From bugzilla at redhat.com Mon Apr 3 15:16:26 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 3 Apr 2017 15:16:26 +0000 Subject: [RHSA-2017:0861-01] Low: Red Hat Enterprise Linux 5.6 Advanced Mission Critical (AMC) Retirement Notice Message-ID: <201704031516.v33FGV6t018582@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 5.6 Advanced Mission Critical (AMC) Retirement Notice Advisory ID: RHSA-2017:0861-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0861 Issue date: 2017-04-03 ===================================================================== 1. Summary: This is the final notification for the retirement of Red Hat Enterprise Linux 5.6 Advanced Mission Critical (AMC). This notification applies only to those customers subscribed to the Advanced Mission Critical (AMC) channel for Red Hat Enterprise Linux 5.6. 2. Relevant releases/architectures: Red Hat Enterprise Linux Long Life (v. 5.6 server) - i386, ia64, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.6 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 5.6 AMC after March 31, 2017. In addition, on-going technical support through Red Hat's Customer Experience and Engagement will be limited as described under "non-current minor releases" in the Knowledge Base article located here https://access.redhat.com/articles/64664 after this date. We encourage customers to migrate from Red Hat Enterprise Linux 5.6 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on any currently supported Red Hat Enterprise Linux release. Details of the Red Hat Enterprise Linux life cycle can be found here: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This erratum contains an updated redhat-release package that provides a copy of this retirement notice in the "/usr/share/doc/" directory. 5. Package List: Red Hat Enterprise Linux Long Life (v. 5.6 server): Source: redhat-release-5Server-5.6.0.13.src.rpm i386: redhat-release-5Server-5.6.0.13.i386.rpm ia64: redhat-release-5Server-5.6.0.13.ia64.rpm x86_64: redhat-release-5Server-5.6.0.13.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 6. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/articles/64664 https://access.redhat.com/support/policy/updates/errata/ 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY4mc5XlSAg2UNWIIRAg5jAJ9045DdHihJNSCscVD/udiYl1ABowCdHubu PdiHN/wETrAd+zN6RaD4xdo= =HhSd -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Apr 3 15:17:05 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 3 Apr 2017 15:17:05 +0000 Subject: [RHSA-2017:0862-01] Low: Red Hat Enterprise Linux 5 Retirement Notice Message-ID: <201704031517.v33FHCui018604@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 5 Retirement Notice Advisory ID: RHSA-2017:0862-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0862 Issue date: 2017-04-03 ===================================================================== 1. Summary: This is the final notification for the retirement of Red Hat Enterprise Linux 5. This notification applies only to those customers subscribed to the channel for Red Hat Enterprise Linux 5. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, support for Red Hat Enterprise Linux 5 was retired on March 31, 2017, at the end of Production Phase 3 and active support is no longer provided. As the product will now be in the Extended Life Phase, customers will continue to have access to all previously released content, and limited technical support will be available through Red Hat's Customer Experience and Engagement as described in the Knowledge Base article available at https://access.redhat.com/articles/64664 (search for "non-current minor release"). However, we recognize that some customers will wish to remain on Red Hat Enterprise Linux 5 even after the March 31, 2017 retirement date. To meet this customer requirement, Red Hat will offer customers the option to purchase the Extended Life Cycle Support (ELS) Add-On as an annually renewable subscription. This ELS Add-On provides customers with up to an additional three and a half (3.5) years of Critical Impact security fixes and selected Urgent Priority bug fixes for Red Hat Enterprise Linux 5.11. Red Hat Enterprise Linux 5 ELS coverage will conclude on November 30, 2020. UPDATE: Note that the Red Hat Enterprise Linux 5 ELS Add-On is available for the x86 (32- and 64-bit) and z Systems architectures only. The Red Hat Enterprise Linux 5 ELS Add-On is not available for the Itanium architecture. In addition, the Red Hat Enterprise Linux 5 ELS Add-On is only available for Server, and does not apply to layered products or Add-Ons. To enjoy even more comprehensive product support, we encourage customers to migrate from Red Hat Enterprise Linux 5 to a more recent version. As a benefit of the Red Hat subscription, customers may, of course, use their active subscriptions to entitle any system on any currently supported Red Hat Enterprise Linux release. Instructions for migrating from Red Hat Enterprise Linux 5 to Red Hat Enterprise Linux 7 are available at https://access.redhat.com/articles/1211223. Red Hat also has a Pre-upgrade Assistant tool to aid with the migration of Red Hat Enterprise Linux 5 systems to Red Hat Enterprise Linux 7. For more information about this tool, please see https://access.redhat.com/solutions/1468623. Details of the Red Hat Enterprise Linux life cycle can be found here: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This erratum contains an updated redhat-release package that provides a copy of this retirement notice in the "/usr/share/doc/" directory. 5. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: redhat-release-5Client-5.11.0.9.src.rpm i386: redhat-release-5Client-5.11.0.9.i386.rpm x86_64: redhat-release-5Client-5.11.0.9.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: redhat-release-5Server-5.11.0.9.src.rpm i386: redhat-release-5Server-5.11.0.9.i386.rpm ia64: redhat-release-5Server-5.11.0.9.ia64.rpm ppc: redhat-release-5Server-5.11.0.9.ppc.rpm s390x: redhat-release-5Server-5.11.0.9.s390x.rpm x86_64: redhat-release-5Server-5.11.0.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 6. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/articles/64664 https://access.redhat.com/articles/1211223 https://access.redhat.com/solutions/1468623 https://access.redhat.com/support/policy/updates/errata/ 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY4mdbXlSAg2UNWIIRAliCAJ9f/SDCtV4f68IM/kWjg3CtZxzmJACgpVxE NQVchJzq5sI19ofXOea2YQ8= =SOrr -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Apr 3 15:17:40 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 3 Apr 2017 15:17:40 +0000 Subject: [RHSA-2017:0863-01] Low: Red Hat Enterprise Linux 4 Extended Life Cycle Support Final Notice Message-ID: <201704031517.v33FHlxa018626@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 4 Extended Life Cycle Support Final Notice Advisory ID: RHSA-2017:0863-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0863 Issue date: 2017-04-03 ===================================================================== 1. Summary: This is the final notification for the retirement of Red Hat Enterprise Linux 4 Extended Life Cycle Support Add-On (ELS). This notification applies only to those customers subscribed to the Extended Life Cycle Support (ELS) channel for Red Hat Enterprise Linux 4. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (v. 4 ELS) - i386, ia64, x86_64 Red Hat Enterprise Linux ES (v. 4 ELS) - i386, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 4 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 4 ELS after March 31, 2017. In addition, on-going technical support through Red Hat's Customer Experience and Engagement will be limited as described under "non-current minor releases" in the Knowledge Base article located here https://access.redhat.com/articles/64664 after this date. We encourage customers to migrate from Red Hat Enterprise Linux 4 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on any currently supported Red Hat Enterprise Linux release. Details of the Red Hat Enterprise Linux life cycle can be found here: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This erratum contains an updated redhat-release package that provides a copy of this retirement notice in the "/usr/share/doc/" directory. 5. Package List: Red Hat Enterprise Linux AS (v. 4 ELS): Source: redhat-release-4AS-10.16.src.rpm i386: redhat-release-4AS-10.16.i386.rpm ia64: redhat-release-4AS-10.16.ia64.rpm x86_64: redhat-release-4AS-10.16.x86_64.rpm Red Hat Enterprise Linux ES (v. 4 ELS): Source: redhat-release-4ES-10.16.src.rpm i386: redhat-release-4ES-10.16.i386.rpm x86_64: redhat-release-4ES-10.16.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 6. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/articles/64664 https://access.redhat.com/support/policy/updates/errata/ 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY4meJXlSAg2UNWIIRApiMAJ92HVIOwKrj+h9FyAwc7tVFuNpQVwCgr15m nKLd6MbU1J6Px//FMZXZteg= =XCzM -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Apr 3 15:18:11 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 3 Apr 2017 15:18:11 +0000 Subject: [RHSA-2017:0864-01] Low: Red Hat Enterprise Linux 7.1 Extended Update Support Retirement Notice Message-ID: <201704031518.v33FIHlo018664@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 7.1 Extended Update Support Retirement Notice Advisory ID: RHSA-2017:0864-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0864 Issue date: 2017-04-03 ===================================================================== 1. Summary: This is the final notification for the retirement of Red Hat Enterprise Linux 7.1 Extended Update Support (EUS). This notification applies only to those customers subscribed to the Extended Update Support (EUS) channel for Red Hat Enterprise Linux 7.1. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.1) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 7.1 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.1 EUS after March 31, 2017. In addition, on-going technical support through Red Hat's Customer Experience and Engagement will be limited as described under "non-current minor releases" in the Knowledge Base article located here https://access.redhat.com/articles/64664 after this date. We encourage customers to migrate from Red Hat Enterprise Linux 7.1 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on any currently supported Red Hat Enterprise Linux release. Details of the Red Hat Enterprise Linux life cycle can be found here: https://access.redhat.com/support/policy/updates/errata/ 4. Solution: This erratum contains updated redhat-release-server and redhat-release-computenode packages that provide a copy of this retirement notice in the "/usr/share/doc/" directory. 5. Bugs fixed (https://bugzilla.redhat.com/): 1433442 - Send out RHEL 7.1 EUS Day 0 retirement notice 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.1): Source: redhat-release-computenode-7.1-1.el7_1.3.src.rpm x86_64: redhat-release-computenode-7.1-1.el7_1.3.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.1): Source: redhat-release-server-7.1-1.el7_1.6.src.rpm ppc64: redhat-release-server-7.1-1.el7_1.6.ppc64.rpm s390x: redhat-release-server-7.1-1.el7_1.6.s390x.rpm x86_64: redhat-release-server-7.1-1.el7_1.6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.1): Source: redhat-release-server-7.1-1.ael7b_1.6.src.rpm ppc64le: redhat-release-server-7.1-1.ael7b_1.6.ppc64le.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/articles/64664 https://access.redhat.com/support/policy/updates/errata/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD4DBQFY4mekXlSAg2UNWIIRAnp1AKCzoNJ5sOmBLmVWaf1LQm08UWXWzACYojNN AUooRXIWNwXhkRPn9AqW2Q== =zZut -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 4 13:10:46 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 4 Apr 2017 13:10:46 +0000 Subject: [RHSA-2017:0869-01] Moderate: kernel security and enhancement update Message-ID: <201704041310.v34DApt0014976@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security and enhancement update Advisory ID: RHSA-2017:0869-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0869 Issue date: 2017-04-04 CVE Names: CVE-2016-8399 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate) Enhancement(s): * Previously, the mpt3sas driver incorrectly checked the Transport Layer Retries (TLR) state even on Redundant Array Of Independent Discs (RAID) devices. Consequently, a kernel panic occurred when mpt3sas attempted to read from the RAID devices. With this update, mpt3sas has been fixed to check the TLR state only for non-RAID devices, and the kernel no longer panics under the described circumstances. (BZ#1427459) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1403833 - CVE-2016-8399 kernel: net: Out of bounds stack read in memcpy_fromiovec 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.7): Source: kernel-2.6.32-573.41.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-573.41.1.el6.noarch.rpm kernel-doc-2.6.32-573.41.1.el6.noarch.rpm kernel-firmware-2.6.32-573.41.1.el6.noarch.rpm x86_64: kernel-2.6.32-573.41.1.el6.x86_64.rpm kernel-debug-2.6.32-573.41.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-573.41.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-573.41.1.el6.i686.rpm kernel-debug-devel-2.6.32-573.41.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-573.41.1.el6.i686.rpm kernel-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-573.41.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-573.41.1.el6.x86_64.rpm kernel-devel-2.6.32-573.41.1.el6.x86_64.rpm kernel-headers-2.6.32-573.41.1.el6.x86_64.rpm perf-2.6.32-573.41.1.el6.x86_64.rpm perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7): x86_64: kernel-debug-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-573.41.1.el6.x86_64.rpm perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm python-perf-2.6.32-573.41.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.7): Source: kernel-2.6.32-573.41.1.el6.src.rpm i386: kernel-2.6.32-573.41.1.el6.i686.rpm kernel-debug-2.6.32-573.41.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-573.41.1.el6.i686.rpm kernel-debug-devel-2.6.32-573.41.1.el6.i686.rpm kernel-debuginfo-2.6.32-573.41.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-573.41.1.el6.i686.rpm kernel-devel-2.6.32-573.41.1.el6.i686.rpm kernel-headers-2.6.32-573.41.1.el6.i686.rpm perf-2.6.32-573.41.1.el6.i686.rpm perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-573.41.1.el6.noarch.rpm kernel-doc-2.6.32-573.41.1.el6.noarch.rpm kernel-firmware-2.6.32-573.41.1.el6.noarch.rpm ppc64: kernel-2.6.32-573.41.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-573.41.1.el6.ppc64.rpm kernel-debug-2.6.32-573.41.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-573.41.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-573.41.1.el6.ppc64.rpm kernel-devel-2.6.32-573.41.1.el6.ppc64.rpm kernel-headers-2.6.32-573.41.1.el6.ppc64.rpm perf-2.6.32-573.41.1.el6.ppc64.rpm perf-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm s390x: kernel-2.6.32-573.41.1.el6.s390x.rpm kernel-debug-2.6.32-573.41.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-573.41.1.el6.s390x.rpm kernel-debug-devel-2.6.32-573.41.1.el6.s390x.rpm kernel-debuginfo-2.6.32-573.41.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-573.41.1.el6.s390x.rpm kernel-devel-2.6.32-573.41.1.el6.s390x.rpm kernel-headers-2.6.32-573.41.1.el6.s390x.rpm kernel-kdump-2.6.32-573.41.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-573.41.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-573.41.1.el6.s390x.rpm perf-2.6.32-573.41.1.el6.s390x.rpm perf-debuginfo-2.6.32-573.41.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.s390x.rpm x86_64: kernel-2.6.32-573.41.1.el6.x86_64.rpm kernel-debug-2.6.32-573.41.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-573.41.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-573.41.1.el6.i686.rpm kernel-debug-devel-2.6.32-573.41.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-573.41.1.el6.i686.rpm kernel-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-573.41.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-573.41.1.el6.x86_64.rpm kernel-devel-2.6.32-573.41.1.el6.x86_64.rpm kernel-headers-2.6.32-573.41.1.el6.x86_64.rpm perf-2.6.32-573.41.1.el6.x86_64.rpm perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.7): i386: kernel-debug-debuginfo-2.6.32-573.41.1.el6.i686.rpm kernel-debuginfo-2.6.32-573.41.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-573.41.1.el6.i686.rpm perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm python-perf-2.6.32-573.41.1.el6.i686.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-573.41.1.el6.ppc64.rpm perf-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm python-perf-2.6.32-573.41.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-573.41.1.el6.s390x.rpm kernel-debuginfo-2.6.32-573.41.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-573.41.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-573.41.1.el6.s390x.rpm perf-debuginfo-2.6.32-573.41.1.el6.s390x.rpm python-perf-2.6.32-573.41.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-573.41.1.el6.x86_64.rpm perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm python-perf-2.6.32-573.41.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8399 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY45tMXlSAg2UNWIIRAqAiAJ9tWKJ5+iXTA3PYDPedydOVcOg4HwCZAfI0 Lny8kYfYe7t/obiKDNNa40M= =RWQ7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 5 03:05:36 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 5 Apr 2017 03:05:36 +0000 Subject: [RHSA-2017:0879-01] Moderate: v8 security update Message-ID: <201704050305.v3535fvs020176@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: v8 security update Advisory ID: RHSA-2017:0879-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0879 Issue date: 2017-04-05 CVE Names: CVE-2016-1669 ===================================================================== 1. Summary: An update for v8 is now available for Red Hat OpenStack Platform 8.0 (Liberty). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 8.0 (Liberty) - x86_64 3. Description: V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix(es): * An integer-overflow flaw was found in V8's Zone class when allocating new memory (Zone::New() and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges. (CVE-2016-1669) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1335449 - CVE-2016-1669 V8: integer overflow leading to buffer overflow in Zone::New 6. Package List: Red Hat OpenStack Platform 8.0 (Liberty): Source: v8-3.14.5.10-19.el7ost.src.rpm x86_64: v8-3.14.5.10-19.el7ost.x86_64.rpm v8-debuginfo-3.14.5.10-19.el7ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1669 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY5F7iXlSAg2UNWIIRAtw0AKCqYUUT1qh/MW6pYUb20gqBXGg+1QCfXQyx P/4TJNdaCIH1/avd5g2P6pQ= =ie9a -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 5 03:06:25 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 5 Apr 2017 03:06:25 +0000 Subject: [RHSA-2017:0880-01] Moderate: v8 security update Message-ID: <201704050306.v3536UCp020375@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: v8 security update Advisory ID: RHSA-2017:0880-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0880 Issue date: 2017-04-05 CVE Names: CVE-2016-1669 ===================================================================== 1. Summary: An update for v8 is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 9.0 - x86_64 3. Description: V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix(es): * An integer-overflow flaw was found in V8's Zone class when allocating new memory (Zone::New() and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges. (CVE-2016-1669) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1335449 - CVE-2016-1669 V8: integer overflow leading to buffer overflow in Zone::New 6. Package List: Red Hat OpenStack Platform 9.0: Source: v8-3.14.5.10-19.el7ost.src.rpm x86_64: v8-3.14.5.10-19.el7ost.x86_64.rpm v8-debuginfo-3.14.5.10-19.el7ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1669 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY5F8bXlSAg2UNWIIRAvMqAKCxhKOUah2T+R0rX4ftzoYiDHtumQCgnee8 2aZ5oA5yGuOx4PbABWcGBSo= =ERqw -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 5 03:07:21 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 5 Apr 2017 03:07:21 +0000 Subject: [RHSA-2017:0881-01] Moderate: v8 security update Message-ID: <201704050307.v3537QUS020421@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: v8 security update Advisory ID: RHSA-2017:0881-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0881 Issue date: 2017-04-05 CVE Names: CVE-2016-1669 ===================================================================== 1. Summary: An update for v8 is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 - x86_64 3. Description: V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix(es): * An integer-overflow flaw was found in V8's Zone class when allocating new memory (Zone::New() and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges. (CVE-2016-1669) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1335449 - CVE-2016-1669 V8: integer overflow leading to buffer overflow in Zone::New 6. Package List: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7: Source: v8-3.14.5.10-19.el7ost.src.rpm x86_64: v8-3.14.5.10-19.el7ost.x86_64.rpm v8-debuginfo-3.14.5.10-19.el7ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1669 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY5F9eXlSAg2UNWIIRAqHkAKCuEXfzSShUTIuifLBz/6a3rJUQoACaA34e FTLdtzfSdFXOa1S1ymYxvkI= =yG75 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 5 03:07:53 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 5 Apr 2017 03:07:53 +0000 Subject: [RHSA-2017:0882-01] Moderate: v8 security update Message-ID: <201704050307.v3537wEp020448@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: v8 security update Advisory ID: RHSA-2017:0882-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0882 Issue date: 2017-04-05 CVE Names: CVE-2016-1669 ===================================================================== 1. Summary: An update for v8 is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 10.0 - x86_64 3. Description: V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix(es): * An integer-overflow flaw was found in V8's Zone class when allocating new memory (Zone::New() and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges. (CVE-2016-1669) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1335449 - CVE-2016-1669 V8: integer overflow leading to buffer overflow in Zone::New 6. Package List: Red Hat OpenStack Platform 10.0: Source: v8-3.14.5.10-19.el7ost.src.rpm x86_64: v8-3.14.5.10-19.el7ost.x86_64.rpm v8-debuginfo-3.14.5.10-19.el7ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1669 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY5F99XlSAg2UNWIIRAq79AJ90zVa5Wg0VM2i5YvTh6u6lnDCdtwCfc8mn wbb3wzDdqmRMLqMkc2VARPk= =Molc -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 11 13:35:02 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 11 Apr 2017 13:35:02 +0000 Subject: [RHSA-2017:0892-01] Important: kernel security and bug fix update Message-ID: <201704111335.v3BDZ8J6015443@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2017:0892-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0892 Issue date: 2017-04-11 CVE Names: CVE-2016-7910 CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel's implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privileged escalation. (CVE-2016-7910, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636. Bug Fix(es): * Previously, Chelsio firmware included an incorrectly-formatted firmware bin file. As a consequence, the firmware could not be flashed. This update provides a firmware bin file that is formatted correctly. As a result, Chelsio firmware can now be flashed successfully. (BZ#1433865) * When multiple simultaneous processes attempted to read from the /proc/stat file, spinlock overhead was generated on Non-Uniform Memory Access (NUMA) systems. Consequently, a large amount of CPU was consumed. With this update, the underlying source code has been fixed to avoid taking spinlock when the interrupt line does not exist. As a result, the spinlock overhead is now generated less often, and multiple simultaneous processes can now read /proc/stat without consuming a large amount of CPU. (BZ#1428106) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1399727 - CVE-2016-7910 kernel: Use after free in seq file 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-696.1.1.el6.src.rpm i386: kernel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-devel-2.6.32-696.1.1.el6.i686.rpm kernel-headers-2.6.32-696.1.1.el6.i686.rpm perf-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm kernel-doc-2.6.32-696.1.1.el6.noarch.rpm kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm kernel-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-headers-2.6.32-696.1.1.el6.x86_64.rpm perf-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-696.1.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm kernel-doc-2.6.32-696.1.1.el6.noarch.rpm kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm kernel-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-headers-2.6.32-696.1.1.el6.x86_64.rpm perf-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-696.1.1.el6.src.rpm i386: kernel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-devel-2.6.32-696.1.1.el6.i686.rpm kernel-headers-2.6.32-696.1.1.el6.i686.rpm perf-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm kernel-doc-2.6.32-696.1.1.el6.noarch.rpm kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm ppc64: kernel-2.6.32-696.1.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-696.1.1.el6.ppc64.rpm kernel-debug-2.6.32-696.1.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.1.1.el6.ppc64.rpm kernel-devel-2.6.32-696.1.1.el6.ppc64.rpm kernel-headers-2.6.32-696.1.1.el6.ppc64.rpm perf-2.6.32-696.1.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm s390x: kernel-2.6.32-696.1.1.el6.s390x.rpm kernel-debug-2.6.32-696.1.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-debug-devel-2.6.32-696.1.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.1.1.el6.s390x.rpm kernel-devel-2.6.32-696.1.1.el6.s390x.rpm kernel-headers-2.6.32-696.1.1.el6.s390x.rpm kernel-kdump-2.6.32-696.1.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-696.1.1.el6.s390x.rpm perf-2.6.32-696.1.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.1.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.s390x.rpm x86_64: kernel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm kernel-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-headers-2.6.32-696.1.1.el6.x86_64.rpm perf-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.1.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm python-perf-2.6.32-696.1.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.1.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.1.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.1.1.el6.s390x.rpm python-perf-2.6.32-696.1.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-696.1.1.el6.src.rpm i386: kernel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-devel-2.6.32-696.1.1.el6.i686.rpm kernel-headers-2.6.32-696.1.1.el6.i686.rpm perf-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm kernel-doc-2.6.32-696.1.1.el6.noarch.rpm kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm kernel-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-headers-2.6.32-696.1.1.el6.x86_64.rpm perf-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7910 https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7Nt6XlSAg2UNWIIRApweAKC7o76Fb9zsyuEJe2frk0y8PexXQACgg17Q ZikmOEYFPivutQinlRQx8IQ= =0Scs -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 11 13:53:40 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 11 Apr 2017 13:53:40 +0000 Subject: [RHSA-2017:0893-01] Important: 389-ds-base security and bug fix update Message-ID: <201704111353.v3BDroGA017867@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: RHSA-2017:0893-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0893 Issue date: 2017-04-11 CVE Names: CVE-2017-2668 ===================================================================== 1. Summary: An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. (CVE-2017-2668) Red Hat would like to thank Joachim Jabs (F24) for reporting this issue. Bug Fix(es): * Previously, the "deref" plug-in failed to dereference attributes that use distinguished name (DN) syntax, such as "uniqueMember". With this patch, the "deref" plug-in can dereference such attributes and additionally "Name and Optional UID" syntax. As a result, the "deref" plug-in now supports any syntax. (BZ#1435365) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the 389 server service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1435365 - Unable to dereference unqiemember attribute because it is dn [#UID] not dn syntax 1436575 - CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: 389-ds-base-1.2.11.15-91.