffice-calc-4.2.6.3-5.el7.x86_64.rpm libreoffice-core-4.2.6.3-5.el7.x86_64.rpm libreoffice-debuginfo-4.2.6.3-5.el7.x86_64.rpm libreoffice-draw-4.2.6.3-5.el7.x86_64.rpm libreoffice-emailmerge-4.2.6.3-5.el7.x86_64.rpm libreoffice-graphicfilter-4.2.6.3-5.el7.x86_64.rpm libreoffice-impress-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-af-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ar-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-as-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-bg-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-bn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-br-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ca-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-cs-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-cy-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-da-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-de-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-dz-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-el-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-en-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-es-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-et-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-eu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fa-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fi-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-fr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ga-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-gl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-gu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-he-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hi-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-hu-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-it-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ja-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-kk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-kn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ko-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-lt-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-lv-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-mai-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ml-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-mr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nb-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-nso-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-or-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pa-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pt-BR-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-pt-PT-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ro-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ru-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-si-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sl-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ss-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-st-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-sv-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ta-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-te-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-th-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-tn-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-tr-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ts-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-uk-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-ve-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-xh-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zh-Hans-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zh-Hant-4.2.6.3-5.el7.x86_64.rpm libreoffice-langpack-zu-4.2.6.3-5.el7.x86_64.rpm libreoffice-math-4.2.6.3-5.el7.x86_64.rpm libreoffice-ogltrans-4.2.6.3-5.el7.x86_64.rpm libreoffice-pdfimport-4.2.6.3-5.el7.x86_64.rpm libreoffice-pyuno-4.2.6.3-5.el7.x86_64.rpm libreoffice-ure-4.2.6.3-5.el7.x86_64.rpm libreoffice-wiki-publisher-4.2.6.3-5.el7.x86_64.rpm libreoffice-writer-4.2.6.3-5.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): Source: mdds-0.10.3-1.el7.src.rpm noarch: libabw-doc-0.0.2-1.el7.noarch.rpm libetonyek-doc-0.0.4-2.el7.noarch.rpm libfreehand-doc-0.0.0-3.el7.noarch.rpm liblangtag-doc-0.5.4-8.el7.noarch.rpm libmwaw-doc-0.2.0-4.el7.noarch.rpm libodfgen-doc-0.0.4-1.el7.noarch.rpm mdds-devel-0.10.3-1.el7.noarch.rpm x86_64: libabw-debuginfo-0.0.2-1.el7.i686.rpm libabw-debuginfo-0.0.2-1.el7.x86_64.rpm libabw-devel-0.0.2-1.el7.i686.rpm libabw-devel-0.0.2-1.el7.x86_64.rpm libabw-tools-0.0.2-1.el7.x86_64.rpm libcmis-debuginfo-0.4.1-5.el7.i686.rpm libcmis-debuginfo-0.4.1-5.el7.x86_64.rpm libcmis-devel-0.4.1-5.el7.i686.rpm libcmis-devel-0.4.1-5.el7.x86_64.rpm libcmis-tools-0.4.1-5.el7.x86_64.rpm libetonyek-debuginfo-0.0.4-2.el7.i686.rpm libetonyek-debuginfo-0.0.4-2.el7.x86_64.rpm libetonyek-devel-0.0.4-2.el7.i686.rpm libetonyek-devel-0.0.4-2.el7.x86_64.rpm libetonyek-tools-0.0.4-2.el7.x86_64.rpm libfreehand-debuginfo-0.0.0-3.el7.i686.rpm libfreehand-debuginfo-0.0.0-3.el7.x86_64.rpm libfreehand-devel-0.0.0-3.el7.i686.rpm libfreehand-devel-0.0.0-3.el7.x86_64.rpm libfreehand-tools-0.0.0-3.el7.x86_64.rpm liblangtag-debuginfo-0.5.4-8.el7.i686.rpm liblangtag-debuginfo-0.5.4-8.el7.x86_64.rpm liblangtag-devel-0.5.4-8.el7.i686.rpm liblangtag-devel-0.5.4-8.el7.x86_64.rpm liblangtag-gobject-0.5.4-8.el7.i686.rpm liblangtag-gobject-0.5.4-8.el7.x86_64.rpm libmwaw-debuginfo-0.2.0-4.el7.i686.rpm libmwaw-debuginfo-0.2.0-4.el7.x86_64.rpm libmwaw-devel-0.2.0-4.el7.i686.rpm libmwaw-devel-0.2.0-4.el7.x86_64.rpm libmwaw-tools-0.2.0-4.el7.x86_64.rpm libodfgen-debuginfo-0.0.4-1.el7.i686.rpm libodfgen-debuginfo-0.0.4-1.el7.x86_64.rpm libodfgen-devel-0.0.4-1.el7.i686.rpm libodfgen-devel-0.0.4-1.el7.x86_64.rpm libreoffice-4.2.6.3-5.el7.x86_64.rpm libreoffice-bsh-4.2.6.3-5.el7.x86_64.rpm libreoffice-debuginfo-4.2.6.3-5.el7.x86_64.rpm libreoffice-filters-4.2.6.3-5.el7.x86_64.rpm libreoffice-gdb-debug-support-4.2.6.3-5.el7.x86_64.rpm libreoffice-glade-4.2.6.3-5.el7.x86_64.rpm libreoffice-headless-4.2.6.3-5.el7.x86_64.rpm libreoffice-librelogo-4.2.6.3-5.el7.x86_64.rpm libreoffice-nlpsolver-4.2.6.3-5.el7.x86_64.rpm libreoffice-postgresql-4.2.6.3-5.el7.x86_64.rpm libreoffice-rhino-4.2.6.3-5.el7.x86_64.rpm libreoffice-sdk-4.2.6.3-5.el7.x86_64.rpm libreoffice-sdk-doc-4.2.6.3-5.el7.x86_64.rpm libreoffice-xsltfilter-4.2.6.3-5.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0247 https://access.redhat.com/security/cve/CVE-2014-3575 https://access.redhat.com/security/cve/CVE-2014-3693 https://access.redhat.com/security/updates/classification/#moderate https://wiki.documentfoundation.org/ReleaseNotes/4.2 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GxYXlSAg2UNWIIRApfBAKCpJcRPGvlm3ec2TV3wmMrDVG4yoQCfX/g8 zlpKuandu+/uTL5rwr6y6P0= =muCP -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:47:57 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:47:57 +0000 Subject: [RHSA-2015:0349-01] Important: qemu-kvm security, bug fix, and enhancement update Message-ID: <201503051447.t25ElvtW015614@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm security, bug fix, and enhancement update Advisory ID: RHSA-2015:0349-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0349.html Issue date: 2015-03-05 CVE Names: CVE-2014-3640 CVE-2014-7815 CVE-2014-7840 CVE-2014-8106 ===================================================================== 1. Summary: Updated qemu-kvm packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. (CVE-2014-8106) An uninitialized data structure use flaw was found in the way the set_pixel_format() function sanitized the value of bits_per_pixel. An attacker able to access a guest's VNC console could use this flaw to crash the guest. (CVE-2014-7815) It was found that certain values that were read when loading RAM during migration were not validated. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-7840) A NULL pointer dereference flaw was found in the way QEMU handled UDP packets with a source port and address of 0 when QEMU's user networking was in use. A local guest user could use this flaw to crash the guest. (CVE-2014-3640) Red Hat would like to thank James Spadaro of Cisco for reporting CVE-2014-7815, and Xavier Mehrenberger and Stephane Duverger of Airbus for reporting CVE-2014-3640. The CVE-2014-8106 issue was found by Paolo Bonzini of Red Hat, and the CVE-2014-7840 issue was discovered by Michael S. Tsirkin of Red Hat. Bug fixes: * The KVM utility executed demanding routing update system calls every time it performed an MSI vector mask/unmask operation. Consequently, guests running legacy systems such as Red Hat Enterprise Linux 5 could, under certain circumstances, experience significant slowdown. Now, the routing system calls during mask/unmask operations are skipped, and the performance of legacy guests is now more consistent. (BZ#1098976) * Due to a bug in the Internet Small Computer System Interface (iSCSI) driver, a qemu-kvm process terminated unexpectedly with a segmentation fault when the "write same" command was executed in guest mode under the iSCSI protocol. This update fixes the bug, and the "write same" command now functions in guest mode under iSCSI as intended. (BZ#1083413) * The QEMU command interface did not properly handle resizing of cache memory during guest migration, causing QEMU to terminate unexpectedly with a segmentation fault. This update fixes the related code, and QEMU no longer crashes in the described situation. (BZ#1066338) Enhancements: * The maximum number of supported virtual CPUs (vCPUs) in a KVM guest has been increased to 240. This increases the number of virtual processing units that the user can assign to the guest, and therefore improves its performance potential. (BZ#1134408) * Support for the 5th Generation Intel Core processors has been added to the QEMU hypervisor, the KVM kernel code, and the libvirt API. This allows KVM guests to use the following instructions and features: ADCX, ADOX, RDSFEED, PREFETCHW, and supervisor mode access prevention (SMAP). (BZ#1116117) * The "dump-guest-memory" command now supports crash dump compression. This makes it possible for users who cannot use the "virsh dump" command to require less hard disk space for guest crash dumps. In addition, saving a compressed guest crash dump frequently takes less time than saving a non-compressed one. (BZ#1157798) * This update introduces support for flight recorder tracing, which uses SystemTap to automatically capture qemu-kvm data while the guest machine is running. For detailed instructions on how to configure and use flight recorder tracing, see the Virtualization Deployment and Administration Guide, linked to in the References section below. (BZ#1088112) 4. Solution: All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 895436 - qemu-kvm core dump when guest do S3/S4 with max(232) virtio block devices (multifunction=on) 949385 - passthrough USB speaker to win2012 guest fail to work well 980747 - flood with 'xhci: wrote doorbell while xHC stopped or paused' when redirected USB Webcam from usb-host with xHCI controller 980833 - xhci: FIXME: endpoint stopped w/ xfers running, data might be lost 990724 - qemu-kvm failing when invalid machine type is provided 996011 - vlan and queues options cause core dumped when qemu-kvm process quit(or ctrl+c) 999789 - qemu should give a more friendly prompt when didn't specify read-only for VMDK format disk 1002493 - qemu-img convert rate about 100k/second from qcow2/raw to vmdk format on nfs system file 1017685 - Gluster etc. should not be a dependency of vscclient and libcacard 1021788 - the error message "scsi generic interface too old" is wrong more often than not 1026314 - BUG: qemu-kvm hang when use '-sandbox on'+'vnc'+'hda' 1027565 - fail to reboot guest after migration from RHEL6.5 host to RHEL7.0 host 1029271 - Format specific information (create type) was wrong when create it specified subformat='streamOptimized' 1038914 - Guest can't receive any character transmitted from host after hot unplugging virtserialport then hot plugging again 1039791 - qemu-img creates truncated VMDK image with subformat=twoGbMaxExtentFlat 1046574 - fail to passthrough the USB speaker redirected from usb-redir with xhci controller 1046873 - fail to be recognized the hotpluging usb-storage device with xhci controller in win2012R2 guest 1049734 - PCI: QEMU crash on illegal operation: attaching a function to a non multi-function device 1052093 - qcow2 corruptions (leaked clusters after installing a rhel7 guest using virtio_scsi) 1054077 - qemu crash when reboot win7 guest with spice display 1064156 - [qxl] The guest show black screen while resumed guest which managedsaved in pmsuspended status. 1064647 - qemu-kvm core dump when hot-plug virtio-blk-pci device with gluster backend 1066338 - Reduce the migrate cache size during migration causes qemu segment fault 1074219 - qemu core dump when install a RHEL.7 guest(xhci) with migration 1074403 - qemu-kvm can not give any warning hint when set sndbuf with negative value 1074913 - migration can not finish with 1024k 'remaining ram' left after hotunplug 4 nics 1075846 - qemu-kvm core dumped when hotplug/unhotplug USB3.0 device multi times 1076326 - qemu-kvm does not quit when booting guest w/ 161 vcpus and "-no-kvm" 1079147 - [WHQL][balloon][virtio-rng]ob named DPWLK-HotADD-Device Test- Verify dirver support for Hot-Add CPU made win2k8-R2 BSOD (0x7E) 1083413 - qemu-kvm: iSCSI: Failure. SENSE KEY:ILLEGAL_REQUEST(5) ASCQ:INVALID_FIELD_IN_CDB(0x2400) 1085701 - Guest hits call trace migrate from RHEL6.5 to RHEL7.0 host with -M 6.1 & balloon & uhci device 1086598 - migrate_cancel wont take effect on previouly wrong migrate -d cmd 1086987 - src qemu crashed when starting migration in inmigrate mode 1088116 - qemu crash when device_del usb-redir 1088150 - qemu-img coredumpd when try to create a gluster format image 1088176 - QEMU fail to check whether duplicate ID for block device drive using 'blockdev-add' to hotplug 1088695 - there are four "gluster" in qemu-img supported format list 1088822 - hot-plug a virtio-scsi disk via 'blockdev-add' always cause QEMU quit 1089606 - QEMU will not reject invalid number of queues (num_queues = 0) specified for virtio-scsi 1093983 - there are three "nbd" in qemu-img supported format list 1094285 - Hot plug CPU not working with RHEL6 machine types running on RHEL7 host. 1095645 - vectors of virtio-scsi-pci will be 0 when set vectors>=129 1096576 - QEMU core dumped when boot up two scsi-hd disk on the same virtio-scsi-pci controller in Intel host 1097020 - [RFE] qemu-img: Add/improve Disk2VHD tools creating VHDX images 1097363 - qemu ' KVM internal error. Suberror: 1' when query cpu frequently during pxe boot in Intel "Q95xx" host 1098086 - RFE: Supporting creating vmdk/vdi/vpc format disk with protocols (glusterfs) 1104748 - 48% reduction in IO performance for KVM guest, io=native 1107821 - rdma migration: seg if destination isn't listening 1111450 - Guest crash when hotplug usb while disable virt_use_usb 1113009 - Migration failed with virtio-blk from RHEL6.5.0 host to RHEL7.0 host 1116728 - Backport qemu_bh_schedule() race condition fix 1116941 - Return value of virtio_load not checked in virtio_rng_load 1118707 - VMstate static checker: backport -dump-vmstate feature to export json-encoded vmstate info 1122151 - Pass close from qemu-ga 1123372 - qemu-kvm crashed when doing iofuzz testing 1130428 - After migration of RHEL7.1 guest with "-vga qxl", GUI console is hang 1131316 - fail to specify wwn for virtual IDE CD-ROM 1134237 - Opening malformed VMDK description file should fail 1134241 - QEMU fails to correctly read/write on VMDK with big flat extent 1134251 - Opening an obviously truncated VMDK image should fail 1134283 - qemu-img convert from ISO to streamOptimized fails 1138639 - fail to login spice session with password + expire time 1138691 - Allow qemu-img to bypass the host cache (check, compare, convert, rebase, amend) 1140618 - Should replace "qemu-system-i386" by "/usr/libexec/qemu-kvm" in manpage of qemu-kvm for our official qemu-kvm build 1140742 - Enable native qemu support for Ceph 1141667 - Qemu crashed if reboot guest after hot remove AC97 sound device 1142290 - guest is stuck when setting balloon memory with large guest-stats-polling-interval 1144818 - CVE-2014-3640 qemu: slirp: NULL pointer deref in sosendto() 1155518 - qemu-kvm: undefined symbol: glfs_discard_async 1157641 - CVE-2014-7815 qemu: vnc: insufficient bits_per_pixel from the client sanitization 1160237 - qemu-img convert intermittently corrupts output images 1161563 - invalid QEMU NOTEs in vmcore that is dumped for multi-VCPU guests 1163075 - CVE-2014-7840 qemu: insufficient parameter validation during ram load 1169454 - CVE-2014-8106 qemu: cirrus: insufficient blit region checks 1175325 - Delete cow block driver 1180942 - qemu core dumped when unhotplug gpu card assigned to guest 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: qemu-kvm-1.5.3-86.el7.src.rpm x86_64: libcacard-1.5.3-86.el7.i686.rpm libcacard-1.5.3-86.el7.x86_64.rpm qemu-img-1.5.3-86.el7.x86_64.rpm qemu-kvm-1.5.3-86.el7.x86_64.rpm qemu-kvm-common-1.5.3-86.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.i686.rpm qemu-kvm-debuginfo-1.5.3-86.el7.x86_64.rpm qemu-kvm-tools-1.5.3-86.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libcacard-devel-1.5.3-86.el7.i686.rpm libcacard-devel-1.5.3-86.el7.x86_64.rpm libcacard-tools-1.5.3-86.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.i686.rpm qemu-kvm-debuginfo-1.5.3-86.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: qemu-kvm-1.5.3-86.el7.src.rpm x86_64: libcacard-1.5.3-86.el7.i686.rpm libcacard-1.5.3-86.el7.x86_64.rpm libcacard-devel-1.5.3-86.el7.i686.rpm libcacard-devel-1.5.3-86.el7.x86_64.rpm libcacard-tools-1.5.3-86.el7.x86_64.rpm qemu-img-1.5.3-86.el7.x86_64.rpm qemu-kvm-1.5.3-86.el7.x86_64.rpm qemu-kvm-common-1.5.3-86.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.i686.rpm qemu-kvm-debuginfo-1.5.3-86.el7.x86_64.rpm qemu-kvm-tools-1.5.3-86.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: qemu-kvm-1.5.3-86.el7.src.rpm ppc64: qemu-img-1.5.3-86.el7.ppc64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.ppc64.rpm x86_64: libcacard-1.5.3-86.el7.i686.rpm libcacard-1.5.3-86.el7.x86_64.rpm qemu-img-1.5.3-86.el7.x86_64.rpm qemu-kvm-1.5.3-86.el7.x86_64.rpm qemu-kvm-common-1.5.3-86.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.i686.rpm qemu-kvm-debuginfo-1.5.3-86.el7.x86_64.rpm qemu-kvm-tools-1.5.3-86.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libcacard-1.5.3-86.el7.ppc.rpm libcacard-1.5.3-86.el7.ppc64.rpm libcacard-devel-1.5.3-86.el7.ppc.rpm libcacard-devel-1.5.3-86.el7.ppc64.rpm libcacard-tools-1.5.3-86.el7.ppc64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.ppc.rpm qemu-kvm-debuginfo-1.5.3-86.el7.ppc64.rpm x86_64: libcacard-devel-1.5.3-86.el7.i686.rpm libcacard-devel-1.5.3-86.el7.x86_64.rpm libcacard-tools-1.5.3-86.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.i686.rpm qemu-kvm-debuginfo-1.5.3-86.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: qemu-kvm-1.5.3-86.el7.src.rpm x86_64: libcacard-1.5.3-86.el7.i686.rpm libcacard-1.5.3-86.el7.x86_64.rpm qemu-img-1.5.3-86.el7.x86_64.rpm qemu-kvm-1.5.3-86.el7.x86_64.rpm qemu-kvm-common-1.5.3-86.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.i686.rpm qemu-kvm-debuginfo-1.5.3-86.el7.x86_64.rpm qemu-kvm-tools-1.5.3-86.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libcacard-devel-1.5.3-86.el7.i686.rpm libcacard-devel-1.5.3-86.el7.x86_64.rpm libcacard-tools-1.5.3-86.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-86.el7.i686.rpm qemu-kvm-debuginfo-1.5.3-86.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3640 https://access.redhat.com/security/cve/CVE-2014-7815 https://access.redhat.com/security/cve/CVE-2014-7840 https://access.redhat.com/security/cve/CVE-2014-8106 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Virtualization_Deployment_and_Administration_Guide/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+Gx5XlSAg2UNWIIRAkDvAJ9JthQRrD8vggvefK9chaWgaO5JgACeJQvW 9Ojk6PWePdEkgl5QWeWkBhI= =f2qz -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:49:09 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:49:09 +0000 Subject: [RHSA-2015:0330-02] Low: pcre security and enhancement update Message-ID: <201503051449.t25EnAO1016549@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: pcre security and enhancement update Advisory ID: RHSA-2015:0330-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0330.html Issue date: 2015-03-05 CVE Names: CVE-2014-8964 ===================================================================== 1. Summary: Updated pcre packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: PCRE is a Perl-compatible regular expression library. A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application (for example, Konqueror) linked against PCRE to crash while parsing malicious regular expressions. (CVE-2014-8964) This update also adds the following enhancement: * Support for the little-endian variant of IBM Power Systems has been added to the pcre packages. (BZ#1123498, BZ#1125642) All pcre users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue and add this enhancement. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1166147 - CVE-2014-8964 pcre: incorrect handling of zero-repeat assertion conditions 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: pcre-8.32-14.el7.src.rpm x86_64: pcre-8.32-14.el7.i686.rpm pcre-8.32-14.el7.x86_64.rpm pcre-debuginfo-8.32-14.el7.i686.rpm pcre-debuginfo-8.32-14.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: pcre-debuginfo-8.32-14.el7.i686.rpm pcre-debuginfo-8.32-14.el7.x86_64.rpm pcre-devel-8.32-14.el7.i686.rpm pcre-devel-8.32-14.el7.x86_64.rpm pcre-static-8.32-14.el7.i686.rpm pcre-static-8.32-14.el7.x86_64.rpm pcre-tools-8.32-14.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: pcre-8.32-14.el7.src.rpm x86_64: pcre-8.32-14.el7.i686.rpm pcre-8.32-14.el7.x86_64.rpm pcre-debuginfo-8.32-14.el7.i686.rpm pcre-debuginfo-8.32-14.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: pcre-debuginfo-8.32-14.el7.i686.rpm pcre-debuginfo-8.32-14.el7.x86_64.rpm pcre-devel-8.32-14.el7.i686.rpm pcre-devel-8.32-14.el7.x86_64.rpm pcre-static-8.32-14.el7.i686.rpm pcre-static-8.32-14.el7.x86_64.rpm pcre-tools-8.32-14.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: pcre-8.32-14.el7.src.rpm ppc64: pcre-8.32-14.el7.ppc.rpm pcre-8.32-14.el7.ppc64.rpm pcre-debuginfo-8.32-14.el7.ppc.rpm pcre-debuginfo-8.32-14.el7.ppc64.rpm pcre-devel-8.32-14.el7.ppc.rpm pcre-devel-8.32-14.el7.ppc64.rpm s390x: pcre-8.32-14.el7.s390.rpm pcre-8.32-14.el7.s390x.rpm pcre-debuginfo-8.32-14.el7.s390.rpm pcre-debuginfo-8.32-14.el7.s390x.rpm pcre-devel-8.32-14.el7.s390.rpm pcre-devel-8.32-14.el7.s390x.rpm x86_64: pcre-8.32-14.el7.i686.rpm pcre-8.32-14.el7.x86_64.rpm pcre-debuginfo-8.32-14.el7.i686.rpm pcre-debuginfo-8.32-14.el7.x86_64.rpm pcre-devel-8.32-14.el7.i686.rpm pcre-devel-8.32-14.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: pcre-debuginfo-8.32-14.el7.ppc.rpm pcre-debuginfo-8.32-14.el7.ppc64.rpm pcre-static-8.32-14.el7.ppc.rpm pcre-static-8.32-14.el7.ppc64.rpm pcre-tools-8.32-14.el7.ppc64.rpm s390x: pcre-debuginfo-8.32-14.el7.s390.rpm pcre-debuginfo-8.32-14.el7.s390x.rpm pcre-static-8.32-14.el7.s390.rpm pcre-static-8.32-14.el7.s390x.rpm pcre-tools-8.32-14.el7.s390x.rpm x86_64: pcre-debuginfo-8.32-14.el7.i686.rpm pcre-debuginfo-8.32-14.el7.x86_64.rpm pcre-static-8.32-14.el7.i686.rpm pcre-static-8.32-14.el7.x86_64.rpm pcre-tools-8.32-14.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: pcre-8.32-14.el7.src.rpm x86_64: pcre-8.32-14.el7.i686.rpm pcre-8.32-14.el7.x86_64.rpm pcre-debuginfo-8.32-14.el7.i686.rpm pcre-debuginfo-8.32-14.el7.x86_64.rpm pcre-devel-8.32-14.el7.i686.rpm pcre-devel-8.32-14.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: pcre-debuginfo-8.32-14.el7.i686.rpm pcre-debuginfo-8.32-14.el7.x86_64.rpm pcre-static-8.32-14.el7.i686.rpm pcre-static-8.32-14.el7.x86_64.rpm pcre-tools-8.32-14.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8964 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+GzbXlSAg2UNWIIRAkNgAKCAkawLEpQI4rSoGfsmA+KjTS990gCgqHyp 3W3gApSWf0aj4+EHvUJTaaE= =LWYn -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:50:19 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:50:19 +0000 Subject: [RHSA-2015:0327-02] Moderate: glibc security and bug fix update Message-ID: <201503051450.t25EoJi0004778@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: glibc security and bug fix update Advisory ID: RHSA-2015:0327-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0327.html Issue date: 2015-03-05 CVE Names: CVE-2014-6040 CVE-2014-8121 ===================================================================== 1. Summary: Updated glibc packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. An out-of-bounds read flaw was found in the way glibc's iconv() function converted certain encoded data to UTF-8. An attacker able to make an application call the iconv() function with a specially crafted argument could use this flaw to crash that application. (CVE-2014-6040) It was found that the files back end of Name Service Switch (NSS) did not isolate iteration over an entire database from key-based look-up API calls. An application performing look-ups on a database while iterating over it could enter an infinite loop, leading to a denial of service. (CVE-2014-8121) This update also fixes the following bugs: * Due to problems with buffer extension and reallocation, the nscd daemon terminated unexpectedly with a segmentation fault when processing long netgroup entries. With this update, the handling of long netgroup entries has been corrected and nscd no longer crashes in the described scenario. (BZ#1138520) * If a file opened in append mode was truncated with the ftruncate() function, a subsequent ftell() call could incorrectly modify the file offset. This update ensures that ftell() modifies the stream state only when it is in append mode and the buffer for the stream is not empty. (BZ#1156331) * A defect in the C library headers caused builds with older compilers to generate incorrect code for the btowc() function in the older compatibility C++ standard library. Applications calling btowc() in the compatibility C++ standard library became unresponsive. With this update, the C library headers have been corrected, and the compatibility C++ standard library shipped with Red Hat Enterprise Linux has been rebuilt. Applications that rely on the compatibility C++ standard library no longer hang when calling btowc(). (BZ#1120490) * Previously, when using netgroups and the nscd daemon was set up to cache netgroup information, the sudo utility denied access to valid users. The bug in nscd has been fixed, and sudo now works in netgroups as expected. (BZ#1080766) Users of glibc are advised to upgrade to these updated packages, which fix these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1103874 - Fix memory fencing error in unwind-forcedunwind.c 1124453 - getconf PATH returns non-directory "/bin" 1135841 - CVE-2014-6040 glibc: crash in code page decoding functions (IBM933, IBM935, IBM937, IBM939, IBM1364) 1138520 - nscd segfaults when running sudo with netgroup caching enabled. 