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: 389-ds-base-1.2.11.15-91.el6_9.src.rpm x86_64: 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: 389-ds-base-1.2.11.15-91.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: 389-ds-base-1.2.11.15-91.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2668 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7N/IXlSAg2UNWIIRAiBUAJ4ykhZNcxlF3y9gfQHLbGueh+Na3gCgm/Ne c1D+MYouJwC/61SbXzibCM4= =MEfN -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 14:23:09 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 14:23:09 +0000 Subject: [RHSA-2017:0932-01] Important: kernel-rt security and bug fix update Message-ID: <201704121423.v3CENFRq003559@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2017:0932-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://access.redhat.com/errata/RHSA-2017:0932 Issue date: 2017-04-12 CVE Names: CVE-2016-8650 CVE-2016-9793 CVE-2017-2618 CVE-2017-2636 CVE-2017-6074 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important) * A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate) * A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate) * A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636; Andrey Konovalov (Google) for reporting CVE-2017-6074; and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering). Bug Fix(es): * The kernel-rt packages have been upgraded to version 3.10.0-514.rt56.219, which provides a number of bug fix updates over the previous version. (BZ#1429613) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1395187 - CVE-2016-8650 kernel: Null pointer dereference via keyctl 1402013 - CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE 1419916 - CVE-2017-2618 kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate) 1423071 - CVE-2017-6074 kernel: use after free in dccp protocol 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 1429613 - update the MRG 2.5.z 3.10 kernel-rt sources 6. Package List: MRG Realtime for RHEL 6 Server v.2: Source: kernel-rt-3.10.0-514.rt56.219.el6rt.src.rpm noarch: kernel-rt-doc-3.10.0-514.rt56.219.el6rt.noarch.rpm kernel-rt-firmware-3.10.0-514.rt56.219.el6rt.noarch.rpm x86_64: kernel-rt-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debug-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debug-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-trace-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-trace-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-vanilla-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-vanilla-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-vanilla-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8650 https://access.redhat.com/security/cve/CVE-2016-9793 https://access.redhat.com/security/cve/CVE-2017-2618 https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/cve/CVE-2017-6074 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7jhEXlSAg2UNWIIRAnj9AJ9Cc3tBqUeEtUD4NNjZPWRRMQrUbACePqcM HMWFKmmrPR5wDrIGCofQ9rs= =9p44 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 14:25:35 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 14:25:35 +0000 Subject: [RHSA-2017:0931-01] Important: kernel-rt security and bug fix update Message-ID: <201704121425.v3CEPfLl003634@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2017:0931-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0931 Issue date: 2017-04-12 CVE Names: CVE-2016-8650 CVE-2016-9793 CVE-2017-2618 CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate) * A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate) * A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636 and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering). Bug Fix(es): * Previously, a cgroups data structure was sometimes corrupted due to a race condition in the kernel-rt cgroups code. Consequently, several system tasks were blocked, and the operating system became unresponsive. This update adds a lock that prevents the race condition. As a result, the cgroups data structure no longer gets corrupted and the operating system no longer hangs under the described circumstances. (BZ#1420784) * The kernel-rt packages have been upgraded to the 3.10.0-514.16.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1430749) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1395187 - CVE-2016-8650 kernel: Null pointer dereference via keyctl 1402013 - CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE 1419916 - CVE-2017-2618 kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate) 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 1430749 - kernel-rt: update to the RHEL7.3.z batch#4 source tree [RT-7.3.z] 6. Package List: Red Hat Enterprise Linux for Real Time for NFV (v. 7): Source: kernel-rt-3.10.0-514.16.1.rt56.437.el7.src.rpm noarch: kernel-rt-doc-3.10.0-514.16.1.rt56.437.el7.noarch.rpm x86_64: kernel-rt-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-kvm-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-kvm-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-kvm-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-kvm-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-kvm-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-kvm-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm Red Hat Enterprise Linux Realtime (v. 7): Source: kernel-rt-3.10.0-514.16.1.rt56.437.el7.src.rpm noarch: kernel-rt-doc-3.10.0-514.16.1.rt56.437.el7.noarch.rpm x86_64: kernel-rt-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8650 https://access.redhat.com/security/cve/CVE-2016-9793 https://access.redhat.com/security/cve/CVE-2017-2618 https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7jjUXlSAg2UNWIIRAvx4AJ0UGk1zTaNQOjqhPxzDBAnSVe0UWACfeNls kwrQgjLNJxXW/CVLujHvI7M= =zagv -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 14:27:37 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 14:27:37 +0000 Subject: [RHSA-2017:0933-01] Important: kernel security, bug fix, and enhancement update Message-ID: <201704121427.v3CERhDa004076@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2017:0933-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0933 Issue date: 2017-04-12 CVE Names: CVE-2016-8650 CVE-2016-9793 CVE-2017-2618 CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/articles/2986951. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate) * A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate) * A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636 and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering). 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1395187 - CVE-2016-8650 kernel: Null pointer dereference via keyctl 1402013 - CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE 1419916 - CVE-2017-2618 kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate) 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-514.16.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.16.1.el7.noarch.rpm kernel-doc-3.10.0-514.16.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-headers-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.x86_64.rpm perf-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-514.16.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.16.1.el7.noarch.rpm kernel-doc-3.10.0-514.16.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-headers-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.x86_64.rpm perf-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-514.16.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.16.1.el7.noarch.rpm kernel-doc-3.10.0-514.16.1.el7.noarch.rpm ppc64: kernel-3.10.0-514.16.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-514.16.1.el7.ppc64.rpm kernel-debug-3.10.0-514.16.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.16.1.el7.ppc64.rpm kernel-devel-3.10.0-514.16.1.el7.ppc64.rpm kernel-headers-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.ppc64.rpm perf-3.10.0-514.16.1.el7.ppc64.rpm perf-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm python-perf-3.10.0-514.16.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm ppc64le: kernel-3.10.0-514.16.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debug-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.16.1.el7.ppc64le.rpm kernel-devel-3.10.0-514.16.1.el7.ppc64le.rpm kernel-headers-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-514.16.1.el7.ppc64le.rpm perf-3.10.0-514.16.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm python-perf-3.10.0-514.16.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm s390x: kernel-3.10.0-514.16.1.el7.s390x.rpm kernel-debug-3.10.0-514.16.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.s390x.rpm kernel-debug-devel-3.10.0-514.16.1.el7.s390x.rpm kernel-debuginfo-3.10.0-514.16.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-514.16.1.el7.s390x.rpm kernel-devel-3.10.0-514.16.1.el7.s390x.rpm kernel-headers-3.10.0-514.16.1.el7.s390x.rpm kernel-kdump-3.10.0-514.16.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-514.16.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-514.16.1.el7.s390x.rpm perf-3.10.0-514.16.1.el7.s390x.rpm perf-debuginfo-3.10.0-514.16.1.el7.s390x.rpm python-perf-3.10.0-514.16.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.s390x.rpm x86_64: kernel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-headers-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.x86_64.rpm perf-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.ppc64.rpm perf-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-514.16.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.16.1.el7.noarch.rpm kernel-doc-3.10.0-514.16.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-headers-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.x86_64.rpm perf-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8650 https://access.redhat.com/security/cve/CVE-2016-9793 https://access.redhat.com/security/cve/CVE-2017-2618 https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2986951 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7jlPXlSAg2UNWIIRAlYuAJwJ8oJj2PedLkgheQy18YcryP60vgCghCYK LVXVCGRpoKyriEC/9Mocik8= =74Wz -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:20:36 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:20:36 +0000 Subject: [RHSA-2017:0906-01] Moderate: httpd security and bug fix update Message-ID: <201704121920.v3CJKlVB009354@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security and bug fix update Advisory ID: RHSA-2017:0906-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0906 Issue date: 2017-04-12 CVE Names: CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 ===================================================================== 1. Summary: An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. (CVE-2016-0736) * It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication. (CVE-2016-2161) * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743) Note: The fix for the CVE-2016-8743 issue causes httpd to return "400 Bad Request" error to HTTP clients which do not strictly follow HTTP protocol specification. A newly introduced configuration directive "HttpProtocolOptions Unsafe" can be used to re-enable the old less strict parsing. However, such setting also re-introduces the CVE-2016-8743 issue. Bug Fix(es): * When waking up child processes during a graceful restart, the httpd parent process could attempt to open more connections than necessary if a large number of child processes had been active prior to the restart. Consequently, a graceful restart could take a long time to complete. With this update, httpd has been fixed to limit the number of connections opened during a graceful restart to the number of active children, and the described problem no longer occurs. (BZ#1420002) * Previously, httpd running in a container returned the 500 HTTP status code (Internal Server Error) when a connection to a WebSocket server was closed. As a consequence, the httpd server failed to deliver the correct HTTP status and data to a client. With this update, httpd correctly handles all proxied requests to the WebSocket server, and the described problem no longer occurs. (BZ#1429947) * In a configuration using LDAP authentication with the mod_authnz_ldap module, the name set using the AuthLDAPBindDN directive was not correctly used to bind to the LDAP server for all queries. Consequently, authorization attempts failed. The LDAP modules have been fixed to ensure the configured name is correctly bound for LDAP queries, and authorization using LDAP no longer fails. (BZ#1420047) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1406744 - CVE-2016-0736 httpd: Padding Oracle in Apache mod_session_crypto 1406753 - CVE-2016-2161 httpd: DoS vulnerability in mod_auth_digest 1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects 1420002 - Backport fix for issue with graceful restart taking very long time sometimes 1420047 - AuthLDAPBindDN might not be used for some LDAP searches causing LDAP authz failures 1429947 - Backport: mod_proxy_wstunnel - AH02447: err/hup on backconn 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: httpd-2.4.6-45.el7_3.4.src.rpm noarch: httpd-manual-2.4.6-45.el7_3.4.noarch.rpm x86_64: httpd-2.4.6-45.el7_3.4.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm httpd-devel-2.4.6-45.el7_3.4.x86_64.rpm httpd-tools-2.4.6-45.el7_3.4.x86_64.rpm mod_ldap-2.4.6-45.el7_3.4.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.4.x86_64.rpm mod_session-2.4.6-45.el7_3.4.x86_64.rpm mod_ssl-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: httpd-2.4.6-45.el7_3.4.src.rpm noarch: httpd-manual-2.4.6-45.el7_3.4.noarch.rpm x86_64: httpd-2.4.6-45.el7_3.4.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm httpd-devel-2.4.6-45.el7_3.4.x86_64.rpm httpd-tools-2.4.6-45.el7_3.4.x86_64.rpm mod_ldap-2.4.6-45.el7_3.4.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.4.x86_64.rpm mod_session-2.4.6-45.el7_3.4.x86_64.rpm mod_ssl-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: httpd-2.4.6-45.el7_3.4.src.rpm aarch64: httpd-2.4.6-45.el7_3.4.aarch64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.aarch64.rpm httpd-devel-2.4.6-45.el7_3.4.aarch64.rpm httpd-tools-2.4.6-45.el7_3.4.aarch64.rpm mod_ssl-2.4.6-45.el7_3.4.aarch64.rpm noarch: httpd-manual-2.4.6-45.el7_3.4.noarch.rpm ppc64: httpd-2.4.6-45.el7_3.4.ppc64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.ppc64.rpm httpd-devel-2.4.6-45.el7_3.4.ppc64.rpm httpd-tools-2.4.6-45.el7_3.4.ppc64.rpm mod_ssl-2.4.6-45.el7_3.4.ppc64.rpm ppc64le: httpd-2.4.6-45.el7_3.4.ppc64le.rpm httpd-debuginfo-2.4.6-45.el7_3.4.ppc64le.rpm httpd-devel-2.4.6-45.el7_3.4.ppc64le.rpm httpd-tools-2.4.6-45.el7_3.4.ppc64le.rpm mod_ssl-2.4.6-45.el7_3.4.ppc64le.rpm s390x: httpd-2.4.6-45.el7_3.4.s390x.rpm httpd-debuginfo-2.4.6-45.el7_3.4.s390x.rpm httpd-devel-2.4.6-45.el7_3.4.s390x.rpm httpd-tools-2.4.6-45.el7_3.4.s390x.rpm mod_ssl-2.4.6-45.el7_3.4.s390x.rpm x86_64: httpd-2.4.6-45.el7_3.4.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm httpd-devel-2.4.6-45.el7_3.4.x86_64.rpm httpd-tools-2.4.6-45.el7_3.4.x86_64.rpm mod_ssl-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: httpd-debuginfo-2.4.6-45.el7_3.4.aarch64.rpm mod_ldap-2.4.6-45.el7_3.4.aarch64.rpm mod_proxy_html-2.4.6-45.el7_3.4.aarch64.rpm mod_session-2.4.6-45.el7_3.4.aarch64.rpm ppc64: httpd-debuginfo-2.4.6-45.el7_3.4.ppc64.rpm mod_ldap-2.4.6-45.el7_3.4.ppc64.rpm mod_proxy_html-2.4.6-45.el7_3.4.ppc64.rpm mod_session-2.4.6-45.el7_3.4.ppc64.rpm ppc64le: httpd-debuginfo-2.4.6-45.el7_3.4.ppc64le.rpm mod_ldap-2.4.6-45.el7_3.4.ppc64le.rpm mod_proxy_html-2.4.6-45.el7_3.4.ppc64le.rpm mod_session-2.4.6-45.el7_3.4.ppc64le.rpm s390x: httpd-debuginfo-2.4.6-45.el7_3.4.s390x.rpm mod_ldap-2.4.6-45.el7_3.4.s390x.rpm mod_proxy_html-2.4.6-45.el7_3.4.s390x.rpm mod_session-2.4.6-45.el7_3.4.s390x.rpm x86_64: httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm mod_ldap-2.4.6-45.el7_3.4.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.4.x86_64.rpm mod_session-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: httpd-2.4.6-45.el7_3.4.src.rpm noarch: httpd-manual-2.4.6-45.el7_3.4.noarch.rpm x86_64: httpd-2.4.6-45.el7_3.4.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm httpd-devel-2.4.6-45.el7_3.4.x86_64.rpm httpd-tools-2.4.6-45.el7_3.4.x86_64.rpm mod_ssl-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm mod_ldap-2.4.6-45.el7_3.4.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.4.x86_64.rpm mod_session-2.4.6-45.el7_3.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0736 https://access.redhat.com/security/cve/CVE-2016-2161 https://access.redhat.com/security/cve/CVE-2016-8743 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n2lXlSAg2UNWIIRAn0EAJ95hoSJjNM/kZUXd8Ae6G5J3pXXHACfTIfP pb07muMthgb6w7tJ0kAuc4o= =gSHO -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:22:17 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:22:17 +0000 Subject: [RHSA-2017:0907-01] Moderate: util-linux security and bug fix update Message-ID: <201704121922.v3CJMMt0009735@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: util-linux security and bug fix update Advisory ID: RHSA-2017:0907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0907 Issue date: 2017-04-12 CVE Names: CVE-2017-2616 ===================================================================== 1. Summary: An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias St?ckmann for reporting this issue. Bug Fix(es): * The "findmnt --target " command prints all file systems where the mount point directory is . Previously, when used in the chroot environment, "findmnt --target " incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1414481 - findmnt --target behaviour changed in 7.3, shows all mount-points in chroot 1418710 - CVE-2017-2616 util-linux: Sending SIGKILL to other processes with root privileges via su 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: util-linux-2.23.2-33.el7_3.2.src.rpm x86_64: libblkid-2.23.2-33.el7_3.2.i686.rpm libblkid-2.23.2-33.el7_3.2.x86_64.rpm libmount-2.23.2-33.el7_3.2.i686.rpm libmount-2.23.2-33.el7_3.2.x86_64.rpm libuuid-2.23.2-33.el7_3.2.i686.rpm libuuid-2.23.2-33.el7_3.2.x86_64.rpm util-linux-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm uuidd-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libblkid-devel-2.23.2-33.el7_3.2.i686.rpm libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm libmount-devel-2.23.2-33.el7_3.2.i686.rpm libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm libuuid-devel-2.23.2-33.el7_3.2.i686.rpm libuuid-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: util-linux-2.23.2-33.el7_3.2.src.rpm x86_64: libblkid-2.23.2-33.el7_3.2.i686.rpm libblkid-2.23.2-33.el7_3.2.x86_64.rpm libmount-2.23.2-33.el7_3.2.i686.rpm libmount-2.23.2-33.el7_3.2.x86_64.rpm libuuid-2.23.2-33.el7_3.2.i686.rpm libuuid-2.23.2-33.el7_3.2.x86_64.rpm util-linux-2.23.2-33.el7_3.2.i686.rpm util-linux-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm uuidd-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libblkid-devel-2.23.2-33.el7_3.2.i686.rpm libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm libmount-devel-2.23.2-33.el7_3.2.i686.rpm libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm libuuid-devel-2.23.2-33.el7_3.2.i686.rpm libuuid-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: util-linux-2.23.2-33.el7_3.2.src.rpm aarch64: libblkid-2.23.2-33.el7_3.2.aarch64.rpm libblkid-devel-2.23.2-33.el7_3.2.aarch64.rpm libmount-2.23.2-33.el7_3.2.aarch64.rpm libuuid-2.23.2-33.el7_3.2.aarch64.rpm libuuid-devel-2.23.2-33.el7_3.2.aarch64.rpm util-linux-2.23.2-33.el7_3.2.aarch64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.aarch64.rpm uuidd-2.23.2-33.el7_3.2.aarch64.rpm ppc64: libblkid-2.23.2-33.el7_3.2.ppc.rpm libblkid-2.23.2-33.el7_3.2.ppc64.rpm libblkid-devel-2.23.2-33.el7_3.2.ppc.rpm libblkid-devel-2.23.2-33.el7_3.2.ppc64.rpm libmount-2.23.2-33.el7_3.2.ppc.rpm libmount-2.23.2-33.el7_3.2.ppc64.rpm libuuid-2.23.2-33.el7_3.2.ppc.rpm libuuid-2.23.2-33.el7_3.2.ppc64.rpm libuuid-devel-2.23.2-33.el7_3.2.ppc.rpm libuuid-devel-2.23.2-33.el7_3.2.ppc64.rpm util-linux-2.23.2-33.el7_3.2.ppc.rpm util-linux-2.23.2-33.el7_3.2.ppc64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64.rpm uuidd-2.23.2-33.el7_3.2.ppc64.rpm ppc64le: libblkid-2.23.2-33.el7_3.2.ppc64le.rpm libblkid-devel-2.23.2-33.el7_3.2.ppc64le.rpm libmount-2.23.2-33.el7_3.2.ppc64le.rpm libuuid-2.23.2-33.el7_3.2.ppc64le.rpm libuuid-devel-2.23.2-33.el7_3.2.ppc64le.rpm util-linux-2.23.2-33.el7_3.2.ppc64le.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64le.rpm uuidd-2.23.2-33.el7_3.2.ppc64le.rpm s390x: libblkid-2.23.2-33.el7_3.2.s390.rpm libblkid-2.23.2-33.el7_3.2.s390x.rpm libblkid-devel-2.23.2-33.el7_3.2.s390.rpm libblkid-devel-2.23.2-33.el7_3.2.s390x.rpm libmount-2.23.2-33.el7_3.2.s390.rpm libmount-2.23.2-33.el7_3.2.s390x.rpm libuuid-2.23.2-33.el7_3.2.s390.rpm libuuid-2.23.2-33.el7_3.2.s390x.rpm libuuid-devel-2.23.2-33.el7_3.2.s390.rpm libuuid-devel-2.23.2-33.el7_3.2.s390x.rpm util-linux-2.23.2-33.el7_3.2.s390.rpm util-linux-2.23.2-33.el7_3.2.s390x.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.s390.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.s390x.rpm uuidd-2.23.2-33.el7_3.2.s390x.rpm x86_64: libblkid-2.23.2-33.el7_3.2.i686.rpm libblkid-2.23.2-33.el7_3.2.x86_64.rpm libblkid-devel-2.23.2-33.el7_3.2.i686.rpm libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm libmount-2.23.2-33.el7_3.2.i686.rpm libmount-2.23.2-33.el7_3.2.x86_64.rpm libuuid-2.23.2-33.el7_3.2.i686.rpm libuuid-2.23.2-33.el7_3.2.x86_64.rpm libuuid-devel-2.23.2-33.el7_3.2.i686.rpm libuuid-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-2.23.2-33.el7_3.2.i686.rpm util-linux-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm uuidd-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: libmount-devel-2.23.2-33.el7_3.2.aarch64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.aarch64.rpm ppc64: libmount-devel-2.23.2-33.el7_3.2.ppc.rpm libmount-devel-2.23.2-33.el7_3.2.ppc64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64.rpm ppc64le: libmount-devel-2.23.2-33.el7_3.2.ppc64le.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64le.rpm s390x: libmount-devel-2.23.2-33.el7_3.2.s390.rpm libmount-devel-2.23.2-33.el7_3.2.s390x.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.s390.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.s390x.rpm x86_64: libmount-devel-2.23.2-33.el7_3.2.i686.rpm libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: util-linux-2.23.2-33.el7_3.2.src.rpm x86_64: libblkid-2.23.2-33.el7_3.2.i686.rpm libblkid-2.23.2-33.el7_3.2.x86_64.rpm libblkid-devel-2.23.2-33.el7_3.2.i686.rpm libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm libmount-2.23.2-33.el7_3.2.i686.rpm libmount-2.23.2-33.el7_3.2.x86_64.rpm libuuid-2.23.2-33.el7_3.2.i686.rpm libuuid-2.23.2-33.el7_3.2.x86_64.rpm libuuid-devel-2.23.2-33.el7_3.2.i686.rpm libuuid-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-2.23.2-33.el7_3.2.i686.rpm util-linux-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm uuidd-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libmount-devel-2.23.2-33.el7_3.2.i686.rpm libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2616 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n4pXlSAg2UNWIIRAsCVAJ4w9jGUsneMY7bMOAuWfu0S+q7rigCfdF5W 7Zi3qRLisbrmC19vAqk7I3s= =LlRf -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:24:15 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:24:15 +0000 Subject: [RHSA-2017:0914-01] Moderate: libreoffice security and bug fix update Message-ID: <201704121924.v3CJONWE009811@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libreoffice security and bug fix update Advisory ID: RHSA-2017:0914-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0914 Issue date: 2017-04-12 CVE Names: CVE-2017-3157 ===================================================================== 1. Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose details of a system running LibreOffice as an online service via a crafted document. (CVE-2017-3157) Bug Fix(es): * Previously, an improper resource management caused the LibreOffice Calc spreadsheet application to terminate unexpectedly after closing a dialog window with accessibility support enabled. The resource management has been improved, and the described problem no longer occurs. (BZ#1425536) * Previously, when an incorrect password was entered for a password protected document, the document has been considered as valid and a fallback attempt to open it as plain text has been made. As a consequence, it could appear that the document succesfully loaded, while just the encrypted unreadable content was shown. A fix has been made to terminate import attempts after entering incorrect password, and now nothing is loaded when a wrong password is entered. (BZ#1426348) * Previously, an improper resource management caused the LibreOffice Calc spreadsheet application to terminate unexpectedly during exit, after the Text Import dialog for CSV (Comma-separated Value) files closed, when accessibility support was enabled. The resource management has been improved, and the described problem no longer occurs. (BZ#1425535) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of LibreOffice applications must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1425536 - [fix available] Crash in calc after closing dialog box with a11y enabled 1425844 - CVE-2017-3157 libreoffice: Arbitrary file disclosure in Calc and Writer 1426348 - [fix available] Password Protected (Encrypted) files opening as plain text after cancelling password dialog 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libreoffice-5.0.6.2-5.el7_3.1.src.rpm noarch: autocorr-af-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-bg-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ca-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-cs-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-da-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-de-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-en-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-es-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fa-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fi-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ga-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-hr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-hu-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-is-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-it-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ja-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ko-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-lb-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-lt-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-mn-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-nl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-pl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-pt-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ro-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ru-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sk-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sv-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-tr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-vi-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-zh-5.0.6.2-5.el7_3.1.noarch.rpm libreoffice-opensymbol-fonts-5.0.6.2-5.el7_3.1.noarch.rpm x86_64: libreoffice-base-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-calc-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-core-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-debuginfo-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-draw-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-emailmerge-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-graphicfilter-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-impress-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-af-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ar-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-as-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-bg-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-bn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-br-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ca-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-cs-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-cy-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-da-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-de-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-dz-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-el-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-en-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-es-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-et-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-eu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fa-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fi-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ga-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-gl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-gu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-he-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hi-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-it-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ja-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-kk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-kn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ko-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-lt-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-lv-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-mai-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ml-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-mr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nb-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nso-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-or-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pa-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pt-BR-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pt-PT-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ro-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ru-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-si-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ss-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-st-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sv-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ta-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-te-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-th-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-tn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-tr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ts-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-uk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ve-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-xh-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zh-Hans-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zh-Hant-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-math-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-ogltrans-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-pdfimport-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-pyuno-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-ure-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-wiki-publisher-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-writer-5.0.6.2-5.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libreoffice-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-bsh-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-debuginfo-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-filters-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-gdb-debug-support-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-glade-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-librelogo-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-nlpsolver-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-officebean-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-postgresql-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-rhino-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-sdk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-sdk-doc-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-xsltfilter-5.0.6.2-5.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: libreoffice-5.0.6.2-5.el7_3.1.src.rpm aarch64: libreoffice-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-base-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-bsh-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-calc-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-core-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-debuginfo-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-draw-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-emailmerge-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-filters-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-gdb-debug-support-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-glade-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-graphicfilter-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-impress-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-af-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ar-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-as-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-bg-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-bn-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-br-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ca-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-cs-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-cy-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-da-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-de-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-dz-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-el-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-en-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-es-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-et-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-eu-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-fa-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-fi-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-fr-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ga-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-gl-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-gu-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-he-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-hi-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-hr-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-hu-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-it-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ja-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-kk-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-kn-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ko-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-lt-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-lv-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-mai-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ml-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-mr-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-nb-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-nl-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-nn-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-nr-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-nso-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-or-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-pa-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-pl-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-pt-BR-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-pt-PT-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ro-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ru-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-si-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-sk-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-sl-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-sr-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ss-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-st-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-sv-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ta-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-te-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-th-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-tn-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-tr-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ts-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-uk-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-ve-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-xh-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-zh-Hans-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-zh-Hant-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-langpack-zu-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-librelogo-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-math-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-nlpsolver-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-officebean-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-ogltrans-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-pdfimport-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-postgresql-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-pyuno-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-rhino-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-sdk-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-sdk-doc-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-ure-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-wiki-publisher-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-writer-5.0.6.2-5.el7_3.1.aarch64.rpm libreoffice-xsltfilter-5.0.6.2-5.el7_3.1.aarch64.rpm noarch: autocorr-af-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-bg-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ca-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-cs-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-da-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-de-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-en-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-es-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fa-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fi-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ga-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-hr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-hu-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-is-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-it-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ja-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ko-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-lb-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-lt-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-mn-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-nl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-pl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-pt-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ro-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ru-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sk-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sv-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-tr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-vi-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-zh-5.0.6.2-5.el7_3.1.noarch.rpm libreoffice-opensymbol-fonts-5.0.6.2-5.el7_3.1.noarch.rpm ppc64le: libreoffice-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-base-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-bsh-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-calc-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-core-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-debuginfo-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-draw-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-emailmerge-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-filters-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-gdb-debug-support-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-glade-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-graphicfilter-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-impress-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-af-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ar-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-as-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-bg-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-bn-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-br-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ca-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-cs-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-cy-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-da-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-de-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-dz-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-el-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-en-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-es-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-et-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-eu-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-fa-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-fi-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-fr-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ga-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-gl-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-gu-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-he-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-hi-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-hr-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-hu-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-it-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ja-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-kk-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-kn-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ko-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-lt-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-lv-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-mai-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ml-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-mr-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-nb-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-nl-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-nn-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-nr-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-nso-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-or-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-pa-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-pl-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-pt-BR-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-pt-PT-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ro-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ru-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-si-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-sk-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-sl-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-sr-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ss-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-st-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-sv-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ta-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-te-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-th-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-tn-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-tr-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ts-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-uk-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-ve-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-xh-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-zh-Hans-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-zh-Hant-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-langpack-zu-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-librelogo-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-math-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-nlpsolver-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-officebean-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-ogltrans-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-pdfimport-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-postgresql-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-pyuno-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-rhino-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-sdk-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-sdk-doc-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-ure-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-wiki-publisher-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-writer-5.0.6.2-5.el7_3.1.ppc64le.rpm libreoffice-xsltfilter-5.0.6.2-5.el7_3.1.ppc64le.rpm x86_64: libreoffice-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-base-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-bsh-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-calc-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-core-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-debuginfo-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-draw-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-emailmerge-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-filters-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-gdb-debug-support-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-glade-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-graphicfilter-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-impress-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-af-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ar-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-as-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-bg-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-bn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-br-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ca-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-cs-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-cy-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-da-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-de-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-dz-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-el-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-en-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-es-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-et-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-eu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fa-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fi-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ga-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-gl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-gu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-he-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hi-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-it-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ja-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-kk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-kn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ko-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-lt-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-lv-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-mai-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ml-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-mr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nb-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nso-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-or-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pa-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pt-BR-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pt-PT-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ro-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ru-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-si-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ss-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-st-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sv-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ta-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-te-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-th-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-tn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-tr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ts-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-uk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ve-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-xh-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zh-Hans-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zh-Hant-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-librelogo-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-math-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-nlpsolver-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-officebean-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-ogltrans-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-pdfimport-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-postgresql-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-pyuno-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-rhino-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-sdk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-sdk-doc-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-ure-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-wiki-publisher-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-writer-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-xsltfilter-5.0.6.2-5.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libreoffice-5.0.6.2-5.el7_3.1.src.rpm noarch: autocorr-af-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-bg-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ca-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-cs-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-da-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-de-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-en-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-es-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fa-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fi-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-fr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ga-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-hr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-hu-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-is-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-it-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ja-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ko-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-lb-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-lt-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-mn-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-nl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-pl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-pt-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ro-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-ru-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sk-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sl-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-sv-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-tr-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-vi-5.0.6.2-5.el7_3.1.noarch.rpm autocorr-zh-5.0.6.2-5.el7_3.1.noarch.rpm libreoffice-opensymbol-fonts-5.0.6.2-5.el7_3.1.noarch.rpm x86_64: libreoffice-base-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-calc-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-core-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-debuginfo-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-draw-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-emailmerge-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-graphicfilter-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-impress-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-af-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ar-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-as-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-bg-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-bn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-br-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ca-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-cs-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-cy-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-da-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-de-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-dz-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-el-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-en-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-es-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-et-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-eu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fa-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fi-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-fr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ga-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-gl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-gu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-he-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hi-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-hu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-it-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ja-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-kk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-kn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ko-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-lt-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-lv-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-mai-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ml-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-mr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nb-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-nso-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-or-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pa-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pt-BR-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-pt-PT-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ro-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ru-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-si-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sl-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ss-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-st-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-sv-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ta-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-te-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-th-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-tn-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-tr-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ts-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-uk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-ve-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-xh-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zh-Hans-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zh-Hant-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-langpack-zu-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-math-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-ogltrans-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-pdfimport-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-pyuno-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-ure-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-wiki-publisher-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-writer-5.0.6.2-5.