1165192 - CVE-2014-8121 glibc: Unexpected closing of nss_files databases after lookups causes denial of service 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: glibc-2.17-78.el7.src.rpm x86_64: glibc-2.17-78.el7.i686.rpm glibc-2.17-78.el7.x86_64.rpm glibc-common-2.17-78.el7.x86_64.rpm glibc-debuginfo-2.17-78.el7.i686.rpm glibc-debuginfo-2.17-78.el7.x86_64.rpm glibc-debuginfo-common-2.17-78.el7.i686.rpm glibc-debuginfo-common-2.17-78.el7.x86_64.rpm glibc-devel-2.17-78.el7.i686.rpm glibc-devel-2.17-78.el7.x86_64.rpm glibc-headers-2.17-78.el7.x86_64.rpm glibc-utils-2.17-78.el7.x86_64.rpm nscd-2.17-78.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: glibc-debuginfo-2.17-78.el7.i686.rpm glibc-debuginfo-2.17-78.el7.x86_64.rpm glibc-debuginfo-common-2.17-78.el7.i686.rpm glibc-debuginfo-common-2.17-78.el7.x86_64.rpm glibc-static-2.17-78.el7.i686.rpm glibc-static-2.17-78.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: glibc-2.17-78.el7.src.rpm x86_64: glibc-2.17-78.el7.i686.rpm glibc-2.17-78.el7.x86_64.rpm glibc-common-2.17-78.el7.x86_64.rpm glibc-debuginfo-2.17-78.el7.i686.rpm glibc-debuginfo-2.17-78.el7.x86_64.rpm glibc-debuginfo-common-2.17-78.el7.i686.rpm glibc-debuginfo-common-2.17-78.el7.x86_64.rpm glibc-devel-2.17-78.el7.i686.rpm glibc-devel-2.17-78.el7.x86_64.rpm glibc-headers-2.17-78.el7.x86_64.rpm glibc-utils-2.17-78.el7.x86_64.rpm nscd-2.17-78.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: glibc-debuginfo-2.17-78.el7.i686.rpm glibc-debuginfo-2.17-78.el7.x86_64.rpm glibc-debuginfo-common-2.17-78.el7.i686.rpm glibc-debuginfo-common-2.17-78.el7.x86_64.rpm glibc-static-2.17-78.el7.i686.rpm glibc-static-2.17-78.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: glibc-2.17-78.el7.src.rpm ppc64: glibc-2.17-78.el7.ppc.rpm glibc-2.17-78.el7.ppc64.rpm glibc-common-2.17-78.el7.ppc64.rpm glibc-debuginfo-2.17-78.el7.ppc.rpm glibc-debuginfo-2.17-78.el7.ppc64.rpm glibc-debuginfo-common-2.17-78.el7.ppc.rpm glibc-debuginfo-common-2.17-78.el7.ppc64.rpm glibc-devel-2.17-78.el7.ppc.rpm glibc-devel-2.17-78.el7.ppc64.rpm glibc-headers-2.17-78.el7.ppc64.rpm glibc-utils-2.17-78.el7.ppc64.rpm nscd-2.17-78.el7.ppc64.rpm s390x: glibc-2.17-78.el7.s390.rpm glibc-2.17-78.el7.s390x.rpm glibc-common-2.17-78.el7.s390x.rpm glibc-debuginfo-2.17-78.el7.s390.rpm glibc-debuginfo-2.17-78.el7.s390x.rpm glibc-debuginfo-common-2.17-78.el7.s390.rpm glibc-debuginfo-common-2.17-78.el7.s390x.rpm glibc-devel-2.17-78.el7.s390.rpm glibc-devel-2.17-78.el7.s390x.rpm glibc-headers-2.17-78.el7.s390x.rpm glibc-utils-2.17-78.el7.s390x.rpm nscd-2.17-78.el7.s390x.rpm x86_64: glibc-2.17-78.el7.i686.rpm glibc-2.17-78.el7.x86_64.rpm glibc-common-2.17-78.el7.x86_64.rpm glibc-debuginfo-2.17-78.el7.i686.rpm glibc-debuginfo-2.17-78.el7.x86_64.rpm glibc-debuginfo-common-2.17-78.el7.i686.rpm glibc-debuginfo-common-2.17-78.el7.x86_64.rpm glibc-devel-2.17-78.el7.i686.rpm glibc-devel-2.17-78.el7.x86_64.rpm glibc-headers-2.17-78.el7.x86_64.rpm glibc-utils-2.17-78.el7.x86_64.rpm nscd-2.17-78.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: glibc-debuginfo-2.17-78.el7.ppc.rpm glibc-debuginfo-2.17-78.el7.ppc64.rpm glibc-debuginfo-common-2.17-78.el7.ppc.rpm glibc-debuginfo-common-2.17-78.el7.ppc64.rpm glibc-static-2.17-78.el7.ppc.rpm glibc-static-2.17-78.el7.ppc64.rpm s390x: glibc-debuginfo-2.17-78.el7.s390.rpm glibc-debuginfo-2.17-78.el7.s390x.rpm glibc-debuginfo-common-2.17-78.el7.s390.rpm glibc-debuginfo-common-2.17-78.el7.s390x.rpm glibc-static-2.17-78.el7.s390.rpm glibc-static-2.17-78.el7.s390x.rpm x86_64: glibc-debuginfo-2.17-78.el7.i686.rpm glibc-debuginfo-2.17-78.el7.x86_64.rpm glibc-debuginfo-common-2.17-78.el7.i686.rpm glibc-debuginfo-common-2.17-78.el7.x86_64.rpm glibc-static-2.17-78.el7.i686.rpm glibc-static-2.17-78.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: glibc-2.17-78.el7.src.rpm x86_64: glibc-2.17-78.el7.i686.rpm glibc-2.17-78.el7.x86_64.rpm glibc-common-2.17-78.el7.x86_64.rpm glibc-debuginfo-2.17-78.el7.i686.rpm glibc-debuginfo-2.17-78.el7.x86_64.rpm glibc-debuginfo-common-2.17-78.el7.i686.rpm glibc-debuginfo-common-2.17-78.el7.x86_64.rpm glibc-devel-2.17-78.el7.i686.rpm glibc-devel-2.17-78.el7.x86_64.rpm glibc-headers-2.17-78.el7.x86_64.rpm glibc-utils-2.17-78.el7.x86_64.rpm nscd-2.17-78.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: glibc-debuginfo-2.17-78.el7.i686.rpm glibc-debuginfo-2.17-78.el7.x86_64.rpm glibc-debuginfo-common-2.17-78.el7.i686.rpm glibc-debuginfo-common-2.17-78.el7.x86_64.rpm glibc-static-2.17-78.el7.i686.rpm glibc-static-2.17-78.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-6040 https://access.redhat.com/security/cve/CVE-2014-8121 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+G0jXlSAg2UNWIIRAinCAJ9TnVVjNrWKqyabgFdA1Itf53M0uACfcunQ 4VVcn4EsVKgxJ2kqkFg2sxc= =mUlw -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:51:05 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:51:05 +0000 Subject: [RHSA-2015:0325-02] Low: httpd security, bug fix, and enhancement update Message-ID: <201503051451.t25Ep5Am018170@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: httpd security, bug fix, and enhancement update Advisory ID: RHSA-2015:0325-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0325.html Issue date: 2015-03-05 CVE Names: CVE-2013-5704 CVE-2014-3581 ===================================================================== 1. Summary: Updated httpd packages that fix two security issues, several bugs, and add various enhancements are for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) A NULL pointer dereference flaw was found in the way the mod_cache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled. (CVE-2014-3581) This update also fixes the following bugs: * Previously, the mod_proxy_fcgi Apache module always kept the back-end connections open even when they should have been closed. As a consequence, the number of open file descriptors was increasing over the time. With this update, mod_proxy_fcgi has been fixed to check the state of the back-end connections, and it closes the idle back-end connections as expected. (BZ#1168050) * An integer overflow occurred in the ab utility when a large request count was used. Consequently, ab terminated unexpectedly with a segmentation fault while printing statistics after the benchmark. This bug has been fixed, and ab no longer crashes in this scenario. (BZ#1092420) * Previously, when httpd was running in the foreground and the user pressed Ctrl+C to interrupt the httpd processes, a race condition in signal handling occurred. The SIGINT signal was sent to all children followed by SIGTERM from the main process, which interrupted the SIGINT handler. Consequently, the affected processes became unresponsive or terminated unexpectedly. With this update, the SIGINT signals in the child processes are ignored, and httpd no longer hangs or crashes in this scenario. (BZ#1131006) In addition, this update adds the following enhancements: * With this update, the mod_proxy module of the Apache HTTP Server supports the Unix Domain Sockets (UDS). This allows mod_proxy back ends to listen on UDS sockets instead of TCP sockets, and as a result, mod_proxy can be used to connect UDS back ends. (BZ#1168081) * This update adds support for using the SetHandler directive together with the mod_proxy module. As a result, it is possible to configure SetHandler to use proxy for incoming requests, for example, in the following format: SetHandler "proxy:fcgi://127.0.0.1:9000". (BZ#1136290) * The htaccess API changes introduced in httpd 2.4.7 have been backported to httpd shipped with Red Hat Enterprise Linux 7.1. These changes allow for the MPM-ITK module to be compiled as an httpd module. (BZ#1059143) All httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. After installing the updated packages, the httpd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1059143 - Feature request: update httpd to 2.4.7 / backport htaccess API changes 1060536 - mod_rewrite doesn't expose client_addr 1073078 - mod_ssl uses small DHE parameters for non standard RSA keys 1073081 - mod_ssl selects correct DHE parameters for keys only up to 4096 bit 1080125 - httpd uses hardcoded curve for ECDHE suites 1082903 - CVE-2013-5704 httpd: bypass of mod_headers rules via chunked requests 1114123 - RFE: set vstring dynamically 1131006 - Error in `/usr/sbin/httpd': free(): invalid pointer 1131847 - authzprovideralias and authnprovideralias-defined provider can't be used in virtualhost . 1136290 - SetHandler to proxy support 1149709 - CVE-2014-3581 httpd: NULL pointer dereference in mod_cache if Content-Type has empty value 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: httpd-2.4.6-31.el7.src.rpm noarch: httpd-manual-2.4.6-31.el7.noarch.rpm x86_64: httpd-2.4.6-31.el7.x86_64.rpm httpd-debuginfo-2.4.6-31.el7.x86_64.rpm httpd-devel-2.4.6-31.el7.x86_64.rpm httpd-tools-2.4.6-31.el7.x86_64.rpm mod_ldap-2.4.6-31.el7.x86_64.rpm mod_proxy_html-2.4.6-31.el7.x86_64.rpm mod_session-2.4.6-31.el7.x86_64.rpm mod_ssl-2.4.6-31.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: httpd-2.4.6-31.el7.src.rpm noarch: httpd-manual-2.4.6-31.el7.noarch.rpm x86_64: httpd-2.4.6-31.el7.x86_64.rpm httpd-debuginfo-2.4.6-31.el7.x86_64.rpm httpd-devel-2.4.6-31.el7.x86_64.rpm httpd-tools-2.4.6-31.el7.x86_64.rpm mod_ldap-2.4.6-31.el7.x86_64.rpm mod_proxy_html-2.4.6-31.el7.x86_64.rpm mod_session-2.4.6-31.el7.x86_64.rpm mod_ssl-2.4.6-31.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: httpd-2.4.6-31.el7.src.rpm noarch: httpd-manual-2.4.6-31.el7.noarch.rpm ppc64: httpd-2.4.6-31.el7.ppc64.rpm httpd-debuginfo-2.4.6-31.el7.ppc64.rpm httpd-devel-2.4.6-31.el7.ppc64.rpm httpd-tools-2.4.6-31.el7.ppc64.rpm mod_ssl-2.4.6-31.el7.ppc64.rpm s390x: httpd-2.4.6-31.el7.s390x.rpm httpd-debuginfo-2.4.6-31.el7.s390x.rpm httpd-devel-2.4.6-31.el7.s390x.rpm httpd-tools-2.4.6-31.el7.s390x.rpm mod_ssl-2.4.6-31.el7.s390x.rpm x86_64: httpd-2.4.6-31.el7.x86_64.rpm httpd-debuginfo-2.4.6-31.el7.x86_64.rpm httpd-devel-2.4.6-31.el7.x86_64.rpm httpd-tools-2.4.6-31.el7.x86_64.rpm mod_ssl-2.4.6-31.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: httpd-debuginfo-2.4.6-31.el7.ppc64.rpm mod_ldap-2.4.6-31.el7.ppc64.rpm mod_proxy_html-2.4.6-31.el7.ppc64.rpm mod_session-2.4.6-31.el7.ppc64.rpm s390x: httpd-debuginfo-2.4.6-31.el7.s390x.rpm mod_ldap-2.4.6-31.el7.s390x.rpm mod_proxy_html-2.4.6-31.el7.s390x.rpm mod_session-2.4.6-31.el7.s390x.rpm x86_64: httpd-debuginfo-2.4.6-31.el7.x86_64.rpm mod_ldap-2.4.6-31.el7.x86_64.rpm mod_proxy_html-2.4.6-31.el7.x86_64.rpm mod_session-2.4.6-31.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: httpd-2.4.6-31.el7.src.rpm noarch: httpd-manual-2.4.6-31.el7.noarch.rpm x86_64: httpd-2.4.6-31.el7.x86_64.rpm httpd-debuginfo-2.4.6-31.el7.x86_64.rpm httpd-devel-2.4.6-31.el7.x86_64.rpm httpd-tools-2.4.6-31.el7.x86_64.rpm mod_ssl-2.4.6-31.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: httpd-debuginfo-2.4.6-31.el7.x86_64.rpm mod_ldap-2.4.6-31.el7.x86_64.rpm mod_proxy_html-2.4.6-31.el7.x86_64.rpm mod_session-2.4.6-31.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2013-5704 https://access.redhat.com/security/cve/CVE-2014-3581 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+G1OXlSAg2UNWIIRApdZAJ9WoUSSz1gMZRg0enaqlQXWp6sZJgCeLTaB F9KjL6Xrpxvd6e3GWkQBfGE= =hvwa -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:51:58 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:51:58 +0000 Subject: [RHSA-2015:0323-02] Low: libvirt security, bug fix, and enhancement update Message-ID: <201503051451.t25EpwtH023942@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: libvirt security, bug fix, and enhancement update Advisory ID: RHSA-2015:0323-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0323.html Issue date: 2015-03-05 CVE Names: CVE-2014-8136 CVE-2015-0236 ===================================================================== 1. Summary: Updated libvirt packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. It was found that QEMU's qemuDomainMigratePerform() and qemuDomainMigrateFinish2() functions did not correctly perform a domain unlock on a failed ACL check. A remote attacker able to establish a connection to libvirtd could use this flaw to lock a domain of a more privileged user, causing a denial of service. (CVE-2014-8136) It was discovered that the virDomainSnapshotGetXMLDesc() and virDomainSaveImageGetXMLDesc() functions did not sufficiently limit the usage of the VIR_DOMAIN_XML_SECURE flag when fine-grained ACLs were enabled. A remote attacker able to establish a connection to libvirtd could use this flaw to obtain certain sensitive information from the domain XML file. (CVE-2015-0236) The CVE-2015-0236 issue was found by Luyao Huang of Red Hat. Bug fixes: * The libvirtd daemon previously attempted to search for SELinux contexts even when SELinux was disabled on the host. Consequently, libvirtd logged "Unable to lookup SELinux process context" error messages every time a client connected to libvirtd and SELinux was disabled. libvirtd now verifies whether SELinux is enabled before searching for SELinux contexts, and no longer logs the error messages on a host with SELinux disabled. (BZ#1135155) * The libvirt utility passed incomplete PCI addresses to QEMU. Consequently, assigning a PCI device that had a PCI address with a non-zero domain to a guest failed. Now, libvirt properly passes PCI domain to QEMU when assigning PCI devices, which prevents the described problem. (BZ#1127080) * Because the virDomainSetMaxMemory API did not allow changing the current memory in the LXC driver, the "virsh setmaxmem" command failed when attempting to set the maximum memory to be lower than the current memory. Now, "virsh setmaxmem" sets the current memory to the intended value of the maximum memory, which avoids the mentioned problem. (BZ#1091132) * Attempting to start a non-existent domain caused network filters to stay locked for read-only access. Because of this, subsequent attempts to gain read-write access to network filters triggered a deadlock. Network filters are now properly unlocked in the described scenario, and the deadlock no longer occurs. (BZ#1088864) * If a guest configuration had an active nwfilter using the DHCP snooping feature and an attempt was made to terminate libvirtd before the associated nwfilter rule snooped the guest IP address from DHCP packets, libvirtd became unresponsive. This problem has been fixed by setting a longer wait time for snooping the guest IP address. (BZ#1075543) Enhancements: * A new "migrate_host" option is now available in /etc/libvirt/qemu.conf, which allows users to set a custom IP address to be used for incoming migrations. (BZ#1087671) * With this update, libvirt is able to create a compressed memory-only crash dump of a QEMU domain. This type of crash dump is directly readable by the GNU Debugger and requires significantly less hard disk space than the standard crash dump. (BZ#1035158) * Support for reporting the NUMA node distance of the host has been added to libvirt. This enhances the current libvirt capabilities for reporting NUMA topology of the host, and allows for easier optimization of new domains. (BZ#1086331) * The XML file of guest and host capabilities generated by the "virsh capabilities" command has been enhanced to list the following information, where relevant: the interface speed and link status of the host, the PCI Express (PCIe) details, the host's hardware support for I/O virtualization, and a report on the huge memory pages. (BZ#1076960, BZ#1076957, BZ#1076959, BZ#1076962) These packages also include a number of other bug fixes and enhancements. For additional details, see the "Bugs Fixed" section below. 4. Solution: All libvirt users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. After installing the updated packages, libvirtd will be restarted automatically. Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 706887 - [TestOnly] qemu truncates JSON numbers >= 0x8000_0000_0000_0000 765733 - Error reporting when qemu terminates unexpectedly is inconsistent and sometimes unhelpful 823535 - Libvirt is sensitive to the order in which the video devices are passed 872628 - List available LXC consoles using container_ttys env variable 874418 - clear the error message when dump a guest with pass-through device 876829 - create external checkpoint snapshot will change the guest pmsuspended state and guest hang forever 877244 - Virsh command will delay a long time if restart libvirtd with many virtual networks running 878394 - virsh iface-dumpxml or virt-manager reports "bond interface misses the bond element" for inactive bond interfaces 880483 - Guest can use inactive macvtap-passthrough network 921094 - Missing auditing for serial, parallel, channel, console and smartcard devices 924853 - blockcopy to cifs fails 956506 - virsh snapshot-delete --children-only bypasses safety check for deleting disk-only children 957293 - support libiscsi for SCSI passthrough devices 963817 - Stable SCSI host addressing 964177 - virConnectDomainEventRTCChangeCallback returns wrong offset 967493 - Lockfailure action Ignore will lead to sanlock rem_lockspace stuck 967494 - Lockfailure action Restart can shutdown the guest but fail to start it 972964 - WWN option for Hot Attaching SCSI Disks 983350 - The running Guest was paused while cancel the migration on the third machine 985782 - Some flag values of method are missing in libvirt-python bindings 985980 - virsh vcpuinfo output is difficult to read with large cpu counts 990418 - Provide option to enable/disable 64-bit PCI hole 991290 - Fail to modify the name attribute of ipv6 dhcp host via virsh net-update 992980 - Separate limits for anonymous and authenticated users 994731 - Documentation for virDomainLookupBy* should mention caller's responsibility to free virDomainPtr 995377 - Domain without autostart can't be resumed by the libvirt-guests script after rebooting the host 997802 - domdisplay should show all URI if config both vnc and spice in guest 999926 - Policy denies libvirtd the permission to relabel unix domain sockets 1006700 - need add "interface" to virt-xml-validate manual page 1007698 - The cpu_shares value of domain xml should be consistent with return value of schedinfo. 1007759 - libvirt should forbid to attach a device with boot order for the first time if the os/boot element exists 1021703 - [RFE] Support for qemu-kvm's "-boot splash_time" parameter 1022874 - In man page of virsh, a typo 'COMMMANDS' displays three times 1023366 - [virsh cmd] Error message is not clear for commands blkiotune and schedinfo 1025407 - autoport='yes' doesn't skip over ports in use with IPv6 1027076 - Fail to start lxc with disabled selinux due to the existed empty /selinux 1029266 - Error message is not clear for command nwfilter-define under non-root user. 1029732 - Libvirt can not update/modify queues value of interface element using update-device command 1032363 - document need to pass image name for block backed disks with --disk-only 1033398 - Nodedev-destroy commands both doc and error message when destroy HBA are not clear 1033704 - domain xml: libvirt should take defaultMode value into account when discarding entries 1035128 - Stable guest ABI doesn't check redirected usb device 1035966 - Start autostarted virtual networks in background 1041569 - [NFR] libvirt: Returning the allocation watermark for all the images opened for writing during block-commit 1043735 - virsh command domiftune bound parameter checking error 1046192 - Can't set the timer base as localtime once localtime is used in the variable attribute. 1047818 - VFs can not be listed by net-dumpxml directly after starting the hostdev network 1052114 - guest fail to start with permission denied error when with gluster volume 1056902 - virsh attach-interface/detach-interface mishandles inactive configuration on device hot(un)plug commands 1062142 - live snapshot merge (commit) of the active layer 1064770 - Fail to update floor attribute of QoS using updateDeviceFlags 1066280 - Fail to restore guest from the save file while set the static selinux lable for the guest and set the relabel='no' in the guest's xml 1066894 - Implement for libvirt guest's xml for security label 1067338 - Mem leak while start a guest with a character followed 1069784 - block commit/pull support for disks using libgfapi volumes 1070680 - cpu-stats boundary value problem 1071095 - Libvirt report incorrect error message when parsing invalid value of CTRL_IP_LEARNING in nwfilter 1072141 - "pool-list --type gluster" list other types pool 1072292 - Libvirt report incorrect message when starting domain with nwfilter whose chain priority is greater than its filter rule priority 1072653 - vol-upload should change the volume target format type after uploading a different format file to it 1072677 - Incorrect error message when hot-plugging interface with an inexistence nwfilter 1073368 - [libvirt] can create live snapshot of passthrough device (iSCSI LUN or block device) 1075290 - gluster option is not showed in virsh --version=long 1075299 - Failed to get the vol-name by giving volume path in gluster pool. 1075543 - Libvirt does not terminate when DHCP snooping is being used 1076098 - [RFE] allow setting video ram size (vgamem_mb) for qemu vga cards. 1076725 - libvirt: Multi-node NUMA policy assignment 1076957 - Expose huge pages information through libvirt API 1076959 - Expose host hardware support for I/O virtualization via libvirt API 1076960 - Expose interface speed and link information via API 1076962 - Expose PCIe BW and lane information through API 1076989 - Enable complex memory requirements for virtual machines 1077009 - It shouldn't be permitted to change the uuid of a nwfilter 1077572 - Python setInterfaceParameters function is broken 1078590 - use of tls with libvirt.so can leave zombie processes 1079162 - The guest will be destroyed abnormally while revert the guest's snapshot which took in "pmsuspended" status 1079173 - libvirt can not do vol-download for gluster pool volume 1080859 - [Snapshot Doc] In snapshot-create-as manual page, supported snapshot type should be no, internal and external 1081461 - Dropped guest network connection during migration (before it finished) 1081881 - Fail to start guest with 2 displays mixed with port allocated automatically and fixed port. 1081932 - the return value of API virNodeDevice.listCaps() is not correct 1082124 - RHEL7 libvirt vs older qemu: unable to execute QEMU command 'qom-get': The command qom-get has not been found 1082521 - The sg disk is not really shared within 2 guests 1083345 - The --memspec parameters "snapshot=no" doesn't work when creating internal disk snapshot 1084360 - [doc] Document behavior of --reuse-external (VIR_DOMAIN_SNAPSHOT_CREATE_REUSE_EXT) 1085706 - virsh numatune should forbid to accept int as parameter values 1085769 - [Stroage][vol-clone] Volume was cloned successfully when passing an non-existing pool 1086121 - Improve the error message when failed to restore a guest with a not availabe disk with startupPolicy='optional' 1086704 - Don't allow aio=native without cache=none 1087104 - [Storage][vol-download] virsh cmd vol-download works with option offset and length by passing a negative integer 1088667 - [storage] some volume related virsh commands work when the passed volume is not one volume of the passed pool 1088787 - Libvirt should clean up socket file on destroyed domain with UNIX character device 1088864 - nwfilter deadlock 1088901 - Fail to do external disk-only snapshot when guest use FC storage 1089179 - The error is inaccurate when create snapshot with memspec snapshot=external and diskspec snapshot=no 1091866 - volume is disappered after vol-wipe with logical type pool 1092253 - Improve the error message when blockpull with a wrong base path 1092363 - [RHEL7] Virsh cmd maxvcpus returns 255 for kvm type, but the maximum number of vcpus supported by kvm is 160. 1093127 - RFE: report NUMA node locality for PCI devices 1095035 - [RHEL7][Storage]The "lazy_refcounts" feature was missing in the xml printed by vol-dumpxml for a qcow3 disk in a native gluster pool 1095636 - SELinux prevent qemu from attaching tuntap queues 1097028 - Don't fail starting domain without cpu, cpuset and cpuacct cgroups controllers 1097503 - guest will be paused and can't resume when do external system checkpoint snapshot with wrong compression format 1097677 - libvirt loses track of hotplugged vcpus after daemon restart 1097968 - libvirt-python API baselineCPU doesn't generate exception 1098659 - libvirt binds only to ipv6 1099978 - Maintain relative path to backing file image during live merge (block-commit) 1100769 - blkiotune weight range should be (10, 1000) 1101059 - virsh vcpupin need accurate error message when --vcpu argument is negative 1101510 - no need to require iptables-ipv6 1101731 - Rebase libvirt to current upstream release 1101987 - Libvirt should report error when try to revert guest to external system checkpoint snapshot 1101999 - virt-xml-validate should pass when netfs pool xml with glusterfs backend 1102611 - The running guest will disappear while change the security_driver from "none" to "selinux" 1103245 - libvirt reset rtc interrupt backlog after guest-set-time 1104992 - Guest fail to start while disks use same no-exist source file even though with startupPolicy='optional' 1104993 - Garbage characters show in the output of pool-name with no-exist pool UUID 1105939 - Fail to start guest while disable the default security labeling 1108593 - Libvirtd will crash while start a guest which DAC's seclabel type='none' in guest's xml 1110198 - domblkinfo doesn't work when guest use glusterfs as source 1110212 - The error info is not correct when do blockcommit with --base and --top point to same source 1110673 - typo errors in man page VIRSH(1) 1111044 - capabilities mode hostdev shouldn't be added in KVM 1112939 - libvirt should prompt more readable error message while ide/sata bus disk do not support readonly 1113116 - [RFE] add API to query the stats of multiple VMs at once 1113332 - python bindings for graphics event have wrong value for address type 1113668 - libvirt failed to start a domain with unix+guestfwd channel 1113861 - The guest will disappear after restart the libvirtd service while set seclabel type='static' model='none' relabel='yes'/> in guest's xml. 1113868 - domxml-to-native fails for spice graphics with autoport='yes' when spice_tls is disabled 1115898 - [RFE] Add events for cputune and iotune change 1118710 - The error info is not accurate when do vol-wipe with volume based on gluster pool 1119206 - RFE: Multiple virtio-rng devices support 1119215 - Generate the redundant record in guest's xml while configure the same listen address in guest's xm 1119387 - The default behavor of abort block job with pivot flag isn't sync 1119592 - libvirt will report error after use pool-build in Non-root mode(qemu:///session) 1119784 - QMP: extend block events with error information 1121837 - numatune can use nodeset 0,^0 but can't edit xml like this 1121955 - virsh command takes long time to finish after set "log_level = 1" only 1122255 - 'virsh desc $dom blah' doesn't survive libvirtd restart 1122455 - libvirt should refuse to start domain with unsupported/useless min-guarantee element in qemu driver 1122973 - missing pci address for vga devices 1126329 - Libvirt should forbid using relative path to the new overaly snapshot image for external snapshots 1126721 - [Doc] Attribute name vlan-id should be vlanid in nwfilter xml docs 1126909 - Wrong block job type reported for active layer commit 1126991 - [libvirt] expose ivshmem 1128097 - Can't use domiftune --inbound 0 or --outbound 0 to clear inbound or outbound settings for a shut off guest 1128751 - isn't always formated as it should be 1129207 - libvirtd will crash after do managedsave the same guest in the same time 1129372 - Failed to start domain with specified cputune after decreasing vcpu number 1129998 - numatune --mode can't work well 1130089 - Possible deadlock when the domain is destroyed on destination during migration 1130379 - [Doc]no manual about metadata command in virsh manual 1131306 - number range should be checked for the 4 new options of blkiotune 1131445 - Could not show process info for migration at once. 1131788 - blkdeviotune should can be used in session mode 1131811 - The iotune element will disappear from the guest's xml while set an invalid value 1131819 - Libvirtd crash while set blkdeviotune with the hotplug disk and specify the --config option 1131876 - The range for blkdeviotune was different in guest's xml and virsh command line 1131897 - virDomainSetMemoryFlags doesn't process flag VIR_DOMAIN_MEM_MAXIMUM for LXC 1132301 - Error msg is not right for option -k and -K against virsh command 1132305 - option -k and -K should point out range of reasonable values against virsh command 1132347 - Libvirt crash after defining/editing macvtap network pool with
elements 1134154 - snapshot's race condition 1134454 - pkg-config --libs contains cflags 1135169 - blockcopy job was cancel by "CTRL+C" while it show there still be one block job in background 1135339 - active commit will be cancelled by another commit 1135396 - Honor hugepage settings on UMA guest 1135431 - libvirt should pass "-enable-fips" to QEMU 1135955 - The usage for migrate's option --auto-converge missed in virsh man page 1136736 - Failed to remove libvirt-daemon-1.2.8-1.el7.x86_64 package 1138221 - Fail to managedsave while configure in the guest's xml 1138231 - Report better error when backing chain detection fails 1138487 - one of guest will be shut off when restart libvirtd while disable the default security labeling 1138545 - guest NUMA cannot start when automatic NUMA placement 1139567 - virsh cmd will hang when remove blockcopy file 1140085 - guest interface which use existing bridge source bridge will disappear after libvirtd restart 1140981 - Libvirt should post more accurate error when do blockpull with qemu-kvm 1140984 - sub-element in ... change after create external disk snapshot 1141209 - Back port selected upstream Coverity resolutions since 1.2.8 1141621 - libvirtd will crashed after hot-plug a virtual NIC to a guest which use qemu-attach connect to libvirtd 1141732 - wrong QMP argument 'id' when detaching iscsi hostdev 1141943 - libvirtd crash when defining scsi storage pool 1142294 - libvirt should report error when failed to use domtime to set a guest time 1142693 - [RFE] Add a qemu resume hook that is able to preprocess the domain XML 1142722 - libvirtd dead while destroy one guest with block disk 1143780 - Deadlock on nwfilter when taking same concurrent jobs 1143955 - libvirtd crashed after running "virsh metadata --remove" command 1144303 - memory leak when starting a domain with cpu mode='host-model' 1144920 - libvirtd crashed after use qemu-monitor-event --regex to a running guest 1144922 - wrong backingStore info after blockpull and destroy/start guest 1145048 - freepages argument has wrong unit and range 1145050 - API virNodeGetFreePages need report specific error when node out of range 1146511 - Updating blkdeviotune for live domain doesn't survive restarting the libvirtd 1146550 - USB Redirection no longer works: Permission Denied 1146837 - Libvirtd crash when defining scsi pool with 'scsi_host' type adapter and parentaddr attribute 1147331 - [migration] Tunnelled migration failed 1147494 - libvirtd crashes when starting a domain with 0 cpu shares 1147584 - save/managedsave doesn't work with host-passthrough 1150322 - libvirt should recognize __com.redhat_change-backing-file for relative path preservation 1150505 - Domain is out of control from libvirt when running some concurrent define/undefine/start/destroy jobs rapidly 1151718 - Permission denied when create external snapshot for guest whose source file based on nfs 1151885 - libvirtd loses track of a running restored guest with host-passthrough cpu 1152382 - [NPIV] The volume in scsi pool appears only after refreshing pool 1155410 - An LXC domain without console dies soon after start 1155441 - forbid NIC offloads change on the fly using update-device 1155458 - libvirt can not save mode='client' of vhostuser interface to domain xml 1156288 - libvirtd crashed on disk snapshot with rdma glusterfs image 1156367 - network using host bridge gets a MAC on libvirt update 1158715 - A memory error report when use domstats 1159227 - lxc domain startup is slow 1159245 - repeated migration with NBD fails 1160084 - domfsfreeze and domfsthaw cannot work well when guest restart 1160212 - libvirt doesn't stop the NBD server after migration 1160565 - Libvirt should check if the parent defined in xml matches the wwn of vHBA when starting pool 1160926 - Destroying 'fc_host' pool the HBA is NOT destroyed when not using 'parent' attribute 1161024 - libvirtd crashes after device hot-unplug crashes qemu 1161124 - small memory leak in migration 1161358 - [ACL] polkit: wrong attribute name 'interface_mac' for network interface in the documentation 1161540 - kvm_init_vcpu failed for cpu hot-plugging in NUMA 1162097 - crash after attempted spice channel hotplug 1162208 - libvirtd occasionally crashes at the end of migration 1162915 - net-event should not report unsuccessful event 1162974 - external disk snapshot with fault glusterfs snapshot xml crash libvirtd 1163463 - use after free in callers of virNetDevLinkDump 1163953 - No way to turn off rdma-pin-all once it was turned on 1164528 - VM with a storage volume that contains a RBD volume in the backing chain fails to start 1166592 - Failed to create logical volume with specified xml 1167145 - networkMigrateStateFiles function does not work on xfs file system due to using unsupported t_type field 1167883 - Report job type in virDomainGetJobInfo 1168866 - "libvirtError: Unable to write to '/sys/fs/cgroup/cpuset/machine.slice/machine-qemu\x2dinstance\x2d00000002.scope/cpuset.mems': Device or resource busy" 1169409 - Libvirt will crash with segfault if you try to set non-existing nwfilter to network interface for live guest 1170484 - guest can not start when setting " vcpu placement='auto' " 1174053 - libvirtd crash when try to cold plug a network iscsi hostdev which guest already have a iscsi hostdev 1174090 - extra space will be added to xml when update a network 1174859 - missing support for -spice disable-agent-file-xfer qemu commandline option 1175234 - virDomainGetSchedulerParameters() fails with Unable to read from '/sys/fs/cgroup/cpu,cpuacct/machine.slice/machine-qemu\x2dMic2.scope/cpu.shares': No such file or directory 1175397 - memdev= option is not supported on rhel6 machine-types 1175668 - Attach a usb disk to guest failed. 1175709 - Unable to start guest with hugepages and strict numa pinning 1176176 - CVE-2014-8136 libvirt: local denial of service in qemu/qemu_driver.c 1177194 - Fail to Migrate with Bridged network, eth + macvtap ,with different interface name on two hosts 1180136 - Memory leak when parsing invalid network XML 1180574 - migration rhel7.1 -> rhel7.0 wont work if you set "ram" < 2*"vgamem" for QXL device 1181052 - update default vgamem size from 8 MiB to 16 MiB 1181157 - libvirtError: argument unsupported: QEMU driver does not support element 1181408 - Libvirtd crash while hotplug the guest agent without target type for many times 1182448 - cpu features are not formatted in XML for host-model 1182486 - libvirtd crashed when updating a IPv6 and a IPv4 into a IPv4 element 1184431 - CVE-2015-0236 libvirt: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save images and snapshots objects 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libvirt-1.2.8-16.el7.src.rpm x86_64: libvirt-1.2.8-16.el7.x86_64.rpm libvirt-client-1.2.8-16.el7.i686.rpm libvirt-client-1.2.8-16.el7.x86_64.rpm libvirt-daemon-1.2.8-16.el7.x86_64.rpm libvirt-daemon-config-network-1.2.8-16.el7.x86_64.rpm libvirt-daemon-config-nwfilter-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-interface-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-lxc-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-network-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-nodedev-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-nwfilter-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-qemu-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-secret-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-storage-1.2.8-16.el7.x86_64.rpm libvirt-daemon-kvm-1.2.8-16.el7.x86_64.rpm libvirt-debuginfo-1.2.8-16.el7.i686.rpm libvirt-debuginfo-1.2.8-16.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libvirt-daemon-lxc-1.2.8-16.el7.x86_64.rpm libvirt-debuginfo-1.2.8-16.el7.i686.rpm libvirt-debuginfo-1.2.8-16.el7.x86_64.rpm libvirt-devel-1.2.8-16.el7.i686.rpm libvirt-devel-1.2.8-16.el7.x86_64.rpm libvirt-docs-1.2.8-16.el7.x86_64.rpm libvirt-lock-sanlock-1.2.8-16.el7.x86_64.rpm libvirt-login-shell-1.2.8-16.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libvirt-1.2.8-16.el7.src.rpm x86_64: libvirt-client-1.2.8-16.el7.i686.rpm libvirt-client-1.2.8-16.el7.x86_64.rpm libvirt-debuginfo-1.2.8-16.el7.i686.rpm libvirt-debuginfo-1.2.8-16.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libvirt-1.2.8-16.el7.x86_64.rpm libvirt-daemon-1.2.8-16.el7.x86_64.rpm libvirt-daemon-config-network-1.2.8-16.el7.x86_64.rpm libvirt-daemon-config-nwfilter-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-interface-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-lxc-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-network-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-nodedev-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-nwfilter-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-qemu-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-secret-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-storage-1.2.8-16.el7.x86_64.rpm libvirt-daemon-kvm-1.2.8-16.el7.x86_64.rpm libvirt-daemon-lxc-1.2.8-16.el7.x86_64.rpm libvirt-debuginfo-1.2.8-16.el7.i686.rpm libvirt-debuginfo-1.2.8-16.el7.x86_64.rpm libvirt-devel-1.2.8-16.el7.i686.rpm libvirt-devel-1.2.8-16.el7.x86_64.rpm libvirt-docs-1.2.8-16.el7.x86_64.rpm libvirt-lock-sanlock-1.2.8-16.el7.x86_64.rpm libvirt-login-shell-1.2.8-16.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libvirt-1.2.8-16.el7.src.rpm ppc64: libvirt-1.2.8-16.el7.ppc64.rpm libvirt-client-1.2.8-16.el7.ppc.rpm libvirt-client-1.2.8-16.el7.ppc64.rpm libvirt-daemon-1.2.8-16.el7.ppc64.rpm libvirt-daemon-config-network-1.2.8-16.el7.ppc64.rpm libvirt-daemon-config-nwfilter-1.2.8-16.el7.ppc64.rpm libvirt-daemon-driver-interface-1.2.8-16.el7.ppc64.rpm libvirt-daemon-driver-lxc-1.2.8-16.el7.ppc64.rpm libvirt-daemon-driver-network-1.2.8-16.el7.ppc64.rpm libvirt-daemon-driver-nodedev-1.2.8-16.el7.ppc64.rpm libvirt-daemon-driver-nwfilter-1.2.8-16.el7.ppc64.rpm libvirt-daemon-driver-qemu-1.2.8-16.el7.ppc64.rpm libvirt-daemon-driver-secret-1.2.8-16.el7.ppc64.rpm libvirt-daemon-driver-storage-1.2.8-16.el7.ppc64.rpm libvirt-debuginfo-1.2.8-16.el7.ppc.rpm libvirt-debuginfo-1.2.8-16.el7.ppc64.rpm libvirt-devel-1.2.8-16.el7.ppc.rpm libvirt-devel-1.2.8-16.el7.ppc64.rpm libvirt-docs-1.2.8-16.el7.ppc64.rpm s390x: libvirt-1.2.8-16.el7.s390x.rpm libvirt-client-1.2.8-16.el7.s390.rpm libvirt-client-1.2.8-16.el7.s390x.rpm libvirt-daemon-1.2.8-16.el7.s390x.rpm libvirt-daemon-config-network-1.2.8-16.el7.s390x.rpm libvirt-daemon-config-nwfilter-1.2.8-16.el7.s390x.rpm libvirt-daemon-driver-interface-1.2.8-16.el7.s390x.rpm libvirt-daemon-driver-lxc-1.2.8-16.el7.s390x.rpm libvirt-daemon-driver-network-1.2.8-16.el7.s390x.rpm libvirt-daemon-driver-nodedev-1.2.8-16.el7.s390x.rpm libvirt-daemon-driver-nwfilter-1.2.8-16.el7.s390x.rpm libvirt-daemon-driver-secret-1.2.8-16.el7.s390x.rpm libvirt-daemon-driver-storage-1.2.8-16.el7.s390x.rpm libvirt-debuginfo-1.2.8-16.el7.s390.rpm libvirt-debuginfo-1.2.8-16.el7.s390x.rpm libvirt-devel-1.2.8-16.el7.s390.rpm libvirt-devel-1.2.8-16.el7.s390x.rpm libvirt-docs-1.2.8-16.el7.s390x.rpm x86_64: libvirt-1.2.8-16.el7.x86_64.rpm libvirt-client-1.2.8-16.el7.i686.rpm libvirt-client-1.2.8-16.el7.x86_64.rpm libvirt-daemon-1.2.8-16.el7.x86_64.rpm libvirt-daemon-config-network-1.2.8-16.el7.x86_64.rpm libvirt-daemon-config-nwfilter-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-interface-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-lxc-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-network-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-nodedev-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-nwfilter-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-qemu-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-secret-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-storage-1.2.8-16.el7.x86_64.rpm libvirt-daemon-kvm-1.2.8-16.el7.x86_64.rpm libvirt-debuginfo-1.2.8-16.el7.i686.rpm libvirt-debuginfo-1.2.8-16.el7.x86_64.rpm libvirt-devel-1.2.8-16.el7.i686.rpm libvirt-devel-1.2.8-16.el7.x86_64.rpm libvirt-docs-1.2.8-16.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libvirt-daemon-lxc-1.2.8-16.el7.ppc64.rpm libvirt-debuginfo-1.2.8-16.el7.ppc64.rpm libvirt-lock-sanlock-1.2.8-16.el7.ppc64.rpm libvirt-login-shell-1.2.8-16.el7.ppc64.rpm s390x: libvirt-daemon-lxc-1.2.8-16.el7.s390x.rpm libvirt-debuginfo-1.2.8-16.el7.s390x.rpm libvirt-login-shell-1.2.8-16.el7.s390x.rpm x86_64: libvirt-daemon-lxc-1.2.8-16.el7.x86_64.rpm libvirt-debuginfo-1.2.8-16.el7.x86_64.rpm libvirt-lock-sanlock-1.2.8-16.el7.x86_64.rpm libvirt-login-shell-1.2.8-16.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libvirt-1.2.8-16.el7.src.rpm x86_64: libvirt-1.2.8-16.el7.x86_64.rpm libvirt-client-1.2.8-16.el7.i686.rpm libvirt-client-1.2.8-16.el7.x86_64.rpm libvirt-daemon-1.2.8-16.el7.x86_64.rpm libvirt-daemon-config-network-1.2.8-16.el7.x86_64.rpm libvirt-daemon-config-nwfilter-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-interface-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-lxc-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-network-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-nodedev-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-nwfilter-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-qemu-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-secret-1.2.8-16.el7.x86_64.rpm libvirt-daemon-driver-storage-1.2.8-16.el7.x86_64.rpm libvirt-daemon-kvm-1.2.8-16.el7.x86_64.rpm libvirt-debuginfo-1.2.8-16.el7.i686.rpm libvirt-debuginfo-1.2.8-16.el7.x86_64.rpm libvirt-devel-1.2.8-16.el7.i686.rpm libvirt-devel-1.2.8-16.el7.x86_64.rpm libvirt-docs-1.2.8-16.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libvirt-daemon-lxc-1.2.8-16.el7.x86_64.rpm libvirt-debuginfo-1.2.8-16.el7.x86_64.rpm libvirt-lock-sanlock-1.2.8-16.el7.x86_64.rpm libvirt-login-shell-1.2.8-16.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8136 https://access.redhat.com/security/cve/CVE-2015-0236 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+G2FXlSAg2UNWIIRAt6BAJ0dU65z6s/tiZCo7wJ7woSK/lE/BQCfRIz4 RqgEguJ1FT67e1HVYLzvRdc= =uR7R -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:52:45 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:52:45 +0000 Subject: [RHSA-2015:0301-02] Moderate: hivex security, bug fix, and enhancement update Message-ID: <201503051452.t25EqjSt004334@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: hivex security, bug fix, and enhancement update Advisory ID: RHSA-2015:0301-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0301.html Issue date: 2015-03-05 CVE Names: CVE-2014-9273 ===================================================================== 1. Summary: Updated hivex packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Hive files are undocumented binary files that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these files. It was found that hivex attempted to read beyond its allocated buffer when reading a hive file with a very small size or with a truncated or improperly formatted content. An attacker able to supply a specially crafted hive file to an application using the hivex library could possibly use this flaw to execute arbitrary code with the privileges of the user running that application. (CVE-2014-9273) Red Hat would like to thank Mahmoud Al-Qudsi of NeoSmart Technologies for reporting this issue. The hivex package has been upgraded to upstream version 1.3.10, which provides a number of bug fixes and enhancements over the previous version. (BZ#1023978) This update also fixes the following bugs: * Due to an error in the hivex_value_data_cell_offset() function, the hivex utility could, in some cases, print an "Argument list is too long" message and terminate unexpectedly when processing hive files from the Windows Registry. This update fixes the underlying code and hivex now processes hive files as expected. (BZ#1145056) * A typographical error in the Win::Hivex.3pm manual page has been corrected. (BZ#1099286) Users of hivex are advised to upgrade to these updated packages, which correct these issues and adds these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1023978 - Rebase hivex in RHEL 7.1 1099286 - typo error in man page 1145056 - hivexml generate "Argument list too long" on some Windows Registry 1158992 - CVE-2014-9273 hivex: missing checks for small-sized files [rhel-7.1] 1167756 - CVE-2014-9273 hivex: missing checks for small-sized files 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: hivex-1.3.10-5.7.el7.src.rpm x86_64: hivex-1.3.10-5.7.el7.i686.rpm hivex-1.3.10-5.7.el7.x86_64.rpm hivex-debuginfo-1.3.10-5.7.el7.i686.rpm hivex-debuginfo-1.3.10-5.7.el7.x86_64.rpm perl-hivex-1.3.10-5.7.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: hivex-debuginfo-1.3.10-5.7.el7.i686.rpm hivex-debuginfo-1.3.10-5.7.el7.x86_64.rpm hivex-devel-1.3.10-5.7.el7.i686.rpm hivex-devel-1.3.10-5.7.el7.x86_64.rpm ocaml-hivex-1.3.10-5.7.el7.x86_64.rpm ocaml-hivex-devel-1.3.10-5.7.el7.x86_64.rpm python-hivex-1.3.10-5.7.el7.x86_64.rpm ruby-hivex-1.3.10-5.7.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: hivex-1.3.10-5.7.el7.src.rpm x86_64: hivex-1.3.10-5.7.el7.i686.rpm hivex-1.3.10-5.7.el7.x86_64.rpm hivex-debuginfo-1.3.10-5.7.el7.i686.rpm hivex-debuginfo-1.3.10-5.7.el7.x86_64.rpm perl-hivex-1.3.10-5.7.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): x86_64: hivex-debuginfo-1.3.10-5.7.el7.i686.rpm hivex-debuginfo-1.3.10-5.7.el7.x86_64.rpm hivex-devel-1.3.10-5.7.el7.i686.rpm hivex-devel-1.3.10-5.7.el7.x86_64.rpm ocaml-hivex-1.3.10-5.7.el7.x86_64.rpm ocaml-hivex-devel-1.3.10-5.7.el7.x86_64.rpm python-hivex-1.3.10-5.7.el7.x86_64.rpm ruby-hivex-1.3.10-5.7.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: hivex-1.3.10-5.7.el7.src.rpm x86_64: hivex-1.3.10-5.7.el7.i686.rpm hivex-1.3.10-5.7.el7.x86_64.rpm hivex-debuginfo-1.3.10-5.7.el7.i686.rpm hivex-debuginfo-1.3.10-5.7.el7.x86_64.rpm perl-hivex-1.3.10-5.7.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: hivex-debuginfo-1.3.10-5.7.el7.i686.rpm hivex-debuginfo-1.3.10-5.7.el7.x86_64.rpm hivex-devel-1.3.10-5.7.el7.i686.rpm hivex-devel-1.3.10-5.7.el7.x86_64.rpm ocaml-hivex-1.3.10-5.7.el7.x86_64.rpm ocaml-hivex-devel-1.3.10-5.7.el7.x86_64.rpm python-hivex-1.3.10-5.7.el7.x86_64.rpm ruby-hivex-1.3.10-5.7.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9273 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+G21XlSAg2UNWIIRAjXlAKC2Ky/2O69op28Vq8t+MscCIKyMiQCeKsi8 mQMp17f7h6xxy00NyVCW4wY= =wWZK -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 14:55:31 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 14:55:31 +0000 Subject: [RHSA-2015:0629-01] Critical: firefox security update Message-ID: <201503051455.t25EtWEx008669@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2015:0629-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0629.html Issue date: 2015-03-05 CVE Names: CVE-2015-0822 CVE-2015-0827 CVE-2015-0831 CVE-2015-0836 ===================================================================== 1. Summary: Updated firefox packages that fix multiple security issues are now available for the little-endian 64-bit PowerPC platform architecture (ppc64le) on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 7) - ppc64le 3. Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0836, CVE-2015-0831, CVE-2015-0827) An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file. (CVE-2015-0822) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Liz Henry, Byron Campen, Tom Schuster, Ryan VanderMeulen, Paul Bandha, Abhishek Arya, and Armin Razmdjou as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.5.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 31.5.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1195605 - CVE-2015-0836 Mozilla: Miscellaneous memory safety hazards (rv:31.5) (MFSA 2015-11) 1195619 - CVE-2015-0831 Mozilla: Use-after-free in IndexedDB (MFSA 2015-16) 1195623 - CVE-2015-0827 Mozilla: Out-of-bounds read and write while rendering SVG content (MFSA 2015-19) 1195638 - CVE-2015-0822 Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24) 6. Package List: Red Hat Enterprise Linux Server (v. 7): Source: firefox-31.5.0-2.ael7b_1.src.rpm ppc64le: firefox-31.5.0-2.ael7b_1.ppc64le.rpm firefox-debuginfo-31.5.0-2.ael7b_1.ppc64le.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0822 https://access.redhat.com/security/cve/CVE-2015-0827 https://access.redhat.com/security/cve/CVE-2015-0831 https://access.redhat.com/security/cve/CVE-2015-0836 https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+G5VXlSAg2UNWIIRAtWCAKCbnJ73dEEEmCmOik+RaUcdWE1zegCgqtsa uua3CK6wpo5aF4+rNaZij88= =GDtr -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 20:34:11 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 20:34:11 +0000 Subject: [RHSA-2015:0642-01] Important: thunderbird security update Message-ID: <201503052034.t25KYBt6028397@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: thunderbird security update Advisory ID: RHSA-2015:0642-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0642.html Issue date: 2015-03-05 CVE Names: CVE-2015-0822 CVE-2015-0827 CVE-2015-0831 CVE-2015-0836 ===================================================================== 1. Summary: An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-0836, CVE-2015-0831, CVE-2015-0827) An information leak flaw was found in the way Thunderbird implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file. (CVE-2015-0822) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Liz Henry, Byron Campen, Tom Schuster, Ryan VanderMeulen, Paul Bandha, Abhishek Arya, and Armin Razmdjou as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 31.5.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 31.5.