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libreoffice-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-bsh-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-debuginfo-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-filters-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-gdb-debug-support-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-glade-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-librelogo-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-nlpsolver-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-officebean-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-postgresql-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-rhino-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-sdk-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-sdk-doc-5.0.6.2-5.el7_3.1.x86_64.rpm libreoffice-xsltfilter-5.0.6.2-5.el7_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3157 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n6mXlSAg2UNWIIRAllUAJ4w+5TYVGNYRElCI1Hza8P7vp7FNQCglikw +pIQr2+eOMMHuKqw4H9rlGk= =W3Eg -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:25:42 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:25:42 +0000 Subject: [RHSA-2017:0920-01] Important: 389-ds-base security and bug fix update Message-ID: <201704121925.v3CJPnYt009887@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: RHSA-2017:0920-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0920 Issue date: 2017-04-12 CVE Names: CVE-2017-2668 ===================================================================== 1. Summary: An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. (CVE-2017-2668) Red Hat would like to thank Joachim Jabs (F24) for reporting this issue. Bug Fix(es): * Previously, when adding a filtered role definition that uses the "nsrole" virtual attribute in the filter, Directory Server terminated unexpectedly. A patch has been applied, and now the roles plug-in ignores all virtual attributes. As a result, an error message is logged when an invalid filter is used. Additionally, the role is deactivated and Directory Server no longer fails. (BZ#1429498) * In a replication topology, Directory Server incorrectly calculated the size of string format entries when a lot of entries were deleted. The calculated size of entries was smaller than the actual required size. Consequently, Directory Server allocated insufficient memory and terminated unexpectedly when the data was written to it. With this update, the size of string format entries is now calculated correctly in the described situation and Directory Server no longer terminates unexpectedly. (BZ#1429495) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the 389 server service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1429495 - ns-slapd dies under heavy load 1429498 - A filtered nsrole that specifies an empty nsrole in its nsRoleFilter will result in a segfault. 1436575 - CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: 389-ds-base-1.3.5.10-20.el7_3.src.rpm x86_64: 389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: 389-ds-base-1.3.5.10-20.el7_3.src.rpm x86_64: 389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: 389-ds-base-1.3.5.10-20.el7_3.src.rpm aarch64: 389-ds-base-1.3.5.10-20.el7_3.aarch64.rpm 389-ds-base-debuginfo-1.3.5.10-20.el7_3.aarch64.rpm 389-ds-base-libs-1.3.5.10-20.el7_3.aarch64.rpm ppc64le: 389-ds-base-1.3.5.10-20.el7_3.ppc64le.rpm 389-ds-base-debuginfo-1.3.5.10-20.el7_3.ppc64le.rpm 389-ds-base-libs-1.3.5.10-20.el7_3.ppc64le.rpm x86_64: 389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: 389-ds-base-debuginfo-1.3.5.10-20.el7_3.aarch64.rpm 389-ds-base-devel-1.3.5.10-20.el7_3.aarch64.rpm 389-ds-base-snmp-1.3.5.10-20.el7_3.aarch64.rpm ppc64le: 389-ds-base-debuginfo-1.3.5.10-20.el7_3.ppc64le.rpm 389-ds-base-devel-1.3.5.10-20.el7_3.ppc64le.rpm 389-ds-base-snmp-1.3.5.10-20.el7_3.ppc64le.rpm x86_64: 389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: 389-ds-base-1.3.5.10-20.el7_3.src.rpm x86_64: 389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: 389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm 389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2668 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n8HXlSAg2UNWIIRAkoNAKDE6GGYYqAzrqytX9kZaokV44XZ0ACeOWOe THYzG9N5LL5bYhOy1/B+wHc= =t9kU -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:26:23 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:26:23 +0000 Subject: [RHSA-2017:0934-01] Critical: flash-plugin security update Message-ID: <201704121926.v3CJQTrD010233@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2017:0934-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2017:0934 Issue date: 2017-04-12 CVE Names: CVE-2017-3058 CVE-2017-3059 CVE-2017-3060 CVE-2017-3061 CVE-2017-3062 CVE-2017-3063 CVE-2017-3064 ===================================================================== 1. Summary: An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 25.0.0.148. Security Fix(es): * This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2017-3058, CVE-2017-3059, CVE-2017-3060, CVE-2017-3061, CVE-2017-3062, CVE-2017-3063, CVE-2017-3064) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1441308 - CVE-2017-3058 CVE-2017-3059 CVE-2017-3060 CVE-2017-3061 CVE-2017-3062 CVE-2017-3063 CVE-2017-3064 flash-plugin: multiple code execution issues fixed in APSB17-10 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-25.0.0.148-1.el6_9.i686.rpm x86_64: flash-plugin-25.0.0.148-1.el6_9.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-25.0.0.148-1.el6_9.i686.rpm x86_64: flash-plugin-25.0.0.148-1.el6_9.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-25.0.0.148-1.el6_9.i686.rpm x86_64: flash-plugin-25.0.0.148-1.el6_9.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3058 https://access.redhat.com/security/cve/CVE-2017-3059 https://access.redhat.com/security/cve/CVE-2017-3060 https://access.redhat.com/security/cve/CVE-2017-3061 https://access.redhat.com/security/cve/CVE-2017-3062 https://access.redhat.com/security/cve/CVE-2017-3063 https://access.redhat.com/security/cve/CVE-2017-3064 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb17-10.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n9IXlSAg2UNWIIRAmwVAJ902TLNKi8COINjB94DYMVkp/aqwACgjozY IAESfe46GDvWyqvR0c+GvME= =b0mH -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:27:27 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:27:27 +0000 Subject: [RHSA-2017:0935-01] Moderate: tomcat security update Message-ID: <201704121927.v3CJRW38010261@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: tomcat security update Advisory ID: RHSA-2017:0935-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0935 Issue date: 2017-04-12 CVE Names: CVE-2016-6816 CVE-2016-8745 ===================================================================== 1. Summary: An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch Red Hat Enterprise Linux Client Optional (v. 7) - noarch Red Hat Enterprise Linux ComputeNode (v. 7) - noarch Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Enterprise Linux Server Optional (v. 7) - noarch Red Hat Enterprise Linux Workstation (v. 7) - noarch Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other then their own. (CVE-2016-6816) Note: This fix causes Tomcat to respond with an HTTP 400 Bad Request error when request contains characters that are not permitted by the HTTP specification to appear not encoded, even though they were previously accepted. The newly introduced system property tomcat.util.http.parser.HttpParser.requestTargetAllow can be used to configure Tomcat to accept curly braces ({ and }) and the pipe symbol (|) in not encoded form, as these are often used in URLs without being properly encoded. * A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body. (CVE-2016-8745) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1397484 - CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests 1403824 - CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: tomcat-7.0.69-11.el7_3.src.rpm noarch: tomcat-servlet-3.0-api-7.0.69-11.el7_3.noarch.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: tomcat-7.0.69-11.el7_3.noarch.rpm tomcat-admin-webapps-7.0.69-11.el7_3.noarch.rpm tomcat-docs-webapp-7.0.69-11.el7_3.noarch.rpm tomcat-el-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-javadoc-7.0.69-11.el7_3.noarch.rpm tomcat-jsp-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-jsvc-7.0.69-11.el7_3.noarch.rpm tomcat-lib-7.0.69-11.el7_3.noarch.rpm tomcat-webapps-7.0.69-11.el7_3.noarch.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: tomcat-7.0.69-11.el7_3.src.rpm noarch: tomcat-servlet-3.0-api-7.0.69-11.el7_3.noarch.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: tomcat-7.0.69-11.el7_3.noarch.rpm tomcat-admin-webapps-7.0.69-11.el7_3.noarch.rpm tomcat-docs-webapp-7.0.69-11.el7_3.noarch.rpm tomcat-el-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-javadoc-7.0.69-11.el7_3.noarch.rpm tomcat-jsp-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-jsvc-7.0.69-11.el7_3.noarch.rpm tomcat-lib-7.0.69-11.el7_3.noarch.rpm tomcat-webapps-7.0.69-11.el7_3.noarch.rpm Red Hat Enterprise Linux Server (v. 7): Source: tomcat-7.0.69-11.el7_3.src.rpm noarch: tomcat-7.0.69-11.el7_3.noarch.rpm tomcat-admin-webapps-7.0.69-11.el7_3.noarch.rpm tomcat-el-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-jsp-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-lib-7.0.69-11.el7_3.noarch.rpm tomcat-servlet-3.0-api-7.0.69-11.el7_3.noarch.rpm tomcat-webapps-7.0.69-11.el7_3.noarch.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: tomcat-7.0.69-11.el7_3.noarch.rpm tomcat-admin-webapps-7.0.69-11.el7_3.noarch.rpm tomcat-docs-webapp-7.0.69-11.el7_3.noarch.rpm tomcat-el-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-javadoc-7.0.69-11.el7_3.noarch.rpm tomcat-jsp-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-jsvc-7.0.69-11.el7_3.noarch.rpm tomcat-lib-7.0.69-11.el7_3.noarch.rpm tomcat-webapps-7.0.69-11.el7_3.noarch.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: tomcat-7.0.69-11.el7_3.src.rpm noarch: tomcat-7.0.69-11.el7_3.noarch.rpm tomcat-admin-webapps-7.0.69-11.el7_3.noarch.rpm tomcat-el-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-jsp-2.2-api-7.0.69-11.el7_3.noarch.rpm tomcat-lib-7.0.69-11.el7_3.noarch.rpm tomcat-servlet-3.0-api-7.0.69-11.el7_3.noarch.rpm tomcat-webapps-7.0.69-11.el7_3.noarch.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: tomcat-docs-webapp-7.0.69-11.el7_3.noarch.rpm tomcat-javadoc-7.0.69-11.el7_3.noarch.rpm tomcat-jsvc-7.0.69-11.el7_3.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-6816 https://access.redhat.com/security/cve/CVE-2016-8745 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n94XlSAg2UNWIIRAmjPAJ9bk8IBbgSqjZoV7R+WBZNUGHOKfwCcCZBj I6oGMjVT1JjlWEBHS/2zKeI= =EWzy -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:31:21 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:31:21 +0000 Subject: [RHSA-2017:0936-01] Moderate: python-defusedxml and python-pysaml2 security update Message-ID: <201704121931.v3CJVQD8011304@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python-defusedxml and python-pysaml2 security update Advisory ID: RHSA-2017:0936-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0936 Issue date: 2017-04-12 CVE Names: CVE-2016-10149 ===================================================================== 1. Summary: An update for python-defusedxml and python-pysaml2 is now available for Red Hat OpenStack Platform 8.0 (Liberty). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 8.0 (Liberty) - noarch 3. Description: The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieval issues. PySAML2 is the python implementation of SAML Version 2, containing all the functionality for building a SAML2 service provider or an identity provider, to be used in a WSGI environment. Security Fix(es): * An XML entity expansion vulnerability was found in python-pysaml2. A remote attacker could send a crafted request which would cause denial of service through resource exhaustion. (CVE-2016-10149) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1415710 - CVE-2016-10149 python-pysaml2: Entity expansion issue 6. Package List: Red Hat OpenStack Platform 8.0 (Liberty): Source: python-defusedxml-0.5.0-1.el7ost.src.rpm python-pysaml2-3.0.2-3.el7ost.src.rpm noarch: python-defusedxml-0.5.0-1.el7ost.noarch.rpm python-pysaml2-3.0.2-3.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-10149 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n+sXlSAg2UNWIIRAu4sAKC3MaFR/1NxH2kaxjSE5twde3xAxACgmXBk QfT2n6UvaBZ/EinRhfueD8E= =A38l -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:32:19 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:32:19 +0000 Subject: [RHSA-2017:0937-01] Moderate: python-defusedxml and python-pysaml2 security update Message-ID: <201704121932.v3CJWO1k011644@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python-defusedxml and python-pysaml2 security update Advisory ID: RHSA-2017:0937-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0937 Issue date: 2017-04-12 CVE Names: CVE-2016-10149 ===================================================================== 1. Summary: An update for python-defusedxml and python-pysaml2 is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 9.0 - noarch 3. Description: The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieval issues. PySAML2 is the python implementation of SAML Version 2, containing all the functionality for building a SAML2 service provider or an identity provider, to be used in a WSGI environment. Security Fix(es): * An XML entity expansion vulnerability was found in python-pysaml2. A remote attacker could send a crafted request which would cause denial of service through resource exhaustion. (CVE-2016-10149) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1415710 - CVE-2016-10149 python-pysaml2: Entity expansion issue 6. Package List: Red Hat OpenStack Platform 9.0: Source: python-defusedxml-0.5.0-1.el7ost.src.rpm python-pysaml2-3.0.2-3.el7ost.src.rpm noarch: python-defusedxml-0.5.0-1.el7ost.noarch.rpm python-pysaml2-3.0.2-3.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-10149 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7oCVXlSAg2UNWIIRAkLTAKCwzQ48FTqPDe2g00sLHCcxsclUmgCdHoZC qDl2Qwq7jl6hvKWi99Ep8ds= =6YE9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 12 19:33:32 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Apr 2017 19:33:32 +0000 Subject: [RHSA-2017:0938-01] Moderate: python-defusedxml and python-pysaml2 security update Message-ID: <201704121933.v3CJXcWs011708@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python-defusedxml and python-pysaml2 security update Advisory ID: RHSA-2017:0938-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0938 Issue date: 2017-04-12 CVE Names: CVE-2016-10149 ===================================================================== 1. Summary: An update for python-defusedxml and python-pysaml2 is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 10.0 - noarch 3. Description: The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieval issues. PySAML2 is the python implementation of SAML Version 2, containing all the functionality for building a SAML2 service provider or an identity provider, to be used in a WSGI environment. Security Fix(es): * An XML entity expansion vulnerability was found in python-pysaml2. A remote attacker could send a crafted request which would cause denial of service through resource exhaustion. (CVE-2016-10149) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1415710 - CVE-2016-10149 python-pysaml2: Entity expansion issue 6. Package List: Red Hat OpenStack Platform 10.0: Source: python-defusedxml-0.5.0-1.el7ost.src.rpm python-pysaml2-3.0.2-3.el7ost.src.rpm noarch: python-defusedxml-0.5.0-1.el7ost.noarch.rpm python-pysaml2-3.0.2-3.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-10149 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7oDeXlSAg2UNWIIRApCHAJ9MZG0PZNFCfjFt4RqDl6vRAHNcMQCdGHwN c2oeDCfuB21ENY8aKL92Tec= =Z6cP -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 05:00:11 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 05:00:11 +0000 Subject: [RHSA-2017:0980-01] Important: qemu-kvm-rhev security update Message-ID: <201704180500.v3I50KjG027476@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm-rhev security update Advisory ID: RHSA-2017:0980-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0980 Issue date: 2017-04-18 CVE Names: CVE-2016-9603 ===================================================================== 1. Summary: An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es): * Quick Emulator (QEMU), built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7: Source: qemu-kvm-rhev-2.6.0-28.el7_3.9.src.rpm x86_64: qemu-img-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-common-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-tools-rhev-2.6.0-28.el7_3.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9603 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9Z1MXlSAg2UNWIIRAkxaAKC7y44gem/FPwO5Kgqt6J8wl9FhWACeMEJ8 sjHKJnnL9EiStalXrWtljDA= =tbRA -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 05:00:46 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 05:00:46 +0000 Subject: [RHSA-2017:0981-01] Important: qemu-kvm-rhev security update Message-ID: <201704180500.v3I50psD027494@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm-rhev security update Advisory ID: RHSA-2017:0981-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0981 Issue date: 2017-04-18 CVE Names: CVE-2016-9603 ===================================================================== 1. Summary: An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es): * Quick Emulator (QEMU), built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection 6. Package List: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7: Source: qemu-kvm-rhev-2.6.0-28.el7_3.9.src.rpm x86_64: qemu-img-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-common-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-tools-rhev-2.6.0-28.el7_3.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9603 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9Z1zXlSAg2UNWIIRAitVAJ42QDev5MsM0AWWhMoN9uQ9FJaHRQCgt3lB m2O3qp6k2g6QSgRD3ZTf4OA= =0sYh -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 05:01:16 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 05:01:16 +0000 Subject: [RHSA-2017:0982-01] Important: qemu-kvm-rhev security update Message-ID: <201704180501.v3I51MwS027511@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm-rhev security update Advisory ID: RHSA-2017:0982-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0982 Issue date: 2017-04-18 CVE Names: CVE-2016-9603 ===================================================================== 1. Summary: An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es): * Quick Emulator (QEMU), built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection 6. Package List: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7: Source: qemu-kvm-rhev-2.6.0-28.el7_3.9.src.rpm x86_64: qemu-img-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-common-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-tools-rhev-2.6.0-28.el7_3.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9603 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9Z2OXlSAg2UNWIIRAiUxAKCQYqph9mbB1rZrdujOrXDI5kltnwCcCsxf Ar+UzH7ZyAN0w7XE/gSm8P4= =T3mI -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 05:01:49 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 05:01:49 +0000 Subject: [RHSA-2017:0983-01] Important: qemu-kvm-rhev security update Message-ID: <201704180501.v3I51tnP027868@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm-rhev security update Advisory ID: RHSA-2017:0983-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0983 Issue date: 2017-04-18 CVE Names: CVE-2016-9603 ===================================================================== 1. Summary: An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 8.0 (Liberty). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 8.0 (Liberty) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es): * Quick Emulator (QEMU), built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection 6. Package List: Red Hat OpenStack Platform 8.0 (Liberty): Source: qemu-kvm-rhev-2.6.0-28.el7_3.9.src.rpm x86_64: qemu-img-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-common-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-tools-rhev-2.6.0-28.el7_3.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9603 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9Z2tXlSAg2UNWIIRAqKsAKC0P/SF/ylhXV+AVWZaBdUExL21LgCeIDal tT/cEV2aHFS3rs8gn25VMFg= =KEPz -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 05:02:27 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 05:02:27 +0000 Subject: [RHSA-2017:0984-01] Important: qemu-kvm-rhev security update Message-ID: <201704180502.v3I52YOm027892@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm-rhev security update Advisory ID: RHSA-2017:0984-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0984 Issue date: 2017-04-18 CVE Names: CVE-2016-9603 ===================================================================== 1. Summary: An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 9.0 - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es): * Quick Emulator (QEMU), built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection 6. Package List: Red Hat OpenStack Platform 9.0: Source: qemu-kvm-rhev-2.6.0-28.el7_3.9.src.rpm x86_64: qemu-img-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-common-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-tools-rhev-2.6.0-28.el7_3.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9603 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9Z3VXlSAg2UNWIIRAlMTAJ9/PlLKszKaY3kR4Gttt1PwuuCGoQCdEju6 EjZ8tuFlkMrIbL32X86Hm0E= =j83B -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 05:17:46 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 05:17:46 +0000 Subject: [RHSA-2017:0979-01] Moderate: libreoffice security update Message-ID: <201704180518.v3I5ILc5030144@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libreoffice security update Advisory ID: RHSA-2017:0979-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0979 Issue date: 2017-04-18 CVE Names: CVE-2017-3157 ===================================================================== 1. Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose details of a system running LibreOffice as an online service via a crafted document. (CVE-2017-3157) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of LibreOffice applications must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1425844 - CVE-2017-3157 libreoffice: Arbitrary file disclosure in Calc and Writer 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: libreoffice-4.3.7.2-2.el6_9.1.src.rpm i386: libreoffice-base-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-calc-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-core-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-draw-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-headless-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-impress-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-af-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-as-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-cy-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-da-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-de-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-el-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-en-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-es-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-et-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ga-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-gu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-he-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hi-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-it-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-kn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ko-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-mr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ms-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-or-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pa-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ru-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-st-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-te-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-th-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-math-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-ogltrans-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-pdfimport-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-pyuno-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-ure-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-writer-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.i686.rpm noarch: autocorr-af-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-bg-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ca-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-cs-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-da-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-de-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-en-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-es-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fa-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fi-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ga-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-hr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-hu-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-it-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ja-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ko-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-lb-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-lt-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-mn-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-nl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-pl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-pt-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ro-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ru-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sk-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sv-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-tr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-vi-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-zh-4.3.7.2-2.el6_9.1.noarch.rpm libreoffice-opensymbol-fonts-4.3.7.2-2.el6_9.1.noarch.rpm x86_64: libreoffice-base-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-calc-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-core-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-draw-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-headless-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-impress-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-af-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-as-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-cy-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-da-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-de-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-el-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-en-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-es-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-et-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ga-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-gu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-he-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hi-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-it-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-kn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ko-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-mr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ms-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-or-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pa-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ru-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-st-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-te-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-th-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-math-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-ogltrans-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-pdfimport-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-pyuno-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-ure-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-writer-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: libreoffice-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-bsh-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-filters-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-glade-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-librelogo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-nlpsolver-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-officebean-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-rhino-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-sdk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.i686.rpm noarch: autocorr-is-4.3.7.2-2.el6_9.1.noarch.rpm x86_64: libreoffice-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-bsh-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-filters-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-glade-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-librelogo-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-nlpsolver-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-officebean-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-rhino-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-sdk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: libreoffice-4.3.7.2-2.el6_9.1.src.rpm i386: libreoffice-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-base-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-bsh-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-calc-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-core-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-draw-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-filters-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-glade-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-headless-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-impress-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-af-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-as-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-cy-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-da-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-de-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-el-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-en-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-es-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-et-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ga-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-gu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-he-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hi-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-it-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-kn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ko-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-mr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ms-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-or-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pa-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ru-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-st-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-te-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-th-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-librelogo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-math-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-nlpsolver-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-officebean-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-ogltrans-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-pdfimport-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-pyuno-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-rhino-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-sdk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-ure-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-writer-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.i686.rpm noarch: autocorr-af-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-bg-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ca-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-cs-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-da-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-de-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-en-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-es-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fa-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fi-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ga-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-hr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-hu-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-is-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-it-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ja-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ko-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-lb-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-lt-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-mn-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-nl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-pl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-pt-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ro-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ru-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sk-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sv-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-tr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-vi-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-zh-4.3.7.2-2.el6_9.1.noarch.rpm libreoffice-opensymbol-fonts-4.3.7.2-2.el6_9.1.noarch.rpm ppc64: libreoffice-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-base-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-bsh-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-calc-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-core-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.ppc.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-draw-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-filters-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.ppc.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-glade-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-headless-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-impress-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-af-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-as-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-cy-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-da-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-de-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-el-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-en-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-es-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-et-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ga-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-gu-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-he-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-hi-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-hu-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-it-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-kn-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ko-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-mr-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ms-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-nl-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-nn-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-nr-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-or-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-pa-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-pl-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ru-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-sk-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-st-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-te-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-th-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-librelogo-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-math-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-nlpsolver-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-officebean-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-ogltrans-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-pdfimport-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-pyuno-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-rhino-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-sdk-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-ure-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-writer-4.3.7.2-2.el6_9.1.ppc64.rpm libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.ppc64.rpm s390x: libreoffice-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-base-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-bsh-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-calc-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-core-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.s390.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-draw-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-filters-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.s390.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-glade-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-headless-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-impress-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-af-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-as-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-cy-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-da-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-de-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-el-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-en-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-es-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-et-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ga-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-gu-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-he-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-hi-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-hu-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-it-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-kn-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ko-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-mr-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ms-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-nl-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-nn-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-nr-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-or-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-pa-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-pl-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ru-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-sk-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-st-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-te-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-th-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-librelogo-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-math-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-nlpsolver-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-officebean-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-ogltrans-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-pdfimport-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-pyuno-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-rhino-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-sdk-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-ure-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-writer-4.3.7.2-2.el6_9.1.s390x.rpm libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.s390x.rpm x86_64: libreoffice-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-base-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-bsh-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-calc-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-core-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-draw-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-filters-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-glade-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-headless-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-impress-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-af-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-as-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-cy-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-da-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-de-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-el-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-en-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-es-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-et-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ga-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-gu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-he-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hi-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-it-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-kn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ko-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-mr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ms-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-or-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pa-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ru-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-st-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-te-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-th-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-librelogo-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-math-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-nlpsolver-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-officebean-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-ogltrans-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-pdfimport-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-pyuno-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-rhino-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-sdk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-ure-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-writer-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: libreoffice-4.3.7.2-2.el6_9.1.src.rpm i386: libreoffice-base-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-calc-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-core-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-draw-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-headless-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-impress-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-af-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-as-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-cy-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-da-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-de-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-el-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-en-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-es-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-et-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ga-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-gu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-he-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hi-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-hu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-it-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-kn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ko-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-mr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ms-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-or-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pa-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ru-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-st-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-te-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-th-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-math-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-ogltrans-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-pdfimport-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-pyuno-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-ure-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-writer-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.i686.rpm noarch: autocorr-af-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-bg-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ca-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-cs-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-da-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-de-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-en-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-es-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fa-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fi-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-fr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ga-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-hr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-hu-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-it-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ja-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ko-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-lb-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-lt-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-mn-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-nl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-pl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-pt-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ro-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-ru-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sk-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sl-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-sv-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-tr-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-vi-4.3.7.2-2.el6_9.1.noarch.rpm autocorr-zh-4.3.7.2-2.el6_9.1.noarch.rpm libreoffice-opensymbol-fonts-4.3.7.2-2.el6_9.1.noarch.rpm x86_64: libreoffice-base-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-calc-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-core-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-draw-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-headless-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-impress-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-af-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-as-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-cy-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-da-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-de-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-el-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-en-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-es-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-et-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ga-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-gu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-he-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hi-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-hu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-it-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-kn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ko-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-mr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ms-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-or-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pa-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ru-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-st-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-te-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-th-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-math-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-ogltrans-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-pdfimport-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-pyuno-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-ure-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-writer-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: libreoffice-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-bsh-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-filters-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-glade-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-librelogo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-nlpsolver-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-officebean-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-rhino-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-sdk-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.i686.rpm noarch: autocorr-is-4.3.7.2-2.el6_9.1.noarch.rpm x86_64: libreoffice-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-bsh-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-filters-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.i686.rpm libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-glade-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-librelogo-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-nlpsolver-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-officebean-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-rhino-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-sdk-4.3.7.2-2.el6_9.1.x86_64.rpm libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3157 https://access.redhat.com/security/updates/classification/#moderate https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9aFvXlSAg2UNWIIRAn10AJ9IfLvKYxbJTEQvcWZAFyBgBh5CzwCeNB+a uQFQBikeqS73yGwGlUPflmg= =AkzO -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 10:06:41 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 10:06:41 +0000 Subject: [RHSA-2017:0986-01] Important: kernel security update Message-ID: <201704181006.v3IA6oZ4001478@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2017:0986-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0986 Issue date: 2017-04-18 CVE Names: CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) Red Hat would like to thank Alexander Popov for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.4): Source: kernel-2.6.32-358.78.1.el6.src.rpm noarch: kernel-doc-2.6.32-358.78.1.el6.noarch.rpm kernel-firmware-2.6.32-358.78.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.78.1.el6.x86_64.rpm kernel-debug-2.6.32-358.78.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.78.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.78.1.el6.x86_64.rpm kernel-devel-2.6.32-358.78.1.el6.x86_64.rpm kernel-headers-2.6.32-358.78.1.el6.x86_64.rpm perf-2.6.32-358.78.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: kernel-2.6.32-358.78.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.78.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm python-perf-2.6.32-358.78.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9eUkXlSAg2UNWIIRAmFeAKCdpbP4Du+kPk5Yl2h14YrmM9uLHwCeKFBI UJoS8xX6O7HwjIyr4Vn+5Gs= =85YF -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 17:26:45 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 17:26:45 +0000 Subject: [RHSA-2017:0987-01] Important: qemu-kvm security update Message-ID: <201704181726.v3IHQqko029145@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm security update Advisory ID: RHSA-2017:0987-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0987 Issue date: 2017-04-18 CVE Names: CVE-2016-9603 ===================================================================== 1. Summary: An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): * A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: qemu-kvm-1.5.3-126.el7_3.6.src.rpm x86_64: qemu-img-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-common-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-debuginfo-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-tools-1.5.3-126.el7_3.6.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: qemu-kvm-1.5.3-126.el7_3.6.src.rpm x86_64: qemu-img-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-common-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-debuginfo-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-tools-1.5.3-126.el7_3.6.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: qemu-kvm-1.5.3-126.el7_3.6.src.rpm ppc64: qemu-img-1.5.3-126.el7_3.6.ppc64.rpm qemu-kvm-debuginfo-1.5.3-126.el7_3.6.ppc64.rpm ppc64le: qemu-img-1.5.3-126.el7_3.6.ppc64le.rpm qemu-kvm-debuginfo-1.5.3-126.el7_3.6.ppc64le.rpm x86_64: qemu-img-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-common-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-debuginfo-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-tools-1.5.3-126.el7_3.6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: qemu-kvm-1.5.3-126.el7_3.6.src.rpm x86_64: qemu-img-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-common-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-debuginfo-1.5.3-126.el7_3.6.x86_64.rpm qemu-kvm-tools-1.5.3-126.el7_3.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9603 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9kw1XlSAg2UNWIIRAnY7AJ43ezytaMXKSVUfNW/90+DboP8UGwCfTgj9 eG/6C/nuSVfr4/8ZKtp1OTw= =7loT -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 18 21:04:29 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Apr 2017 21:04:29 +0000 Subject: [RHSA-2017:0988-01] Important: qemu-kvm-rhev security update Message-ID: <201704182104.v3IL4b4u025031@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm-rhev security update Advisory ID: RHSA-2017:0988-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0988 Issue date: 2017-04-18 CVE Names: CVE-2016-9603 ===================================================================== 1. Summary: An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 10.0 - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es): * Quick Emulator (QEMU), built with the Cirrus CLGD 54xx VGA Emulator and the VNC display driver support, is vulnerable to a heap buffer overflow issue. The issue could occur when a VNC client attempts to update its display after a VGA operation is performed by a guest. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or, potentially, leverage it to execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection 6. Package List: Red Hat OpenStack Platform 10.0: Source: qemu-kvm-rhev-2.6.0-28.el7_3.9.src.rpm x86_64: qemu-img-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-common-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-rhev-debuginfo-2.6.0-28.el7_3.9.x86_64.rpm qemu-kvm-tools-rhev-2.6.0-28.el7_3.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9603 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9n9MXlSAg2UNWIIRAuMRAJ0Ymt5ccGjw8wxDyqr4rF0YGasJHACfSCF1 6JnPQa1tGSEZwEIa4O5QQiI= =ZmxC -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 19 07:02:18 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 19 Apr 2017 07:02:18 +0000 Subject: [RHSA-2017:1095-01] Important: bind security update Message-ID: <201704190702.v3J72QhI030891@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2017:1095-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1095 Issue date: 2017-04-19 CVE Names: CVE-2017-3136 CVE-2017-3137 ===================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2017-3137) * A denial of service flaw was found in the way BIND handled query requests when using DNS64 with "break-dnssec yes" option. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3136) Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Oleg Gorokhov (Yandex) as the original reporter of CVE-2017-3136. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1441125 - CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;" 1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: bind-9.9.4-38.el7_3.3.src.rpm noarch: bind-license-9.9.4-38.el7_3.3.noarch.rpm x86_64: bind-debuginfo-9.9.4-38.el7_3.3.i686.rpm bind-debuginfo-9.9.4-38.el7_3.3.x86_64.rpm bind-libs-9.9.4-38.el7_3.3.i686.rpm bind-libs-9.9.4-38.el7_3.3.x86_64.rpm bind-libs-lite-9.9.4-38.el7_3.3.i686.rpm bind-libs-lite-9.9.4-38.el7_3.3.x86_64.rpm bind-utils-9.9.4-38.el7_3.3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bind-9.9.4-38.el7_3.3.x86_64.rpm bind-chroot-9.9.4-38.el7_3.3.x86_64.rpm bind-debuginfo-9.9.4-38.el7_3.3.i686.rpm bind-debuginfo-9.9.4-38.el7_3.3.x86_64.rpm bind-devel-9.9.4-38.el7_3.3.i686.rpm bind-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-lite-devel-9.9.4-38.el7_3.3.i686.rpm bind-lite-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.i686.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.i686.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-utils-9.9.4-38.el7_3.3.x86_64.rpm bind-sdb-9.9.4-38.el7_3.3.x86_64.rpm bind-sdb-chroot-9.9.4-38.el7_3.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: bind-9.9.4-38.el7_3.3.src.rpm noarch: bind-license-9.9.4-38.el7_3.3.noarch.rpm x86_64: bind-debuginfo-9.9.4-38.el7_3.3.i686.rpm bind-debuginfo-9.9.4-38.el7_3.3.x86_64.rpm bind-libs-9.9.4-38.el7_3.3.i686.rpm bind-libs-9.9.4-38.el7_3.3.x86_64.rpm bind-libs-lite-9.9.4-38.el7_3.3.i686.rpm bind-libs-lite-9.9.4-38.el7_3.3.x86_64.rpm bind-utils-9.9.4-38.el7_3.