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1195605 - CVE-2015-0836 Mozilla: Miscellaneous memory safety hazards (rv:31.5) (MFSA 2015-11) 1195619 - CVE-2015-0831 Mozilla: Use-after-free in IndexedDB (MFSA 2015-16) 1195623 - CVE-2015-0827 Mozilla: Out-of-bounds read and write while rendering SVG content (MFSA 2015-19) 1195638 - CVE-2015-0822 Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: thunderbird-31.5.0-2.el7_1.src.rpm x86_64: thunderbird-31.5.0-2.el7_1.x86_64.rpm thunderbird-debuginfo-31.5.0-2.el7_1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: thunderbird-31.5.0-2.el7_1.src.rpm x86_64: thunderbird-31.5.0-2.el7_1.x86_64.rpm thunderbird-debuginfo-31.5.0-2.el7_1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: thunderbird-31.5.0-2.ael7b_1.src.rpm ppc64le: thunderbird-31.5.0-2.ael7b_1.ppc64le.rpm thunderbird-debuginfo-31.5.0-2.ael7b_1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: thunderbird-31.5.0-2.el7_1.src.rpm x86_64: thunderbird-31.5.0-2.el7_1.x86_64.rpm thunderbird-debuginfo-31.5.0-2.el7_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0822 https://access.redhat.com/security/cve/CVE-2015-0827 https://access.redhat.com/security/cve/CVE-2015-0831 https://access.redhat.com/security/cve/CVE-2015-0836 https://access.redhat.com/security/updates/classification/#important https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird31.5 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+L1XXlSAg2UNWIIRAgMhAJ4y5yHcquaoOOiqNxNp6RCRYms3lACePJMI l7FjjGqpSRpMhM9V5UQupEM= =sWeM -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 20:36:01 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 20:36:01 +0000 Subject: [RHSA-2015:0644-01] Low: openstack-glance security and bug fix update Message-ID: <201503052036.t25Ka1x1017629@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: openstack-glance security and bug fix update Advisory ID: RHSA-2015:0644-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0644.html Issue date: 2015-03-05 CVE Names: CVE-2014-9623 ===================================================================== 1. Summary: Updated openstack-glance packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 6.0 for RHEL 7 - noarch 3. Description: OpenStack Image service (glance) provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. A storage quota bypass flaw was found in OpenStack Image (glance). If an image was deleted while it was being uploaded, it would not count towards a user's quota. A malicious user could use this flaw to deliberately fill the backing store, and cause a denial of service. (CVE-2014-9623) Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges Tushar Patil of NTT as the original reporter. The openstack-glance packages have been upgraded to upstream version 2014.2.2, which provides a number of bug fixes over the previous version. (BZ#1188390) All openstack-glance users are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 911568 - [Tracking] Swift+Glance stops working after changing service password 1175367 - python-glanceclient requires python-oslo-utils 1183647 - CVE-2014-9623 openstack-glance: user storage quota bypass 1188390 - Rebase openstack-glance to 2014.2.2 6. Package List: Red Hat Enterprise Linux OpenStack Platform 6.0 for RHEL 7: Source: openstack-glance-2014.2.2-1.el7ost.src.rpm python-glanceclient-0.14.2-2.el7ost.src.rpm noarch: openstack-glance-2014.2.2-1.el7ost.noarch.rpm openstack-glance-doc-2014.2.2-1.el7ost.noarch.rpm python-glance-2014.2.2-1.el7ost.noarch.rpm python-glanceclient-0.14.2-2.el7ost.noarch.rpm python-glanceclient-doc-0.14.2-2.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9623 https://access.redhat.com/security/updates/classification/#low https://wiki.openstack.org/wiki/ReleaseNotes/2014.2.2 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+L4kXlSAg2UNWIIRApjuAJ0VO/xVQ1CaQZskTu7N2pnWxOIIMwCfb9PS 5NGRU5P8PfhoFupgAErKc90= =rRyL -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 20:36:27 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 20:36:27 +0000 Subject: [RHSA-2015:0645-01] Important: redhat-access-plugin-openstack security update Message-ID: <201503052036.t25KaR2k011932@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: redhat-access-plugin-openstack security update Advisory ID: RHSA-2015:0645-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0645.html Issue date: 2015-03-05 CVE Names: CVE-2015-0271 ===================================================================== 1. Summary: An updated redhat-access-plugin-openstack package that fixes one security issue is now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 6.0 for RHEL 7 - noarch 3. Description: The Red Hat Support plug-in for Red Hat OpenStack is a Technology Preview feature which offers seamless integrated access to Red Hat subscription services from the Red Hat OpenStack administration portal. The plug-in provides automated functionality that enables quicker help, answers, and proactive services. It offers easy and instant access to Red Hat exclusive knowledge, resources, engagement, and diagnostic features. It was found that the local log-viewing function of the redhat-access-plugin for OpenStack Dashboard (horizon) did not sanitize user input. An authenticated user could use this flaw to read an arbitrary file with the permissions of the web server. (CVE-2015-0271) Red Hat would like to thank Sara Perez Merino of SensePost for reporting this issue. All redhat-access-plugin-openstack users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1193638 - CVE-2015-0271 OpenStack dashboard: log file arbitrary file retrieval 6. Package List: Red Hat Enterprise Linux OpenStack Platform 6.0 for RHEL 7: Source: redhat-access-plugin-openstack-6.0.3-0.el7ost.src.rpm noarch: redhat-access-plugin-openstack-6.0.3-0.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0271 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+L5AXlSAg2UNWIIRAjeaAKCDE77vXFjQvc5v2RAHJvLwbJ9QjwCdF/Db HSkKsarsI0FyPLfYixp7Css= =FMZp -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 5 21:47:42 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Mar 2015 21:47:42 +0000 Subject: [RHSA-2015:0643-01] Important: qemu-kvm-rhev security update Message-ID: <201503052147.t25Llgqh010524@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm-rhev security update Advisory ID: RHSA-2015:0643-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0643.html Issue date: 2015-03-05 CVE Names: CVE-2014-8106 ===================================================================== 1. Summary: Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 6.0 for RHEL 7 - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM, in environments managed by Red Hat Enterprise Linux OpenStack Platform. It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. (CVE-2014-8106) This issue was found by Paolo Bonzini of Red Hat. All users of qemu-kvm-rhev are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1169454 - CVE-2014-8106 qemu: cirrus: insufficient blit region checks 6. Package List: Red Hat Enterprise Linux OpenStack Platform 6.0 for RHEL 7: Source: qemu-kvm-rhev-2.1.2-23.el7.src.rpm x86_64: libcacard-devel-rhev-2.1.2-23.el7.x86_64.rpm libcacard-rhev-2.1.2-23.el7.x86_64.rpm libcacard-tools-rhev-2.1.2-23.el7.x86_64.rpm qemu-img-rhev-2.1.2-23.el7.x86_64.rpm qemu-kvm-common-rhev-2.1.2-23.el7.x86_64.rpm qemu-kvm-rhev-2.1.2-23.el7.x86_64.rpm qemu-kvm-rhev-debuginfo-2.1.2-23.el7.x86_64.rpm qemu-kvm-tools-rhev-2.1.2-23.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8106 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU+M7yXlSAg2UNWIIRAizcAJoDR1tlwYGtiTmFB8Z3aMdT8BZO0wCaAxhA qjA7CBfTC20KlnCE67Rs/Gg= =tk8K -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 9 15:22:47 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Mar 2015 15:22:47 +0000 Subject: [RHSA-2015:0660-01] Moderate: qpid-cpp security and bug fix update Message-ID: <201503091510.t29FAYCn005552@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qpid-cpp security and bug fix update Advisory ID: RHSA-2015:0660-01 Product: Red Hat Enterprise MRG for RHEL-7 Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0660.html Issue date: 2015-03-09 CVE Names: CVE-2015-0203 CVE-2015-0223 CVE-2015-0224 ===================================================================== 1. Summary: Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat MRG Messaging v.2 for RHEL-7 - noarch, x86_64 3. Description: Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. The Qpid packages provide a message broker daemon that receives, stores and routes messages using the open AMQP messaging protocol along with run-time libraries for AMQP client applications developed using Qpid C++. Clients exchange messages with an AMQP message broker using the AMQP protocol. It was discovered that the Qpid daemon (qpidd) did not restrict access to anonymous users when the ANONYMOUS mechanism was disallowed. (CVE-2015-0223) Multiple flaws were found in the way the Qpid daemon (qpidd) processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set could use these flaws to crash qpidd. (CVE-2015-0203, CVE-2015-0224) Red Hat would like to thank the Apache Software Foundation for reporting the CVE-2015-0203 issue. Upstream acknowledges G. Geshev from MWR Labs as the original reporter. This update also fixes the following bug: * Prior to this update, because message purging was performed on a timer thread, large purge events could have caused all other timer tasks to be delayed. Because heartbeats were also driven by a timer on this thread, this could have resulted in clients timing out because they were not receiving heartbeats. The fix moves expired message purging from the timer thread to a worker thread, which allow long-running expired message purges to not affect timer tasks such as the heartbeat timer. (BZ#1142833) All users of Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 7 are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1181721 - CVE-2015-0203 qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling 1186302 - CVE-2015-0224 qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix) 1186308 - CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented 1191759 - MRG-M 2.5.13 RHEL-7 errata placeholder 6. Package List: Red Hat MRG Messaging v.2 for RHEL-7: Source: qpid-cpp-0.18-38.el7.src.rpm noarch: qpid-cpp-client-devel-docs-0.18-38.el7.noarch.rpm x86_64: qpid-cpp-client-0.18-38.el7.x86_64.rpm qpid-cpp-client-devel-0.18-38.el7.x86_64.rpm qpid-cpp-client-rdma-0.18-38.el7.x86_64.rpm qpid-cpp-client-ssl-0.18-38.el7.x86_64.rpm qpid-cpp-debuginfo-0.18-38.el7.x86_64.rpm qpid-cpp-server-0.18-38.el7.x86_64.rpm qpid-cpp-server-cluster-0.18-38.el7.x86_64.rpm qpid-cpp-server-devel-0.18-38.el7.x86_64.rpm qpid-cpp-server-rdma-0.18-38.el7.x86_64.rpm qpid-cpp-server-ssl-0.18-38.el7.x86_64.rpm qpid-cpp-server-store-0.18-38.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0203 https://access.redhat.com/security/cve/CVE-2015-0223 https://access.redhat.com/security/cve/CVE-2015-0224 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU/bfQXlSAg2UNWIIRAipqAJ0VEbi8DWRdfaLN2wJDGbm3LfVu7wCfQRie Zu0BzgWlRAT9oeTNnQbZQew= =hOgS -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 9 15:23:52 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Mar 2015 15:23:52 +0000 Subject: [RHSA-2015:0661-01] Moderate: qpid-cpp security and bug fix update Message-ID: <201503091511.t29FBenr006618@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qpid-cpp security and bug fix update Advisory ID: RHSA-2015:0661-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0661.html Issue date: 2015-03-09 CVE Names: CVE-2015-0203 CVE-2015-0223 CVE-2015-0224 ===================================================================== 1. Summary: Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Grid Execute Node for RHEL 6 ComputeNode v.2 - x86_64 Red Hat MRG Messaging for RHEL 6 Server v.2 - i386, noarch, x86_64 3. Description: Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. The Qpid packages provide a message broker daemon that receives, stores and routes messages using the open AMQP messaging protocol along with run-time libraries for AMQP client applications developed using Qpid C++. Clients exchange messages with an AMQP message broker using the AMQP protocol. It was discovered that the Qpid daemon (qpidd) did not restrict access to anonymous users when the ANONYMOUS mechanism was disallowed. (CVE-2015-0223) Multiple flaws were found in the way the Qpid daemon (qpidd) processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set could use these flaws to crash qpidd. (CVE-2015-0203, CVE-2015-0224) Red Hat would like to thank the Apache Software Foundation for reporting the CVE-2015-0203 issue. Upstream acknowledges G. Geshev from MWR Labs as the original reporter. This update also fixes the following bug: * Prior to this update, because message purging was performed on a timer thread, large purge events could have caused all other timer tasks to be delayed. Because heartbeats were also driven by a timer on this thread, this could have resulted in clients timing out because they were not receiving heartbeats. The fix moves expired message purging from the timer thread to a worker thread, which allow long-running expired message purges to not affect timer tasks such as the heartbeat timer. (BZ#1142833) All users of Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1142833 - Purging TTL expired messages blocks all other timers, causing connection drops 1181721 - CVE-2015-0203 qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling 1186302 - CVE-2015-0224 qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix) 1186308 - CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented 6. Package List: MRG Grid Execute Node for RHEL 6 ComputeNode v.2: Source: qpid-cpp-0.18-38.el6.src.rpm x86_64: qpid-cpp-client-0.18-38.el6.i686.rpm qpid-cpp-client-0.18-38.el6.x86_64.rpm qpid-cpp-client-ssl-0.18-38.el6.i686.rpm qpid-cpp-client-ssl-0.18-38.el6.x86_64.rpm qpid-cpp-debuginfo-0.18-38.el6.i686.rpm qpid-cpp-debuginfo-0.18-38.el6.x86_64.rpm qpid-cpp-server-0.18-38.el6.i686.rpm qpid-cpp-server-0.18-38.el6.x86_64.rpm qpid-cpp-server-ssl-0.18-38.el6.x86_64.rpm Red Hat MRG Messaging for RHEL 6 Server v.2: Source: qpid-cpp-0.18-38.el6.src.rpm i386: qpid-cpp-client-0.18-38.el6.i686.rpm qpid-cpp-client-devel-0.18-38.el6.i686.rpm qpid-cpp-client-rdma-0.18-38.el6.i686.rpm qpid-cpp-client-ssl-0.18-38.el6.i686.rpm qpid-cpp-debuginfo-0.18-38.el6.i686.rpm qpid-cpp-server-0.18-38.el6.i686.rpm qpid-cpp-server-cluster-0.18-38.el6.i686.rpm qpid-cpp-server-devel-0.18-38.el6.i686.rpm qpid-cpp-server-rdma-0.18-38.el6.i686.rpm qpid-cpp-server-ssl-0.18-38.el6.i686.rpm qpid-cpp-server-store-0.18-38.el6.i686.rpm qpid-cpp-server-xml-0.18-38.el6.i686.rpm noarch: qpid-cpp-client-devel-docs-0.18-38.el6.noarch.rpm x86_64: qpid-cpp-client-0.18-38.el6.i686.rpm qpid-cpp-client-0.18-38.el6.x86_64.rpm qpid-cpp-client-devel-0.18-38.el6.x86_64.rpm qpid-cpp-client-rdma-0.18-38.el6.x86_64.rpm qpid-cpp-client-ssl-0.18-38.el6.i686.rpm qpid-cpp-client-ssl-0.18-38.el6.x86_64.rpm qpid-cpp-debuginfo-0.18-38.el6.i686.rpm qpid-cpp-debuginfo-0.18-38.el6.x86_64.rpm qpid-cpp-server-0.18-38.el6.i686.rpm qpid-cpp-server-0.18-38.el6.x86_64.rpm qpid-cpp-server-cluster-0.18-38.el6.x86_64.rpm qpid-cpp-server-devel-0.18-38.el6.x86_64.rpm qpid-cpp-server-rdma-0.18-38.el6.x86_64.rpm qpid-cpp-server-ssl-0.18-38.el6.x86_64.rpm qpid-cpp-server-store-0.18-38.el6.x86_64.rpm qpid-cpp-server-xml-0.18-38.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0203 https://access.redhat.com/security/cve/CVE-2015-0223 https://access.redhat.com/security/cve/CVE-2015-0224 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU/bgZXlSAg2UNWIIRAiIaAJ9lodEj0IVoo+MAEPtV/4DxhbSRmACfSIpg imgHyXQAXg8ezIsVSwgk7Kk= =Uues -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 9 15:25:02 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Mar 2015 15:25:02 +0000 Subject: [RHSA-2015:0662-01] Moderate: qpid-cpp security and bug fix update Message-ID: <201503091512.t29FCnXe000458@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qpid-cpp security and bug fix update Advisory ID: RHSA-2015:0662-01 Product: Red Hat Enterprise MRG for RHEL-5 Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0662.html Issue date: 2015-03-09 CVE Names: CVE-2015-0203 CVE-2015-0223 CVE-2015-0224 ===================================================================== 1. Summary: Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat MRG Messaging for RHEL 5 Server v.2 - i386, x86_64 3. Description: Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. The Qpid packages provide a message broker daemon that receives, stores and routes messages using the open AMQP messaging protocol along with run-time libraries for AMQP client applications developed using Qpid C++. Clients exchange messages with an AMQP message broker using the AMQP protocol. It was discovered that the Qpid daemon (qpidd) did not restrict access to anonymous users when the ANONYMOUS mechanism was disallowed. (CVE-2015-0223) Multiple flaws were found in the way the Qpid daemon (qpidd) processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set could use these flaws to crash qpidd. (CVE-2015-0203, CVE-2015-0224) Red Hat would like to thank the Apache Software Foundation for reporting the CVE-2015-0203 issue. Upstream acknowledges G. Geshev from MWR Labs as the original reporter. This update also fixes the following bug: * Prior to this update, because message purging was performed on a timer thread, large purge events could have caused all other timer tasks to be delayed. Because heartbeats were also driven by a timer on this thread, this could have resulted in clients timing out because they were not receiving heartbeats. The fix moves expired message purging from the timer thread to a worker thread, which allow long-running expired message purges to not affect timer tasks such as the heartbeat timer. (BZ#1142833) All users of Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1181721 - CVE-2015-0203 qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling 1186302 - CVE-2015-0224 qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix) 1186308 - CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented 1191757 - MRG-M 2.5.13 RHEL-5 errata placeholder 6. Package List: Red Hat MRG Messaging for RHEL 5 Server v.2: Source: qpid-cpp-mrg-0.18-38.el5_10.src.rpm i386: qpid-cpp-client-0.18-38.el5_10.i386.rpm qpid-cpp-client-devel-0.18-38.el5_10.i386.rpm qpid-cpp-client-devel-docs-0.18-38.el5_10.i386.rpm qpid-cpp-client-rdma-0.18-38.el5_10.i386.rpm qpid-cpp-client-ssl-0.18-38.el5_10.i386.rpm qpid-cpp-mrg-debuginfo-0.18-38.el5_10.i386.rpm qpid-cpp-server-0.18-38.el5_10.i386.rpm qpid-cpp-server-cluster-0.18-38.el5_10.i386.rpm qpid-cpp-server-devel-0.18-38.el5_10.i386.rpm qpid-cpp-server-rdma-0.18-38.el5_10.i386.rpm qpid-cpp-server-ssl-0.18-38.el5_10.i386.rpm qpid-cpp-server-store-0.18-38.el5_10.i386.rpm qpid-cpp-server-xml-0.18-38.el5_10.i386.rpm x86_64: qpid-cpp-client-0.18-38.el5_10.x86_64.rpm qpid-cpp-client-devel-0.18-38.el5_10.x86_64.rpm qpid-cpp-client-devel-docs-0.18-38.el5_10.x86_64.rpm qpid-cpp-client-rdma-0.18-38.el5_10.x86_64.rpm qpid-cpp-client-ssl-0.18-38.el5_10.x86_64.rpm qpid-cpp-mrg-debuginfo-0.18-38.el5_10.x86_64.rpm qpid-cpp-server-0.18-38.el5_10.x86_64.rpm qpid-cpp-server-cluster-0.18-38.el5_10.x86_64.rpm qpid-cpp-server-devel-0.18-38.el5_10.x86_64.rpm qpid-cpp-server-rdma-0.18-38.el5_10.x86_64.rpm qpid-cpp-server-ssl-0.18-38.el5_10.x86_64.rpm qpid-cpp-server-store-0.18-38.el5_10.x86_64.rpm qpid-cpp-server-xml-0.18-38.el5_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0203 https://access.redhat.com/security/cve/CVE-2015-0223 https://access.redhat.com/security/cve/CVE-2015-0224 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU/bheXlSAg2UNWIIRAoYhAJ4karwg3gfFoCg6KUVKDGJ7XQHO6gCguX0P 9KHkZuBwsfF3x5GGzYsbHpI= =1Qn6 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 11 03:43:42 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Mar 2015 03:43:42 +0000 Subject: [RHSA-2015:0672-01] Moderate: bind security update Message-ID: <201503110343.t2B3hgSZ014030@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: bind security update Advisory ID: RHSA-2015:0672-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0672.html Issue date: 2015-03-10 CVE Names: CVE-2015-1349 ===================================================================== 1. Summary: Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions. (CVE-2015-1349) Red Hat would like to thank ISC for reporting this issue. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1193820 - CVE-2015-1349 bind: issue in trust anchor management can cause named to crash 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm ppc64: bind-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm s390x: bind-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.s390x.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm ppc64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm ppc64: bind-9.9.4-18.el7_1.1.ppc64.rpm bind-chroot-9.9.4-18.el7_1.1.ppc64.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-9.9.4-18.el7_1.1.ppc.rpm bind-libs-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc64.rpm bind-utils-9.9.4-18.el7_1.1.ppc64.rpm s390x: bind-9.9.4-18.el7_1.1.s390x.rpm bind-chroot-9.9.4-18.el7_1.1.s390x.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-libs-9.9.4-18.el7_1.1.s390.rpm bind-libs-9.9.4-18.el7_1.1.s390x.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390x.rpm bind-utils-9.9.4-18.el7_1.1.s390x.rpm x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.9.4-18.ael7b_1.1.src.rpm noarch: bind-license-9.9.4-18.ael7b_1.1.noarch.rpm ppc64le: bind-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-lite-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-utils-9.9.4-18.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-devel-9.9.4-18.el7_1.1.ppc.rpm bind-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.ppc64.rpm s390x: bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-devel-9.9.4-18.el7_1.1.s390.rpm bind-devel-9.9.4-18.el7_1.1.s390x.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.s390x.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-lite-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-1349 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU/7nhXlSAg2UNWIIRArKUAJ9WX/XGIY2BbVU1+km5wJAaBaPytQCdGBnW 7ZfcyFEskWi6YX7JcLMs9Fg= =dWCz -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 11 15:45:44 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Mar 2015 15:45:44 +0000 Subject: [RHSA-2015:0674-01] Important: kernel security and bug fix update Message-ID: <201503111533.t2BFXUYk018422@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2015:0674-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0674.html Issue date: 2015-03-11 CVE Names: CVE-2014-7822 CVE-2014-8159 CVE-2014-8160 CVE-2014-8369 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate) * A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol (SCTP) case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking module was not loaded on the system. (CVE-2014-8160, Moderate) * It was found that the fix for CVE-2014-3601 was incomplete: the Linux kernel's kvm_iommu_map_pages() function still handled IOMMU mapping failures incorrectly. A privileged user in a guest with an assigned host device could use this flaw to crash the host. (CVE-2014-8369, Moderate) Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and Akira Fujita of NEC for reporting CVE-2014-7822. Bug fixes: * The maximum amount of entries in the IPv6 route table (net.ipv6.route.max_size) was 4096, and every route towards this maximum size limit was counted. Communication to more systems was impossible when the limit was exceeded. Now, only cached routes are counted, which guarantees that the kernel does not run out of memory, but the user can now install as many routes as the memory allows until the kernel indicates it can no longer handle the amount of memory and returns an error message. In addition, the default "net.ipv6.route.max_size" value has been increased to 16384 for performance improvement reasons. (BZ#1177581) * When the user attempted to scan for an FCOE-served Logical Unit Number (LUN), after an initial LUN scan, a kernel panic occurred in bnx2fc_init_task. System scanning for LUNs is now stable after LUNs have been added. (BZ#1179098) * Under certain conditions, such as when attempting to scan the network for LUNs, a race condition in the bnx2fc driver could trigger a kernel panic in bnx2fc_init_task. A patch fixing a locking issue that caused the race condition has been applied, and scanning the network for LUNs no longer leads to a kernel panic. (BZ#1179098) * Previously, it was not possible to boot the kernel on Xen hypervisor in PVHVM mode if more than 32 vCPUs were specified in the guest configuration. Support for more than 32 vCPUs has been added, and the kernel now boots successfully in the described situation. (BZ#1179343) * When the NVMe driver allocated a namespace queue, it indicated that it was a request-based driver when it was actually a block I/O-based driver. Consequently, when NVMe driver was loaded along with a request-based dm device, the system could terminate unexpectedly or become unresponsive when attempting to access data. The NVMe driver no longer sets the QUEUE_FLAG_STACKABLE bit when allocating a namespace queue and device-mapper no longer perceives NVMe driver as request-based; system hangs or crashes no longer occur. (BZ#1180555) * If a user attempted to apply an NVRAM firmware update when running the tg3 module provided with Red Hat Enterprise Linux 6.6 kernels, the update could fail. As a consequence, the Network Interface Card (NIC) could stay in an unusable state and this could prevent the entire system from booting. The tg3 module has been updated to correctly apply firmware updates. (BZ#1182903) * Support for key sizes of 256 and 192 bits has been added to AES-NI. (BZ#1184332) 4. Solution: All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1156518 - CVE-2014-8369 kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path 1163792 - CVE-2014-7822 kernel: splice: lack of generic write checks 1181166 - CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access 1182059 - CVE-2014-8160 kernel: iptables restriction bypass if a protocol handler kernel module not loaded 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-504.12.2.el6.src.rpm i386: kernel-2.6.32-504.12.2.el6.i686.rpm kernel-debug-2.6.32-504.12.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm kernel-devel-2.6.32-504.12.2.el6.i686.rpm kernel-headers-2.6.32-504.12.2.el6.i686.rpm perf-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm kernel-doc-2.6.32-504.12.2.el6.noarch.rpm kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm x86_64: kernel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm perf-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-504.12.2.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm kernel-doc-2.6.32-504.12.2.el6.noarch.rpm kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm x86_64: kernel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm perf-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-504.12.2.el6.src.rpm i386: kernel-2.6.32-504.12.2.el6.i686.rpm kernel-debug-2.6.32-504.12.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm kernel-devel-2.6.32-504.12.2.el6.i686.rpm kernel-headers-2.6.32-504.12.2.el6.i686.rpm perf-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm kernel-doc-2.6.32-504.12.2.el6.noarch.rpm kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm ppc64: kernel-2.6.32-504.12.2.el6.ppc64.rpm kernel-bootwrapper-2.6.32-504.12.2.el6.ppc64.rpm kernel-debug-2.6.32-504.12.2.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-504.12.2.el6.ppc64.rpm kernel-devel-2.6.32-504.12.2.el6.ppc64.rpm kernel-headers-2.6.32-504.12.2.el6.ppc64.rpm perf-2.6.32-504.12.2.el6.ppc64.rpm perf-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm s390x: kernel-2.6.32-504.12.2.el6.s390x.rpm kernel-debug-2.6.32-504.12.2.