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bind-9.9.4-38.el7_3.3.x86_64.rpm bind-chroot-9.9.4-38.el7_3.3.x86_64.rpm bind-debuginfo-9.9.4-38.el7_3.3.i686.rpm bind-debuginfo-9.9.4-38.el7_3.3.x86_64.rpm bind-devel-9.9.4-38.el7_3.3.i686.rpm bind-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-lite-devel-9.9.4-38.el7_3.3.i686.rpm bind-lite-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.i686.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.i686.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-utils-9.9.4-38.el7_3.3.x86_64.rpm bind-sdb-9.9.4-38.el7_3.3.x86_64.rpm bind-sdb-chroot-9.9.4-38.el7_3.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.9.4-38.el7_3.3.src.rpm aarch64: bind-9.9.4-38.el7_3.3.aarch64.rpm bind-chroot-9.9.4-38.el7_3.3.aarch64.rpm bind-debuginfo-9.9.4-38.el7_3.3.aarch64.rpm bind-libs-9.9.4-38.el7_3.3.aarch64.rpm bind-libs-lite-9.9.4-38.el7_3.3.aarch64.rpm bind-pkcs11-9.9.4-38.el7_3.3.aarch64.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.aarch64.rpm bind-pkcs11-utils-9.9.4-38.el7_3.3.aarch64.rpm bind-utils-9.9.4-38.el7_3.3.aarch64.rpm noarch: bind-license-9.9.4-38.el7_3.3.noarch.rpm ppc64: bind-9.9.4-38.el7_3.3.ppc64.rpm bind-chroot-9.9.4-38.el7_3.3.ppc64.rpm bind-debuginfo-9.9.4-38.el7_3.3.ppc.rpm bind-debuginfo-9.9.4-38.el7_3.3.ppc64.rpm bind-libs-9.9.4-38.el7_3.3.ppc.rpm bind-libs-9.9.4-38.el7_3.3.ppc64.rpm bind-libs-lite-9.9.4-38.el7_3.3.ppc.rpm bind-libs-lite-9.9.4-38.el7_3.3.ppc64.rpm bind-utils-9.9.4-38.el7_3.3.ppc64.rpm ppc64le: bind-9.9.4-38.el7_3.3.ppc64le.rpm bind-chroot-9.9.4-38.el7_3.3.ppc64le.rpm bind-debuginfo-9.9.4-38.el7_3.3.ppc64le.rpm bind-libs-9.9.4-38.el7_3.3.ppc64le.rpm bind-libs-lite-9.9.4-38.el7_3.3.ppc64le.rpm bind-pkcs11-9.9.4-38.el7_3.3.ppc64le.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.ppc64le.rpm bind-pkcs11-utils-9.9.4-38.el7_3.3.ppc64le.rpm bind-utils-9.9.4-38.el7_3.3.ppc64le.rpm s390x: bind-9.9.4-38.el7_3.3.s390x.rpm bind-chroot-9.9.4-38.el7_3.3.s390x.rpm bind-debuginfo-9.9.4-38.el7_3.3.s390.rpm bind-debuginfo-9.9.4-38.el7_3.3.s390x.rpm bind-libs-9.9.4-38.el7_3.3.s390.rpm bind-libs-9.9.4-38.el7_3.3.s390x.rpm bind-libs-lite-9.9.4-38.el7_3.3.s390.rpm bind-libs-lite-9.9.4-38.el7_3.3.s390x.rpm bind-utils-9.9.4-38.el7_3.3.s390x.rpm x86_64: bind-9.9.4-38.el7_3.3.x86_64.rpm bind-chroot-9.9.4-38.el7_3.3.x86_64.rpm bind-debuginfo-9.9.4-38.el7_3.3.i686.rpm bind-debuginfo-9.9.4-38.el7_3.3.x86_64.rpm bind-libs-9.9.4-38.el7_3.3.i686.rpm bind-libs-9.9.4-38.el7_3.3.x86_64.rpm bind-libs-lite-9.9.4-38.el7_3.3.i686.rpm bind-libs-lite-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.i686.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-utils-9.9.4-38.el7_3.3.x86_64.rpm bind-utils-9.9.4-38.el7_3.3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: bind-debuginfo-9.9.4-38.el7_3.3.aarch64.rpm bind-devel-9.9.4-38.el7_3.3.aarch64.rpm bind-lite-devel-9.9.4-38.el7_3.3.aarch64.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.aarch64.rpm bind-sdb-9.9.4-38.el7_3.3.aarch64.rpm bind-sdb-chroot-9.9.4-38.el7_3.3.aarch64.rpm ppc64: bind-debuginfo-9.9.4-38.el7_3.3.ppc.rpm bind-debuginfo-9.9.4-38.el7_3.3.ppc64.rpm bind-devel-9.9.4-38.el7_3.3.ppc.rpm bind-devel-9.9.4-38.el7_3.3.ppc64.rpm bind-lite-devel-9.9.4-38.el7_3.3.ppc.rpm bind-lite-devel-9.9.4-38.el7_3.3.ppc64.rpm bind-pkcs11-9.9.4-38.el7_3.3.ppc64.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.ppc.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.ppc64.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.ppc.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.ppc64.rpm bind-pkcs11-utils-9.9.4-38.el7_3.3.ppc64.rpm bind-sdb-9.9.4-38.el7_3.3.ppc64.rpm bind-sdb-chroot-9.9.4-38.el7_3.3.ppc64.rpm ppc64le: bind-debuginfo-9.9.4-38.el7_3.3.ppc64le.rpm bind-devel-9.9.4-38.el7_3.3.ppc64le.rpm bind-lite-devel-9.9.4-38.el7_3.3.ppc64le.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.ppc64le.rpm bind-sdb-9.9.4-38.el7_3.3.ppc64le.rpm bind-sdb-chroot-9.9.4-38.el7_3.3.ppc64le.rpm s390x: bind-debuginfo-9.9.4-38.el7_3.3.s390.rpm bind-debuginfo-9.9.4-38.el7_3.3.s390x.rpm bind-devel-9.9.4-38.el7_3.3.s390.rpm bind-devel-9.9.4-38.el7_3.3.s390x.rpm bind-lite-devel-9.9.4-38.el7_3.3.s390.rpm bind-lite-devel-9.9.4-38.el7_3.3.s390x.rpm bind-pkcs11-9.9.4-38.el7_3.3.s390x.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.s390.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.s390x.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.s390.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.s390x.rpm bind-pkcs11-utils-9.9.4-38.el7_3.3.s390x.rpm bind-sdb-9.9.4-38.el7_3.3.s390x.rpm bind-sdb-chroot-9.9.4-38.el7_3.3.s390x.rpm x86_64: bind-debuginfo-9.9.4-38.el7_3.3.i686.rpm bind-debuginfo-9.9.4-38.el7_3.3.x86_64.rpm bind-devel-9.9.4-38.el7_3.3.i686.rpm bind-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-lite-devel-9.9.4-38.el7_3.3.i686.rpm bind-lite-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.i686.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-sdb-9.9.4-38.el7_3.3.x86_64.rpm bind-sdb-chroot-9.9.4-38.el7_3.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: bind-9.9.4-38.el7_3.3.src.rpm noarch: bind-license-9.9.4-38.el7_3.3.noarch.rpm x86_64: bind-9.9.4-38.el7_3.3.x86_64.rpm bind-chroot-9.9.4-38.el7_3.3.x86_64.rpm bind-debuginfo-9.9.4-38.el7_3.3.i686.rpm bind-debuginfo-9.9.4-38.el7_3.3.x86_64.rpm bind-libs-9.9.4-38.el7_3.3.i686.rpm bind-libs-9.9.4-38.el7_3.3.x86_64.rpm bind-libs-lite-9.9.4-38.el7_3.3.i686.rpm bind-libs-lite-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.i686.rpm bind-pkcs11-libs-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-utils-9.9.4-38.el7_3.3.x86_64.rpm bind-utils-9.9.4-38.el7_3.3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bind-debuginfo-9.9.4-38.el7_3.3.i686.rpm bind-debuginfo-9.9.4-38.el7_3.3.x86_64.rpm bind-devel-9.9.4-38.el7_3.3.i686.rpm bind-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-lite-devel-9.9.4-38.el7_3.3.i686.rpm bind-lite-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.i686.rpm bind-pkcs11-devel-9.9.4-38.el7_3.3.x86_64.rpm bind-sdb-9.9.4-38.el7_3.3.x86_64.rpm bind-sdb-chroot-9.9.4-38.el7_3.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3136 https://access.redhat.com/security/cve/CVE-2017-3137 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01465 https://kb.isc.org/article/AA-01466 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY9wtWXlSAg2UNWIIRAqXnAKCthBscnCWgstyldrCSk9r10JuqzACgtZPD sQgZieiuAFeg4QSPpVa0nv8= =xQZg -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 20 05:16:43 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Apr 2017 05:16:43 +0000 Subject: [RHSA-2017:1100-01] Critical: nss and nss-util security update Message-ID: <201704200516.v3K5GnIj030985@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: nss and nss-util security update Advisory ID: RHSA-2017:1100-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1100 Issue date: 2017-04-20 CVE Names: CVE-2017-5461 ===================================================================== 1. Summary: An update for nss and nss-util is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.28.4), nss-util (3.28.4). Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1440080 - CVE-2017-5461 nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: nss-3.28.4-1.el6_9.src.rpm nss-util-3.28.4-1.el6_9.src.rpm i386: nss-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-sysinit-3.28.4-1.el6_9.i686.rpm nss-tools-3.28.4-1.el6_9.i686.rpm nss-util-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm x86_64: nss-3.28.4-1.el6_9.i686.rpm nss-3.28.4-1.el6_9.x86_64.rpm nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-sysinit-3.28.4-1.el6_9.x86_64.rpm nss-tools-3.28.4-1.el6_9.x86_64.rpm nss-util-3.28.4-1.el6_9.i686.rpm nss-util-3.28.4-1.el6_9.x86_64.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-devel-3.28.4-1.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-devel-3.28.4-1.el6_9.i686.rpm x86_64: nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-devel-3.28.4-1.el6_9.i686.rpm nss-devel-3.28.4-1.el6_9.x86_64.rpm nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-1.el6_9.x86_64.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-util-devel-3.28.4-1.el6_9.i686.rpm nss-util-devel-3.28.4-1.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: nss-3.28.4-1.el6_9.src.rpm nss-util-3.28.4-1.el6_9.src.rpm x86_64: nss-3.28.4-1.el6_9.i686.rpm nss-3.28.4-1.el6_9.x86_64.rpm nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-sysinit-3.28.4-1.el6_9.x86_64.rpm nss-tools-3.28.4-1.el6_9.x86_64.rpm nss-util-3.28.4-1.el6_9.i686.rpm nss-util-3.28.4-1.el6_9.x86_64.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-devel-3.28.4-1.el6_9.i686.rpm nss-devel-3.28.4-1.el6_9.x86_64.rpm nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-1.el6_9.x86_64.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-util-devel-3.28.4-1.el6_9.i686.rpm nss-util-devel-3.28.4-1.el6_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: nss-3.28.4-1.el6_9.src.rpm nss-util-3.28.4-1.el6_9.src.rpm i386: nss-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-devel-3.28.4-1.el6_9.i686.rpm nss-sysinit-3.28.4-1.el6_9.i686.rpm nss-tools-3.28.4-1.el6_9.i686.rpm nss-util-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-devel-3.28.4-1.el6_9.i686.rpm ppc64: nss-3.28.4-1.el6_9.ppc.rpm nss-3.28.4-1.el6_9.ppc64.rpm nss-debuginfo-3.28.4-1.el6_9.ppc.rpm nss-debuginfo-3.28.4-1.el6_9.ppc64.rpm nss-devel-3.28.4-1.el6_9.ppc.rpm nss-devel-3.28.4-1.el6_9.ppc64.rpm nss-sysinit-3.28.4-1.el6_9.ppc64.rpm nss-tools-3.28.4-1.el6_9.ppc64.rpm nss-util-3.28.4-1.el6_9.ppc.rpm nss-util-3.28.4-1.el6_9.ppc64.rpm nss-util-debuginfo-3.28.4-1.el6_9.ppc.rpm nss-util-debuginfo-3.28.4-1.el6_9.ppc64.rpm nss-util-devel-3.28.4-1.el6_9.ppc.rpm nss-util-devel-3.28.4-1.el6_9.ppc64.rpm s390x: nss-3.28.4-1.el6_9.s390.rpm nss-3.28.4-1.el6_9.s390x.rpm nss-debuginfo-3.28.4-1.el6_9.s390.rpm nss-debuginfo-3.28.4-1.el6_9.s390x.rpm nss-devel-3.28.4-1.el6_9.s390.rpm nss-devel-3.28.4-1.el6_9.s390x.rpm nss-sysinit-3.28.4-1.el6_9.s390x.rpm nss-tools-3.28.4-1.el6_9.s390x.rpm nss-util-3.28.4-1.el6_9.s390.rpm nss-util-3.28.4-1.el6_9.s390x.rpm nss-util-debuginfo-3.28.4-1.el6_9.s390.rpm nss-util-debuginfo-3.28.4-1.el6_9.s390x.rpm nss-util-devel-3.28.4-1.el6_9.s390.rpm nss-util-devel-3.28.4-1.el6_9.s390x.rpm x86_64: nss-3.28.4-1.el6_9.i686.rpm nss-3.28.4-1.el6_9.x86_64.rpm nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-devel-3.28.4-1.el6_9.i686.rpm nss-devel-3.28.4-1.el6_9.x86_64.rpm nss-sysinit-3.28.4-1.el6_9.x86_64.rpm nss-tools-3.28.4-1.el6_9.x86_64.rpm nss-util-3.28.4-1.el6_9.i686.rpm nss-util-3.28.4-1.el6_9.x86_64.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-util-devel-3.28.4-1.el6_9.i686.rpm nss-util-devel-3.28.4-1.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm ppc64: nss-debuginfo-3.28.4-1.el6_9.ppc.rpm nss-debuginfo-3.28.4-1.el6_9.ppc64.rpm nss-pkcs11-devel-3.28.4-1.el6_9.ppc.rpm nss-pkcs11-devel-3.28.4-1.el6_9.ppc64.rpm s390x: nss-debuginfo-3.28.4-1.el6_9.s390.rpm nss-debuginfo-3.28.4-1.el6_9.s390x.rpm nss-pkcs11-devel-3.28.4-1.el6_9.s390.rpm nss-pkcs11-devel-3.28.4-1.el6_9.s390x.rpm x86_64: nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-1.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: nss-3.28.4-1.el6_9.src.rpm nss-util-3.28.4-1.el6_9.src.rpm i386: nss-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-devel-3.28.4-1.el6_9.i686.rpm nss-sysinit-3.28.4-1.el6_9.i686.rpm nss-tools-3.28.4-1.el6_9.i686.rpm nss-util-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-devel-3.28.4-1.el6_9.i686.rpm x86_64: nss-3.28.4-1.el6_9.i686.rpm nss-3.28.4-1.el6_9.x86_64.rpm nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-devel-3.28.4-1.el6_9.i686.rpm nss-devel-3.28.4-1.el6_9.x86_64.rpm nss-sysinit-3.28.4-1.el6_9.x86_64.rpm nss-tools-3.28.4-1.el6_9.x86_64.rpm nss-util-3.28.4-1.el6_9.i686.rpm nss-util-3.28.4-1.el6_9.x86_64.rpm nss-util-debuginfo-3.28.4-1.el6_9.i686.rpm nss-util-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-util-devel-3.28.4-1.el6_9.i686.rpm nss-util-devel-3.28.4-1.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm x86_64: nss-debuginfo-3.28.4-1.el6_9.i686.rpm nss-debuginfo-3.28.4-1.el6_9.x86_64.rpm nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-1.el6_9.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: nss-3.28.4-1.0.el7_3.src.rpm nss-util-3.28.4-1.0.el7_3.src.rpm x86_64: nss-3.28.4-1.0.el7_3.i686.rpm nss-3.28.4-1.0.el7_3.x86_64.rpm nss-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-sysinit-3.28.4-1.0.el7_3.x86_64.rpm nss-tools-3.28.4-1.0.el7_3.x86_64.rpm nss-util-3.28.4-1.0.el7_3.i686.rpm nss-util-3.28.4-1.0.el7_3.x86_64.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: nss-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-devel-3.28.4-1.0.el7_3.i686.rpm nss-devel-3.28.4-1.0.el7_3.x86_64.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.i686.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.x86_64.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-util-devel-3.28.4-1.0.el7_3.i686.rpm nss-util-devel-3.28.4-1.0.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: nss-3.28.4-1.0.el7_3.src.rpm nss-util-3.28.4-1.0.el7_3.src.rpm x86_64: nss-3.28.4-1.0.el7_3.i686.rpm nss-3.28.4-1.0.el7_3.x86_64.rpm nss-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-sysinit-3.28.4-1.0.el7_3.x86_64.rpm nss-tools-3.28.4-1.0.el7_3.x86_64.rpm nss-util-3.28.4-1.0.el7_3.i686.rpm nss-util-3.28.4-1.0.el7_3.x86_64.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: nss-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-devel-3.28.4-1.0.el7_3.i686.rpm nss-devel-3.28.4-1.0.el7_3.x86_64.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.i686.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.x86_64.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-util-devel-3.28.4-1.0.el7_3.i686.rpm nss-util-devel-3.28.4-1.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: nss-3.28.4-1.0.el7_3.src.rpm nss-util-3.28.4-1.0.el7_3.src.rpm aarch64: nss-3.28.4-1.0.el7_3.aarch64.rpm nss-debuginfo-3.28.4-1.0.el7_3.aarch64.rpm nss-devel-3.28.4-1.0.el7_3.aarch64.rpm nss-sysinit-3.28.4-1.0.el7_3.aarch64.rpm nss-tools-3.28.4-1.0.el7_3.aarch64.rpm nss-util-3.28.4-1.0.el7_3.aarch64.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.aarch64.rpm nss-util-devel-3.28.4-1.0.el7_3.aarch64.rpm ppc64: nss-3.28.4-1.0.el7_3.ppc.rpm nss-3.28.4-1.0.el7_3.ppc64.rpm nss-debuginfo-3.28.4-1.0.el7_3.ppc.rpm nss-debuginfo-3.28.4-1.0.el7_3.ppc64.rpm nss-devel-3.28.4-1.0.el7_3.ppc.rpm nss-devel-3.28.4-1.0.el7_3.ppc64.rpm nss-sysinit-3.28.4-1.0.el7_3.ppc64.rpm nss-tools-3.28.4-1.0.el7_3.ppc64.rpm nss-util-3.28.4-1.0.el7_3.ppc.rpm nss-util-3.28.4-1.0.el7_3.ppc64.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.ppc.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.ppc64.rpm nss-util-devel-3.28.4-1.0.el7_3.ppc.rpm nss-util-devel-3.28.4-1.0.el7_3.ppc64.rpm ppc64le: nss-3.28.4-1.0.el7_3.ppc64le.rpm nss-debuginfo-3.28.4-1.0.el7_3.ppc64le.rpm nss-devel-3.28.4-1.0.el7_3.ppc64le.rpm nss-sysinit-3.28.4-1.0.el7_3.ppc64le.rpm nss-tools-3.28.4-1.0.el7_3.ppc64le.rpm nss-util-3.28.4-1.0.el7_3.ppc64le.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.ppc64le.rpm nss-util-devel-3.28.4-1.0.el7_3.ppc64le.rpm s390x: nss-3.28.4-1.0.el7_3.s390.rpm nss-3.28.4-1.0.el7_3.s390x.rpm nss-debuginfo-3.28.4-1.0.el7_3.s390.rpm nss-debuginfo-3.28.4-1.0.el7_3.s390x.rpm nss-devel-3.28.4-1.0.el7_3.s390.rpm nss-devel-3.28.4-1.0.el7_3.s390x.rpm nss-sysinit-3.28.4-1.0.el7_3.s390x.rpm nss-tools-3.28.4-1.0.el7_3.s390x.rpm nss-util-3.28.4-1.0.el7_3.s390.rpm nss-util-3.28.4-1.0.el7_3.s390x.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.s390.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.s390x.rpm nss-util-devel-3.28.4-1.0.el7_3.s390.rpm nss-util-devel-3.28.4-1.0.el7_3.s390x.rpm x86_64: nss-3.28.4-1.0.el7_3.i686.rpm nss-3.28.4-1.0.el7_3.x86_64.rpm nss-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-devel-3.28.4-1.0.el7_3.i686.rpm nss-devel-3.28.4-1.0.el7_3.x86_64.rpm nss-sysinit-3.28.4-1.0.el7_3.x86_64.rpm nss-tools-3.28.4-1.0.el7_3.x86_64.rpm nss-util-3.28.4-1.0.el7_3.i686.rpm nss-util-3.28.4-1.0.el7_3.x86_64.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-util-devel-3.28.4-1.0.el7_3.i686.rpm nss-util-devel-3.28.4-1.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: nss-debuginfo-3.28.4-1.0.el7_3.aarch64.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.aarch64.rpm ppc64: nss-debuginfo-3.28.4-1.0.el7_3.ppc.rpm nss-debuginfo-3.28.4-1.0.el7_3.ppc64.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.ppc.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.ppc64.rpm ppc64le: nss-debuginfo-3.28.4-1.0.el7_3.ppc64le.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.ppc64le.rpm s390x: nss-debuginfo-3.28.4-1.0.el7_3.s390.rpm nss-debuginfo-3.28.4-1.0.el7_3.s390x.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.s390.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.s390x.rpm x86_64: nss-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.i686.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: nss-3.28.4-1.0.el7_3.src.rpm nss-util-3.28.4-1.0.el7_3.src.rpm x86_64: nss-3.28.4-1.0.el7_3.i686.rpm nss-3.28.4-1.0.el7_3.x86_64.rpm nss-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-devel-3.28.4-1.0.el7_3.i686.rpm nss-devel-3.28.4-1.0.el7_3.x86_64.rpm nss-sysinit-3.28.4-1.0.el7_3.x86_64.rpm nss-tools-3.28.4-1.0.el7_3.x86_64.rpm nss-util-3.28.4-1.0.el7_3.i686.rpm nss-util-3.28.4-1.0.el7_3.x86_64.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-util-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-util-devel-3.28.4-1.0.el7_3.i686.rpm nss-util-devel-3.28.4-1.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: nss-debuginfo-3.28.4-1.0.el7_3.i686.rpm nss-debuginfo-3.28.4-1.0.el7_3.x86_64.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.i686.rpm nss-pkcs11-devel-3.28.4-1.0.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5461 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+EQ0XlSAg2UNWIIRAm91AJ96sa/Zgl826grRglhkMDP1436GxACeO+MP WxLwqXOevfktbScA4iOxeTQ= =6jCR -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 20 05:17:10 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Apr 2017 05:17:10 +0000 Subject: [RHSA-2017:1101-01] Critical: nss security update Message-ID: <201704200517.v3K5HHJx031014@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: nss security update Advisory ID: RHSA-2017:1101-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1101 Issue date: 2017-04-20 CVE Names: CVE-2017-5461 ===================================================================== 1. Summary: An update for nss is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 5 ELS) - i386, s390x, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1440080 - CVE-2017-5461 nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10) 6. Package List: Red Hat Enterprise Linux Server (v. 5 ELS): Source: nss-3.21.4-1.el5_11.src.rpm i386: nss-3.21.4-1.el5_11.i386.rpm nss-debuginfo-3.21.4-1.el5_11.i386.rpm nss-devel-3.21.4-1.el5_11.i386.rpm nss-pkcs11-devel-3.21.4-1.el5_11.i386.rpm nss-tools-3.21.4-1.el5_11.i386.rpm s390x: nss-3.21.4-1.el5_11.s390.rpm nss-3.21.4-1.el5_11.s390x.rpm nss-debuginfo-3.21.4-1.el5_11.s390.rpm nss-debuginfo-3.21.4-1.el5_11.s390x.rpm nss-devel-3.21.4-1.el5_11.s390.rpm nss-devel-3.21.4-1.el5_11.s390x.rpm nss-pkcs11-devel-3.21.4-1.el5_11.s390.rpm nss-pkcs11-devel-3.21.4-1.el5_11.s390x.rpm nss-tools-3.21.4-1.el5_11.s390x.rpm x86_64: nss-3.21.4-1.el5_11.i386.rpm nss-3.21.4-1.el5_11.x86_64.rpm nss-debuginfo-3.21.4-1.el5_11.i386.rpm nss-debuginfo-3.21.4-1.el5_11.x86_64.rpm nss-devel-3.21.4-1.el5_11.i386.rpm nss-devel-3.21.4-1.el5_11.x86_64.rpm nss-pkcs11-devel-3.21.4-1.el5_11.i386.rpm nss-pkcs11-devel-3.21.4-1.el5_11.x86_64.rpm nss-tools-3.21.4-1.el5_11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5461 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+EROXlSAg2UNWIIRAukwAKCgfiP+c7osdPxpNSV9Isb9HB8YDwCgslFN sfDz0wsEamLliu4s6FemUuY= =4xjG -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 20 05:17:48 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Apr 2017 05:17:48 +0000 Subject: [RHSA-2017:1102-01] Critical: nss-util security update Message-ID: <201704200517.v3K5Hskn031058@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: nss-util security update Advisory ID: RHSA-2017:1102-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1102 Issue date: 2017-04-20 CVE Names: CVE-2017-5461 ===================================================================== 1. Summary: An update for nss-util is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, Red Hat Enterprise Linux 6.7 Extended Update Support, and Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 7.2) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64 3. Description: The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1440080 - CVE-2017-5461 nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10) 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.7): Source: nss-util-3.21.4-1.el6_7.src.rpm x86_64: nss-util-3.21.4-1.el6_7.i686.rpm nss-util-3.21.4-1.el6_7.x86_64.rpm nss-util-debuginfo-3.21.4-1.el6_7.i686.rpm nss-util-debuginfo-3.21.4-1.el6_7.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7): x86_64: nss-util-debuginfo-3.21.4-1.el6_7.i686.rpm nss-util-debuginfo-3.21.4-1.el6_7.x86_64.rpm nss-util-devel-3.21.4-1.el6_7.i686.rpm nss-util-devel-3.21.4-1.el6_7.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.2): Source: nss-util-3.13.1-11.el6_2.src.rpm x86_64: nss-util-3.13.1-11.el6_2.i686.rpm nss-util-3.13.1-11.el6_2.x86_64.rpm nss-util-debuginfo-3.13.1-11.el6_2.i686.rpm nss-util-debuginfo-3.13.1-11.el6_2.x86_64.rpm nss-util-devel-3.13.1-11.el6_2.i686.rpm nss-util-devel-3.13.1-11.el6_2.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.4): Source: nss-util-3.14.3-9.el6_4.src.rpm x86_64: nss-util-3.14.3-9.el6_4.i686.rpm nss-util-3.14.3-9.el6_4.x86_64.rpm nss-util-debuginfo-3.14.3-9.el6_4.i686.rpm nss-util-debuginfo-3.14.3-9.el6_4.x86_64.rpm nss-util-devel-3.14.3-9.el6_4.i686.rpm nss-util-devel-3.14.3-9.el6_4.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.5): Source: nss-util-3.16.1-5.el6_5.src.rpm x86_64: nss-util-3.16.1-5.el6_5.i686.rpm nss-util-3.16.1-5.el6_5.x86_64.rpm nss-util-debuginfo-3.16.1-5.el6_5.i686.rpm nss-util-debuginfo-3.16.1-5.el6_5.x86_64.rpm nss-util-devel-3.16.1-5.el6_5.i686.rpm nss-util-devel-3.16.1-5.el6_5.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.5): Source: nss-util-3.16.1-5.el6_5.src.rpm x86_64: nss-util-3.16.1-5.el6_5.i686.rpm nss-util-3.16.1-5.el6_5.x86_64.rpm nss-util-debuginfo-3.16.1-5.el6_5.i686.rpm nss-util-debuginfo-3.16.1-5.el6_5.x86_64.rpm nss-util-devel-3.16.1-5.el6_5.i686.rpm nss-util-devel-3.16.1-5.el6_5.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.6): Source: nss-util-3.19.1-4.el6_6.src.rpm x86_64: nss-util-3.19.1-4.el6_6.i686.rpm nss-util-3.19.1-4.el6_6.x86_64.rpm nss-util-debuginfo-3.19.1-4.el6_6.i686.rpm nss-util-debuginfo-3.19.1-4.el6_6.x86_64.rpm nss-util-devel-3.19.1-4.el6_6.i686.rpm nss-util-devel-3.19.1-4.el6_6.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.6): Source: nss-util-3.19.1-4.el6_6.src.rpm x86_64: nss-util-3.19.1-4.el6_6.i686.rpm nss-util-3.19.1-4.el6_6.x86_64.rpm nss-util-debuginfo-3.19.1-4.el6_6.i686.rpm nss-util-debuginfo-3.19.1-4.el6_6.x86_64.rpm nss-util-devel-3.19.1-4.el6_6.i686.rpm nss-util-devel-3.19.1-4.el6_6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.7): Source: nss-util-3.21.4-1.el6_7.src.rpm i386: nss-util-3.21.4-1.el6_7.i686.rpm nss-util-debuginfo-3.21.4-1.el6_7.i686.rpm nss-util-devel-3.21.4-1.el6_7.i686.rpm ppc64: nss-util-3.21.4-1.el6_7.ppc.rpm nss-util-3.21.4-1.el6_7.ppc64.rpm nss-util-debuginfo-3.21.4-1.el6_7.ppc.rpm nss-util-debuginfo-3.21.4-1.el6_7.ppc64.rpm nss-util-devel-3.21.4-1.el6_7.ppc.rpm nss-util-devel-3.21.4-1.el6_7.ppc64.rpm s390x: nss-util-3.21.4-1.el6_7.s390.rpm nss-util-3.21.4-1.el6_7.s390x.rpm nss-util-debuginfo-3.21.4-1.el6_7.s390.rpm nss-util-debuginfo-3.21.4-1.el6_7.s390x.rpm nss-util-devel-3.21.4-1.el6_7.s390.rpm nss-util-devel-3.21.4-1.el6_7.s390x.rpm x86_64: nss-util-3.21.4-1.el6_7.i686.rpm nss-util-3.21.4-1.el6_7.x86_64.rpm nss-util-debuginfo-3.21.4-1.el6_7.i686.rpm nss-util-debuginfo-3.21.4-1.el6_7.x86_64.rpm nss-util-devel-3.21.4-1.el6_7.i686.rpm nss-util-devel-3.21.4-1.el6_7.x86_64.rpm Red Hat Enterprise Linux ComputeNode EUS (v. 7.2): Source: nss-util-3.21.4-1.el7_2.src.rpm x86_64: nss-util-3.21.4-1.el7_2.i686.rpm nss-util-3.21.4-1.el7_2.x86_64.rpm nss-util-debuginfo-3.21.4-1.el7_2.i686.rpm nss-util-debuginfo-3.21.4-1.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2): x86_64: nss-util-debuginfo-3.21.4-1.el7_2.i686.rpm nss-util-debuginfo-3.21.4-1.el7_2.x86_64.rpm nss-util-devel-3.21.4-1.el7_2.i686.rpm nss-util-devel-3.21.4-1.el7_2.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.2): Source: nss-util-3.21.4-1.el7_2.src.rpm ppc64: nss-util-3.21.4-1.el7_2.ppc.rpm nss-util-3.21.4-1.el7_2.ppc64.rpm nss-util-debuginfo-3.21.4-1.el7_2.ppc.rpm nss-util-debuginfo-3.21.4-1.el7_2.ppc64.rpm nss-util-devel-3.21.4-1.el7_2.ppc.rpm nss-util-devel-3.21.4-1.el7_2.ppc64.rpm ppc64le: nss-util-3.21.4-1.el7_2.ppc64le.rpm nss-util-debuginfo-3.21.4-1.el7_2.ppc64le.rpm nss-util-devel-3.21.4-1.el7_2.ppc64le.rpm s390x: nss-util-3.21.4-1.el7_2.s390.rpm nss-util-3.21.4-1.el7_2.s390x.rpm nss-util-debuginfo-3.21.4-1.el7_2.s390.rpm nss-util-debuginfo-3.21.4-1.el7_2.s390x.rpm nss-util-devel-3.21.4-1.el7_2.s390.rpm nss-util-devel-3.21.4-1.el7_2.s390x.rpm x86_64: nss-util-3.21.4-1.el7_2.i686.rpm nss-util-3.21.4-1.el7_2.x86_64.rpm nss-util-debuginfo-3.21.4-1.el7_2.i686.rpm nss-util-debuginfo-3.21.4-1.el7_2.x86_64.rpm nss-util-devel-3.21.4-1.el7_2.i686.rpm nss-util-devel-3.21.4-1.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5461 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+ER0XlSAg2UNWIIRApX1AJ9wdkT8kOSgSZ/3jgD6cFqjGMsiQQCfU0Y3 PtfKmf6W01kc8TajtU/KYSM= =c/Pn -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 20 05:18:23 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Apr 2017 05:18:23 +0000 Subject: [RHSA-2017:1103-01] Critical: nss security update Message-ID: <201704200518.v3K5ITP0031122@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: nss security update Advisory ID: RHSA-2017:1103-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1103 Issue date: 2017-04-20 CVE Names: CVE-2017-5461 ===================================================================== 1. Summary: An update for nss is now available for Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Long Life (v. 5.9 server) - i386, ia64, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1440080 - CVE-2017-5461 nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10) 6. Package List: Red Hat Enterprise Linux Long Life (v. 5.9 server): Source: nss-3.14.3-11.el5_9.src.rpm i386: nss-3.14.3-11.el5_9.i386.rpm nss-debuginfo-3.14.3-11.el5_9.i386.rpm nss-devel-3.14.3-11.el5_9.i386.rpm nss-pkcs11-devel-3.14.3-11.el5_9.i386.rpm nss-tools-3.14.3-11.el5_9.i386.rpm ia64: nss-3.14.3-11.el5_9.i386.rpm nss-3.14.3-11.el5_9.ia64.rpm nss-debuginfo-3.14.3-11.el5_9.i386.rpm nss-debuginfo-3.14.3-11.el5_9.ia64.rpm nss-devel-3.14.3-11.el5_9.ia64.rpm nss-pkcs11-devel-3.14.3-11.el5_9.ia64.rpm nss-tools-3.14.3-11.el5_9.ia64.rpm x86_64: nss-3.14.3-11.el5_9.i386.rpm nss-3.14.3-11.el5_9.x86_64.rpm nss-debuginfo-3.14.3-11.el5_9.i386.rpm nss-debuginfo-3.14.3-11.el5_9.x86_64.rpm nss-devel-3.14.3-11.el5_9.i386.rpm nss-devel-3.14.3-11.el5_9.x86_64.rpm nss-pkcs11-devel-3.14.3-11.el5_9.i386.rpm nss-pkcs11-devel-3.14.3-11.el5_9.x86_64.rpm nss-tools-3.14.3-11.el5_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5461 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+ESPXlSAg2UNWIIRAskqAJ4r6EFCKQedmX9rXPyVNGJEx7/fSgCdGK9G yH1+kl4urCP9qROdLgFGryY= =r/jv -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 20 08:34:52 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Apr 2017 08:34:52 +0000 Subject: [RHSA-2017:1104-01] Critical: firefox security update Message-ID: <201704200834.v3K8YwaC023353@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2017:1104-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1104 Issue date: 2017-04-20 CVE Names: CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5459 CVE-2017-5460 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469 ===================================================================== 1. Summary: An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 3. Description: Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5429, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5459, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, CVE-2017-5469) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Mozilla developers and community, Nils, Holger Fuhrmannek, Atte Kettunen, Huzaifa Sidhpurwala, Nicolas Gr?goire, Chamal De Silva, Chun Han Hsiao, Ivan Fratric of Google Project Zero, Anonymous working with Trend Micro's Zero Day Initiative, and Petr Cerny as the original reporters. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Firefox must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443298 - CVE-2017-5442 Mozilla: Use-after-free during style changes (MFSA 2017-11, MFSA 2017-12) 1443299 - CVE-2017-5443 Mozilla: Out-of-bounds write during BinHex decoding (MFSA 2017-11, MFSA 2017-12) 1443301 - CVE-2017-5429 Mozilla: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 (MFSA 2017-11, MFSA 2017-12) 1443303 - CVE-2017-5464 Mozilla: Memory corruption with accessibility and DOM manipulation (MFSA 2017-11, MFSA 2017-12) 1443304 - CVE-2017-5465 Mozilla: Out-of-bounds read in ConvolvePixel (MFSA 2017-11, MFSA 2017-12) 1443308 - CVE-2017-5460 Mozilla: Use-after-free in frame selection (MFSA 2017-11, MFSA 2017-12) 1443310 - CVE-2017-5448 Mozilla: Out-of-bounds write in ClearKeyDecryptor (MFSA 2017-11, MFSA 2017-12) 1443311 - CVE-2017-5449 Mozilla: Crash during bidirectional unicode manipulation with animation (MFSA 2017-11, MFSA 2017-12) 1443312 - CVE-2017-5446 Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12) 1443313 - CVE-2017-5447 Mozilla: Out-of-bounds read during glyph processing (MFSA 2017-11, MFSA 2017-12) 1443314 - CVE-2017-5444 Mozilla: Buffer overflow while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12) 1443315 - CVE-2017-5445 Mozilla: Uninitialized values used while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12) 1443317 - CVE-2017-5469 Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12) 1443322 - CVE-2017-5440 Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443323 - CVE-2017-5441 Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12) 1443324 - CVE-2017-5439 Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443325 - CVE-2017-5438 Mozilla: Use-after-free in nsAutoPtr during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443326 - CVE-2017-5437 Mozilla: Vulnerabilities in libevent library (MFSA 2017-11, MFSA 2017-12) 1443327 - CVE-2017-5436 Mozilla: Out-of-bounds write with malicious font in Graphite 2 (MFSA 2017-11, MFSA 2017-12) 1443328 - CVE-2017-5435 Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12) 1443329 - CVE-2017-5434 Mozilla: Use-after-free during focus handling (MFSA 2017-11, MFSA 2017-12) 1443330 - CVE-2017-5433 Mozilla: Use-after-free in SMIL animation functions (MFSA 2017-11, MFSA 2017-12) 1443332 - CVE-2017-5432 Mozilla: Use-after-free in text input selection (MFSA 2017-11, MFSA 2017-12) 1443333 - CVE-2017-5459 Mozilla: Buffer overflow in WebGL (MFSA 2017-11, MFSA 2017-12) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: firefox-52.1.0-2.el6_9.src.rpm i386: firefox-52.1.0-2.el6_9.i686.rpm firefox-debuginfo-52.1.0-2.el6_9.i686.rpm x86_64: firefox-52.1.0-2.el6_9.x86_64.rpm firefox-debuginfo-52.1.0-2.el6_9.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): x86_64: firefox-52.1.0-2.el6_9.i686.rpm firefox-debuginfo-52.1.0-2.el6_9.i686.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: firefox-52.1.0-2.el6_9.src.rpm x86_64: firefox-52.1.0-2.el6_9.i686.rpm firefox-52.1.0-2.el6_9.x86_64.rpm firefox-debuginfo-52.1.0-2.el6_9.i686.rpm firefox-debuginfo-52.1.0-2.el6_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: firefox-52.1.0-2.el6_9.src.rpm i386: firefox-52.1.0-2.el6_9.i686.rpm firefox-debuginfo-52.1.0-2.el6_9.i686.rpm ppc64: firefox-52.1.0-2.el6_9.ppc64.rpm firefox-debuginfo-52.1.0-2.el6_9.ppc64.rpm s390x: firefox-52.1.0-2.el6_9.s390x.rpm firefox-debuginfo-52.1.0-2.el6_9.s390x.rpm x86_64: firefox-52.1.0-2.el6_9.x86_64.rpm firefox-debuginfo-52.1.0-2.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): ppc64: firefox-52.1.0-2.el6_9.ppc.rpm firefox-debuginfo-52.1.0-2.el6_9.ppc.rpm s390x: firefox-52.1.0-2.el6_9.s390.rpm firefox-debuginfo-52.1.0-2.el6_9.s390.rpm x86_64: firefox-52.1.0-2.el6_9.i686.rpm firefox-debuginfo-52.1.0-2.el6_9.i686.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: firefox-52.1.0-2.el6_9.src.rpm i386: firefox-52.1.0-2.el6_9.i686.rpm firefox-debuginfo-52.1.0-2.el6_9.i686.rpm x86_64: firefox-52.1.0-2.el6_9.x86_64.rpm firefox-debuginfo-52.1.0-2.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): x86_64: firefox-52.1.0-2.el6_9.i686.rpm firefox-debuginfo-52.1.0-2.el6_9.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5429 https://access.redhat.com/security/cve/CVE-2017-5432 https://access.redhat.com/security/cve/CVE-2017-5433 https://access.redhat.com/security/cve/CVE-2017-5434 https://access.redhat.com/security/cve/CVE-2017-5435 https://access.redhat.com/security/cve/CVE-2017-5436 https://access.redhat.com/security/cve/CVE-2017-5437 https://access.redhat.com/security/cve/CVE-2017-5438 https://access.redhat.com/security/cve/CVE-2017-5439 https://access.redhat.com/security/cve/CVE-2017-5440 https://access.redhat.com/security/cve/CVE-2017-5441 https://access.redhat.com/security/cve/CVE-2017-5442 https://access.redhat.com/security/cve/CVE-2017-5443 https://access.redhat.com/security/cve/CVE-2017-5444 https://access.redhat.com/security/cve/CVE-2017-5445 https://access.redhat.com/security/cve/CVE-2017-5446 https://access.redhat.com/security/cve/CVE-2017-5447 https://access.redhat.com/security/cve/CVE-2017-5448 https://access.redhat.com/security/cve/CVE-2017-5449 https://access.redhat.com/security/cve/CVE-2017-5459 https://access.redhat.com/security/cve/CVE-2017-5460 https://access.redhat.com/security/cve/CVE-2017-5464 https://access.redhat.com/security/cve/CVE-2017-5465 https://access.redhat.com/security/cve/CVE-2017-5469 https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/advisories/mfsa2017-08 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+HKkXlSAg2UNWIIRAoyXAKC7wgpLt7sAIdMQac9Hw17yKueavgCfYIXM 26NzTcjV8KPdymIbzFSP1Vo= =NtEN -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 20 12:58:40 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Apr 2017 12:58:40 +0000 Subject: [RHSA-2017:1105-01] Important: bind security update Message-ID: <201704201258.v3KCwo54025845@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2017:1105-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1105 Issue date: 2017-04-20 CVE Names: CVE-2017-3136 CVE-2017-3137 ===================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2017-3137) * A denial of service flaw was found in the way BIND handled query requests when using DNS64 with "break-dnssec yes" option. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3136) Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Oleg Gorokhov (Yandex) as the original reporter of CVE-2017-3136. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1441125 - CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;" 1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: bind-9.8.2-0.62.rc1.el6_9.1.src.rpm i386: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.i686.rpm x86_64: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: bind-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.i686.rpm x86_64: bind-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: bind-9.8.2-0.62.rc1.el6_9.1.src.rpm x86_64: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: bind-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: bind-9.8.2-0.62.rc1.el6_9.1.src.rpm i386: bind-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.i686.rpm ppc64: bind-9.8.2-0.62.rc1.el6_9.1.ppc64.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.ppc64.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.ppc.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.ppc64.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.ppc.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.ppc64.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.ppc64.rpm s390x: bind-9.8.2-0.62.rc1.el6_9.1.s390x.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.s390x.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.s390.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.s390x.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.s390.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.s390x.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.s390x.rpm x86_64: bind-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.i686.rpm ppc64: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.ppc.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.ppc64.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.ppc.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.ppc64.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.s390.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.s390x.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.s390.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.s390x.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: bind-9.8.2-0.62.rc1.el6_9.1.src.rpm i386: bind-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.i686.rpm x86_64: bind-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-chroot-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-libs-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-utils-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.i686.rpm x86_64: bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-debuginfo-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm bind-devel-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm bind-sdb-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3136 https://access.redhat.com/security/cve/CVE-2017-3137 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01465 https://kb.isc.org/article/AA-01466 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+LBfXlSAg2UNWIIRAk1NAJ0foQrNn5C0uxwy/yWjEAKbWuRZAACeLt8f 7acSBfyLyGJFMGyufa3h9wM= =iHUz -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Apr 21 01:57:55 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Apr 2017 21:57:55 -0400 Subject: [RHSA-2017:1106-01] Critical: firefox security update Message-ID: <201704210157.v3L1vt0v023965@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2017:1106-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1106 Issue date: 2017-04-20 CVE Names: CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5455 CVE-2017-5456 CVE-2017-5459 CVE-2017-5460 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5469 ===================================================================== 1. Summary: An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5459, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467, CVE-2017-5469) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Mozilla developers and community, Nils, Holger Fuhrmannek, Atte Kettunen, Takeshi Terada, Huzaifa Sidhpurwala, Nicolas Gr?goire, Chamal De Silva, Chun Han Hsiao, Ivan Fratric of Google Project Zero, Anonymous working with Trend Micro's Zero Day Initiative, Haik Aftandilian, Paul Theriault, Julian Hector, Petr Cerny, Jordi Chancel, and Heather Miller of Google Skia team as the original reporters. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Firefox must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443297 - CVE-2017-5456 Mozilla: Sandbox escape allowing local file system read access (MFSA 2017-12) 1443298 - CVE-2017-5442 Mozilla: Use-after-free during style changes (MFSA 2017-11, MFSA 2017-12) 1443299 - CVE-2017-5443 Mozilla: Out-of-bounds write during BinHex decoding (MFSA 2017-11, MFSA 2017-12) 1443301 - CVE-2017-5429 Mozilla: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 (MFSA 2017-11, MFSA 2017-12) 1443303 - CVE-2017-5464 Mozilla: Memory corruption with accessibility and DOM manipulation (MFSA 2017-11, MFSA 2017-12) 1443304 - CVE-2017-5465 Mozilla: Out-of-bounds read in ConvolvePixel (MFSA 2017-11, MFSA 2017-12) 1443305 - CVE-2017-5466 Mozilla: Origin confusion when reloading isolated data:text/html URL (MFSA 2017-12) 1443307 - CVE-2017-5467 Mozilla: Memory corruption when drawing Skia content (MFSA 2017-12) 1443308 - CVE-2017-5460 Mozilla: Use-after-free in frame selection (MFSA 2017-11, MFSA 2017-12) 1443310 - CVE-2017-5448 Mozilla: Out-of-bounds write in ClearKeyDecryptor (MFSA 2017-11, MFSA 2017-12) 1443311 - CVE-2017-5449 Mozilla: Crash during bidirectional unicode manipulation with animation (MFSA 2017-11, MFSA 2017-12) 1443312 - CVE-2017-5446 Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12) 1443313 - CVE-2017-5447 Mozilla: Out-of-bounds read during glyph processing (MFSA 2017-11, MFSA 2017-12) 1443314 - CVE-2017-5444 Mozilla: Buffer overflow while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12) 1443315 - CVE-2017-5445 Mozilla: Uninitialized values used while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12) 1443317 - CVE-2017-5469 Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12) 1443322 - CVE-2017-5440 Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443323 - CVE-2017-5441 Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12) 1443324 - CVE-2017-5439 Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443325 - CVE-2017-5438 Mozilla: Use-after-free in nsAutoPtr during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443326 - CVE-2017-5437 Mozilla: Vulnerabilities in libevent library (MFSA 2017-11, MFSA 2017-12) 1443327 - CVE-2017-5436 Mozilla: Out-of-bounds write with malicious font in Graphite 2 (MFSA 2017-11, MFSA 2017-12) 1443328 - CVE-2017-5435 Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12) 1443329 - CVE-2017-5434 Mozilla: Use-after-free during focus handling (MFSA 2017-11, MFSA 2017-12) 1443330 - CVE-2017-5433 Mozilla: Use-after-free in SMIL animation functions (MFSA 2017-11, MFSA 2017-12) 1443331 - CVE-2017-5430 Mozilla: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1 (MFSA 2017-12) 1443332 - CVE-2017-5432 Mozilla: Use-after-free in text input selection (MFSA 2017-11, MFSA 2017-12) 1443333 - CVE-2017-5459 Mozilla: Buffer overflow in WebGL (MFSA 2017-11, MFSA 2017-12) 1443334 - CVE-2017-5455 Mozilla: Sandbox escape through internal feed reader APIs (MFSA 2017-12) 1443338 - CVE-2017-5454 Mozilla: Sandbox escape allowing file system read access through file picker (MFSA 2017-12) 1443340 - CVE-2017-5451 Mozilla: Addressbar spoofing with onblur event (MFSA 2017-12) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm aarch64: firefox-52.1.0-2.el7_3.aarch64.rpm firefox-debuginfo-52.1.0-2.el7_3.aarch64.rpm ppc64: firefox-52.1.0-2.el7_3.ppc64.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc64.rpm ppc64le: firefox-52.1.0-2.el7_3.ppc64le.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc64le.rpm s390x: firefox-52.1.0-2.el7_3.s390x.rpm firefox-debuginfo-52.1.0-2.el7_3.s390x.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: firefox-52.1.0-2.el7_3.ppc.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc.rpm s390x: firefox-52.1.0-2.el7_3.s390.rpm firefox-debuginfo-52.1.0-2.el7_3.s390.rpm x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5429 https://access.redhat.com/security/cve/CVE-2017-5430 https://access.redhat.com/security/cve/CVE-2017-5432 https://access.redhat.com/security/cve/CVE-2017-5433 https://access.redhat.com/security/cve/CVE-2017-5434 https://access.redhat.com/security/cve/CVE-2017-5435 https://access.redhat.com/security/cve/CVE-2017-5436 https://access.redhat.com/security/cve/CVE-2017-5437 https://access.redhat.com/security/cve/CVE-2017-5438 https://access.redhat.com/security/cve/CVE-2017-5439 https://access.redhat.com/security/cve/CVE-2017-5440 https://access.redhat.com/security/cve/CVE-2017-5441 https://access.redhat.com/security/cve/CVE-2017-5442 https://access.redhat.com/security/cve/CVE-2017-5443 https://access.redhat.com/security/cve/CVE-2017-5444 https://access.redhat.com/security/cve/CVE-2017-5445 https://access.redhat.com/security/cve/CVE-2017-5446 https://access.redhat.com/security/cve/CVE-2017-5447 https://access.redhat.com/security/cve/CVE-2017-5448 https://access.redhat.com/security/cve/CVE-2017-5449 https://access.redhat.com/security/cve/CVE-2017-5451 https://access.redhat.com/security/cve/CVE-2017-5454 https://access.redhat.com/security/cve/CVE-2017-5455 https://access.redhat.com/security/cve/CVE-2017-5456 https://access.redhat.com/security/cve/CVE-2017-5459 https://access.redhat.com/security/cve/CVE-2017-5460 https://access.redhat.com/security/cve/CVE-2017-5464 https://access.redhat.com/security/cve/CVE-2017-5465 https://access.redhat.com/security/cve/CVE-2017-5466 https://access.redhat.com/security/cve/CVE-2017-5467 https://access.redhat.com/security/cve/CVE-2017-5469 https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/advisories/mfsa2017-12 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+WcbXlSAg2UNWIIRAthYAKDBrBSwj53qYji+d/+f2k2WwO393wCgt/9B VVVuCEuJrVflHvdZuRMCSfc= =dJ7A -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Apr 21 06:37:45 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 21 Apr 2017 06:37:45 +0000 Subject: [RHSA-2017:1108-01] Moderate: java-1.8.0-openjdk security and bug fix update Message-ID: <201704210637.v3L6bofO023659@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.8.0-openjdk security and bug fix update Advisory ID: RHSA-2017:1108-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1108 Issue date: 2017-04-20 CVE Names: CVE-2017-3509 CVE-2017-3511 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. (CVE-2017-3511) * It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory. (CVE-2017-3526) * It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user. (CVE-2017-3509) Note: This update adds support for the "jdk.ntlm.cache" system property which, when set to false, prevents caching of NTLM connections and authentications and hence prevents this issue. However, caching remains enabled by default. * It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2017-3539) Note: This updates extends the fix for CVE-2016-5542 released as part of the RHSA-2016:2079 erratum to no longer allow the MD5 hash algorithm during the Jar integrity verification by adding it to the jdk.jar.disabledAlgorithms security property. * Newline injection flaws were discovered in FTP and SMTP client implementations in the Networking component in OpenJDK. A remote attacker could possibly use these flaws to manipulate FTP or SMTP connections established by a Java application. (CVE-2017-3533, CVE-2017-3544) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. Bug Fix(es): * When a method is called using the Java Debug Wire Protocol (JDWP) "invokeMethod" command in a target Java virtual machine, JDWP creates global references for every Object that is implied in the method invocation, as well as for the returned argument of the reference type. Previously, the global references created for such arguments were not collected (deallocated) by the garbage collector after "invokeMethod" finished. This consequently caused memory leaks, and because references to such objects were never released, the debugged application could be terminated with an Out of Memory error. This bug has been fixed, and the described problem no longer occurs. (BZ#1442162) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1442162 - Using jdb triggers OOME on the debugged application 1443007 - CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528) 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1443252 - CVE-2017-3526 OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.131-2.b11.el7_3.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.131-2.b11.el7_3.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.src.rpm aarch64: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.aarch64.rpm ppc64: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.ppc64.rpm ppc64le: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.ppc64le.rpm s390x: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.s390x.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.s390x.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.s390x.rpm x86_64: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.aarch64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-2.b11.el7_3.aarch64.rpm noarch: java-1.8.0-openjdk-javadoc-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.131-2.b11.el7_3.noarch.rpm ppc64: java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.ppc64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-2.b11.el7_3.ppc64.rpm ppc64le: java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.ppc64le.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-2.b11.el7_3.ppc64le.rpm s390x: java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.s390x.rpm java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.s390x.rpm java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.s390x.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.131-2.b11.el7_3.noarch.rpm java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.131-2.b11.el7_3.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3511 https://access.redhat.com/security/cve/CVE-2017-3526 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate https://rhn.redhat.com/errata/RHSA-2016-2079.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+ahVXlSAg2UNWIIRAsGOAKCnDS0RXGOAcJhp6eAoJkdr6yLj+wCgwtn9 ASnCi7HHa1Msz/QhjgeyX9Y= =IjIN -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Apr 21 06:38:31 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 21 Apr 2017 06:38:31 +0000 Subject: [RHSA-2017:1109-01] Moderate: java-1.8.0-openjdk security update Message-ID: <201704210638.v3L6cbWY023681@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.8.0-openjdk security update Advisory ID: RHSA-2017:1109-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1109 Issue date: 2017-04-20 CVE Names: CVE-2017-3509 CVE-2017-3511 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. (CVE-2017-3511) * It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory. (CVE-2017-3526) * It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user. (CVE-2017-3509) Note: This update adds support for the "jdk.ntlm.cache" system property which, when set to false, prevents caching of NTLM connections and authentications and hence prevents this issue. However, caching remains enabled by default. * It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2017-3539) Note: This updates extends the fix for CVE-2016-5542 released as part of the RHSA-2016:2079 erratum to no longer allow the MD5 hash algorithm during the Jar integrity verification by adding it to the jdk.jar.disabledAlgorithms security property. * Newline injection flaws were discovered in FTP and SMTP client implementations in the Networking component in OpenJDK. A remote attacker could possibly use these flaws to manipulate FTP or SMTP connections established by a Java application. (CVE-2017-3533, CVE-2017-3544) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443007 - CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528) 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1443252 - CVE-2017-3526 OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm i386: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.i686.rpm x86_64: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.i686.rpm noarch: java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm x86_64: java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): noarch: java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm x86_64: java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm i386: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.i686.rpm x86_64: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.i686.rpm noarch: java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm x86_64: java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm i386: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.i686.rpm x86_64: java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.i686.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.i686.rpm noarch: java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm x86_64: java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3511 https://access.redhat.com/security/cve/CVE-2017-3526 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate https://rhn.redhat.com/errata/RHSA-2016-2079.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+ajOXlSAg2UNWIIRAs7dAKCCQha4jr8lbFY57VRnmUVAHrR11wCghYb3 aFRCe86KW7Z9vamI7Hlt7RY= =D6I/ -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Apr 24 11:23:48 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 24 Apr 2017 11:23:48 +0000 Subject: [RHSA-2017:1117-01] Moderate: java-1.8.0-oracle security update Message-ID: <201704241123.v3OBNrZv012294@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.8.0-oracle security update Advisory ID: RHSA-2017:1117-01 Product: Oracle Java for Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1117 Issue date: 2017-04-24 CVE Names: CVE-2017-3509 CVE-2017-3511 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux HPC Node 6 - x86_64 Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Workstation 6 - i386, x86_64 3. Description: Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 131. Security Fix(es): * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Oracle Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443007 - CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528) 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1443252 - CVE-2017-3526 OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011) 6. Package List: Oracle Java for Red Hat Enterprise Linux Desktop 6: i386: java-1.8.0-oracle-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el6.i686.rpm x86_64: java-1.8.0-oracle-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux HPC Node 6: x86_64: java-1.8.0-oracle-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server 6: i386: java-1.8.0-oracle-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el6.i686.rpm x86_64: java-1.8.0-oracle-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation 6: i386: java-1.8.0-oracle-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el6.i686.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el6.i686.rpm x86_64: java-1.8.0-oracle-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el6.x86_64.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Client (v. 7): x86_64: java-1.8.0-oracle-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7): x86_64: java-1.8.0-oracle-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server (v. 7): x86_64: java-1.8.0-oracle-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation (v. 7): x86_64: java-1.8.0-oracle-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-devel-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-javafx-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-jdbc-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-plugin-1.8.0.131-1jpp.1.el7_3.x86_64.rpm java-1.8.0-oracle-src-1.8.0.131-1jpp.1.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3511 https://access.redhat.com/security/cve/CVE-2017-3526 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA http://www.oracle.com/technetwork/java/javase/8u131-relnotes-3565278.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY/eAxXlSAg2UNWIIRAoJAAJoCI0eyffU0qRqFd2UZpxj2swjjegCcC4t1 fDgyDcEtEH51Vx5eLrzYwSs= =G6C6 -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Apr 24 11:24:40 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 24 Apr 2017 11:24:40 +0000 Subject: [RHSA-2017:1118-01] Moderate: java-1.7.0-oracle security update Message-ID: <201704241124.v3OBOllT012356@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.7.0-oracle security update Advisory ID: RHSA-2017:1118-01 Product: Oracle Java for Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1118 Issue date: 2017-04-24 CVE Names: CVE-2017-3509 CVE-2017-3511 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux HPC Node 6 - x86_64 Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Workstation 6 - i386, x86_64 3. Description: Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 141. Security Fix(es): * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Oracle Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443007 - CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528) 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1443252 - CVE-2017-3526 OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011) 6. Package List: Oracle Java for Red Hat Enterprise Linux Desktop 6: i386: java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el6.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux HPC Node 6: x86_64: java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server 6: i386: java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el6.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation 6: i386: java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el6.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el6.x86_64.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Client (v. 7): x86_64: java-1.7.0-oracle-1.7.0.141-1jpp.1.el7_3.i686.rpm java-1.7.0-oracle-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el7_3.