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-debug-devel-2.6.32-504.12.2.el6.s390x.rpm kernel-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-504.12.2.el6.s390x.rpm kernel-devel-2.6.32-504.12.2.el6.s390x.rpm kernel-headers-2.6.32-504.12.2.el6.s390x.rpm kernel-kdump-2.6.32-504.12.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-kdump-devel-2.6.32-504.12.2.el6.s390x.rpm perf-2.6.32-504.12.2.el6.s390x.rpm perf-debuginfo-2.6.32-504.12.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.s390x.rpm x86_64: kernel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm perf-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-504.12.2.el6.ppc64.rpm perf-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm python-perf-2.6.32-504.12.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-504.12.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-504.12.2.el6.s390x.rpm perf-debuginfo-2.6.32-504.12.2.el6.s390x.rpm python-perf-2.6.32-504.12.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-504.12.2.el6.src.rpm i386: kernel-2.6.32-504.12.2.el6.i686.rpm kernel-debug-2.6.32-504.12.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm kernel-devel-2.6.32-504.12.2.el6.i686.rpm kernel-headers-2.6.32-504.12.2.el6.i686.rpm perf-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm kernel-doc-2.6.32-504.12.2.el6.noarch.rpm kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm x86_64: kernel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm perf-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-7822 https://access.redhat.com/security/cve/CVE-2014-8159 https://access.redhat.com/security/cve/CVE-2014-8160 https://access.redhat.com/security/cve/CVE-2014-8369 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVAF98XlSAg2UNWIIRAu4lAJ9CYnAo3nuzGCMBxhsWFmRaHJF4iwCgm4Cn N+bPS1gVVArt1knbQ7paEx0= =VfxY -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Mar 17 15:04:46 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 Mar 2015 15:04:46 +0000 Subject: [RHSA-2015:0694-01] Important: kernel-rt security, bug fix, and enhancement update Message-ID: <201503171504.t2HF4j2M015026@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security, bug fix, and enhancement update Advisory ID: RHSA-2015:0694-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0694.html Issue date: 2015-03-17 CVE Names: CVE-2014-7822 CVE-2014-8086 CVE-2014-8172 CVE-2014-8173 CVE-2015-0274 ===================================================================== 1. Summary: Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64 3. Description: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. (CVE-2015-0274, Important) * A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate) * A race condition flaw was found in the Linux kernel's ext4 file system implementation that allowed a local, unprivileged user to crash the system by simultaneously writing to a file and toggling the O_DIRECT flag using fcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate) * It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8172, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8173, Moderate) Red Hat would like to thank Eric Windisch of the Docker project for reporting CVE-2015-0274, and Akira Fujita of NEC for reporting CVE-2014-7822. Bug fixes: * A patch removing the xt_connlimit revision zero ABI was not reverted in the kernel-rt package, which caused problems because the iptables package requires this revision. A patch to remove the xt_connlimit revision 0 was reverted from the kernel-rt sources to allow the iptables command to execute correctly. (BZ#1169755) * With an older Mellanox Connect-IB (mlx4) driver present in the MRG Realtime kernel, a race condition could occur that would cause a loss of connection. The mlx4 driver was updated, resolving the race condition and allowing proper connectivity. (BZ#1182246) * The MRG Realtime kernel did not contain the appropriate code to resume after a device failed, causing the volume status after a repair to not be properly updated. A 'refresh needed' was still listed in the 'lvs' output after executing the 'lvchange --refresh' command. A patch was added that adds the ability to correctly restore a transiently failed device upon resume. (BZ#1159803) * The sosreport executable would hang when reading /proc/net/rpc/use-gss-proxy because of faulty wait_queue logic in the proc handler. This wait_queue logic was removed from the proc handler, allowing the reads to correctly return the current state. (BZ#1169900) Enhancements: * The MRG Realtime kernel-rt sources have been modified to take advantage of the updated 3.10 kernel sources that are available with the Red Hat Enterprise Linux 7 releases. (BZ#1172844) * The MRG Realtime version of the e1000e driver has been updated to provide support for the Intel I218-LM network adapter. (BZ#1191767) * The MRG Realtime kernel was updated to provide support for the Mellanox Connect-IB (mlx5). (BZ#1171363) * The rt-firmware package has been updated to provide additional firmware files required by the new version of the Red Hat Enterprise MRG 2.5 kernel (BZ#1184251) All kernel-rt users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1151353 - CVE-2014-8086 Kernel: fs: ext4 race condition 1163792 - CVE-2014-7822 kernel: splice: lack of generic write checks 1169755 - iptables: Protocol wrong type for socket (regression, bisected) 1171363 - realtime kernel does not support Mellanox Connect-IB(mlx5) 1172844 - RFE: rebase the 3.10 kernel-rt 1195248 - CVE-2015-0274 kernel: xfs: replacing remote attributes memory corruption 1198457 - CVE-2014-8173 kernel: NULL pointer dereference in madvise(MADV_WILLNEED) support 1198503 - CVE-2014-8172 kernel: soft lockup on aio 6. Package List: MRG Realtime for RHEL 6 Server v.2: Source: kernel-rt-3.10.0-229.rt56.144.el6rt.src.rpm noarch: kernel-rt-doc-3.10.0-229.rt56.144.el6rt.noarch.rpm kernel-rt-firmware-3.10.0-229.rt56.144.el6rt.noarch.rpm x86_64: kernel-rt-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-debug-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-debug-devel-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-debuginfo-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-devel-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-trace-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-trace-devel-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-vanilla-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-vanilla-debuginfo-3.10.0-229.rt56.144.el6rt.x86_64.rpm kernel-rt-vanilla-devel-3.10.0-229.rt56.144.el6rt.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-7822 https://access.redhat.com/security/cve/CVE-2014-8086 https://access.redhat.com/security/cve/CVE-2014-8172 https://access.redhat.com/security/cve/CVE-2014-8173 https://access.redhat.com/security/cve/CVE-2015-0274 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVCEKCXlSAg2UNWIIRAmDjAKCLtIvkHYt7lcpc3dfQnZp7WUNyAACdECiv 0M0JCIXeEhhWwK3d50NH6zY= =myFv -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Mar 17 14:55:22 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 Mar 2015 14:55:22 +0000 Subject: [RHSA-2015:0695-01] Important: kernel security and bug fix update Message-ID: <201503171455.t2HEtMO8025630@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2015:0695-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0695.html Issue date: 2015-03-17 CVE Names: CVE-2013-2596 CVE-2014-5471 CVE-2014-5472 CVE-2014-7841 CVE-2014-8159 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AUS (v. 6.2 server) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change (ASCONF). A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system. (CVE-2014-7841, Important) * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important) * It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-5471, CVE-2014-5472, Low) Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue. The CVE-2014-7841 issue was discovered by Liu Wei of Red Hat. This update also fixes the following bugs: * Previously, certain network device drivers did not accept ethtool commands right after they were loaded. As a consequence, the current setting of the specified device driver was not applied and an error message was returned. The ETHTOOL_DELAY variable has been added, which makes sure the ethtool utility waits for some time before it tries to apply the options settings, thus fixing the bug. (BZ#1138299) * During the memory allocation for a new socket to communicate to the server, the rpciod daemon released a clean page which needed to be committed. However, the commit was queueing indefinitely as the commit could only be provided with a socket connection. As a consequence, a deadlock occurred in rpciod. This update sets the PF_FSTRANS flag on the work queue task prior to the socket allocation, and adds the nfs_release_page check for the flag when deciding whether to make a commit call, thus fixing this bug. (BZ#1192326) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1034490 - CVE-2013-2596 kernel: integer overflow in fb_mmap 1134099 - CVE-2014-5471 CVE-2014-5472 kernel: isofs: unbound recursion when processing relocated directories 1163087 - CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet 1181166 - CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access 6. Package List: Red Hat Enterprise Linux AUS (v. 6.2 server): Source: kernel-2.6.32-220.60.2.el6.src.rpm noarch: kernel-doc-2.6.32-220.60.2.el6.noarch.rpm kernel-firmware-2.6.32-220.60.2.el6.noarch.rpm x86_64: kernel-2.6.32-220.60.2.el6.x86_64.rpm kernel-debug-2.6.32-220.60.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.60.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.60.2.el6.x86_64.rpm kernel-devel-2.6.32-220.60.2.el6.x86_64.rpm kernel-headers-2.6.32-220.60.2.el6.x86_64.rpm perf-2.6.32-220.60.2.el6.x86_64.rpm perf-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: kernel-2.6.32-220.60.2.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.60.2.el6.x86_64.rpm perf-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm python-perf-2.6.32-220.60.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.60.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2013-2596 https://access.redhat.com/security/cve/CVE-2014-5471 https://access.redhat.com/security/cve/CVE-2014-5472 https://access.redhat.com/security/cve/CVE-2014-7841 https://access.redhat.com/security/cve/CVE-2014-8159 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVCEAsXlSAg2UNWIIRAqmNAJ955zmv/qt9gEtu+M3yPnEs/V2wcgCeLvdF 5P9bWkJ/QIJR+llLjMF2RWI= =1dCs -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Mar 17 16:44:54 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 Mar 2015 16:44:54 +0000 Subject: [RHSA-2015:0697-01] Critical: flash-plugin security update Message-ID: <201503171644.t2HGisP2031802@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:0697-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0697.html Issue date: 2015-03-17 CVE Names: CVE-2015-0332 CVE-2015-0333 CVE-2015-0334 CVE-2015-0335 CVE-2015-0336 CVE-2015-0337 CVE-2015-0338 CVE-2015-0339 CVE-2015-0340 CVE-2015-0341 CVE-2015-0342 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-05 listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2015-0332, CVE-2015-0333, CVE-2015-0335, CVE-2015-0339, CVE-2015-0334, CVE-2015-0336, CVE-2015-0338, CVE-2015-0341, CVE-2015-0342) This update also fixes a cross-domain policy bypass flaw and a file upload restriction bypass flaw. (CVE-2015-0337, CVE-2015-0340) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.451. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1201636 - flash-plugin: multiple code execution issues fixed in APSB15-05 1201649 - CVE-2015-0337 flash-plugin: cross-domain policy bypass (APSB15-05) 1201651 - CVE-2015-0340 flash-plugin: file upload restriction bypass (APSB15-05) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.451-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.451-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.451-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.451-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.451-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.451-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.451-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.451-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.451-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.451-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0332 https://access.redhat.com/security/cve/CVE-2015-0333 https://access.redhat.com/security/cve/CVE-2015-0334 https://access.redhat.com/security/cve/CVE-2015-0335 https://access.redhat.com/security/cve/CVE-2015-0336 https://access.redhat.com/security/cve/CVE-2015-0337 https://access.redhat.com/security/cve/CVE-2015-0338 https://access.redhat.com/security/cve/CVE-2015-0339 https://access.redhat.com/security/cve/CVE-2015-0340 https://access.redhat.com/security/cve/CVE-2015-0341 https://access.redhat.com/security/cve/CVE-2015-0342 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb15-05.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVCFmyXlSAg2UNWIIRArVvAKCjJLAKXJvnMOZ5a5IBxmKVEPZu6QCfemGc 9kdM+Q/ZOQRcHTfQ3iZRj3s= =8M6g -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 18 04:54:31 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 Mar 2015 04:54:31 +0000 Subject: [RHSA-2015:0696-01] Important: freetype security update Message-ID: <201503180454.t2I4sWrA009842@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: freetype security update Advisory ID: RHSA-2015:0696-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0696.html Issue date: 2015-03-17 CVE Names: CVE-2014-9657 CVE-2014-9658 CVE-2014-9660 CVE-2014-9661 CVE-2014-9663 CVE-2014-9664 CVE-2014-9667 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 ===================================================================== 1. Summary: Updated freetype packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handled Mac fonts. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2014-9673, CVE-2014-9674) Multiple flaws were found in the way FreeType handled fonts in various formats. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, possibly, disclose a portion of the application memory. (CVE-2014-9657, CVE-2014-9658, CVE-2014-9660, CVE-2014-9661, CVE-2014-9663, CVE-2014-9664, CVE-2014-9667, CVE-2014-9669, CVE-2014-9670, CVE-2014-9671, CVE-2014-9675) All freetype users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1191079 - CVE-2014-9657 freetype: off-by-one buffer over-read in tt_face_load_hdmx() 1191080 - CVE-2014-9658 freetype: buffer over-read and integer underflow in tt_face_load_kern() 1191082 - CVE-2014-9660 freetype: missing ENDCHAR NULL pointer dereference in the _bdf_parse_glyphs() 1191083 - CVE-2014-9661 freetype: out of bounds read in Type42 font parser 1191085 - CVE-2014-9663 freetype: out-of-bounds read in tt_cmap4_validate() 1191086 - CVE-2014-9664 freetype: off-by-one buffer over-read in parse_charstrings() / t42_parse_charstrings() 1191090 - CVE-2014-9667 freetype: integer overflow in tt_face_load_font_dir() leading to out-of-bounds read 1191092 - CVE-2014-9669 freetype: multiple integer overflows leading to buffer over-reads in cmap handling 1191093 - CVE-2014-9670 freetype: integer overflow in pcf_get_encodings() leading to NULL pointer dereference 1191094 - CVE-2014-9671 freetype: integer overflow in pcf_get_properties() leading to NULL pointer dereference 1191096 - CVE-2014-9673 freetype: integer signedness error in Mac_Read_POST_Resource() leading to heap-based buffer overflow 1191190 - CVE-2014-9674 freetype: multiple integer overflows Mac_Read_POST_Resource() leading to heap-based buffer overflows 1191192 - CVE-2014-9675 freetype: information leak in _bdf_add_property() 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: freetype-2.3.11-15.el6_6.1.src.rpm i386: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm x86_64: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-2.3.11-15.el6_6.1.x86_64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-demos-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm x86_64: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: freetype-2.3.11-15.el6_6.1.src.rpm x86_64: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-2.3.11-15.el6_6.1.x86_64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: freetype-2.3.11-15.el6_6.1.src.rpm i386: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm ppc64: freetype-2.3.11-15.el6_6.1.ppc.rpm freetype-2.3.11-15.el6_6.1.ppc64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.ppc.rpm freetype-debuginfo-2.3.11-15.el6_6.1.ppc64.rpm freetype-devel-2.3.11-15.el6_6.1.ppc.rpm freetype-devel-2.3.11-15.el6_6.1.ppc64.rpm s390x: freetype-2.3.11-15.el6_6.1.s390.rpm freetype-2.3.11-15.el6_6.1.s390x.rpm freetype-debuginfo-2.3.11-15.el6_6.1.s390.rpm freetype-debuginfo-2.3.11-15.el6_6.1.s390x.rpm freetype-devel-2.3.11-15.el6_6.1.s390.rpm freetype-devel-2.3.11-15.el6_6.1.s390x.rpm x86_64: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-2.3.11-15.el6_6.1.x86_64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-demos-2.3.11-15.el6_6.1.i686.rpm ppc64: freetype-debuginfo-2.3.11-15.el6_6.1.ppc64.rpm freetype-demos-2.3.11-15.el6_6.1.ppc64.rpm s390x: freetype-debuginfo-2.3.11-15.el6_6.1.s390x.rpm freetype-demos-2.3.11-15.el6_6.1.s390x.rpm x86_64: freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: freetype-2.3.11-15.el6_6.1.src.rpm i386: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm x86_64: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-2.3.11-15.el6_6.1.x86_64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-demos-2.3.11-15.el6_6.1.i686.rpm x86_64: freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: freetype-2.4.11-10.el7_1.1.src.rpm x86_64: freetype-2.4.11-10.el7_1.1.i686.rpm freetype-2.4.11-10.el7_1.1.x86_64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm freetype-devel-2.4.11-10.el7_1.1.i686.rpm freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: freetype-2.4.11-10.el7_1.1.src.rpm x86_64: freetype-2.4.11-10.el7_1.1.i686.rpm freetype-2.4.11-10.el7_1.1.x86_64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm freetype-devel-2.4.11-10.el7_1.1.i686.rpm freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: freetype-2.4.11-10.el7_1.1.src.rpm ppc64: freetype-2.4.11-10.el7_1.1.ppc.rpm freetype-2.4.11-10.el7_1.1.ppc64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.ppc.rpm freetype-debuginfo-2.4.11-10.el7_1.1.ppc64.rpm freetype-devel-2.4.11-10.el7_1.1.ppc.rpm freetype-devel-2.4.11-10.el7_1.1.ppc64.rpm s390x: freetype-2.4.11-10.el7_1.1.s390.rpm freetype-2.4.11-10.el7_1.1.s390x.rpm freetype-debuginfo-2.4.11-10.el7_1.1.s390.rpm freetype-debuginfo-2.4.11-10.el7_1.1.s390x.rpm freetype-devel-2.4.11-10.el7_1.1.s390.rpm freetype-devel-2.4.11-10.el7_1.1.s390x.rpm x86_64: freetype-2.4.11-10.el7_1.1.i686.rpm freetype-2.4.11-10.el7_1.1.x86_64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-devel-2.4.11-10.el7_1.1.i686.rpm freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: freetype-2.4.11-10.ael7b_1.1.src.rpm ppc64le: freetype-2.4.11-10.ael7b_1.1.ppc64le.rpm freetype-debuginfo-2.4.11-10.ael7b_1.1.ppc64le.rpm freetype-devel-2.4.11-10.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: freetype-debuginfo-2.4.11-10.el7_1.1.ppc64.rpm freetype-demos-2.4.11-10.el7_1.1.ppc64.rpm s390x: freetype-debuginfo-2.4.11-10.el7_1.1.s390x.rpm freetype-demos-2.4.11-10.el7_1.1.s390x.rpm x86_64: freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: freetype-debuginfo-2.4.11-10.ael7b_1.1.ppc64le.rpm freetype-demos-2.4.11-10.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: freetype-2.4.11-10.el7_1.1.src.rpm x86_64: freetype-2.4.11-10.el7_1.1.i686.rpm freetype-2.4.11-10.el7_1.1.x86_64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-devel-2.4.11-10.el7_1.1.i686.rpm freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9657 https://access.redhat.com/security/cve/CVE-2014-9658 https://access.redhat.com/security/cve/CVE-2014-9660 https://access.redhat.com/security/cve/CVE-2014-9661 https://access.redhat.com/security/cve/CVE-2014-9663 https://access.redhat.com/security/cve/CVE-2014-9664 https://access.redhat.com/security/cve/CVE-2014-9667 https://access.redhat.com/security/cve/CVE-2014-9669 https://access.redhat.com/security/cve/CVE-2014-9670 https://access.redhat.com/security/cve/CVE-2014-9671 https://access.redhat.com/security/cve/CVE-2014-9673 https://access.redhat.com/security/cve/CVE-2014-9674 https://access.redhat.com/security/cve/CVE-2014-9675 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVCQSFXlSAg2UNWIIRAi09AKCi+NdbNftG8xgFCLHnIYGfonayfwCfbP5t ZzKu+VCPF8dY67ybuIOxMyk= =d2k2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 18 19:12:51 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 Mar 2015 19:12:51 +0000 Subject: [RHSA-2015:0699-01] Moderate: postgresql92-postgresql security update Message-ID: <201503181912.t2IJCq0N004228@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql92-postgresql security update Advisory ID: RHSA-2015:0699-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0699.html Issue date: 2015-03-18 CVE Names: CVE-2014-8161 CVE-2015-0241 CVE-2015-0243 CVE-2015-0244 ===================================================================== 1. Summary: Updated postgresql92-postgresql packages that fix multiple security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.5) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.6) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the query was executed. (CVE-2014-8161) A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2015-0241) A stack-buffer overflow flaw was found in PostgreSQL's pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2015-0243) A flaw was found in the way PostgreSQL handled certain errors that were generated during protocol synchronization. An authenticated database user could use this flaw to inject queries into an existing connection. (CVE-2015-0244) Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Stephen Frost as the original reporter of CVE-2014-8161; Andres Freund, Peter Geoghegan, Bernd Helmle, and Noah Misch as the original reporters of CVE-2015-0241; Marko Tiikkaja as the original reporter of CVE-2015-0243; and Emil Lenngren as the original reporter of CVE-2015-0244. All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1182043 - CVE-2014-8161 postgresql: information leak through constraint violation errors 1188684 - CVE-2015-0241 postgresql: buffer overflow in the to_char() function 1188689 - CVE-2015-0243 postgresql: buffer overflow flaws in contrib/pgcrypto 1188694 - CVE-2015-0244 postgresql: loss of frontend/backend protocol synchronization after an error 6. Package List: Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 6): Source: postgresql92-postgresql-9.2.10-2.el6.src.rpm x86_64: postgresql92-postgresql-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-contrib-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-debuginfo-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-devel-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-docs-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-libs-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-plperl-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-plpython-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-pltcl-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-server-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-test-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-upgrade-9.2.10-2.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.5): Source: postgresql92-postgresql-9.2.10-2.el6.src.rpm x86_64: postgresql92-postgresql-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-contrib-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-debuginfo-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-devel-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-docs-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-libs-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-plperl-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-plpython-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-pltcl-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-server-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-test-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-upgrade-9.2.10-2.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: postgresql92-postgresql-9.2.10-2.el6.src.rpm x86_64: postgresql92-postgresql-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-contrib-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-debuginfo-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-devel-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-docs-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-libs-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-plperl-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-plpython-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-pltcl-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-server-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-test-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-upgrade-9.2.10-2.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 6): Source: postgresql92-postgresql-9.2.10-2.el6.src.rpm x86_64: postgresql92-postgresql-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-contrib-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-debuginfo-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-devel-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-docs-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-libs-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-plperl-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-plpython-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-pltcl-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-server-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-test-9.2.10-2.el6.x86_64.rpm postgresql92-postgresql-upgrade-9.2.10-2.el6.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Server (v. 7): Source: postgresql92-postgresql-9.2.10-1.el7.src.rpm x86_64: postgresql92-postgresql-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-contrib-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-debuginfo-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-devel-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-docs-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-libs-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-plperl-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-plpython-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-pltcl-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-server-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-test-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-upgrade-9.2.10-1.el7.x86_64.rpm Red Hat Software Collections 1 for Red Hat Enterprise Linux Workstation (v. 7): Source: postgresql92-postgresql-9.2.10-1.el7.src.rpm x86_64: postgresql92-postgresql-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-contrib-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-debuginfo-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-devel-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-docs-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-libs-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-plperl-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-plpython-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-pltcl-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-server-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-test-9.2.10-1.el7.x86_64.rpm postgresql92-postgresql-upgrade-9.2.10-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8161 https://access.redhat.com/security/cve/CVE-2015-0241 https://access.redhat.com/security/cve/CVE-2015-0243 https://access.redhat.com/security/cve/CVE-2015-0244 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVCc4YXlSAg2UNWIIRAt7iAKCVggnHzOWxSWt/MGGHxJ4jNBzNxQCeKxIa RqIjf2GAX/mQ9K5nqraTqJI= =U7nP -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 18 19:13:46 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 Mar 2015 19:13:46 +0000 Subject: [RHSA-2015:0700-01] Moderate: unzip security update Message-ID: <201503181913.t2IJDkub019285@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: unzip security update Advisory ID: RHSA-2015:0700-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0700.html Issue date: 2015-03-18 CVE Names: CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-9636 ===================================================================== 1. Summary: Updated unzip packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. (CVE-2014-9636) A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. (CVE-2014-8139) An integer underflow flaw, leading to a buffer overflow, was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. (CVE-2014-8140) A buffer overflow flaw was found in the way unzip handled Zip64 files. A specially crafted Zip archive could possibly cause unzip to crash when the archive was uncompressed. (CVE-2014-8141) Red Hat would like to thank oCERT for reporting the CVE-2014-8139, CVE-2014-8140, and CVE-2014-8141 issues. oCERT acknowledges Michele Spagnuolo of the Google Security Team as the original reporter of these issues. All unzip users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1174844 - CVE-2014-8139 unzip: CRC32 verification heap-based buffer overread (oCERT-2014-011) 1174851 - CVE-2014-8140 unzip: out-of-bounds write issue in test_compr_eb() (oCERT-2014-011) 1174856 - CVE-2014-8141 unzip: getZip64Data() out-of-bounds read issues (oCERT-2014-011) 1184985 - CVE-2014-9636 unzip: out-of-bounds read/write in test_compr_eb() in extract.c 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: unzip-6.0-2.el6_6.src.rpm i386: unzip-6.0-2.el6_6.i686.rpm unzip-debuginfo-6.0-2.el6_6.i686.rpm x86_64: unzip-6.0-2.el6_6.x86_64.rpm unzip-debuginfo-6.0-2.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: unzip-6.0-2.el6_6.src.rpm x86_64: unzip-6.0-2.el6_6.x86_64.rpm unzip-debuginfo-6.0-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: unzip-6.0-2.el6_6.src.rpm i386: unzip-6.0-2.el6_6.i686.rpm unzip-debuginfo-6.0-2.el6_6.i686.rpm ppc64: unzip-6.0-2.el6_6.ppc64.rpm unzip-debuginfo-6.0-2.el6_6.ppc64.rpm s390x: unzip-6.0-2.el6_6.s390x.rpm unzip-debuginfo-6.0-2.el6_6.s390x.rpm x86_64: unzip-6.0-2.el6_6.x86_64.rpm unzip-debuginfo-6.0-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: unzip-6.0-2.el6_6.src.rpm i386: unzip-6.0-2.el6_6.i686.rpm unzip-debuginfo-6.0-2.el6_6.i686.rpm x86_64: unzip-6.0-2.el6_6.x86_64.rpm unzip-debuginfo-6.0-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: unzip-6.0-15.el7.src.rpm x86_64: unzip-6.0-15.el7.x86_64.rpm unzip-debuginfo-6.0-15.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: unzip-6.0-15.el7.src.rpm x86_64: unzip-6.0-15.el7.x86_64.rpm unzip-debuginfo-6.0-15.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: unzip-6.0-15.el7.src.rpm ppc64: unzip-6.0-15.el7.ppc64.rpm unzip-debuginfo-6.0-15.el7.ppc64.rpm s390x: unzip-6.0-15.el7.s390x.rpm unzip-debuginfo-6.0-15.el7.s390x.rpm x86_64: unzip-6.0-15.el7.x86_64.rpm unzip-debuginfo-6.0-15.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: unzip-6.0-15.ael7b.src.rpm ppc64le: unzip-6.0-15.ael7b.ppc64le.rpm unzip-debuginfo-6.0-15.ael7b.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: unzip-6.0-15.el7.src.rpm x86_64: unzip-6.0-15.el7.x86_64.rpm unzip-debuginfo-6.0-15.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8139 https://access.redhat.com/security/cve/CVE-2014-8140 https://access.redhat.com/security/cve/CVE-2014-8141 https://access.redhat.com/security/cve/CVE-2014-9636 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVCc5UXlSAg2UNWIIRAqcXAJ9QbTPShF0n7Xbnl5Qysxgz9klA7wCgmGC4 RChl4UvFXmR97bfbmKQaCvM= =1ZcZ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 19 17:16:06 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 Mar 2015 17:16:06 +0000 Subject: [RHSA-2015:0707-01] Moderate: qpid security and bug fix update Message-ID: <201503191716.t2JHG7tg017800@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qpid security and bug fix update Advisory ID: RHSA-2015:0707-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0707.html Issue date: 2015-03-19 CVE Names: CVE-2015-0203 CVE-2015-0223 CVE-2015-0224 ===================================================================== 1. Summary: Updated qpid packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG 3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat MRG Messaging for RHEL 6 Server v.3 - i386, noarch, x86_64 3. Description: Red Hat Enterprise MRG is a next-generation IT infrastructure incorporating Messaging, Real Time, and Grid functionality. It offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Messaging is a high-speed reliable messaging distribution for Linux based on AMQP (Advanced Message Queuing Protocol), an open protocol standard for enterprise messaging that is designed to make mission critical messaging widely available as a standard service, and to make enterprise messaging interoperable across platforms, programming languages, and vendors. MRG Messaging includes AMQP messaging broker; AMQP client libraries for C++, Java JMS, and Python; as well as persistence libraries and management tools. It was discovered that the Qpid daemon (qpidd) did not restrict access to anonymous users when the ANONYMOUS mechanism was disallowed. (CVE-2015-0223) A flaw was found in the way the Qpid daemon (qpidd) processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set that could use this flaw to crash qpidd. (CVE-2015-0203, CVE-2015-0224) Red Hat would like to thank the Apache Software Foundation for reporting the CVE-2015-0203 issue. Upstream acknowledges G. Geshev from MWR Labs as the original reporter. This update also fixes the following bugs: * Previously, the neutron messaging client rewrote (by method of "monkey-patching") the python selector module to support eventlet threading. The rewritten client did not update select.poll() during this process, which is used by qpid-python to manage I/O. This resulted in poll() deadlocks and neutron server hangs. The fix introduces updates to the python-qpid library that avoid calling poll() if eventlet threading is detected. Instead, the eventlet-aware select() is called, which prevents deadlocks from occurring and corrects the originally reported issue. (BZ#1175872) * It was discovered that the QPID Broker aborted with an uncaught UnknownExchangeTypeException when the client attempted to request an unsupported exchange type. The code for the Exchange Registry and Node Policy has been improved to prevent this issue from happening again. (BZ#1186694) Users of the Messaging capabilities of Red Hat Enterprise MRG 3, which is layered on Red Hat Enterprise Linux 6, are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1175872 - [RHEL 6]neutron-server gets stuck in poll python-qpid 0.22 1181721 - CVE-2015-0203 qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling 1186302 - CVE-2015-0224 qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix) 1186308 - CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented 6. Package List: Red Hat MRG Messaging for RHEL 6 Server v.3: Source: python-qpid-0.22-19.el6.src.rpm qpid-cpp-0.22-51.el6.src.rpm qpid-qmf-0.22-41.el6.src.rpm i386: python-qpid-qmf-0.22-41.el6.i686.rpm qpid-cpp-client-0.22-51.el6.i686.rpm qpid-cpp-client-devel-0.22-51.el6.i686.rpm qpid-cpp-client-rdma-0.22-51.el6.i686.rpm qpid-cpp-debuginfo-0.22-51.el6.i686.rpm qpid-cpp-server-0.22-51.el6.i686.rpm qpid-cpp-server-devel-0.22-51.el6.i686.rpm qpid-cpp-server-ha-0.22-51.el6.i686.rpm qpid-cpp-server-linearstore-0.22-51.el6.i686.rpm qpid-cpp-server-rdma-0.22-51.el6.i686.rpm qpid-cpp-server-xml-0.22-51.el6.i686.rpm qpid-qmf-0.22-41.el6.i686.rpm qpid-qmf-debuginfo-0.22-41.el6.i686.rpm qpid-qmf-devel-0.22-41.el6.i686.rpm ruby-qpid-qmf-0.22-41.el6.i686.rpm noarch: python-qpid-0.22-19.el6.noarch.rpm qpid-cpp-client-devel-docs-0.22-51.el6.noarch.rpm x86_64: python-qpid-qmf-0.22-41.el6.x86_64.rpm qpid-cpp-client-0.22-51.el6.i686.rpm qpid-cpp-client-0.22-51.el6.x86_64.rpm qpid-cpp-client-devel-0.22-51.el6.x86_64.rpm qpid-cpp-client-rdma-0.22-51.el6.x86_64.rpm qpid-cpp-debuginfo-0.22-51.el6.i686.rpm qpid-cpp-debuginfo-0.22-51.el6.x86_64.rpm qpid-cpp-server-0.22-51.el6.i686.rpm qpid-cpp-server-0.22-51.el6.x86_64.rpm qpid-cpp-server-devel-0.22-51.el6.x86_64.rpm qpid-cpp-server-ha-0.22-51.el6.x86_64.rpm qpid-cpp-server-linearstore-0.22-51.el6.x86_64.rpm qpid-cpp-server-rdma-0.22-51.el6.x86_64.rpm qpid-cpp-server-xml-0.22-51.el6.x86_64.rpm qpid-qmf-0.22-41.el6.i686.rpm qpid-qmf-0.22-41.el6.x86_64.rpm qpid-qmf-debuginfo-0.22-41.el6.i686.rpm qpid-qmf-debuginfo-0.22-41.el6.x86_64.rpm qpid-qmf-devel-0.22-41.el6.x86_64.rpm ruby-qpid-qmf-0.22-41.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0203 https://access.redhat.com/security/cve/CVE-2015-0223 https://access.redhat.com/security/cve/CVE-2015-0224 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVCwRCXlSAg2UNWIIRAgkSAKCd5bKYzI1QrUjAk1nt684p1lSNSwCfVFpg UDSulxhPPPrDYPpnJIuZedo= =lM9F -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 19 17:19:03 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 Mar 2015 17:19:03 +0000 Subject: [RHSA-2015:0708-01] Moderate: qpid security and bug fix update Message-ID: <201503191719.t2JHJ30U021247@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qpid security and bug fix update Advisory ID: RHSA-2015:0708-01 Product: Red Hat Enterprise MRG for RHEL-7 Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0708.html Issue date: 2015-03-19 CVE Names: CVE-2015-0203 CVE-2015-0223 CVE-2015-0224 ===================================================================== 1. Summary: Updated qpid packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG 3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat MRG Messaging v.3 for RHEL-7 - i386, noarch, x86_64 3. Description: Red Hat Enterprise MRG is a next-generation IT infrastructure incorporating Messaging, Real Time, and Grid functionality. It offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Messaging is a high-speed reliable messaging distribution for Linux based on AMQP (Advanced Message Queuing Protocol), an open protocol standard for enterprise messaging that is designed to make mission critical messaging widely available as a standard service, and to make enterprise messaging interoperable across platforms, programming languages, and vendors. MRG Messaging includes AMQP messaging broker; AMQP client libraries for C++, Java JMS, and Python; as well as persistence libraries and management tools. It was discovered that the Qpid daemon (qpidd) did not restrict access to anonymous users when the ANONYMOUS mechanism was disallowed. (CVE-2015-0223) A flaw was found in the way the Qpid daemon (qpidd) processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set that could use this flaw to crash qpidd. (CVE-2015-0203, CVE-2015-0224) Red Hat would like to thank the Apache Software Foundation for reporting the CVE-2015-0203 issue. Upstream acknowledges G. Geshev from MWR Labs as the original reporter. This update also fixes the following bugs: * Previously, the neutron messaging client rewrote (by method of "monkey-patching") the python selector module to support eventlet threading. The rewritten client did not update select.poll() during this process, which is used by qpid-python to manage I/O. This resulted in poll() deadlocks and neutron server hangs. The fix introduces updates to the python-qpid library that avoid calling poll() if eventlet threading is detected. Instead, the eventlet-aware select() is called, which prevents deadlocks from occurring and corrects the originally reported issue. (BZ#1175872) * It was discovered that the QPID Broker aborted with an uncaught UnknownExchangeTypeException when the client attempted to request an unsupported exchange type. The code for the Exchange Registry and Node Policy has been improved to prevent this issue from happening again. (BZ#1186694) Users of the Messaging capabilities of Red Hat Enterprise MRG 3, which is layered on Red Hat Enterprise Linux 7, are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1181721 - CVE-2015-0203 qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling 1186302 - CVE-2015-0224 qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix) 1186308 - CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented 6. Package List: Red Hat MRG Messaging v.3 for RHEL-7: Source: libdb-5.3.21-17.el7_0.1.src.rpm python-qpid-0.22-19.el7.src.rpm qpid-cpp-0.22-51.el7.src.rpm qpid-qmf-0.22-41.el7.src.rpm i386: python-qpid-qmf-0.22-41.el7.i686.rpm qpid-cpp-client-0.22-51.el7.i686.rpm qpid-cpp-client-devel-0.22-51.el7.i686.rpm qpid-cpp-client-rdma-0.22-51.el7.i686.rpm qpid-cpp-debuginfo-0.22-51.el7.i686.rpm qpid-cpp-server-0.22-51.el7.i686.rpm qpid-cpp-server-devel-0.22-51.el7.i686.rpm qpid-cpp-server-ha-0.22-51.el7.i686.rpm qpid-cpp-server-linearstore-0.22-51.el7.i686.rpm qpid-cpp-server-rdma-0.22-51.el7.i686.rpm qpid-qmf-0.22-41.el7.i686.rpm qpid-qmf-debuginfo-0.22-41.el7.i686.rpm qpid-qmf-devel-0.22-41.el7.i686.rpm ruby-qpid-qmf-0.22-41.el7.i686.rpm noarch: python-qpid-0.22-19.el7.noarch.rpm qpid-cpp-client-devel-docs-0.22-51.el7.noarch.rpm x86_64: libdb-cxx-5.3.21-17.el7_0.1.x86_64.rpm libdb-cxx-devel-5.3.21-17.el7_0.1.x86_64.rpm libdb-debuginfo-5.3.21-17.el7_0.1.x86_64.rpm python-qpid-qmf-0.22-41.el7.x86_64.rpm qpid-cpp-client-0.22-51.el7.i686.rpm qpid-cpp-client-0.22-51.el7.x86_64.rpm qpid-cpp-client-devel-0.22-51.el7.x86_64.rpm qpid-cpp-client-rdma-0.22-51.el7.x86_64.rpm qpid-cpp-debuginfo-0.22-51.el7.i686.rpm qpid-cpp-debuginfo-0.22-51.el7.x86_64.rpm qpid-cpp-server-0.22-51.el7.i686.rpm qpid-cpp-server-0.22-51.el7.x86_64.rpm qpid-cpp-server-devel-0.22-51.el7.x86_64.rpm qpid-cpp-server-ha-0.22-51.el7.x86_64.rpm qpid-cpp-server-linearstore-0.22-51.el7.x86_64.rpm qpid-cpp-server-rdma-0.22-51.el7.x86_64.rpm qpid-qmf-0.22-41.el7.i686.rpm qpid-qmf-0.22-41.el7.x86_64.rpm qpid-qmf-debuginfo-0.22-41.el7.i686.rpm qpid-qmf-debuginfo-0.22-41.el7.x86_64.rpm qpid-qmf-devel-0.22-41.el7.x86_64.rpm ruby-qpid-qmf-0.22-41.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0203 https://access.redhat.com/security/cve/CVE-2015-0223 https://access.redhat.com/security/cve/CVE-2015-0224 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVCwTyXlSAg2UNWIIRAo69AJ9SthhgeHbyh1f2bk3eelWdo4WsYQCfS1ov 2ylcOZ3PXVFXkDFb5bHMAcU= =ehWD -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 23 23:14:23 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 23 Mar 2015 23:14:23 +0000 Subject: [RHSA-2015:0715-01] Moderate: openssl security update Message-ID: <201503232314.t2NNEOG7016172@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security update Advisory ID: RHSA-2015:0715-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0715.html Issue date: 2015-03-23 CVE Names: CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 ===================================================================== 1. Summary: Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application. (CVE-2015-0286) An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292) A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293) A use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209) An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287) A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289) Red Hat would like to thank the OpenSSL project for reporting CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson of the OpenSSL development team as the original reporter of CVE-2015-0286, Emilia K?sper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia K?sper of the OpenSSL development team as the original reporters of CVE-2015-0293. All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1196737 - CVE-2015-0209 openssl: use-after-free on invalid EC private key import 1202366 - CVE-2015-0286 openssl: invalid pointer use in ASN1_TYPE_cmp() 1202380 - CVE-2015-0287 openssl: ASN.1 structure reuse memory corruption 1202384 - CVE-2015-0289 openssl: PKCS7 NULL pointer dereference 1202395 - CVE-2015-0292 openssl: integer underflow leading to buffer overflow in base64 decoding 1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers 1202418 - CVE-2015-0288 openssl: X509_to_X509_REQ NULL pointer dereference 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: openssl-1.0.1e-30.el6_6.7.src.rpm i386: openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm x86_64: openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm openssl-perl-1.0.1e-30.el6_6.7.i686.rpm openssl-static-1.0.1e-30.el6_6.7.i686.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-static-1.0.1e-30.el6_6.7.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: openssl-1.0.1e-30.el6_6.7.src.rpm x86_64: openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-static-1.0.1e-30.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: openssl-1.0.1e-30.el6_6.7.src.rpm i386: openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm ppc64: openssl-1.0.1e-30.el6_6.7.ppc.rpm openssl-1.0.1e-30.el6_6.7.ppc64.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.ppc.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.ppc64.rpm openssl-devel-1.0.1e-30.el6_6.7.ppc.rpm openssl-devel-1.0.1e-30.el6_6.7.ppc64.rpm s390x: openssl-1.0.1e-30.el6_6.7.s390.rpm openssl-1.0.1e-30.el6_6.7.s390x.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.s390.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.s390x.rpm openssl-devel-1.0.1e-30.el6_6.7.s390.rpm openssl-devel-1.0.1e-30.el6_6.7.s390x.rpm x86_64: openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-perl-1.0.1e-30.el6_6.7.i686.rpm openssl-static-1.0.1e-30.el6_6.7.i686.rpm ppc64: openssl-debuginfo-1.0.1e-30.el6_6.7.ppc64.rpm openssl-perl-1.0.1e-30.el6_6.7.ppc64.rpm openssl-static-1.0.1e-30.el6_6.7.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-30.el6_6.7.s390x.rpm openssl-perl-1.0.1e-30.el6_6.7.s390x.rpm openssl-static-1.0.1e-30.el6_6.7.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-static-1.0.1e-30.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: openssl-1.0.1e-30.el6_6.7.src.rpm i386: openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm x86_64: openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-perl-1.0.1e-30.el6_6.7.i686.rpm openssl-static-1.0.1e-30.el6_6.7.i686.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-static-1.0.1e-30.el6_6.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0209 https://access.redhat.com/security/cve/CVE-2015-0286 https://access.redhat.com/security/cve/CVE-2015-0287 https://access.redhat.com/security/cve/CVE-2015-0288 https://access.redhat.com/security/cve/CVE-2015-0289 https://access.redhat.com/security/cve/CVE-2015-0292 https://access.redhat.com/security/cve/CVE-2015-0293 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20150319.txt https://access.redhat.com/articles/1384453 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVEJ3JXlSAg2UNWIIRAsnPAJsFc2cGj1Hg8zbtE3wCCEj2hRaLaQCfaVRX z2xamw9PEJVbuKTXaQeLRmQ= =ZkF+ -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 23 23:16:41 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 23 Mar 2015 23:16:41 +0000 Subject: [RHSA-2015:0716-01] Moderate: openssl security and bug fix update Message-ID: <201503232316.t2NNGgms025638@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security and bug fix update Advisory ID: RHSA-2015:0716-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0716.html Issue date: 2015-03-23 CVE Names: CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 ===================================================================== 1. Summary: Updated openssl packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application. (CVE-2015-0286) An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292) A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293) A use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209) An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287) A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289) Red Hat would like to thank the OpenSSL project for reporting CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson of the OpenSSL development team as the original reporter of CVE-2015-0286, Emilia K?sper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia K?sper of the OpenSSL development team as the original reporters of CVE-2015-0293. This update also fixes the following bug: * When a wrapped Advanced Encryption Standard (AES) key did not require any padding, it was incorrectly padded with 8 bytes, which could lead to data corruption and interoperability problems. With this update, the rounding algorithm in the RFC 5649 key wrapping implementation has been fixed. As a result, the wrapped key conforms to the specification, which prevents the described problems. (BZ#1197667) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1196737 - CVE-2015-0209 openssl: use-after-free on invalid EC private key import 1202366 - CVE-2015-0286 openssl: invalid pointer use in ASN1_TYPE_cmp() 1202380 - CVE-2015-0287 openssl: ASN.1 structure reuse memory corruption 1202384 - CVE-2015-0289 openssl: PKCS7 NULL pointer dereference 1202395 - CVE-2015-0292 openssl: integer underflow leading to buffer overflow in base64 decoding 1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers 1202418 - CVE-2015-0288 openssl: X509_to_X509_REQ NULL pointer dereference 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: openssl-1.0.1e-42.el7_1.4.src.rpm x86_64: openssl-1.0.1e-42.el7_1.4.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.4.i686.rpm openssl-libs-1.0.1e-42.el7_1.4.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-42.el7_1.4.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.4.i686.rpm openssl-devel-1.0.1e-42.el7_1.4.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.4.x86_64.rpm openssl-static-1.0.1e-42.el7_1.4.i686.rpm openssl-static-1.0.1e-42.el7_1.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssl-1.0.1e-42.el7_1.4.src.rpm x86_64: openssl-1.0.1e-42.el7_1.4.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.4.i686.rpm openssl-libs-1.0.1e-42.el7_1.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-42.el7_1.4.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.4.i686.rpm openssl-devel-1.0.1e-42.el7_1.4.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.4.x86_64.rpm openssl-static-1.0.1e-42.el7_1.4.i686.rpm openssl-static-1.0.1e-42.el7_1.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl-1.0.1e-42.el7_1.4.src.rpm ppc64: openssl-1.0.1e-42.el7_1.4.ppc64.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.ppc.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.ppc64.rpm openssl-devel-1.0.1e-42.el7_1.4.ppc.rpm openssl-devel-1.0.1e-42.el7_1.4.ppc64.rpm openssl-libs-1.0.1e-42.el7_1.4.ppc.rpm openssl-libs-1.0.1e-42.el7_1.4.ppc64.rpm s390x: openssl-1.0.1e-42.el7_1.4.s390x.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.s390.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.s390x.rpm openssl-devel-1.0.1e-42.el7_1.4.s390.rpm openssl-devel-1.0.1e-42.el7_1.4.s390x.rpm openssl-libs-1.0.1e-42.el7_1.4.s390.rpm openssl-libs-1.0.1e-42.el7_1.4.s390x.rpm x86_64: openssl-1.0.1e-42.el7_1.4.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.4.i686.rpm openssl-devel-1.0.1e-42.el7_1.4.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.4.i686.rpm openssl-libs-1.0.1e-42.el7_1.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl-1.0.1e-42.ael7b_1.4.src.rpm ppc64le: openssl-1.0.1e-42.ael7b_1.4.ppc64le.rpm openssl-debuginfo-1.0.1e-42.ael7b_1.4.ppc64le.rpm openssl-devel-1.0.1e-42.ael7b_1.4.ppc64le.rpm openssl-libs-1.0.1e-42.ael7b_1.4.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: openssl-debuginfo-1.0.1e-42.el7_1.4.ppc.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.ppc64.rpm openssl-perl-1.0.1e-42.el7_1.4.ppc64.rpm openssl-static-1.0.1e-42.el7_1.4.ppc.rpm openssl-static-1.0.1e-42.el7_1.4.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-42.el7_1.4.s390.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.s390x.rpm openssl-perl-1.0.1e-42.el7_1.4.s390x.rpm openssl-static-1.0.1e-42.el7_1.4.s390.rpm openssl-static-1.0.1e-42.el7_1.4.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-42.el7_1.4.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.4.x86_64.rpm openssl-static-1.0.1e-42.el7_1.4.i686.rpm openssl-static-1.0.1e-42.el7_1.4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: openssl-debuginfo-1.0.1e-42.ael7b_1.4.ppc64le.rpm openssl-perl-1.0.1e-42.ael7b_1.4.ppc64le.rpm openssl-static-1.0.1e-42.ael7b_1.4.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssl-1.0.1e-42.el7_1.4.src.rpm x86_64: openssl-1.0.1e-42.el7_1.4.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.4.i686.rpm openssl-devel-1.0.1e-42.el7_1.4.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.4.i686.rpm openssl-libs-1.0.1e-42.el7_1.4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-42.el7_1.4.