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7): x86_64: java-1.7.0-oracle-1.7.0.141-1jpp.1.el7_3.i686.rpm java-1.7.0-oracle-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el7_3.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server (v. 7): x86_64: java-1.7.0-oracle-1.7.0.141-1jpp.1.el7_3.i686.rpm java-1.7.0-oracle-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el7_3.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation (v. 7): x86_64: java-1.7.0-oracle-1.7.0.141-1jpp.1.el7_3.i686.rpm java-1.7.0-oracle-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el7_3.i686.rpm java-1.7.0-oracle-devel-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.141-1jpp.1.el7_3.x86_64.rpm java-1.7.0-oracle-src-1.7.0.141-1jpp.1.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3511 https://access.redhat.com/security/cve/CVE-2017-3526 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_141 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY/eBYXlSAg2UNWIIRAg2OAJ95Y0JxKZ2bVPutdwxZ2Bs9Y1fWVwCfRWCC 6CA561T8Y+ej1BPmte0wi7Q= =7hqG -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Apr 24 11:25:31 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 24 Apr 2017 11:25:31 +0000 Subject: [RHSA-2017:1119-01] Moderate: java-1.6.0-sun security update Message-ID: <201704241125.v3OBPfps012400@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.6.0-sun security update Advisory ID: RHSA-2017:1119-01 Product: Oracle Java for Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1119 Issue date: 2017-04-24 CVE Names: CVE-2017-3509 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux HPC Node 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Workstation 6 - i386, x86_64 3. Description: Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 151. Security Fix(es): * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3509, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Oracle Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1443252 - CVE-2017-3526 OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011) 6. Package List: Oracle Java for Red Hat Enterprise Linux Desktop 6: i386: java-1.6.0-sun-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux HPC Node 6: i386: java-1.6.0-sun-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server 6: i386: java-1.6.0-sun-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation 6: i386: java-1.6.0-sun-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el6.i686.rpm x86_64: java-1.6.0-sun-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el6.x86_64.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el6.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Client (v. 7): x86_64: java-1.6.0-sun-1.6.0.151-1jpp.1.el7_3.i686.rpm java-1.6.0-sun-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el7_3.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7): x86_64: java-1.6.0-sun-1.6.0.151-1jpp.1.el7_3.i686.rpm java-1.6.0-sun-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el7_3.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server (v. 7): x86_64: java-1.6.0-sun-1.6.0.151-1jpp.1.el7_3.i686.rpm java-1.6.0-sun-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el7_3.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el7_3.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation (v. 7): x86_64: java-1.6.0-sun-1.6.0.151-1jpp.1.el7_3.i686.rpm java-1.6.0-sun-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el7_3.i686.rpm java-1.6.0-sun-devel-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.151-1jpp.1.el7_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.151-1jpp.1.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3526 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html#R160_151 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY/eCVXlSAg2UNWIIRAryQAKCgtUC0Msx0lOkFj9tO/A4VBttsYQCeOmpK xYceePDrSie861FXVjEL744= =XDJG -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 25 09:14:46 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 25 Apr 2017 09:14:46 +0000 Subject: [RHSA-2017:1124-01] Important: chromium-browser security update Message-ID: <201704250914.v3P9Errk017982@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: chromium-browser security update Advisory ID: RHSA-2017:1124-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2017:1124 Issue date: 2017-04-25 CVE Names: CVE-2017-5057 CVE-2017-5058 CVE-2017-5059 CVE-2017-5060 CVE-2017-5061 CVE-2017-5062 CVE-2017-5063 CVE-2017-5064 CVE-2017-5065 CVE-2017-5066 CVE-2017-5067 CVE-2017-5069 ===================================================================== 1. Summary: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 58.0.3029.81. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Chromium must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium 1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview 1443837 - CVE-2017-5059 chromium-browser: type confusion in blink 1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox 1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox 1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps 1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia 1443845 - CVE-2017-5064 chromium-browser: use after free in blink 1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink 1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking 1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox 1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: chromium-browser-58.0.3029.81-1.el6_9.i686.rpm chromium-browser-debuginfo-58.0.3029.81-1.el6_9.i686.rpm x86_64: chromium-browser-58.0.3029.81-1.el6_9.x86_64.rpm chromium-browser-debuginfo-58.0.3029.81-1.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: chromium-browser-58.0.3029.81-1.el6_9.i686.rpm chromium-browser-debuginfo-58.0.3029.81-1.el6_9.i686.rpm x86_64: chromium-browser-58.0.3029.81-1.el6_9.x86_64.rpm chromium-browser-debuginfo-58.0.3029.81-1.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: chromium-browser-58.0.3029.81-1.el6_9.i686.rpm chromium-browser-debuginfo-58.0.3029.81-1.el6_9.i686.rpm x86_64: chromium-browser-58.0.3029.81-1.el6_9.x86_64.rpm chromium-browser-debuginfo-58.0.3029.81-1.el6_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5057 https://access.redhat.com/security/cve/CVE-2017-5058 https://access.redhat.com/security/cve/CVE-2017-5059 https://access.redhat.com/security/cve/CVE-2017-5060 https://access.redhat.com/security/cve/CVE-2017-5061 https://access.redhat.com/security/cve/CVE-2017-5062 https://access.redhat.com/security/cve/CVE-2017-5063 https://access.redhat.com/security/cve/CVE-2017-5064 https://access.redhat.com/security/cve/CVE-2017-5065 https://access.redhat.com/security/cve/CVE-2017-5066 https://access.redhat.com/security/cve/CVE-2017-5067 https://access.redhat.com/security/cve/CVE-2017-5069 https://access.redhat.com/security/updates/classification/#important https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY/xN0XlSAg2UNWIIRAvX+AJ9JHIyPP81ntPxOc7WxkbEsmNCFcACcCmSf QnqiczHQ1+J8yMv656p23mY= =X2se -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 25 10:20:37 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 25 Apr 2017 10:20:37 +0000 Subject: [RHSA-2017:1125-01] Important: kernel security and bug fix update Message-ID: <201704251020.v3PAKfK4025701@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2017:1125-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1125 Issue date: 2017-04-25 CVE Names: CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.2) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.2) - ppc64, ppc64le, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) Red Hat would like to thank Alexander Popov for reporting this issue. Bug Fix(es): * Previously, memory allocation in the libceph kernel module did not work correctly. Consequently, the file system on a RADOS Block Device(RBD) could become unresponsive in the situations under high memory pressure. With this update, the underlying source code has been fixed, and the file system no longer hangs in the described scenario. (BZ#1418314) * Previously, the mpt3sas driver incorrectly checked the Transport Layer Retries (TLR) state even on Redundant Array Of Independent Discs (RAID) devices. Consequently, a kernel panic occurred when mpt3sas attempted to read from the RAID devices. With this update, mpt3sas has been fixed to check the TLR state only for non-RAID devices, and the kernel no longer panics under the described circumstances. (BZ#1427453) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2): Source: kernel-3.10.0-327.53.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.53.1.el7.noarch.rpm kernel-doc-3.10.0-327.53.1.el7.noarch.rpm x86_64: kernel-3.10.0-327.53.1.el7.x86_64.rpm kernel-debug-3.10.0-327.53.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.53.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.53.1.el7.x86_64.rpm kernel-devel-3.10.0-327.53.1.el7.x86_64.rpm kernel-headers-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.53.1.el7.x86_64.rpm perf-3.10.0-327.53.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm python-perf-3.10.0-327.53.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.53.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.2): Source: kernel-3.10.0-327.53.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.53.1.el7.noarch.rpm kernel-doc-3.10.0-327.53.1.el7.noarch.rpm ppc64: kernel-3.10.0-327.53.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-327.53.1.el7.ppc64.rpm kernel-debug-3.10.0-327.53.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-327.53.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-327.53.1.el7.ppc64.rpm kernel-devel-3.10.0-327.53.1.el7.ppc64.rpm kernel-headers-3.10.0-327.53.1.el7.ppc64.rpm kernel-tools-3.10.0-327.53.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-327.53.1.el7.ppc64.rpm perf-3.10.0-327.53.1.el7.ppc64.rpm perf-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm python-perf-3.10.0-327.53.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm ppc64le: kernel-3.10.0-327.53.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-327.53.1.el7.ppc64le.rpm kernel-debug-3.10.0-327.53.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-327.53.1.el7.ppc64le.rpm kernel-devel-3.10.0-327.53.1.el7.ppc64le.rpm kernel-headers-3.10.0-327.53.1.el7.ppc64le.rpm kernel-tools-3.10.0-327.53.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-327.53.1.el7.ppc64le.rpm perf-3.10.0-327.53.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm python-perf-3.10.0-327.53.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm s390x: kernel-3.10.0-327.53.1.el7.s390x.rpm kernel-debug-3.10.0-327.53.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-327.53.1.el7.s390x.rpm kernel-debug-devel-3.10.0-327.53.1.el7.s390x.rpm kernel-debuginfo-3.10.0-327.53.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-327.53.1.el7.s390x.rpm kernel-devel-3.10.0-327.53.1.el7.s390x.rpm kernel-headers-3.10.0-327.53.1.el7.s390x.rpm kernel-kdump-3.10.0-327.53.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-327.53.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-327.53.1.el7.s390x.rpm perf-3.10.0-327.53.1.el7.s390x.rpm perf-debuginfo-3.10.0-327.53.1.el7.s390x.rpm python-perf-3.10.0-327.53.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.s390x.rpm x86_64: kernel-3.10.0-327.53.1.el7.x86_64.rpm kernel-debug-3.10.0-327.53.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.53.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.53.1.el7.x86_64.rpm kernel-devel-3.10.0-327.53.1.el7.x86_64.rpm kernel-headers-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.53.1.el7.x86_64.rpm perf-3.10.0-327.53.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm python-perf-3.10.0-327.53.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.2): ppc64: kernel-debug-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-327.53.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-327.53.1.el7.ppc64.rpm perf-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-327.53.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-327.53.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-327.53.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.53.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.53.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY/yLjXlSAg2UNWIIRAqhLAJ4yeRBPXI8Mw2pFH9gnViTV+M+e1wCePG5U Gq9I7PU+yv9v90c1PA2m8yk= =+Q5N -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Apr 25 10:21:35 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 25 Apr 2017 10:21:35 +0000 Subject: [RHSA-2017:1126-01] Important: kernel security update Message-ID: <201704251021.v3PALfSS026107@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2017:1126-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1126 Issue date: 2017-04-25 CVE Names: CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.2) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) Red Hat would like to thank Alexander Popov for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.2): Source: kernel-2.6.32-220.71.1.el6.src.rpm noarch: kernel-doc-2.6.32-220.71.1.el6.noarch.rpm kernel-firmware-2.6.32-220.71.1.el6.noarch.rpm x86_64: kernel-2.6.32-220.71.1.el6.x86_64.rpm kernel-debug-2.6.32-220.71.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.71.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.71.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.71.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.71.1.el6.x86_64.rpm kernel-devel-2.6.32-220.71.1.el6.x86_64.rpm kernel-headers-2.6.32-220.71.1.el6.x86_64.rpm perf-2.6.32-220.71.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.71.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.71.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: kernel-2.6.32-220.71.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.71.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.71.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.71.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.71.1.el6.x86_64.rpm python-perf-2.6.32-220.71.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.71.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY/yMBXlSAg2UNWIIRAvGiAJwKoor6d0rNaEyLthBs8SKJrWTWkQCgiFRH OfxH8dI0KACsfx/8IhC9bFM= =rTvN -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 26 13:04:32 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 26 Apr 2017 13:04:32 +0000 Subject: [RHSA-2017:1161-01] Moderate: httpd24-httpd security, bug fix, and enhancement update Message-ID: <201704261304.v3QD4bJh003321@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd24-httpd security, bug fix, and enhancement update Advisory ID: RHSA-2017:1161-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2017:1161 Issue date: 2017-04-26 CVE Names: CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-8740 CVE-2016-8743 ===================================================================== 1. Summary: Updated httpd24 packages are now available as a part of Red Hat Software Collections 2.4 for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The httpd24 Software Collection has been upgraded to version 2.4.25, which provides a number of bug fixes and enhancements over the previous version. For detailed changes, see the Red Hat Software Collections 2.4 Release Notes linked from the References section. (BZ#1404778) Security Fix(es): * It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. (CVE-2016-0736) * A denial of service flaw was found in httpd's mod_http2 module. A remote attacker could use this flaw to block server threads for long times, causing starvation of worker threads, by manipulating the flow control windows on streams. (CVE-2016-1546) * It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication. (CVE-2016-2161) * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743) Note: The fix for the CVE-2016-8743 issue causes httpd to return "400 Bad Request" error to HTTP clients which do not strictly follow HTTP protocol specification. A newly introduced configuration directive "HttpProtocolOptions Unsafe" can be used to re-enable the old less strict parsing. However, such setting also re-introduces the CVE-2016-8743 issue. * A vulnerability was found in httpd's handling of the LimitRequestFields directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash. (CVE-2016-8740) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1329639 - error in service httpd24-httpd configtest 1335616 - Backport Apache PR58118 to fix mod_proxy_fcgi spamming non-errors: AH01075: Error dispatching request to : (passing brigade to output filters) 1336350 - CVE-2016-1546 httpd: mod_http2 denial-of-service by thread starvation 1401528 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2 1406744 - CVE-2016-0736 httpd: Padding Oracle in Apache mod_session_crypto 1406753 - CVE-2016-2161 httpd: DoS vulnerability in mod_auth_digest 1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects 1414037 - mod_proxy_fcgi regression in 2.4.23+ 1432249 - must fail startup with conflicting Listen directives 1433474 - wrong requires of httpd24-httpd and httpd24-httpd-tools 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: httpd24-httpd-2.4.25-9.el6.src.rpm noarch: httpd24-httpd-manual-2.4.25-9.el6.noarch.rpm x86_64: httpd24-httpd-2.4.25-9.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el6.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el6.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el6.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el6.x86_64.rpm httpd24-mod_session-2.4.25-9.el6.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: httpd24-httpd-2.4.25-9.el6.src.rpm noarch: httpd24-httpd-manual-2.4.25-9.el6.noarch.rpm x86_64: httpd24-httpd-2.4.25-9.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el6.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el6.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el6.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el6.x86_64.rpm httpd24-mod_session-2.4.25-9.el6.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: httpd24-httpd-2.4.25-9.el6.src.rpm noarch: httpd24-httpd-manual-2.4.25-9.el6.noarch.rpm x86_64: httpd24-httpd-2.4.25-9.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el6.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el6.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el6.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el6.x86_64.rpm httpd24-mod_session-2.4.25-9.el6.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: httpd24-httpd-2.4.25-9.el7.src.rpm noarch: httpd24-httpd-manual-2.4.25-9.el7.noarch.rpm x86_64: httpd24-httpd-2.4.25-9.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el7.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el7.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el7.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el7.x86_64.rpm httpd24-mod_session-2.4.25-9.el7.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3): Source: httpd24-httpd-2.4.25-9.el7.src.rpm noarch: httpd24-httpd-manual-2.4.25-9.el7.noarch.rpm x86_64: httpd24-httpd-2.4.25-9.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el7.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el7.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el7.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el7.x86_64.rpm httpd24-mod_session-2.4.25-9.el7.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: httpd24-httpd-2.4.25-9.el7.src.rpm noarch: httpd24-httpd-manual-2.4.25-9.el7.noarch.rpm x86_64: httpd24-httpd-2.4.25-9.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el7.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el7.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el7.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el7.x86_64.rpm httpd24-mod_session-2.4.25-9.el7.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0736 https://access.redhat.com/security/cve/CVE-2016-1546 https://access.redhat.com/security/cve/CVE-2016-2161 https://access.redhat.com/security/cve/CVE-2016-8740 https://access.redhat.com/security/cve/CVE-2016-8743 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Software_Collections/2/html/2.4_Release_Notes/chap-RHSCL.html#sect-RHSCL-Changes-httpd 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZAJq1XlSAg2UNWIIRAlGKAJ9zNHkvJQ9/I+imHbgRwjelvV9xKgCeLyYO SjFZr+hN7gjeQOgcC0kswCY= =m+ZH -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 26 13:05:15 2017 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 26 Apr 2017 13:05:15 +0000 Subject: [RHSA-2017:1162-01] Moderate: python27 security, bug fix, and enhancement update Message-ID: <201704261305.v3QD5KDl003404@lists01.pubmisc.prod.ext.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python27 security, bug fix, and enhancement update Advisory ID: RHSA-2017:1162-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2017:1162 Issue date: 2017-04-26 CVE Names: CVE-2014-9365 ===================================================================== 1. Summary: Updated python27 packages are now available as a part of Red Hat Software Collections 2.4 for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. The python27 Software Collection has been upgraded to version 2.7.13, which provides a number of bug fixes and enhancements over the previous version. For detailed changes, see the Red Hat Software Collections 2.4 Release Notes linked from the References section. (BZ#1402809, BZ#1344674, BZ#1413063) Security Fix(es) in the python27-python component: * The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) Note: The Python standard library was updated to enable certificate verification by default. Refer to the Knowledgebase article 2039753 linked to in the References section for further details about this change. (BZ#1417838) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1173041 - CVE-2014-9365 python: failure to validate certificates in the HTTP client with TLS (PEP 476) 1336776 - Missing license file 1344674 - Harmless warning showed during gunicorn install 1353200 - [python27] python-virtualenv: os.py:157:makedirs:OSError: [Errno 20] Not a directory: 'ansible/lib' 1355805 - man page contains $Date$ instead of actual date 1402809 - Update python version to 2.7.13 for python27 collection 1417108 - All files should be owned by collection 1417139 - Missing pyo pyc files 1417838 - Posibility to turn off certification verification in python 2.7.13 1430763 - pip Utility Doesn't Work Under FIPS 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: python27-mod_wsgi-4.5.13-1.el6.src.rpm python27-python-2.7.13-3.el6.src.rpm python27-python-coverage-3.6-4.el6.src.rpm python27-python-pip-8.1.2-2.el6.src.rpm python27-python-setuptools-0.9.8-4.el6.src.rpm python27-python-virtualenv-13.1.0-2.el6.src.rpm noarch: python27-python-pip-8.1.2-2.el6.noarch.rpm python27-python-setuptools-0.9.8-4.el6.noarch.rpm python27-python-virtualenv-13.1.0-2.el6.noarch.rpm x86_64: python27-mod_wsgi-4.5.13-1.el6.x86_64.rpm python27-mod_wsgi-debuginfo-4.5.13-1.el6.x86_64.rpm python27-python-2.7.13-3.el6.x86_64.rpm python27-python-coverage-3.6-4.el6.x86_64.rpm python27-python-coverage-debuginfo-3.6-4.el6.x86_64.rpm python27-python-debug-2.7.13-3.el6.x86_64.rpm python27-python-debuginfo-2.7.13-3.el6.x86_64.rpm python27-python-devel-2.7.13-3.el6.x86_64.rpm python27-python-libs-2.7.13-3.el6.x86_64.rpm python27-python-test-2.7.13-3.el6.x86_64.rpm python27-python-tools-2.7.13-3.el6.x86_64.rpm python27-tkinter-2.7.13-3.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: python27-mod_wsgi-4.5.13-1.el6.src.rpm python27-python-2.7.13-3.el6.src.rpm python27-python-coverage-3.6-4.el6.src.rpm python27-python-pip-8.1.2-2.el6.src.rpm python27-python-setuptools-0.9.8-4.el6.src.rpm python27-python-virtualenv-13.1.0-2.el6.src.rpm noarch: python27-python-pip-8.1.2-2.el6.noarch.rpm python27-python-setuptools-0.9.8-4.el6.noarch.rpm python27-python-virtualenv-13.1.0-2.el6.noarch.rpm x86_64: python27-mod_wsgi-4.5.13-1.el6.x86_64.rpm python27-mod_wsgi-debuginfo-4.5.13-1.el6.x86_64.rpm python27-python-2.7.13-3.el6.x86_64.rpm python27-python-coverage-3.6-4.el6.x86_64.rpm python27-python-coverage-debuginfo-3.6-4.el6.x86_64.rpm python27-python-debug-2.7.13-3.el6.x86_64.rpm python27-python-debuginfo-2.7.13-3.el6.x86_64.rpm python27-python-devel-2.7.13-3.el6.x86_64.rpm python27-python-libs-2.7.13-3.el6.x86_64.rpm python27-python-test-2.7.13-3.el6.x86_64.rpm python27-python-tools-2.7.13-3.el6.x86_64.rpm python27-tkinter-2.7.13-3.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: python27-mod_wsgi-4.5.13-1.el6.src.rpm python27-python-2.7.13-3.el6.src.rpm python27-python-coverage-3.6-4.el6.src.rpm python27-python-pip-8.1.2-2.el6.src.rpm python27-python-setuptools-0.9.8-4.el6.src.rpm python27-python-virtualenv-13.1.0-2.el6.src.rpm noarch: python27-python-pip-8.1.2-2.el6.noarch.rpm python27-python-setuptools-0.9.8-4.el6.noarch.rpm python27-python-virtualenv-13.1.0-2.el6.noarch.rpm x86_64: python27-mod_wsgi-4.5.13-1.el6.x86_64.rpm python27-mod_wsgi-debuginfo-4.5.13-1.el6.x86_64.rpm python27-python-2.7.13-3.el6.x86_64.rpm python27-python-coverage-3.6-4.el6.x86_64.rpm python27-python-coverage-debuginfo-3.6-4.el6.x86_64.rpm python27-python-debug-2.7.13-3.el6.x86_64.rpm python27-python-debuginfo-2.7.13-3.el6.x86_64.rpm python27-python-devel-2.7.13-3.el6.x86_64.rpm python27-python-libs-2.7.13-3.el6.x86_64.rpm python27-python-test-2.7.13-3.el6.x86_64.rpm python27-python-tools-2.7.13-3.el6.x86_64.rpm python27-tkinter-2.7.13-3.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: python27-mod_wsgi-4.5.13-1.el7.src.rpm python27-python-2.7.13-3.el7.src.rpm python27-python-coverage-3.6-4.el7.src.rpm python27-python-pip-8.1.2-2.el7.src.rpm python27-python-setuptools-0.9.8-6.el7.src.rpm python27-python-virtualenv-13.1.0-2.el7.src.rpm noarch: python27-python-pip-8.1.2-2.el7.noarch.rpm python27-python-setuptools-0.9.8-6.el7.noarch.rpm python27-python-virtualenv-13.1.0-2.el7.noarch.rpm x86_64: python27-mod_wsgi-4.5.13-1.el7.x86_64.rpm python27-mod_wsgi-debuginfo-4.5.13-1.el7.x86_64.rpm python27-python-2.7.13-3.el7.x86_64.rpm python27-python-coverage-3.6-4.el7.x86_64.rpm python27-python-coverage-debuginfo-3.6-4.el7.x86_64.rpm python27-python-debug-2.7.13-3.el7.x86_64.rpm python27-python-debuginfo-2.7.13-3.el7.x86_64.rpm python27-python-devel-2.7.13-3.el7.x86_64.rpm python27-python-libs-2.7.13-3.el7.x86_64.rpm python27-python-test-2.7.13-3.el7.x86_64.rpm python27-python-tools-2.7.13-3.el7.x86_64.rpm python27-tkinter-2.7.13-3.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3): Source: python27-mod_wsgi-4.5.13-1.el7.src.rpm python27-python-2.7.13-3.el7.src.rpm python27-python-coverage-3.6-4.el7.src.rpm python27-python-pip-8.1.2-2.el7.src.rpm python27-python-setuptools-0.9.8-6.el7.src.rpm python27-python-virtualenv-13.1.0-2.el7.src.rpm noarch: python27-python-pip-8.1.2-2.el7.noarch.rpm python27-python-setuptools-0.9.8-6.el7.noarch.rpm python27-python-virtualenv-13.1.0-2.el7.noarch.rpm x86_64: python27-mod_wsgi-4.5.13-1.el7.x86_64.rpm python27-mod_wsgi-debuginfo-4.5.13-1.el7.x86_64.rpm python27-python-2.7.13-3.el7.x86_64.rpm python27-python-coverage-3.6-4.el7.x86_64.rpm python27-python-coverage-debuginfo-3.6-4.el7.x86_64.rpm python27-python-debug-2.7.13-3.el7.x86_64.rpm python27-python-debuginfo-2.7.13-3.el7.x86_64.rpm python27-python-devel-2.7.13-3.el7.x86_64.rpm python27-python-libs-2.7.13-3.el7.x86_64.rpm python27-python-test-2.7.13-3.el7.x86_64.rpm python27-python-tools-2.7.13-3.el7.x86_64.rpm python27-tkinter-2.7.13-3.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: python27-mod_wsgi-4.5.13-1.el7.src.rpm python27-python-2.7.13-3.el7.src.rpm python27-python-coverage-3.6-4.el7.src.rpm python27-python-pip-8.1.2-2.el7.src.rpm python27-python-setuptools-0.9.8-6.el7.src.rpm python27-python-virtualenv-13.1.0-2.el7.src.rpm noarch: python27-python-pip-8.1.2-2.el7.noarch.rpm python27-python-setuptools-0.9.8-6.el7.noarch.rpm python27-python-virtualenv-13.1.0-2.el7.noarch.rpm x86_64: python27-mod_wsgi-4.5.13-1.el7.x86_64.rpm python27-mod_wsgi-debuginfo-4.5.13-1.el7.x86_64.rpm python27-python-2.7.13-3.el7.x86_64.rpm python27-python-coverage-3.6-4.el7.x86_64.rpm python27-python-coverage-debuginfo-3.6-4.el7.x86_64.rpm python27-python-debug-2.7.13-3.el7.x86_64.rpm python27-python-debuginfo-2.7.13-3.el7.x86_64.rpm python27-python-devel-2.7.13-3.el7.x86_64.rpm python27-python-libs-2.7.13-3.el7.x86_64.rpm python27-python-test-2.7.13-3.el7.x86_64.rpm python27-python-tools-2.7.13-3.el7.x86_64.rpm python27-tkinter-2.7.13-3.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9365 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/articles/2039753 https://access.redhat.com/documentation/en-US/Red_Hat_Software_Collections/2/html/2.4_Release_Notes/chap-RHSCL.html#sect-RHSCL-Changes-python 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZAJrxXlSAg2UNWIIRAvj2AJ4qtxVPJoLuwhGPCGM9xGrfZ1lm6gCgjoxj 9vBwZXPMtbSvcObBFVsijtU= =rdPB -----END PGP SIGNATURE-----