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.4.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.4.x86_64.rpm openssl-static-1.0.1e-42.el7_1.4.i686.rpm openssl-static-1.0.1e-42.el7_1.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0209 https://access.redhat.com/security/cve/CVE-2015-0286 https://access.redhat.com/security/cve/CVE-2015-0287 https://access.redhat.com/security/cve/CVE-2015-0288 https://access.redhat.com/security/cve/CVE-2015-0289 https://access.redhat.com/security/cve/CVE-2015-0292 https://access.redhat.com/security/cve/CVE-2015-0293 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVEJ57XlSAg2UNWIIRApBLAKCABezmWbiQOlAWY6b+K6zE75PL1gCeOwR2 3cNZhN5KoBB3VDTmN7uiuVo= =e+xE -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Mar 24 13:04:43 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 24 Mar 2015 13:04:43 +0000 Subject: [RHSA-2015:0718-01] Critical: firefox security update Message-ID: <201503241304.t2OD4inv014094@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2015:0718-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0718.html Issue date: 2015-03-24 CVE Names: CVE-2015-0817 CVE-2015-0818 ===================================================================== 1. Summary: Updated firefox packages that fix two security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0817, CVE-2015-0818) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges ilxu1a and Mariusz Mlynski as the original reporters of these issues. All Firefox users should upgrade to these updated packages, which contain Firefox version 31.5.3 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1204362 - CVE-2015-0817 Mozilla: Code execution through incorrect JavaScript bounds checking elimination (MFSA 2015-29) 1204363 - CVE-2015-0818 Mozilla: Privilege escalation through SVG navigation (MFSA 2015-28) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: firefox-31.5.3-1.el5_11.src.rpm i386: firefox-31.5.3-1.el5_11.i386.rpm firefox-debuginfo-31.5.3-1.el5_11.i386.rpm x86_64: firefox-31.5.3-1.el5_11.i386.rpm firefox-31.5.3-1.el5_11.x86_64.rpm firefox-debuginfo-31.5.3-1.el5_11.i386.rpm firefox-debuginfo-31.5.3-1.el5_11.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: firefox-31.5.3-1.el5_11.src.rpm i386: firefox-31.5.3-1.el5_11.i386.rpm firefox-debuginfo-31.5.3-1.el5_11.i386.rpm ia64: firefox-31.5.3-1.el5_11.ia64.rpm firefox-debuginfo-31.5.3-1.el5_11.ia64.rpm ppc: firefox-31.5.3-1.el5_11.ppc.rpm firefox-debuginfo-31.5.3-1.el5_11.ppc.rpm s390x: firefox-31.5.3-1.el5_11.s390.rpm firefox-31.5.3-1.el5_11.s390x.rpm firefox-debuginfo-31.5.3-1.el5_11.s390.rpm firefox-debuginfo-31.5.3-1.el5_11.s390x.rpm x86_64: firefox-31.5.3-1.el5_11.i386.rpm firefox-31.5.3-1.el5_11.x86_64.rpm firefox-debuginfo-31.5.3-1.el5_11.i386.rpm firefox-debuginfo-31.5.3-1.el5_11.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: firefox-31.5.3-1.el6_6.src.rpm i386: firefox-31.5.3-1.el6_6.i686.rpm firefox-debuginfo-31.5.3-1.el6_6.i686.rpm x86_64: firefox-31.5.3-1.el6_6.x86_64.rpm firefox-debuginfo-31.5.3-1.el6_6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): x86_64: firefox-31.5.3-1.el6_6.i686.rpm firefox-debuginfo-31.5.3-1.el6_6.i686.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: firefox-31.5.3-1.el6_6.src.rpm x86_64: firefox-31.5.3-1.el6_6.i686.rpm firefox-31.5.3-1.el6_6.x86_64.rpm firefox-debuginfo-31.5.3-1.el6_6.i686.rpm firefox-debuginfo-31.5.3-1.el6_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: firefox-31.5.3-1.el6_6.src.rpm i386: firefox-31.5.3-1.el6_6.i686.rpm firefox-debuginfo-31.5.3-1.el6_6.i686.rpm ppc64: firefox-31.5.3-1.el6_6.ppc64.rpm firefox-debuginfo-31.5.3-1.el6_6.ppc64.rpm s390x: firefox-31.5.3-1.el6_6.s390x.rpm firefox-debuginfo-31.5.3-1.el6_6.s390x.rpm x86_64: firefox-31.5.3-1.el6_6.x86_64.rpm firefox-debuginfo-31.5.3-1.el6_6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): ppc64: firefox-31.5.3-1.el6_6.ppc.rpm firefox-debuginfo-31.5.3-1.el6_6.ppc.rpm s390x: firefox-31.5.3-1.el6_6.s390.rpm firefox-debuginfo-31.5.3-1.el6_6.s390.rpm x86_64: firefox-31.5.3-1.el6_6.i686.rpm firefox-debuginfo-31.5.3-1.el6_6.i686.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: firefox-31.5.3-1.el6_6.src.rpm i386: firefox-31.5.3-1.el6_6.i686.rpm firefox-debuginfo-31.5.3-1.el6_6.i686.rpm x86_64: firefox-31.5.3-1.el6_6.x86_64.rpm firefox-debuginfo-31.5.3-1.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): x86_64: firefox-31.5.3-1.el6_6.i686.rpm firefox-debuginfo-31.5.3-1.el6_6.i686.rpm Red Hat Enterprise Linux Client (v. 7): Source: firefox-31.5.3-3.el7_1.src.rpm x86_64: firefox-31.5.3-3.el7_1.x86_64.rpm firefox-debuginfo-31.5.3-3.el7_1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: firefox-31.5.3-3.el7_1.i686.rpm firefox-debuginfo-31.5.3-3.el7_1.i686.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-31.5.3-3.el7_1.src.rpm ppc64: firefox-31.5.3-3.el7_1.ppc64.rpm firefox-debuginfo-31.5.3-3.el7_1.ppc64.rpm s390x: firefox-31.5.3-3.el7_1.s390x.rpm firefox-debuginfo-31.5.3-3.el7_1.s390x.rpm x86_64: firefox-31.5.3-3.el7_1.x86_64.rpm firefox-debuginfo-31.5.3-3.el7_1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-31.5.3-3.ael7b_1.src.rpm ppc64le: firefox-31.5.3-3.ael7b_1.ppc64le.rpm firefox-debuginfo-31.5.3-3.ael7b_1.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: firefox-31.5.3-3.el7_1.ppc.rpm firefox-debuginfo-31.5.3-3.el7_1.ppc.rpm s390x: firefox-31.5.3-3.el7_1.s390.rpm firefox-debuginfo-31.5.3-3.el7_1.s390.rpm x86_64: firefox-31.5.3-3.el7_1.i686.rpm firefox-debuginfo-31.5.3-3.el7_1.i686.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: firefox-31.5.3-3.el7_1.src.rpm x86_64: firefox-31.5.3-3.el7_1.x86_64.rpm firefox-debuginfo-31.5.3-3.el7_1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: firefox-31.5.3-3.el7_1.i686.rpm firefox-debuginfo-31.5.3-3.el7_1.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0817 https://access.redhat.com/security/cve/CVE-2015-0818 https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5.3 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVEWCpXlSAg2UNWIIRAv/IAJ0Xn7FIj2kgdHevbO28vbUBczND1gCgjzFc JqfEIetRJGSYCddpQmeeAeE= =W7jJ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 26 17:03:27 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 26 Mar 2015 17:03:27 +0000 Subject: [RHSA-2015:0726-01] Important: kernel security and bug fix update Message-ID: <201503261703.t2QH3SUp025434@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2015:0726-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0726.html Issue date: 2015-03-26 CVE Names: CVE-2014-8159 CVE-2015-1421 ===================================================================== 1. Summary: Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1421, Important) Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue. The CVE-2015-1421 issue was discovered by Sun Baoliang of Red Hat. This update also fixes the following bugs: * In certain systems with multiple CPUs, when a crash was triggered on one CPU with an interrupt handler and this CPU sent Non-Maskable Interrupt (NMI) to another CPU, and, at the same time, ioapic_lock had already been acquired, a deadlock occurred in ioapic_lock. As a consequence, the kdump service could become unresponsive. This bug has been fixed and kdump now works as expected. (BZ#1197742) * On Lenovo X1 Carbon 3rd Gen, X250, and T550 laptops, the thinkpad_acpi module was not properly loaded, and thus the function keys and radio switches did not work. This update applies a new string pattern of BIOS version, which fixes this bug, and function keys and radio switches now work as intended. (BZ#1197743) * During a heavy file system load involving many worker threads, all worker threads in the pool became blocked on a resource, and no manager thread existed to create more workers. As a consequence, the running processes became unresponsive. With this update, the logic around manager creation has been changed to assure that the last worker thread becomes a manager thread and does not start executing work items. Now, a manager thread exists, spawns new workers as needed, and processes no longer hang. (BZ#1197744) * If a thin-pool's metadata enters read-only or fail mode, for example, due to thin-pool running out of metadata or data space, any attempt to make metadata changes such as creating a thin device or snapshot thin device should error out cleanly. However, previously, the kernel code returned verbose and alarming error messages to the user. With this update, due to early trapping of attempt to make metadata changes, informative errors are displayed, no longer unnecessarily alarming the user. (BZ#1197745) * When running Red Hat Enterprise Linux as a guest on Microsoft Hyper-V hypervisor, the storvsc module did not return the correct error code for the upper level Small Computer System Interface (SCSI) subsystem. As a consequence, a SCSI command failed and storvsc did not handle such a failure properly under some conditions, for example, when RAID devices were created on top of storvsc devices. An upstream patch has been applied to fix this bug, and storvsc now returns the correct error code in the described situation. (BZ#1197749) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1181166 - CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access 1196581 - CVE-2015-1421 kernel: net: slab corruption from use after free on INIT collisions 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-229.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.1.2.el7.noarch.rpm kernel-doc-3.10.0-229.1.2.el7.noarch.rpm x86_64: kernel-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.1.2.el7.x86_64.rpm kernel-devel-3.10.0-229.1.2.el7.x86_64.rpm kernel-headers-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-229.1.2.el7.x86_64.rpm perf-3.10.0-229.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-229.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm python-perf-3.10.0-229.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-229.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.1.2.el7.noarch.rpm kernel-doc-3.10.0-229.1.2.el7.noarch.rpm x86_64: kernel-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.1.2.el7.x86_64.rpm kernel-devel-3.10.0-229.1.2.el7.x86_64.rpm kernel-headers-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-229.1.2.el7.x86_64.rpm perf-3.10.0-229.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-229.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm python-perf-3.10.0-229.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-229.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.1.2.el7.noarch.rpm kernel-doc-3.10.0-229.1.2.el7.noarch.rpm ppc64: kernel-3.10.0-229.1.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-229.1.2.el7.ppc64.rpm kernel-debug-3.10.0-229.1.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-229.1.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-229.1.2.el7.ppc64.rpm kernel-devel-3.10.0-229.1.2.el7.ppc64.rpm kernel-headers-3.10.0-229.1.2.el7.ppc64.rpm kernel-tools-3.10.0-229.1.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-229.1.2.el7.ppc64.rpm perf-3.10.0-229.1.2.el7.ppc64.rpm perf-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm s390x: kernel-3.10.0-229.1.2.el7.s390x.rpm kernel-debug-3.10.0-229.1.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-229.1.2.el7.s390x.rpm kernel-debug-devel-3.10.0-229.1.2.el7.s390x.rpm kernel-debuginfo-3.10.0-229.1.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-229.1.2.el7.s390x.rpm kernel-devel-3.10.0-229.1.2.el7.s390x.rpm kernel-headers-3.10.0-229.1.2.el7.s390x.rpm kernel-kdump-3.10.0-229.1.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-229.1.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-229.1.2.el7.s390x.rpm perf-3.10.0-229.1.2.el7.s390x.rpm perf-debuginfo-3.10.0-229.1.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.s390x.rpm x86_64: kernel-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.1.2.el7.x86_64.rpm kernel-devel-3.10.0-229.1.2.el7.x86_64.rpm kernel-headers-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-229.1.2.el7.x86_64.rpm perf-3.10.0-229.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-229.1.2.ael7b.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.1.2.ael7b.noarch.rpm kernel-doc-3.10.0-229.1.2.ael7b.noarch.rpm ppc64le: kernel-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-bootwrapper-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-debug-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-debug-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-devel-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-headers-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-tools-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-tools-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-tools-libs-3.10.0-229.1.2.ael7b.ppc64le.rpm perf-3.10.0-229.1.2.ael7b.ppc64le.rpm perf-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm python-perf-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: kernel-debug-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-229.1.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-229.1.2.el7.ppc64.rpm perf-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm python-perf-3.10.0-229.1.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.ppc64.rpm s390x: kernel-debug-debuginfo-3.10.0-229.1.2.el7.s390x.rpm kernel-debuginfo-3.10.0-229.1.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-229.1.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-229.1.2.el7.s390x.rpm perf-debuginfo-3.10.0-229.1.2.el7.s390x.rpm python-perf-3.10.0-229.1.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.s390x.rpm x86_64: kernel-debug-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-229.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm python-perf-3.10.0-229.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: kernel-debug-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-debug-devel-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-tools-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm kernel-tools-libs-devel-3.10.0-229.1.2.ael7b.ppc64le.rpm perf-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm python-perf-3.10.0-229.1.2.ael7b.ppc64le.rpm python-perf-debuginfo-3.10.0-229.1.2.ael7b.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-229.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-229.1.2.el7.noarch.rpm kernel-doc-3.10.0-229.1.2.el7.noarch.rpm x86_64: kernel-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.1.2.el7.x86_64.rpm kernel-devel-3.10.0-229.1.2.el7.x86_64.rpm kernel-headers-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-229.1.2.el7.x86_64.rpm perf-3.10.0-229.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-229.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm python-perf-3.10.0-229.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-229.1.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8159 https://access.redhat.com/security/cve/CVE-2015-1421 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVFDu7XlSAg2UNWIIRAhe0AJ0VXKx7TOIorm2vi6olS9ZKPbMLoACgl+C0 j2J3dgr4aWVyWTjAKfupViY= =FAcH -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 26 17:07:17 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 26 Mar 2015 17:07:17 +0000 Subject: [RHSA-2015:0727-01] Important: kernel-rt security and bug fix update Message-ID: <201503261707.t2QH7IEh012521@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2015:0727-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0727.html Issue date: 2015-03-26 CVE Names: CVE-2014-8159 CVE-2015-1421 ===================================================================== 1. Summary: Updated kernel-rt packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64 3. Description: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1421, Important) Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue. The CVE-2015-1421 issue was discovered by Sun Baoliang of Red Hat. The kernel-rt packages have been upgraded to version 3.10.0-229.1.2, which provides a number of bug fixes over the previous version, including: * The kdump service could become unresponsive due to a deadlock in the kernel call ioapic_lock. * Attempt to make metadata changes such as creating a thin device or snapshot thin device did not error out cleanly. (BZ#1203359) All kernel-rt users are advised to upgrade to these updated packages, which correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1181166 - CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access 1196581 - CVE-2015-1421 kernel: net: slab corruption from use after free on INIT collisions 1203359 - kernel-rt: rebase tree to match RHEL7.1.z source tree 6. Package List: Red Hat Enterprise Linux Realtime (v. 7): Source: kernel-rt-3.10.0-229.1.2.rt56.141.2.el7_1.src.rpm noarch: kernel-rt-doc-3.10.0-229.1.2.rt56.141.2.el7_1.noarch.rpm x86_64: kernel-rt-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-debug-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-debug-devel-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-debuginfo-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-devel-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-trace-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm kernel-rt-trace-devel-3.10.0-229.1.2.rt56.141.2.el7_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8159 https://access.redhat.com/security/cve/CVE-2015-1421 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVFDxrXlSAg2UNWIIRAr9mAJoC5yKhI74fTrjK9PLUHnDCcqz/igCfT0JT 6qNG7FdZXJVK6SYqwy6QX6U= =9e7R -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 26 17:08:51 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 26 Mar 2015 17:08:51 +0000 Subject: [RHSA-2015:0728-01] Moderate: ipa and slapi-nis security and bug fix update Message-ID: <201503261708.t2QH8qYe023435@int-mx13.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ipa and slapi-nis security and bug fix update Advisory ID: RHSA-2015:0728-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0728.html Issue date: 2015-03-26 CVE Names: CVE-2015-0283 CVE-2015-1827 ===================================================================== 1. Summary: Updated ipa and slapi-nis packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP, and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large-scale Linux and UNIX deployments. The ipa component provides centrally managed Identity, Policy, and Audit. The slapi-nis component provides NIS Server and Schema Compatibility plug-ins for Directory Server. It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash. (CVE-2015-1827) It was discovered that the slapi-nis Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for information about a group with many members, or a request for a user that belongs to a large number of groups, would cause a Directory Server to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2015-0283) These issues were discovered by Sumit Bose of Red Hat. This update fixes the following bugs: * Previously, users of IdM were not properly granted the default permission to read the "facsimiletelephonenumber" user attribute. This update adds "facsimiletelephonenumber" to the Access Control Instruction (ACI) for user data, which makes the attribute readable to authenticated users as expected. (BZ#1198430) * Prior to this update, when a DNS zone was saved in an LDAP database without a dot character (.) at the end, internal DNS commands and operations, such as dnsrecord-* or dnszone-*, failed. With this update, DNS commands always supply the DNS zone with a dot character at the end, which prevents the described problem. (BZ#1198431) * After a full-server IdM restore operation, the restored server in some cases contained invalid data. In addition, if the restored server was used to reinitialize a replica, the replica then contained invalid data as well. To fix this problem, the IdM API is now created correctly during the restore operation, and *.ldif files are not skipped during the removal of RUV data. As a result, the restored server and its replica no longer contain invalid data. (BZ#1199060) * Previously, a deadlock in some cases occurred during an IdM upgrade, which could cause the IdM server to become unresponsive. With this update, the Schema Compatibility plug-in has been adjusted not to parse the subtree that contains the configuration of the DNA plug-in, which prevents this deadlock from triggering. (BZ#1199128) * When using the extdom plug-in of IdM to handle large groups, user lookups and group lookups previously failed due to insufficient buffer size. With this update, the getgrgid_r() call gradually increases the buffer length if needed, and the described failure of extdom thus no longer occurs. (BZ#1203204) Users of ipa and slapi-nis are advised to upgrade to these updated packages, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1195729 - CVE-2015-0283 slapi-nis: infinite loop in getgrnam_r() and getgrgid_r() 1198430 - Fax number not displayed for user-show when kinit'ed as normal user. 1198431 - "an internal error has occurred" during ipa host-del --updatedns 1199060 - Replication agreement with replica not disabled when ipa-restore done without IPA installed 1199128 - Limit deadlocks between DS plugin DNA and slapi-nis 1205200 - CVE-2015-1827 ipa: memory corruption when using get_user_grouplist() 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: ipa-4.1.0-18.el7_1.3.src.rpm x86_64: ipa-client-4.1.0-18.el7_1.3.x86_64.rpm ipa-debuginfo-4.1.0-18.el7_1.3.x86_64.rpm ipa-python-4.1.0-18.el7_1.3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): Source: slapi-nis-0.54-3.el7_1.src.rpm x86_64: ipa-admintools-4.1.0-18.el7_1.3.x86_64.rpm ipa-debuginfo-4.1.0-18.el7_1.3.x86_64.rpm ipa-server-4.1.0-18.el7_1.3.x86_64.rpm ipa-server-trust-ad-4.1.0-18.el7_1.3.x86_64.rpm slapi-nis-0.54-3.el7_1.x86_64.rpm slapi-nis-debuginfo-0.54-3.el7_1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: ipa-4.1.0-18.el7_1.3.src.rpm x86_64: ipa-client-4.1.0-18.el7_1.3.x86_64.rpm ipa-debuginfo-4.1.0-18.el7_1.3.x86_64.rpm ipa-python-4.1.0-18.el7_1.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: slapi-nis-0.54-3.el7_1.src.rpm x86_64: ipa-admintools-4.1.0-18.el7_1.3.x86_64.rpm ipa-debuginfo-4.1.0-18.el7_1.3.x86_64.rpm ipa-server-4.1.0-18.el7_1.3.x86_64.rpm ipa-server-trust-ad-4.1.0-18.el7_1.3.x86_64.rpm slapi-nis-0.54-3.el7_1.x86_64.rpm slapi-nis-debuginfo-0.54-3.el7_1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ipa-4.1.0-18.el7_1.3.src.rpm slapi-nis-0.54-3.el7_1.src.rpm ppc64: ipa-client-4.1.0-18.el7_1.3.ppc64.rpm ipa-debuginfo-4.1.0-18.el7_1.3.ppc64.rpm ipa-python-4.1.0-18.el7_1.3.ppc64.rpm s390x: ipa-client-4.1.0-18.el7_1.3.s390x.rpm ipa-debuginfo-4.1.0-18.el7_1.3.s390x.rpm ipa-python-4.1.0-18.el7_1.3.s390x.rpm x86_64: ipa-admintools-4.1.0-18.el7_1.3.x86_64.rpm ipa-client-4.1.0-18.el7_1.3.x86_64.rpm ipa-debuginfo-4.1.0-18.el7_1.3.x86_64.rpm ipa-python-4.1.0-18.el7_1.3.x86_64.rpm ipa-server-4.1.0-18.el7_1.3.x86_64.rpm ipa-server-trust-ad-4.1.0-18.el7_1.3.x86_64.rpm slapi-nis-0.54-3.el7_1.x86_64.rpm slapi-nis-debuginfo-0.54-3.el7_1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ipa-4.1.0-18.ael7b_1.3.src.rpm slapi-nis-0.54-3.ael7b_1.src.rpm ppc64le: ipa-admintools-4.1.0-18.ael7b_1.3.ppc64le.rpm ipa-client-4.1.0-18.ael7b_1.3.ppc64le.rpm ipa-debuginfo-4.1.0-18.ael7b_1.3.ppc64le.rpm ipa-python-4.1.0-18.ael7b_1.3.ppc64le.rpm slapi-nis-0.54-3.ael7b_1.ppc64le.rpm slapi-nis-debuginfo-0.54-3.ael7b_1.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: ipa-admintools-4.1.0-18.el7_1.3.ppc64.rpm ipa-debuginfo-4.1.0-18.el7_1.3.ppc64.rpm s390x: ipa-admintools-4.1.0-18.el7_1.3.s390x.rpm ipa-debuginfo-4.1.0-18.el7_1.3.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ipa-4.1.0-18.el7_1.3.src.rpm slapi-nis-0.54-3.el7_1.src.rpm x86_64: ipa-admintools-4.1.0-18.el7_1.3.x86_64.rpm ipa-client-4.1.0-18.el7_1.3.x86_64.rpm ipa-debuginfo-4.1.0-18.el7_1.3.x86_64.rpm ipa-python-4.1.0-18.el7_1.3.x86_64.rpm ipa-server-4.1.0-18.el7_1.3.x86_64.rpm ipa-server-trust-ad-4.1.0-18.el7_1.3.x86_64.rpm slapi-nis-0.54-3.el7_1.x86_64.rpm slapi-nis-debuginfo-0.54-3.el7_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0283 https://access.redhat.com/security/cve/CVE-2015-1827 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVFDz8XlSAg2UNWIIRAvgUAJ9U0eyenVvxsLHHI9au97GRESR+xwCgwc4m jbpHQeTlpEla/QvB1RMD0BM= =qyzj -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 26 17:10:54 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 26 Mar 2015 17:10:54 +0000 Subject: [RHSA-2015:0729-01] Important: setroubleshoot security update Message-ID: <201503261710.t2QHAtI6017837@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: setroubleshoot security update Advisory ID: RHSA-2015:0729-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0729.html Issue date: 2015-03-26 CVE Names: CVE-2015-1815 ===================================================================== 1. Summary: Updated setroubleshoot packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - noarch Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - noarch Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache (AVC) messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. It was found that setroubleshoot did not sanitize file names supplied in a shell command look-up for RPMs associated with access violation reports. An attacker could use this flaw to escalate their privileges on the system by supplying a specially crafted file to the underlying shell command. (CVE-2015-1815) Red Hat would like to thank Sebastian Krahmer of the SUSE Security Team for reporting this issue. All setroubleshoot users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1203352 - CVE-2015-1815 setroubleshoot: command injection via crafted file name 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: setroubleshoot-2.0.5-7.el5_11.src.rpm noarch: setroubleshoot-2.0.5-7.el5_11.noarch.rpm setroubleshoot-server-2.0.5-7.el5_11.noarch.rpm Red Hat Enterprise Linux (v. 5 server): Source: setroubleshoot-2.0.5-7.el5_11.src.rpm noarch: setroubleshoot-2.0.5-7.el5_11.noarch.rpm setroubleshoot-server-2.0.5-7.el5_11.noarch.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: setroubleshoot-3.0.47-6.el6_6.1.src.rpm i386: setroubleshoot-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-debuginfo-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-server-3.0.47-6.el6_6.1.i686.rpm x86_64: setroubleshoot-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-debuginfo-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-server-3.0.47-6.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: setroubleshoot-debuginfo-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-doc-3.0.47-6.el6_6.1.i686.rpm x86_64: setroubleshoot-debuginfo-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-doc-3.0.47-6.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: setroubleshoot-3.0.47-6.el6_6.1.src.rpm i386: setroubleshoot-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-debuginfo-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-server-3.0.47-6.el6_6.1.i686.rpm ppc64: setroubleshoot-3.0.47-6.el6_6.1.ppc64.rpm setroubleshoot-debuginfo-3.0.47-6.el6_6.1.ppc64.rpm setroubleshoot-server-3.0.47-6.el6_6.1.ppc64.rpm s390x: setroubleshoot-3.0.47-6.el6_6.1.s390x.rpm setroubleshoot-debuginfo-3.0.47-6.el6_6.1.s390x.rpm setroubleshoot-server-3.0.47-6.el6_6.1.s390x.rpm x86_64: setroubleshoot-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-debuginfo-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-server-3.0.47-6.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: setroubleshoot-debuginfo-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-doc-3.0.47-6.el6_6.1.i686.rpm ppc64: setroubleshoot-debuginfo-3.0.47-6.el6_6.1.ppc64.rpm setroubleshoot-doc-3.0.47-6.el6_6.1.ppc64.rpm s390x: setroubleshoot-debuginfo-3.0.47-6.el6_6.1.s390x.rpm setroubleshoot-doc-3.0.47-6.el6_6.1.s390x.rpm x86_64: setroubleshoot-debuginfo-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-doc-3.0.47-6.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: setroubleshoot-3.0.47-6.el6_6.1.src.rpm i386: setroubleshoot-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-debuginfo-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-server-3.0.47-6.el6_6.1.i686.rpm x86_64: setroubleshoot-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-debuginfo-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-server-3.0.47-6.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: setroubleshoot-debuginfo-3.0.47-6.el6_6.1.i686.rpm setroubleshoot-doc-3.0.47-6.el6_6.1.i686.rpm x86_64: setroubleshoot-debuginfo-3.0.47-6.el6_6.1.x86_64.rpm setroubleshoot-doc-3.0.47-6.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: setroubleshoot-3.2.17-4.1.el7_1.src.rpm x86_64: setroubleshoot-3.2.17-4.1.el7_1.x86_64.rpm setroubleshoot-debuginfo-3.2.17-4.1.el7_1.x86_64.rpm setroubleshoot-server-3.2.17-4.1.el7_1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: setroubleshoot-3.2.17-4.1.el7_1.src.rpm ppc64: setroubleshoot-3.2.17-4.1.el7_1.ppc64.rpm setroubleshoot-debuginfo-3.2.17-4.1.el7_1.ppc64.rpm setroubleshoot-server-3.2.17-4.1.el7_1.ppc64.rpm s390x: setroubleshoot-3.2.17-4.1.el7_1.s390x.rpm setroubleshoot-debuginfo-3.2.17-4.1.el7_1.s390x.rpm setroubleshoot-server-3.2.17-4.1.el7_1.s390x.rpm x86_64: setroubleshoot-3.2.17-4.1.el7_1.x86_64.rpm setroubleshoot-debuginfo-3.2.17-4.1.el7_1.x86_64.rpm setroubleshoot-server-3.2.17-4.1.el7_1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: setroubleshoot-3.2.17-4.1.ael7b_1.src.rpm ppc64le: setroubleshoot-3.2.17-4.1.ael7b_1.ppc64le.rpm setroubleshoot-debuginfo-3.2.17-4.1.ael7b_1.ppc64le.rpm setroubleshoot-server-3.2.17-4.1.ael7b_1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: setroubleshoot-3.2.17-4.1.el7_1.src.rpm x86_64: setroubleshoot-3.2.17-4.1.el7_1.x86_64.rpm setroubleshoot-debuginfo-3.2.17-4.1.el7_1.x86_64.rpm setroubleshoot-server-3.2.17-4.1.el7_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-1815 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVFD1uXlSAg2UNWIIRAuzXAJ0chHa+GhzjWfuzIPJqetSPZGBHnwCeLvgf PQHMUAYE8btQS2923pjzVXk= =rmWi -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 30 11:55:14 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Mar 2015 11:55:14 +0000 Subject: [RHSA-2015:0749-01] Moderate: libxml2 security update Message-ID: <201503301155.t2UBtF3k032061@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libxml2 security update Advisory ID: RHSA-2015:0749-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0749.html Issue date: 2015-03-30 CVE Names: CVE-2014-0191 ===================================================================== 1. Summary: Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1090976 - CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libxml2-2.9.1-5.el7_1.2.src.rpm x86_64: libxml2-2.9.1-5.el7_1.2.i686.rpm libxml2-2.9.1-5.el7_1.2.x86_64.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm libxml2-python-2.9.1-5.el7_1.2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm libxml2-devel-2.9.1-5.el7_1.2.i686.rpm libxml2-devel-2.9.1-5.el7_1.2.x86_64.rpm libxml2-static-2.9.1-5.el7_1.2.i686.rpm libxml2-static-2.9.1-5.el7_1.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libxml2-2.9.1-5.el7_1.2.src.rpm x86_64: libxml2-2.9.1-5.el7_1.2.i686.rpm libxml2-2.9.1-5.el7_1.2.x86_64.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm libxml2-python-2.9.1-5.el7_1.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm libxml2-devel-2.9.1-5.el7_1.2.i686.rpm libxml2-devel-2.9.1-5.el7_1.2.x86_64.rpm libxml2-static-2.9.1-5.el7_1.2.i686.rpm libxml2-static-2.9.1-5.el7_1.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-5.el7_1.2.src.rpm ppc64: libxml2-2.9.1-5.el7_1.2.ppc.rpm libxml2-2.9.1-5.el7_1.2.ppc64.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.ppc.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.ppc64.rpm libxml2-devel-2.9.1-5.el7_1.2.ppc.rpm libxml2-devel-2.9.1-5.el7_1.2.ppc64.rpm libxml2-python-2.9.1-5.el7_1.2.ppc64.rpm s390x: libxml2-2.9.1-5.el7_1.2.s390.rpm libxml2-2.9.1-5.el7_1.2.s390x.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.s390.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.s390x.rpm libxml2-devel-2.9.1-5.el7_1.2.s390.rpm libxml2-devel-2.9.1-5.el7_1.2.s390x.rpm libxml2-python-2.9.1-5.el7_1.2.s390x.rpm x86_64: libxml2-2.9.1-5.el7_1.2.i686.rpm libxml2-2.9.1-5.el7_1.2.x86_64.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm libxml2-devel-2.9.1-5.el7_1.2.i686.rpm libxml2-devel-2.9.1-5.el7_1.2.x86_64.rpm libxml2-python-2.9.1-5.el7_1.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-5.ael7b_1.2.src.rpm ppc64le: libxml2-2.9.1-5.ael7b_1.2.ppc64le.rpm libxml2-debuginfo-2.9.1-5.ael7b_1.2.ppc64le.rpm libxml2-devel-2.9.1-5.ael7b_1.2.ppc64le.rpm libxml2-python-2.9.1-5.ael7b_1.2.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libxml2-debuginfo-2.9.1-5.el7_1.2.ppc.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.ppc64.rpm libxml2-static-2.9.1-5.el7_1.2.ppc.rpm libxml2-static-2.9.1-5.el7_1.2.ppc64.rpm s390x: libxml2-debuginfo-2.9.1-5.el7_1.2.s390.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.s390x.rpm libxml2-static-2.9.1-5.el7_1.2.s390.rpm libxml2-static-2.9.1-5.el7_1.2.s390x.rpm x86_64: libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm libxml2-static-2.9.1-5.el7_1.2.i686.rpm libxml2-static-2.9.1-5.el7_1.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: libxml2-debuginfo-2.9.1-5.ael7b_1.2.ppc64le.rpm libxml2-static-2.9.1-5.ael7b_1.2.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libxml2-2.9.1-5.el7_1.2.src.rpm x86_64: libxml2-2.9.1-5.el7_1.2.i686.rpm libxml2-2.9.1-5.el7_1.2.x86_64.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm libxml2-devel-2.9.1-5.el7_1.2.i686.rpm libxml2-devel-2.9.1-5.el7_1.2.x86_64.rpm libxml2-python-2.9.1-5.el7_1.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-5.el7_1.2.i686.rpm libxml2-debuginfo-2.9.1-5.el7_1.2.x86_64.rpm libxml2-static-2.9.1-5.el7_1.2.i686.rpm libxml2-static-2.9.1-5.el7_1.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0191 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVGTkPXlSAg2UNWIIRAo/gAKCcOD7SEQnpEtBBgs9gDvL5ZewA8gCcCb2f HODby+4nhhIioBESdsa5rj0= =D+jH -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 30 11:57:17 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Mar 2015 11:57:17 +0000 Subject: [RHSA-2015:0750-01] Moderate: postgresql security update Message-ID: <201503301157.t2UBvIV4010899@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2015:0750-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0750.html Issue date: 2015-03-30 CVE Names: CVE-2014-8161 CVE-2015-0241 CVE-2015-0243 CVE-2015-0244 ===================================================================== 1. Summary: Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the query was executed. (CVE-2014-8161) A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2015-0241) A stack-buffer overflow flaw was found in PostgreSQL's pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2015-0243) A flaw was found in the way PostgreSQL handled certain errors that were generated during protocol synchronization. An authenticated database user could use this flaw to inject queries into an existing connection. (CVE-2015-0244) Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Stephen Frost as the original reporter of CVE-2014-8161; Andres Freund, Peter Geoghegan, Bernd Helmle, and Noah Misch as the original reporters of CVE-2015-0241; Marko Tiikkaja as the original reporter of CVE-2015-0243; and Emil Lenngren as the original reporter of CVE-2015-0244. All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1182043 - CVE-2014-8161 postgresql: information leak through constraint violation errors 1188684 - CVE-2015-0241 postgresql: buffer overflow in the to_char() function 1188689 - CVE-2015-0243 postgresql: buffer overflow flaws in contrib/pgcrypto 1188694 - CVE-2015-0244 postgresql: loss of frontend/backend protocol synchronization after an error 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: postgresql-8.4.20-2.el6_6.src.rpm i386: postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-libs-8.4.20-2.el6_6.i686.rpm x86_64: postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.x86_64.rpm postgresql-libs-8.4.20-2.el6_6.i686.rpm postgresql-libs-8.4.20-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: postgresql-8.4.20-2.el6_6.i686.rpm postgresql-contrib-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-devel-8.4.20-2.el6_6.i686.rpm postgresql-docs-8.4.20-2.el6_6.i686.rpm postgresql-plperl-8.4.20-2.el6_6.i686.rpm postgresql-plpython-8.4.20-2.el6_6.i686.rpm postgresql-pltcl-8.4.20-2.el6_6.i686.rpm postgresql-server-8.4.20-2.el6_6.i686.rpm postgresql-test-8.4.20-2.el6_6.i686.rpm x86_64: postgresql-8.4.20-2.el6_6.i686.rpm postgresql-8.4.20-2.el6_6.x86_64.rpm postgresql-contrib-8.4.20-2.el6_6.x86_64.rpm postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.x86_64.rpm postgresql-devel-8.4.20-2.el6_6.i686.rpm postgresql-devel-8.4.20-2.el6_6.x86_64.rpm postgresql-docs-8.4.20-2.el6_6.x86_64.rpm postgresql-plperl-8.4.20-2.el6_6.x86_64.rpm postgresql-plpython-8.4.20-2.el6_6.x86_64.rpm postgresql-pltcl-8.4.20-2.el6_6.x86_64.rpm postgresql-server-8.4.20-2.el6_6.x86_64.rpm postgresql-test-8.4.20-2.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: postgresql-8.4.20-2.el6_6.src.rpm x86_64: postgresql-8.4.20-2.el6_6.i686.rpm postgresql-8.4.20-2.el6_6.x86_64.rpm postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.x86_64.rpm postgresql-libs-8.4.20-2.el6_6.i686.rpm postgresql-libs-8.4.20-2.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: postgresql-contrib-8.4.20-2.el6_6.x86_64.rpm postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.x86_64.rpm postgresql-devel-8.4.20-2.el6_6.i686.rpm postgresql-devel-8.4.20-2.el6_6.x86_64.rpm postgresql-docs-8.4.20-2.el6_6.x86_64.rpm postgresql-plperl-8.4.20-2.el6_6.x86_64.rpm postgresql-plpython-8.4.20-2.el6_6.x86_64.rpm postgresql-pltcl-8.4.20-2.el6_6.x86_64.rpm postgresql-server-8.4.20-2.el6_6.x86_64.rpm postgresql-test-8.4.20-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: postgresql-8.4.20-2.el6_6.src.rpm i386: postgresql-8.4.20-2.el6_6.i686.rpm postgresql-contrib-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-devel-8.4.20-2.el6_6.i686.rpm postgresql-docs-8.4.20-2.el6_6.i686.rpm postgresql-libs-8.4.20-2.el6_6.i686.rpm postgresql-plperl-8.4.20-2.el6_6.i686.rpm postgresql-plpython-8.4.20-2.el6_6.i686.rpm postgresql-pltcl-8.4.20-2.el6_6.i686.rpm postgresql-server-8.4.20-2.el6_6.i686.rpm postgresql-test-8.4.20-2.el6_6.i686.rpm ppc64: postgresql-8.4.20-2.el6_6.ppc.rpm postgresql-8.4.20-2.el6_6.ppc64.rpm postgresql-contrib-8.4.20-2.el6_6.ppc64.rpm postgresql-debuginfo-8.4.20-2.el6_6.ppc.rpm postgresql-debuginfo-8.4.20-2.el6_6.ppc64.rpm postgresql-devel-8.4.20-2.el6_6.ppc.rpm postgresql-devel-8.4.20-2.el6_6.ppc64.rpm postgresql-docs-8.4.20-2.el6_6.ppc64.rpm postgresql-libs-8.4.20-2.el6_6.ppc.rpm postgresql-libs-8.4.20-2.el6_6.ppc64.rpm postgresql-plperl-8.4.20-2.el6_6.ppc64.rpm postgresql-plpython-8.4.20-2.el6_6.ppc64.rpm postgresql-pltcl-8.4.20-2.el6_6.ppc64.rpm postgresql-server-8.4.20-2.el6_6.ppc64.rpm postgresql-test-8.4.20-2.el6_6.ppc64.rpm s390x: postgresql-8.4.20-2.el6_6.s390.rpm postgresql-8.4.20-2.el6_6.s390x.rpm postgresql-contrib-8.4.20-2.el6_6.s390x.rpm postgresql-debuginfo-8.4.20-2.el6_6.s390.rpm postgresql-debuginfo-8.4.20-2.el6_6.s390x.rpm postgresql-devel-8.4.20-2.el6_6.s390.rpm postgresql-devel-8.4.20-2.el6_6.s390x.rpm postgresql-docs-8.4.20-2.el6_6.s390x.rpm postgresql-libs-8.4.20-2.el6_6.s390.rpm postgresql-libs-8.4.20-2.el6_6.s390x.rpm postgresql-plperl-8.4.20-2.el6_6.s390x.rpm postgresql-plpython-8.4.20-2.el6_6.s390x.rpm postgresql-pltcl-8.4.20-2.el6_6.s390x.rpm postgresql-server-8.4.20-2.el6_6.s390x.rpm postgresql-test-8.4.20-2.el6_6.s390x.rpm x86_64: postgresql-8.4.20-2.el6_6.i686.rpm postgresql-8.4.20-2.el6_6.x86_64.rpm postgresql-contrib-8.4.20-2.el6_6.x86_64.rpm postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.x86_64.rpm postgresql-devel-8.4.20-2.el6_6.i686.rpm postgresql-devel-8.4.20-2.el6_6.x86_64.rpm postgresql-docs-8.4.20-2.el6_6.x86_64.rpm postgresql-libs-8.4.20-2.el6_6.i686.rpm postgresql-libs-8.4.20-2.el6_6.x86_64.rpm postgresql-plperl-8.4.20-2.el6_6.x86_64.rpm postgresql-plpython-8.4.20-2.el6_6.x86_64.rpm postgresql-pltcl-8.4.20-2.el6_6.x86_64.rpm postgresql-server-8.4.20-2.el6_6.x86_64.rpm postgresql-test-8.4.20-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: postgresql-8.4.20-2.el6_6.src.rpm i386: postgresql-8.4.20-2.el6_6.i686.rpm postgresql-contrib-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-devel-8.4.20-2.el6_6.i686.rpm postgresql-docs-8.4.20-2.el6_6.i686.rpm postgresql-libs-8.4.20-2.el6_6.i686.rpm postgresql-plperl-8.4.20-2.el6_6.i686.rpm postgresql-plpython-8.4.20-2.el6_6.i686.rpm postgresql-pltcl-8.4.20-2.el6_6.i686.rpm postgresql-server-8.4.20-2.el6_6.i686.rpm postgresql-test-8.4.20-2.el6_6.i686.rpm x86_64: postgresql-8.4.20-2.el6_6.i686.rpm postgresql-8.4.20-2.el6_6.x86_64.rpm postgresql-contrib-8.4.20-2.el6_6.x86_64.rpm postgresql-debuginfo-8.4.20-2.el6_6.i686.rpm postgresql-debuginfo-8.4.20-2.el6_6.x86_64.rpm postgresql-devel-8.4.20-2.el6_6.i686.rpm postgresql-devel-8.4.20-2.el6_6.x86_64.rpm postgresql-docs-8.4.20-2.el6_6.x86_64.rpm postgresql-libs-8.4.20-2.el6_6.i686.rpm postgresql-libs-8.4.20-2.el6_6.x86_64.rpm postgresql-plperl-8.4.20-2.el6_6.x86_64.rpm postgresql-plpython-8.4.20-2.el6_6.x86_64.rpm postgresql-pltcl-8.4.20-2.el6_6.x86_64.rpm postgresql-server-8.4.20-2.el6_6.x86_64.rpm postgresql-test-8.4.20-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): Source: postgresql-9.2.10-2.el7_1.src.rpm x86_64: postgresql-9.2.10-2.el7_1.i686.rpm postgresql-9.2.10-2.el7_1.x86_64.rpm postgresql-contrib-9.2.10-2.el7_1.x86_64.rpm postgresql-debuginfo-9.2.10-2.el7_1.i686.rpm postgresql-debuginfo-9.2.10-2.el7_1.x86_64.rpm postgresql-devel-9.2.10-2.el7_1.i686.rpm postgresql-devel-9.2.10-2.el7_1.x86_64.rpm postgresql-docs-9.2.10-2.el7_1.x86_64.rpm postgresql-libs-9.2.10-2.el7_1.i686.rpm postgresql-libs-9.2.10-2.el7_1.x86_64.rpm postgresql-plperl-9.2.10-2.el7_1.x86_64.rpm postgresql-plpython-9.2.10-2.el7_1.x86_64.rpm postgresql-pltcl-9.2.10-2.el7_1.x86_64.rpm postgresql-server-9.2.10-2.el7_1.x86_64.rpm postgresql-test-9.2.10-2.el7_1.x86_64.rpm postgresql-upgrade-9.2.10-2.el7_1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: postgresql-9.2.10-2.el7_1.src.rpm x86_64: postgresql-9.2.10-2.el7_1.x86_64.rpm postgresql-debuginfo-9.2.10-2.el7_1.i686.rpm postgresql-debuginfo-9.2.10-2.el7_1.x86_64.rpm postgresql-libs-9.2.10-2.el7_1.i686.rpm postgresql-libs-9.2.10-2.el7_1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: postgresql-9.2.10-2.el7_1.i686.rpm postgresql-contrib-9.2.10-2.el7_1.x86_64.rpm postgresql-debuginfo-9.2.10-2.el7_1.i686.rpm postgresql-debuginfo-9.2.10-2.el7_1.x86_64.rpm postgresql-devel-9.2.10-2.el7_1.i686.rpm postgresql-devel-9.2.10-2.el7_1.x86_64.rpm postgresql-docs-9.2.10-2.el7_1.x86_64.rpm postgresql-plperl-9.2.10-2.el7_1.x86_64.rpm postgresql-plpython-9.2.10-2.el7_1.x86_64.rpm postgresql-pltcl-9.2.10-2.el7_1.x86_64.rpm postgresql-server-9.2.10-2.el7_1.x86_64.rpm postgresql-test-9.2.10-2.el7_1.x86_64.rpm postgresql-upgrade-9.2.10-2.el7_1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: postgresql-9.2.10-2.el7_1.src.rpm ppc64: postgresql-9.2.10-2.el7_1.ppc.rpm postgresql-9.2.10-2.el7_1.ppc64.rpm postgresql-contrib-9.2.10-2.el7_1.ppc64.rpm postgresql-debuginfo-9.2.10-2.el7_1.ppc.rpm postgresql-debuginfo-9.2.10-2.el7_1.ppc64.rpm postgresql-devel-9.2.10-2.el7_1.ppc.rpm postgresql-devel-9.2.10-2.el7_1.ppc64.rpm postgresql-docs-9.2.10-2.el7_1.ppc64.rpm postgresql-libs-9.2.10-2.el7_1.ppc.rpm postgresql-libs-9.2.10-2.el7_1.ppc64.rpm postgresql-plperl-9.2.10-2.el7_1.ppc64.rpm postgresql-plpython-9.2.10-2.el7_1.ppc64.rpm postgresql-pltcl-9.2.10-2.el7_1.ppc64.rpm postgresql-server-9.2.10-2.el7_1.ppc64.rpm postgresql-test-9.2.10-2.el7_1.ppc64.rpm s390x: postgresql-9.2.10-2.el7_1.s390.rpm postgresql-9.2.10-2.el7_1.s390x.rpm postgresql-contrib-9.2.10-2.el7_1.s390x.rpm postgresql-debuginfo-9.2.10-2.el7_1.s390.rpm postgresql-debuginfo-9.2.10-2.el7_1.s390x.rpm postgresql-devel-9.2.10-2.el7_1.s390.rpm postgresql-devel-9.2.10-2.el7_1.s390x.rpm postgresql-docs-9.2.10-2.el7_1.s390x.rpm postgresql-libs-9.2.10-2.el7_1.s390.rpm postgresql-libs-9.2.10-2.el7_1.s390x.rpm postgresql-plperl-9.2.10-2.el7_1.s390x.rpm postgresql-plpython-9.2.10-2.el7_1.s390x.rpm postgresql-pltcl-9.2.10-2.el7_1.s390x.rpm postgresql-server-9.2.10-2.el7_1.s390x.rpm postgresql-test-9.2.10-2.el7_1.s390x.rpm x86_64: postgresql-9.2.10-2.el7_1.i686.rpm postgresql-9.2.10-2.el7_1.x86_64.rpm postgresql-contrib-9.2.10-2.el7_1.x86_64.rpm postgresql-debuginfo-9.2.10-2.el7_1.i686.rpm postgresql-debuginfo-9.2.10-2.el7_1.x86_64.rpm postgresql-devel-9.2.10-2.el7_1.i686.rpm postgresql-devel-9.2.10-2.el7_1.x86_64.rpm postgresql-docs-9.2.10-2.el7_1.x86_64.rpm postgresql-libs-9.2.10-2.el7_1.i686.rpm postgresql-libs-9.2.10-2.el7_1.x86_64.rpm postgresql-plperl-9.2.10-2.el7_1.x86_64.rpm postgresql-plpython-9.2.10-2.el7_1.x86_64.rpm postgresql-pltcl-9.2.10-2.el7_1.x86_64.rpm postgresql-server-9.2.10-2.el7_1.x86_64.rpm postgresql-test-9.2.10-2.el7_1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: postgresql-9.2.10-2.ael7b_1.src.rpm ppc64le: postgresql-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-contrib-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-debuginfo-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-devel-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-docs-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-libs-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-plperl-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-plpython-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-pltcl-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-server-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-test-9.2.10-2.ael7b_1.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: postgresql-debuginfo-9.2.10-2.el7_1.ppc64.rpm postgresql-upgrade-9.2.10-2.el7_1.ppc64.rpm s390x: postgresql-debuginfo-9.2.10-2.el7_1.s390x.rpm postgresql-upgrade-9.2.10-2.el7_1.s390x.rpm x86_64: postgresql-debuginfo-9.2.10-2.el7_1.x86_64.rpm postgresql-upgrade-9.2.10-2.el7_1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: postgresql-debuginfo-9.2.10-2.ael7b_1.ppc64le.rpm postgresql-upgrade-9.2.10-2.ael7b_1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: postgresql-9.2.10-2.el7_1.src.rpm x86_64: postgresql-9.2.10-2.el7_1.i686.rpm postgresql-9.2.10-2.el7_1.x86_64.rpm postgresql-contrib-9.2.10-2.el7_1.x86_64.rpm postgresql-debuginfo-9.2.10-2.el7_1.i686.rpm postgresql-debuginfo-9.2.10-2.el7_1.x86_64.rpm postgresql-devel-9.2.10-2.el7_1.i686.rpm postgresql-devel-9.2.10-2.el7_1.x86_64.rpm postgresql-docs-9.2.10-2.el7_1.x86_64.rpm postgresql-libs-9.2.10-2.el7_1.i686.rpm postgresql-libs-9.2.10-2.el7_1.x86_64.rpm postgresql-plperl-9.2.10-2.el7_1.x86_64.rpm postgresql-plpython-9.2.10-2.el7_1.x86_64.rpm postgresql-pltcl-9.2.10-2.el7_1.x86_64.rpm postgresql-server-9.2.10-2.el7_1.x86_64.rpm postgresql-test-9.2.10-2.el7_1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: postgresql-debuginfo-9.2.10-2.el7_1.x86_64.rpm postgresql-upgrade-9.2.10-2.el7_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8161 https://access.redhat.com/security/cve/CVE-2015-0241 https://access.redhat.com/security/cve/CVE-2015-0243 https://access.redhat.com/security/cve/CVE-2015-0244 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVGTn4XlSAg2UNWIIRAqVQAKC+/hHvQdUHVbWPRytPygQBWjxYhACgmG4l 2FQ/HMEPZe0rgIS9UGPXqTA= =K8Y3 -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 30 11:59:20 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Mar 2015 11:59:20 +0000 Subject: [RHSA-2015:0751-01] Important: kernel-rt security and bug fix update Message-ID: <201503301159.t2UBxL55001579@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2015:0751-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0751.html Issue date: 2015-03-30 CVE Names: CVE-2014-8159 CVE-2015-1421 ===================================================================== 1. Summary: Updated kernel-rt packages that fix two security issues and several bugs are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64 3. Description: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1421, Important) Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue. The CVE-2015-1421 issue was discovered by Sun Baoliang of Red Hat. The MRG-Realtime 3.10 kernel-rt sources have been updated to include the following bug fixes: * The kdump service could become unresponsive due to a deadlock in the kernel call ioapic_lock. * Attempt to make metadata changes such as creating a thin device or snapshot thin device did not error out cleanly. (BZ#1201384) This update also fixes the following bug: * The MRG kernel scheduler code was missing checks for the PREEMPT_LAZY flag allowing tasks to be preempted more times than necessary causing latency spikes on the system. Additional checks for the PREEMPT_LAZY flag were added to the check_preempt_wakeup() and check_preempt_curr() functions in the scheduler code so that preempt wakeups were reduced and these latency spikes were removed. (BZ#1157949) All kernel-rt users are advised to upgrade to these updated packages, which correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1181166 - CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access 1196581 - CVE-2015-1421 kernel: net: slab corruption from use after free on INIT collisions 1201384 - RFE: rebase the 3.10 kernel-rt 6. Package List: MRG Realtime for RHEL 6 Server v.2: Source: kernel-rt-3.10.0-229.rt56.147.el6rt.src.rpm noarch: kernel-rt-doc-3.10.0-229.rt56.147.el6rt.noarch.rpm kernel-rt-firmware-3.10.0-229.rt56.147.el6rt.noarch.rpm x86_64: kernel-rt-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-debug-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-debug-devel-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-debuginfo-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-devel-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-trace-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-trace-devel-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-vanilla-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-vanilla-debuginfo-3.10.0-229.rt56.147.el6rt.x86_64.rpm kernel-rt-vanilla-devel-3.10.0-229.rt56.147.el6rt.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8159 https://access.redhat.com/security/cve/CVE-2015-1421 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD4DBQFVGTpPXlSAg2UNWIIRAj3nAJ0bkzOcBkoYuJ8J4FiJU/MA7/2goQCYsoFV tkOfQk/WbCWhoNUVmkM2Vg== =KEGs -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 30 12:05:38 2015 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Mar 2015 12:05:38 +0000 Subject: [RHSA-2015:0753-01] Low: Red Hat Enterprise Developer Toolset Version 2 Six-Month Retirement Notice Message-ID: <201503301205.t2UC5dYO017473@int-mx09.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Developer Toolset Version 2 Six-Month Retirement Notice Advisory ID: RHSA-2015:0753-01 Product: Red Hat Developer Toolset Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0753.html Issue date: 2015-03-30 ===================================================================== 1. Summary: This is the Six-Month notification for the retirement of Red Hat Developer Toolset Version 2. This notification applies only to those customers subscribed to the channel for Red Hat Developer Toolset Version 2. 2. Description: In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 2 offering will be retired as of September 30, 2015, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 2 after September 30, 2015. In addition, technical support through Red Hat's Global Support Services will no longer be provided for Red Hat Developer Toolset Version 2 after this date. We encourage customers to plan their migration from Red Hat Enterprise Developer Toolset Version 2 to a more recent release of Red Hat Developer Toolset. As a benefit of the Red Hat subscription model, customers can use their active Red Hat Developer Toolset subscriptions to entitle any system on a currently supported version of this product. Details of the Red Hat Enterprise Developer Toolset life cycle can be found here: https://access.redhat.com/support/policy/updates/dts/ 3. Solution: Red Hat Enterprise Developer Toolset Version 2 will be retired on September 30, 2015. Customers are encouraged to migrate to a newer release of Red Hat Enterprise Developer Toolset, and can find additional details on the Red Hat Enterprise Developer Toolset life cycle page here: https://access.redhat.com/support/policy/updates/dts/ 4. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/support/policy/updates/dts/ 5. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVGTtYXlSAg2UNWIIRAmy4AKCTEXF7VdShI4u6zg+SYM5BGc5mKQCgn8TT RlYODXUF05QqIR4NszlYlNI= =vfdO -----END PGP SIGNATURE-----